summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Gilbert <floppym@gentoo.org>2018-04-01 14:17:04 -0400
committerMike Gilbert <floppym@gentoo.org>2018-04-01 14:18:14 -0400
commit4ce63f8b85aa62e485eaebc34b36024f80866106 (patch)
treeb372301786a782b0134c6f70f81760fd54e6cbc9 /sys-boot
parentx11-libs/rep-gtk: amd64 stable (diff)
downloadgentoo-4ce63f8b85aa62e485eaebc34b36024f80866106.tar.gz
gentoo-4ce63f8b85aa62e485eaebc34b36024f80866106.tar.bz2
gentoo-4ce63f8b85aa62e485eaebc34b36024f80866106.zip
sys-boot/grub: backport early microcode patch
Closes: https://bugs.gentoo.org/645088 Package-Manager: Portage-2.3.24, Repoman-2.3.6_p81
Diffstat (limited to 'sys-boot')
-rw-r--r--sys-boot/grub/files/2.02-multiple-early-initrd.patch177
-rw-r--r--sys-boot/grub/grub-2.02-r1.ebuild299
2 files changed, 476 insertions, 0 deletions
diff --git a/sys-boot/grub/files/2.02-multiple-early-initrd.patch b/sys-boot/grub/files/2.02-multiple-early-initrd.patch
new file mode 100644
index 000000000000..74b576f8b007
--- /dev/null
+++ b/sys-boot/grub/files/2.02-multiple-early-initrd.patch
@@ -0,0 +1,177 @@
+From a698240df0c43278b2d1d7259c8e7a6926c63112 Mon Sep 17 00:00:00 2001
+From: "Matthew S. Turnbull" <sparky@bluefang-logic.com>
+Date: Sat, 24 Feb 2018 17:44:58 -0500
+Subject: grub-mkconfig/10_linux: Support multiple early initrd images
+
+Add support for multiple, shared, early initrd images. These early
+images will be loaded in the order declared, and all will be loaded
+before the initrd image.
+
+While many classes of data can be provided by early images, the
+immediate use case would be for distributions to provide CPU
+microcode to mitigate the Meltdown and Spectre vulnerabilities.
+
+There are two environment variables provided for declaring the early
+images.
+
+* GRUB_EARLY_INITRD_LINUX_STOCK is for the distribution declare
+ images that are provided by the distribution or installed packages.
+ If undeclared, this will default to a set of common microcode image
+ names.
+
+* GRUB_EARLY_INITRD_LINUX_CUSTOM is for user created images. User
+ images will be loaded after the stock images.
+
+These separate configurations allow the distribution and user to
+declare different image sets without clobbering each other.
+
+This also makes a minor update to ensure that UUID partition labels
+stay disabled when no initrd image is found, even if early images are
+present.
+
+This is a continuation of a previous patch published by Christian
+Hesse in 2016:
+http://lists.gnu.org/archive/html/grub-devel/2016-02/msg00025.html
+
+Down stream Gentoo bug:
+https://bugs.gentoo.org/645088
+
+Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
+Signed-off-by: Matthew S. Turnbull <sparky@bluefang-logic.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+---
+ docs/grub.texi | 19 +++++++++++++++++++
+ util/grub-mkconfig.in | 8 ++++++++
+ util/grub.d/10_linux.in | 33 +++++++++++++++++++++++++++------
+ 3 files changed, 54 insertions(+), 6 deletions(-)
+
+diff --git a/docs/grub.texi b/docs/grub.texi
+index 137b894..65b4bbe 100644
+--- a/docs/grub.texi
++++ b/docs/grub.texi
+@@ -1398,6 +1398,25 @@ for all respectively normal entries.
+ The values of these options replace the values of @samp{GRUB_CMDLINE_LINUX}
+ and @samp{GRUB_CMDLINE_LINUX_DEFAULT} for Linux and Xen menu entries.
+
++@item GRUB_EARLY_INITRD_LINUX_CUSTOM
++@itemx GRUB_EARLY_INITRD_LINUX_STOCK
++List of space-separated early initrd images to be loaded from @samp{/boot}.
++This is for loading things like CPU microcode, firmware, ACPI tables, crypto
++keys, and so on. These early images will be loaded in the order declared,
++and all will be loaded before the actual functional initrd image.
++
++@samp{GRUB_EARLY_INITRD_LINUX_STOCK} is for your distribution to declare
++images that are provided by the distribution. It should not be modified
++without understanding the consequences. They will be loaded first.
++
++@samp{GRUB_EARLY_INITRD_LINUX_CUSTOM} is for your custom created images.
++
++The default stock images are as follows, though they may be overridden by
++your distribution:
++@example
++intel-uc.img intel-ucode.img amd-uc.img amd-ucode.img early_ucode.cpio microcode.cpio
++@end example
++
+ @item GRUB_DISABLE_LINUX_UUID
+ Normally, @command{grub-mkconfig} will generate menu entries that use
+ universally-unique identifiers (UUIDs) to identify the root filesystem to
+diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
+index f8496d2..35ef583 100644
+--- a/util/grub-mkconfig.in
++++ b/util/grub-mkconfig.in
+@@ -147,6 +147,12 @@ if [ x"$GRUB_FS" = xunknown ]; then
+ GRUB_FS="$(stat -f --printf=%T / || echo unknown)"
+ fi
+
++# Provide a default set of stock linux early initrd images.
++# Define here so the list can be modified in the sourced config file.
++if [ "x${GRUB_EARLY_INITRD_LINUX_STOCK}" = "x" ]; then
++ GRUB_EARLY_INITRD_LINUX_STOCK="intel-uc.img intel-ucode.img amd-uc.img amd-ucode.img early_ucode.cpio microcode.cpio"
++fi
++
+ if test -f ${sysconfdir}/default/grub ; then
+ . ${sysconfdir}/default/grub
+ fi
+@@ -211,6 +217,8 @@ export GRUB_DEFAULT \
+ GRUB_CMDLINE_NETBSD \
+ GRUB_CMDLINE_NETBSD_DEFAULT \
+ GRUB_CMDLINE_GNUMACH \
++ GRUB_EARLY_INITRD_LINUX_CUSTOM \
++ GRUB_EARLY_INITRD_LINUX_STOCK \
+ GRUB_TERMINAL_INPUT \
+ GRUB_TERMINAL_OUTPUT \
+ GRUB_SERIAL_COMMAND \
+diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
+index de9044c..faedf74 100644
+--- a/util/grub.d/10_linux.in
++++ b/util/grub.d/10_linux.in
+@@ -136,9 +136,13 @@ EOF
+ if test -n "${initrd}" ; then
+ # TRANSLATORS: ramdisk isn't identifier. Should be translated.
+ message="$(gettext_printf "Loading initial ramdisk ...")"
++ initrd_path=
++ for i in ${initrd}; do
++ initrd_path="${initrd_path} ${rel_dirname}/${i}"
++ done
+ sed "s/^/$submenu_indentation/" << EOF
+ echo '$(echo "$message" | grub_quote)'
+- initrd ${rel_dirname}/${initrd}
++ initrd $(echo $initrd_path)
+ EOF
+ fi
+ sed "s/^/$submenu_indentation/" << EOF
+@@ -188,7 +192,15 @@ while [ "x$list" != "x" ] ; do
+ alt_version=`echo $version | sed -e "s,\.old$,,g"`
+ linux_root_device_thisversion="${LINUX_ROOT_DEVICE}"
+
+- initrd=
++ initrd_early=
++ for i in ${GRUB_EARLY_INITRD_LINUX_STOCK} \
++ ${GRUB_EARLY_INITRD_LINUX_CUSTOM}; do
++ if test -e "${dirname}/${i}" ; then
++ initrd_early="${initrd_early} ${i}"
++ fi
++ done
++
++ initrd_real=
+ for i in "initrd.img-${version}" "initrd-${version}.img" "initrd-${version}.gz" \
+ "initrd-${version}" "initramfs-${version}.img" \
+ "initrd.img-${alt_version}" "initrd-${alt_version}.img" \
+@@ -198,11 +210,22 @@ while [ "x$list" != "x" ] ; do
+ "initramfs-genkernel-${GENKERNEL_ARCH}-${version}" \
+ "initramfs-genkernel-${GENKERNEL_ARCH}-${alt_version}"; do
+ if test -e "${dirname}/${i}" ; then
+- initrd="$i"
++ initrd_real="${i}"
+ break
+ fi
+ done
+
++ initrd=
++ if test -n "${initrd_early}" || test -n "${initrd_real}"; then
++ initrd="${initrd_early} ${initrd_real}"
++
++ initrd_display=
++ for i in ${initrd}; do
++ initrd_display="${initrd_display} ${dirname}/${i}"
++ done
++ gettext_printf "Found initrd image: %s\n" "$(echo $initrd_display)" >&2
++ fi
++
+ config=
+ for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do
+ if test -e "${i}" ; then
+@@ -216,9 +239,7 @@ while [ "x$list" != "x" ] ; do
+ initramfs=`grep CONFIG_INITRAMFS_SOURCE= "${config}" | cut -f2 -d= | tr -d \"`
+ fi
+
+- if test -n "${initrd}" ; then
+- gettext_printf "Found initrd image: %s\n" "${dirname}/${initrd}" >&2
+- elif test -z "${initramfs}" ; then
++ if test -z "${initramfs}" && test -z "${initrd_real}" ; then
+ # "UUID=" and "ZFS=" magic is parsed by initrd or initramfs. Since there's
+ # no initrd or builtin initramfs, it can't work here.
+ linux_root_device_thisversion=${GRUB_DEVICE}
+--
+cgit v1.0-41-gc330
+
diff --git a/sys-boot/grub/grub-2.02-r1.ebuild b/sys-boot/grub/grub-2.02-r1.ebuild
new file mode 100644
index 000000000000..7b3b5251bc11
--- /dev/null
+++ b/sys-boot/grub/grub-2.02-r1.ebuild
@@ -0,0 +1,299 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+if [[ ${PV} == 9999 ]]; then
+ GRUB_AUTOGEN=1
+fi
+
+if [[ -n ${GRUB_AUTOGEN} ]]; then
+ PYTHON_COMPAT=( python{2_7,3_3,3_4,3_5} )
+ WANT_LIBTOOL=none
+ inherit autotools python-any-r1
+fi
+
+inherit autotools bash-completion-r1 flag-o-matic multibuild pax-utils toolchain-funcs versionator
+
+if [[ ${PV} != 9999 ]]; then
+ if [[ ${PV} == *_alpha* || ${PV} == *_beta* || ${PV} == *_rc* ]]; then
+ # The quote style is to work with <=bash-4.2 and >=bash-4.3 #503860
+ MY_P=${P/_/'~'}
+ SRC_URI="mirror://gnu-alpha/${PN}/${MY_P}.tar.xz"
+ S=${WORKDIR}/${MY_P}
+ else
+ SRC_URI="mirror://gnu/${PN}/${P}.tar.xz"
+ S=${WORKDIR}/${P%_*}
+ fi
+ KEYWORDS="~amd64 ~arm64 ~x86"
+else
+ inherit git-r3
+ EGIT_REPO_URI="git://git.sv.gnu.org/grub.git
+ http://git.savannah.gnu.org/r/grub.git"
+fi
+
+PATCHES=(
+ "${FILESDIR}"/gfxpayload.patch
+ "${FILESDIR}"/grub-2.02_beta2-KERNEL_GLOBS.patch
+ "${FILESDIR}"/2.02-multiple-early-initrd.patch
+)
+
+DEJAVU=dejavu-sans-ttf-2.37
+UNIFONT=unifont-9.0.06
+SRC_URI+=" fonts? ( mirror://gnu/unifont/${UNIFONT}/${UNIFONT}.pcf.gz )
+ themes? ( mirror://sourceforge/dejavu/${DEJAVU}.zip )"
+
+DESCRIPTION="GNU GRUB boot loader"
+HOMEPAGE="https://www.gnu.org/software/grub/"
+
+# Includes licenses for dejavu and unifont
+LICENSE="GPL-3 fonts? ( GPL-2-with-font-exception ) themes? ( BitstreamVera )"
+SLOT="2/${PVR}"
+IUSE="debug device-mapper doc efiemu +fonts mount multislot nls static sdl test +themes truetype libzfs"
+
+GRUB_ALL_PLATFORMS=( coreboot efi-32 efi-64 emu ieee1275 loongson multiboot qemu qemu-mips pc uboot xen xen-32 )
+IUSE+=" ${GRUB_ALL_PLATFORMS[@]/#/grub_platforms_}"
+
+REQUIRED_USE="
+ grub_platforms_coreboot? ( fonts )
+ grub_platforms_qemu? ( fonts )
+ grub_platforms_ieee1275? ( fonts )
+ grub_platforms_loongson? ( fonts )
+"
+
+# os-prober: Used on runtime to detect other OSes
+# xorriso (dev-libs/libisoburn): Used on runtime for mkrescue
+RDEPEND="
+ app-arch/xz-utils
+ >=sys-libs/ncurses-5.2-r5:0=
+ debug? (
+ sdl? ( media-libs/libsdl )
+ )
+ device-mapper? ( >=sys-fs/lvm2-2.02.45 )
+ libzfs? ( sys-fs/zfs )
+ mount? ( sys-fs/fuse )
+ truetype? ( media-libs/freetype:2= )
+ ppc? ( sys-apps/ibm-powerpc-utils sys-apps/powerpc-utils )
+ ppc64? ( sys-apps/ibm-powerpc-utils sys-apps/powerpc-utils )
+"
+DEPEND="${RDEPEND}
+ ${PYTHON_DEPS}
+ app-misc/pax-utils
+ sys-devel/flex
+ sys-devel/bison
+ sys-apps/help2man
+ sys-apps/texinfo
+ fonts? ( media-libs/freetype:2 )
+ grub_platforms_xen? ( app-emulation/xen-tools:= )
+ grub_platforms_xen-32? ( app-emulation/xen-tools:= )
+ static? (
+ app-arch/xz-utils[static-libs(+)]
+ truetype? (
+ app-arch/bzip2[static-libs(+)]
+ media-libs/freetype[static-libs(+)]
+ sys-libs/zlib[static-libs(+)]
+ )
+ )
+ test? (
+ app-admin/genromfs
+ app-arch/cpio
+ app-arch/lzop
+ app-emulation/qemu
+ dev-libs/libisoburn
+ sys-apps/miscfiles
+ sys-block/parted
+ sys-fs/squashfs-tools
+ )
+ themes? (
+ app-arch/unzip
+ media-libs/freetype:2
+ )
+"
+RDEPEND+="
+ kernel_linux? (
+ grub_platforms_efi-32? ( sys-boot/efibootmgr )
+ grub_platforms_efi-64? ( sys-boot/efibootmgr )
+ )
+ !multislot? ( !sys-boot/grub:0 !sys-boot/grub-static )
+ nls? ( sys-devel/gettext )
+"
+
+DEPEND+=" !!=media-libs/freetype-2.5.4"
+
+RESTRICT="strip !test? ( test )"
+
+QA_EXECSTACK="usr/bin/grub*-emu* usr/lib/grub/*"
+QA_WX_LOAD="usr/lib/grub/*"
+QA_MULTILIB_PATHS="usr/lib/grub/.*"
+
+src_unpack() {
+ if [[ ${PV} == 9999 ]]; then
+ git-r3_src_unpack
+ fi
+ default
+}
+
+src_prepare() {
+ default
+
+ sed -i -e /autoreconf/d autogen.sh || die
+
+ if use multislot; then
+ # fix texinfo file name, bug 416035
+ sed -i -e 's/^\* GRUB:/* GRUB2:/' -e 's/(grub)/(grub2)/' docs/grub.texi || die
+ fi
+
+ # Nothing in Gentoo packages 'american-english' in the exact path
+ # wanted for the test, but all that is needed is a compressible text
+ # file, and we do have 'words' from miscfiles in the same path.
+ sed -i \
+ -e '/CFILESSRC.*=/s,american-english,words,' \
+ tests/util/grub-fs-tester.in \
+ || die
+
+ if [[ -n ${GRUB_AUTOGEN} ]]; then
+ python_setup
+ bash autogen.sh || die
+ autopoint() { :; }
+ eautoreconf
+ fi
+}
+
+grub_do() {
+ multibuild_foreach_variant run_in_build_dir "$@"
+}
+
+grub_do_once() {
+ multibuild_for_best_variant run_in_build_dir "$@"
+}
+
+grub_configure() {
+ local platform
+
+ case ${MULTIBUILD_VARIANT} in
+ efi*) platform=efi ;;
+ xen*) platform=xen ;;
+ guessed) ;;
+ *) platform=${MULTIBUILD_VARIANT} ;;
+ esac
+
+ case ${MULTIBUILD_VARIANT} in
+ *-32)
+ if [[ ${CTARGET:-${CHOST}} == x86_64* ]]; then
+ local CTARGET=i386
+ fi ;;
+ *-64)
+ if [[ ${CTARGET:-${CHOST}} == i?86* ]]; then
+ local CTARGET=x86_64
+ local -x TARGET_CFLAGS="-Os -march=x86-64 ${TARGET_CFLAGS}"
+ local -x TARGET_CPPFLAGS="-march=x86-64 ${TARGET_CPPFLAGS}"
+ fi ;;
+ esac
+
+ local myeconfargs=(
+ --disable-werror
+ --program-prefix=
+ --libdir="${EPREFIX}"/usr/lib
+ --htmldir="${EPREFIX}"/usr/share/doc/${PF}/html
+ $(use_enable debug mm-debug)
+ $(use_enable device-mapper)
+ $(use_enable mount grub-mount)
+ $(use_enable nls)
+ $(use_enable themes grub-themes)
+ $(use_enable truetype grub-mkfont)
+ $(use_enable libzfs)
+ $(use sdl && use_enable debug grub-emu-sdl)
+ ${platform:+--with-platform=}${platform}
+
+ # Let configure detect this where supported
+ $(usex efiemu '' '--disable-efiemu')
+ )
+
+ if use multislot; then
+ myeconfargs+=( --program-transform-name="s,grub,grub2," )
+ fi
+
+ # Set up font symlinks
+ ln -s "${WORKDIR}/${UNIFONT}.pcf" unifont.pcf || die
+ if use themes; then
+ ln -s "${WORKDIR}/${DEJAVU}/ttf/DejaVuSans.ttf" DejaVuSans.ttf || die
+ fi
+
+ local ECONF_SOURCE="${S}"
+ econf "${myeconfargs[@]}"
+}
+
+src_configure() {
+ # Bug 508758.
+ replace-flags -O3 -O2
+
+ # We don't want to leak flags onto boot code.
+ export HOST_CCASFLAGS=${CCASFLAGS}
+ export HOST_CFLAGS=${CFLAGS}
+ export HOST_CPPFLAGS=${CPPFLAGS}
+ export HOST_LDFLAGS=${LDFLAGS}
+ unset CCASFLAGS CFLAGS CPPFLAGS LDFLAGS
+
+ use static && HOST_LDFLAGS+=" -static"
+
+ tc-ld-disable-gold #439082 #466536 #526348
+ export TARGET_LDFLAGS="${TARGET_LDFLAGS} ${LDFLAGS}"
+ unset LDFLAGS
+
+ tc-export CC NM OBJCOPY RANLIB STRIP
+ tc-export BUILD_CC # Bug 485592
+
+ MULTIBUILD_VARIANTS=()
+ local p
+ for p in "${GRUB_ALL_PLATFORMS[@]}"; do
+ use "grub_platforms_${p}" && MULTIBUILD_VARIANTS+=( "${p}" )
+ done
+ [[ ${#MULTIBUILD_VARIANTS[@]} -eq 0 ]] && MULTIBUILD_VARIANTS=( guessed )
+ grub_do grub_configure
+}
+
+src_compile() {
+ # Sandbox bug 404013.
+ use libzfs && addpredict /etc/dfs:/dev/zfs
+
+ grub_do emake
+ use doc && grub_do_once emake -C docs html
+}
+
+src_test() {
+ # The qemu dependency is a bit complex.
+ # You will need to adjust QEMU_SOFTMMU_TARGETS to match the cpu/platform.
+ grub_do emake check
+}
+
+src_install() {
+ grub_do emake install DESTDIR="${D}" bashcompletiondir="$(get_bashcompdir)"
+ use doc && grub_do_once emake -C docs install-html DESTDIR="${D}"
+
+ einstalldocs
+
+ if use multislot; then
+ mv "${ED%/}"/usr/share/info/grub{,2}.info || die
+ fi
+
+ insinto /etc/default
+ newins "${FILESDIR}"/grub.default-3 grub
+}
+
+pkg_postinst() {
+ elog "For information on how to configure GRUB2 please refer to the guide:"
+ elog " https://wiki.gentoo.org/wiki/GRUB2_Quick_Start"
+
+ if has_version 'sys-boot/grub:0'; then
+ elog "A migration guide for GRUB Legacy users is available:"
+ elog " https://wiki.gentoo.org/wiki/GRUB2_Migration"
+ fi
+
+ if [[ -z ${REPLACING_VERSIONS} ]]; then
+ elog
+ elog "You may consider installing the following optional packages:"
+ optfeature "Detect other operating systems (grub-mkconfig)" sys-boot/os-prober
+ optfeature "Create rescue media (grub-mkrescue)" dev-libs/libisoburn
+ optfeature "Enable RAID device detection" sys-fs/mdadm
+ fi
+}