Accepting request 529824 from home:michael-chang:bsc:1052401

- Build diskboot_tpm.img as separate image to diskboot.img to prevent failure
  in booting on some bogus firmware. To use the TPM image you have to use
  suse-enable-tpm option of grub2-install (bsc#1052401)
  * 0013-tpm-i386-pc-diskboot-img.patch

OBS-URL: https://build.opensuse.org/request/show/529824
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=280
This commit is contained in:
Michael Chang 2017-10-01 10:11:57 +00:00 committed by Git OBS Bridge
parent 72c330459f
commit b046f3779b
3 changed files with 158 additions and 0 deletions

View File

@ -0,0 +1,148 @@
Index: grub-2.02/grub-core/Makefile.core.def
===================================================================
--- grub-2.02.orig/grub-core/Makefile.core.def
+++ grub-2.02/grub-core/Makefile.core.def
@@ -451,6 +451,20 @@ image = {
};
image = {
+ name = diskboot_tpm;
+ i386_pc = boot/i386/pc/diskboot.S;
+
+ cppflags = '-DTPM=1';
+
+ i386_pc_ldflags = '$(TARGET_IMG_LDFLAGS)';
+ i386_pc_ldflags = '$(TARGET_IMG_BASE_LDOPT),0x8000';
+
+ objcopyflags = '-O binary';
+
+ enable = i386_pc;
+};
+
+image = {
name = lnxboot;
i386_pc = boot/i386/pc/lnxboot.S;
Index: grub-2.02/grub-core/boot/i386/pc/diskboot.S
===================================================================
--- grub-2.02.orig/grub-core/boot/i386/pc/diskboot.S
+++ grub-2.02/grub-core/boot/i386/pc/diskboot.S
@@ -19,8 +19,6 @@
#include <grub/symbol.h>
#include <grub/machine/boot.h>
-#define TPM 1
-
/*
* defines for the code go here
*/
Index: grub-2.02/include/grub/util/mkimage.h
===================================================================
--- grub-2.02.orig/include/grub/util/mkimage.h
+++ grub-2.02/include/grub/util/mkimage.h
@@ -71,7 +71,8 @@ struct grub_install_image_target_desc
IMAGE_I386_IEEE1275,
IMAGE_LOONGSON_ELF, IMAGE_QEMU, IMAGE_PPC, IMAGE_YEELOONG_FLASH,
IMAGE_FULOONG2F_FLASH, IMAGE_I386_PC_PXE, IMAGE_MIPS_ARC,
- IMAGE_QEMU_MIPS_FLASH, IMAGE_UBOOT, IMAGE_XEN, IMAGE_I386_PC_ELTORITO
+ IMAGE_QEMU_MIPS_FLASH, IMAGE_UBOOT, IMAGE_XEN, IMAGE_I386_PC_ELTORITO,
+ IMAGE_I386_PC_TPM
} id;
enum
{
Index: grub-2.02/util/grub-install.c
===================================================================
--- grub-2.02.orig/util/grub-install.c
+++ grub-2.02/util/grub-install.c
@@ -1660,6 +1660,16 @@ main (int argc, char *argv[])
case GRUB_INSTALL_PLATFORM_I386_PC:
+ if (suse_enable_tpm)
+ {
+ snprintf (mkimage_target, sizeof (mkimage_target),
+ "%s-%s-tpm",
+ grub_install_get_platform_cpu (platform),
+ grub_install_get_platform_platform (platform));
+ core_name = "core.img";
+ break;
+ }
+ /* FALLTHROUGH */
case GRUB_INSTALL_PLATFORM_MIPSEL_ARC:
case GRUB_INSTALL_PLATFORM_MIPS_ARC:
case GRUB_INSTALL_PLATFORM_ARM_UBOOT:
Index: grub-2.02/util/mkimage.c
===================================================================
--- grub-2.02.orig/util/mkimage.c
+++ grub-2.02/util/mkimage.c
@@ -165,6 +165,22 @@ static const struct grub_install_image_t
.default_compression = GRUB_COMPRESSION_LZMA
},
{
+ .dirname = "i386-pc",
+ .names = { "i386-pc-tpm", NULL },
+ .voidp_sizeof = 4,
+ .bigendian = 0,
+ .id = IMAGE_I386_PC_TPM,
+ .flags = PLATFORM_FLAGS_DECOMPRESSORS,
+ .total_module_size = TARGET_NO_FIELD,
+ .decompressor_compressed_size = GRUB_DECOMPRESSOR_I386_PC_COMPRESSED_SIZE,
+ .decompressor_uncompressed_size = GRUB_DECOMPRESSOR_I386_PC_UNCOMPRESSED_SIZE,
+ .decompressor_uncompressed_addr = TARGET_NO_FIELD,
+ .section_align = 1,
+ .vaddr_offset = 0,
+ .link_addr = GRUB_KERNEL_I386_PC_LINK_ADDR,
+ .default_compression = GRUB_COMPRESSION_LZMA
+ },
+ {
.dirname = "i386-efi",
.names = { "i386-efi", NULL },
.voidp_sizeof = 4,
@@ -756,7 +772,8 @@ grub_install_generate_image (const char
if (image_target->id == IMAGE_I386_PC
|| image_target->id == IMAGE_I386_PC_PXE
- || image_target->id == IMAGE_I386_PC_ELTORITO)
+ || image_target->id == IMAGE_I386_PC_ELTORITO
+ || image_target->id == IMAGE_I386_PC_TPM)
comp = GRUB_COMPRESSION_LZMA;
path_list = grub_util_resolve_dependencies (dir, "moddep.lst", mods);
@@ -980,7 +997,8 @@ grub_install_generate_image (const char
if ((image_target->id == IMAGE_I386_PC
|| image_target->id == IMAGE_I386_PC_PXE
- || image_target->id == IMAGE_I386_PC_ELTORITO)
+ || image_target->id == IMAGE_I386_PC_ELTORITO
+ || image_target->id == IMAGE_I386_PC_TPM)
&& decompress_size > GRUB_KERNEL_I386_PC_LINK_ADDR - 0x8200)
grub_util_error ("%s", _("Decompressor is too big"));
@@ -1023,6 +1041,7 @@ grub_install_generate_image (const char
case IMAGE_I386_PC:
case IMAGE_I386_PC_PXE:
case IMAGE_I386_PC_ELTORITO:
+ case IMAGE_I386_PC_TPM:
if (GRUB_KERNEL_I386_PC_LINK_ADDR + core_size > 0x78000
|| (core_size > (0xffff << GRUB_DISK_SECTOR_BITS))
|| (layout.kernel_size + layout.bss_size
@@ -1061,6 +1080,7 @@ grub_install_generate_image (const char
case IMAGE_I386_PC:
case IMAGE_I386_PC_PXE:
case IMAGE_I386_PC_ELTORITO:
+ case IMAGE_I386_PC_TPM:
{
unsigned num;
char *boot_path, *boot_img;
@@ -1110,7 +1130,10 @@ grub_install_generate_image (const char
free (eltorito_path);
}
- boot_path = grub_util_get_path (dir, "diskboot.img");
+ if (image_target->id == IMAGE_I386_PC_TPM)
+ boot_path = grub_util_get_path (dir, "diskboot_tpm.img");
+ else
+ boot_path = grub_util_get_path (dir, "diskboot.img");
boot_size = grub_util_get_image_size (boot_path);
if (boot_size != GRUB_DISK_SECTOR_SIZE)
grub_util_error (_("diskboot.img size must be %u bytes"),

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Tue Sep 26 06:35:50 UTC 2017 - mchang@suse.com
- Build diskboot_tpm.img as separate image to diskboot.img to prevent failure
in booting on some bogus firmware. To use the TPM image you have to use
suse-enable-tpm option of grub2-install (bsc#1052401)
* 0013-tpm-i386-pc-diskboot-img.patch
-------------------------------------------------------------------
Wed Sep 20 22:17:10 UTC 2017 - mlatimer@suse.com

View File

@ -268,6 +268,7 @@ Patch408: 0009-tpm-Measure-multiboot-images-and-modules.patch
Patch409: 0010-tpm-Fix-boot-when-there-s-no-TPM.patch
Patch410: 0011-tpm-Fix-build-error.patch
Patch411: 0012-tpm-Build-tpm-as-module.patch
Patch412: 0013-tpm-i386-pc-diskboot-img.patch
# UEFI HTTP and related network protocol support (FATE#320130)
Patch420: 0001-add-support-for-UEFI-network-protocols.patch
@ -530,6 +531,7 @@ swap partition while in resuming
%patch409 -p1
%patch410 -p1
%patch411 -p1
%patch412 -p1
%patch420 -p1
# patches above may update the timestamp of grub.texi
# and via build-aux/mdate-sh they end up in grub2.info, breaking build-compare