grub-luks2-improved-stable/PKGBUILD
Christian Hesse 216b3705c9 build from git master...
... to fix a bunch of new security vulnerabilities:

https://lists.gnu.org/archive/html/grub-devel/2022-06/msg00035.html
2022-06-08 15:22:50 +00:00

311 lines
9.5 KiB
Bash

# Maintainer : Christian Hesse <mail@eworm.de>
# Maintainer : Ronald van Haren <ronald.archlinux.org>
# Contributor: Tobias Powalowski <tpowa@archlinux.org>
# Contributor: Keshav Amburay <(the ddoott ridikulus ddoott rat) (aatt) (gemmaeiil) (ddoott) (ccoomm)>
## "1" to enable IA32-EFI build in Arch x86_64, "0" to disable
_IA32_EFI_IN_ARCH_X64="1"
## "1" to enable EMU build, "0" to disable
_GRUB_EMU_BUILD="0"
[[ "${CARCH}" == 'x86_64' ]] && _EFI_ARCH='x86_64'
[[ "${CARCH}" == 'i686' ]] && _EFI_ARCH='i386'
[[ "${CARCH}" == 'x86_64' ]] && _EMU_ARCH='x86_64'
[[ "${CARCH}" == 'i686' ]] && _EMU_ARCH='i386'
pkgname='grub'
pkgdesc='GNU GRand Unified Bootloader (2)'
epoch=2
_commit='2f4430cc0a44fd8c8aa7aee5c51887667ad3d6c3'
_unifont_ver='14.0.04'
_pkgver=2.06.r261.g2f4430cc0
pkgver=${_pkgver/-/}
pkgrel=1
url='https://www.gnu.org/software/grub/'
arch=('x86_64')
license=('GPL3')
backup=('etc/default/grub'
'etc/grub.d/40_custom')
install="${pkgname}.install"
options=('!makeflags')
conflicts=('grub-common' 'grub-bios' 'grub-emu' "grub-efi-${_EFI_ARCH}" 'grub-legacy')
replaces=('grub-common' 'grub-bios' 'grub-emu' "grub-efi-${_EFI_ARCH}")
provides=('grub-common' 'grub-bios' 'grub-emu' "grub-efi-${_EFI_ARCH}")
makedepends=('git' 'rsync' 'xz' 'freetype2' 'ttf-dejavu' 'python' 'autogen'
'texinfo' 'help2man' 'gettext' 'device-mapper' 'fuse2')
depends=('sh' 'xz' 'gettext' 'device-mapper')
optdepends=('freetype2: For grub-mkfont usage'
'fuse2: For grub-mount usage'
'dosfstools: For grub-mkrescue FAT FS and EFI support'
'lzop: For grub-mkrescue LZO support'
'efibootmgr: For grub-install EFI support'
'libisoburn: Provides xorriso for generating grub rescue iso using grub-mkrescue'
'os-prober: To detect other OSes when generating grub.cfg in BIOS systems'
'mtools: For grub-mkrescue FAT FS support')
if [[ "${_GRUB_EMU_BUILD}" == "1" ]]; then
makedepends+=('libusbx' 'sdl')
optdepends+=('libusbx: For grub-emu USB support'
'sdl: For grub-emu SDL support')
fi
validpgpkeys=('E53D497F3FA42AD8C9B4D1E835A93B74E82E4209' # Vladimir 'phcoder' Serbinenko <phcoder@gmail.com>
'BE5C23209ACDDACEB20DB0A28C8189F1988C2166' # Daniel Kiper <dkiper@net-space.pl>
'95D2E9AB8740D8046387FD151A09227B1F435A33') # Paul Hardy <unifoundry@unifoundry.com>
source=("git+https://git.savannah.gnu.org/git/grub.git#commit=${_commit}"
'git+https://git.savannah.gnu.org/git/gnulib.git'
"https://ftp.gnu.org/gnu/unifont/unifont-${_unifont_ver}/unifont-${_unifont_ver}.bdf.gz"{,.sig}
'0001-00_header-add-GRUB_COLOR_-variables.patch'
'0002-10_linux-detect-archlinux-initramfs.patch'
'grub.default'
'sbat.csv')
sha256sums=('SKIP'
'SKIP'
'0bad2b8a46fcc4864c7b4cee4072653a58b9f36e2f54a5a395c7d6dc97766526'
'SKIP'
'5dee6628c48eef79812bb9e86ee772068d85e7fcebbd2b2b8d1e19d24eda9dab'
'8488aec30a93e8fe66c23ef8c23aefda39c38389530e9e73ba3fbcc8315d244d'
'c17bf255a41103f6b71a1710afc7e9addaebc578bcf51a48845e227b2f651682'
'98b23d41e223bdc0a6e20bdcb3aa77e642f29b64081b1fd2f575314172fc89df')
_backports=(
)
_configure_options=(
PACKAGE_VERSION="${epoch}:${pkgver}-${pkgrel}"
FREETYPE="pkg-config freetype2"
BUILD_FREETYPE="pkg-config freetype2"
--enable-mm-debug
--enable-nls
--enable-device-mapper
--enable-cache-stats
--enable-grub-mkfont
--enable-grub-mount
--prefix="/usr"
--bindir="/usr/bin"
--sbindir="/usr/bin"
--mandir="/usr/share/man"
--infodir="/usr/share/info"
--datarootdir="/usr/share"
--sysconfdir="/etc"
--program-prefix=""
--with-bootdir="/boot"
--with-grubdir="grub"
--disable-silent-rules
--disable-werror
)
prepare() {
cd "${srcdir}/grub/"
echo "Apply backports..."
local _c
for _c in "${_backports[@]}"; do
git log --oneline -1 "${_c}"
git cherry-pick -n "${_c}"
done
echo "Patch to enable GRUB_COLOR_* variables in grub-mkconfig..."
## Based on http://lists.gnu.org/archive/html/grub-devel/2012-02/msg00021.html
patch -Np1 -i "${srcdir}/0001-00_header-add-GRUB_COLOR_-variables.patch"
echo "Patch to detect of Arch Linux initramfs images by grub-mkconfig..."
patch -Np1 -i "${srcdir}/0002-10_linux-detect-archlinux-initramfs.patch"
echo "Fix DejaVuSans.ttf location so that grub-mkfont can create *.pf2 files for starfield theme..."
sed 's|/usr/share/fonts/dejavu|/usr/share/fonts/dejavu /usr/share/fonts/TTF|g' -i "configure.ac"
echo "Fix mkinitcpio 'rw' FS#36275..."
sed 's| ro | rw |g' -i "util/grub.d/10_linux.in"
echo "Fix OS naming FS#33393..."
sed 's|GNU/Linux|Linux|' -i "util/grub.d/10_linux.in"
echo "Pull in latest language files..."
./linguas.sh
echo "Avoid problem with unifont during compile of grub..."
# http://savannah.gnu.org/bugs/?40330 and https://bugs.archlinux.org/task/37847
gzip -cd "${srcdir}/unifont-${_unifont_ver}.bdf.gz" > "unifont.bdf"
echo "Run bootstrap..."
./bootstrap \
--gnulib-srcdir="${srcdir}/gnulib/" \
--no-git
echo "Make translations reproducible..."
sed -i '1i /^PO-Revision-Date:/ d' po/*.sed
}
_build_grub-common_and_bios() {
echo "Set ARCH dependent variables for bios build..."
if [[ "${CARCH}" == 'x86_64' ]]; then
_EFIEMU="--enable-efiemu"
else
_EFIEMU="--disable-efiemu"
fi
echo "Copy the source for building the bios part..."
cp -r "${srcdir}/grub/" "${srcdir}/grub-bios/"
cd "${srcdir}/grub-bios/"
echo "Unset all compiler FLAGS for bios build..."
unset CFLAGS
unset CPPFLAGS
unset CXXFLAGS
unset LDFLAGS
unset MAKEFLAGS
echo "Run ./configure for bios build..."
./configure \
--with-platform="pc" \
--target="i386" \
"${_EFIEMU}" \
--enable-boot-time \
"${_configure_options[@]}"
if [ ! -z "${SOURCE_DATE_EPOCH}" ]; then
echo "Make info pages reproducible..."
touch -d "@${SOURCE_DATE_EPOCH}" $(find -name '*.texi')
fi
echo "Run make for bios build..."
make
}
_build_grub-efi() {
echo "Copy the source for building the ${_EFI_ARCH} efi part..."
cp -r "${srcdir}/grub/" "${srcdir}/grub-efi-${_EFI_ARCH}/"
cd "${srcdir}/grub-efi-${_EFI_ARCH}/"
echo "Unset all compiler FLAGS for ${_EFI_ARCH} efi build..."
unset CFLAGS
unset CPPFLAGS
unset CXXFLAGS
unset LDFLAGS
unset MAKEFLAGS
echo "Run ./configure for ${_EFI_ARCH} efi build..."
./configure \
--with-platform="efi" \
--target="${_EFI_ARCH}" \
--disable-efiemu \
--enable-boot-time \
"${_configure_options[@]}"
echo "Run make for ${_EFI_ARCH} efi build..."
make
}
_build_grub-emu() {
echo "Copy the source for building the emu part..."
cp -r "${srcdir}/grub/" "${srcdir}/grub-emu/"
cd "${srcdir}/grub-emu/"
echo "Unset all compiler FLAGS for emu build..."
unset CFLAGS
unset CPPFLAGS
unset CXXFLAGS
unset LDFLAGS
unset MAKEFLAGS
echo "Run ./configure for emu build..."
./configure \
--with-platform="emu" \
--target="${_EMU_ARCH}" \
--enable-grub-emu-usb=no \
--enable-grub-emu-sdl=no \
--disable-grub-emu-pci \
"${_configure_options[@]}"
echo "Run make for emu build..."
make
}
build() {
cd "${srcdir}/grub/"
echo "Build grub bios stuff..."
_build_grub-common_and_bios
echo "Build grub ${_EFI_ARCH} efi stuff..."
_build_grub-efi
if [[ "${CARCH}" == "x86_64" ]] && [[ "${_IA32_EFI_IN_ARCH_X64}" == "1" ]]; then
echo "Build grub i386 efi stuff..."
_EFI_ARCH="i386" _build_grub-efi
fi
if [[ "${_GRUB_EMU_BUILD}" == "1" ]]; then
echo "Build grub emu stuff..."
_build_grub-emu
fi
}
_package_grub-common_and_bios() {
cd "${srcdir}/grub-bios/"
echo "Run make install for bios build..."
make DESTDIR="${pkgdir}/" bashcompletiondir="/usr/share/bash-completion/completions" install
echo "Remove gdb debugging related files for bios build..."
rm -f "${pkgdir}/usr/lib/grub/i386-pc"/*.module || true
rm -f "${pkgdir}/usr/lib/grub/i386-pc"/*.image || true
rm -f "${pkgdir}/usr/lib/grub/i386-pc"/{kernel.exec,gdb_grub,gmodule.pl} || true
echo "Install /etc/default/grub (used by grub-mkconfig)..."
install -D -m0644 "${srcdir}/grub.default" "${pkgdir}/etc/default/grub"
}
_package_grub-efi() {
cd "${srcdir}/grub-efi-${_EFI_ARCH}/"
echo "Run make install for ${_EFI_ARCH} efi build..."
make DESTDIR="${pkgdir}/" bashcompletiondir="/usr/share/bash-completion/completions" install
echo "Remove gdb debugging related files for ${_EFI_ARCH} efi build..."
rm -f "${pkgdir}/usr/lib/grub/${_EFI_ARCH}-efi"/*.module || true
rm -f "${pkgdir}/usr/lib/grub/${_EFI_ARCH}-efi"/*.image || true
rm -f "${pkgdir}/usr/lib/grub/${_EFI_ARCH}-efi"/{kernel.exec,gdb_grub,gmodule.pl} || true
sed -e "s/%PKGVER%/${epoch}:${pkgver}-${pkgrel}/" < "${srcdir}/sbat.csv" > "${pkgdir}/usr/share/grub/sbat.csv"
}
_package_grub-emu() {
cd "${srcdir}/grub-emu/"
echo "Run make install for emu build..."
make DESTDIR="${pkgdir}/" bashcompletiondir="/usr/share/bash-completion/completions" install
echo "Remove gdb debugging related files for emu build..."
rm -f "${pkgdir}/usr/lib/grub/${_EMU_ARCH}-emu"/*.module || true
rm -f "${pkgdir}/usr/lib/grub/${_EMU_ARCH}-emu"/*.image || true
rm -f "${pkgdir}/usr/lib/grub/${_EMU_ARCH}-emu"/{kernel.exec,gdb_grub,gmodule.pl} || true
}
package() {
cd "${srcdir}/grub/"
echo "Package grub ${_EFI_ARCH} efi stuff..."
_package_grub-efi
if [[ "${CARCH}" == "x86_64" ]] && [[ "${_IA32_EFI_IN_ARCH_X64}" == "1" ]]; then
echo "Package grub i386 efi stuff..."
_EFI_ARCH="i386" _package_grub-efi
fi
if [[ "${_GRUB_EMU_BUILD}" == "1" ]]; then
echo "Package grub emu stuff..."
_package_grub-emu
fi
echo "Package grub bios stuff..."
_package_grub-common_and_bios
}