diff options
author | Anthony G. Basile <basile@opensource.dyc.edu> | 2010-03-07 04:00:16 -0500 |
---|---|---|
committer | Anthony G. Basile <basile@opensource.dyc.edu> | 2010-03-07 04:00:16 -0500 |
commit | e5d9524e75fca0609254823299bc06de5725a322 (patch) | |
tree | 94a8495afdc212b4f67525fc26f0134d5eb71fe7 /sys-boot | |
parent | Update to 32.9 kernel sources. (diff) | |
download | hardened-dev-e5d9524e75fca0609254823299bc06de5725a322.tar.gz hardened-dev-e5d9524e75fca0609254823299bc06de5725a322.tar.bz2 hardened-dev-e5d9524e75fca0609254823299bc06de5725a322.zip |
New patch to fix grub with ssp. See bug #305283
Diffstat (limited to 'sys-boot')
-rw-r--r-- | sys-boot/grub/ChangeLog | 8 | ||||
-rw-r--r-- | sys-boot/grub/Manifest | 4 | ||||
-rw-r--r-- | sys-boot/grub/files/grub-0.97-fix-ssp.patch | 12 | ||||
-rw-r--r-- | sys-boot/grub/grub-0.97-r12.ebuild | 283 |
4 files changed, 305 insertions, 2 deletions
diff --git a/sys-boot/grub/ChangeLog b/sys-boot/grub/ChangeLog index 4c684601..4ec3f088 100644 --- a/sys-boot/grub/ChangeLog +++ b/sys-boot/grub/ChangeLog @@ -1,7 +1,13 @@ # ChangeLog for sys-boot/grub -# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 +# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 # $Header: $ +*grub-0.97-r12 (07 Mar 2010) + + 07 Mar 2010; Anthony G. Basile <basile@opensource.dyc.edu> + +grub-0.97-r12.ebuild, +files/grub-0.97-fix-ssp.patch: + New patch to fix grub with ssp. See bug #305283 + 01 Oct 2009; Magnus Granberg <zorry@ume.nu> files/grub-0.97-fpie_check.patch: GCC 3.4.6 Hardened defines __PIC__ instead of __PIE__ diff --git a/sys-boot/grub/Manifest b/sys-boot/grub/Manifest index b3eb39f8..40d35e47 100644 --- a/sys-boot/grub/Manifest +++ b/sys-boot/grub/Manifest @@ -1,3 +1,4 @@ +AUX grub-0.97-fix-ssp.patch 694 RMD160 c014d10ccf40cc4e9be037e3c5834e3327d5c6a3 SHA1 58d8b10c84618dfa64ab52556f26da35a6e97f0b SHA256 bc2f1c97a6324f9779e6aa8bad04034c1cd047fe64ecd905d32db7841cc9049b AUX grub-0.97-fpie_check.patch 1465 RMD160 bfa46d498e1693a100970a5846269ad4c1a095b2 SHA1 e420b4d0925bca5cd269e8633129e8a1e6a058f3 SHA256 826b5ba7a0768fedf174bdb4756ac2d5c669f0506b1333553e29e434f069dfc1 AUX grub-0.97-gcc4-hardened.patch 462 RMD160 f1429fd7ebddede7dcc243e897ae3ff24ee19e06 SHA1 75860a643ac0588ef60fcc8e26fca734b11b3dae SHA256 24f135ba1404ac68a379d21885563adec58a38a7e2c05735a9328cd78aef19c2 AUX grub.conf.gentoo 659 RMD160 9ab841d6fdd03be3f99f109ed3dfe0a5027e66d2 SHA1 26455e5c3ba2043be970bf64ce2386119fd35f30 SHA256 5e3a209af537090456546704e52e0dee8f8600944a34184f79776523cdaa9a25 @@ -6,5 +7,6 @@ DIST grub-0.97.tar.gz 971783 RMD160 7fb5674edf0c950bd38e94f85ff1e2909aa741f0 SHA DIST splash.xpm.gz 33856 RMD160 2fead61f91c368429e80936248bb02af2bdf15ff SHA1 98e679f9698be43426f971f89a088c053e8c804a SHA256 b95600f777331b0dd31d51c68f60f0e846e4c8b628857a41165f4e6b30e6acaf EBUILD grub-0.97-r10.ebuild 9101 RMD160 f7616847570e143952587dc1aa1dd2737c60041a SHA1 24110a0dbff3b596fcb8ef12afb7d6ad840138cd SHA256 46bf359b9805b1b4b06b46f3d4bef0903df61d41e296660c7ce0ea8d178c146a EBUILD grub-0.97-r11.ebuild 9154 RMD160 f60f29d7090249ed6ba49a9f2ff1d49aea5d76f0 SHA1 626962c46cdf2223202cb09c01e81fcd15a28525 SHA256 ee631ec4d57686ba4ef992d723ffaee99189dd96a9e4265c6b0974c760389be8 -MISC ChangeLog 456 RMD160 77608c92e86bf7dc013f514f960bf6d5248b9890 SHA1 fa2e185f198375c04ec179283fe5aa549fb1e9bc SHA256 57c333e711360ac439025b0a055e5d67974f790a204bda67be42fa0bd7eab283 +EBUILD grub-0.97-r12.ebuild 9203 RMD160 0b252dbda8da1ea8c71e1dd8140637b155293c9e SHA1 6437b378279c1acdf8c97f2b6e0922b393223125 SHA256 13d97193d61547224b516bf0b4b5b5f5abc7dabe94c03c3b6a7a802e6312b136 +MISC ChangeLog 655 RMD160 7d28c47c369ae5cc3ec71262682102e7a36357e4 SHA1 7ef4331749c93a701e7bd3583a2d9b6eaf1eaf01 SHA256 365fb8ce186ca01bc358e5a085b7925605d2cbfc95e34b6d9949b00e850c09ef MISC metadata.xml 262 RMD160 afabce9377772aefb54102e9ef237de6bb1561f5 SHA1 c38f9b99d8a84beb40c114283d8d7ddd4ac43d9e SHA256 35a9c56d9c8418806062854a360c27690d25159524df71f28bbd4d644e8706f3 diff --git a/sys-boot/grub/files/grub-0.97-fix-ssp.patch b/sys-boot/grub/files/grub-0.97-fix-ssp.patch new file mode 100644 index 00000000..34298dac --- /dev/null +++ b/sys-boot/grub/files/grub-0.97-fix-ssp.patch @@ -0,0 +1,12 @@ +diff -Naur grub-0.97.orig/stage2/Makefile.am grub-0.97/stage2/Makefile.am +--- grub-0.97.orig/stage2/Makefile.am 2010-02-18 17:51:59.000000000 +0000 ++++ grub-0.97/stage2/Makefile.am 2010-02-18 17:52:35.000000000 +0000 +@@ -20,7 +20,7 @@ + fsys_jfs.c fsys_minix.c fsys_reiserfs.c fsys_ufs2.c \ + fsys_vstafs.c fsys_xfs.c gunzip.c md5.c serial.c stage2.c \ + terminfo.c tparm.c graphics.c +-libgrub_a_CFLAGS = $(GRUB_CFLAGS) -I$(top_srcdir)/lib \ ++libgrub_a_CFLAGS = $(GRUB_CFLAGS) -fno-stack-protector -I$(top_srcdir)/lib \ + -DGRUB_UTIL=1 -DFSYS_EXT2FS=1 -DFSYS_FAT=1 -DFSYS_FFS=1 \ + -DFSYS_ISO9660=1 -DFSYS_JFS=1 -DFSYS_MINIX=1 -DFSYS_REISERFS=1 \ + -DFSYS_UFS2=1 -DFSYS_VSTAFS=1 -DFSYS_XFS=1 \ diff --git a/sys-boot/grub/grub-0.97-r12.ebuild b/sys-boot/grub/grub-0.97-r12.ebuild new file mode 100644 index 00000000..cb52cc9d --- /dev/null +++ b/sys-boot/grub/grub-0.97-r12.ebuild @@ -0,0 +1,283 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-boot/grub/grub-0.97-r9.ebuild,v 1.5 2009/07/04 18:46:05 robbat2 Exp $ + +# XXX: we need to review menu.lst vs grub.conf handling. We've been converting +# all systems to grub.conf (and symlinking menu.lst to grub.conf), but +# we never updated any of the source code (it still all wants menu.lst), +# and there is no indication that upstream is making the transition. + +inherit mount-boot eutils flag-o-matic toolchain-funcs autotools linux-info + +PATCHVER="1.9" # Should match the revision ideally +DESCRIPTION="GNU GRUB Legacy boot loader" +HOMEPAGE="http://www.gnu.org/software/grub/" +SRC_URI="mirror://gentoo/${P}.tar.gz + ftp://alpha.gnu.org/gnu/${PN}/${P}.tar.gz + mirror://gentoo/splash.xpm.gz + mirror://gentoo/${P}-patches-${PATCHVER}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86 ~x86-fbsd" +IUSE="custom-cflags ncurses netboot static" + +DEPEND="ncurses? ( + >=sys-libs/ncurses-5.2-r5 + amd64? ( app-emulation/emul-linux-x86-baselibs ) + )" +PROVIDE="virtual/bootloader" + +pkg_setup() { + local arch="$(tc-arch)" + case ${arch} in + amd64) CONFIG_CHECK='~IA32_EMULATION' check_extra_config ;; + esac +} + +src_unpack() { + unpack ${A} + cd "${S}" + + # patch breaks booting for some people #111885 + rm "${WORKDIR}"/patch/400_* + + # Grub will not handle a kernel larger than EXTENDED_MEMSIZE Mb as + # discovered in bug 160801. We can change this, however, using larger values + # for this variable means that Grub needs more memory to run and boot. For a + # kernel of size N, Grub needs (N+1)*2. Advanced users should set a custom + # value in make.conf, it is possible to make kernels ~16Mb in size, but it + # needs the kitchen sink built-in. + local t="custom" + if [[ -z ${GRUB_MAX_KERNEL_SIZE} ]] ; then + case $(tc-arch) in + amd64) GRUB_MAX_KERNEL_SIZE=7 ;; + x86) GRUB_MAX_KERNEL_SIZE=3 ;; + esac + t="default" + fi + einfo "Grub will support the ${t} maximum kernel size of ${GRUB_MAX_KERNEL_SIZE} Mb (GRUB_MAX_KERNEL_SIZE)" + + sed -i \ + -e "/^#define.*EXTENDED_MEMSIZE/s,3,${GRUB_MAX_KERNEL_SIZE},g" \ + "${S}"/grub/asmstub.c \ + || die "Failed to hack memory size" + + if [[ -n ${PATCHVER} ]] ; then + EPATCH_SUFFIX="patch" + epatch "${WORKDIR}"/patch + fi + + # Bug #279536 sys-boot/grub-0.97 segfaults with >=sys-devel/gcc-4.1 SSP + # Bug #305283 sys-boot/grub-0.97 fails to report memory limits correctly + # with >=sys-devel/gcc-4.1 SSP + epatch "${FILESDIR}"/grub-0.97-fix-ssp.patch + + eautoreconf +} + +src_compile() { + filter-flags -fPIE #168834 + + use amd64 && multilib_toolchain_setup x86 + + unset BLOCK_SIZE #73499 + + ### i686-specific code in the boot loader is a bad idea; disabling to ensure + ### at least some compatibility if the hard drive is moved to an older or + ### incompatible system. + + # grub-0.95 added -fno-stack-protector detection, to disable ssp for stage2, + # but the objcopy's (faulty) test fails if -fstack-protector is default. + # create a cache telling configure that objcopy is ok, and add -C to econf + # to make use of the cache. + # + # CFLAGS has to be undefined running econf, else -fno-stack-protector detection fails. + # STAGE2_CFLAGS is not allowed to be used on emake command-line, it overwrites + # -fno-stack-protector detected by configure, removed from netboot's emake. + use custom-cflags || unset CFLAGS + + export grub_cv_prog_objcopy_absolute=yes #79734 + use static && append-ldflags -static + + # Per bug 216625, the emul packages do not provide .a libs for performing + # suitable static linking + if use amd64 && use static ; then + if [ -z "${GRUB_STATIC_PACKAGE_BUILDING}" ]; then + die "You must use the grub-static package if you want a static Grub on amd64!" + else + eerror "You have set GRUB_STATIC_PACKAGE_BUILDING. This" + eerror "is specifically intended for building the tarballs for the" + eerror "grub-static package via USE='static -ncurses'." + eerror "All bets are now off." + ebeep 10 + fi + fi + + # build the net-bootable grub first, but only if "netboot" is set + if use netboot ; then + econf \ + --libdir=/lib \ + --datadir=/usr/lib/grub \ + --exec-prefix=/ \ + --disable-auto-linux-mem-opt \ + --enable-diskless \ + --enable-{3c{5{03,07,09,29,95},90x},cs89x0,davicom,depca,eepro{,100}} \ + --enable-{epic100,exos205,ni5210,lance,ne2100,ni{50,65}10,natsemi} \ + --enable-{ne,ns8390,wd,otulip,rtl8139,sis900,sk-g16,smc9000,tiara} \ + --enable-{tulip,via-rhine,w89c840} || die "netboot econf failed" + + emake w89c840_o_CFLAGS="-O" || die "making netboot stuff" + + mv -f stage2/{nbgrub,pxegrub} "${S}"/ + mv -f stage2/stage2 stage2/stage2.netboot + + make clean || die "make clean failed" + fi + + # Now build the regular grub + # Note that FFS and UFS2 support are broken for now - stage1_5 files too big + econf \ + --libdir=/lib \ + --datadir=/usr/lib/grub \ + --exec-prefix=/ \ + --disable-auto-linux-mem-opt \ + $(use_with ncurses curses) \ + || die "econf failed" + + # sanity check due to common failure + use ncurses && ! grep -qs "HAVE_LIBCURSES.*1" config.h && die "USE=ncurses but curses not found" + + emake || die "making regular stuff" +} + +src_test() { + # non-default block size also give false pass/fails. + unset BLOCK_SIZE + make check || die "make check failed" +} + +src_install() { + emake DESTDIR="${D}" install || die + if use netboot ; then + exeinto /usr/lib/grub/${CHOST} + doexe nbgrub pxegrub stage2/stage2.netboot || die "netboot install" + fi + + dodoc AUTHORS BUGS ChangeLog NEWS README THANKS TODO + newdoc docs/menu.lst grub.conf.sample + dodoc "${FILESDIR}"/grub.conf.gentoo + prepalldocs + + [ -n "${GRUB_STATIC_PACKAGE_BUILDING}" ] && \ + mv \ + "${D}"/usr/share/doc/${PF} \ + "${D}"/usr/share/doc/grub-static-${PF/grub-} + + insinto /usr/share/grub + doins "${DISTDIR}"/splash.xpm.gz +} + +setup_boot_dir() { + local boot_dir=$1 + local dir=${boot_dir} + + mkdir -p "${dir}" + [[ ! -L ${dir}/boot ]] && ln -s . "${dir}/boot" + dir="${dir}/grub" + if [[ ! -e ${dir} ]] ; then + mkdir "${dir}" || die "${dir} does not exist!" + fi + + # change menu.lst to grub.conf + if [[ ! -e ${dir}/grub.conf ]] && [[ -e ${dir}/menu.lst ]] ; then + mv -f "${dir}"/menu.lst "${dir}"/grub.conf + ewarn + ewarn "*** IMPORTANT NOTE: menu.lst has been renamed to grub.conf" + ewarn + fi + + if [[ ! -e ${dir}/menu.lst ]]; then + einfo "Linking from new grub.conf name to menu.lst" + ln -snf grub.conf "${dir}"/menu.lst + fi + + if [[ -e ${dir}/stage2 ]] ; then + mv "${dir}"/stage2{,.old} + ewarn "*** IMPORTANT NOTE: you must run grub and install" + ewarn "the new version's stage1 to your MBR. Until you do," + ewarn "stage1 and stage2 will still be the old version, but" + ewarn "later stages will be the new version, which could" + ewarn "cause problems such as an unbootable system." + ewarn "This means you must use either grub-install or perform" + ewarn "root/setup manually! For more help, see the handbook:" + ewarn "http://www.gentoo.org/doc/en/handbook/handbook-${ARCH}.xml?part=1&chap=10#grub-install-auto" + ebeep + fi + + einfo "Copying files from /lib/grub, /usr/lib/grub and /usr/share/grub to ${dir}" + for x in \ + "${ROOT}"/lib*/grub/*/* \ + "${ROOT}"/usr/lib*/grub/*/* \ + "${ROOT}"/usr/share/grub/* ; do + [[ -f ${x} ]] && cp -p "${x}" "${dir}"/ + done + + if [[ ! -e ${dir}/grub.conf ]] ; then + s="${ROOT}/usr/share/doc/${PF}/grub.conf.gentoo" + [[ -e "${s}" ]] && cat "${s}" >${dir}/grub.conf + [[ -e "${s}.gz" ]] && zcat "${s}.gz" >${dir}/grub.conf + [[ -e "${s}.bz2" ]] && bzcat "${s}.bz2" >${dir}/grub.conf + fi + + # Per bug 218599, we support grub.conf.install for users that want to run a + # specific set of Grub setup commands rather than the default ones. + grub_config=${dir}/grub.conf.install + [[ -e ${grub_config} ]] || grub_config=${dir}/grub.conf + if [[ -e ${grub_config} ]] ; then + egrep \ + -v '^[[:space:]]*(#|$|default|fallback|initrd|password|splashimage|timeout|title)' \ + "${grub_config}" | \ + /sbin/grub --batch \ + --device-map="${dir}"/device.map \ + > /dev/null + fi + + # the grub default commands silently piss themselves if + # the default file does not exist ahead of time + if [[ ! -e ${dir}/default ]] ; then + grub-set-default --root-directory="${boot_dir}" default + fi + einfo "Grub has been installed to ${boot_dir} successfully." +} + +pkg_postinst() { + if [[ -n ${DONT_MOUNT_BOOT} ]]; then + elog "WARNING: you have DONT_MOUNT_BOOT in effect, so you must apply" + elog "the following instructions for your /boot!" + elog "Neglecting to do so may cause your system to fail to boot!" + elog + else + setup_boot_dir "${ROOT}"/boot + # Trailing output because if this is run from pkg_postinst, it gets mixed into + # the other output. + einfo "" + fi + elog "To interactively install grub files to another device such as a USB" + elog "stick, just run the following and specify the directory as prompted:" + elog " emerge --config =${PF}" + elog "Alternately, you can export GRUB_ALT_INSTALLDIR=/path/to/use to tell" + elog "grub where to install in a non-interactive way." + +} + +pkg_config() { + local dir + if [ ! -d "${GRUB_ALT_INSTALLDIR}" ]; then + einfo "Enter the directory where you want to setup grub:" + read dir + else + dir="${GRUB_ALT_INSTALLDIR}" + fi + setup_boot_dir "${dir}" +} |