[gentoo-commits] repo/gentoo:master commit in: sys-boot/grub/, sys-boot/grub/files/ - gentoo-commits

From:	Mike Gilbert <floppym@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: sys-boot/grub/, sys-boot/grub/files/
Date:	Sun, 01 Apr 2018 18:18:24
Message-Id:	`1522606694.4ce63f8b85aa62e485eaebc34b36024f80866106.floppym@gentoo`

1

commit:     4ce63f8b85aa62e485eaebc34b36024f80866106

2

Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>

3

AuthorDate: Sun Apr  1 18:17:04 2018 +0000

4

Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>

5

CommitDate: Sun Apr  1 18:18:14 2018 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4ce63f8b

7

8

sys-boot/grub: backport early microcode patch

9

10

Closes: https://bugs.gentoo.org/645088

11

Package-Manager: Portage-2.3.24, Repoman-2.3.6_p81

12

13

 .../grub/files/2.02-multiple-early-initrd.patch    | 177 ++++++++++++

14

 sys-boot/grub/grub-2.02-r1.ebuild                  | 299 +++++++++++++++++++++

15

 2 files changed, 476 insertions(+)

16

17

diff --git a/sys-boot/grub/files/2.02-multiple-early-initrd.patch b/sys-boot/grub/files/2.02-multiple-early-initrd.patch

18

new file mode 100644

19

index 00000000000..74b576f8b00

20

--- /dev/null

21

+++ b/sys-boot/grub/files/2.02-multiple-early-initrd.patch

22

@@ -0,0 +1,177 @@

23

+From a698240df0c43278b2d1d7259c8e7a6926c63112 Mon Sep 17 00:00:00 2001

24

+From: "Matthew S. Turnbull" <sparky@××××××××××××××.com>

25

+Date: Sat, 24 Feb 2018 17:44:58 -0500

26

+Subject: grub-mkconfig/10_linux: Support multiple early initrd images

27

+

28

+Add support for multiple, shared, early initrd images. These early

29

+images will be loaded in the order declared, and all will be loaded

30

+before the initrd image.

31

+

32

+While many classes of data can be provided by early images, the

33

+immediate use case would be for distributions to provide CPU

34

+microcode to mitigate the Meltdown and Spectre vulnerabilities.

35

+

36

+There are two environment variables provided for declaring the early

37

+images.

38

+

39

+* GRUB_EARLY_INITRD_LINUX_STOCK is for the distribution declare

40

+  images that are provided by the distribution or installed packages.

41

+  If undeclared, this will default to a set of common microcode image

42

+  names.

43

+

44

+* GRUB_EARLY_INITRD_LINUX_CUSTOM is for user created images. User

45

+  images will be loaded after the stock images.

46

+

47

+These separate configurations allow the distribution and user to

48

+declare different image sets without clobbering each other.

49

+

50

+This also makes a minor update to ensure that UUID partition labels

51

+stay disabled when no initrd image is found, even if early images are

52

+present.

53

+

54

+This is a continuation of a previous patch published by Christian

55

+Hesse in 2016:

56

+http://lists.gnu.org/archive/html/grub-devel/2016-02/msg00025.html

57

+

58

+Down stream Gentoo bug:

59

+https://bugs.gentoo.org/645088

60

+

61

+Signed-off-by: Robin H. Johnson <robbat2@g.o>

62

+Signed-off-by: Matthew S. Turnbull <sparky@××××××××××××××.com>

63

+Reviewed-by: Daniel Kiper <daniel.kiper@××××××.com>

64

+---

65

+ docs/grub.texi          | 19 +++++++++++++++++++

66

+ util/grub-mkconfig.in   |  8 ++++++++

67

+ util/grub.d/10_linux.in | 33 +++++++++++++++++++++++++++------

68

+ 3 files changed, 54 insertions(+), 6 deletions(-)

69

+

70

+diff --git a/docs/grub.texi b/docs/grub.texi

71

+index 137b894..65b4bbe 100644

72

+--- a/docs/grub.texi

73

++++ b/docs/grub.texi

74

+@@ -1398,6 +1398,25 @@ for all respectively normal entries.

75

+ The values of these options replace the values of @samp{GRUB_CMDLINE_LINUX}

76

+ and @samp{GRUB_CMDLINE_LINUX_DEFAULT} for Linux and Xen menu entries.

77

+

78

++@item GRUB_EARLY_INITRD_LINUX_CUSTOM

79

++@itemx GRUB_EARLY_INITRD_LINUX_STOCK

80

++List of space-separated early initrd images to be loaded from @samp{/boot}.

81

++This is for loading things like CPU microcode, firmware, ACPI tables, crypto

82

++keys, and so on. These early images will be loaded in the order declared,

83

++and all will be loaded before the actual functional initrd image.

84

++

85

++@samp{GRUB_EARLY_INITRD_LINUX_STOCK} is for your distribution to declare

86

++images that are provided by the distribution. It should not be modified

87

++without understanding the consequences. They will be loaded first.

88

++

89

++@samp{GRUB_EARLY_INITRD_LINUX_CUSTOM} is for your custom created images.

90

++

91

++The default stock images are as follows, though they may be overridden by

92

++your distribution:

93

++@example

94

++intel-uc.img intel-ucode.img amd-uc.img amd-ucode.img early_ucode.cpio microcode.cpio

95

++@end example

96

++

97

+ @item GRUB_DISABLE_LINUX_UUID

98

+ Normally, @command{grub-mkconfig} will generate menu entries that use

99

+ universally-unique identifiers (UUIDs) to identify the root filesystem to

100

+diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in

101

+index f8496d2..35ef583 100644

102

+--- a/util/grub-mkconfig.in

103

++++ b/util/grub-mkconfig.in

104

+@@ -147,6 +147,12 @@ if [ x"$GRUB_FS" = xunknown ]; then

105

+     GRUB_FS="$(stat -f --printf=%T / || echo unknown)"

106

+ fi

107

+

108

++# Provide a default set of stock linux early initrd images.

109

++# Define here so the list can be modified in the sourced config file.

110

++if [ "x${GRUB_EARLY_INITRD_LINUX_STOCK}" = "x" ]; then

111

++	GRUB_EARLY_INITRD_LINUX_STOCK="intel-uc.img intel-ucode.img amd-uc.img amd-ucode.img early_ucode.cpio microcode.cpio"

112

++fi

113

++

114

+ if test -f ${sysconfdir}/default/grub ; then

115

+   . ${sysconfdir}/default/grub

116

+ fi

117

+@@ -211,6 +217,8 @@ export GRUB_DEFAULT \

118

+   GRUB_CMDLINE_NETBSD \

119

+   GRUB_CMDLINE_NETBSD_DEFAULT \

120

+   GRUB_CMDLINE_GNUMACH \

121

++  GRUB_EARLY_INITRD_LINUX_CUSTOM \

122

++  GRUB_EARLY_INITRD_LINUX_STOCK \

123

+   GRUB_TERMINAL_INPUT \

124

+   GRUB_TERMINAL_OUTPUT \

125

+   GRUB_SERIAL_COMMAND \

126

+diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in

127

+index de9044c..faedf74 100644

128

+--- a/util/grub.d/10_linux.in

129

++++ b/util/grub.d/10_linux.in

130

+@@ -136,9 +136,13 @@ EOF

131

+   if test -n "${initrd}" ; then

132

+     # TRANSLATORS: ramdisk isn't identifier. Should be translated.

133

+     message="$(gettext_printf "Loading initial ramdisk ...")"

134

++    initrd_path=

135

++    for i in ${initrd}; do

136

++      initrd_path="${initrd_path} ${rel_dirname}/${i}"

137

++    done

138

+     sed "s/^/$submenu_indentation/" << EOF

139

+ 	echo	'$(echo "$message" | grub_quote)'

140

+-	initrd	${rel_dirname}/${initrd}

141

++	initrd	$(echo $initrd_path)

142

+ EOF

143

+   fi

144

+   sed "s/^/$submenu_indentation/" << EOF

145

+@@ -188,7 +192,15 @@ while [ "x$list" != "x" ] ; do

146

+   alt_version=`echo $version | sed -e "s,\.old$,,g"`

147

+   linux_root_device_thisversion="${LINUX_ROOT_DEVICE}"

148

+

149

+-  initrd=

150

++  initrd_early=

151

++  for i in ${GRUB_EARLY_INITRD_LINUX_STOCK} \

152

++	   ${GRUB_EARLY_INITRD_LINUX_CUSTOM}; do

153

++    if test -e "${dirname}/${i}" ; then

154

++      initrd_early="${initrd_early} ${i}"

155

++    fi

156

++  done

157

++

158

++  initrd_real=

159

+   for i in "initrd.img-${version}" "initrd-${version}.img" "initrd-${version}.gz" \

160

+ 	   "initrd-${version}" "initramfs-${version}.img" \

161

+ 	   "initrd.img-${alt_version}" "initrd-${alt_version}.img" \

162

+@@ -198,11 +210,22 @@ while [ "x$list" != "x" ] ; do

163

+ 	   "initramfs-genkernel-${GENKERNEL_ARCH}-${version}" \

164

+ 	   "initramfs-genkernel-${GENKERNEL_ARCH}-${alt_version}"; do

165

+     if test -e "${dirname}/${i}" ; then

166

+-      initrd="$i"

167

++      initrd_real="${i}"

168

+       break

169

+     fi

170

+   done

171

+

172

++  initrd=

173

++  if test -n "${initrd_early}" || test -n "${initrd_real}"; then

174

++    initrd="${initrd_early} ${initrd_real}"

175

++

176

++    initrd_display=

177

++    for i in ${initrd}; do

178

++      initrd_display="${initrd_display} ${dirname}/${i}"

179

++    done

180

++    gettext_printf "Found initrd image: %s\n" "$(echo $initrd_display)" >&2

181

++  fi

182

++

183

+   config=

184

+   for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do

185

+     if test -e "${i}" ; then

186

+@@ -216,9 +239,7 @@ while [ "x$list" != "x" ] ; do

187

+       initramfs=`grep CONFIG_INITRAMFS_SOURCE= "${config}" | cut -f2 -d= | tr -d \"`

188

+   fi

189

+

190

+-  if test -n "${initrd}" ; then

191

+-    gettext_printf "Found initrd image: %s\n" "${dirname}/${initrd}" >&2

192

+-  elif test -z "${initramfs}" ; then

193

++  if test -z "${initramfs}" && test -z "${initrd_real}" ; then

194

+     # "UUID=" and "ZFS=" magic is parsed by initrd or initramfs.  Since there's

195

+     # no initrd or builtin initramfs, it can't work here.

196

+     linux_root_device_thisversion=${GRUB_DEVICE}

197

+--

198

+cgit v1.0-41-gc330

199

+

200

201

diff --git a/sys-boot/grub/grub-2.02-r1.ebuild b/sys-boot/grub/grub-2.02-r1.ebuild

202

new file mode 100644

203

index 00000000000..7b3b5251bc1

204

--- /dev/null

205

+++ b/sys-boot/grub/grub-2.02-r1.ebuild

206

@@ -0,0 +1,299 @@

207

+# Copyright 1999-2018 Gentoo Foundation

208

+# Distributed under the terms of the GNU General Public License v2

209

+

210

+EAPI=6

211

+

212

+if [[ ${PV} == 9999  ]]; then

213

+	GRUB_AUTOGEN=1

214

+fi

215

+

216

+if [[ -n ${GRUB_AUTOGEN} ]]; then

217

+	PYTHON_COMPAT=( python{2_7,3_3,3_4,3_5} )

218

+	WANT_LIBTOOL=none

219

+	inherit autotools python-any-r1

220

+fi

221

+

222

+inherit autotools bash-completion-r1 flag-o-matic multibuild pax-utils toolchain-funcs versionator

223

+

224

+if [[ ${PV} != 9999 ]]; then

225

+	if [[ ${PV} == *_alpha* || ${PV} == *_beta* || ${PV} == *_rc* ]]; then

226

+		# The quote style is to work with <=bash-4.2 and >=bash-4.3 #503860

227

+		MY_P=${P/_/'~'}

228

+		SRC_URI="mirror://gnu-alpha/${PN}/${MY_P}.tar.xz"

229

+		S=${WORKDIR}/${MY_P}

230

+	else

231

+		SRC_URI="mirror://gnu/${PN}/${P}.tar.xz"

232

+		S=${WORKDIR}/${P%_*}

233

+	fi

234

+	KEYWORDS="~amd64 ~arm64 ~x86"

235

+else

236

+	inherit git-r3

237

+	EGIT_REPO_URI="git://git.sv.gnu.org/grub.git

238

+		http://git.savannah.gnu.org/r/grub.git"

239

+fi

240

+

241

+PATCHES=(

242

+	"${FILESDIR}"/gfxpayload.patch

243

+	"${FILESDIR}"/grub-2.02_beta2-KERNEL_GLOBS.patch

244

+	"${FILESDIR}"/2.02-multiple-early-initrd.patch

245

+)

246

+

247

+DEJAVU=dejavu-sans-ttf-2.37

248

+UNIFONT=unifont-9.0.06

249

+SRC_URI+=" fonts? ( mirror://gnu/unifont/${UNIFONT}/${UNIFONT}.pcf.gz )

250

+	themes? ( mirror://sourceforge/dejavu/${DEJAVU}.zip )"

251

+

252

+DESCRIPTION="GNU GRUB boot loader"

253

+HOMEPAGE="https://www.gnu.org/software/grub/"

254

+

255

+# Includes licenses for dejavu and unifont

256

+LICENSE="GPL-3 fonts? ( GPL-2-with-font-exception ) themes? ( BitstreamVera )"

257

+SLOT="2/${PVR}"

258

+IUSE="debug device-mapper doc efiemu +fonts mount multislot nls static sdl test +themes truetype libzfs"

259

+

260

+GRUB_ALL_PLATFORMS=( coreboot efi-32 efi-64 emu ieee1275 loongson multiboot qemu qemu-mips pc uboot xen xen-32 )

261

+IUSE+=" ${GRUB_ALL_PLATFORMS[@]/#/grub_platforms_}"

262

+

263

+REQUIRED_USE="

264

+	grub_platforms_coreboot? ( fonts )

265

+	grub_platforms_qemu? ( fonts )

266

+	grub_platforms_ieee1275? ( fonts )

267

+	grub_platforms_loongson? ( fonts )

268

+"

269

+

270

+# os-prober: Used on runtime to detect other OSes

271

+# xorriso (dev-libs/libisoburn): Used on runtime for mkrescue

272

+RDEPEND="

273

+	app-arch/xz-utils

274

+	>=sys-libs/ncurses-5.2-r5:0=

275

+	debug? (

276

+		sdl? ( media-libs/libsdl )

277

+	)

278

+	device-mapper? ( >=sys-fs/lvm2-2.02.45 )

279

+	libzfs? ( sys-fs/zfs )

280

+	mount? ( sys-fs/fuse )

281

+	truetype? ( media-libs/freetype:2= )

282

+	ppc? ( sys-apps/ibm-powerpc-utils sys-apps/powerpc-utils )

283

+	ppc64? ( sys-apps/ibm-powerpc-utils sys-apps/powerpc-utils )

284

+"

285

+DEPEND="${RDEPEND}

286

+	${PYTHON_DEPS}

287

+	app-misc/pax-utils

288

+	sys-devel/flex

289

+	sys-devel/bison

290

+	sys-apps/help2man

291

+	sys-apps/texinfo

292

+	fonts? ( media-libs/freetype:2 )

293

+	grub_platforms_xen? ( app-emulation/xen-tools:= )

294

+	grub_platforms_xen-32? ( app-emulation/xen-tools:= )

295

+	static? (

296

+		app-arch/xz-utils[static-libs(+)]

297

+		truetype? (

298

+			app-arch/bzip2[static-libs(+)]

299

+			media-libs/freetype[static-libs(+)]

300

+			sys-libs/zlib[static-libs(+)]

301

+		)

302

+	)

303

+	test? (

304

+		app-admin/genromfs

305

+		app-arch/cpio

306

+		app-arch/lzop

307

+		app-emulation/qemu

308

+		dev-libs/libisoburn

309

+		sys-apps/miscfiles

310

+		sys-block/parted

311

+		sys-fs/squashfs-tools

312

+	)

313

+	themes? (

314

+		app-arch/unzip

315

+		media-libs/freetype:2

316

+	)

317

+"

318

+RDEPEND+="

319

+	kernel_linux? (

320

+		grub_platforms_efi-32? ( sys-boot/efibootmgr )

321

+		grub_platforms_efi-64? ( sys-boot/efibootmgr )

322

+	)

323

+	!multislot? ( !sys-boot/grub:0 !sys-boot/grub-static )

324

+	nls? ( sys-devel/gettext )

325

+"

326

+

327

+DEPEND+=" !!=media-libs/freetype-2.5.4"

328

+

329

+RESTRICT="strip !test? ( test )"

330

+

331

+QA_EXECSTACK="usr/bin/grub*-emu* usr/lib/grub/*"

332

+QA_WX_LOAD="usr/lib/grub/*"

333

+QA_MULTILIB_PATHS="usr/lib/grub/.*"

334

+

335

+src_unpack() {

336

+	if [[ ${PV} == 9999 ]]; then

337

+		git-r3_src_unpack

338

+	fi

339

+	default

340

+}

341

+

342

+src_prepare() {

343

+	default

344

+

345

+	sed -i -e /autoreconf/d autogen.sh || die

346

+

347

+	if use multislot; then

348

+		# fix texinfo file name, bug 416035

349

+		sed -i -e 's/^\* GRUB:/* GRUB2:/' -e 's/(grub)/(grub2)/' docs/grub.texi || die

350

+	fi

351

+

352

+	# Nothing in Gentoo packages 'american-english' in the exact path

353

+	# wanted for the test, but all that is needed is a compressible text

354

+	# file, and we do have 'words' from miscfiles in the same path.

355

+	sed -i \

356

+		-e '/CFILESSRC.*=/s,american-english,words,' \

357

+		tests/util/grub-fs-tester.in \

358

+		|| die

359

+

360

+	if [[ -n ${GRUB_AUTOGEN} ]]; then

361

+		python_setup

362

+		bash autogen.sh || die

363

+		autopoint() { :; }

364

+		eautoreconf

365

+	fi

366

+}

367

+

368

+grub_do() {

369

+	multibuild_foreach_variant run_in_build_dir "$@"

370

+}

371

+

372

+grub_do_once() {

373

+	multibuild_for_best_variant run_in_build_dir "$@"

374

+}

375

+

376

+grub_configure() {

377

+	local platform

378

+

379

+	case ${MULTIBUILD_VARIANT} in

380

+		efi*) platform=efi ;;

381

+		xen*) platform=xen ;;

382

+		guessed) ;;

383

+		*) platform=${MULTIBUILD_VARIANT} ;;

384

+	esac

385

+

386

+	case ${MULTIBUILD_VARIANT} in

387

+		*-32)

388

+			if [[ ${CTARGET:-${CHOST}} == x86_64* ]]; then

389

+				local CTARGET=i386

390

+			fi ;;

391

+		*-64)

392

+			if [[ ${CTARGET:-${CHOST}} == i?86* ]]; then

393

+				local CTARGET=x86_64

394

+				local -x TARGET_CFLAGS="-Os -march=x86-64 ${TARGET_CFLAGS}"

395

+				local -x TARGET_CPPFLAGS="-march=x86-64 ${TARGET_CPPFLAGS}"

396

+			fi ;;

397

+	esac

398

+

399

+	local myeconfargs=(

400

+		--disable-werror

401

+		--program-prefix=

402

+		--libdir="${EPREFIX}"/usr/lib

403

+		--htmldir="${EPREFIX}"/usr/share/doc/${PF}/html

404

+		$(use_enable debug mm-debug)

405

+		$(use_enable device-mapper)

406

+		$(use_enable mount grub-mount)

407

+		$(use_enable nls)

408

+		$(use_enable themes grub-themes)

409

+		$(use_enable truetype grub-mkfont)

410

+		$(use_enable libzfs)

411

+		$(use sdl && use_enable debug grub-emu-sdl)

412

+		${platform:+--with-platform=}${platform}

413

+

414

+		# Let configure detect this where supported

415

+		$(usex efiemu '' '--disable-efiemu')

416

+	)

417

+

418

+	if use multislot; then

419

+		myeconfargs+=( --program-transform-name="s,grub,grub2," )

420

+	fi

421

+

422

+	# Set up font symlinks

423

+	ln -s "${WORKDIR}/${UNIFONT}.pcf" unifont.pcf || die

424

+	if use themes; then

425

+		ln -s "${WORKDIR}/${DEJAVU}/ttf/DejaVuSans.ttf" DejaVuSans.ttf || die

426

+	fi

427

+

428

+	local ECONF_SOURCE="${S}"

429

+	econf "${myeconfargs[@]}"

430

+}

431

+

432

+src_configure() {

433

+	# Bug 508758.

434

+	replace-flags -O3 -O2

435

+

436

+	# We don't want to leak flags onto boot code.

437

+	export HOST_CCASFLAGS=${CCASFLAGS}

438

+	export HOST_CFLAGS=${CFLAGS}

439

+	export HOST_CPPFLAGS=${CPPFLAGS}

440

+	export HOST_LDFLAGS=${LDFLAGS}

441

+	unset CCASFLAGS CFLAGS CPPFLAGS LDFLAGS

442

+

443

+	use static && HOST_LDFLAGS+=" -static"

444

+

445

+	tc-ld-disable-gold #439082 #466536 #526348

446

+	export TARGET_LDFLAGS="${TARGET_LDFLAGS} ${LDFLAGS}"

447

+	unset LDFLAGS

448

+

449

+	tc-export CC NM OBJCOPY RANLIB STRIP

450

+	tc-export BUILD_CC # Bug 485592

451

+

452

+	MULTIBUILD_VARIANTS=()

453

+	local p

454

+	for p in "${GRUB_ALL_PLATFORMS[@]}"; do

455

+		use "grub_platforms_${p}" && MULTIBUILD_VARIANTS+=( "${p}" )

456

+	done

457

+	[[ ${#MULTIBUILD_VARIANTS[@]} -eq 0 ]] && MULTIBUILD_VARIANTS=( guessed )

458

+	grub_do grub_configure

459

+}

460

+

461

+src_compile() {

462

+	# Sandbox bug 404013.

463

+	use libzfs && addpredict /etc/dfs:/dev/zfs

464

+

465

+	grub_do emake

466

+	use doc && grub_do_once emake -C docs html

467

+}

468

+

469

+src_test() {

470

+	# The qemu dependency is a bit complex.

471

+	# You will need to adjust QEMU_SOFTMMU_TARGETS to match the cpu/platform.

472

+	grub_do emake check

473

+}

474

+

475

+src_install() {

476

+	grub_do emake install DESTDIR="${D}" bashcompletiondir="$(get_bashcompdir)"

477

+	use doc && grub_do_once emake -C docs install-html DESTDIR="${D}"

478

+

479

+	einstalldocs

480

+

481

+	if use multislot; then

482

+		mv "${ED%/}"/usr/share/info/grub{,2}.info || die

483

+	fi

484

+

485

+	insinto /etc/default

486

+	newins "${FILESDIR}"/grub.default-3 grub

487

+}

488

+

489

+pkg_postinst() {

490

+	elog "For information on how to configure GRUB2 please refer to the guide:"

491

+	elog "    https://wiki.gentoo.org/wiki/GRUB2_Quick_Start"

492

+

493

+	if has_version 'sys-boot/grub:0'; then

494

+		elog "A migration guide for GRUB Legacy users is available:"

495

+		elog "    https://wiki.gentoo.org/wiki/GRUB2_Migration"

496

+	fi

497

+

498

+	if [[ -z ${REPLACING_VERSIONS} ]]; then

499

+		elog

500

+		elog "You may consider installing the following optional packages:"

501

+		optfeature "Detect other operating systems (grub-mkconfig)" sys-boot/os-prober

502

+		optfeature "Create rescue media (grub-mkrescue)" dev-libs/libisoburn

503

+		optfeature "Enable RAID device detection" sys-fs/mdadm

504

+	fi

505

+}

1	commit: 4ce63f8b85aa62e485eaebc34b36024f80866106
2	Author: Mike Gilbert <floppym <AT> gentoo <DOT> org>
3	AuthorDate: Sun Apr 1 18:17:04 2018 +0000
4	Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org>
5	CommitDate: Sun Apr 1 18:18:14 2018 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4ce63f8b
7
8	sys-boot/grub: backport early microcode patch
9
10	Closes: https://bugs.gentoo.org/645088
11	Package-Manager: Portage-2.3.24, Repoman-2.3.6_p81
12
13	.../grub/files/2.02-multiple-early-initrd.patch \| 177 ++++++++++++
14	sys-boot/grub/grub-2.02-r1.ebuild \| 299 +++++++++++++++++++++
15	2 files changed, 476 insertions(+)
16
17	diff --git a/sys-boot/grub/files/2.02-multiple-early-initrd.patch b/sys-boot/grub/files/2.02-multiple-early-initrd.patch
18	new file mode 100644
19	index 00000000000..74b576f8b00
20	--- /dev/null
21	+++ b/sys-boot/grub/files/2.02-multiple-early-initrd.patch
22	@@ -0,0 +1,177 @@
23	+From a698240df0c43278b2d1d7259c8e7a6926c63112 Mon Sep 17 00:00:00 2001
24	+From: "Matthew S. Turnbull" <sparky@××××××××××××××.com>
25	+Date: Sat, 24 Feb 2018 17:44:58 -0500
26	+Subject: grub-mkconfig/10_linux: Support multiple early initrd images
27	+
28	+Add support for multiple, shared, early initrd images. These early
29	+images will be loaded in the order declared, and all will be loaded
30	+before the initrd image.
31	+
32	+While many classes of data can be provided by early images, the
33	+immediate use case would be for distributions to provide CPU
34	+microcode to mitigate the Meltdown and Spectre vulnerabilities.
35	+
36	+There are two environment variables provided for declaring the early
37	+images.
38	+
39	+* GRUB_EARLY_INITRD_LINUX_STOCK is for the distribution declare
40	+ images that are provided by the distribution or installed packages.
41	+ If undeclared, this will default to a set of common microcode image
42	+ names.
43	+
44	+* GRUB_EARLY_INITRD_LINUX_CUSTOM is for user created images. User
45	+ images will be loaded after the stock images.
46	+
47	+These separate configurations allow the distribution and user to
48	+declare different image sets without clobbering each other.
49	+
50	+This also makes a minor update to ensure that UUID partition labels
51	+stay disabled when no initrd image is found, even if early images are
52	+present.
53	+
54	+This is a continuation of a previous patch published by Christian
55	+Hesse in 2016:
56	+http://lists.gnu.org/archive/html/grub-devel/2016-02/msg00025.html
57	+
58	+Down stream Gentoo bug:
59	+https://bugs.gentoo.org/645088
60	+
61	+Signed-off-by: Robin H. Johnson <robbat2@g.o>
62	+Signed-off-by: Matthew S. Turnbull <sparky@××××××××××××××.com>
63	+Reviewed-by: Daniel Kiper <daniel.kiper@××××××.com>
64	+---
65	+ docs/grub.texi \| 19 +++++++++++++++++++
66	+ util/grub-mkconfig.in \| 8 ++++++++
67	+ util/grub.d/10_linux.in \| 33 +++++++++++++++++++++++++++------
68	+ 3 files changed, 54 insertions(+), 6 deletions(-)
69	+
70	+diff --git a/docs/grub.texi b/docs/grub.texi
71	+index 137b894..65b4bbe 100644
72	+--- a/docs/grub.texi
73	++++ b/docs/grub.texi
74	+@@ -1398,6 +1398,25 @@ for all respectively normal entries.
75	+ The values of these options replace the values of @samp{GRUB_CMDLINE_LINUX}
76	+ and @samp{GRUB_CMDLINE_LINUX_DEFAULT} for Linux and Xen menu entries.
77	+
78	++@item GRUB_EARLY_INITRD_LINUX_CUSTOM
79	++@itemx GRUB_EARLY_INITRD_LINUX_STOCK
80	++List of space-separated early initrd images to be loaded from @samp{/boot}.
81	++This is for loading things like CPU microcode, firmware, ACPI tables, crypto
82	++keys, and so on. These early images will be loaded in the order declared,
83	++and all will be loaded before the actual functional initrd image.
84	++
85	++@samp{GRUB_EARLY_INITRD_LINUX_STOCK} is for your distribution to declare
86	++images that are provided by the distribution. It should not be modified
87	++without understanding the consequences. They will be loaded first.
88	++
89	++@samp{GRUB_EARLY_INITRD_LINUX_CUSTOM} is for your custom created images.
90	++
91	++The default stock images are as follows, though they may be overridden by
92	++your distribution:
93	++@example
94	++intel-uc.img intel-ucode.img amd-uc.img amd-ucode.img early_ucode.cpio microcode.cpio
95	++@end example
96	++
97	+ @item GRUB_DISABLE_LINUX_UUID
98	+ Normally, @command{grub-mkconfig} will generate menu entries that use
99	+ universally-unique identifiers (UUIDs) to identify the root filesystem to
100	+diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
101	+index f8496d2..35ef583 100644
102	+--- a/util/grub-mkconfig.in
103	++++ b/util/grub-mkconfig.in
104	+@@ -147,6 +147,12 @@ if [ x"$GRUB_FS" = xunknown ]; then
105	+ GRUB_FS="$(stat -f --printf=%T / \|\| echo unknown)"
106	+ fi
107	+
108	++# Provide a default set of stock linux early initrd images.
109	++# Define here so the list can be modified in the sourced config file.
110	++if [ "x${GRUB_EARLY_INITRD_LINUX_STOCK}" = "x" ]; then
111	++ GRUB_EARLY_INITRD_LINUX_STOCK="intel-uc.img intel-ucode.img amd-uc.img amd-ucode.img early_ucode.cpio microcode.cpio"
112	++fi
113	++
114	+ if test -f ${sysconfdir}/default/grub ; then
115	+ . ${sysconfdir}/default/grub
116	+ fi
117	+@@ -211,6 +217,8 @@ export GRUB_DEFAULT \
118	+ GRUB_CMDLINE_NETBSD \
119	+ GRUB_CMDLINE_NETBSD_DEFAULT \
120	+ GRUB_CMDLINE_GNUMACH \
121	++ GRUB_EARLY_INITRD_LINUX_CUSTOM \
122	++ GRUB_EARLY_INITRD_LINUX_STOCK \
123	+ GRUB_TERMINAL_INPUT \
124	+ GRUB_TERMINAL_OUTPUT \
125	+ GRUB_SERIAL_COMMAND \
126	+diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
127	+index de9044c..faedf74 100644
128	+--- a/util/grub.d/10_linux.in
129	++++ b/util/grub.d/10_linux.in
130	+@@ -136,9 +136,13 @@ EOF
131	+ if test -n "${initrd}" ; then
132	+ # TRANSLATORS: ramdisk isn't identifier. Should be translated.
133	+ message="$(gettext_printf "Loading initial ramdisk ...")"
134	++ initrd_path=
135	++ for i in ${initrd}; do
136	++ initrd_path="${initrd_path} ${rel_dirname}/${i}"
137	++ done
138	+ sed "s/^/$submenu_indentation/" << EOF
139	+ echo '$(echo "$message" \| grub_quote)'
140	+- initrd ${rel_dirname}/${initrd}
141	++ initrd $(echo $initrd_path)
142	+ EOF
143	+ fi
144	+ sed "s/^/$submenu_indentation/" << EOF
145	+@@ -188,7 +192,15 @@ while [ "x$list" != "x" ] ; do
146	+ alt_version=`echo $version \| sed -e "s,\.old$,,g"`
147	+ linux_root_device_thisversion="${LINUX_ROOT_DEVICE}"
148	+
149	+- initrd=
150	++ initrd_early=
151	++ for i in ${GRUB_EARLY_INITRD_LINUX_STOCK} \
152	++ ${GRUB_EARLY_INITRD_LINUX_CUSTOM}; do
153	++ if test -e "${dirname}/${i}" ; then
154	++ initrd_early="${initrd_early} ${i}"
155	++ fi
156	++ done
157	++
158	++ initrd_real=
159	+ for i in "initrd.img-${version}" "initrd-${version}.img" "initrd-${version}.gz" \
160	+ "initrd-${version}" "initramfs-${version}.img" \
161	+ "initrd.img-${alt_version}" "initrd-${alt_version}.img" \
162	+@@ -198,11 +210,22 @@ while [ "x$list" != "x" ] ; do
163	+ "initramfs-genkernel-${GENKERNEL_ARCH}-${version}" \
164	+ "initramfs-genkernel-${GENKERNEL_ARCH}-${alt_version}"; do
165	+ if test -e "${dirname}/${i}" ; then
166	+- initrd="$i"
167	++ initrd_real="${i}"
168	+ break
169	+ fi
170	+ done
171	+
172	++ initrd=
173	++ if test -n "${initrd_early}" \|\| test -n "${initrd_real}"; then
174	++ initrd="${initrd_early} ${initrd_real}"
175	++
176	++ initrd_display=
177	++ for i in ${initrd}; do
178	++ initrd_display="${initrd_display} ${dirname}/${i}"
179	++ done
180	++ gettext_printf "Found initrd image: %s\n" "$(echo $initrd_display)" >&2
181	++ fi
182	++
183	+ config=
184	+ for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do
185	+ if test -e "${i}" ; then
186	+@@ -216,9 +239,7 @@ while [ "x$list" != "x" ] ; do
187	+ initramfs=`grep CONFIG_INITRAMFS_SOURCE= "${config}" \| cut -f2 -d= \| tr -d \"`
188	+ fi
189	+
190	+- if test -n "${initrd}" ; then
191	+- gettext_printf "Found initrd image: %s\n" "${dirname}/${initrd}" >&2
192	+- elif test -z "${initramfs}" ; then
193	++ if test -z "${initramfs}" && test -z "${initrd_real}" ; then
194	+ # "UUID=" and "ZFS=" magic is parsed by initrd or initramfs. Since there's
195	+ # no initrd or builtin initramfs, it can't work here.
196	+ linux_root_device_thisversion=${GRUB_DEVICE}
197	+--
198	+cgit v1.0-41-gc330
199	+
200
201	diff --git a/sys-boot/grub/grub-2.02-r1.ebuild b/sys-boot/grub/grub-2.02-r1.ebuild
202	new file mode 100644
203	index 00000000000..7b3b5251bc1
204	--- /dev/null
205	+++ b/sys-boot/grub/grub-2.02-r1.ebuild
206	@@ -0,0 +1,299 @@
207	+# Copyright 1999-2018 Gentoo Foundation
208	+# Distributed under the terms of the GNU General Public License v2
209	+
210	+EAPI=6
211	+
212	+if [[ ${PV} == 9999 ]]; then
213	+ GRUB_AUTOGEN=1
214	+fi
215	+
216	+if [[ -n ${GRUB_AUTOGEN} ]]; then
217	+ PYTHON_COMPAT=( python{2_7,3_3,3_4,3_5} )
218	+ WANT_LIBTOOL=none
219	+ inherit autotools python-any-r1
220	+fi
221	+
222	+inherit autotools bash-completion-r1 flag-o-matic multibuild pax-utils toolchain-funcs versionator
223	+
224	+if [[ ${PV} != 9999 ]]; then
225	+ if [[ ${PV} == _alpha \|\| ${PV} == _beta \|\| ${PV} == _rc ]]; then
226	+ # The quote style is to work with <=bash-4.2 and >=bash-4.3 #503860
227	+ MY_P=${P/_/'~'}
228	+ SRC_URI="mirror://gnu-alpha/${PN}/${MY_P}.tar.xz"
229	+ S=${WORKDIR}/${MY_P}
230	+ else
231	+ SRC_URI="mirror://gnu/${PN}/${P}.tar.xz"
232	+ S=${WORKDIR}/${P%_*}
233	+ fi
234	+ KEYWORDS="~amd64 ~arm64 ~x86"
235	+else
236	+ inherit git-r3
237	+ EGIT_REPO_URI="git://git.sv.gnu.org/grub.git
238	+ http://git.savannah.gnu.org/r/grub.git"
239	+fi
240	+
241	+PATCHES=(
242	+ "${FILESDIR}"/gfxpayload.patch
243	+ "${FILESDIR}"/grub-2.02_beta2-KERNEL_GLOBS.patch
244	+ "${FILESDIR}"/2.02-multiple-early-initrd.patch
245	+)
246	+
247	+DEJAVU=dejavu-sans-ttf-2.37
248	+UNIFONT=unifont-9.0.06
249	+SRC_URI+=" fonts? ( mirror://gnu/unifont/${UNIFONT}/${UNIFONT}.pcf.gz )
250	+ themes? ( mirror://sourceforge/dejavu/${DEJAVU}.zip )"
251	+
252	+DESCRIPTION="GNU GRUB boot loader"
253	+HOMEPAGE="https://www.gnu.org/software/grub/"
254	+
255	+# Includes licenses for dejavu and unifont
256	+LICENSE="GPL-3 fonts? ( GPL-2-with-font-exception ) themes? ( BitstreamVera )"
257	+SLOT="2/${PVR}"
258	+IUSE="debug device-mapper doc efiemu +fonts mount multislot nls static sdl test +themes truetype libzfs"
259	+
260	+GRUB_ALL_PLATFORMS=( coreboot efi-32 efi-64 emu ieee1275 loongson multiboot qemu qemu-mips pc uboot xen xen-32 )
261	+IUSE+=" ${GRUB_ALL_PLATFORMS[@]/#/grub_platforms_}"
262	+
263	+REQUIRED_USE="
264	+ grub_platforms_coreboot? ( fonts )
265	+ grub_platforms_qemu? ( fonts )
266	+ grub_platforms_ieee1275? ( fonts )
267	+ grub_platforms_loongson? ( fonts )
268	+"
269	+
270	+# os-prober: Used on runtime to detect other OSes
271	+# xorriso (dev-libs/libisoburn): Used on runtime for mkrescue
272	+RDEPEND="
273	+ app-arch/xz-utils
274	+ >=sys-libs/ncurses-5.2-r5:0=
275	+ debug? (
276	+ sdl? ( media-libs/libsdl )
277	+ )
278	+ device-mapper? ( >=sys-fs/lvm2-2.02.45 )
279	+ libzfs? ( sys-fs/zfs )
280	+ mount? ( sys-fs/fuse )
281	+ truetype? ( media-libs/freetype:2= )
282	+ ppc? ( sys-apps/ibm-powerpc-utils sys-apps/powerpc-utils )
283	+ ppc64? ( sys-apps/ibm-powerpc-utils sys-apps/powerpc-utils )
284	+"
285	+DEPEND="${RDEPEND}
286	+ ${PYTHON_DEPS}
287	+ app-misc/pax-utils
288	+ sys-devel/flex
289	+ sys-devel/bison
290	+ sys-apps/help2man
291	+ sys-apps/texinfo
292	+ fonts? ( media-libs/freetype:2 )
293	+ grub_platforms_xen? ( app-emulation/xen-tools:= )
294	+ grub_platforms_xen-32? ( app-emulation/xen-tools:= )
295	+ static? (
296	+ app-arch/xz-utils[static-libs(+)]
297	+ truetype? (
298	+ app-arch/bzip2[static-libs(+)]
299	+ media-libs/freetype[static-libs(+)]
300	+ sys-libs/zlib[static-libs(+)]
301	+ )
302	+ )
303	+ test? (
304	+ app-admin/genromfs
305	+ app-arch/cpio
306	+ app-arch/lzop
307	+ app-emulation/qemu
308	+ dev-libs/libisoburn
309	+ sys-apps/miscfiles
310	+ sys-block/parted
311	+ sys-fs/squashfs-tools
312	+ )
313	+ themes? (
314	+ app-arch/unzip
315	+ media-libs/freetype:2
316	+ )
317	+"
318	+RDEPEND+="
319	+ kernel_linux? (
320	+ grub_platforms_efi-32? ( sys-boot/efibootmgr )
321	+ grub_platforms_efi-64? ( sys-boot/efibootmgr )
322	+ )
323	+ !multislot? ( !sys-boot/grub:0 !sys-boot/grub-static )
324	+ nls? ( sys-devel/gettext )
325	+"
326	+
327	+DEPEND+=" !!=media-libs/freetype-2.5.4"
328	+
329	+RESTRICT="strip !test? ( test )"
330	+
331	+QA_EXECSTACK="usr/bin/grub-emu usr/lib/grub/*"
332	+QA_WX_LOAD="usr/lib/grub/*"
333	+QA_MULTILIB_PATHS="usr/lib/grub/.*"
334	+
335	+src_unpack() {
336	+ if [[ ${PV} == 9999 ]]; then
337	+ git-r3_src_unpack
338	+ fi
339	+ default
340	+}
341	+
342	+src_prepare() {
343	+ default
344	+
345	+ sed -i -e /autoreconf/d autogen.sh \|\| die
346	+
347	+ if use multislot; then
348	+ # fix texinfo file name, bug 416035
349	+ sed -i -e 's/^\* GRUB:/* GRUB2:/' -e 's/(grub)/(grub2)/' docs/grub.texi \|\| die
350	+ fi
351	+
352	+ # Nothing in Gentoo packages 'american-english' in the exact path
353	+ # wanted for the test, but all that is needed is a compressible text
354	+ # file, and we do have 'words' from miscfiles in the same path.
355	+ sed -i \
356	+ -e '/CFILESSRC.*=/s,american-english,words,' \
357	+ tests/util/grub-fs-tester.in \
358	+ \|\| die
359	+
360	+ if [[ -n ${GRUB_AUTOGEN} ]]; then
361	+ python_setup
362	+ bash autogen.sh \|\| die
363	+ autopoint() { :; }
364	+ eautoreconf
365	+ fi
366	+}
367	+
368	+grub_do() {
369	+ multibuild_foreach_variant run_in_build_dir "$@"
370	+}
371	+
372	+grub_do_once() {
373	+ multibuild_for_best_variant run_in_build_dir "$@"
374	+}
375	+
376	+grub_configure() {
377	+ local platform
378	+
379	+ case ${MULTIBUILD_VARIANT} in
380	+ efi*) platform=efi ;;
381	+ xen*) platform=xen ;;
382	+ guessed) ;;
383	+ *) platform=${MULTIBUILD_VARIANT} ;;
384	+ esac
385	+
386	+ case ${MULTIBUILD_VARIANT} in
387	+ *-32)
388	+ if [[ ${CTARGET:-${CHOST}} == x86_64* ]]; then
389	+ local CTARGET=i386
390	+ fi ;;
391	+ *-64)
392	+ if [[ ${CTARGET:-${CHOST}} == i?86* ]]; then
393	+ local CTARGET=x86_64
394	+ local -x TARGET_CFLAGS="-Os -march=x86-64 ${TARGET_CFLAGS}"
395	+ local -x TARGET_CPPFLAGS="-march=x86-64 ${TARGET_CPPFLAGS}"
396	+ fi ;;
397	+ esac
398	+
399	+ local myeconfargs=(
400	+ --disable-werror
401	+ --program-prefix=
402	+ --libdir="${EPREFIX}"/usr/lib
403	+ --htmldir="${EPREFIX}"/usr/share/doc/${PF}/html
404	+ $(use_enable debug mm-debug)
405	+ $(use_enable device-mapper)
406	+ $(use_enable mount grub-mount)
407	+ $(use_enable nls)
408	+ $(use_enable themes grub-themes)
409	+ $(use_enable truetype grub-mkfont)
410	+ $(use_enable libzfs)
411	+ $(use sdl && use_enable debug grub-emu-sdl)
412	+ ${platform:+--with-platform=}${platform}
413	+
414	+ # Let configure detect this where supported
415	+ $(usex efiemu '' '--disable-efiemu')
416	+ )
417	+
418	+ if use multislot; then
419	+ myeconfargs+=( --program-transform-name="s,grub,grub2," )
420	+ fi
421	+
422	+ # Set up font symlinks
423	+ ln -s "${WORKDIR}/${UNIFONT}.pcf" unifont.pcf \|\| die
424	+ if use themes; then
425	+ ln -s "${WORKDIR}/${DEJAVU}/ttf/DejaVuSans.ttf" DejaVuSans.ttf \|\| die
426	+ fi
427	+
428	+ local ECONF_SOURCE="${S}"
429	+ econf "${myeconfargs[@]}"
430	+}
431	+
432	+src_configure() {
433	+ # Bug 508758.
434	+ replace-flags -O3 -O2
435	+
436	+ # We don't want to leak flags onto boot code.
437	+ export HOST_CCASFLAGS=${CCASFLAGS}
438	+ export HOST_CFLAGS=${CFLAGS}
439	+ export HOST_CPPFLAGS=${CPPFLAGS}
440	+ export HOST_LDFLAGS=${LDFLAGS}
441	+ unset CCASFLAGS CFLAGS CPPFLAGS LDFLAGS
442	+
443	+ use static && HOST_LDFLAGS+=" -static"
444	+
445	+ tc-ld-disable-gold #439082 #466536 #526348
446	+ export TARGET_LDFLAGS="${TARGET_LDFLAGS} ${LDFLAGS}"
447	+ unset LDFLAGS
448	+
449	+ tc-export CC NM OBJCOPY RANLIB STRIP
450	+ tc-export BUILD_CC # Bug 485592
451	+
452	+ MULTIBUILD_VARIANTS=()
453	+ local p
454	+ for p in "${GRUB_ALL_PLATFORMS[@]}"; do
455	+ use "grub_platforms_${p}" && MULTIBUILD_VARIANTS+=( "${p}" )
456	+ done
457	+ [[ ${#MULTIBUILD_VARIANTS[@]} -eq 0 ]] && MULTIBUILD_VARIANTS=( guessed )
458	+ grub_do grub_configure
459	+}
460	+
461	+src_compile() {
462	+ # Sandbox bug 404013.
463	+ use libzfs && addpredict /etc/dfs:/dev/zfs
464	+
465	+ grub_do emake
466	+ use doc && grub_do_once emake -C docs html
467	+}
468	+
469	+src_test() {
470	+ # The qemu dependency is a bit complex.
471	+ # You will need to adjust QEMU_SOFTMMU_TARGETS to match the cpu/platform.
472	+ grub_do emake check
473	+}
474	+
475	+src_install() {
476	+ grub_do emake install DESTDIR="${D}" bashcompletiondir="$(get_bashcompdir)"
477	+ use doc && grub_do_once emake -C docs install-html DESTDIR="${D}"
478	+
479	+ einstalldocs
480	+
481	+ if use multislot; then
482	+ mv "${ED%/}"/usr/share/info/grub{,2}.info \|\| die
483	+ fi
484	+
485	+ insinto /etc/default
486	+ newins "${FILESDIR}"/grub.default-3 grub
487	+}
488	+
489	+pkg_postinst() {
490	+ elog "For information on how to configure GRUB2 please refer to the guide:"
491	+ elog " https://wiki.gentoo.org/wiki/GRUB2_Quick_Start"
492	+
493	+ if has_version 'sys-boot/grub:0'; then
494	+ elog "A migration guide for GRUB Legacy users is available:"
495	+ elog " https://wiki.gentoo.org/wiki/GRUB2_Migration"
496	+ fi
497	+
498	+ if [[ -z ${REPLACING_VERSIONS} ]]; then
499	+ elog
500	+ elog "You may consider installing the following optional packages:"
501	+ optfeature "Detect other operating systems (grub-mkconfig)" sys-boot/os-prober
502	+ optfeature "Create rescue media (grub-mkrescue)" dev-libs/libisoburn
503	+ optfeature "Enable RAID device detection" sys-fs/mdadm
504	+ fi
505	+}

Gentoo Archives: gentoo-commits