Date: Wednesday, August 3, 2016 @ 07:43:08 Author: eworm Revision: 272947
archrelease: copy trunk to testing-x86_64, testing-i686 Added: grub/repos/testing-i686/ grub/repos/testing-i686/0001-Fix-security-issue-when-reading-username-and-passwor.patch (from rev 272946, grub/trunk/0001-Fix-security-issue-when-reading-username-and-passwor.patch) grub/repos/testing-i686/0002-intel-ucode.patch (from rev 272946, grub/trunk/0002-intel-ucode.patch) grub/repos/testing-i686/0003-10_linux-detect-archlinux-initramfs.patch (from rev 272946, grub/trunk/0003-10_linux-detect-archlinux-initramfs.patch) grub/repos/testing-i686/0004-add-GRUB_COLOR_variables.patch (from rev 272946, grub/trunk/0004-add-GRUB_COLOR_variables.patch) grub/repos/testing-i686/PKGBUILD (from rev 272946, grub/trunk/PKGBUILD) grub/repos/testing-i686/grub.cfg (from rev 272946, grub/trunk/grub.cfg) grub/repos/testing-i686/grub.default (from rev 272946, grub/trunk/grub.default) grub/repos/testing-i686/grub.install (from rev 272946, grub/trunk/grub.install) grub/repos/testing-x86_64/ grub/repos/testing-x86_64/0001-Fix-security-issue-when-reading-username-and-passwor.patch (from rev 272946, grub/trunk/0001-Fix-security-issue-when-reading-username-and-passwor.patch) grub/repos/testing-x86_64/0002-intel-ucode.patch (from rev 272946, grub/trunk/0002-intel-ucode.patch) grub/repos/testing-x86_64/0003-10_linux-detect-archlinux-initramfs.patch (from rev 272946, grub/trunk/0003-10_linux-detect-archlinux-initramfs.patch) grub/repos/testing-x86_64/0004-add-GRUB_COLOR_variables.patch (from rev 272946, grub/trunk/0004-add-GRUB_COLOR_variables.patch) grub/repos/testing-x86_64/PKGBUILD (from rev 272946, grub/trunk/PKGBUILD) grub/repos/testing-x86_64/grub.cfg (from rev 272946, grub/trunk/grub.cfg) grub/repos/testing-x86_64/grub.default (from rev 272946, grub/trunk/grub.default) grub/repos/testing-x86_64/grub.install (from rev 272946, grub/trunk/grub.install) --------------------------------------------------------------------------------+ testing-i686/0001-Fix-security-issue-when-reading-username-and-passwor.patch | 47 + testing-i686/0002-intel-ucode.patch | 52 + testing-i686/0003-10_linux-detect-archlinux-initramfs.patch | 44 + testing-i686/0004-add-GRUB_COLOR_variables.patch | 32 testing-i686/PKGBUILD | 374 ++++++++++ testing-i686/grub.cfg | 139 +++ testing-i686/grub.default | 47 + testing-i686/grub.install | 15 testing-x86_64/0001-Fix-security-issue-when-reading-username-and-passwor.patch | 47 + testing-x86_64/0002-intel-ucode.patch | 52 + testing-x86_64/0003-10_linux-detect-archlinux-initramfs.patch | 44 + testing-x86_64/0004-add-GRUB_COLOR_variables.patch | 32 testing-x86_64/PKGBUILD | 374 ++++++++++ testing-x86_64/grub.cfg | 139 +++ testing-x86_64/grub.default | 47 + testing-x86_64/grub.install | 15 16 files changed, 1500 insertions(+) Copied: grub/repos/testing-i686/0001-Fix-security-issue-when-reading-username-and-passwor.patch (from rev 272946, grub/trunk/0001-Fix-security-issue-when-reading-username-and-passwor.patch) =================================================================== --- testing-i686/0001-Fix-security-issue-when-reading-username-and-passwor.patch (rev 0) +++ testing-i686/0001-Fix-security-issue-when-reading-username-and-passwor.patch 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,47 @@ +From e16eeda1200deabd0d3a4af968d526d62845a85f Mon Sep 17 00:00:00 2001 +From: Hector Marco-Gisbert <hecma...@upv.es> +Date: Fri, 13 Nov 2015 16:21:09 +0100 +Subject: [PATCH] Fix security issue when reading username and password + + This patch fixes two integer underflows at: + * grub-core/lib/crypto.c + * grub-core/normal/auth.c + +Resolves: CVE-2015-8370 + +Signed-off-by: Hector Marco-Gisbert <hecma...@upv.es> +Signed-off-by: Ismael Ripoll-Ripoll <irip...@disca.upv.es> +--- + grub-core/lib/crypto.c | 2 +- + grub-core/normal/auth.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c +index 010e550..524a3d8 100644 +--- a/grub-core/lib/crypto.c ++++ b/grub-core/lib/crypto.c +@@ -468,7 +468,7 @@ grub_password_get (char buf[], unsigned buf_size) + break; + } + +- if (key == '\b') ++ if (key == '\b' && cur_len) + { + cur_len--; + continue; +diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c +index c6bd96e..5782ec5 100644 +--- a/grub-core/normal/auth.c ++++ b/grub-core/normal/auth.c +@@ -172,7 +172,7 @@ grub_username_get (char buf[], unsigned buf_size) + break; + } + +- if (key == '\b') ++ if (key == '\b' && cur_len) + { + cur_len--; + grub_printf ("\b"); +-- +2.6.4 + Copied: grub/repos/testing-i686/0002-intel-ucode.patch (from rev 272946, grub/trunk/0002-intel-ucode.patch) =================================================================== --- testing-i686/0002-intel-ucode.patch (rev 0) +++ testing-i686/0002-intel-ucode.patch 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,52 @@ +diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in +index de9044c..f5d3e78 100644 +--- a/util/grub.d/10_linux.in ++++ b/util/grub.d/10_linux.in +@@ -133,13 +133,15 @@ linux_entry () + echo '$(echo "$message" | grub_quote)' + linux ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args} + EOF +- if test -n "${initrd}" ; then ++ if test -n "${initrd}" -o -n "${initrd_extra}" ; then + # TRANSLATORS: ramdisk isn't identifier. Should be translated. + message="$(gettext_printf "Loading initial ramdisk ...")" +- sed "s/^/$submenu_indentation/" << EOF +- echo '$(echo "$message" | grub_quote)' +- initrd ${rel_dirname}/${initrd} +-EOF ++ printf ' %s\n' "echo '$(echo "$message" | grub_quote)'" | sed "s/^/$submenu_indentation/" ++ printf ' %s ' 'initrd' | sed "s/^/$submenu_indentation/" ++ for i in ${initrd_extra} ${initrd}; do ++ printf ' %s/%s' "${rel_dirname}" "${i}" ++ done ++ printf '\n' + fi + sed "s/^/$submenu_indentation/" << EOF + } +@@ -202,6 +204,12 @@ while [ "x$list" != "x" ] ; do + break + fi + done ++ initrd_extra= ++ for i in intel-ucode.img; do ++ if test -e "${dirname}/${i}" ; then ++ initrd_extra+=" ${i}" ++ fi ++ done + + config= + for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do +@@ -216,8 +224,8 @@ while [ "x$list" != "x" ] ; do + initramfs=`grep CONFIG_INITRAMFS_SOURCE= "${config}" | cut -f2 -d= | tr -d \"` + fi + +- if test -n "${initrd}" ; then +- gettext_printf "Found initrd image: %s\n" "${dirname}/${initrd}" >&2 ++ if test -n "${initrd}" -o -n "${initrd_extra}" ; then ++ gettext_printf "Found initrd image(s) in %s:%s\n" "${dirname}" "${initrd_extra} ${initrd}" >&2 + elif test -z "${initramfs}" ; then + # "UUID=" and "ZFS=" magic is parsed by initrd or initramfs. Since there's + # no initrd or builtin initramfs, it can't work here. +-- +2.9.2 + Copied: grub/repos/testing-i686/0003-10_linux-detect-archlinux-initramfs.patch (from rev 272946, grub/trunk/0003-10_linux-detect-archlinux-initramfs.patch) =================================================================== --- testing-i686/0003-10_linux-detect-archlinux-initramfs.patch (rev 0) +++ testing-i686/0003-10_linux-detect-archlinux-initramfs.patch 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,44 @@ +diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in +index f5d3e78..ef59c8c 100644 +--- a/util/grub.d/10_linux.in ++++ b/util/grub.d/10_linux.in +@@ -83,6 +83,8 @@ linux_entry () + case $type in + recovery) + title="$(gettext_printf "%s, with Linux %s (recovery mode)" "${os}" "${version}")" ;; ++ fallback) ++ title="$(gettext_printf "%s, with Linux %s (fallback initramfs)" "${os}" "${version}")" ;; + *) + title="$(gettext_printf "%s, with Linux %s" "${os}" "${version}")" ;; + esac +@@ -186,7 +188,7 @@ while [ "x$list" != "x" ] ; do + basename=`basename $linux` + dirname=`dirname $linux` + rel_dirname=`make_system_path_relative_to_its_root $dirname` +- version=`echo $basename | sed -e "s,^[^0-9]*-,,g"` ++ version=`echo $basename | sed -e "s,vmlinuz-,,g"` + alt_version=`echo $version | sed -e "s,\.old$,,g"` + linux_root_device_thisversion="${LINUX_ROOT_DEVICE}" + +@@ -248,6 +250,18 @@ while [ "x$list" != "x" ] ; do + + linux_entry "${OS}" "${version}" advanced \ + "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}" ++ ++ if test -e "${dirname}/initramfs-${version}-fallback.img" ; then ++ initrd="initramfs-${version}-fallback.img" ++ ++ if test -n "${initrd}" ; then ++ gettext_printf "Found fallback initrd image(s) in %s:%s\n" "${dirname}" "${initrd_extra} ${initrd}" >&2 ++ fi ++ ++ linux_entry "${OS}" "${version}" fallback \ ++ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}" ++ fi ++ + if [ "x${GRUB_DISABLE_RECOVERY}" != "xtrue" ]; then + linux_entry "${OS}" "${version}" recovery \ + "single ${GRUB_CMDLINE_LINUX}" +-- +2.9.2 + Copied: grub/repos/testing-i686/0004-add-GRUB_COLOR_variables.patch (from rev 272946, grub/trunk/0004-add-GRUB_COLOR_variables.patch) =================================================================== --- testing-i686/0004-add-GRUB_COLOR_variables.patch (rev 0) +++ testing-i686/0004-add-GRUB_COLOR_variables.patch 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,32 @@ +diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in +index 3390ba9..c416489 100644 +--- a/util/grub-mkconfig.in ++++ b/util/grub-mkconfig.in +@@ -218,6 +218,8 @@ export GRUB_DEFAULT \ + GRUB_THEME \ + GRUB_GFXPAYLOAD_LINUX \ + GRUB_DISABLE_OS_PROBER \ ++ GRUB_COLOR_NORMAL \ ++ GRUB_COLOR_HIGHLIGHT \ + GRUB_INIT_TUNE \ + GRUB_SAVEDEFAULT \ + GRUB_ENABLE_CRYPTODISK \ +diff --git a/util/grub.d/00_header.in b/util/grub.d/00_header.in +index d2e7252..8259f45 100644 +--- a/util/grub.d/00_header.in ++++ b/util/grub.d/00_header.in +@@ -125,6 +125,14 @@ cat <<EOF + + EOF + ++if [ x$GRUB_COLOR_NORMAL != x ] && [ x$GRUB_COLOR_HIGHLIGHT != x ] ; then ++ cat << EOF ++set menu_color_normal=$GRUB_COLOR_NORMAL ++set menu_color_highlight=$GRUB_COLOR_HIGHLIGHT ++ ++EOF ++fi ++ + serial=0; + gfxterm=0; + for x in ${GRUB_TERMINAL_INPUT} ${GRUB_TERMINAL_OUTPUT}; do Copied: grub/repos/testing-i686/PKGBUILD (from rev 272946, grub/trunk/PKGBUILD) =================================================================== --- testing-i686/PKGBUILD (rev 0) +++ testing-i686/PKGBUILD 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,374 @@ +# Maintainer : Tobias Powalowski <tp...@archlinux.org> +# Maintainer : Ronald van Haren <ronald.archlinux.org> +# Contributor: Keshav Amburay <(the ddoott ridikulus ddoott rat) (aatt) (gemmaeiil) (ddoott) (ccoomm)> + +## "1" to enable IA32-EFI build in Arch x86_64, "0" to disable +_IA32_EFI_IN_ARCH_X64="1" + +## "1" to enable EMU build, "0" to disable +_GRUB_EMU_BUILD="0" + +_pkgver="2.02" +_GRUB_GIT_TAG="grub-2.02-beta3" +_GRUB_EXTRAS_COMMIT="f2a079441939eee7251bf141986cdd78946e1d20" + +_UNIFONT_VER="6.3.20131217" + +[[ "${CARCH}" == "x86_64" ]] && _EFI_ARCH="x86_64" +[[ "${CARCH}" == "i686" ]] && _EFI_ARCH="i386" + +[[ "${CARCH}" == "x86_64" ]] && _EMU_ARCH="x86_64" +[[ "${CARCH}" == "i686" ]] && _EMU_ARCH="i386" + +pkgname="grub" +pkgdesc="GNU GRand Unified Bootloader (2)" +pkgver=2.02.beta3 +pkgrel=2 +epoch=1 +url="https://www.gnu.org/software/grub/" +arch=('x86_64' 'i686') +license=('GPL3') +backup=('boot/grub/grub.cfg' 'etc/default/grub' 'etc/grub.d/40_custom') +install="${pkgname}.install" +options=('!makeflags') + +conflicts=('grub-common' 'grub-bios' 'grub-emu' "grub-efi-${_EFI_ARCH}" 'grub-legacy') +replaces=('grub-common' 'grub-bios' 'grub-emu' "grub-efi-${_EFI_ARCH}") +provides=('grub-common' 'grub-bios' 'grub-emu' "grub-efi-${_EFI_ARCH}") + +makedepends=('git' 'rsync' 'xz' 'freetype2' 'ttf-dejavu' 'python' 'autogen' + 'texinfo' 'help2man' 'gettext' 'device-mapper' 'fuse') +depends=('sh' 'xz' 'gettext' 'device-mapper') +optdepends=('freetype2: For grub-mkfont usage' + 'fuse: For grub-mount usage' + 'dosfstools: For grub-mkrescue FAT FS and EFI support' + 'efibootmgr: For grub-install EFI support' + 'libisoburn: Provides xorriso for generating grub rescue iso using grub-mkrescue' + 'os-prober: To detect other OSes when generating grub.cfg in BIOS systems' + 'mtools: For grub-mkrescue FAT FS support') + +if [[ "${_GRUB_EMU_BUILD}" == "1" ]]; then + makedepends+=('libusbx' 'sdl') + optdepends+=('libusbx: For grub-emu USB support' + 'sdl: For grub-emu SDL support') +fi + +source=("grub-${_pkgver}::git+git://git.sv.gnu.org/grub.git#tag=${_GRUB_GIT_TAG}" + "grub-extras::git+git://git.sv.gnu.org/grub-extras.git#commit=${_GRUB_EXTRAS_COMMIT}" + "http://ftp.gnu.org/gnu/unifont/unifont-${_UNIFONT_VER}/unifont-${_UNIFONT_VER}.bdf.gz" + "http://ftp.gnu.org/gnu/unifont/unifont-${_UNIFONT_VER}/unifont-${_UNIFONT_VER}.bdf.gz.sig" + '0001-Fix-security-issue-when-reading-username-and-passwor.patch' + '0002-intel-ucode.patch' + '0003-10_linux-detect-archlinux-initramfs.patch' + '0004-add-GRUB_COLOR_variables.patch' + 'grub.default' + 'grub.cfg') + +md5sums=('SKIP' + 'SKIP' + '728b7439ac733a7c0d56049adec364c7' + 'SKIP' + '9589ec46a04f9bb4d5da987340a4a324' + 'ff3b8524983ce02fc48fce38f96b1a82' + 'ba9d27c44b677bf329e5b96933bdbde8' + 'e506ae4a9f9f7d1b765febfa84e10d48' + 'a03ffd56324520393bf574cefccb893d' + 'c8b9511586d57d6f2524ae7898397a46') +validpgpkeys=('95D2E9AB8740D8046387FD151A09227B1F435A33') #Paul Hardy + +_pkgver() { + cd "${srcdir}/grub-${_pkgver}/" + echo "$(git describe --tags)" | sed -e 's|grub.||g' -e 's|-|\.|g' +} + +prepare() { + cd "${srcdir}/grub-${_pkgver}/" + + # CVE-2015-8370 + patch -Np1 -i ../0001-Fix-security-issue-when-reading-username-and-passwor.patch + + msg "Patch to load Intel microcode" + patch -Np1 -i "${srcdir}/0002-intel-ucode.patch" + echo + + msg "Patch to detect of Arch Linux initramfs images by grub-mkconfig" + patch -Np1 -i "${srcdir}/0003-10_linux-detect-archlinux-initramfs.patch" + echo + + msg "Patch to enable GRUB_COLOR_* variables in grub-mkconfig" + ## Based on http://lists.gnu.org/archive/html/grub-devel/2012-02/msg00021.html + patch -Np1 -i "${srcdir}/0004-add-GRUB_COLOR_variables.patch" + echo + + msg "Fix DejaVuSans.ttf location so that grub-mkfont can create *.pf2 files for starfield theme" + sed 's|/usr/share/fonts/dejavu|/usr/share/fonts/dejavu /usr/share/fonts/TTF|g' -i "${srcdir}/grub-${_pkgver}/configure.ac" + + msg "Fix mkinitcpio 'rw' FS#36275" + sed 's| ro | rw |g' -i "${srcdir}/grub-${_pkgver}/util/grub.d/10_linux.in" + + msg "Fix OS naming FS#33393" + sed 's|GNU/Linux|Linux|' -i "${srcdir}/grub-${_pkgver}/util/grub.d/10_linux.in" + + # msg "autogen.sh requires python (2/3). since bzr is in makedepends, use python2 and no need to pull python3" + # sed 's|python |python2 |g' -i "${srcdir}/grub-${_pkgver}/autogen.sh" + + msg "Pull in latest language files" + ./linguas.sh + echo + + msg "Remove not working langs which need LC_ALL=C.UTF-8" + sed -e 's#en@cyrillic en@greek##g' -i "${srcdir}/grub-${_pkgver}/po/LINGUAS" + + msg "Avoid problem with unifont during compile of grub, http://savannah.gnu.org/bugs/?40330 and https://bugs.archlinux.org/task/37847" + cp "${srcdir}/unifont-${_UNIFONT_VER}.bdf" "${srcdir}/grub-${_pkgver}/unifont.bdf" +} + +_build_grub-common_and_bios() { + msg "Set ARCH dependent variables for bios build" + if [[ "${CARCH}" == 'x86_64' ]]; then + _EFIEMU="--enable-efiemu" + else + _EFIEMU="--disable-efiemu" + fi + + msg "Copy the source for building the bios part" + cp -r "${srcdir}/grub-${_pkgver}" "${srcdir}/grub-${_pkgver}-bios" + cd "${srcdir}/grub-${_pkgver}-bios/" + + msg "Add the grub-extra sources for bios build" + install -d "${srcdir}/grub-${_pkgver}-bios/grub-extras" + cp -r "${srcdir}/grub-extras/915resolution" "${srcdir}/grub-${_pkgver}-bios/grub-extras/915resolution" + export GRUB_CONTRIB="${srcdir}/grub-${_pkgver}-bios/grub-extras/" + + msg "Unset all compiler FLAGS for bios build" + unset CFLAGS + unset CPPFLAGS + unset CXXFLAGS + unset LDFLAGS + unset MAKEFLAGS + + cd "${srcdir}/grub-${_pkgver}-bios/" + + msg "Run autogen.sh for bios build" + ./autogen.sh + echo + + msg "Run ./configure for bios build" + ./configure \ + --with-platform="pc" \ + --target="i386" \ + "${_EFIEMU}" \ + --enable-mm-debug \ + --enable-nls \ + --enable-device-mapper \ + --enable-cache-stats \ + --enable-boot-time \ + --enable-grub-mkfont \ + --enable-grub-mount \ + --prefix="/usr" \ + --bindir="/usr/bin" \ + --sbindir="/usr/bin" \ + --mandir="/usr/share/man" \ + --infodir="/usr/share/info" \ + --datarootdir="/usr/share" \ + --sysconfdir="/etc" \ + --program-prefix="" \ + --with-bootdir="/boot" \ + --with-grubdir="grub" \ + --disable-silent-rules \ + --disable-werror + echo + + msg "Run make for bios build" + make + echo +} + +_build_grub-efi() { + msg "Copy the source for building the ${_EFI_ARCH} efi part" + cp -r "${srcdir}/grub-${_pkgver}" "${srcdir}/grub-${_pkgver}-efi-${_EFI_ARCH}" + cd "${srcdir}/grub-${_pkgver}-efi-${_EFI_ARCH}/" + + msg "Unset all compiler FLAGS for ${_EFI_ARCH} efi build" + unset CFLAGS + unset CPPFLAGS + unset CXXFLAGS + unset LDFLAGS + unset MAKEFLAGS + + cd "${srcdir}/grub-${_pkgver}-efi-${_EFI_ARCH}/" + + msg "Run autogen.sh for ${_EFI_ARCH} efi build" + ./autogen.sh + echo + + msg "Run ./configure for ${_EFI_ARCH} efi build" + ./configure \ + --with-platform="efi" \ + --target="${_EFI_ARCH}" \ + --disable-efiemu \ + --enable-mm-debug \ + --enable-nls \ + --enable-device-mapper \ + --enable-cache-stats \ + --enable-boot-time \ + --enable-grub-mkfont \ + --enable-grub-mount \ + --prefix="/usr" \ + --bindir="/usr/bin" \ + --sbindir="/usr/bin" \ + --mandir="/usr/share/man" \ + --infodir="/usr/share/info" \ + --datarootdir="/usr/share" \ + --sysconfdir="/etc" \ + --program-prefix="" \ + --with-bootdir="/boot" \ + --with-grubdir="grub" \ + --disable-silent-rules \ + --disable-werror + echo + + msg "Run make for ${_EFI_ARCH} efi build" + make + echo +} + +_build_grub-emu() { + msg "Copy the source for building the emu part" + cp -r "${srcdir}/grub-${_pkgver}/" "${srcdir}/grub-${_pkgver}-emu/" + + msg "Unset all compiler FLAGS for emu build" + unset CFLAGS + unset CPPFLAGS + unset CXXFLAGS + unset LDFLAGS + unset MAKEFLAGS + + cd "${srcdir}/grub-${_pkgver}-emu/" + + msg "Run autogen.sh for emu build" + ./autogen.sh + echo + + msg "Run ./configure for emu build" + ./configure \ + --with-platform="emu" \ + --target="${_EMU_ARCH}" \ + --enable-mm-debug \ + --enable-nls \ + --enable-device-mapper \ + --enable-cache-stats \ + --enable-grub-mkfont \ + --enable-grub-mount \ + --enable-grub-emu-usb=no \ + --enable-grub-emu-sdl=no \ + --disable-grub-emu-pci \ + --prefix="/usr" \ + --bindir="/usr/bin" \ + --sbindir="/usr/bin" \ + --mandir="/usr/share/man" \ + --infodir="/usr/share/info" \ + --datarootdir="/usr/share" \ + --sysconfdir="/etc" \ + --program-prefix="" \ + --with-bootdir="/boot" \ + --with-grubdir="grub" \ + --disable-silent-rules \ + --disable-werror + echo + + msg "Run make for emu build" + make + echo +} + +build() { + cd "${srcdir}/grub-${_pkgver}/" + + msg "Build grub bios stuff" + _build_grub-common_and_bios + echo + + msg "Build grub ${_EFI_ARCH} efi stuff" + _build_grub-efi + echo + + if [[ "${CARCH}" == "x86_64" ]] && [[ "${_IA32_EFI_IN_ARCH_X64}" == "1" ]]; then + msg "Build grub i386 efi stuff" + _EFI_ARCH="i386" _build_grub-efi + echo + fi + + if [[ "${_GRUB_EMU_BUILD}" == "1" ]]; then + msg "Build grub emu stuff" + _build_grub-emu + echo + fi +} + +_package_grub-common_and_bios() { + cd "${srcdir}/grub-${_pkgver}-bios/" + + msg "Run make install for bios build" + make DESTDIR="${pkgdir}/" bashcompletiondir="/usr/share/bash-completion/completions" install + echo + + msg "Remove gdb debugging related files for bios build" + rm -f "${pkgdir}/usr/lib/grub/i386-pc"/*.module || true + rm -f "${pkgdir}/usr/lib/grub/i386-pc"/*.image || true + rm -f "${pkgdir}/usr/lib/grub/i386-pc"/{kernel.exec,gdb_grub,gmodule.pl} || true + + msg "Install /etc/default/grub (used by grub-mkconfig)" + install -D -m0644 "${srcdir}/grub.default" "${pkgdir}/etc/default/grub" + + msg "Install grub.cfg for backup array" + install -D -m0644 "${srcdir}/grub.cfg" "${pkgdir}/boot/grub/grub.cfg" +} + +_package_grub-efi() { + cd "${srcdir}/grub-${_pkgver}-efi-${_EFI_ARCH}/" + + msg "Run make install for ${_EFI_ARCH} efi build" + make DESTDIR="${pkgdir}/" bashcompletiondir="/usr/share/bash-completion/completions" install + echo + + msg "Remove gdb debugging related files for ${_EFI_ARCH} efi build" + rm -f "${pkgdir}/usr/lib/grub/${_EFI_ARCH}-efi"/*.module || true + rm -f "${pkgdir}/usr/lib/grub/${_EFI_ARCH}-efi"/*.image || true + rm -f "${pkgdir}/usr/lib/grub/${_EFI_ARCH}-efi"/{kernel.exec,gdb_grub,gmodule.pl} || true +} + +_package_grub-emu() { + cd "${srcdir}/grub-${_pkgver}-emu/" + + msg "Run make install for emu build" + make DESTDIR="${pkgdir}/" bashcompletiondir="/usr/share/bash-completion/completions" install + echo + + msg "Remove gdb debugging related files for emu build" + rm -f "${pkgdir}/usr/lib/grub/${_EMU_ARCH}-emu"/*.module || true + rm -f "${pkgdir}/usr/lib/grub/${_EMU_ARCH}-emu"/*.image || true + rm -f "${pkgdir}/usr/lib/grub/${_EMU_ARCH}-emu"/{kernel.exec,gdb_grub,gmodule.pl} || true +} + +package() { + cd "${srcdir}/grub-${_pkgver}/" + + msg "Package grub ${_EFI_ARCH} efi stuff" + _package_grub-efi + + if [[ "${CARCH}" == "x86_64" ]] && [[ "${_IA32_EFI_IN_ARCH_X64}" == "1" ]]; then + msg "Package grub i386 efi stuff" + _EFI_ARCH="i386" _package_grub-efi + echo + fi + + if [[ "${_GRUB_EMU_BUILD}" == "1" ]]; then + msg "Package grub emu stuff" + _package_grub-emu + echo + fi + + msg "Package grub bios stuff" + _package_grub-common_and_bios +} Copied: grub/repos/testing-i686/grub.cfg (from rev 272946, grub/trunk/grub.cfg) =================================================================== --- testing-i686/grub.cfg (rev 0) +++ testing-i686/grub.cfg 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,139 @@ +# +# DO NOT EDIT THIS FILE +# +# It is automatically generated by grub-mkconfig using templates +# from /etc/grub.d and settings from /etc/default/grub +# + +### BEGIN /etc/grub.d/00_header ### +insmod part_gpt +insmod part_msdos +if [ -s $prefix/grubenv ]; then + load_env +fi +set default="0" + +if [ x"${feature_menuentry_id}" = xy ]; then + menuentry_id_option="--id" +else + menuentry_id_option="" +fi + +export menuentry_id_option + +if [ "${prev_saved_entry}" ]; then + set saved_entry="${prev_saved_entry}" + save_env saved_entry + set prev_saved_entry= + save_env prev_saved_entry + set boot_once=true +fi + +function savedefault { + if [ -z "${boot_once}" ]; then + saved_entry="${chosen}" + save_env saved_entry + fi +} + +function load_video { + if [ x$feature_all_video_module = xy ]; then + insmod all_video + else + insmod efi_gop + insmod efi_uga + insmod ieee1275_fb + insmod vbe + insmod vga + insmod video_bochs + insmod video_cirrus + fi +} + +if [ x$feature_default_font_path = xy ] ; then + font=unicode +else +insmod part_msdos +insmod ext2 +set root='hd0,msdos5' +if [ x$feature_platform_search_hint = xy ]; then + search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos5 --hint-efi=hd0,msdos5 --hint-baremetal=ahci0,msdos5 ad4103fa-d940-47ca-8506-301d8071d467 +else + search --no-floppy --fs-uuid --set=root ad4103fa-d940-47ca-8506-301d8071d467 +fi + font="/usr/share/grub/unicode.pf2" +fi + +if loadfont $font ; then + set gfxmode=auto + load_video + insmod gfxterm + set locale_dir=$prefix/locale + set lang=en_US + insmod gettext +fi +terminal_input console +terminal_output gfxterm +set timeout=5 +### END /etc/grub.d/00_header ### + +### BEGIN /etc/grub.d/10_linux ### +menuentry 'Arch Linux, with Linux core repo kernel' --class arch --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-core repo kernel-true-ad4103fa-d940-47ca-8506-301d8071d467' { + load_video + set gfxpayload=keep + insmod gzio + insmod part_msdos + insmod ext2 + set root='hd0,msdos5' + if [ x$feature_platform_search_hint = xy ]; then + search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos5 --hint-efi=hd0,msdos5 --hint-baremetal=ahci0,msdos5 ad4103fa-d940-47ca-8506-301d8071d467 + else + search --no-floppy --fs-uuid --set=root ad4103fa-d940-47ca-8506-301d8071d467 + fi + echo 'Loading Linux core repo kernel ...' + linux /boot/vmlinuz-linux root=UUID=ad4103fa-d940-47ca-8506-301d8071d467 rw quiet + echo 'Loading initial ramdisk ...' + initrd /boot/initramfs-linux.img +} +menuentry 'Arch Linux, with Linux core repo kernel (Fallback initramfs)' --class arch --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-core repo kernel-fallback-ad4103fa-d940-47ca-8506-301d8071d467' { + load_video + set gfxpayload=keep + insmod gzio + insmod part_msdos + insmod ext2 + set root='hd0,msdos5' + if [ x$feature_platform_search_hint = xy ]; then + search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos5 --hint-efi=hd0,msdos5 --hint-baremetal=ahci0,msdos5 ad4103fa-d940-47ca-8506-301d8071d467 + else + search --no-floppy --fs-uuid --set=root ad4103fa-d940-47ca-8506-301d8071d467 + fi + echo 'Loading Linux core repo kernel ...' + linux /boot/vmlinuz-linux root=UUID=ad4103fa-d940-47ca-8506-301d8071d467 rw quiet + echo 'Loading initial ramdisk ...' + initrd /boot/initramfs-linux-fallback.img +} + +### END /etc/grub.d/10_linux ### + +### BEGIN /etc/grub.d/20_linux_xen ### +### END /etc/grub.d/20_linux_xen ### + +### BEGIN /etc/grub.d/20_memtest86+ ### +### END /etc/grub.d/20_memtest86+ ### + +### BEGIN /etc/grub.d/30_os-prober ### +### END /etc/grub.d/30_os-prober ### + +### BEGIN /etc/grub.d/40_custom ### +# This file provides an easy way to add custom menu entries. Simply type the +# menu entries you want to add after this comment. Be careful not to change +# the 'exec tail' line above. +### END /etc/grub.d/40_custom ### + +### BEGIN /etc/grub.d/41_custom ### +if [ -f ${config_directory}/custom.cfg ]; then + source ${config_directory}/custom.cfg +elif [ -z "${config_directory}" -a -f $prefix/custom.cfg ]; then + source $prefix/custom.cfg; +fi +### END /etc/grub.d/41_custom ### Copied: grub/repos/testing-i686/grub.default (from rev 272946, grub/trunk/grub.default) =================================================================== --- testing-i686/grub.default (rev 0) +++ testing-i686/grub.default 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,47 @@ +GRUB_DEFAULT=0 +GRUB_TIMEOUT=5 +GRUB_DISTRIBUTOR="Arch" +GRUB_CMDLINE_LINUX_DEFAULT="quiet" +GRUB_CMDLINE_LINUX="" + +# Preload both GPT and MBR modules so that they are not missed +GRUB_PRELOAD_MODULES="part_gpt part_msdos" + +# Uncomment to enable Hidden Menu, and optionally hide the timeout count +#GRUB_HIDDEN_TIMEOUT=5 +#GRUB_HIDDEN_TIMEOUT_QUIET=true + +# Uncomment to use basic console +GRUB_TERMINAL_INPUT=console + +# Uncomment to disable graphical terminal +#GRUB_TERMINAL_OUTPUT=console + +# The resolution used on graphical terminal +# note that you can use only modes which your graphic card supports via VBE +# you can see them in real GRUB with the command `vbeinfo' +GRUB_GFXMODE=auto + +# Uncomment to allow the kernel use the same resolution used by grub +GRUB_GFXPAYLOAD_LINUX=keep + +# Uncomment if you want GRUB to pass to the Linux kernel the old parameter +# format "root=/dev/xxx" instead of "root=/dev/disk/by-uuid/xxx" +#GRUB_DISABLE_LINUX_UUID=true + +# Uncomment to disable generation of recovery mode menu entries +GRUB_DISABLE_RECOVERY=true + +# Uncomment and set to the desired menu colors. Used by normal and wallpaper +# modes only. Entries specified as foreground/background. +#GRUB_COLOR_NORMAL="light-blue/black" +#GRUB_COLOR_HIGHLIGHT="light-cyan/blue" + +# Uncomment one of them for the gfx desired, a image background or a gfxtheme +#GRUB_BACKGROUND="/path/to/wallpaper" +#GRUB_THEME="/path/to/gfxtheme" + +# Uncomment to get a beep at GRUB start +#GRUB_INIT_TUNE="480 440 1" + +#GRUB_SAVEDEFAULT="true" Copied: grub/repos/testing-i686/grub.install (from rev 272946, grub/trunk/grub.install) =================================================================== --- testing-i686/grub.install (rev 0) +++ testing-i686/grub.install 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,15 @@ +post_install() { + if [ -f /boot/grub/grub.cfg.pacsave ]; then + echo "Copying /boot/grub/grub.cfg.pacsave to /boot/grub/grub.cfg" + install -D -m0644 /boot/grub/grub.cfg.pacsave /boot/grub/grub.cfg + fi + + cat << 'EOM' +Generating grub.cfg.example config file... +This may fail on some machines running a custom kernel. +EOM + + grub-mkconfig -o /boot/grub/grub.cfg.example 2> /dev/null + echo "done." +} + Copied: grub/repos/testing-x86_64/0001-Fix-security-issue-when-reading-username-and-passwor.patch (from rev 272946, grub/trunk/0001-Fix-security-issue-when-reading-username-and-passwor.patch) =================================================================== --- testing-x86_64/0001-Fix-security-issue-when-reading-username-and-passwor.patch (rev 0) +++ testing-x86_64/0001-Fix-security-issue-when-reading-username-and-passwor.patch 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,47 @@ +From e16eeda1200deabd0d3a4af968d526d62845a85f Mon Sep 17 00:00:00 2001 +From: Hector Marco-Gisbert <hecma...@upv.es> +Date: Fri, 13 Nov 2015 16:21:09 +0100 +Subject: [PATCH] Fix security issue when reading username and password + + This patch fixes two integer underflows at: + * grub-core/lib/crypto.c + * grub-core/normal/auth.c + +Resolves: CVE-2015-8370 + +Signed-off-by: Hector Marco-Gisbert <hecma...@upv.es> +Signed-off-by: Ismael Ripoll-Ripoll <irip...@disca.upv.es> +--- + grub-core/lib/crypto.c | 2 +- + grub-core/normal/auth.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c +index 010e550..524a3d8 100644 +--- a/grub-core/lib/crypto.c ++++ b/grub-core/lib/crypto.c +@@ -468,7 +468,7 @@ grub_password_get (char buf[], unsigned buf_size) + break; + } + +- if (key == '\b') ++ if (key == '\b' && cur_len) + { + cur_len--; + continue; +diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c +index c6bd96e..5782ec5 100644 +--- a/grub-core/normal/auth.c ++++ b/grub-core/normal/auth.c +@@ -172,7 +172,7 @@ grub_username_get (char buf[], unsigned buf_size) + break; + } + +- if (key == '\b') ++ if (key == '\b' && cur_len) + { + cur_len--; + grub_printf ("\b"); +-- +2.6.4 + Copied: grub/repos/testing-x86_64/0002-intel-ucode.patch (from rev 272946, grub/trunk/0002-intel-ucode.patch) =================================================================== --- testing-x86_64/0002-intel-ucode.patch (rev 0) +++ testing-x86_64/0002-intel-ucode.patch 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,52 @@ +diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in +index de9044c..f5d3e78 100644 +--- a/util/grub.d/10_linux.in ++++ b/util/grub.d/10_linux.in +@@ -133,13 +133,15 @@ linux_entry () + echo '$(echo "$message" | grub_quote)' + linux ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args} + EOF +- if test -n "${initrd}" ; then ++ if test -n "${initrd}" -o -n "${initrd_extra}" ; then + # TRANSLATORS: ramdisk isn't identifier. Should be translated. + message="$(gettext_printf "Loading initial ramdisk ...")" +- sed "s/^/$submenu_indentation/" << EOF +- echo '$(echo "$message" | grub_quote)' +- initrd ${rel_dirname}/${initrd} +-EOF ++ printf ' %s\n' "echo '$(echo "$message" | grub_quote)'" | sed "s/^/$submenu_indentation/" ++ printf ' %s ' 'initrd' | sed "s/^/$submenu_indentation/" ++ for i in ${initrd_extra} ${initrd}; do ++ printf ' %s/%s' "${rel_dirname}" "${i}" ++ done ++ printf '\n' + fi + sed "s/^/$submenu_indentation/" << EOF + } +@@ -202,6 +204,12 @@ while [ "x$list" != "x" ] ; do + break + fi + done ++ initrd_extra= ++ for i in intel-ucode.img; do ++ if test -e "${dirname}/${i}" ; then ++ initrd_extra+=" ${i}" ++ fi ++ done + + config= + for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do +@@ -216,8 +224,8 @@ while [ "x$list" != "x" ] ; do + initramfs=`grep CONFIG_INITRAMFS_SOURCE= "${config}" | cut -f2 -d= | tr -d \"` + fi + +- if test -n "${initrd}" ; then +- gettext_printf "Found initrd image: %s\n" "${dirname}/${initrd}" >&2 ++ if test -n "${initrd}" -o -n "${initrd_extra}" ; then ++ gettext_printf "Found initrd image(s) in %s:%s\n" "${dirname}" "${initrd_extra} ${initrd}" >&2 + elif test -z "${initramfs}" ; then + # "UUID=" and "ZFS=" magic is parsed by initrd or initramfs. Since there's + # no initrd or builtin initramfs, it can't work here. +-- +2.9.2 + Copied: grub/repos/testing-x86_64/0003-10_linux-detect-archlinux-initramfs.patch (from rev 272946, grub/trunk/0003-10_linux-detect-archlinux-initramfs.patch) =================================================================== --- testing-x86_64/0003-10_linux-detect-archlinux-initramfs.patch (rev 0) +++ testing-x86_64/0003-10_linux-detect-archlinux-initramfs.patch 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,44 @@ +diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in +index f5d3e78..ef59c8c 100644 +--- a/util/grub.d/10_linux.in ++++ b/util/grub.d/10_linux.in +@@ -83,6 +83,8 @@ linux_entry () + case $type in + recovery) + title="$(gettext_printf "%s, with Linux %s (recovery mode)" "${os}" "${version}")" ;; ++ fallback) ++ title="$(gettext_printf "%s, with Linux %s (fallback initramfs)" "${os}" "${version}")" ;; + *) + title="$(gettext_printf "%s, with Linux %s" "${os}" "${version}")" ;; + esac +@@ -186,7 +188,7 @@ while [ "x$list" != "x" ] ; do + basename=`basename $linux` + dirname=`dirname $linux` + rel_dirname=`make_system_path_relative_to_its_root $dirname` +- version=`echo $basename | sed -e "s,^[^0-9]*-,,g"` ++ version=`echo $basename | sed -e "s,vmlinuz-,,g"` + alt_version=`echo $version | sed -e "s,\.old$,,g"` + linux_root_device_thisversion="${LINUX_ROOT_DEVICE}" + +@@ -248,6 +250,18 @@ while [ "x$list" != "x" ] ; do + + linux_entry "${OS}" "${version}" advanced \ + "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}" ++ ++ if test -e "${dirname}/initramfs-${version}-fallback.img" ; then ++ initrd="initramfs-${version}-fallback.img" ++ ++ if test -n "${initrd}" ; then ++ gettext_printf "Found fallback initrd image(s) in %s:%s\n" "${dirname}" "${initrd_extra} ${initrd}" >&2 ++ fi ++ ++ linux_entry "${OS}" "${version}" fallback \ ++ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}" ++ fi ++ + if [ "x${GRUB_DISABLE_RECOVERY}" != "xtrue" ]; then + linux_entry "${OS}" "${version}" recovery \ + "single ${GRUB_CMDLINE_LINUX}" +-- +2.9.2 + Copied: grub/repos/testing-x86_64/0004-add-GRUB_COLOR_variables.patch (from rev 272946, grub/trunk/0004-add-GRUB_COLOR_variables.patch) =================================================================== --- testing-x86_64/0004-add-GRUB_COLOR_variables.patch (rev 0) +++ testing-x86_64/0004-add-GRUB_COLOR_variables.patch 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,32 @@ +diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in +index 3390ba9..c416489 100644 +--- a/util/grub-mkconfig.in ++++ b/util/grub-mkconfig.in +@@ -218,6 +218,8 @@ export GRUB_DEFAULT \ + GRUB_THEME \ + GRUB_GFXPAYLOAD_LINUX \ + GRUB_DISABLE_OS_PROBER \ ++ GRUB_COLOR_NORMAL \ ++ GRUB_COLOR_HIGHLIGHT \ + GRUB_INIT_TUNE \ + GRUB_SAVEDEFAULT \ + GRUB_ENABLE_CRYPTODISK \ +diff --git a/util/grub.d/00_header.in b/util/grub.d/00_header.in +index d2e7252..8259f45 100644 +--- a/util/grub.d/00_header.in ++++ b/util/grub.d/00_header.in +@@ -125,6 +125,14 @@ cat <<EOF + + EOF + ++if [ x$GRUB_COLOR_NORMAL != x ] && [ x$GRUB_COLOR_HIGHLIGHT != x ] ; then ++ cat << EOF ++set menu_color_normal=$GRUB_COLOR_NORMAL ++set menu_color_highlight=$GRUB_COLOR_HIGHLIGHT ++ ++EOF ++fi ++ + serial=0; + gfxterm=0; + for x in ${GRUB_TERMINAL_INPUT} ${GRUB_TERMINAL_OUTPUT}; do Copied: grub/repos/testing-x86_64/PKGBUILD (from rev 272946, grub/trunk/PKGBUILD) =================================================================== --- testing-x86_64/PKGBUILD (rev 0) +++ testing-x86_64/PKGBUILD 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,374 @@ +# Maintainer : Tobias Powalowski <tp...@archlinux.org> +# Maintainer : Ronald van Haren <ronald.archlinux.org> +# Contributor: Keshav Amburay <(the ddoott ridikulus ddoott rat) (aatt) (gemmaeiil) (ddoott) (ccoomm)> + +## "1" to enable IA32-EFI build in Arch x86_64, "0" to disable +_IA32_EFI_IN_ARCH_X64="1" + +## "1" to enable EMU build, "0" to disable +_GRUB_EMU_BUILD="0" + +_pkgver="2.02" +_GRUB_GIT_TAG="grub-2.02-beta3" +_GRUB_EXTRAS_COMMIT="f2a079441939eee7251bf141986cdd78946e1d20" + +_UNIFONT_VER="6.3.20131217" + +[[ "${CARCH}" == "x86_64" ]] && _EFI_ARCH="x86_64" +[[ "${CARCH}" == "i686" ]] && _EFI_ARCH="i386" + +[[ "${CARCH}" == "x86_64" ]] && _EMU_ARCH="x86_64" +[[ "${CARCH}" == "i686" ]] && _EMU_ARCH="i386" + +pkgname="grub" +pkgdesc="GNU GRand Unified Bootloader (2)" +pkgver=2.02.beta3 +pkgrel=2 +epoch=1 +url="https://www.gnu.org/software/grub/" +arch=('x86_64' 'i686') +license=('GPL3') +backup=('boot/grub/grub.cfg' 'etc/default/grub' 'etc/grub.d/40_custom') +install="${pkgname}.install" +options=('!makeflags') + +conflicts=('grub-common' 'grub-bios' 'grub-emu' "grub-efi-${_EFI_ARCH}" 'grub-legacy') +replaces=('grub-common' 'grub-bios' 'grub-emu' "grub-efi-${_EFI_ARCH}") +provides=('grub-common' 'grub-bios' 'grub-emu' "grub-efi-${_EFI_ARCH}") + +makedepends=('git' 'rsync' 'xz' 'freetype2' 'ttf-dejavu' 'python' 'autogen' + 'texinfo' 'help2man' 'gettext' 'device-mapper' 'fuse') +depends=('sh' 'xz' 'gettext' 'device-mapper') +optdepends=('freetype2: For grub-mkfont usage' + 'fuse: For grub-mount usage' + 'dosfstools: For grub-mkrescue FAT FS and EFI support' + 'efibootmgr: For grub-install EFI support' + 'libisoburn: Provides xorriso for generating grub rescue iso using grub-mkrescue' + 'os-prober: To detect other OSes when generating grub.cfg in BIOS systems' + 'mtools: For grub-mkrescue FAT FS support') + +if [[ "${_GRUB_EMU_BUILD}" == "1" ]]; then + makedepends+=('libusbx' 'sdl') + optdepends+=('libusbx: For grub-emu USB support' + 'sdl: For grub-emu SDL support') +fi + +source=("grub-${_pkgver}::git+git://git.sv.gnu.org/grub.git#tag=${_GRUB_GIT_TAG}" + "grub-extras::git+git://git.sv.gnu.org/grub-extras.git#commit=${_GRUB_EXTRAS_COMMIT}" + "http://ftp.gnu.org/gnu/unifont/unifont-${_UNIFONT_VER}/unifont-${_UNIFONT_VER}.bdf.gz" + "http://ftp.gnu.org/gnu/unifont/unifont-${_UNIFONT_VER}/unifont-${_UNIFONT_VER}.bdf.gz.sig" + '0001-Fix-security-issue-when-reading-username-and-passwor.patch' + '0002-intel-ucode.patch' + '0003-10_linux-detect-archlinux-initramfs.patch' + '0004-add-GRUB_COLOR_variables.patch' + 'grub.default' + 'grub.cfg') + +md5sums=('SKIP' + 'SKIP' + '728b7439ac733a7c0d56049adec364c7' + 'SKIP' + '9589ec46a04f9bb4d5da987340a4a324' + 'ff3b8524983ce02fc48fce38f96b1a82' + 'ba9d27c44b677bf329e5b96933bdbde8' + 'e506ae4a9f9f7d1b765febfa84e10d48' + 'a03ffd56324520393bf574cefccb893d' + 'c8b9511586d57d6f2524ae7898397a46') +validpgpkeys=('95D2E9AB8740D8046387FD151A09227B1F435A33') #Paul Hardy + +_pkgver() { + cd "${srcdir}/grub-${_pkgver}/" + echo "$(git describe --tags)" | sed -e 's|grub.||g' -e 's|-|\.|g' +} + +prepare() { + cd "${srcdir}/grub-${_pkgver}/" + + # CVE-2015-8370 + patch -Np1 -i ../0001-Fix-security-issue-when-reading-username-and-passwor.patch + + msg "Patch to load Intel microcode" + patch -Np1 -i "${srcdir}/0002-intel-ucode.patch" + echo + + msg "Patch to detect of Arch Linux initramfs images by grub-mkconfig" + patch -Np1 -i "${srcdir}/0003-10_linux-detect-archlinux-initramfs.patch" + echo + + msg "Patch to enable GRUB_COLOR_* variables in grub-mkconfig" + ## Based on http://lists.gnu.org/archive/html/grub-devel/2012-02/msg00021.html + patch -Np1 -i "${srcdir}/0004-add-GRUB_COLOR_variables.patch" + echo + + msg "Fix DejaVuSans.ttf location so that grub-mkfont can create *.pf2 files for starfield theme" + sed 's|/usr/share/fonts/dejavu|/usr/share/fonts/dejavu /usr/share/fonts/TTF|g' -i "${srcdir}/grub-${_pkgver}/configure.ac" + + msg "Fix mkinitcpio 'rw' FS#36275" + sed 's| ro | rw |g' -i "${srcdir}/grub-${_pkgver}/util/grub.d/10_linux.in" + + msg "Fix OS naming FS#33393" + sed 's|GNU/Linux|Linux|' -i "${srcdir}/grub-${_pkgver}/util/grub.d/10_linux.in" + + # msg "autogen.sh requires python (2/3). since bzr is in makedepends, use python2 and no need to pull python3" + # sed 's|python |python2 |g' -i "${srcdir}/grub-${_pkgver}/autogen.sh" + + msg "Pull in latest language files" + ./linguas.sh + echo + + msg "Remove not working langs which need LC_ALL=C.UTF-8" + sed -e 's#en@cyrillic en@greek##g' -i "${srcdir}/grub-${_pkgver}/po/LINGUAS" + + msg "Avoid problem with unifont during compile of grub, http://savannah.gnu.org/bugs/?40330 and https://bugs.archlinux.org/task/37847" + cp "${srcdir}/unifont-${_UNIFONT_VER}.bdf" "${srcdir}/grub-${_pkgver}/unifont.bdf" +} + +_build_grub-common_and_bios() { + msg "Set ARCH dependent variables for bios build" + if [[ "${CARCH}" == 'x86_64' ]]; then + _EFIEMU="--enable-efiemu" + else + _EFIEMU="--disable-efiemu" + fi + + msg "Copy the source for building the bios part" + cp -r "${srcdir}/grub-${_pkgver}" "${srcdir}/grub-${_pkgver}-bios" + cd "${srcdir}/grub-${_pkgver}-bios/" + + msg "Add the grub-extra sources for bios build" + install -d "${srcdir}/grub-${_pkgver}-bios/grub-extras" + cp -r "${srcdir}/grub-extras/915resolution" "${srcdir}/grub-${_pkgver}-bios/grub-extras/915resolution" + export GRUB_CONTRIB="${srcdir}/grub-${_pkgver}-bios/grub-extras/" + + msg "Unset all compiler FLAGS for bios build" + unset CFLAGS + unset CPPFLAGS + unset CXXFLAGS + unset LDFLAGS + unset MAKEFLAGS + + cd "${srcdir}/grub-${_pkgver}-bios/" + + msg "Run autogen.sh for bios build" + ./autogen.sh + echo + + msg "Run ./configure for bios build" + ./configure \ + --with-platform="pc" \ + --target="i386" \ + "${_EFIEMU}" \ + --enable-mm-debug \ + --enable-nls \ + --enable-device-mapper \ + --enable-cache-stats \ + --enable-boot-time \ + --enable-grub-mkfont \ + --enable-grub-mount \ + --prefix="/usr" \ + --bindir="/usr/bin" \ + --sbindir="/usr/bin" \ + --mandir="/usr/share/man" \ + --infodir="/usr/share/info" \ + --datarootdir="/usr/share" \ + --sysconfdir="/etc" \ + --program-prefix="" \ + --with-bootdir="/boot" \ + --with-grubdir="grub" \ + --disable-silent-rules \ + --disable-werror + echo + + msg "Run make for bios build" + make + echo +} + +_build_grub-efi() { + msg "Copy the source for building the ${_EFI_ARCH} efi part" + cp -r "${srcdir}/grub-${_pkgver}" "${srcdir}/grub-${_pkgver}-efi-${_EFI_ARCH}" + cd "${srcdir}/grub-${_pkgver}-efi-${_EFI_ARCH}/" + + msg "Unset all compiler FLAGS for ${_EFI_ARCH} efi build" + unset CFLAGS + unset CPPFLAGS + unset CXXFLAGS + unset LDFLAGS + unset MAKEFLAGS + + cd "${srcdir}/grub-${_pkgver}-efi-${_EFI_ARCH}/" + + msg "Run autogen.sh for ${_EFI_ARCH} efi build" + ./autogen.sh + echo + + msg "Run ./configure for ${_EFI_ARCH} efi build" + ./configure \ + --with-platform="efi" \ + --target="${_EFI_ARCH}" \ + --disable-efiemu \ + --enable-mm-debug \ + --enable-nls \ + --enable-device-mapper \ + --enable-cache-stats \ + --enable-boot-time \ + --enable-grub-mkfont \ + --enable-grub-mount \ + --prefix="/usr" \ + --bindir="/usr/bin" \ + --sbindir="/usr/bin" \ + --mandir="/usr/share/man" \ + --infodir="/usr/share/info" \ + --datarootdir="/usr/share" \ + --sysconfdir="/etc" \ + --program-prefix="" \ + --with-bootdir="/boot" \ + --with-grubdir="grub" \ + --disable-silent-rules \ + --disable-werror + echo + + msg "Run make for ${_EFI_ARCH} efi build" + make + echo +} + +_build_grub-emu() { + msg "Copy the source for building the emu part" + cp -r "${srcdir}/grub-${_pkgver}/" "${srcdir}/grub-${_pkgver}-emu/" + + msg "Unset all compiler FLAGS for emu build" + unset CFLAGS + unset CPPFLAGS + unset CXXFLAGS + unset LDFLAGS + unset MAKEFLAGS + + cd "${srcdir}/grub-${_pkgver}-emu/" + + msg "Run autogen.sh for emu build" + ./autogen.sh + echo + + msg "Run ./configure for emu build" + ./configure \ + --with-platform="emu" \ + --target="${_EMU_ARCH}" \ + --enable-mm-debug \ + --enable-nls \ + --enable-device-mapper \ + --enable-cache-stats \ + --enable-grub-mkfont \ + --enable-grub-mount \ + --enable-grub-emu-usb=no \ + --enable-grub-emu-sdl=no \ + --disable-grub-emu-pci \ + --prefix="/usr" \ + --bindir="/usr/bin" \ + --sbindir="/usr/bin" \ + --mandir="/usr/share/man" \ + --infodir="/usr/share/info" \ + --datarootdir="/usr/share" \ + --sysconfdir="/etc" \ + --program-prefix="" \ + --with-bootdir="/boot" \ + --with-grubdir="grub" \ + --disable-silent-rules \ + --disable-werror + echo + + msg "Run make for emu build" + make + echo +} + +build() { + cd "${srcdir}/grub-${_pkgver}/" + + msg "Build grub bios stuff" + _build_grub-common_and_bios + echo + + msg "Build grub ${_EFI_ARCH} efi stuff" + _build_grub-efi + echo + + if [[ "${CARCH}" == "x86_64" ]] && [[ "${_IA32_EFI_IN_ARCH_X64}" == "1" ]]; then + msg "Build grub i386 efi stuff" + _EFI_ARCH="i386" _build_grub-efi + echo + fi + + if [[ "${_GRUB_EMU_BUILD}" == "1" ]]; then + msg "Build grub emu stuff" + _build_grub-emu + echo + fi +} + +_package_grub-common_and_bios() { + cd "${srcdir}/grub-${_pkgver}-bios/" + + msg "Run make install for bios build" + make DESTDIR="${pkgdir}/" bashcompletiondir="/usr/share/bash-completion/completions" install + echo + + msg "Remove gdb debugging related files for bios build" + rm -f "${pkgdir}/usr/lib/grub/i386-pc"/*.module || true + rm -f "${pkgdir}/usr/lib/grub/i386-pc"/*.image || true + rm -f "${pkgdir}/usr/lib/grub/i386-pc"/{kernel.exec,gdb_grub,gmodule.pl} || true + + msg "Install /etc/default/grub (used by grub-mkconfig)" + install -D -m0644 "${srcdir}/grub.default" "${pkgdir}/etc/default/grub" + + msg "Install grub.cfg for backup array" + install -D -m0644 "${srcdir}/grub.cfg" "${pkgdir}/boot/grub/grub.cfg" +} + +_package_grub-efi() { + cd "${srcdir}/grub-${_pkgver}-efi-${_EFI_ARCH}/" + + msg "Run make install for ${_EFI_ARCH} efi build" + make DESTDIR="${pkgdir}/" bashcompletiondir="/usr/share/bash-completion/completions" install + echo + + msg "Remove gdb debugging related files for ${_EFI_ARCH} efi build" + rm -f "${pkgdir}/usr/lib/grub/${_EFI_ARCH}-efi"/*.module || true + rm -f "${pkgdir}/usr/lib/grub/${_EFI_ARCH}-efi"/*.image || true + rm -f "${pkgdir}/usr/lib/grub/${_EFI_ARCH}-efi"/{kernel.exec,gdb_grub,gmodule.pl} || true +} + +_package_grub-emu() { + cd "${srcdir}/grub-${_pkgver}-emu/" + + msg "Run make install for emu build" + make DESTDIR="${pkgdir}/" bashcompletiondir="/usr/share/bash-completion/completions" install + echo + + msg "Remove gdb debugging related files for emu build" + rm -f "${pkgdir}/usr/lib/grub/${_EMU_ARCH}-emu"/*.module || true + rm -f "${pkgdir}/usr/lib/grub/${_EMU_ARCH}-emu"/*.image || true + rm -f "${pkgdir}/usr/lib/grub/${_EMU_ARCH}-emu"/{kernel.exec,gdb_grub,gmodule.pl} || true +} + +package() { + cd "${srcdir}/grub-${_pkgver}/" + + msg "Package grub ${_EFI_ARCH} efi stuff" + _package_grub-efi + + if [[ "${CARCH}" == "x86_64" ]] && [[ "${_IA32_EFI_IN_ARCH_X64}" == "1" ]]; then + msg "Package grub i386 efi stuff" + _EFI_ARCH="i386" _package_grub-efi + echo + fi + + if [[ "${_GRUB_EMU_BUILD}" == "1" ]]; then + msg "Package grub emu stuff" + _package_grub-emu + echo + fi + + msg "Package grub bios stuff" + _package_grub-common_and_bios +} Copied: grub/repos/testing-x86_64/grub.cfg (from rev 272946, grub/trunk/grub.cfg) =================================================================== --- testing-x86_64/grub.cfg (rev 0) +++ testing-x86_64/grub.cfg 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,139 @@ +# +# DO NOT EDIT THIS FILE +# +# It is automatically generated by grub-mkconfig using templates +# from /etc/grub.d and settings from /etc/default/grub +# + +### BEGIN /etc/grub.d/00_header ### +insmod part_gpt +insmod part_msdos +if [ -s $prefix/grubenv ]; then + load_env +fi +set default="0" + +if [ x"${feature_menuentry_id}" = xy ]; then + menuentry_id_option="--id" +else + menuentry_id_option="" +fi + +export menuentry_id_option + +if [ "${prev_saved_entry}" ]; then + set saved_entry="${prev_saved_entry}" + save_env saved_entry + set prev_saved_entry= + save_env prev_saved_entry + set boot_once=true +fi + +function savedefault { + if [ -z "${boot_once}" ]; then + saved_entry="${chosen}" + save_env saved_entry + fi +} + +function load_video { + if [ x$feature_all_video_module = xy ]; then + insmod all_video + else + insmod efi_gop + insmod efi_uga + insmod ieee1275_fb + insmod vbe + insmod vga + insmod video_bochs + insmod video_cirrus + fi +} + +if [ x$feature_default_font_path = xy ] ; then + font=unicode +else +insmod part_msdos +insmod ext2 +set root='hd0,msdos5' +if [ x$feature_platform_search_hint = xy ]; then + search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos5 --hint-efi=hd0,msdos5 --hint-baremetal=ahci0,msdos5 ad4103fa-d940-47ca-8506-301d8071d467 +else + search --no-floppy --fs-uuid --set=root ad4103fa-d940-47ca-8506-301d8071d467 +fi + font="/usr/share/grub/unicode.pf2" +fi + +if loadfont $font ; then + set gfxmode=auto + load_video + insmod gfxterm + set locale_dir=$prefix/locale + set lang=en_US + insmod gettext +fi +terminal_input console +terminal_output gfxterm +set timeout=5 +### END /etc/grub.d/00_header ### + +### BEGIN /etc/grub.d/10_linux ### +menuentry 'Arch Linux, with Linux core repo kernel' --class arch --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-core repo kernel-true-ad4103fa-d940-47ca-8506-301d8071d467' { + load_video + set gfxpayload=keep + insmod gzio + insmod part_msdos + insmod ext2 + set root='hd0,msdos5' + if [ x$feature_platform_search_hint = xy ]; then + search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos5 --hint-efi=hd0,msdos5 --hint-baremetal=ahci0,msdos5 ad4103fa-d940-47ca-8506-301d8071d467 + else + search --no-floppy --fs-uuid --set=root ad4103fa-d940-47ca-8506-301d8071d467 + fi + echo 'Loading Linux core repo kernel ...' + linux /boot/vmlinuz-linux root=UUID=ad4103fa-d940-47ca-8506-301d8071d467 rw quiet + echo 'Loading initial ramdisk ...' + initrd /boot/initramfs-linux.img +} +menuentry 'Arch Linux, with Linux core repo kernel (Fallback initramfs)' --class arch --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-core repo kernel-fallback-ad4103fa-d940-47ca-8506-301d8071d467' { + load_video + set gfxpayload=keep + insmod gzio + insmod part_msdos + insmod ext2 + set root='hd0,msdos5' + if [ x$feature_platform_search_hint = xy ]; then + search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos5 --hint-efi=hd0,msdos5 --hint-baremetal=ahci0,msdos5 ad4103fa-d940-47ca-8506-301d8071d467 + else + search --no-floppy --fs-uuid --set=root ad4103fa-d940-47ca-8506-301d8071d467 + fi + echo 'Loading Linux core repo kernel ...' + linux /boot/vmlinuz-linux root=UUID=ad4103fa-d940-47ca-8506-301d8071d467 rw quiet + echo 'Loading initial ramdisk ...' + initrd /boot/initramfs-linux-fallback.img +} + +### END /etc/grub.d/10_linux ### + +### BEGIN /etc/grub.d/20_linux_xen ### +### END /etc/grub.d/20_linux_xen ### + +### BEGIN /etc/grub.d/20_memtest86+ ### +### END /etc/grub.d/20_memtest86+ ### + +### BEGIN /etc/grub.d/30_os-prober ### +### END /etc/grub.d/30_os-prober ### + +### BEGIN /etc/grub.d/40_custom ### +# This file provides an easy way to add custom menu entries. Simply type the +# menu entries you want to add after this comment. Be careful not to change +# the 'exec tail' line above. +### END /etc/grub.d/40_custom ### + +### BEGIN /etc/grub.d/41_custom ### +if [ -f ${config_directory}/custom.cfg ]; then + source ${config_directory}/custom.cfg +elif [ -z "${config_directory}" -a -f $prefix/custom.cfg ]; then + source $prefix/custom.cfg; +fi +### END /etc/grub.d/41_custom ### Copied: grub/repos/testing-x86_64/grub.default (from rev 272946, grub/trunk/grub.default) =================================================================== --- testing-x86_64/grub.default (rev 0) +++ testing-x86_64/grub.default 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,47 @@ +GRUB_DEFAULT=0 +GRUB_TIMEOUT=5 +GRUB_DISTRIBUTOR="Arch" +GRUB_CMDLINE_LINUX_DEFAULT="quiet" +GRUB_CMDLINE_LINUX="" + +# Preload both GPT and MBR modules so that they are not missed +GRUB_PRELOAD_MODULES="part_gpt part_msdos" + +# Uncomment to enable Hidden Menu, and optionally hide the timeout count +#GRUB_HIDDEN_TIMEOUT=5 +#GRUB_HIDDEN_TIMEOUT_QUIET=true + +# Uncomment to use basic console +GRUB_TERMINAL_INPUT=console + +# Uncomment to disable graphical terminal +#GRUB_TERMINAL_OUTPUT=console + +# The resolution used on graphical terminal +# note that you can use only modes which your graphic card supports via VBE +# you can see them in real GRUB with the command `vbeinfo' +GRUB_GFXMODE=auto + +# Uncomment to allow the kernel use the same resolution used by grub +GRUB_GFXPAYLOAD_LINUX=keep + +# Uncomment if you want GRUB to pass to the Linux kernel the old parameter +# format "root=/dev/xxx" instead of "root=/dev/disk/by-uuid/xxx" +#GRUB_DISABLE_LINUX_UUID=true + +# Uncomment to disable generation of recovery mode menu entries +GRUB_DISABLE_RECOVERY=true + +# Uncomment and set to the desired menu colors. Used by normal and wallpaper +# modes only. Entries specified as foreground/background. +#GRUB_COLOR_NORMAL="light-blue/black" +#GRUB_COLOR_HIGHLIGHT="light-cyan/blue" + +# Uncomment one of them for the gfx desired, a image background or a gfxtheme +#GRUB_BACKGROUND="/path/to/wallpaper" +#GRUB_THEME="/path/to/gfxtheme" + +# Uncomment to get a beep at GRUB start +#GRUB_INIT_TUNE="480 440 1" + +#GRUB_SAVEDEFAULT="true" Copied: grub/repos/testing-x86_64/grub.install (from rev 272946, grub/trunk/grub.install) =================================================================== --- testing-x86_64/grub.install (rev 0) +++ testing-x86_64/grub.install 2016-08-03 07:43:08 UTC (rev 272947) @@ -0,0 +1,15 @@ +post_install() { + if [ -f /boot/grub/grub.cfg.pacsave ]; then + echo "Copying /boot/grub/grub.cfg.pacsave to /boot/grub/grub.cfg" + install -D -m0644 /boot/grub/grub.cfg.pacsave /boot/grub/grub.cfg + fi + + cat << 'EOM' +Generating grub.cfg.example config file... +This may fail on some machines running a custom kernel. +EOM + + grub-mkconfig -o /boot/grub/grub.cfg.example 2> /dev/null + echo "done." +} +