use upstream patch to support multiple early initrd images

2018-03-14 21:13:14 +00:00 · 2018-03-14 21:13:14 +00:00 · 4e7a0983e5
commit 4e7a0983e5
parent 4431d5dc76
3 changed files with 183 additions and 59 deletions
--- a/0002-intel-ucode.patch
+++ b/0002-intel-ucode.patch
@ -1,52 +0,0 @@
-diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
-index de9044c..f5d3e78 100644
--- a/util/grub.d/10_linux.in
-+++ b/util/grub.d/10_linux.in
-@@ -133,13 +133,15 @@ linux_entry ()
- 	echo	'$(echo "$message" | grub_quote)'
- 	linux	${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args}
- EOF
-  if test -n "${initrd}" ; then
-+  if test -n "${initrd}" -o -n "${initrd_extra}" ; then
-     # TRANSLATORS: ramdisk isn't identifier. Should be translated.
-     message="$(gettext_printf "Loading initial ramdisk ...")"
-    sed "s/^/$submenu_indentation/" << EOF
-	echo	'$(echo "$message" | grub_quote)'
-	initrd	${rel_dirname}/${initrd}
-EOF
-+    printf '	%s\n' "echo	'$(echo "$message" | grub_quote)'" | sed "s/^/$submenu_indentation/"
-+    printf '	%s ' 'initrd' | sed "s/^/$submenu_indentation/"
-+    for i in ${initrd_extra} ${initrd}; do
-+	printf ' %s/%s' "${rel_dirname}" "${i}"
-+    done
-+    printf '\n'
-   fi
-   sed "s/^/$submenu_indentation/" << EOF
- }
-@@ -202,6 +204,12 @@ while [ "x$list" != "x" ] ; do
-       break
-     fi
-   done
-+  initrd_extra=
-+  for i in intel-ucode.img; do
-+    if test -e "${dirname}/${i}" ; then
-+      initrd_extra="${initrd_extra} ${i}"
-+    fi
-+  done
- 
-   config=
-   for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do
-@@ -216,8 +224,8 @@ while [ "x$list" != "x" ] ; do
-       initramfs=`grep CONFIG_INITRAMFS_SOURCE= "${config}" | cut -f2 -d= | tr -d \"`
-   fi
- 
-  if test -n "${initrd}" ; then
-    gettext_printf "Found initrd image: %s\n" "${dirname}/${initrd}" >&2
-+  if test -n "${initrd}" -o -n "${initrd_extra}" ; then
-+    gettext_printf "Found initrd image(s) in %s:%s\n" "${dirname}" "${initrd_extra} ${initrd}" >&2
-   elif test -z "${initramfs}" ; then
-     # "UUID=" and "ZFS=" magic is parsed by initrd or initramfs.  Since there's
-     # no initrd or builtin initramfs, it can't work here.
-- 
-2.9.2
-
--- a/0007-grub-mkconfig_10_linux_Support_multiple_early_initrd_images.patch
+++ b/0007-grub-mkconfig_10_linux_Support_multiple_early_initrd_images.patch
@ -0,0 +1,177 @@
+From a698240df0c43278b2d1d7259c8e7a6926c63112 Mon Sep 17 00:00:00 2001
+From: "Matthew S. Turnbull" <sparky@bluefang-logic.com>
+Date: Sat, 24 Feb 2018 17:44:58 -0500
+Subject: grub-mkconfig/10_linux: Support multiple early initrd images
+
+Add support for multiple, shared, early initrd images. These early
+images will be loaded in the order declared, and all will be loaded
+before the initrd image.
+
+While many classes of data can be provided by early images, the
+immediate use case would be for distributions to provide CPU
+microcode to mitigate the Meltdown and Spectre vulnerabilities.
+
+There are two environment variables provided for declaring the early
+images.
+
+* GRUB_EARLY_INITRD_LINUX_STOCK is for the distribution declare
+  images that are provided by the distribution or installed packages.
+  If undeclared, this will default to a set of common microcode image
+  names.
+
+* GRUB_EARLY_INITRD_LINUX_CUSTOM is for user created images. User
+  images will be loaded after the stock images.
+
+These separate configurations allow the distribution and user to
+declare different image sets without clobbering each other.
+
+This also makes a minor update to ensure that UUID partition labels
+stay disabled when no initrd image is found, even if early images are
+present.
+
+This is a continuation of a previous patch published by Christian
+Hesse in 2016:
+http://lists.gnu.org/archive/html/grub-devel/2016-02/msg00025.html
+
+Down stream Gentoo bug:
+https://bugs.gentoo.org/645088
+
+Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
+Signed-off-by: Matthew S. Turnbull <sparky@bluefang-logic.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+---
+ docs/grub.texi          | 19 +++++++++++++++++++
+ util/grub-mkconfig.in   |  8 ++++++++
+ util/grub.d/10_linux.in | 33 +++++++++++++++++++++++++++------
+ 3 files changed, 54 insertions(+), 6 deletions(-)
+
+diff --git a/docs/grub.texi b/docs/grub.texi
+index 137b894fa..65b4bbeda 100644
+--- a/docs/grub.texi
+++ b/docs/grub.texi
+@@ -1398,6 +1398,25 @@ for all respectively normal entries.
+ The values of these options replace the values of @samp{GRUB_CMDLINE_LINUX}
+ and @samp{GRUB_CMDLINE_LINUX_DEFAULT} for Linux and Xen menu entries.
+ 
+@item GRUB_EARLY_INITRD_LINUX_CUSTOM
+@itemx GRUB_EARLY_INITRD_LINUX_STOCK
+List of space-separated early initrd images to be loaded from @samp{/boot}.
+This is for loading things like CPU microcode, firmware, ACPI tables, crypto
+keys, and so on. These early images will be loaded in the order declared,
+and all will be loaded before the actual functional initrd image.
+
+@samp{GRUB_EARLY_INITRD_LINUX_STOCK} is for your distribution to declare
+images that are provided by the distribution. It should not be modified
+without understanding the consequences. They will be loaded first.
+
+@samp{GRUB_EARLY_INITRD_LINUX_CUSTOM} is for your custom created images.
+
+The default stock images are as follows, though they may be overridden by
+your distribution:
+@example
+intel-uc.img intel-ucode.img amd-uc.img amd-ucode.img early_ucode.cpio microcode.cpio
+@end example
+
+ @item GRUB_DISABLE_LINUX_UUID
+ Normally, @command{grub-mkconfig} will generate menu entries that use
+ universally-unique identifiers (UUIDs) to identify the root filesystem to
+diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
+index f8496d28b..35ef583b0 100644
+--- a/util/grub-mkconfig.in
+++ b/util/grub-mkconfig.in
+@@ -147,6 +147,12 @@ if [ x"$GRUB_FS" = xunknown ]; then
+     GRUB_FS="$(stat -f --printf=%T / || echo unknown)"
+ fi
+ 
+# Provide a default set of stock linux early initrd images.
+# Define here so the list can be modified in the sourced config file.
+if [ "x${GRUB_EARLY_INITRD_LINUX_STOCK}" = "x" ]; then
+	GRUB_EARLY_INITRD_LINUX_STOCK="intel-uc.img intel-ucode.img amd-uc.img amd-ucode.img early_ucode.cpio microcode.cpio"
+fi
+
+ if test -f ${sysconfdir}/default/grub ; then
+   . ${sysconfdir}/default/grub
+ fi
+@@ -211,6 +217,8 @@ export GRUB_DEFAULT \
+   GRUB_CMDLINE_NETBSD \
+   GRUB_CMDLINE_NETBSD_DEFAULT \
+   GRUB_CMDLINE_GNUMACH \
+  GRUB_EARLY_INITRD_LINUX_CUSTOM \
+  GRUB_EARLY_INITRD_LINUX_STOCK \
+   GRUB_TERMINAL_INPUT \
+   GRUB_TERMINAL_OUTPUT \
+   GRUB_SERIAL_COMMAND \
+diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
+index de9044c7f..faedf74e1 100644
+--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
+@@ -136,9 +136,13 @@ EOF
+   if test -n "${initrd}" ; then
+     # TRANSLATORS: ramdisk isn't identifier. Should be translated.
+     message="$(gettext_printf "Loading initial ramdisk ...")"
+    initrd_path=
+    for i in ${initrd}; do
+      initrd_path="${initrd_path} ${rel_dirname}/${i}"
+    done
+     sed "s/^/$submenu_indentation/" << EOF
+ 	echo	'$(echo "$message" | grub_quote)'
+-	initrd	${rel_dirname}/${initrd}
+	initrd	$(echo $initrd_path)
+ EOF
+   fi
+   sed "s/^/$submenu_indentation/" << EOF
+@@ -188,7 +192,15 @@ while [ "x$list" != "x" ] ; do
+   alt_version=`echo $version | sed -e "s,\.old$,,g"`
+   linux_root_device_thisversion="${LINUX_ROOT_DEVICE}"
+ 
+-  initrd=
+  initrd_early=
+  for i in ${GRUB_EARLY_INITRD_LINUX_STOCK} \
+	   ${GRUB_EARLY_INITRD_LINUX_CUSTOM}; do
+    if test -e "${dirname}/${i}" ; then
+      initrd_early="${initrd_early} ${i}"
+    fi
+  done
+
+  initrd_real=
+   for i in "initrd.img-${version}" "initrd-${version}.img" "initrd-${version}.gz" \
+ 	   "initrd-${version}" "initramfs-${version}.img" \
+ 	   "initrd.img-${alt_version}" "initrd-${alt_version}.img" \
+@@ -198,11 +210,22 @@ while [ "x$list" != "x" ] ; do
+ 	   "initramfs-genkernel-${GENKERNEL_ARCH}-${version}" \
+ 	   "initramfs-genkernel-${GENKERNEL_ARCH}-${alt_version}"; do
+     if test -e "${dirname}/${i}" ; then
+-      initrd="$i"
+      initrd_real="${i}"
+       break
+     fi
+   done
+ 
+  initrd=
+  if test -n "${initrd_early}" || test -n "${initrd_real}"; then
+    initrd="${initrd_early} ${initrd_real}"
+
+    initrd_display=
+    for i in ${initrd}; do
+      initrd_display="${initrd_display} ${dirname}/${i}"
+    done
+    gettext_printf "Found initrd image: %s\n" "$(echo $initrd_display)" >&2
+  fi
+
+   config=
+   for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do
+     if test -e "${i}" ; then
+@@ -216,9 +239,7 @@ while [ "x$list" != "x" ] ; do
+       initramfs=`grep CONFIG_INITRAMFS_SOURCE= "${config}" | cut -f2 -d= | tr -d \"`
+   fi
+ 
+-  if test -n "${initrd}" ; then
+-    gettext_printf "Found initrd image: %s\n" "${dirname}/${initrd}" >&2
+-  elif test -z "${initramfs}" ; then
+  if test -z "${initramfs}" && test -z "${initrd_real}" ; then
+     # "UUID=" and "ZFS=" magic is parsed by initrd or initramfs.  Since there's
+     # no initrd or builtin initramfs, it can't work here.
+     linux_root_device_thisversion=${GRUB_DEVICE}
+-- 
+cgit v1.1-33-g03f6
+
--- a/13
+++ b/13
@ -22,7 +22,7 @@ _UNIFONT_VER="10.0.06"
 pkgname="grub"
 pkgdesc="GNU GRand Unified Bootloader (2)"
 pkgver=2.02
-pkgrel=4
+pkgrel=5
 epoch=2
 url="https://www.gnu.org/software/grub/"
 arch=('x86_64')
@ -60,11 +60,11 @@ validpgpkeys=('E53D497F3FA42AD8C9B4D1E835A93B74E82E4209'  # Vladimir 'phcoder' S
 source=("https://ftp.gnu.org/gnu/${pkgname}/${pkgname}-${pkgver}.tar.xz"{,.sig}
        "https://git.savannah.nongnu.org/cgit/grub-extras.git/snapshot/grub-extras-${_GRUB_EXTRAS_COMMIT}.tar.gz"
        "https://ftp.gnu.org/gnu/unifont/unifont-${_UNIFONT_VER}/unifont-${_UNIFONT_VER}.bdf.gz"{,.sig}
-        '0002-intel-ucode.patch'
        '0003-10_linux-detect-archlinux-initramfs.patch'
        '0004-add-GRUB_COLOR_variables.patch'
        '0005-Allow_GRUB_to_mount_ext234_filesystems_that_have_the_encryption_feature.patch'
        '0006-tsc-Change-default-tsc-calibration-method-to-pmtimer-on-EFI-systems.patch'
+        '0007-grub-mkconfig_10_linux_Support_multiple_early_initrd_images.patch'
        'grub.default'
        'grub.cfg')

@ -73,21 +73,17 @@ sha256sums=('810b3798d316394f94096ec2797909dbf23c858e48f7b3830826b8daa06b7b0f'
            '2844601914cea6b1231eca0104853a93c4d67a5209933a0766f1475953300646'
            '0d81571fc519573057b7641d26a31ead55cc0b02a931589fb346a3a534c3dcc1'
            'SKIP'
-            '37adb95049f6cdcbdbf60ed6b6440c5be99a4cd307a0f96c3c3837b6c2e07f3c'
            'b41e4438319136b5e74e0abdfcb64ae115393e4e15207490272c425f54026dd3'
            'a5198267ceb04dceb6d2ea7800281a42b3f91fd02da55d2cc9ea20d47273ca29'
            '535422c510a050d41efe7720dbe54de29e04bdb8f86fd5aea5feb0b24f7abe46'
            'c38f2b2caae33008b35a37d8293d8bf13bf6fd779a4504925da1837fd007aeb5'
+            'e43566c4fe3b1b87e677167323d4716b82ac0810410a9d8dc7fbf415c8db2b8a'
            '74e5dd2090a153c10a7b9599b73bb09e70fddc6a019dd41641b0f10b9d773d82'
            'c5e4f3836130c6885e9273c21f057263eba53f4b7c0e2f111f6e5f2e487a47ad')

 prepare() {
 	cd "${srcdir}/grub-${pkgver}/"

-	msg "Patch to load Intel microcode"
-	patch -Np1 -i "${srcdir}/0002-intel-ucode.patch"
-	echo
-
 	msg "Patch to detect of Arch Linux initramfs images by grub-mkconfig"
 	patch -Np1 -i "${srcdir}/0003-10_linux-detect-archlinux-initramfs.patch"
 	echo
@ -105,6 +101,9 @@ prepare() {
 	patch -Np1 -i "${srcdir}/0006-tsc-Change-default-tsc-calibration-method-to-pmtimer-on-EFI-systems.patch"
 	echo

+	msg "Support multiple early initrd images"
+	patch -Np1 -i "${srcdir}/0007-grub-mkconfig_10_linux_Support_multiple_early_initrd_images.patch"
+
 	msg "Fix DejaVuSans.ttf location so that grub-mkfont can create *.pf2 files for starfield theme"
 	sed 's|/usr/share/fonts/dejavu|/usr/share/fonts/dejavu /usr/share/fonts/TTF|g' -i "configure.ac"