diff --git a/.github/workflows/portage-stable-packages-list b/.github/workflows/portage-stable-packages-list index 81595f5d963..ee576be89f4 100644 --- a/.github/workflows/portage-stable-packages-list +++ b/.github/workflows/portage-stable-packages-list @@ -609,6 +609,7 @@ sys-block/thin-provisioning-tools sys-boot/efibootmgr sys-boot/gnu-efi +sys-boot/grub sys-boot/mokutil sys-devel/bc diff --git a/changelog/updates/2024-09-06-grub-2.12.md b/changelog/updates/2024-09-06-grub-2.12.md new file mode 100644 index 00000000000..44e4c4be9e7 --- /dev/null +++ b/changelog/updates/2024-09-06-grub-2.12.md @@ -0,0 +1 @@ +- grub ([2.12](https://lists.gnu.org/archive/html/grub-devel/2023-12/msg00052.html)) diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/config/env/sys-boot/grub b/sdk_container/src/third_party/coreos-overlay/coreos/config/env/sys-boot/grub index 97fb8b83832..ed33d6062d2 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos/config/env/sys-boot/grub +++ b/sdk_container/src/third_party/coreos-overlay/coreos/config/env/sys-boot/grub @@ -1,14 +1,14 @@ -PKG_INSTALL_MASK+=" /etc/grub.d/00_header - /etc/grub.d/10_linux - /etc/grub.d/30_os-prober - /etc/grub.d/40_custom - /etc/grub.d/README - /lib64/grub/grub-mkconfig_lib - /lib64/grub/update-grub_lib" -INSTALL_MASK+=" /etc/grub.d/00_header - /etc/grub.d/10_linux - /etc/grub.d/30_os-prober - /etc/grub.d/40_custom - /etc/grub.d/README - /lib64/grub/grub-mkconfig_lib - /lib64/grub/update-grub_lib" +# Replace Gentoo's SBAT with Flatcar's. +cros_post_src_install_sbat() { + insinto /usr/share/grub + newins - sbat.csv <<-EOF + sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md + grub,4,Free Software Foundation,grub,${PV},https://www.gnu.org/software/grub/ + grub.flatcar,1,Flatcar,grub2,${PVR},https://github.com/flatcar/Flatcar + EOF +} + +# Flatcar does not use grub-install or grub-mkconfig. All the files under /etc +# relate to grub-mkconfig. +INSTALL_MASK+=" ${EPREFIX}/etc/ *grub-install* *mkconfig*" +PKG_INSTALL_MASK+=" ${EPREFIX}/etc/ *grub-install* *mkconfig*" diff --git a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/README.md b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-boot/grub/README.md similarity index 97% rename from sdk_container/src/third_party/coreos-overlay/sys-boot/grub/README.md rename to sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-boot/grub/README.md index c41786a2bc4..b405abf5246 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/README.md +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-boot/grub/README.md @@ -1,5 +1,5 @@ Flatcar uses a patched version of the GRUB, which implements the functionality to -read the [Flatcar Container Linux partition table](https://www.flatcar.org/docs/latest/reference/developer-guides/sdk-disk-partitions/#partition-table) +read the [Flatcar Container Linux partition table](https://www.flatcar.org/docs/latest/reference/developer-guides/sdk-disk-partitions/#partition-table). ## History @@ -11,14 +11,11 @@ and referenced in the Flatcar's coreos-overlay. Except for a few, now many chang where brought into the system. The repo was maintained at 2.02 version. During the 2.06 migration, the philosophy -to use a separate repo was scraped, and a single patch file was created. The patch +to use a separate repo was scrapped, and two patch files were created. The patch files migrated only the essential commits, and dropped all the other commits, which -were either half-baked, or redundant at the point of migration. The two patches are applied -on top of the grub sources, and emerge is done. +were either half-baked, or redundant at the point of migration. -Given below are the list of commits that were referenced to create the two patches. - -## Summary of the patches +## Summary of the Flatcar patches The patch starts with adding a new implementation of reading the GPT instead of using the traditional module. It provides essential functionality to interact @@ -33,9 +30,9 @@ partition booting. The `gptrepair` command implements the repair functions for GPT information on a specified device. Few other functions include searching devices by partition label or partition UUID. -## Commits +## Commits in the Flatcar patches -Below are the commits that are picked to create the two patches for the grub. One is +Below are the commits that are picked to create the two Flatcar patches. One is descriptive, and other is comprehensive.
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub-2.06-add-gpt-partition-scheme.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-boot/grub/grub-2.12-add-gpt-partition-scheme.patch similarity index 93% rename from sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub-2.06-add-gpt-partition-scheme.patch rename to sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-boot/grub/grub-2.12-add-gpt-partition-scheme.patch index cef57e856a9..c02d5dce93c 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub-2.06-add-gpt-partition-scheme.patch +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-boot/grub/grub-2.12-add-gpt-partition-scheme.patch @@ -12,66 +12,42 @@ This patch also includes the supporting functions like gptprio, gptrepair, search commands. The patch is prepared using the coreos/grub PRs, picking the only -required ones, and dropping the others. The README.md file in the -coreos-overlay/sys-boot/grub/ contains more contexual information -along with the commits used to create the patch. +required ones, and dropping the others. The README.md file in this +directory contains more contexual information along with the commits +used to create the patch. Authored-by: Michael Marineau Signed-off-by: Sayan Chowdhury --- - Makefile.util.def | 30 + - grub-core/Makefile.core.def | 25 + - grub-core/commands/gptprio.c | 223 +++++++ - grub-core/commands/gptrepair.c | 110 ++++ - grub-core/commands/search.c | 49 ++ - grub-core/commands/search_part_label.c | 5 + - grub-core/commands/search_part_uuid.c | 5 + - grub-core/commands/search_wrap.c | 12 + - grub-core/lib/gpt.c | 757 +++++++++++++++++++++++ - include/grub/gpt_partition.h | 211 ++++++- - include/grub/search.h | 4 + - tests/gpt_unit_test.c | 807 +++++++++++++++++++++++++ - tests/gptprio_test.in | 207 +++++++ - tests/gptrepair_test.in | 102 ++++ - 14 files changed, 2530 insertions(+), 17 deletions(-) - create mode 100644 grub-core/commands/gptprio.c - create mode 100644 grub-core/commands/gptrepair.c - create mode 100644 grub-core/commands/search_part_label.c - create mode 100644 grub-core/commands/search_part_uuid.c - create mode 100644 grub-core/lib/gpt.c - create mode 100644 tests/gpt_unit_test.c - create mode 100644 tests/gptprio_test.in - create mode 100644 tests/gptrepair_test.in -diff --git a/Makefile.util.def b/Makefile.util.def -index f8b356cc1..07df521ec 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -1211,6 +1211,18 @@ script = { - common = tests/syslinux_test.in; +diff -Naur a/Makefile.util.def b/Makefile.util.def +--- a/Makefile.util.def 2024-09-05 16:04:35.405205341 -0000 ++++ b/Makefile.util.def 2024-09-05 16:05:42.308358821 -0000 +@@ -1334,6 +1334,18 @@ + common = tests/test_asn1.in; }; - + +script = { -+ testcase; ++ testcase = native; + name = gptrepair_test; + common = tests/gptrepair_test.in; +}; + +script = { -+ testcase; ++ testcase = native; + name = gptprio_test; + common = tests/gptprio_test.in; +}; + program = { - testcase; + testcase = native; name = example_unit_test; -@@ -1288,6 +1300,24 @@ program = { +@@ -1411,6 +1423,24 @@ ldadd = '$(LIBDEVMAPPER) $(LIBZFS) $(LIBNVPAIR) $(LIBGEOM)'; }; - + +program = { -+ testcase; ++ testcase = native; + name = gpt_unit_test; + common = tests/gpt_unit_test.c; + common = tests/lib/unit_test.c; @@ -91,15 +67,13 @@ index f8b356cc1..07df521ec 100644 program = { name = grub-menulst2cfg; mansection = 1; -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 8022e1c0a..e9baa2144 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -897,6 +897,21 @@ module = { - common = commands/gptsync.c; +diff -Naur a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def +--- a/grub-core/Makefile.core.def 2024-09-05 16:04:35.460205469 -0000 ++++ b/grub-core/Makefile.core.def 2024-09-05 16:05:42.309358823 -0000 +@@ -968,6 +968,21 @@ }; - -+module = { + + module = { + name = gptrepair; + common = commands/gptrepair.c; +}; @@ -114,14 +88,14 @@ index 8022e1c0a..e9baa2144 100644 + common = lib/gpt.c; +}; + - module = { ++module = { name = halt; nopc = commands/halt.c; -@@ -1073,6 +1088,16 @@ module = { - common = commands/search_label.c; + i386_pc = commands/i386/pc/halt.c; +@@ -1157,6 +1172,16 @@ }; - -+module = { + + module = { + name = search_part_uuid; + common = commands/search_part_uuid.c; +}; @@ -131,14 +105,13 @@ index 8022e1c0a..e9baa2144 100644 + common = commands/search_part_label.c; +}; + - module = { ++module = { name = setpci; common = commands/setpci.c; -diff --git a/grub-core/commands/gptprio.c b/grub-core/commands/gptprio.c -new file mode 100644 -index 000000000..4a24fa62d ---- /dev/null -+++ b/grub-core/commands/gptprio.c + enable = pci; +diff -Naur a/grub-core/commands/gptprio.c b/grub-core/commands/gptprio.c +--- a/grub-core/commands/gptprio.c 1970-01-01 00:00:00.000000000 -0000 ++++ b/grub-core/commands/gptprio.c 2024-09-05 16:37:53.072065206 -0000 @@ -0,0 +1,223 @@ +/* gptprio.c - manage priority based partition selection. */ +/* @@ -217,7 +190,7 @@ index 000000000..4a24fa62d + +static grub_err_t +grub_find_next (const char *disk_name, -+ const grub_gpt_part_type_t *part_type, ++ const grub_packed_guid_t *part_type, + char **part_name, char **part_guid) +{ + struct grub_gpt_partentry *part, *part_found = NULL; @@ -304,7 +277,7 @@ index 000000000..4a24fa62d + char *p, *root = NULL, *part_name = NULL, *part_guid = NULL; + + /* TODO: Add a uuid parser and a command line flag for providing type. */ -+ grub_gpt_part_type_t part_type = GRUB_GPT_PARTITION_TYPE_USR_X86_64; ++ grub_packed_guid_t part_type = GRUB_GPT_PARTITION_TYPE_USR_X86_64; + + if (!state[NEXT_SET_DEVICE].set || !state[NEXT_SET_UUID].set) + { @@ -363,11 +336,9 @@ index 000000000..4a24fa62d +{ + grub_unregister_extcmd (cmd_next); +} -diff --git a/grub-core/commands/gptrepair.c b/grub-core/commands/gptrepair.c -new file mode 100644 -index 000000000..c17c7346c ---- /dev/null -+++ b/grub-core/commands/gptrepair.c +diff -Naur a/grub-core/commands/gptrepair.c b/grub-core/commands/gptrepair.c +--- a/grub-core/commands/gptrepair.c 1970-01-01 00:00:00.000000000 -0000 ++++ b/grub-core/commands/gptrepair.c 2024-09-05 16:05:42.309358823 -0000 @@ -0,0 +1,110 @@ +/* gptrepair.c - verify and restore GPT info from alternate location. */ +/* @@ -479,21 +450,21 @@ index 000000000..c17c7346c +{ + grub_unregister_command (cmd); +} -diff --git a/grub-core/commands/search.c b/grub-core/commands/search.c -index ed090b3af..4ad72c5b4 100644 ---- a/grub-core/commands/search.c -+++ b/grub-core/commands/search.c -@@ -30,6 +30,9 @@ - #include - #include - #include +diff -Naur a/grub-core/commands/search.c b/grub-core/commands/search.c +--- a/grub-core/commands/search.c 2024-09-05 16:04:35.464205478 -0000 ++++ b/grub-core/commands/search.c 2024-09-05 16:14:56.337547508 -0000 +@@ -33,6 +33,10 @@ + #include + #include + +#if defined(DO_SEARCH_PART_UUID) || defined(DO_SEARCH_PART_LABEL) +#include +#endif - ++ GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -90,6 +93,44 @@ iterate_device (const char *name, void *data) + + struct cache_entry +@@ -264,6 +268,44 @@ } grub_free (buf); } @@ -538,8 +509,8 @@ index ed090b3af..4ad72c5b4 100644 #else { /* SEARCH_FS_UUID or SEARCH_LABEL */ -@@ -313,6 +354,10 @@ static grub_command_t cmd; - +@@ -487,6 +529,10 @@ + #ifdef DO_SEARCH_FILE GRUB_MOD_INIT(search_fs_file) +#elif defined(DO_SEARCH_PART_UUID) @@ -549,8 +520,8 @@ index ed090b3af..4ad72c5b4 100644 #elif defined (DO_SEARCH_FS_UUID) GRUB_MOD_INIT(search_fs_uuid) #else -@@ -327,6 +372,10 @@ GRUB_MOD_INIT(search_label) - +@@ -501,6 +547,10 @@ + #ifdef DO_SEARCH_FILE GRUB_MOD_FINI(search_fs_file) +#elif defined(DO_SEARCH_PART_UUID) @@ -560,33 +531,28 @@ index ed090b3af..4ad72c5b4 100644 #elif defined (DO_SEARCH_FS_UUID) GRUB_MOD_FINI(search_fs_uuid) #else -diff --git a/grub-core/commands/search_part_label.c b/grub-core/commands/search_part_label.c -new file mode 100644 -index 000000000..ca906cbd9 ---- /dev/null -+++ b/grub-core/commands/search_part_label.c +diff -Naur a/grub-core/commands/search_part_label.c b/grub-core/commands/search_part_label.c +--- a/grub-core/commands/search_part_label.c 1970-01-01 00:00:00.000000000 -0000 ++++ b/grub-core/commands/search_part_label.c 2024-09-05 16:05:42.310358826 -0000 @@ -0,0 +1,5 @@ +#define DO_SEARCH_PART_LABEL 1 +#define FUNC_NAME grub_search_part_label +#define COMMAND_NAME "search.part_label" +#define HELP_MESSAGE N_("Search devices by partition label. If VARIABLE is specified, the first device found is set to a variable.") +#include "search.c" -diff --git a/grub-core/commands/search_part_uuid.c b/grub-core/commands/search_part_uuid.c -new file mode 100644 -index 000000000..2d1d3d0d7 ---- /dev/null -+++ b/grub-core/commands/search_part_uuid.c +diff -Naur a/grub-core/commands/search_part_uuid.c b/grub-core/commands/search_part_uuid.c +--- a/grub-core/commands/search_part_uuid.c 1970-01-01 00:00:00.000000000 -0000 ++++ b/grub-core/commands/search_part_uuid.c 2024-09-05 16:05:42.310358826 -0000 @@ -0,0 +1,5 @@ +#define DO_SEARCH_PART_UUID 1 +#define FUNC_NAME grub_search_part_uuid +#define COMMAND_NAME "search.part_uuid" +#define HELP_MESSAGE N_("Search devices by partition UUID. If VARIABLE is specified, the first device found is set to a variable.") +#include "search.c" -diff --git a/grub-core/commands/search_wrap.c b/grub-core/commands/search_wrap.c -index 47fc8eb99..d357454a9 100644 ---- a/grub-core/commands/search_wrap.c -+++ b/grub-core/commands/search_wrap.c -@@ -36,6 +36,10 @@ static const struct grub_arg_option options[] = +diff -Naur a/grub-core/commands/search_wrap.c b/grub-core/commands/search_wrap.c +--- a/grub-core/commands/search_wrap.c 2024-09-05 16:04:35.438205418 -0000 ++++ b/grub-core/commands/search_wrap.c 2024-09-05 16:12:58.537303529 -0000 +@@ -36,6 +36,10 @@ 0, 0}, {"fs-uuid", 'u', 0, N_("Search devices by a filesystem UUID."), 0, 0}, @@ -597,7 +563,7 @@ index 47fc8eb99..d357454a9 100644 {"set", 's', GRUB_ARG_OPTION_OPTIONAL, N_("Set a variable to the first device found."), N_("VARNAME"), ARG_TYPE_STRING}, -@@ -71,6 +75,8 @@ enum options +@@ -73,6 +77,8 @@ SEARCH_FILE, SEARCH_LABEL, SEARCH_FS_UUID, @@ -605,25 +571,21 @@ index 47fc8eb99..d357454a9 100644 + SEARCH_PART_UUID, SEARCH_SET, SEARCH_NO_FLOPPY, - SEARCH_HINT, -@@ -186,6 +192,12 @@ grub_cmd_search (grub_extcmd_context_t ctxt, int argc, char **args) + SEARCH_EFIDISK_ONLY, +@@ -198,6 +204,10 @@ + grub_search_label (id, var, flags, hints, nhints); else if (state[SEARCH_FS_UUID].set) - grub_search_fs_uuid (id, var, state[SEARCH_NO_FLOPPY].set, - hints, nhints); + grub_search_fs_uuid (id, var, flags, hints, nhints); + else if (state[SEARCH_PART_LABEL].set) -+ grub_search_part_label (id, var, state[SEARCH_NO_FLOPPY].set, -+ hints, nhints); ++ grub_search_part_label (id, var, flags, hints, nhints); + else if (state[SEARCH_PART_UUID].set) -+ grub_search_part_uuid (id, var, state[SEARCH_NO_FLOPPY].set, -+ hints, nhints); ++ grub_search_part_uuid (id, var, flags, hints, nhints); else if (state[SEARCH_FILE].set) - grub_search_fs_file (id, var, state[SEARCH_NO_FLOPPY].set, - hints, nhints); -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -new file mode 100644 -index 000000000..098fa65c4 ---- /dev/null -+++ b/grub-core/lib/gpt.c + grub_search_fs_file (id, var, flags, hints, nhints); + else +diff -Naur a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c +--- a/grub-core/lib/gpt.c 1970-01-01 00:00:00.000000000 -0000 ++++ b/grub-core/lib/gpt.c 2024-09-05 16:43:30.533499724 -0000 @@ -0,0 +1,757 @@ +/* gpt.c - Read/Verify/Write GUID Partition Tables (GPT). */ +/* @@ -666,7 +628,7 @@ index 000000000..098fa65c4 + grub_size_t *ret_entries_size); + +char * -+grub_gpt_guid_to_str (grub_gpt_guid_t *guid) ++grub_gpt_guid_to_str (grub_packed_guid_t *guid) +{ + return grub_xasprintf ("%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", + grub_le_to_cpu32 (guid->data1), @@ -915,7 +877,7 @@ index 000000000..098fa65c4 + return 0; + + return grub_memcmp(&gpt->primary.guid, &gpt->backup.guid, -+ sizeof(grub_gpt_guid_t)) == 0; ++ sizeof(grub_packed_guid_t)) == 0; +} + +static grub_err_t @@ -1312,7 +1274,7 @@ index 000000000..098fa65c4 + + if (grub_le_to_cpu32 (header->headersize) != sizeof (*header)) + return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, -+ "Header size is %u, must be %u", ++ "Header size is %u, must be %zu", + grub_le_to_cpu32 (header->headersize), + sizeof (*header)); + @@ -1382,30 +1344,20 @@ index 000000000..098fa65c4 + grub_free (gpt->entries); + grub_free (gpt); +} -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index 7a93f4329..5c4372dce 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -21,6 +21,7 @@ - +diff -Naur a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h +--- a/include/grub/gpt_partition.h 2023-11-22 17:52:44.000000000 -0000 ++++ b/include/grub/gpt_partition.h 2024-09-05 16:43:04.107463044 -0000 +@@ -21,25 +21,45 @@ + #include #include +#include - - struct grub_gpt_part_guid - { -@@ -30,25 +31,46 @@ struct grub_gpt_part_guid - grub_uint8_t data4[8]; - } GRUB_PACKED; - typedef struct grub_gpt_part_guid grub_gpt_part_guid_t; -+typedef struct grub_gpt_part_guid grub_gpt_guid_t; -+typedef struct grub_gpt_part_guid grub_gpt_part_type_t; - + -#define GRUB_GPT_PARTITION_TYPE_EMPTY \ - { 0x0, 0x0, 0x0, \ - { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 } \ +/* Format the raw little-endian GUID as a newly allocated string. */ -+char * grub_gpt_guid_to_str (grub_gpt_guid_t *guid); ++char * grub_gpt_guid_to_str (grub_packed_guid_t *guid); + + +#define GRUB_GPT_GUID_INIT(a, b, c, d1, d2, d3, d4, d5, d6, d7, d8) \ @@ -1415,7 +1367,7 @@ index 7a93f4329..5c4372dce 100644 + grub_cpu_to_le16_compile_time (c), \ + { d1, d2, d3, d4, d5, d6, d7, d8 } \ } - + +#define GRUB_GPT_PARTITION_TYPE_EMPTY \ + GRUB_GPT_GUID_INIT (0x0, 0x0, 0x0, \ + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) @@ -1432,7 +1384,7 @@ index 7a93f4329..5c4372dce 100644 - } + GRUB_GPT_GUID_INIT (0x21686148, 0x6449, 0x6e6f, \ + 0x74, 0x4e, 0x65, 0x65, 0x64, 0x45, 0x46, 0x49) - + #define GRUB_GPT_PARTITION_TYPE_LDM \ - { grub_cpu_to_le32_compile_time (0x5808C8AAU),\ - grub_cpu_to_le16_compile_time (0x7E8F), \ @@ -1451,10 +1403,10 @@ index 7a93f4329..5c4372dce 100644 + +#define GRUB_GPT_HEADER_VERSION \ + grub_cpu_to_le32_compile_time (0x00010000U) - + struct grub_gpt_header { -@@ -57,11 +79,11 @@ struct grub_gpt_header +@@ -48,11 +68,11 @@ grub_uint32_t headersize; grub_uint32_t crc32; grub_uint32_t unused1; @@ -1465,18 +1417,18 @@ index 7a93f4329..5c4372dce 100644 grub_uint64_t start; grub_uint64_t end; - grub_uint8_t guid[16]; -+ grub_gpt_part_guid_t guid; ++ grub_packed_guid_t guid; grub_uint64_t partitions; grub_uint32_t maxpart; grub_uint32_t partentry_size; -@@ -75,13 +97,168 @@ struct grub_gpt_partentry +@@ -66,13 +86,168 @@ grub_uint64_t start; grub_uint64_t end; grub_uint64_t attrib; - char name[72]; + grub_uint16_t name[36]; - } GRUB_PACKED; - + }; + +enum grub_gpt_part_attr_offset +{ + /* Standard partition attribute bits defined by UEFI. */ @@ -1527,7 +1479,7 @@ index 7a93f4329..5c4372dce 100644 grub_gpt_partition_map_iterate (grub_disk_t disk, grub_partition_iterate_hook_t hook, void *hook_data); - + +/* Advanced GPT library. */ + +/* Status bits for the grub_gpt.status field. */ @@ -1639,25 +1591,24 @@ index 7a93f4329..5c4372dce 100644 +grub_err_t grub_gpt_part_uuid (grub_device_t device, char **uuid); #endif /* ! GRUB_GPT_PARTITION_HEADER */ -diff --git a/include/grub/search.h b/include/grub/search.h -index d80347df3..c2f40abe9 100644 ---- a/include/grub/search.h -+++ b/include/grub/search.h -@@ -25,5 +25,9 @@ void grub_search_fs_uuid (const char *key, const char *var, int no_floppy, - char **hints, unsigned nhints); - void grub_search_label (const char *key, const char *var, int no_floppy, +diff -Naur a/include/grub/search.h b/include/grub/search.h +--- a/include/grub/search.h 2024-09-05 16:04:35.439205420 -0000 ++++ b/include/grub/search.h 2024-09-05 16:05:42.312358830 -0000 +@@ -36,5 +36,11 @@ + void grub_search_label (const char *key, const char *var, + enum search_flags flags, char **hints, unsigned nhints); -+void grub_search_part_uuid (const char *key, const char *var, int no_floppy, -+ char **hints, unsigned nhints); -+void grub_search_part_label (const char *key, const char *var, int no_floppy, -+ char **hints, unsigned nhints); ++void grub_search_part_uuid (const char *key, const char *var, ++ enum search_flags flags, ++ char **hints, unsigned nhints); ++void grub_search_part_label (const char *key, const char *var, ++ enum search_flags flags, ++ char **hints, unsigned nhints); #endif -diff --git a/tests/gpt_unit_test.c b/tests/gpt_unit_test.c -new file mode 100644 -index 000000000..53f686912 ---- /dev/null -+++ b/tests/gpt_unit_test.c +diff -Naur a/tests/gpt_unit_test.c b/tests/gpt_unit_test.c +--- a/tests/gpt_unit_test.c 1970-01-01 00:00:00.000000000 -0000 ++++ b/tests/gpt_unit_test.c 2024-09-05 16:05:42.313358833 -0000 @@ -0,0 +1,807 @@ +/* + * GRUB -- GRand Unified Bootloader @@ -2466,11 +2417,9 @@ index 000000000..53f686912 + grub_test_unregister ("gpt_search_part_uuid_test"); + grub_fini_all (); +} -diff --git a/tests/gptprio_test.in b/tests/gptprio_test.in -new file mode 100644 -index 000000000..c5cf0f3b7 ---- /dev/null -+++ b/tests/gptprio_test.in +diff -Naur a/tests/gptprio_test.in b/tests/gptprio_test.in +--- a/tests/gptprio_test.in 1970-01-01 00:00:00.000000000 -0000 ++++ b/tests/gptprio_test.in 2024-09-05 16:05:42.313358833 -0000 @@ -0,0 +1,207 @@ +#! /bin/bash +set -e @@ -2679,11 +2628,9 @@ index 000000000..c5cf0f3b7 +check_next 4 1 0 1 +check_prio 2 3 0 0 +check_prio 3 2 0 0 -diff --git a/tests/gptrepair_test.in b/tests/gptrepair_test.in -new file mode 100644 -index 000000000..805dc171a ---- /dev/null -+++ b/tests/gptrepair_test.in +diff -Naur a/tests/gptrepair_test.in b/tests/gptrepair_test.in +--- a/tests/gptrepair_test.in 1970-01-01 00:00:00.000000000 -0000 ++++ b/tests/gptrepair_test.in 2024-09-05 16:05:42.313358833 -0000 @@ -0,0 +1,102 @@ +#! /bin/sh +set -e @@ -2787,6 +2734,3 @@ index 000000000..805dc171a +do_repair +cmp "${img1}" "${img2}" +echo --- -2.34.1 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub-2.06-add-verity-hash.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-boot/grub/grub-2.12-add-verity-hash.patch similarity index 72% rename from sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub-2.06-add-verity-hash.patch rename to sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-boot/grub/grub-2.12-add-verity-hash.patch index ed892d90dd2..8b90a00daa2 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub-2.06-add-verity-hash.patch +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-boot/grub/grub-2.12-add-verity-hash.patch @@ -7,76 +7,67 @@ Read the verity hash from the kernel binary and pass it to the running system via the kernel command line The patch is prepared using the coreos/grub PRs, picking the only -required ones, and dropping the others. The README.md file in the -coreos-overlay/sys-boot/grub/ contains more contexual information -along with the commits used to create the patch. +required ones, and dropping the others. The README.md file in this +directory contains more contexual information along with the commits +used to create the patch. Authored-by: Matthew Garrett Signed-off-by: Sayan Chowdhury --- - grub-core/loader/arm64/linux.c | 6 +++- - grub-core/loader/i386/linux.c | 3 ++ - include/grub/verity-hash.h | 51 ++++++++++++++++++++++++++++++++++ - 3 files changed, 59 insertions(+), 1 deletion(-) - create mode 100644 include/grub/verity-hash.h -diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c -index ef3e9f944..17bed4e15 100644 ---- a/grub-core/loader/arm64/linux.c -+++ b/grub-core/loader/arm64/linux.c +diff -Naur a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c +--- a/grub-core/loader/efi/linux.c 2023-10-03 12:21:48.000000000 -0000 ++++ b/grub-core/loader/efi/linux.c 2024-09-12 10:18:36.454803371 -0000 @@ -34,6 +34,8 @@ #include #include - + +#include + GRUB_MOD_LICENSE ("GPLv3+"); - + static grub_dl_t my_mod; -@@ -333,7 +335,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - +@@ -533,7 +535,8 @@ + grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); - + - cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE); + cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE) + + VERITY_CMDLINE_LENGTH; linux_args = grub_malloc (cmdline_size); if (!linux_args) { -@@ -350,6 +353,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - +@@ -550,6 +553,7 @@ + if (grub_errno == GRUB_ERR_NONE) { + grub_pass_verity_hash (kernel_addr, linux_args, cmdline_size); grub_loader_set (grub_linux_boot, grub_linux_unload, 0); loaded = 1; } -diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c -index 9f74a96b1..1c76ac5bf 100644 ---- a/grub-core/loader/i386/linux.c -+++ b/grub-core/loader/i386/linux.c +diff -Naur a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c +--- a/grub-core/loader/i386/linux.c 2023-10-03 12:21:48.000000000 -0000 ++++ b/grub-core/loader/i386/linux.c 2024-09-12 10:28:05.571587951 -0000 @@ -38,6 +38,8 @@ #include #include - + +#include + GRUB_MOD_LICENSE ("GPLv3+"); - + #ifdef GRUB_MACHINE_PCBIOS -@@ -1006,6 +1008,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -1018,6 +1020,7 @@ goto fail; } - -+ grub_pass_verity_hash(&lh, linux_cmdline, maximal_cmdline_size); + ++ grub_pass_verity_hash (&lh, linux_cmdline, maximal_cmdline_size); len = prot_file_size; if (grub_file_read (file, prot_mode_mem, len) != len && !grub_errno) grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -diff --git a/include/grub/verity-hash.h b/include/grub/verity-hash.h -new file mode 100644 -index 000000000..448d9aff0 ---- /dev/null -+++ b/include/grub/verity-hash.h +diff -Naur a/include/grub/verity-hash.h b/include/grub/verity-hash.h +--- a/include/grub/verity-hash.h 1970-01-01 00:00:00.000000000 -0000 ++++ b/include/grub/verity-hash.h 2024-09-12 10:18:39.993826952 -0000 @@ -0,0 +1,51 @@ +/* CoreOS verity hash */ + @@ -129,6 +120,3 @@ index 000000000..448d9aff0 + cmdline_len += VERITY_HASH_LENGTH; + cmdline[cmdline_len] = '\0'; +} --- -2.34.1 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/Manifest b/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/Manifest deleted file mode 100644 index 9adaa7a4b23..00000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/Manifest +++ /dev/null @@ -1,5 +0,0 @@ -DIST dejavu-sans-ttf-2.37.zip 417746 BLAKE2B c8904f3cd5a49370a7dc10e456684c88aeae998a99090bf4d0a5baa4f36cc8fb8f70586cf6d610a5ffeee97261d28c80f55bbe9dcfc3ed796d5c2d60e79adb58 SHA512 ede5899daa1984c5aa8cacb1c850eb53f189dddef3d9bb78bf9774d8976b7c0d6eb0bcf86237cd7d11f5b36cf5b5058d42cd94d3bd76f2bd0931c7ceb1271fae -DIST grub-2.06-backports-r3.tar.xz 47612 BLAKE2B 235610e826c7a76d05872fb51e74564fb3861590f95377d5dcb9a5a4b0f5037d0b71c9f334bfe0bbe399f65036088d808f7af8e43090007ab7394002d05f7b4a SHA512 561f031dca2cdc13fc1b3f3cfdbdccd7decd67ef18ddcc588327f141b026eadcda5d64d729929859cad54959b3855ff86c1f62e3ff1d8ae5f6f5ac5761fa6ba4 -DIST grub-2.06.tar.xz 6581924 BLAKE2B 2a40b9b03d7bb3b9e7b1309ab274d686f01b3c42e7035ebc6e5a0e59a59c3b7362ba518341664b314cb0dbc8222bb10ea05ce09f08ce9d58a293207cb909e417 SHA512 4f11c648f3078567e53fc0c74d5026fdc6da4be27d188975e79d9a4df817ade0fe5ad2ddd694238a07edc45adfa02943d83c57767dd51548102b375e529e8efe -DIST grub-2.06.tar.xz.sig 566 BLAKE2B 2ff18fb40d9cce36cac110ba9996f88236dbaa261d19e777a6d23a0e9754a9fc8bc45a01896f4838c88bb44edff0172a97611202cb3ffd5653a3cbdfc102ae16 SHA512 797683dafade76b5981bd02f079d7dcecb36f5d07eca652181fd69f3df821931f84cc0d8771bfb80506ef41fbd96edfb202b6698af1fec3c8228dd320a05fa84 -DIST unifont-12.1.02.pcf.gz 1335424 BLAKE2B 97080312468e3f3c8aa6f49cef08f5622641e8c9c035f3ede1e09d8d98de4e78d3b23c8aba2e8070eb46cbebd2d55e8568e467d7f15f35aa8fc8db792b7e5f14 SHA512 b280b2db7cf5f480b0668c331130dede2c0cc87d5e02e44566b77787113d0f6604d0105522858288f2ac6b8e77df7a2d9878725013a6c778dc5bfb183156e2f0 diff --git a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/sbat.csv.in b/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/sbat.csv.in deleted file mode 100644 index 21d760043e7..00000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/sbat.csv.in +++ /dev/null @@ -1,3 +0,0 @@ -sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md -grub,4,Free Software Foundation,grub,@@UPSTREAM_VERSION@@,https://www.gnu.org/software/grub/ -grub.flatcar,1,Flatcar,grub2,@@VERSION@@,https://github.com/flatcar/flatcar diff --git a/sdk_container/src/third_party/portage-stable/sys-boot/grub/Manifest b/sdk_container/src/third_party/portage-stable/sys-boot/grub/Manifest new file mode 100644 index 00000000000..03be6d62187 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-boot/grub/Manifest @@ -0,0 +1,5 @@ +DIST dejavu-sans-ttf-2.37.zip 417746 BLAKE2B c8904f3cd5a49370a7dc10e456684c88aeae998a99090bf4d0a5baa4f36cc8fb8f70586cf6d610a5ffeee97261d28c80f55bbe9dcfc3ed796d5c2d60e79adb58 SHA512 ede5899daa1984c5aa8cacb1c850eb53f189dddef3d9bb78bf9774d8976b7c0d6eb0bcf86237cd7d11f5b36cf5b5058d42cd94d3bd76f2bd0931c7ceb1271fae +DIST grub-2.12-bash-completion.patch.gz 3627 BLAKE2B 6ba80fd4fb4b28ae2e5a2387133d815da126a4eaa4b5cb24b13f4ba5a2499ab4099d10ada366ed39f84be2c38774122f48e1a1894768c5bee29149528610d095 SHA512 a9ee6d2253ae48d7f90907a9e975a3a1d01346bc621d8b8cddf7cc815cd91e078f6c61392724d13556ee64f099fa15c94fcb88a49ff02d4a90ebd376252cea5c +DIST grub-2.12.tar.xz 6675608 BLAKE2B a678f7fafb945d325c8cf47aa086f48357a8f6335b762f77038c30a3896b3b05491598d9931d5335841d224fffcbe4a9a43ca1479057c1f1ce52b8d2a952c431 SHA512 761c060a4c3da9c0e810b0ea967e3ebc66baa4ddd682a503ae3d30a83707626bccaf49359304a16b3a26fc4435fe6bea1ee90be910c84de3c2b5485a31a15be3 +DIST grub-2.12.tar.xz.sig 566 BLAKE2B 9b77fe53041b99f1196743aa6d9fc9c727b17c6512129bab2b35005f2c70f371e30521ddd804bf0c666e36cf2667247980f385ca1ac911fa9b8e0311427dc01c SHA512 fbe971d8c382578b49d33902234edd9cbd084b70820a1a56a59df4ec30874c0dd4fe27f8dc44bb380716bb7480ca68a87d120a25b92a6a10ff6c8ec1b60548d3 +DIST unifont-15.0.06.pcf.gz 1358322 BLAKE2B 81811e3de390ca35d1a2dc1f1dee73464e97f44907ba522c218ba9c5e39ca3c9d767552780a257a97c156eb623c17786d9c0d2b67786d61df5ca33a1e10db7ca SHA512 0a28a406629c604f5cbf51f501528239a7ed50d19f93ea505bc5bdc72639e4b926b03f4b8782a5733041f7cdb4aebb9948ac7cfd5a8ad9a0fe309944e595517b diff --git a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/gfxpayload.patch b/sdk_container/src/third_party/portage-stable/sys-boot/grub/files/gfxpayload.patch similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/gfxpayload.patch rename to sdk_container/src/third_party/portage-stable/sys-boot/grub/files/gfxpayload.patch diff --git a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub-2.02_beta2-KERNEL_GLOBS.patch b/sdk_container/src/third_party/portage-stable/sys-boot/grub/files/grub-2.02_beta2-KERNEL_GLOBS.patch similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub-2.02_beta2-KERNEL_GLOBS.patch rename to sdk_container/src/third_party/portage-stable/sys-boot/grub/files/grub-2.02_beta2-KERNEL_GLOBS.patch diff --git a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub-2.06-test-words.patch b/sdk_container/src/third_party/portage-stable/sys-boot/grub/files/grub-2.06-test-words.patch similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub-2.06-test-words.patch rename to sdk_container/src/third_party/portage-stable/sys-boot/grub/files/grub-2.06-test-words.patch diff --git a/sdk_container/src/third_party/portage-stable/sys-boot/grub/files/grub-2.12-fwsetup.patch b/sdk_container/src/third_party/portage-stable/sys-boot/grub/files/grub-2.12-fwsetup.patch new file mode 100644 index 00000000000..d328d3f110a --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-boot/grub/files/grub-2.12-fwsetup.patch @@ -0,0 +1,38 @@ +From 6e0b2277eba062bf7950536cd27f9789c545d20f Mon Sep 17 00:00:00 2001 +From: Mike Gilbert +Date: Thu, 11 Apr 2024 15:33:45 -0400 +Subject: [PATCH] grub.d: avoid calling fwsetup unconditionally + +This causes grub to enter the firmware setup on boot when using a +grub core that does not support the 'fwsetup --is-supported' option. + +Upstream has rejected attempts to resolve this, so we will carry this as +a distro patch for a bit. + +Bug: https://bugs.gentoo.org/925370 +--- + util/grub.d/30_uefi-firmware.in | 9 +++------ + 1 file changed, 3 insertions(+), 6 deletions(-) + +diff --git a/util/grub.d/30_uefi-firmware.in b/util/grub.d/30_uefi-firmware.in +index 1c2365ddb..b6041b55e 100644 +--- a/util/grub.d/30_uefi-firmware.in ++++ b/util/grub.d/30_uefi-firmware.in +@@ -32,11 +32,8 @@ gettext_printf "Adding boot menu entry for UEFI Firmware Settings ...\n" >&2 + + cat << EOF + if [ "\$grub_platform" = "efi" ]; then +- fwsetup --is-supported +- if [ "\$?" = 0 ]; then +- menuentry '$LABEL' \$menuentry_id_option 'uefi-firmware' { +- fwsetup +- } +- fi ++ menuentry '$LABEL' \$menuentry_id_option 'uefi-firmware' { ++ fwsetup ++ } + fi + EOF +-- +2.44.0 + diff --git a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub.default-4 b/sdk_container/src/third_party/portage-stable/sys-boot/grub/files/grub.default-4 similarity index 93% rename from sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub.default-4 rename to sdk_container/src/third_party/portage-stable/sys-boot/grub/files/grub.default-4 index 35d3060137a..74f5d10aea3 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub.default-4 +++ b/sdk_container/src/third_party/portage-stable/sys-boot/grub/files/grub.default-4 @@ -34,9 +34,9 @@ GRUB_DISTRIBUTOR="Gentoo" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console -# The resolution used on graphical terminal. -# Note that you can use only modes which your graphic card supports via VBE. -# You can see them in real GRUB with the command `vbeinfo'. +# Resolution used on graphical terminal. +# The list of valid modes may be obtained using the 'vbeinfo' (PC BIOS) or +# 'videoinfo' (EFI) command from a GRUB boot prompt. #GRUB_GFXMODE=640x480 # Set to 'text' to force the Linux kernel to boot in normal text diff --git a/sdk_container/src/third_party/portage-stable/sys-boot/grub/files/sbat.csv b/sdk_container/src/third_party/portage-stable/sys-boot/grub/files/sbat.csv new file mode 100644 index 00000000000..f85cd8eb063 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-boot/grub/files/sbat.csv @@ -0,0 +1,3 @@ +sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md +grub,3,Free Software Foundation,grub,%PV%,https://www.gnu.org/software/grub/ +grub.gentoo,1,Gentoo,grub,%PV%,https://bugs.gentoo.org/ diff --git a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/grub-2.06-r10.ebuild b/sdk_container/src/third_party/portage-stable/sys-boot/grub/grub-2.12-r4.ebuild similarity index 82% rename from sdk_container/src/third_party/coreos-overlay/sys-boot/grub/grub-2.06-r10.ebuild rename to sdk_container/src/third_party/portage-stable/sys-boot/grub/grub-2.12-r4.ebuild index a4b46efcd3f..be8779e57cb 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/grub-2.06-r10.ebuild +++ b/sdk_container/src/third_party/portage-stable/sys-boot/grub/grub-2.12-r4.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2023 Gentoo Authors +# Copyright 1999-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=7 @@ -16,29 +16,24 @@ EAPI=7 # If any of the above applies to a user patch, the user should set the # corresponding variable in make.conf or the environment. -if [[ ${PV} == 9999 ]]; then - GRUB_AUTORECONF=1 - GRUB_BOOTSTRAP=1 -fi - -GRUB_AUTOGEN=1 GRUB_AUTORECONF=1 -PYTHON_COMPAT=( python3_{8..11} ) +PYTHON_COMPAT=( python3_{10..12} ) WANT_LIBTOOL=none -VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/dkiper.gpg - -if [[ -n ${GRUB_AUTOGEN} || -n ${GRUB_BOOTSTRAP} ]]; then - inherit python-any-r1 -fi +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/dkiper.gpg if [[ -n ${GRUB_AUTORECONF} ]]; then inherit autotools fi -inherit bash-completion-r1 flag-o-matic multibuild optfeature toolchain-funcs verify-sig +inherit bash-completion-r1 flag-o-matic multibuild optfeature python-any-r1 toolchain-funcs + +DESCRIPTION="GNU GRUB boot loader" +HOMEPAGE="https://www.gnu.org/software/grub/" MY_P=${P} if [[ ${PV} != 9999 ]]; then + inherit verify-sig + if [[ ${PV} == *_alpha* || ${PV} == *_beta* || ${PV} == *_rc* ]]; then # The quote style is to work with <=bash-4.2 and >=bash-4.3 #503860 MY_P=${P/_/'~'} @@ -50,36 +45,30 @@ if [[ ${PV} != 9999 ]]; then else SRC_URI=" mirror://gnu/${PN}/${P}.tar.xz + https://dev.gentoo.org/~floppym/dist/${P}-bash-completion.patch.gz verify-sig? ( mirror://gnu/${PN}/${P}.tar.xz.sig ) " S=${WORKDIR}/${P%_*} fi - # Flatcar: Mark as stable for arm64. - KEYWORDS="amd64 ~arm arm64 ~ia64 ~ppc ~ppc64 ~riscv ~sparc x86" + BDEPEND="verify-sig? ( sec-keys/openpgp-keys-danielkiper )" + KEYWORDS="amd64 arm arm64 ~ia64 ~loong ppc ppc64 ~riscv sparc x86" else inherit git-r3 EGIT_REPO_URI="https://git.savannah.gnu.org/git/grub.git" fi -SRC_URI+=" https://dev.gentoo.org/~floppym/dist/${P}-backports-r3.tar.xz" - PATCHES=( - "${WORKDIR}/${P}-backports" "${FILESDIR}"/gfxpayload.patch "${FILESDIR}"/grub-2.02_beta2-KERNEL_GLOBS.patch "${FILESDIR}"/grub-2.06-test-words.patch - # Flatcar: Add our patches. - "${FILESDIR}"/grub-2.06-add-verity-hash.patch - "${FILESDIR}"/grub-2.06-add-gpt-partition-scheme.patch + "${FILESDIR}"/grub-2.12-fwsetup.patch + "${WORKDIR}"/grub-2.12-bash-completion.patch ) DEJAVU=dejavu-sans-ttf-2.37 -UNIFONT=unifont-12.1.02 +UNIFONT=unifont-15.0.06 SRC_URI+=" fonts? ( mirror://gnu/unifont/${UNIFONT}/${UNIFONT}.pcf.gz ) - themes? ( mirror://sourceforge/dejavu/${DEJAVU}.zip )" - -DESCRIPTION="GNU GRUB boot loader" -HOMEPAGE="https://www.gnu.org/software/grub/" + themes? ( https://downloads.sourceforge.net/dejavu/${DEJAVU}.zip )" # Includes licenses for dejavu and unifont LICENSE="GPL-3+ BSD MIT fonts? ( GPL-2-with-font-exception ) themes? ( CC-BY-SA-3.0 BitstreamVera )" @@ -88,9 +77,6 @@ IUSE="device-mapper doc efiemu +fonts mount nls sdl test +themes truetype libzfs GRUB_ALL_PLATFORMS=( coreboot efi-32 efi-64 emu ieee1275 loongson multiboot qemu qemu-mips pc uboot xen xen-32 xen-pvh ) - -# Flatcar: Add arm64 to the list of platforms -GRUB_ALL_PLATFORMS+=( arm64 ) IUSE+=" ${GRUB_ALL_PLATFORMS[@]/#/grub_platforms_}" REQUIRED_USE=" @@ -100,21 +86,19 @@ REQUIRED_USE=" grub_platforms_loongson? ( fonts ) " -# Flatcar: Add a dependency on aarch64 cross gcc for arm64 platform. -BDEPEND=" +BDEPEND+=" ${PYTHON_DEPS} >=sys-devel/flex-2.5.35 sys-devel/bison sys-apps/help2man sys-apps/texinfo - grub_platforms_arm64? ( cross-aarch64-cros-linux-gnu/gcc ) fonts? ( media-libs/freetype:2 virtual/pkgconfig ) test? ( app-admin/genromfs - app-arch/cpio + app-alternatives/cpio app-arch/lzop app-emulation/qemu dev-libs/libisoburn @@ -128,17 +112,16 @@ BDEPEND=" virtual/pkgconfig ) truetype? ( virtual/pkgconfig ) - verify-sig? ( sec-keys/openpgp-keys-danielkiper ) " DEPEND=" app-arch/xz-utils >=sys-libs/ncurses-5.2-r5:0= grub_platforms_emu? ( - sdl? ( media-libs/libsdl ) + sdl? ( media-libs/libsdl2 ) ) device-mapper? ( >=sys-fs/lvm2-2.02.45 ) libzfs? ( sys-fs/zfs:= ) - mount? ( sys-fs/fuse:0 ) + mount? ( sys-fs/fuse:3 ) truetype? ( media-libs/freetype:2= ) ppc? ( >=sys-apps/ibm-powerpc-utils-1.3.5 ) ppc64? ( >=sys-apps/ibm-powerpc-utils-1.3.5 ) @@ -152,7 +135,7 @@ RDEPEND="${DEPEND} nls? ( sys-devel/gettext ) " -RESTRICT="!test? ( test )" +RESTRICT="!test? ( test ) test? ( userpriv )" QA_EXECSTACK="usr/bin/grub-emu* usr/lib/grub/*" QA_PRESTRIPPED="usr/lib/grub/.*" @@ -181,11 +164,7 @@ src_unpack() { src_prepare() { default - if [[ -n ${GRUB_AUTOGEN} || -n ${GRUB_BOOTSTRAP} ]]; then - python_setup - else - export PYTHON=true - fi + python_setup if [[ -n ${GRUB_BOOTSTRAP} ]]; then eautopoint --force @@ -197,6 +176,10 @@ src_prepare() { if [[ -n ${GRUB_AUTORECONF} ]]; then eautoreconf fi + + # Avoid error due to extra_deps.lst missing from source tarball: + # make[3]: *** No rule to make target 'grub-core/extra_deps.lst', needed by 'syminfo.lst'. Stop. + echo "depends bli part_gpt" > grub-core/extra_deps.lst || die } grub_do() { @@ -214,8 +197,6 @@ grub_configure() { efi*) platform=efi ;; xen-pvh) platform=xen_pvh ;; xen*) platform=xen ;; - # Flatcar: Handle arm64 as efi platform - arm64*) platform=efi ;; guessed) ;; *) platform=${MULTIBUILD_VARIANT} ;; esac @@ -243,7 +224,8 @@ grub_configure() { $(use_enable themes grub-themes) $(use_enable truetype grub-mkfont) $(use_enable libzfs) - $(use_enable sdl grub-emu-sdl) + --enable-grub-emu-sdl=no + $(use_enable sdl grub-emu-sdl2) ${platform:+--with-platform=}${platform} # Let configure detect this where supported @@ -298,7 +280,7 @@ src_configure() { src_compile() { # Sandbox bug 404013. - use libzfs && addpredict /etc/dfs:/dev/zfs + use libzfs && { addpredict /etc/dfs; addpredict /dev/zfs; } grub_do emake use doc && grub_do_once emake -C docs html @@ -307,7 +289,9 @@ src_compile() { src_test() { # The qemu dependency is a bit complex. # You will need to adjust QEMU_SOFTMMU_TARGETS to match the cpu/platform. - grub_do emake check + local SANDBOX_WRITE=${SANDBOX_WRITE} + addwrite /dev + grub_do emake -j1 check } src_install() { @@ -322,10 +306,14 @@ src_install() { # https://bugs.gentoo.org/231935 dostrip -x /usr/lib/grub - # SBAT format documentation https://github.com/rhboot/shim/blob/main/SBAT.md - dodir /usr/share/grub - sed -e "s/@@UPSTREAM_VERSION@@/${PV}/" -e "s/@@VERSION@@/${PVR}/" "${FILESDIR}"/sbat.csv.in >"${ED}/usr/share/grub/sbat.csv" || die + sed -e "s/%PV%/${PV}/" "${FILESDIR}/sbat.csv" > "${T}/sbat.csv" || die + insinto /usr/share/grub + doins "${T}/sbat.csv" + if use elibc_musl; then + # https://bugs.gentoo.org/900348 + QA_CONFIG_IMPL_DECL_SKIP=( re_{compile_pattern,match,search,set_syntax} ) + fi } pkg_postinst() { @@ -346,8 +334,9 @@ pkg_postinst() { else elog optfeature "detecting other operating systems (grub-mkconfig)" sys-boot/os-prober - optfeature "creating rescue media (grub-mkrescue)" dev-libs/libisoburn + optfeature "creating rescue media (grub-mkrescue)" dev-libs/libisoburn sys-fs/mtools optfeature "enabling RAID device detection" sys-fs/mdadm + optfeature "automatically updating GRUB's configuration on each kernel installation" "sys-kernel/installkernel[grub]" fi if has_version 'sys-boot/grub:0'; then diff --git a/sdk_container/src/third_party/portage-stable/sys-boot/grub/grub-2.12-r5.ebuild b/sdk_container/src/third_party/portage-stable/sys-boot/grub/grub-2.12-r5.ebuild new file mode 100644 index 00000000000..b79c99dc948 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-boot/grub/grub-2.12-r5.ebuild @@ -0,0 +1,435 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +# This ebuild uses 3 special global variables: +# GRUB_BOOTSTRAP: Depend on python and invoke bootstrap (gnulib). +# GRUB_AUTOGEN: Depend on python and invoke autogen.sh. +# GRUB_AUTORECONF: Inherit autotools and invoke eautoreconf. +# +# When applying patches: +# If gnulib is updated, set GRUB_BOOTSTRAP=1 +# If gentpl.py or *.def is updated, set GRUB_AUTOGEN=1 +# If gnulib, gentpl.py, *.def, or any autotools files are updated, set GRUB_AUTORECONF=1 +# +# If any of the above applies to a user patch, the user should set the +# corresponding variable in make.conf or the environment. + +GRUB_AUTORECONF=1 +PYTHON_COMPAT=( python3_{10..12} ) +WANT_LIBTOOL=none +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/dkiper.gpg + +if [[ -n ${GRUB_AUTORECONF} ]]; then + inherit autotools +fi + +inherit bash-completion-r1 flag-o-matic multibuild optfeature python-any-r1 +inherit secureboot toolchain-funcs + +DESCRIPTION="GNU GRUB boot loader" +HOMEPAGE="https://www.gnu.org/software/grub/" + +MY_P=${P} +if [[ ${PV} != 9999 ]]; then + inherit verify-sig + + if [[ ${PV} == *_alpha* || ${PV} == *_beta* || ${PV} == *_rc* ]]; then + # The quote style is to work with <=bash-4.2 and >=bash-4.3 #503860 + MY_P=${P/_/'~'} + SRC_URI=" + https://alpha.gnu.org/gnu/${PN}/${MY_P}.tar.xz + verify-sig? ( https://alpha.gnu.org/gnu/${PN}/${MY_P}.tar.xz.sig ) + " + S=${WORKDIR}/${MY_P} + else + SRC_URI=" + mirror://gnu/${PN}/${P}.tar.xz + https://dev.gentoo.org/~floppym/dist/${P}-bash-completion.patch.gz + verify-sig? ( mirror://gnu/${PN}/${P}.tar.xz.sig ) + " + S=${WORKDIR}/${P%_*} + fi + BDEPEND="verify-sig? ( sec-keys/openpgp-keys-danielkiper )" + KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86" +else + inherit git-r3 + EGIT_REPO_URI="https://git.savannah.gnu.org/git/grub.git" +fi + +PATCHES=( + "${FILESDIR}"/gfxpayload.patch + "${FILESDIR}"/grub-2.02_beta2-KERNEL_GLOBS.patch + "${FILESDIR}"/grub-2.06-test-words.patch + "${FILESDIR}"/grub-2.12-fwsetup.patch + "${WORKDIR}"/grub-2.12-bash-completion.patch +) + +DEJAVU=dejavu-sans-ttf-2.37 +UNIFONT=unifont-15.0.06 +SRC_URI+=" fonts? ( mirror://gnu/unifont/${UNIFONT}/${UNIFONT}.pcf.gz ) + themes? ( https://downloads.sourceforge.net/dejavu/${DEJAVU}.zip )" + +# Includes licenses for dejavu and unifont +LICENSE="GPL-3+ BSD MIT fonts? ( GPL-2-with-font-exception ) themes? ( CC-BY-SA-3.0 BitstreamVera )" +SLOT="2/${PVR}" +IUSE="device-mapper doc efiemu +fonts mount nls sdl test +themes truetype libzfs" + +GRUB_ALL_PLATFORMS=( coreboot efi-32 efi-64 emu ieee1275 loongson multiboot + qemu qemu-mips pc uboot xen xen-32 xen-pvh ) +IUSE+=" ${GRUB_ALL_PLATFORMS[@]/#/grub_platforms_}" + +REQUIRED_USE=" + grub_platforms_coreboot? ( fonts ) + grub_platforms_qemu? ( fonts ) + grub_platforms_ieee1275? ( fonts ) + grub_platforms_loongson? ( fonts ) +" + +BDEPEND+=" + ${PYTHON_DEPS} + >=sys-devel/flex-2.5.35 + sys-devel/bison + sys-apps/help2man + sys-apps/texinfo + fonts? ( + media-libs/freetype:2 + virtual/pkgconfig + ) + test? ( + app-admin/genromfs + app-alternatives/cpio + app-arch/lzop + app-emulation/qemu + dev-libs/libisoburn + sys-apps/miscfiles + sys-block/parted + sys-fs/squashfs-tools + ) + themes? ( + app-arch/unzip + media-libs/freetype:2 + virtual/pkgconfig + ) + truetype? ( virtual/pkgconfig ) +" +DEPEND=" + app-arch/xz-utils + >=sys-libs/ncurses-5.2-r5:0= + grub_platforms_emu? ( + sdl? ( media-libs/libsdl2 ) + ) + device-mapper? ( >=sys-fs/lvm2-2.02.45 ) + libzfs? ( sys-fs/zfs:= ) + mount? ( sys-fs/fuse:3 ) + truetype? ( media-libs/freetype:2= ) + ppc? ( >=sys-apps/ibm-powerpc-utils-1.3.5 ) + ppc64? ( >=sys-apps/ibm-powerpc-utils-1.3.5 ) +" +RDEPEND="${DEPEND} + kernel_linux? ( + grub_platforms_efi-32? ( sys-boot/efibootmgr ) + grub_platforms_efi-64? ( sys-boot/efibootmgr ) + ) + !sys-boot/grub:0 + nls? ( sys-devel/gettext ) +" + +RESTRICT="!test? ( test ) test? ( userpriv )" + +QA_EXECSTACK="usr/bin/grub-emu* usr/lib/grub/*" +QA_PRESTRIPPED="usr/lib/grub/.*" +QA_MULTILIB_PATHS="usr/lib/grub/.*" +QA_WX_LOAD="usr/lib/grub/*" + +pkg_setup() { + : +} + +src_unpack() { + if [[ ${PV} == 9999 ]]; then + git-r3_src_unpack + pushd "${P}" >/dev/null || die + local GNULIB_URI="https://git.savannah.gnu.org/git/gnulib.git" + local GNULIB_REVISION=$(source bootstrap.conf >/dev/null; echo "${GNULIB_REVISION}") + git-r3_fetch "${GNULIB_URI}" "${GNULIB_REVISION}" + git-r3_checkout "${GNULIB_URI}" gnulib + popd >/dev/null || die + elif use verify-sig; then + verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.xz{,.sig} + fi + default +} + +src_prepare() { + default + + python_setup + + if [[ -n ${GRUB_BOOTSTRAP} ]]; then + eautopoint --force + AUTOPOINT=: AUTORECONF=: ./bootstrap || die + elif [[ -n ${GRUB_AUTOGEN} ]]; then + FROM_BOOTSTRAP=1 ./autogen.sh || die + fi + + if [[ -n ${GRUB_AUTORECONF} ]]; then + eautoreconf + fi + + # Avoid error due to extra_deps.lst missing from source tarball: + # make[3]: *** No rule to make target 'grub-core/extra_deps.lst', needed by 'syminfo.lst'. Stop. + echo "depends bli part_gpt" > grub-core/extra_deps.lst || die +} + +grub_do() { + multibuild_foreach_variant run_in_build_dir "$@" +} + +grub_do_once() { + multibuild_for_best_variant run_in_build_dir "$@" +} + +grub_configure() { + local platform + + case ${MULTIBUILD_VARIANT} in + efi*) platform=efi ;; + xen-pvh) platform=xen_pvh ;; + xen*) platform=xen ;; + guessed) ;; + *) platform=${MULTIBUILD_VARIANT} ;; + esac + + case ${MULTIBUILD_VARIANT} in + *-32) + if [[ ${CTARGET:-${CHOST}} == x86_64* ]]; then + local CTARGET=i386 + fi ;; + *-64) + if [[ ${CTARGET:-${CHOST}} == i?86* ]]; then + local CTARGET=x86_64 + local -x TARGET_CFLAGS="-Os -march=x86-64 ${TARGET_CFLAGS}" + local -x TARGET_CPPFLAGS="-march=x86-64 ${TARGET_CPPFLAGS}" + fi ;; + esac + + local myeconfargs=( + --disable-werror + --program-prefix= + --libdir="${EPREFIX}"/usr/lib + $(use_enable device-mapper) + $(use_enable mount grub-mount) + $(use_enable nls) + $(use_enable themes grub-themes) + $(use_enable truetype grub-mkfont) + $(use_enable libzfs) + --enable-grub-emu-sdl=no + $(use_enable sdl grub-emu-sdl2) + ${platform:+--with-platform=}${platform} + + # Let configure detect this where supported + $(usex efiemu '' '--disable-efiemu') + ) + + if use fonts; then + ln -rs "${WORKDIR}/${UNIFONT}.pcf" unifont.pcf || die + fi + + if use themes; then + ln -rs "${WORKDIR}/${DEJAVU}/ttf/DejaVuSans.ttf" DejaVuSans.ttf || die + fi + + local ECONF_SOURCE="${S}" + econf "${myeconfargs[@]}" +} + +src_configure() { + # Bug 508758. + replace-flags -O3 -O2 + + # Workaround for bug 829165. + filter-ldflags -pie + + # We don't want to leak flags onto boot code. + export HOST_CCASFLAGS=${CCASFLAGS} + export HOST_CFLAGS=${CFLAGS} + export HOST_CPPFLAGS=${CPPFLAGS} + export HOST_LDFLAGS=${LDFLAGS} + unset CCASFLAGS CFLAGS CPPFLAGS LDFLAGS + + tc-ld-disable-gold #439082 #466536 #526348 + export TARGET_LDFLAGS="${TARGET_LDFLAGS} ${LDFLAGS}" + unset LDFLAGS + + tc-export CC NM OBJCOPY RANLIB STRIP + tc-export BUILD_CC BUILD_PKG_CONFIG + + # Force configure to use flex & bison, bug 887211. + export LEX=flex + unset YACC + + MULTIBUILD_VARIANTS=() + local p + for p in "${GRUB_ALL_PLATFORMS[@]}"; do + use "grub_platforms_${p}" && MULTIBUILD_VARIANTS+=( "${p}" ) + done + [[ ${#MULTIBUILD_VARIANTS[@]} -eq 0 ]] && MULTIBUILD_VARIANTS=( guessed ) + grub_do grub_configure +} + +src_compile() { + # Sandbox bug 404013. + use libzfs && { addpredict /etc/dfs; addpredict /dev/zfs; } + + grub_do emake + use doc && grub_do_once emake -C docs html +} + +src_test() { + # The qemu dependency is a bit complex. + # You will need to adjust QEMU_SOFTMMU_TARGETS to match the cpu/platform. + local SANDBOX_WRITE=${SANDBOX_WRITE} + addwrite /dev + grub_do emake -j1 check +} + +grub_mkstandalone_secureboot() { + use secureboot || return + + if tc-is-cross-compiler; then + ewarn "USE=secureboot is not supported when cross-compiling." + ewarn "No standalone EFI executable will be built." + return 1 + fi + + local standalone_targets + + case ${CTARGET:-${CHOST}} in + i?86* | x86_64*) + use grub_platforms_efi-32 && standalone_targets+=( i386-efi ) + use grub_platforms_efi-64 && standalone_targets+=( x86_64-efi ) + ;; + arm* | aarch64*) + use grub_platforms_efi-32 && standalone_targets+=( arm-efi ) + use grub_platforms_efi-64 && standalone_targets+=( arm64-efi ) + ;; + riscv*) + use grub_platforms_efi-32 && standalone_targets+=( riscv32-efi ) + use grub_platforms_efi-64 && standalone_targets+=( riscv64-efi ) + ;; + ia64*) + use grub_platforms_efi-64 && standalone_targets+=( ia64-efi ) + ;; + loongarch64*) + use grub_platforms_efi-64 && standalone_targets+=( loongarch64-efi ) + ;; + esac + + if [[ ${#standalone_targets[@]} -eq 0 ]]; then + ewarn "USE=secureboot is enabled, but no suitable EFI target in GRUB_PLATFORMS." + ewarn "No standalone EFI executable will be built." + return 1 + fi + + local target mkstandalone_args + + # grub-mkstandalone embeds a config file, make this config file chainload + # a config file in the same directory grub is installed in. This requires + # pre-loading the part_gpt and part_msdos modules. + echo 'configfile ${cmdpath}/grub.cfg' > "${T}/grub.cfg" || die + for target in "${standalone_targets[@]}"; do + ebegin "Building standalone EFI executable for ${target}" + mkstandalone_args=( + --verbose + --directory="${ED}/usr/lib/grub/${target}" + --locale-directory="${ED}/usr/share/locale" + --format="${target}" + --modules="part_gpt part_msdos" + --sbat="${ED}/usr/share/grub/sbat.csv" + --output="${ED}/usr/lib/grub/grub-${target%-efi}.efi" + "boot/grub/grub.cfg=${T}/grub.cfg" + ) + + "${ED}/usr/bin/grub-mkstandalone" "${mkstandalone_args[@]}" + eend ${?} || die "grub-mkstandalone failed to build EFI executable" + done + + secureboot_auto_sign +} + +src_install() { + grub_do emake install DESTDIR="${D}" bashcompletiondir="$(get_bashcompdir)" + use doc && grub_do_once emake -C docs install-html DESTDIR="${D}" + + einstalldocs + + insinto /etc/default + newins "${FILESDIR}"/grub.default-4 grub + + # https://bugs.gentoo.org/231935 + dostrip -x /usr/lib/grub + + sed -e "s/%PV%/${PV}/" "${FILESDIR}/sbat.csv" > "${T}/sbat.csv" || die + insinto /usr/share/grub + doins "${T}/sbat.csv" + + if use elibc_musl; then + # https://bugs.gentoo.org/900348 + QA_CONFIG_IMPL_DECL_SKIP=( re_{compile_pattern,match,search,set_syntax} ) + fi + + grub_mkstandalone_secureboot +} + +pkg_postinst() { + elog "For information on how to configure GRUB2 please refer to the guide:" + elog " https://wiki.gentoo.org/wiki/GRUB2_Quick_Start" + + if [[ -n ${REPLACING_VERSIONS} ]]; then + local v + for v in ${REPLACING_VERSIONS}; do + if ver_test -gt ${v}; then + ewarn + ewarn "Re-run grub-install to update installed boot code!" + ewarn "Re-run grub-mkconfig to update grub.cfg!" + ewarn + break + fi + done + else + elog + optfeature "detecting other operating systems (grub-mkconfig)" sys-boot/os-prober + optfeature "creating rescue media (grub-mkrescue)" dev-libs/libisoburn sys-fs/mtools + optfeature "enabling RAID device detection" sys-fs/mdadm + optfeature "automatically updating GRUB's configuration on each kernel installation" "sys-kernel/installkernel[grub]" + fi + + if has_version 'sys-boot/grub:0'; then + elog "A migration guide for GRUB Legacy users is available:" + elog " https://wiki.gentoo.org/wiki/GRUB2_Migration" + fi + + if has_version sys-boot/os-prober; then + ewarn "Due to security concerns, os-prober is disabled by default." + ewarn "Set GRUB_DISABLE_OS_PROBER=false in /etc/default/grub to enable it." + fi + + if use secureboot; then + elog + elog "The signed standalone grub EFI executable(s) are available in:" + elog " /usr/lib/grub/grub-.efi(.signed)" + elog "These EFI executables should be copied to the usual location at:" + elog " ESP/EFI/Gentoo/grub.efi" + elog "Note that 'grub-install' does not install these images." + elog + elog "These standalone grub executables read the grub config file from" + elog "the grub.cfg in the same directory instead of the default" + elog "/boot/grub/grub.cfg. When sys-kernel/installkernel[grub] is used," + elog "the location of the grub.cfg may be overridden by setting the" + elog "GRUB_CFG environment variable:" + elog " GRUB_CFG=ESP/EFI/Gentoo/grub.cfg" + elog + fi +} diff --git a/sdk_container/src/third_party/portage-stable/sys-boot/grub/grub-9999.ebuild b/sdk_container/src/third_party/portage-stable/sys-boot/grub/grub-9999.ebuild new file mode 100644 index 00000000000..31db1cdb8e2 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-boot/grub/grub-9999.ebuild @@ -0,0 +1,432 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +# This ebuild uses 3 special global variables: +# GRUB_BOOTSTRAP: Depend on python and invoke bootstrap (gnulib). +# GRUB_AUTOGEN: Depend on python and invoke autogen.sh. +# GRUB_AUTORECONF: Inherit autotools and invoke eautoreconf. +# +# When applying patches: +# If gnulib is updated, set GRUB_BOOTSTRAP=1 +# If gentpl.py or *.def is updated, set GRUB_AUTOGEN=1 +# If gnulib, gentpl.py, *.def, or any autotools files are updated, set GRUB_AUTORECONF=1 +# +# If any of the above applies to a user patch, the user should set the +# corresponding variable in make.conf or the environment. + +if [[ ${PV} == 9999 ]]; then + GRUB_AUTORECONF=1 + GRUB_BOOTSTRAP=1 +fi + +PYTHON_COMPAT=( python3_{10..12} ) +WANT_LIBTOOL=none +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/dkiper.gpg + +if [[ -n ${GRUB_AUTORECONF} ]]; then + inherit autotools +fi + +inherit bash-completion-r1 flag-o-matic multibuild optfeature python-any-r1 +inherit secureboot toolchain-funcs + +DESCRIPTION="GNU GRUB boot loader" +HOMEPAGE="https://www.gnu.org/software/grub/" + +MY_P=${P} +if [[ ${PV} != 9999 ]]; then + inherit verify-sig + + if [[ ${PV} == *_alpha* || ${PV} == *_beta* || ${PV} == *_rc* ]]; then + # The quote style is to work with <=bash-4.2 and >=bash-4.3 #503860 + MY_P=${P/_/'~'} + SRC_URI=" + https://alpha.gnu.org/gnu/${PN}/${MY_P}.tar.xz + verify-sig? ( https://alpha.gnu.org/gnu/${PN}/${MY_P}.tar.xz.sig ) + " + S=${WORKDIR}/${MY_P} + else + SRC_URI=" + mirror://gnu/${PN}/${P}.tar.xz + verify-sig? ( mirror://gnu/${PN}/${P}.tar.xz.sig ) + " + S=${WORKDIR}/${P%_*} + fi + BDEPEND="verify-sig? ( sec-keys/openpgp-keys-danielkiper )" + KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86" +else + inherit git-r3 + EGIT_REPO_URI="https://git.savannah.gnu.org/git/grub.git" +fi + +PATCHES=( + "${FILESDIR}"/gfxpayload.patch + "${FILESDIR}"/grub-2.02_beta2-KERNEL_GLOBS.patch + "${FILESDIR}"/grub-2.06-test-words.patch +) + +DEJAVU=dejavu-sans-ttf-2.37 +UNIFONT=unifont-15.0.06 +SRC_URI+=" fonts? ( mirror://gnu/unifont/${UNIFONT}/${UNIFONT}.pcf.gz ) + themes? ( https://downloads.sourceforge.net/dejavu/${DEJAVU}.zip )" + +# Includes licenses for dejavu and unifont +LICENSE="GPL-3+ BSD MIT fonts? ( GPL-2-with-font-exception ) themes? ( CC-BY-SA-3.0 BitstreamVera )" +SLOT="2/${PVR}" +IUSE="device-mapper doc efiemu +fonts mount nls sdl test +themes truetype libzfs" + +GRUB_ALL_PLATFORMS=( coreboot efi-32 efi-64 emu ieee1275 loongson multiboot + qemu qemu-mips pc uboot xen xen-32 xen-pvh ) +IUSE+=" ${GRUB_ALL_PLATFORMS[@]/#/grub_platforms_}" + +REQUIRED_USE=" + grub_platforms_coreboot? ( fonts ) + grub_platforms_qemu? ( fonts ) + grub_platforms_ieee1275? ( fonts ) + grub_platforms_loongson? ( fonts ) +" + +BDEPEND+=" + ${PYTHON_DEPS} + >=sys-devel/flex-2.5.35 + sys-devel/bison + sys-apps/help2man + sys-apps/texinfo + fonts? ( + media-libs/freetype:2 + virtual/pkgconfig + ) + test? ( + app-admin/genromfs + app-alternatives/cpio + app-arch/lzop + app-emulation/qemu + dev-libs/libisoburn + sys-apps/miscfiles + sys-block/parted + sys-fs/squashfs-tools + ) + themes? ( + app-arch/unzip + media-libs/freetype:2 + virtual/pkgconfig + ) + truetype? ( virtual/pkgconfig ) +" +DEPEND=" + app-arch/xz-utils + >=sys-libs/ncurses-5.2-r5:0= + grub_platforms_emu? ( + sdl? ( media-libs/libsdl2 ) + ) + device-mapper? ( >=sys-fs/lvm2-2.02.45 ) + libzfs? ( sys-fs/zfs:= ) + mount? ( sys-fs/fuse:3 ) + truetype? ( media-libs/freetype:2= ) + ppc? ( >=sys-apps/ibm-powerpc-utils-1.3.5 ) + ppc64? ( >=sys-apps/ibm-powerpc-utils-1.3.5 ) +" +RDEPEND="${DEPEND} + kernel_linux? ( + grub_platforms_efi-32? ( sys-boot/efibootmgr ) + grub_platforms_efi-64? ( sys-boot/efibootmgr ) + ) + !sys-boot/grub:0 + nls? ( sys-devel/gettext ) +" + +RESTRICT="!test? ( test ) test? ( userpriv )" + +QA_EXECSTACK="usr/bin/grub-emu* usr/lib/grub/*" +QA_PRESTRIPPED="usr/lib/grub/.*" +QA_MULTILIB_PATHS="usr/lib/grub/.*" +QA_WX_LOAD="usr/lib/grub/*" + +pkg_setup() { + : +} + +src_unpack() { + if [[ ${PV} == 9999 ]]; then + git-r3_src_unpack + pushd "${P}" >/dev/null || die + local GNULIB_URI="https://git.savannah.gnu.org/git/gnulib.git" + local GNULIB_REVISION=$(source bootstrap.conf >/dev/null; echo "${GNULIB_REVISION}") + git-r3_fetch "${GNULIB_URI}" "${GNULIB_REVISION}" + git-r3_checkout "${GNULIB_URI}" gnulib + popd >/dev/null || die + elif use verify-sig; then + verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.xz{,.sig} + fi + default +} + +src_prepare() { + default + + python_setup + + if [[ -n ${GRUB_BOOTSTRAP} ]]; then + eautopoint --force + AUTOPOINT=: AUTORECONF=: ./bootstrap || die + elif [[ -n ${GRUB_AUTOGEN} ]]; then + FROM_BOOTSTRAP=1 ./autogen.sh || die + fi + + if [[ -n ${GRUB_AUTORECONF} ]]; then + eautoreconf + fi +} + +grub_do() { + multibuild_foreach_variant run_in_build_dir "$@" +} + +grub_do_once() { + multibuild_for_best_variant run_in_build_dir "$@" +} + +grub_configure() { + local platform + + case ${MULTIBUILD_VARIANT} in + efi*) platform=efi ;; + xen-pvh) platform=xen_pvh ;; + xen*) platform=xen ;; + guessed) ;; + *) platform=${MULTIBUILD_VARIANT} ;; + esac + + case ${MULTIBUILD_VARIANT} in + *-32) + if [[ ${CTARGET:-${CHOST}} == x86_64* ]]; then + local CTARGET=i386 + fi ;; + *-64) + if [[ ${CTARGET:-${CHOST}} == i?86* ]]; then + local CTARGET=x86_64 + local -x TARGET_CFLAGS="-Os -march=x86-64 ${TARGET_CFLAGS}" + local -x TARGET_CPPFLAGS="-march=x86-64 ${TARGET_CPPFLAGS}" + fi ;; + esac + + local myeconfargs=( + --disable-werror + --program-prefix= + --libdir="${EPREFIX}"/usr/lib + $(use_enable device-mapper) + $(use_enable mount grub-mount) + $(use_enable nls) + $(use_enable themes grub-themes) + $(use_enable truetype grub-mkfont) + $(use_enable libzfs) + --enable-grub-emu-sdl=no + $(use_enable sdl grub-emu-sdl2) + ${platform:+--with-platform=}${platform} + + # Let configure detect this where supported + $(usex efiemu '' '--disable-efiemu') + ) + + if use fonts; then + ln -rs "${WORKDIR}/${UNIFONT}.pcf" unifont.pcf || die + fi + + if use themes; then + ln -rs "${WORKDIR}/${DEJAVU}/ttf/DejaVuSans.ttf" DejaVuSans.ttf || die + fi + + local ECONF_SOURCE="${S}" + econf "${myeconfargs[@]}" +} + +src_configure() { + # Bug 508758. + replace-flags -O3 -O2 + + # Workaround for bug 829165. + filter-ldflags -pie + + # We don't want to leak flags onto boot code. + export HOST_CCASFLAGS=${CCASFLAGS} + export HOST_CFLAGS=${CFLAGS} + export HOST_CPPFLAGS=${CPPFLAGS} + export HOST_LDFLAGS=${LDFLAGS} + unset CCASFLAGS CFLAGS CPPFLAGS LDFLAGS + + tc-ld-disable-gold #439082 #466536 #526348 + export TARGET_LDFLAGS="${TARGET_LDFLAGS} ${LDFLAGS}" + unset LDFLAGS + + tc-export CC NM OBJCOPY RANLIB STRIP + tc-export BUILD_CC BUILD_PKG_CONFIG + + # Force configure to use flex & bison, bug 887211. + export LEX=flex + unset YACC + + MULTIBUILD_VARIANTS=() + local p + for p in "${GRUB_ALL_PLATFORMS[@]}"; do + use "grub_platforms_${p}" && MULTIBUILD_VARIANTS+=( "${p}" ) + done + [[ ${#MULTIBUILD_VARIANTS[@]} -eq 0 ]] && MULTIBUILD_VARIANTS=( guessed ) + grub_do grub_configure +} + +src_compile() { + # Sandbox bug 404013. + use libzfs && { addpredict /etc/dfs; addpredict /dev/zfs; } + + grub_do emake + use doc && grub_do_once emake -C docs html +} + +src_test() { + # The qemu dependency is a bit complex. + # You will need to adjust QEMU_SOFTMMU_TARGETS to match the cpu/platform. + local SANDBOX_WRITE=${SANDBOX_WRITE} + addwrite /dev + grub_do emake -j1 check +} + +grub_mkstandalone_secureboot() { + use secureboot || return + + if tc-is-cross-compiler; then + ewarn "USE=secureboot is not supported when cross-compiling." + ewarn "No standalone EFI executable will be built." + return 1 + fi + + local standalone_targets + + case ${CTARGET:-${CHOST}} in + i?86* | x86_64*) + use grub_platforms_efi-32 && standalone_targets+=( i386-efi ) + use grub_platforms_efi-64 && standalone_targets+=( x86_64-efi ) + ;; + arm* | aarch64*) + use grub_platforms_efi-32 && standalone_targets+=( arm-efi ) + use grub_platforms_efi-64 && standalone_targets+=( arm64-efi ) + ;; + riscv*) + use grub_platforms_efi-32 && standalone_targets+=( riscv32-efi ) + use grub_platforms_efi-64 && standalone_targets+=( riscv64-efi ) + ;; + ia64*) + use grub_platforms_efi-64 && standalone_targets+=( ia64-efi ) + ;; + loongarch64*) + use grub_platforms_efi-64 && standalone_targets+=( loongarch64-efi ) + ;; + esac + + if [[ ${#standalone_targets[@]} -eq 0 ]]; then + ewarn "USE=secureboot is enabled, but no suitable EFI target in GRUB_PLATFORMS." + ewarn "No standalone EFI executable will be built." + return 1 + fi + + local target mkstandalone_args + + # grub-mkstandalone embeds a config file, make this config file chainload + # a config file in the same directory grub is installed in. This requires + # pre-loading the part_gpt and part_msdos modules. + echo 'configfile ${cmdpath}/grub.cfg' > "${T}/grub.cfg" || die + for target in "${standalone_targets[@]}"; do + ebegin "Building standalone EFI executable for ${target}" + mkstandalone_args=( + --verbose + --directory="${ED}/usr/lib/grub/${target}" + --locale-directory="${ED}/usr/share/locale" + --format="${target}" + --modules="part_gpt part_msdos" + --sbat="${ED}/usr/share/grub/sbat.csv" + --output="${ED}/usr/lib/grub/grub-${target%-efi}.efi" + "boot/grub/grub.cfg=${T}/grub.cfg" + ) + + "${ED}/usr/bin/grub-mkstandalone" "${mkstandalone_args[@]}" + eend ${?} || die "grub-mkstandalone failed to build EFI executable" + done + + secureboot_auto_sign +} + +src_install() { + grub_do emake install DESTDIR="${D}" bashcompletiondir="$(get_bashcompdir)" + use doc && grub_do_once emake -C docs install-html DESTDIR="${D}" + + einstalldocs + + insinto /etc/default + newins "${FILESDIR}"/grub.default-4 grub + + # https://bugs.gentoo.org/231935 + dostrip -x /usr/lib/grub + + sed -e "s/%PV%/${PV}/" "${FILESDIR}/sbat.csv" > "${T}/sbat.csv" || die + insinto /usr/share/grub + doins "${T}/sbat.csv" + + if use elibc_musl; then + # https://bugs.gentoo.org/900348 + QA_CONFIG_IMPL_DECL_SKIP=( re_{compile_pattern,match,search,set_syntax} ) + fi + + grub_mkstandalone_secureboot +} + +pkg_postinst() { + elog "For information on how to configure GRUB2 please refer to the guide:" + elog " https://wiki.gentoo.org/wiki/GRUB2_Quick_Start" + + if [[ -n ${REPLACING_VERSIONS} ]]; then + local v + for v in ${REPLACING_VERSIONS}; do + if ver_test -gt ${v}; then + ewarn + ewarn "Re-run grub-install to update installed boot code!" + ewarn "Re-run grub-mkconfig to update grub.cfg!" + ewarn + break + fi + done + else + elog + optfeature "detecting other operating systems (grub-mkconfig)" sys-boot/os-prober + optfeature "creating rescue media (grub-mkrescue)" dev-libs/libisoburn sys-fs/mtools + optfeature "enabling RAID device detection" sys-fs/mdadm + optfeature "automatically updating GRUB's configuration on each kernel installation" "sys-kernel/installkernel[grub]" + fi + + if has_version 'sys-boot/grub:0'; then + elog "A migration guide for GRUB Legacy users is available:" + elog " https://wiki.gentoo.org/wiki/GRUB2_Migration" + fi + + if has_version sys-boot/os-prober; then + ewarn "Due to security concerns, os-prober is disabled by default." + ewarn "Set GRUB_DISABLE_OS_PROBER=false in /etc/default/grub to enable it." + fi + + if use secureboot; then + elog + elog "The signed standalone grub EFI executable(s) are available in:" + elog " /usr/lib/grub/grub-.efi(.signed)" + elog "These EFI executables should be copied to the usual location at:" + elog " ESP/EFI/Gentoo/grub.efi" + elog "Note that 'grub-install' does not install these images." + elog + elog "These standalone grub executables read the grub config file from" + elog "the grub.cfg in the same directory instead of the default" + elog "/boot/grub/grub.cfg. When sys-kernel/installkernel[grub] is used," + elog "the location of the grub.cfg may be overridden by setting the" + elog "GRUB_CFG environment variable:" + elog " GRUB_CFG=ESP/EFI/Gentoo/grub.cfg" + elog + fi +} diff --git a/sdk_container/src/third_party/coreos-overlay/sys-boot/grub/metadata.xml b/sdk_container/src/third_party/portage-stable/sys-boot/grub/metadata.xml similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-boot/grub/metadata.xml rename to sdk_container/src/third_party/portage-stable/sys-boot/grub/metadata.xml