62e3547e57
- Version bump to 2.04
* removed
- translations-20170427.tar.xz
* grub2.spec
- Make signed grub-tpm.efi specific to x86_64-efi build, the platform
currently shipped with tpm module from upstream codebase
- Add shim_lock to signed grub.efi in x86_64-efi build
- x86_64: linuxefi now depends on linux, both will verify kernel via
shim_lock
- Remove translation tarball and po file hacks as it's been included in
upstream tarball
* rediff
- grub2-setup-try-fs-embed-if-mbr-gap-too-small.patch
- grub2-commands-introduce-read_file-subcommand.patch
- grub2-secureboot-add-linuxefi.patch
- 0001-add-support-for-UEFI-network-protocols.patch
- grub2-efi-HP-workaround.patch
- grub2-secureboot-install-signed-grub.patch
- grub2-linux.patch
- use-grub2-as-a-package-name.patch
- grub2-pass-corret-root-for-nfsroot.patch
- grub2-secureboot-use-linuxefi-on-uefi.patch
- grub2-secureboot-no-insmod-on-sb.patch
- grub2-secureboot-provide-linuxefi-config.patch
- grub2-secureboot-chainloader.patch
- grub2-s390x-01-Changes-made-and-files-added-in-order-to-allow-s390x.patch
- grub2-s390x-02-kexec-module-added-to-emu.patch
- grub2-s390x-04-grub2-install.patch
- grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch
- grub2-efi-chainloader-root.patch
OBS-URL: https://build.opensuse.org/request/show/741033
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=340
64 lines
2.4 KiB
Diff
64 lines
2.4 KiB
Diff
From 795ac61cba9674376d745813efdab395e35cff41 Mon Sep 17 00:00:00 2001
|
|
From: Michael Chang <mchang@suse.com>
|
|
Date: Mon, 26 Nov 2012 15:38:54 +0800
|
|
Subject: [PATCH] provide option in config to enable linuxefi
|
|
|
|
References: fate#314485
|
|
Patch-Mainline: no
|
|
|
|
As linuxefi module requires kernel 3.6 or later which supports EFI
|
|
handover protocol, it may not be able to load kernels without that
|
|
supports in place.
|
|
|
|
In case that things would break, and the linuxefi is really too young to
|
|
take over the position of "linux" kernel loader module, we introduce a
|
|
option GRUB_USE_LINUXEFI in the config and only explicit set it to true
|
|
will enable it. Example usage is
|
|
|
|
GRUB_USE_LINUXEFI=true grub2-mkconfig -o /boot/efi/EFI/opensuse/grub.cfg
|
|
|
|
This will output a grub.cfg which uses linuxefi in replace of linux and
|
|
enable verification of kernel signature if in secureboot enabled and
|
|
has shim exported protocols available.
|
|
---
|
|
util/grub-mkconfig.in | 3 ++-
|
|
util/grub.d/10_linux.in | 4 ++--
|
|
2 files changed, 4 insertions(+), 3 deletions(-)
|
|
|
|
Index: grub-2.04~rc1/util/grub-mkconfig.in
|
|
===================================================================
|
|
--- grub-2.04~rc1.orig/util/grub-mkconfig.in
|
|
+++ grub-2.04~rc1/util/grub-mkconfig.in
|
|
@@ -271,7 +271,8 @@ export GRUB_DEFAULT \
|
|
GRUB_BADRAM \
|
|
GRUB_OS_PROBER_SKIP_LIST \
|
|
GRUB_DISABLE_SUBMENU \
|
|
- GRUB_CMDLINE_LINUX_RECOVERY
|
|
+ GRUB_CMDLINE_LINUX_RECOVERY \
|
|
+ GRUB_USE_LINUXEFI
|
|
|
|
if test "x${grub_cfg}" != "x"; then
|
|
rm -f "${grub_cfg}.new"
|
|
Index: grub-2.04~rc1/util/grub.d/10_linux.in
|
|
===================================================================
|
|
--- grub-2.04~rc1.orig/util/grub.d/10_linux.in
|
|
+++ grub-2.04~rc1/util/grub.d/10_linux.in
|
|
@@ -145,7 +145,7 @@ linux_entry ()
|
|
printf '%s\n' "${prepare_boot_cache}" | sed "s/^/$submenu_indentation/"
|
|
fi
|
|
message="$(gettext_printf "Loading Linux %s ..." ${version})"
|
|
- if [ -d /sys/firmware/efi ]; then
|
|
+ if [ -d /sys/firmware/efi ] && [ "x${GRUB_USE_LINUXEFI}" = "xtrue" ]; then
|
|
sed "s/^/$submenu_indentation/" << EOF
|
|
echo '$(echo "$message" | grub_quote)'
|
|
linuxefi ${rel_dirname}/${basename} ${root_device} ${args}
|
|
@@ -163,7 +163,7 @@ EOF
|
|
for i in ${initrd}; do
|
|
initrd_path="${initrd_path} ${rel_dirname}/${i}"
|
|
done
|
|
- if [ -d /sys/firmware/efi ]; then
|
|
+ if [ -d /sys/firmware/efi ] && [ "x${GRUB_USE_LINUXEFI}" = "xtrue" ]; then
|
|
sed "s/^/$submenu_indentation/" << EOF
|
|
echo '$(echo "$message" | grub_quote)'
|
|
initrdefi $(echo $initrd_path)
|