From 4e7a0983e5a28e7699b3f05d91abc7e3b7cf90d3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 14 Mar 2018 21:13:14 +0000 Subject: [PATCH] use upstream patch to support multiple early initrd images --- 0002-intel-ucode.patch | 52 ----- ...Support_multiple_early_initrd_images.patch | 177 ++++++++++++++++++ PKGBUILD | 13 +- 3 files changed, 183 insertions(+), 59 deletions(-) delete mode 100644 0002-intel-ucode.patch create mode 100644 0007-grub-mkconfig_10_linux_Support_multiple_early_initrd_images.patch diff --git a/0002-intel-ucode.patch b/0002-intel-ucode.patch deleted file mode 100644 index 98d8de8..0000000 --- a/0002-intel-ucode.patch +++ /dev/null @@ -1,52 +0,0 @@ -diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index de9044c..f5d3e78 100644 ---- a/util/grub.d/10_linux.in -+++ b/util/grub.d/10_linux.in -@@ -133,13 +133,15 @@ linux_entry () - echo '$(echo "$message" | grub_quote)' - linux ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args} - EOF -- if test -n "${initrd}" ; then -+ if test -n "${initrd}" -o -n "${initrd_extra}" ; then - # TRANSLATORS: ramdisk isn't identifier. Should be translated. - message="$(gettext_printf "Loading initial ramdisk ...")" -- sed "s/^/$submenu_indentation/" << EOF -- echo '$(echo "$message" | grub_quote)' -- initrd ${rel_dirname}/${initrd} --EOF -+ printf ' %s\n' "echo '$(echo "$message" | grub_quote)'" | sed "s/^/$submenu_indentation/" -+ printf ' %s ' 'initrd' | sed "s/^/$submenu_indentation/" -+ for i in ${initrd_extra} ${initrd}; do -+ printf ' %s/%s' "${rel_dirname}" "${i}" -+ done -+ printf '\n' - fi - sed "s/^/$submenu_indentation/" << EOF - } -@@ -202,6 +204,12 @@ while [ "x$list" != "x" ] ; do - break - fi - done -+ initrd_extra= -+ for i in intel-ucode.img; do -+ if test -e "${dirname}/${i}" ; then -+ initrd_extra="${initrd_extra} ${i}" -+ fi -+ done - - config= - for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do -@@ -216,8 +224,8 @@ while [ "x$list" != "x" ] ; do - initramfs=`grep CONFIG_INITRAMFS_SOURCE= "${config}" | cut -f2 -d= | tr -d \"` - fi - -- if test -n "${initrd}" ; then -- gettext_printf "Found initrd image: %s\n" "${dirname}/${initrd}" >&2 -+ if test -n "${initrd}" -o -n "${initrd_extra}" ; then -+ gettext_printf "Found initrd image(s) in %s:%s\n" "${dirname}" "${initrd_extra} ${initrd}" >&2 - elif test -z "${initramfs}" ; then - # "UUID=" and "ZFS=" magic is parsed by initrd or initramfs. Since there's - # no initrd or builtin initramfs, it can't work here. --- -2.9.2 - diff --git a/0007-grub-mkconfig_10_linux_Support_multiple_early_initrd_images.patch b/0007-grub-mkconfig_10_linux_Support_multiple_early_initrd_images.patch new file mode 100644 index 0000000..a0c5cbc --- /dev/null +++ b/0007-grub-mkconfig_10_linux_Support_multiple_early_initrd_images.patch @@ -0,0 +1,177 @@ +From a698240df0c43278b2d1d7259c8e7a6926c63112 Mon Sep 17 00:00:00 2001 +From: "Matthew S. Turnbull" +Date: Sat, 24 Feb 2018 17:44:58 -0500 +Subject: grub-mkconfig/10_linux: Support multiple early initrd images + +Add support for multiple, shared, early initrd images. These early +images will be loaded in the order declared, and all will be loaded +before the initrd image. + +While many classes of data can be provided by early images, the +immediate use case would be for distributions to provide CPU +microcode to mitigate the Meltdown and Spectre vulnerabilities. + +There are two environment variables provided for declaring the early +images. + +* GRUB_EARLY_INITRD_LINUX_STOCK is for the distribution declare + images that are provided by the distribution or installed packages. + If undeclared, this will default to a set of common microcode image + names. + +* GRUB_EARLY_INITRD_LINUX_CUSTOM is for user created images. User + images will be loaded after the stock images. + +These separate configurations allow the distribution and user to +declare different image sets without clobbering each other. + +This also makes a minor update to ensure that UUID partition labels +stay disabled when no initrd image is found, even if early images are +present. + +This is a continuation of a previous patch published by Christian +Hesse in 2016: +http://lists.gnu.org/archive/html/grub-devel/2016-02/msg00025.html + +Down stream Gentoo bug: +https://bugs.gentoo.org/645088 + +Signed-off-by: Robin H. Johnson +Signed-off-by: Matthew S. Turnbull +Reviewed-by: Daniel Kiper +--- + docs/grub.texi | 19 +++++++++++++++++++ + util/grub-mkconfig.in | 8 ++++++++ + util/grub.d/10_linux.in | 33 +++++++++++++++++++++++++++------ + 3 files changed, 54 insertions(+), 6 deletions(-) + +diff --git a/docs/grub.texi b/docs/grub.texi +index 137b894fa..65b4bbeda 100644 +--- a/docs/grub.texi ++++ b/docs/grub.texi +@@ -1398,6 +1398,25 @@ for all respectively normal entries. + The values of these options replace the values of @samp{GRUB_CMDLINE_LINUX} + and @samp{GRUB_CMDLINE_LINUX_DEFAULT} for Linux and Xen menu entries. + ++@item GRUB_EARLY_INITRD_LINUX_CUSTOM ++@itemx GRUB_EARLY_INITRD_LINUX_STOCK ++List of space-separated early initrd images to be loaded from @samp{/boot}. ++This is for loading things like CPU microcode, firmware, ACPI tables, crypto ++keys, and so on. These early images will be loaded in the order declared, ++and all will be loaded before the actual functional initrd image. ++ ++@samp{GRUB_EARLY_INITRD_LINUX_STOCK} is for your distribution to declare ++images that are provided by the distribution. It should not be modified ++without understanding the consequences. They will be loaded first. ++ ++@samp{GRUB_EARLY_INITRD_LINUX_CUSTOM} is for your custom created images. ++ ++The default stock images are as follows, though they may be overridden by ++your distribution: ++@example ++intel-uc.img intel-ucode.img amd-uc.img amd-ucode.img early_ucode.cpio microcode.cpio ++@end example ++ + @item GRUB_DISABLE_LINUX_UUID + Normally, @command{grub-mkconfig} will generate menu entries that use + universally-unique identifiers (UUIDs) to identify the root filesystem to +diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in +index f8496d28b..35ef583b0 100644 +--- a/util/grub-mkconfig.in ++++ b/util/grub-mkconfig.in +@@ -147,6 +147,12 @@ if [ x"$GRUB_FS" = xunknown ]; then + GRUB_FS="$(stat -f --printf=%T / || echo unknown)" + fi + ++# Provide a default set of stock linux early initrd images. ++# Define here so the list can be modified in the sourced config file. ++if [ "x${GRUB_EARLY_INITRD_LINUX_STOCK}" = "x" ]; then ++ GRUB_EARLY_INITRD_LINUX_STOCK="intel-uc.img intel-ucode.img amd-uc.img amd-ucode.img early_ucode.cpio microcode.cpio" ++fi ++ + if test -f ${sysconfdir}/default/grub ; then + . ${sysconfdir}/default/grub + fi +@@ -211,6 +217,8 @@ export GRUB_DEFAULT \ + GRUB_CMDLINE_NETBSD \ + GRUB_CMDLINE_NETBSD_DEFAULT \ + GRUB_CMDLINE_GNUMACH \ ++ GRUB_EARLY_INITRD_LINUX_CUSTOM \ ++ GRUB_EARLY_INITRD_LINUX_STOCK \ + GRUB_TERMINAL_INPUT \ + GRUB_TERMINAL_OUTPUT \ + GRUB_SERIAL_COMMAND \ +diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in +index de9044c7f..faedf74e1 100644 +--- a/util/grub.d/10_linux.in ++++ b/util/grub.d/10_linux.in +@@ -136,9 +136,13 @@ EOF + if test -n "${initrd}" ; then + # TRANSLATORS: ramdisk isn't identifier. Should be translated. + message="$(gettext_printf "Loading initial ramdisk ...")" ++ initrd_path= ++ for i in ${initrd}; do ++ initrd_path="${initrd_path} ${rel_dirname}/${i}" ++ done + sed "s/^/$submenu_indentation/" << EOF + echo '$(echo "$message" | grub_quote)' +- initrd ${rel_dirname}/${initrd} ++ initrd $(echo $initrd_path) + EOF + fi + sed "s/^/$submenu_indentation/" << EOF +@@ -188,7 +192,15 @@ while [ "x$list" != "x" ] ; do + alt_version=`echo $version | sed -e "s,\.old$,,g"` + linux_root_device_thisversion="${LINUX_ROOT_DEVICE}" + +- initrd= ++ initrd_early= ++ for i in ${GRUB_EARLY_INITRD_LINUX_STOCK} \ ++ ${GRUB_EARLY_INITRD_LINUX_CUSTOM}; do ++ if test -e "${dirname}/${i}" ; then ++ initrd_early="${initrd_early} ${i}" ++ fi ++ done ++ ++ initrd_real= + for i in "initrd.img-${version}" "initrd-${version}.img" "initrd-${version}.gz" \ + "initrd-${version}" "initramfs-${version}.img" \ + "initrd.img-${alt_version}" "initrd-${alt_version}.img" \ +@@ -198,11 +210,22 @@ while [ "x$list" != "x" ] ; do + "initramfs-genkernel-${GENKERNEL_ARCH}-${version}" \ + "initramfs-genkernel-${GENKERNEL_ARCH}-${alt_version}"; do + if test -e "${dirname}/${i}" ; then +- initrd="$i" ++ initrd_real="${i}" + break + fi + done + ++ initrd= ++ if test -n "${initrd_early}" || test -n "${initrd_real}"; then ++ initrd="${initrd_early} ${initrd_real}" ++ ++ initrd_display= ++ for i in ${initrd}; do ++ initrd_display="${initrd_display} ${dirname}/${i}" ++ done ++ gettext_printf "Found initrd image: %s\n" "$(echo $initrd_display)" >&2 ++ fi ++ + config= + for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do + if test -e "${i}" ; then +@@ -216,9 +239,7 @@ while [ "x$list" != "x" ] ; do + initramfs=`grep CONFIG_INITRAMFS_SOURCE= "${config}" | cut -f2 -d= | tr -d \"` + fi + +- if test -n "${initrd}" ; then +- gettext_printf "Found initrd image: %s\n" "${dirname}/${initrd}" >&2 +- elif test -z "${initramfs}" ; then ++ if test -z "${initramfs}" && test -z "${initrd_real}" ; then + # "UUID=" and "ZFS=" magic is parsed by initrd or initramfs. Since there's + # no initrd or builtin initramfs, it can't work here. + linux_root_device_thisversion=${GRUB_DEVICE} +-- +cgit v1.1-33-g03f6 + diff --git a/PKGBUILD b/PKGBUILD index da0a1e0..fdf1f31 100644 --- a/PKGBUILD +++ b/PKGBUILD @@ -22,7 +22,7 @@ _UNIFONT_VER="10.0.06" pkgname="grub" pkgdesc="GNU GRand Unified Bootloader (2)" pkgver=2.02 -pkgrel=4 +pkgrel=5 epoch=2 url="https://www.gnu.org/software/grub/" arch=('x86_64') @@ -60,11 +60,11 @@ validpgpkeys=('E53D497F3FA42AD8C9B4D1E835A93B74E82E4209' # Vladimir 'phcoder' S source=("https://ftp.gnu.org/gnu/${pkgname}/${pkgname}-${pkgver}.tar.xz"{,.sig} "https://git.savannah.nongnu.org/cgit/grub-extras.git/snapshot/grub-extras-${_GRUB_EXTRAS_COMMIT}.tar.gz" "https://ftp.gnu.org/gnu/unifont/unifont-${_UNIFONT_VER}/unifont-${_UNIFONT_VER}.bdf.gz"{,.sig} - '0002-intel-ucode.patch' '0003-10_linux-detect-archlinux-initramfs.patch' '0004-add-GRUB_COLOR_variables.patch' '0005-Allow_GRUB_to_mount_ext234_filesystems_that_have_the_encryption_feature.patch' '0006-tsc-Change-default-tsc-calibration-method-to-pmtimer-on-EFI-systems.patch' + '0007-grub-mkconfig_10_linux_Support_multiple_early_initrd_images.patch' 'grub.default' 'grub.cfg') @@ -73,21 +73,17 @@ sha256sums=('810b3798d316394f94096ec2797909dbf23c858e48f7b3830826b8daa06b7b0f' '2844601914cea6b1231eca0104853a93c4d67a5209933a0766f1475953300646' '0d81571fc519573057b7641d26a31ead55cc0b02a931589fb346a3a534c3dcc1' 'SKIP' - '37adb95049f6cdcbdbf60ed6b6440c5be99a4cd307a0f96c3c3837b6c2e07f3c' 'b41e4438319136b5e74e0abdfcb64ae115393e4e15207490272c425f54026dd3' 'a5198267ceb04dceb6d2ea7800281a42b3f91fd02da55d2cc9ea20d47273ca29' '535422c510a050d41efe7720dbe54de29e04bdb8f86fd5aea5feb0b24f7abe46' 'c38f2b2caae33008b35a37d8293d8bf13bf6fd779a4504925da1837fd007aeb5' + 'e43566c4fe3b1b87e677167323d4716b82ac0810410a9d8dc7fbf415c8db2b8a' '74e5dd2090a153c10a7b9599b73bb09e70fddc6a019dd41641b0f10b9d773d82' 'c5e4f3836130c6885e9273c21f057263eba53f4b7c0e2f111f6e5f2e487a47ad') prepare() { cd "${srcdir}/grub-${pkgver}/" - msg "Patch to load Intel microcode" - patch -Np1 -i "${srcdir}/0002-intel-ucode.patch" - echo - msg "Patch to detect of Arch Linux initramfs images by grub-mkconfig" patch -Np1 -i "${srcdir}/0003-10_linux-detect-archlinux-initramfs.patch" echo @@ -105,6 +101,9 @@ prepare() { patch -Np1 -i "${srcdir}/0006-tsc-Change-default-tsc-calibration-method-to-pmtimer-on-EFI-systems.patch" echo + msg "Support multiple early initrd images" + patch -Np1 -i "${srcdir}/0007-grub-mkconfig_10_linux_Support_multiple_early_initrd_images.patch" + msg "Fix DejaVuSans.ttf location so that grub-mkfont can create *.pf2 files for starfield theme" sed 's|/usr/share/fonts/dejavu|/usr/share/fonts/dejavu /usr/share/fonts/TTF|g' -i "configure.ac"