pool/grub2
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1167902 from Base:System

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/1167902
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=324
This commit is contained in:
Ana Guerrero 2024-04-16 18:03:23 +00:00 committed by Git OBS Bridge
commit 4e0a37b354
8 changed files with 567 additions and 126 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
0001-10_linux-Ensure-persistence-of-root-file-system-moun.patch Normal file
View File

@ -0,0 +1,51 @@
From 28440c9b5f83b82b4715554fa5c2d3f013b769e6 Mon Sep 17 00:00:00 2001
From: Michael Chang <mchang@suse.com>
Date: Tue, 26 Mar 2024 13:55:53 +0800
Subject: [PATCH] 10_linux: Ensure persistence of root file system mounting
This commit addresses the issue where the by-uuid or by-partuuid device
symlinks might be unavailable in an installation system. Despite the
absence of these symlinks, the resulting system remains fully functional
for mounting the root file system by using persistent names
(root=(UUID|PARTUUID)=).
The patch implemented in this commit aims to prevent fallback to the OS
name as the root= parameter, as persistent names are preferred for
stability and predictability.
To achieve this, the fallback to the OS name won't be triggered if the
corresponding by-uuid or by-partuuid symlinks are missing, ensuring the
use of persistent names. Instead, a warning will be logged for the
missing symlinks, providing visibility into the issue.
Signed-off-by: Michael Chang <mchang@suse.com>
---
util/grub.d/10_linux.in | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index 5531239eb..4d8bdeac2 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -54,14 +54,16 @@ esac
if ( [ "x${GRUB_DEVICE_UUID}" = "x" ] && [ "x${GRUB_DEVICE_PARTUUID}" = "x" ] ) \
|| ( [ "x${GRUB_DISABLE_LINUX_UUID}" = "xtrue" ] \
&& [ "x${GRUB_DISABLE_LINUX_PARTUUID}" = "xtrue" ] ) \
- || ( ! test -e "/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" \
- && ! test -e "/dev/disk/by-partuuid/${GRUB_DEVICE_PARTUUID}" ) \
|| ( test -e "${GRUB_DEVICE}" && uses_abstraction "${GRUB_DEVICE}" lvm ); then
LINUX_ROOT_DEVICE=${GRUB_DEVICE}
elif [ "x${GRUB_DEVICE_UUID}" = "x" ] \
|| [ "x${GRUB_DISABLE_LINUX_UUID}" = "xtrue" ]; then
+ test -e "/dev/disk/by-partuuid/${GRUB_DEVICE_PARTUUID}" ||
+ echo "WARN: Use PARTUUID=${GRUB_DEVICE_PARTUUID} despite missing by-partuuid symlink" >&2
LINUX_ROOT_DEVICE=PARTUUID=${GRUB_DEVICE_PARTUUID}
else
+ test -e "/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" ||
+ echo "WARN: Use UUID=${GRUB_DEVICE_UUID} despite missing by-uuid symlink" >&2
LINUX_ROOT_DEVICE=UUID=${GRUB_DEVICE_UUID}
fi
--
2.44.0

170
0001-ofdisk-Enhance-canonical-path-handling-for-bootpath.patch Normal file
View File

@ -0,0 +1,170 @@
From 84b95a121a4401be854614419ded3d383e14ac1f Mon Sep 17 00:00:00 2001
From: Michael Chang <mchang@suse.com>
Date: Fri, 22 Mar 2024 17:38:45 +0800
Subject: [PATCH] ofdisk: Enhance canonical path handling for bootpath
This commit addresses an issue where redundant canonical path
translation is performed on the bootpath, potentially leading to
incorrect results and subsequent boot failures, particularly in cases
where firmware translations are inconsistent.
To mitigate this, the commit introduces a check to determine if the
bootpath is already in canonical form, avoiding unnecessary translation.
Additionally, improvements have been made to enhance the resilience of
device iteration, enhancing compatibility with cross-device booting
scenarios and addressing potential issues related to firmware-based
canonical path retrieval.
These changes aim to improve the reliability and stability of the boot
process.
Signed-off-by: Michael Chang <mchang@suse.com>
---
grub-core/disk/ieee1275/ofdisk.c | 75 +++++++++++++++++++++++---------
1 file changed, 55 insertions(+), 20 deletions(-)
diff --git a/grub-core/disk/ieee1275/ofdisk.c b/grub-core/disk/ieee1275/ofdisk.c
index c5c20a5ec..36ee5314d 100644
--- a/grub-core/disk/ieee1275/ofdisk.c
+++ b/grub-core/disk/ieee1275/ofdisk.c
@@ -35,8 +35,13 @@ static grub_ieee1275_ihandle_t last_ihandle;
#define IEEE1275_DISK_ALIAS "/disk@"
#define IEEE1275_NVMEOF_DISK_ALIAS "/nvme-of/controller@"
+/* Used to check boot_type, print debug message if doesn't match, this can be
+ * useful to measure boot delays */
static char *boot_type;
+/* Used to restrict fcp to a physical boot path */
static char *boot_parent;
+/* Knowing the nvmeof in advance to avoid blind open test during iteration to
+ * validate a path */
static int is_boot_nvmeof;
struct ofdisk_hash_ent
@@ -540,20 +545,30 @@ dev_iterate (const struct grub_ieee1275_devalias *alias)
{
if (grub_strcmp (alias->type, "fcp") == 0)
{
- if (boot_type &&
- grub_strcmp (boot_type, alias->type) != 0)
+ if (boot_parent &&
+ grub_strcmp (boot_parent, alias->path) != 0)
{
- grub_dprintf ("ofdisk", "Skipped device: %s, type %s did not match boot_type %s\n",
- alias->path, alias->type, boot_type);
+ grub_dprintf ("ofdisk", "Skipped device: %s, doesn't match boot_parent %s\n",
+ alias->path, boot_parent);
goto iter_children;
}
- if (grub_strcmp (boot_parent, alias->path) == 0)
+ /* Allow set boot_parent and boot_type to NULL to force iteration */
+ if (!boot_parent)
{
- if (is_boot_nvmeof)
- dev_iterate_fcp_nvmeof(alias);
- else
- dev_iterate_fcp_disks(alias);
+ grub_dprintf ("ofdisk", "iterate %s\n", alias->path);
+ dev_iterate_fcp_nvmeof(alias);
+ dev_iterate_fcp_disks(alias);
+ }
+ else if (is_boot_nvmeof)
+ {
+ grub_dprintf ("ofdisk", "iterate nvmeof: %s\n", alias->path);
+ dev_iterate_fcp_nvmeof(alias);
+ }
+ else
+ {
+ grub_dprintf ("ofdisk", "iterate fcp: %s\n", alias->path);
+ dev_iterate_fcp_disks(alias);
}
}
else if (grub_strcmp (alias->type, "vscsi") == 0)
@@ -575,9 +590,8 @@ dev_iterate (const struct grub_ieee1275_devalias *alias)
if (boot_type &&
grub_strcmp (boot_type, alias->type) != 0)
{
- grub_dprintf ("ofdisk", "Skipped device: %s, type %s did not match boot_type %s\n",
+ grub_dprintf ("ofdisk", "WARN: device: %s, type %s not match boot_type %s\n",
alias->path, alias->type, boot_type);
- return;
}
if (grub_ieee1275_open (alias->path, &ihandle))
@@ -646,9 +660,8 @@ dev_iterate (const struct grub_ieee1275_devalias *alias)
if (boot_type &&
grub_strcmp (boot_type, alias->type) != 0)
{
- grub_dprintf ("ofdisk", "Skipped device: %s, type %s did not match boot_type %s\n",
+ grub_dprintf ("ofdisk", "WARN: device: %s, type %s not match boot_type %s\n",
alias->path, alias->type, boot_type);
- goto iter_children;
}
buf = grub_malloc (grub_strlen (alias->path) +
@@ -1116,13 +1129,37 @@ get_parent_devname (const char *devname, int *is_nvmeof)
return parent;
}
+
+static int
+is_canonical (const char *path)
+{
+ if (grub_strstr (path, IEEE1275_DISK_ALIAS) ||
+ grub_strstr (path, IEEE1275_NVMEOF_DISK_ALIAS))
+ return 1;
+ else
+ return 0;
+}
+
static char *
get_boot_device_parent (const char *bootpath, int *is_nvmeof)
{
- char *dev, *canon, *parent;
+ char *canon, *parent;
+
+ if (is_canonical (bootpath))
+ {
+ early_log ("Use %s as canonical\n", bootpath);
+ canon = grub_strdup (bootpath);
+ }
+ else
+ {
+ char *dev;
- dev = grub_ieee1275_get_aliasdevname (bootpath);
- canon = grub_ieee1275_canonicalise_devname (dev);
+ dev = grub_ieee1275_get_aliasdevname (bootpath);
+ canon = grub_ieee1275_canonicalise_devname (dev);
+ early_log ("bootpath: %s \n", bootpath);
+ early_log ("alias: %s\n", dev);
+ early_log ("canonical: %s\n", canon);
+ }
if (!canon)
{
@@ -1131,8 +1168,6 @@ get_boot_device_parent (const char *bootpath, int *is_nvmeof)
grub_print_error ();
return NULL;
}
- else
- early_log ("%s is canonical %s\n", bootpath, canon);
parent = get_parent_devname (canon, is_nvmeof);
early_log ("%s is parent of %s\n", parent, canon);
@@ -1179,9 +1214,9 @@ insert_bootpath (void)
boot_parent = get_boot_device_parent (bootpath, &is_boot_nvmeof);
boot_type = grub_ieee1275_get_device_type (boot_parent);
if (boot_type)
- early_log ("the boot device type %s is used for root device discovery, others excluded\n", boot_type);
+ early_log ("the boot device type: %s\n", boot_type);
else
- early_log ("unknown boot device type, will use all devices to discover root and may be slow\n");
+ early_log ("the boot device type is unknown\n");
}
grub_free (type);
grub_free (bootpath);
--
2.44.0

188
0001-util-bash-completion-Fix-for-bash-completion-2.12.patch Normal file
View File

@ -0,0 +1,188 @@
From 200dc727d1fdf3bac7aa725569b60a54b3841867 Mon Sep 17 00:00:00 2001
From: Gary Lin <glin@suse.com>
Date: Fri, 22 Mar 2024 16:23:38 +0800
Subject: [PATCH] util/bash-completion: Fix for bash-completion 2.12
_split_longopt() was the bash-completion private API and removed since
bash-completion 2.12. This commit initializes the bash-completion
general variables with _init_completion() to avoid the potential
'command not found' error.
Although bash-completion 2.12 introduces _comp_initialize() to deprecate
_init_completion(), _init_completion() is still chosen for the better
backward compatibility.
Signed-off-by: Gary Lin <glin@suse.com>
---
.../bash-completion.d/grub-completion.bash.in | 61 +++++++------------
1 file changed, 22 insertions(+), 39 deletions(-)
diff --git a/util/bash-completion.d/grub-completion.bash.in b/util/bash-completion.d/grub-completion.bash.in
index 4c88ee901..749a5d3cf 100644
--- a/util/bash-completion.d/grub-completion.bash.in
+++ b/util/bash-completion.d/grub-completion.bash.in
@@ -151,13 +151,10 @@ __grub_list_modules () {
# grub-set-default & grub-reboot
#
__grub_set_entry () {
- local cur prev split=false
+ local cur prev words cword split
+ _init_completion -s || return
COMPREPLY=()
- cur=`_get_cword`
- prev=${COMP_WORDS[COMP_CWORD-1]}
-
- _split_longopt && split=true
case "$prev" in
--boot-directory)
@@ -180,11 +177,10 @@ __grub_set_entry () {
# grub-editenv
#
__grub_editenv () {
- local cur prev
+ local cur prev words cword
+ _init_completion || return
COMPREPLY=()
- cur=`_get_cword`
- prev=${COMP_WORDS[COMP_CWORD-1]}
case "$prev" in
create|list|set|unset)
@@ -201,10 +197,10 @@ __grub_editenv () {
# grub-mkconfig
#
__grub_mkconfig () {
- local cur prev
+ local cur prev words cword
+ _init_completion || return
COMPREPLY=()
- cur=`_get_cword`
if [[ "$cur" == -* ]]; then
__grubcomp "$(__grub_get_options_from_help)"
@@ -217,13 +213,10 @@ __grub_mkconfig () {
# grub-setup
#
__grub_setup () {
- local cur prev split=false
+ local cur prev words cword split
+ _init_completion -s || return
COMPREPLY=()
- cur=`_get_cword`
- prev=${COMP_WORDS[COMP_CWORD-1]}
-
- _split_longopt && split=true
case "$prev" in
-d|--directory)
@@ -246,15 +239,12 @@ __grub_setup () {
# grub-install
#
__grub_install () {
- local cur prev last split=false
+ local cur prev words cword split last
+ _init_completion -s || return
COMPREPLY=()
- cur=`_get_cword`
- prev=${COMP_WORDS[COMP_CWORD-1]}
last=$(__grub_get_last_option)
- _split_longopt && split=true
-
case "$prev" in
--boot-directory)
_filedir -d
@@ -287,10 +277,10 @@ __grub_install () {
# grub-mkfont
#
__grub_mkfont () {
- local cur
+ local cur prev words cword
+ _init_completion || return
COMPREPLY=()
- cur=`_get_cword`
if [[ "$cur" == -* ]]; then
__grubcomp "$(__grub_get_options_from_help)"
@@ -304,11 +294,10 @@ __grub_mkfont () {
# grub-mkrescue
#
__grub_mkrescue () {
- local cur prev last
+ local cur prev words cword last
+ _init_completion || return
COMPREPLY=()
- cur=`_get_cword`
- prev=${COMP_WORDS[COMP_CWORD-1]}
last=$(__grub_get_last_option)
if [[ "$cur" == -* ]]; then
@@ -330,13 +319,10 @@ __grub_mkrescue () {
# grub-mkimage
#
__grub_mkimage () {
- local cur prev split=false
+ local cur prev words cword split
+ _init_completion -s || return
COMPREPLY=()
- cur=`_get_cword`
- prev=${COMP_WORDS[COMP_CWORD-1]}
-
- _split_longopt && split=true
case "$prev" in
-d|--directory|-p|--prefix)
@@ -367,10 +353,10 @@ __grub_mkimage () {
# grub-mkpasswd-pbkdf2
#
__grub_mkpasswd_pbkdf2 () {
- local cur
+ local cur prev words cword
+ _init_completion || return
COMPREPLY=()
- cur=`_get_cword`
if [[ "$cur" == -* ]]; then
__grubcomp "$(__grub_get_options_from_help)"
@@ -384,13 +370,10 @@ __grub_mkpasswd_pbkdf2 () {
# grub-probe
#
__grub_probe () {
- local cur prev split=false
+ local cur prev words cword split
+ _init_completion -s || return
COMPREPLY=()
- cur=`_get_cword`
- prev=${COMP_WORDS[COMP_CWORD-1]}
-
- _split_longopt && split=true
case "$prev" in
-t|--target)
@@ -417,10 +400,10 @@ __grub_probe () {
# grub-script-check
#
__grub_script_check () {
- local cur
+ local cur prev words cword
+ _init_completion || return
COMPREPLY=()
- cur=`_get_cword`
if [[ "$cur" == -* ]]; then
__grubcomp "$(__grub_get_options_from_help)"
--
2.35.3

93
grub2-bsc1220338-key_protector-implement-the-blocklist.patch Normal file
View File

@ -0,0 +1,93 @@
From 139dc1c2590683cb8c0c1c13424d2436b81bffb7 Mon Sep 17 00:00:00 2001
From: Gary Lin <glin@suse.com>
Date: Mon, 18 Mar 2024 14:53:11 +0800
Subject: [PATCH] key_protector: implement the blocklist
Some architectures may need to do the additional check to avoid leaking
the recovered key. This commit adds an additional check for the EFI
system to detect the deprecated SystemdOptions variable. Once the
variable is spotted, key_protector just returns without the further
action for the key recovery.
Signed-off-by: Gary Lin <glin@suse.com>
---
grub-core/kern/protectors.c | 31 +++++++++++++++++++++++++++++++
include/grub/efi/api.h | 5 +++++
2 files changed, 36 insertions(+)
Index: grub-2.12/grub-core/kern/protectors.c
===================================================================
--- grub-2.12.orig/grub-core/kern/protectors.c
+++ grub-2.12/grub-core/kern/protectors.c
@@ -21,6 +21,10 @@
#include <grub/mm.h>
#include <grub/protector.h>
+#ifdef GRUB_MACHINE_EFI
+#include <grub/efi/efi.h>
+#endif
+
struct grub_key_protector *grub_key_protectors = NULL;
grub_err_t
@@ -51,11 +55,34 @@ grub_key_protector_unregister (struct gr
return GRUB_ERR_NONE;
}
+static grub_err_t
+grub_key_protector_check_blocklist (void)
+{
+#ifdef GRUB_MACHINE_EFI
+ static grub_guid_t systemd_guid = GRUB_EFI_SYSTEMD_GUID;
+ grub_efi_status_t status;
+ grub_size_t size = 0;
+ grub_uint8_t *systemdoptions = NULL;
+
+ /* SystemdOptions may contain malicious kernel command lines. */
+ status = grub_efi_get_variable ("SystemdOptions", &systemd_guid,
+ &size, (void **) &systemdoptions);
+ if (status != GRUB_EFI_NOT_FOUND)
+ {
+ grub_free (systemdoptions);
+ return grub_error (GRUB_ERR_ACCESS_DENIED, N_("SystemdOptions detected"));
+ }
+#endif
+
+ return GRUB_ERR_NONE;
+}
+
grub_err_t
grub_key_protector_recover_key (const char *protector, grub_uint8_t **key,
grub_size_t *key_size)
{
struct grub_key_protector *kp = NULL;
+ grub_err_t err;
if (grub_key_protectors == NULL)
return GRUB_ERR_OUT_OF_RANGE;
@@ -71,5 +98,9 @@ grub_key_protector_recover_key (const ch
"Is the name spelled correctly and is the "
"corresponding module loaded?"), protector);
+ err = grub_key_protector_check_blocklist ();
+ if (err != GRUB_ERR_NONE)
+ return err;
+
return kp->recover_key (key, key_size);
}
Index: grub-2.12/include/grub/efi/api.h
===================================================================
--- grub-2.12.orig/include/grub/efi/api.h
+++ grub-2.12/include/grub/efi/api.h
@@ -389,6 +389,11 @@
{ 0x89, 0x29, 0x48, 0xbc, 0xd9, 0x0a, 0xd3, 0x1a } \
}
+#define GRUB_EFI_SYSTEMD_GUID \
+ { 0x8cf2644b, 0x4b0b, 0x428f, \
+ { 0x93, 0x87, 0x6d, 0x87, 0x60, 0x50, 0xdc, 0x67 } \
+ }
+
struct grub_efi_sal_system_table
{
grub_uint32_t signature;

8
grub2-pass-corret-root-for-nfsroot.patch
View File

@ -13,6 +13,7 @@ grub2-probe not work in probing nfs mounted path. The fix is merely
on the script level and not use grub2-probe for above reasons.
v2: Filter out autofs and securityfs from /proc/self/mountinfo (bsc#1069094)
v3: Fix the wrong order of GRUB_FS/GRUB_DEVICE (bsc#1221904)
---
util/grub-mkconfig.in | 37 ++++++++++++++++++++++++++++++-------
@ -20,7 +21,7 @@ v2: Filter out autofs and securityfs from /proc/self/mountinfo (bsc#1069094)
--- a/util/grub-mkconfig.in
+++ b/util/grub-mkconfig.in
@@ -131,26 +131,54 @@
@@ -131,26 +131,55 @@
exit 1
fi
@ -65,16 +66,17 @@ v2: Filter out autofs and securityfs from /proc/self/mountinfo (bsc#1069094)
+ GRUB_DEVICE_PARTUUID=""
+ GRUB_FS="unknown"
+else
+ # Device containing our userland. Typically used for root= parameter.
+ GRUB_DEVICE="`${grub_probe} --target=device /`"
+ # Filesystem for the device containing our userland. Used for stuff like
+ # choosing Hurd filesystem module.
+ GRUB_FS="`${grub_probe} --device ${GRUB_DEVICE} --target=fs 2> /dev/null || echo unknown`"
+ # Device containing our userland. Typically used for root= parameter.
+ GRUB_DEVICE="`${grub_probe} --target=device /`"
+ GRUB_DEVICE_UUID="`${grub_probe} --device ${GRUB_DEVICE} --target=fs_uuid 2> /dev/null`" || true
+ GRUB_DEVICE_PARTUUID="`${grub_probe} --device ${GRUB_DEVICE} --target=partuuid 2> /dev/null`" || true
+fi
-if [ x"$GRUB_FS" = xunknown ]; then
+# Strive to circumvent grub to enable unsupported filesystem, for eg, nfsroot
+if [ x"$GRUB_FS" = x ] || [ x"$GRUB_FS" = xunknown ]; then
GRUB_FS="$(stat -f -c %T / || echo unknown)"
fi

6
grub2-xen-pv-firmware.cfg
View File

@ -69,6 +69,9 @@ for c in ${hdcfg_list}; do
btrfs_relative_path=1
if search -s hddev -f "${c}"; then
btrfs_relative_path=0
if [ "${hddev}" = "memdisk" ]; then
break
fi
menuentry "${hddev} Boot From Hard Disk (${c})" "${hddev}" "${c}" {
set root="${2}"
set cfg="${3}"
@ -88,6 +91,9 @@ for c in ${hdlst_list}; do
btrfs_relative_path=1
if search -s hddev -f "${c}"; then
btrfs_relative_path=0
if [ "${hddev}" = "memdisk" ]; then
break
fi
menuentry "${hddev} Boot From Hard Disk (${c})" "${hddev}" "${c}" {
set root="${2}"
set cfg="${3}"

46
grub2.changes
View File

@ -1,3 +1,49 @@
-------------------------------------------------------------------
Thu Apr 11 02:55:05 UTC 2024 - Gary Ching-Pang Lin <glin@suse.com>
- Fix the compatibility issue with bash-completion 2.12
(bsc#1221849)
* 0001-util-bash-completion-Fix-for-bash-completion-2.12.patch
-------------------------------------------------------------------
Fri Mar 29 01:58:00 UTC 2024 - Michael Chang <mchang@suse.com>
- Fix os name is used for root file system mount (bsc#1220949)
* 0001-10_linux-Ensure-persistence-of-root-file-system-moun.patch
-------------------------------------------------------------------
Wed Mar 27 04:51:33 UTC 2024 - Michael Chang <mchang@suse.com>
- Fix LPAR falls into grub shell after installation with lvm (bsc#1221866)
* 0001-ofdisk-Enhance-canonical-path-handling-for-bootpath.patch
-------------------------------------------------------------------
Mon Mar 25 02:20:38 UTC 2024 - Michael Chang <mchang@suse.com>
- Correct the erroneous sequence in determining GRUB_FS and GRUB_DEVICE
(bsc#1221904)
* grub2-pass-corret-root-for-nfsroot.patch
-------------------------------------------------------------------
Fri Mar 22 06:01:13 UTC 2024 - Michael Chang <mchang@suse.com>
- Fix memdisk becomes the default boot entry, resolving no graphic display
device error in guest vnc console (bsc#1221779)
* grub2-xen-pv-firmware.cfg
-------------------------------------------------------------------
Wed Mar 20 06:16:45 UTC 2024 - Michael Chang <mchang@suse.com>
- Cleanup spec file to adhere to update-bootloader-rpm-macros definition
entirely (bsc#1218241)
-------------------------------------------------------------------
Tue Mar 19 07:08:02 UTC 2024 - Gary Ching-Pang Lin <glin@suse.com>
- Add grub2-bsc1220338-key_protector-implement-the-blocklist.patch
to implement a blocklist in the key protector and check the
unwanted UEFI variables (bsc#1220338)
-------------------------------------------------------------------
Mon Mar 4 08:57:36 UTC 2024 - Gary Ching-Pang Lin <glin@suse.com>

131
grub2.spec
View File

@ -393,6 +393,10 @@ Patch199: 0001-squash-ieee1275-ofpath-enable-NVMeoF-logical-device-.patch
Patch200: 0001-ofdisk-enhance-boot-time-by-focusing-on-boot-disk-re.patch
Patch201: 0002-ofdisk-add-early_log-support.patch
Patch202: 0001-disk-Optimize-disk-iteration-by-moving-memdisk-to-th.patch
Patch203: grub2-bsc1220338-key_protector-implement-the-blocklist.patch
Patch204: 0001-ofdisk-Enhance-canonical-path-handling-for-bootpath.patch
Patch205: 0001-10_linux-Ensure-persistence-of-root-file-system-moun.patch
Patch206: 0001-util-bash-completion-Fix-for-bash-completion-2.12.patch
Requires: gettext-runtime
%if 0%{?suse_version} >= 1140
@ -456,12 +460,7 @@ BuildArch: noarch
%endif
Requires: %{name} = %{version}
Requires(post): %{name} = %{version}
%if 0%{?update_bootloader_requires:1}
%update_bootloader_requires
%else
Requires: perl-Bootloader
Requires(post): perl-Bootloader
%endif
%{?update_bootloader_requires}
%description %{grubarch}
The GRand Unified Bootloader (GRUB) is a highly configurable and customizable
@ -510,12 +509,7 @@ Requires: efibootmgr
Requires(post): efibootmgr
Requires: %{name} = %{version}
Requires(post): %{name} = %{version}
%if 0%{?update_bootloader_requires:1}
%update_bootloader_requires
%else
Requires: perl-Bootloader >= 0.706
Requires(post): perl-Bootloader >= 0.706
%endif
%{?update_bootloader_requires}
%{?fde_tpm_update_requires}
Provides: %{name}-efi = %{version}-%{release}
Obsoletes: %{name}-efi < %{version}-%{release}
@ -1120,51 +1114,7 @@ grep -E ${EXTRA_PATTERN} %{grubarch}-mod-all.lst > %{grubarch}-mod-extras.lst
%if ! 0%{?only_efi:1}
%post %{grubarch}
%if 0%{?update_bootloader_check_type_reinit_post:1}
%update_bootloader_check_type_reinit_post grub2
%else
# To check by current loader settings
if [ -f %{_sysconfdir}/sysconfig/bootloader ]; then
. %{_sysconfdir}/sysconfig/bootloader
fi
# If the grub is the current loader, we'll handle the grub2 testing entry
if [ "x${LOADER_TYPE}" = "xgrub" ]; then
exec >/dev/null 2>&1
# check if entry for grub2's core.img exists in the config
# if yes, we will correct obsoleted path and update grub2 stuff and config to make it work
# if no, do nothing
if [ -f /boot/grub/menu.lst ]; then
# If grub config contains obsolete core.img path, remove and use the new one
if /usr/bin/grep -l "^\s*kernel\s*.*/boot/%{name}/core.img" /boot/grub/menu.lst; then
/sbin/update-bootloader --remove --image /boot/%{name}/core.img || true
/sbin/update-bootloader --add --image /boot/%{name}/i386-pc/core.img --name "GNU GRUB 2" || true
fi
# Install grub2 stuff and config to make the grub2 testing entry to work with updated version
if /usr/bin/grep -l "^\s*kernel\s*.*/boot/%{name}/i386-pc/core.img" /boot/grub/menu.lst; then
# Determine the partition with /boot
BOOT_PARTITION=$(df -h /boot | sed -n '2s/[[:blank:]].*//p')
# Generate core.img, but don't let it be installed in boot sector
%{name}-install --no-bootsector $BOOT_PARTITION || true
# Create a working grub2 config, otherwise that entry is un-bootable
/usr/sbin/grub2-mkconfig -o /boot/%{name}/grub.cfg
fi
fi
elif [ "x${LOADER_TYPE}" = "xgrub2" ]; then
# It's enought to call update-bootloader to install grub2 and update it's config
# Use new --reinit, if not available use --refresh
# --reinit: install and update bootloader config
# --refresh: update bootloader config
/sbin/update-bootloader --reinit 2>&1 | grep -q 'Unknown option: reinit' &&
/sbin/update-bootloader --refresh || true
fi
%endif
%{?update_bootloader_check_type_reinit_post:%update_bootloader_check_type_reinit_post grub2}
%posttrans %{grubarch}
%{?update_bootloader_posttrans}
@ -1178,38 +1128,7 @@ fi
%fde_tpm_update_post grub2-efi
%endif
%if 0%{?update_bootloader_check_type_reinit_post:1}
%update_bootloader_check_type_reinit_post grub2-efi
%else
# To check by current loader settings
if [ -f %{_sysconfdir}/sysconfig/bootloader ]; then
. %{_sysconfdir}/sysconfig/bootloader
fi
if [ "x${LOADER_TYPE}" = "xgrub2-efi" ]; then
if [ -d /boot/%{name}-efi ]; then
# Migrate settings to standard prefix /boot/grub2
for i in custom.cfg grubenv; do
[ -f /boot/%{name}-efi/$i ] && cp -a /boot/%{name}-efi/$i /boot/%{name} || :
done
fi
# It's enough to call update-bootloader to install grub2 and update it's config
# Use new --reinit, if not available use --refresh
# --reinit: install and update bootloader config
# --refresh: update bootloader config
/sbin/update-bootloader --reinit 2>&1 | grep -q 'Unknown option: reinit' &&
/sbin/update-bootloader --refresh || true
fi
if [ -d /boot/%{name}-efi ]; then
mv /boot/%{name}-efi /boot/%{name}-efi.rpmsave
fi
exit 0
%endif
%{?update_bootloader_check_type_reinit_post:%update_bootloader_check_type_reinit_post grub2-efi}
%posttrans %{grubefiarch}
%{?update_bootloader_posttrans}
@ -1219,40 +1138,6 @@ exit 0
%preun
%service_del_preun grub2-once.service
# We did not add core.img to grub1 menu.lst in new update-bootloader macro as what
# the old %%post ever did, then the %%preun counterpart which removed the added core.img
# entry from old %%post can be skipped entirely if having new macro in use.
%if ! 0%{?update_bootloader_posttrans:1}%{?only_efi:1}
if [ $1 = 0 ]; then
# To check by current loader settings
if [ -f %{_sysconfdir}/sysconfig/bootloader ]; then
. %{_sysconfdir}/sysconfig/bootloader
fi
if [ "x${LOADER_TYPE}" = "xgrub" ]; then
exec >/dev/null 2>&1
if [ -f /boot/grub/menu.lst ]; then
# Remove grub2 testing entry in menu.lst if has any
for i in /boot/%{name}/core.img /boot/%{name}/i386-pc/core.img; do
if /usr/bin/grep -l "^\s*kernel\s*.*$i" /boot/grub/menu.lst; then
/sbin/update-bootloader --remove --image "$i" || true
fi
done
fi
# Cleanup config, to not confuse some tools determining bootloader in use
rm -f /boot/%{name}/grub.cfg
# Cleanup installed files
# Unless grub2 provides grub2-uninstall, we don't remove any file because
# we have no idea what's been installed. (And a blind remove is dangerous
# to remove user's or other package's file accidently ..)
fi
fi
%endif
%postun
%service_del_postun grub2-once.service