summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--packages/sys-boot/grub/files/a698240df0c43278b2d1d7259c8e7a6926c63112.patch180
-rw-r--r--packages/sys-boot/grub/files/cda0a857dd7a27cd5d621747464bfe71e8727fff.patch63
-rw-r--r--packages/sys-boot/grub/grub-2.02-r3.exheres-013
-rw-r--r--packages/sys-boot/grub/grub.exlib117
4 files changed, 373 insertions, 0 deletions
diff --git a/packages/sys-boot/grub/files/a698240df0c43278b2d1d7259c8e7a6926c63112.patch b/packages/sys-boot/grub/files/a698240df0c43278b2d1d7259c8e7a6926c63112.patch
new file mode 100644
index 0000000..4e17549
--- /dev/null
+++ b/packages/sys-boot/grub/files/a698240df0c43278b2d1d7259c8e7a6926c63112.patch
@@ -0,0 +1,180 @@
+Source/Upstream: Yes, fixed in git master
+Reason: Support multiple early initrd images
+
+From a698240df0c43278b2d1d7259c8e7a6926c63112 Mon Sep 17 00:00:00 2001
+From: "Matthew S. Turnbull" <sparky@bluefang-logic.com>
+Date: Sat, 24 Feb 2018 17:44:58 -0500
+Subject: grub-mkconfig/10_linux: Support multiple early initrd images
+
+Add support for multiple, shared, early initrd images. These early
+images will be loaded in the order declared, and all will be loaded
+before the initrd image.
+
+While many classes of data can be provided by early images, the
+immediate use case would be for distributions to provide CPU
+microcode to mitigate the Meltdown and Spectre vulnerabilities.
+
+There are two environment variables provided for declaring the early
+images.
+
+* GRUB_EARLY_INITRD_LINUX_STOCK is for the distribution declare
+ images that are provided by the distribution or installed packages.
+ If undeclared, this will default to a set of common microcode image
+ names.
+
+* GRUB_EARLY_INITRD_LINUX_CUSTOM is for user created images. User
+ images will be loaded after the stock images.
+
+These separate configurations allow the distribution and user to
+declare different image sets without clobbering each other.
+
+This also makes a minor update to ensure that UUID partition labels
+stay disabled when no initrd image is found, even if early images are
+present.
+
+This is a continuation of a previous patch published by Christian
+Hesse in 2016:
+http://lists.gnu.org/archive/html/grub-devel/2016-02/msg00025.html
+
+Down stream Gentoo bug:
+https://bugs.gentoo.org/645088
+
+Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
+Signed-off-by: Matthew S. Turnbull <sparky@bluefang-logic.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+---
+ docs/grub.texi | 19 +++++++++++++++++++
+ util/grub-mkconfig.in | 8 ++++++++
+ util/grub.d/10_linux.in | 33 +++++++++++++++++++++++++++------
+ 3 files changed, 54 insertions(+), 6 deletions(-)
+
+diff --git a/docs/grub.texi b/docs/grub.texi
+index 137b894..65b4bbe 100644
+--- a/docs/grub.texi
++++ b/docs/grub.texi
+@@ -1398,6 +1398,25 @@ for all respectively normal entries.
+ The values of these options replace the values of @samp{GRUB_CMDLINE_LINUX}
+ and @samp{GRUB_CMDLINE_LINUX_DEFAULT} for Linux and Xen menu entries.
+
++@item GRUB_EARLY_INITRD_LINUX_CUSTOM
++@itemx GRUB_EARLY_INITRD_LINUX_STOCK
++List of space-separated early initrd images to be loaded from @samp{/boot}.
++This is for loading things like CPU microcode, firmware, ACPI tables, crypto
++keys, and so on. These early images will be loaded in the order declared,
++and all will be loaded before the actual functional initrd image.
++
++@samp{GRUB_EARLY_INITRD_LINUX_STOCK} is for your distribution to declare
++images that are provided by the distribution. It should not be modified
++without understanding the consequences. They will be loaded first.
++
++@samp{GRUB_EARLY_INITRD_LINUX_CUSTOM} is for your custom created images.
++
++The default stock images are as follows, though they may be overridden by
++your distribution:
++@example
++intel-uc.img intel-ucode.img amd-uc.img amd-ucode.img early_ucode.cpio microcode.cpio
++@end example
++
+ @item GRUB_DISABLE_LINUX_UUID
+ Normally, @command{grub-mkconfig} will generate menu entries that use
+ universally-unique identifiers (UUIDs) to identify the root filesystem to
+diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
+index f8496d2..35ef583 100644
+--- a/util/grub-mkconfig.in
++++ b/util/grub-mkconfig.in
+@@ -147,6 +147,12 @@ if [ x"$GRUB_FS" = xunknown ]; then
+ GRUB_FS="$(stat -f --printf=%T / || echo unknown)"
+ fi
+
++# Provide a default set of stock linux early initrd images.
++# Define here so the list can be modified in the sourced config file.
++if [ "x${GRUB_EARLY_INITRD_LINUX_STOCK}" = "x" ]; then
++ GRUB_EARLY_INITRD_LINUX_STOCK="intel-uc.img intel-ucode.img amd-uc.img amd-ucode.img early_ucode.cpio microcode.cpio"
++fi
++
+ if test -f ${sysconfdir}/default/grub ; then
+ . ${sysconfdir}/default/grub
+ fi
+@@ -211,6 +217,8 @@ export GRUB_DEFAULT \
+ GRUB_CMDLINE_NETBSD \
+ GRUB_CMDLINE_NETBSD_DEFAULT \
+ GRUB_CMDLINE_GNUMACH \
++ GRUB_EARLY_INITRD_LINUX_CUSTOM \
++ GRUB_EARLY_INITRD_LINUX_STOCK \
+ GRUB_TERMINAL_INPUT \
+ GRUB_TERMINAL_OUTPUT \
+ GRUB_SERIAL_COMMAND \
+diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
+index de9044c..faedf74 100644
+--- a/util/grub.d/10_linux.in
++++ b/util/grub.d/10_linux.in
+@@ -136,9 +136,13 @@ EOF
+ if test -n "${initrd}" ; then
+ # TRANSLATORS: ramdisk isn't identifier. Should be translated.
+ message="$(gettext_printf "Loading initial ramdisk ...")"
++ initrd_path=
++ for i in ${initrd}; do
++ initrd_path="${initrd_path} ${rel_dirname}/${i}"
++ done
+ sed "s/^/$submenu_indentation/" << EOF
+ echo '$(echo "$message" | grub_quote)'
+- initrd ${rel_dirname}/${initrd}
++ initrd $(echo $initrd_path)
+ EOF
+ fi
+ sed "s/^/$submenu_indentation/" << EOF
+@@ -188,7 +192,15 @@ while [ "x$list" != "x" ] ; do
+ alt_version=`echo $version | sed -e "s,\.old$,,g"`
+ linux_root_device_thisversion="${LINUX_ROOT_DEVICE}"
+
+- initrd=
++ initrd_early=
++ for i in ${GRUB_EARLY_INITRD_LINUX_STOCK} \
++ ${GRUB_EARLY_INITRD_LINUX_CUSTOM}; do
++ if test -e "${dirname}/${i}" ; then
++ initrd_early="${initrd_early} ${i}"
++ fi
++ done
++
++ initrd_real=
+ for i in "initrd.img-${version}" "initrd-${version}.img" "initrd-${version}.gz" \
+ "initrd-${version}" "initramfs-${version}.img" \
+ "initrd.img-${alt_version}" "initrd-${alt_version}.img" \
+@@ -198,11 +210,22 @@ while [ "x$list" != "x" ] ; do
+ "initramfs-genkernel-${GENKERNEL_ARCH}-${version}" \
+ "initramfs-genkernel-${GENKERNEL_ARCH}-${alt_version}"; do
+ if test -e "${dirname}/${i}" ; then
+- initrd="$i"
++ initrd_real="${i}"
+ break
+ fi
+ done
+
++ initrd=
++ if test -n "${initrd_early}" || test -n "${initrd_real}"; then
++ initrd="${initrd_early} ${initrd_real}"
++
++ initrd_display=
++ for i in ${initrd}; do
++ initrd_display="${initrd_display} ${dirname}/${i}"
++ done
++ gettext_printf "Found initrd image: %s\n" "$(echo $initrd_display)" >&2
++ fi
++
+ config=
+ for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do
+ if test -e "${i}" ; then
+@@ -216,9 +239,7 @@ while [ "x$list" != "x" ] ; do
+ initramfs=`grep CONFIG_INITRAMFS_SOURCE= "${config}" | cut -f2 -d= | tr -d \"`
+ fi
+
+- if test -n "${initrd}" ; then
+- gettext_printf "Found initrd image: %s\n" "${dirname}/${initrd}" >&2
+- elif test -z "${initramfs}" ; then
++ if test -z "${initramfs}" && test -z "${initrd_real}" ; then
+ # "UUID=" and "ZFS=" magic is parsed by initrd or initramfs. Since there's
+ # no initrd or builtin initramfs, it can't work here.
+ linux_root_device_thisversion=${GRUB_DEVICE}
+--
+cgit v1.0-41-gc330
+
diff --git a/packages/sys-boot/grub/files/cda0a857dd7a27cd5d621747464bfe71e8727fff.patch b/packages/sys-boot/grub/files/cda0a857dd7a27cd5d621747464bfe71e8727fff.patch
new file mode 100644
index 0000000..f18553d
--- /dev/null
+++ b/packages/sys-boot/grub/files/cda0a857dd7a27cd5d621747464bfe71e8727fff.patch
@@ -0,0 +1,63 @@
+Source/Upstream: Yes, fixed in git master
+Reason: xfs: Accept filesystem with sparse inodes
+
+From cda0a857dd7a27cd5d621747464bfe71e8727fff Mon Sep 17 00:00:00 2001
+From: Daniel Kiper <daniel.kiper@oracle.com>
+Date: Tue, 29 May 2018 16:16:02 +0200
+Subject: xfs: Accept filesystem with sparse inodes
+
+The sparse inode metadata format became a mkfs.xfs default in
+xfsprogs-4.16.0, and such filesystems are now rejected by grub as
+containing an incompatible feature.
+
+In essence, this feature allows xfs to allocate inodes into fragmented
+freespace. (Without this feature, if xfs could not allocate contiguous
+space for 64 new inodes, inode creation would fail.)
+
+In practice, the disk format change is restricted to the inode btree,
+which as far as I can tell is not used by grub. If all you're doing
+today is parsing a directory, reading an inode number, and converting
+that inode number to a disk location, then ignoring this feature
+should be fine, so I've added it to XFS_SB_FEAT_INCOMPAT_SUPPORTED
+
+I did some brief testing of this patch by hacking up the regression
+tests to completely fragment freespace on the test xfs filesystem, and
+then write a large-ish number of inodes to consume any existing
+contiguous 64-inode chunk. This way any files the grub tests add and
+traverse would be in such a fragmented inode allocation. Tests passed,
+but I'm not sure how to cleanly integrate that into the test harness.
+
+Signed-off-by: Eric Sandeen <sandeen@redhat.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+Tested-by: Chris Murphy <lists@colorremedies.com>
+---
+ grub-core/fs/xfs.c | 11 ++++++++++-
+ 1 file changed, 10 insertions(+), 1 deletion(-)
+
+diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c
+index c6031bd..3b00c74 100644
+--- a/grub-core/fs/xfs.c
++++ b/grub-core/fs/xfs.c
+@@ -79,9 +79,18 @@ GRUB_MOD_LICENSE ("GPLv3+");
+ #define XFS_SB_FEAT_INCOMPAT_SPINODES (1 << 1) /* sparse inode chunks */
+ #define XFS_SB_FEAT_INCOMPAT_META_UUID (1 << 2) /* metadata UUID */
+
+-/* We do not currently verify metadata UUID so it is safe to read such filesystem */
++/*
++ * Directory entries with ftype are explicitly handled by GRUB code.
++ *
++ * We do not currently read the inode btrees, so it is safe to read filesystems
++ * with the XFS_SB_FEAT_INCOMPAT_SPINODES feature.
++ *
++ * We do not currently verify metadata UUID, so it is safe to read filesystems
++ * with the XFS_SB_FEAT_INCOMPAT_META_UUID feature.
++ */
+ #define XFS_SB_FEAT_INCOMPAT_SUPPORTED \
+ (XFS_SB_FEAT_INCOMPAT_FTYPE | \
++ XFS_SB_FEAT_INCOMPAT_SPINODES | \
+ XFS_SB_FEAT_INCOMPAT_META_UUID)
+
+ struct grub_xfs_sblock
+--
+cgit v1.0-41-gc330
+
diff --git a/packages/sys-boot/grub/grub-2.02-r3.exheres-0 b/packages/sys-boot/grub/grub-2.02-r3.exheres-0
new file mode 100644
index 0000000..5a7c080
--- /dev/null
+++ b/packages/sys-boot/grub/grub-2.02-r3.exheres-0
@@ -0,0 +1,13 @@
+# Copyright 2015 Ivan Diorditsa <ivan.diorditsa@gmail.com>
+# Distributed under the terms of the GNU General Public License v2
+
+require grub
+
+SLOT="0"
+PLATFORMS="~amd64 ~armv7 ~armv8 ~x86"
+
+DEFAULT_SRC_PREPARE_PATCHES=(
+ "${FILES}"/a698240df0c43278b2d1d7259c8e7a6926c63112.patch
+ "${FILES}"/cda0a857dd7a27cd5d621747464bfe71e8727fff.patch
+)
+
diff --git a/packages/sys-boot/grub/grub.exlib b/packages/sys-boot/grub/grub.exlib
new file mode 100644
index 0000000..c0f63c1
--- /dev/null
+++ b/packages/sys-boot/grub/grub.exlib
@@ -0,0 +1,117 @@
+# Copyright 2007 Bryan Østergaard <bryan.ostergaard@gmail.com>
+# Distributed under the terms of the GNU General Public License v2
+
+require gnu [ suffix=tar.xz ] \
+ flag-o-matic \
+ bash-completion \
+ autotools [ supported_autoconf=[ 2.5 ] supported_automake=[ 1.16 1.15 ] ]
+
+if ever is_scm ; then
+ DOWNLOADS=""
+ SCM_REPOSITORY="https://git.savannah.gnu.org/git/${PN}.git"
+ require scm-git
+fi
+
+export_exlib_phases pkg_setup src_configure src_prepare src_install
+
+SUMMARY="GRUB (Grand Unified Boot) bootloader"
+
+LICENCES="GPL-3"
+MYOPTIONS="
+ device-mapper [[ description = [ Ability to detect and use device-mapper devices ] ]]
+ efi [[ description = [ Build for EFI platform ] ]]
+ grub-mount [[ description = [ FUSE driver for filesystems that GRUB understands ] ]]
+ mkfont [[ description = [ Build grub-mkfont which can create GRUB font files ] ]]
+ ( providers: eudev systemd ) [[ number-selected = exactly-one ]]
+"
+
+# TODO: needs qemu-system-i386
+RESTRICT="test"
+
+DEPENDENCIES="
+ build:
+ sys-apps/help2man [[ note = [ man pages won't get created otherwise resulting in empty man dirs ] ]]
+ sys-devel/bison
+ sys-devel/flex[>=2.5.35]
+ sys-devel/make
+ device-mapper? ( sys-fs/lvm2 )
+ grub-mount? ( sys-fs/fuse:0 )
+ mkfont? (
+ fonts/unifont
+ media-libs/freetype:2
+ )
+ build+run:
+ app-arch/xz
+ sys-devel/gettext [[ note = [ required for grub-mkconfig, grep gettext in /etc/grub.d ] ]]
+ !sys-boot/grub-static [[ description = [ /sbin/grub-install collides ] resolution = manual ]]
+ providers:eudev? ( sys-apps/eudev )
+ providers:systemd? ( sys-apps/systemd )
+ run:
+ efi? ( sys-boot/efibootmgr )
+ suggestion:
+ sys-boot/os-prober [[
+ description = [ Ability to add other OSs automatically to grub.cfg via grub-mkconf ]
+ ]]
+"
+
+AT_M4DIR=( m4 )
+
+grub_pkg_setup() {
+ # grub2 should be compiled with -Os, other optimizations may result in oversized core images
+ replace-flags -O* -Os
+ # retpoline flag is incompatible with the -mcmodel=large flag used by grub
+ filter-flags -mindirect-branch=thunk
+}
+
+grub_src_prepare() {
+ edo sed \
+ -e "s/.*Running autoreconf.*/exit 0/" \
+ -i autogen.sh
+
+ edo ./autogen.sh
+
+ autotools_src_prepare
+}
+
+grub_src_configure() {
+ filter-flags -mfloat-abi=hard
+
+ myconf=(
+ "CPP=${CC} -E"
+ BUILD_CC=$(exhost --build)-cc
+ BUILD_CFLAGS="$(print-build-flags CFLAGS)"
+ BUILD_CPPFLAGS="$(print-build-flags CPPFLAGS)"
+ BUILD_LDFLAGS="$(print-build-flags LDFLAGS)"
+ --with-bootdir=/boot
+ --with-grubdir=grub
+ --enable-cache-stats
+ --disable-libzfs
+ --disable-werror
+ # TODO: for now disable emulation utils
+ --disable-efiemu
+ --disable-grub-emu-sdl
+ --disable-grub-emu-pci
+ --disable-mm-debug
+ gt_cv_func_gnugettext{1,2}_libc=yes
+ )
+
+ option efi && myconf+=( '--with-platform=efi' )
+
+ econf "${myconf[@]}" \
+ $(option_enable device-mapper) \
+ $(option_enable grub-mount) \
+ $(option_enable mkfont grub-mkfont)
+}
+
+grub_src_install() {
+ default
+
+ dodoc "${WORK}"/docs/grub.cfg
+
+ edo rm -f "${IMAGE}"/usr/$(exhost --target)/lib/charset.alias
+
+ edo rm "${IMAGE%/}"/etc/bash_completion.d/${PN}
+ edo rmdir "${IMAGE%/}"/etc/bash_completion.d/
+ dobashcompletion "${WORK%/}"/util/bash-completion.d/${PN}
+}
+