Another set of fixes for 2.06

- Add luks2 to GRUB_MODULES - 20-grub-install: Create a symvers.gz symbolic link - 20-grub-install: Always use fedora as the boot entry --class Resolves: rhbz#1957014 - grub.macros: Install font in /boot/grub2 instead of the ESP Resolves: rhbz#1739762 - grub.macros: Use consistent file mode for legacy and EFI Resolves: rhbz#1965794 - Drop grub2 prelink configuration Resolves: rhbz#1659675 - Remove triggers needed to upgrade from legacy GRUB - Don't harcode grub2 in the spec file - Update to unifont-13.0.06 Resolves: rhbz#1939125 - 20-grub-install: Use relative paths for btrfs in BLS snippets Resolves: rhbz#1906191 - Don't update the cmdline when generating legacy menuentry commands - Suppress gettext error message Resolves: rhbz#1592124 - grub-boot-success.timer: Only run if not in a container Resolves: rhbz#1914571 - grub-set-password: Always use /boot/grub2/user.cfg as password default Resolves: rhbz#1955294 - Remove outdated URL for BLS document Resolves: rhbz#1926453 - templates: Check for EFI at runtime instead of config generation time Resolves: rhbz#1823864 - efi: Print an error if boot to firmware setup is not supported Resolves: rhbz#1823864 Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
2024-11-24 06:22:43 +00:00 · 2021-07-06 01:34:01 +02:00 · 2021-07-06 01:34:01 +02:00 · 67f07b7c9e
commit 67f07b7c9e
parent fbeda573a9
9 changed files with 365 additions and 1 deletions
--- a/0209-Don-t-update-the-cmdline-when-generating-legacy-menu.patch
+++ b/0209-Don-t-update-the-cmdline-when-generating-legacy-menu.patch
@ -0,0 +1,36 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Javier Martinez Canillas <javierm@redhat.com>
+Date: Thu, 17 Jun 2021 14:31:42 +0200
+Subject: [PATCH] Don't update the cmdline when generating legacy menuentry
+ commands
+
+On OPAL ppc64le machines with an old petitboot version that doesn't have
+support to parse BLS snippets, the grub2-mkconfig script is executed to
+generate menuentry commands from the BLS snippets.
+
+In this case, the script is executed with the --no-grubenv-update option
+that indicates that no side effects should happen when running the script.
+
+But the options field in the BLS snippets are updated regardless, only do
+the update if --no-grubenv-update was not used.
+
+Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
+---
+ util/grub.d/10_linux.in | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
+index 68adb55d893..c9296154f51 100644
+--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
+@@ -261,7 +261,9 @@ if [ -z "\${kernelopts}" ]; then
+ fi
+ EOF
+ 
+-  update_bls_cmdline
+  if [ "x${GRUB_GRUBENV_UPDATE}" = "xyes" ]; then
+      update_bls_cmdline
+  fi
+ 
+   if [ "x${BLS_POPULATE_MENU}" = "xtrue" ]; then
+       populate_menu
--- a/0210-Suppress-gettext-error-message.patch
+++ b/0210-Suppress-gettext-error-message.patch
@ -0,0 +1,33 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
+Date: Tue, 29 Jun 2021 13:17:42 +0200
+Subject: [PATCH] Suppress gettext error message
+
+Colin Watson's patch from comment #11 on the upstream bug:
+https://savannah.gnu.org/bugs/?35880#comment11
+
+Resolves: rhbz#1592124
+
+Signed-off-by: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
+---
+ grub-core/gettext/gettext.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c
+index 84d520cd494..87a912ac6e5 100644
+--- a/grub-core/gettext/gettext.c
+++ b/grub-core/gettext/gettext.c
+@@ -424,6 +424,13 @@ grub_gettext_init_ext (struct grub_gettext_context *ctx,
+       grub_free (lang);
+     }
+ 
+  /* If no translations are available, fall back to untranslated text. */
+  if (err == GRUB_ERR_FILE_NOT_FOUND)
+    {
+      grub_errno = GRUB_ERR_NONE;
+      return 0;
+    }
+
+   if (locale[0] == 'e' && locale[1] == 'n'
+       && (locale[2] == '\0' || locale[2] == '_'))
+     grub_errno = err = GRUB_ERR_NONE;
--- a/0211-grub-boot-success.timer-Only-run-if-not-in-a-contain.patch
+++ b/0211-grub-boot-success.timer-Only-run-if-not-in-a-contain.patch
@ -0,0 +1,32 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Gena Makhomed <gmm@csdoc.com>
+Date: Thu, 1 Jul 2021 01:07:46 +0200
+Subject: [PATCH] grub-boot-success.timer: Only run if not in a container
+
+The grub-boot-success.timer should be disabled inside a container since it
+leads to the following error:
+
+Jan 09 22:56:38 test sshd[8786]: pam_unix(sshd:session): session opened for user www(uid=1000) by (uid=0)
+Jan 09 22:58:39 test systemd[8857]: Starting Mark boot as successful...
+Jan 09 22:58:39 test systemd[8857]: grub-boot-success.service: Main process exited, code=exited, status=1/FAILURE
+Jan 09 22:58:39 test systemd[8857]: grub-boot-success.service: Failed with result 'exit-code'.
+Jan 09 22:58:39 test systemd[8857]: Failed to start Mark boot as successful.
+Jan 09 22:58:39 test grub2-set-bootflag[10034]: Error canonicalizing /boot/grub2/grubenv filename: No such file or directory
+
+Resolves: rhbz#1914571
+---
+ docs/grub-boot-success.timer | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/docs/grub-boot-success.timer b/docs/grub-boot-success.timer
+index 5d8fcba21aa..406f1720056 100644
+--- a/docs/grub-boot-success.timer
+++ b/docs/grub-boot-success.timer
+@@ -1,6 +1,7 @@
+ [Unit]
+ Description=Mark boot as successful after the user session has run 2 minutes
+ ConditionUser=!@system
+ConditionVirtualization=!container
+ 
+ [Timer]
+ OnActiveSec=2min
--- a/0212-grub-set-password-Always-use-boot-grub2-user.cfg-as-.patch
+++ b/0212-grub-set-password-Always-use-boot-grub2-user.cfg-as-.patch
@ -0,0 +1,42 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Javier Martinez Canillas <javierm@redhat.com>
+Date: Mon, 5 Jul 2021 18:24:22 +0200
+Subject: [PATCH] grub-set-password: Always use /boot/grub2/user.cfg as
+ password default
+
+The GRUB configuration file is always placed in /boot/grub2/ now, even for
+EFI. But the tool is still creating the user.cfg in the ESP and not there.
+
+Resolves: rhbz#1955294
+
+Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
+---
+ util/grub-set-password.in | 9 +--------
+ 1 file changed, 1 insertion(+), 8 deletions(-)
+
+diff --git a/util/grub-set-password.in b/util/grub-set-password.in
+index c0b5ebbfdc5..d8005e5a142 100644
+--- a/util/grub-set-password.in
+++ b/util/grub-set-password.in
+@@ -1,11 +1,6 @@
+ #!/bin/sh -e
+ 
+-EFIDIR=$(grep ^ID= /etc/os-release | sed -e 's/^ID=//' -e 's/rhel/redhat/' -e 's/\"//g')
+-if [ -d /sys/firmware/efi/efivars/ ]; then
+-    grubdir=`echo "/@bootdirname@/efi/EFI/${EFIDIR}/" | sed 's,//*,/,g'`
+-else
+-    grubdir=`echo "/@bootdirname@/@grubdirname@" | sed 's,//*,/,g'`
+-fi
+grubdir=`echo "/@bootdirname@/@grubdirname@" | sed 's,//*,/,g'`
+ 
+ PACKAGE_VERSION="@PACKAGE_VERSION@"
+ PACKAGE_NAME="@PACKAGE_NAME@"
+@@ -116,8 +111,6 @@ if [ -z "${MYPASS}" ]; then
+       exit 1
+ fi
+ 
+-# on the ESP, these will fail to set the permissions, but it's okay because
+-# the directory is protected.
+ install -m 0600 /dev/null "${OUTPUT_PATH}/user.cfg" 2>/dev/null || :
+ chmod 0600 "${OUTPUT_PATH}/user.cfg" 2>/dev/null || :
+ echo "GRUB2_PASSWORD=${MYPASS}" > "${OUTPUT_PATH}/user.cfg"
--- a/0213-Remove-outdated-URL-for-BLS-document.patch
+++ b/0213-Remove-outdated-URL-for-BLS-document.patch
@ -0,0 +1,28 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Javier Martinez Canillas <javierm@redhat.com>
+Date: Mon, 5 Jul 2021 19:00:25 +0200
+Subject: [PATCH] Remove outdated URL for BLS document
+
+The document was moved to https://systemd.io/BOOT_LOADER_SPECIFICATION/,
+update the URL accordingly to point to the current location.
+
+Resolves: rhbz#1926453
+
+Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
+---
+ util/grub.d/10_linux.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
+index c9296154f51..6ee0a2cf3d0 100644
+--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
+@@ -96,7 +96,7 @@ cat <<EOF
+ #
+ # The $bls_parser parses the BootLoaderSpec files stored in /boot/loader/entries and
+ # populates the boot menu. Please refer to the Boot Loader Specification documentation
+-# for the files format: https://www.freedesktop.org/wiki/Specifications/BootLoaderSpec/.
+# for the files format: https://systemd.io/BOOT_LOADER_SPECIFICATION/.
+ 
+ EOF
+ }
--- a/0214-templates-Check-for-EFI-at-runtime-instead-of-config.patch
+++ b/0214-templates-Check-for-EFI-at-runtime-instead-of-config.patch
@ -0,0 +1,63 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Javier Martinez Canillas <javierm@redhat.com>
+Date: Tue, 6 Jul 2021 00:38:40 +0200
+Subject: [PATCH] templates: Check for EFI at runtime instead of config
+ generation time
+
+The 30_uefi-firmware template checks if an OsIndicationsSupported UEFI var
+exists and EFI_OS_INDICATIONS_BOOT_TO_FW_UI bit is set, to decide whether
+a "fwsetup" menu entry would be added or not to the GRUB menu.
+
+But this has the problem that it will only work if the configuration file
+was created on an UEFI machine that supports booting to a firmware UI.
+
+This for example doesn't support creating GRUB config files when executing
+on systems that support both UEFI and legacy BIOS booting. Since creating
+the config file from legacy BIOS wouldn't allow to access the firmware UI.
+
+To prevent this, make the template to unconditionally create the grub.cfg
+snippet but check at runtime if was booted through UEFI to decide if this
+entry should be added. That way it won't be added when booting with BIOS.
+
+There's no need to check if EFI_OS_INDICATIONS_BOOT_TO_FW_UI bit is set,
+since that's already done by the "fwsetup" command when is executed.
+
+Resolves: rhbz#1823864
+
+Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
+---
+ util/grub.d/30_uefi-firmware.in | 21 ++++++++-------------
+ 1 file changed, 8 insertions(+), 13 deletions(-)
+
+diff --git a/util/grub.d/30_uefi-firmware.in b/util/grub.d/30_uefi-firmware.in
+index d344d3883d7..b6041b55e2a 100644
+--- a/util/grub.d/30_uefi-firmware.in
+++ b/util/grub.d/30_uefi-firmware.in
+@@ -26,19 +26,14 @@ export TEXTDOMAINDIR="@localedir@"
+ 
+ . "$pkgdatadir/grub-mkconfig_lib"
+ 
+-EFI_VARS_DIR=/sys/firmware/efi/efivars
+-EFI_GLOBAL_VARIABLE=8be4df61-93ca-11d2-aa0d-00e098032b8c
+-OS_INDICATIONS="$EFI_VARS_DIR/OsIndicationsSupported-$EFI_GLOBAL_VARIABLE"
+LABEL="UEFI Firmware Settings"
+ 
+-if [ -e "$OS_INDICATIONS" ] && \
+-   [ "$(( $(printf 0x%x \'"$(cat $OS_INDICATIONS | cut -b5)"\') & 1 ))" = 1 ]; then
+-  LABEL="UEFI Firmware Settings"
+gettext_printf "Adding boot menu entry for UEFI Firmware Settings ...\n" >&2
+ 
+-  gettext_printf "Adding boot menu entry for UEFI Firmware Settings ...\n" >&2
+-
+-  cat << EOF
+-menuentry '$LABEL' \$menuentry_id_option 'uefi-firmware' {
+-	fwsetup
+-}
+-EOF
+cat << EOF
+if [ "\$grub_platform" = "efi" ]; then
+	menuentry '$LABEL' \$menuentry_id_option 'uefi-firmware' {
+		fwsetup
+	}
+ fi
+EOF
--- a/0215-efi-Print-an-error-if-boot-to-firmware-setup-is-not-.patch
+++ b/0215-efi-Print-an-error-if-boot-to-firmware-setup-is-not-.patch
@ -0,0 +1,92 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Javier Martinez Canillas <javierm@redhat.com>
+Date: Tue, 6 Jul 2021 01:10:18 +0200
+Subject: [PATCH] efi: Print an error if boot to firmware setup is not
+ supported
+
+The "fwsetup" command is only registered if the firmware supports booting
+to the firmware setup UI. But it could be possible that the GRUB config
+already contains a "fwsetup" entry, because it was generated in a machine
+that has support for this feature.
+
+To prevent users getting a "can't find command `fwsetup`" error if it is
+not supported by the firmware, let's just always register the command but
+print a more accurate message if the firmware doesn't support this option.
+
+Resolves: rhbz#1823864
+
+Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
+---
+ grub-core/commands/efi/efifwsetup.c | 43 ++++++++++++++++++++-----------------
+ 1 file changed, 23 insertions(+), 20 deletions(-)
+
+diff --git a/grub-core/commands/efi/efifwsetup.c b/grub-core/commands/efi/efifwsetup.c
+index eaca0328388..328c45e82e0 100644
+--- a/grub-core/commands/efi/efifwsetup.c
+++ b/grub-core/commands/efi/efifwsetup.c
+@@ -27,6 +27,25 @@
+ 
+ GRUB_MOD_LICENSE ("GPLv3+");
+ 
+static grub_efi_boolean_t
+efifwsetup_is_supported (void)
+{
+  grub_efi_uint64_t *os_indications_supported = NULL;
+  grub_size_t oi_size = 0;
+  grub_efi_guid_t global = GRUB_EFI_GLOBAL_VARIABLE_GUID;
+
+  grub_efi_get_variable ("OsIndicationsSupported", &global, &oi_size,
+			 (void **) &os_indications_supported);
+
+  if (!os_indications_supported)
+    return 0;
+
+  if (*os_indications_supported & GRUB_EFI_OS_INDICATIONS_BOOT_TO_FW_UI)
+    return 1;
+
+  return 0;
+}
+
+ static grub_err_t
+ grub_cmd_fwsetup (grub_command_t cmd __attribute__ ((unused)),
+ 		  int argc __attribute__ ((unused)),
+@@ -38,6 +57,10 @@ grub_cmd_fwsetup (grub_command_t cmd __attribute__ ((unused)),
+   grub_size_t oi_size;
+   grub_efi_guid_t global = GRUB_EFI_GLOBAL_VARIABLE_GUID;
+ 
+  if (!efifwsetup_is_supported ())
+	  return grub_error (GRUB_ERR_INVALID_COMMAND,
+			     N_("Reboot to firmware setup is not supported"));
+
+   grub_efi_get_variable ("OsIndications", &global, &oi_size,
+ 			 (void **) &old_os_indications);
+ 
+@@ -56,28 +79,8 @@ grub_cmd_fwsetup (grub_command_t cmd __attribute__ ((unused)),
+ 
+ static grub_command_t cmd = NULL;
+ 
+-static grub_efi_boolean_t
+-efifwsetup_is_supported (void)
+-{
+-  grub_efi_uint64_t *os_indications_supported = NULL;
+-  grub_size_t oi_size = 0;
+-  grub_efi_guid_t global = GRUB_EFI_GLOBAL_VARIABLE_GUID;
+-
+-  grub_efi_get_variable ("OsIndicationsSupported", &global, &oi_size,
+-			 (void **) &os_indications_supported);
+-
+-  if (!os_indications_supported)
+-    return 0;
+-
+-  if (*os_indications_supported & GRUB_EFI_OS_INDICATIONS_BOOT_TO_FW_UI)
+-    return 1;
+-
+-  return 0;
+-}
+-
+ GRUB_MOD_INIT (efifwsetup)
+ {
+-  if (efifwsetup_is_supported ())
+     cmd = grub_register_command ("fwsetup", grub_cmd_fwsetup, NULL,
+ 				 N_("Reboot into firmware setup menu."));
+ 
--- a/grub.patches
+++ b/grub.patches
@ -206,3 +206,10 @@ Patch0205: 0205-Don-t-check-for-rpmvercmp-in-librpm.patch
 Patch0206: 0206-Allow-chainloading-EFI-apps-from-loop-mounts.patch
 Patch0207: 0207-efinet-Add-DHCP-proxy-support.patch
 Patch0208: 0208-fs-ext2-Ignore-checksum-seed-incompat-feature.patch
+Patch0209: 0209-Don-t-update-the-cmdline-when-generating-legacy-menu.patch
+Patch0210: 0210-Suppress-gettext-error-message.patch
+Patch0211: 0211-grub-boot-success.timer-Only-run-if-not-in-a-contain.patch
+Patch0212: 0212-grub-set-password-Always-use-boot-grub2-user.cfg-as-.patch
+Patch0213: 0213-Remove-outdated-URL-for-BLS-document.patch
+Patch0214: 0214-templates-Check-for-EFI-at-runtime-instead-of-config.patch
+Patch0215: 0215-efi-Print-an-error-if-boot-to-firmware-setup-is-not-.patch
--- a/grub2.spec
+++ b/grub2.spec
@ -14,7 +14,7 @@
 Name:		grub2
 Epoch:		1
 Version:	2.06
-Release:	2%{?dist}
+Release:	3%{?dist}
 Summary:	Bootloader with support for Linux, Multiboot and more
 License:	GPLv3+
 URL:		http://www.gnu.org/software/grub/
@ -523,6 +523,37 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg
 %endif

 %changelog
+* Tue Jul 06 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.06-3
+- Add luks2 to GRUB_MODULES
+- 20-grub-install: Create a symvers.gz symbolic link
+- 20-grub-install: Always use fedora as the boot entry --class
+  Resolves: rhbz#1957014
+- grub.macros: Install font in /boot/grub2 instead of the ESP
+  Resolves: rhbz#1739762
+- grub.macros: Use consistent file mode for legacy and EFI
+  Resolves: rhbz#1965794
+- Drop grub2 prelink configuration
+  Resolves: rhbz#1659675
+- Remove triggers needed to upgrade from legacy GRUB
+- Don't harcode grub2 in the spec file
+- Update to unifont-13.0.06
+  Resolves: rhbz#1939125
+- 20-grub-install: Use relative paths for btrfs in BLS snippets
+  Resolves: rhbz#1906191
+- Don't update the cmdline when generating legacy menuentry commands
+- Suppress gettext error message
+  Resolves: rhbz#1592124
+- grub-boot-success.timer: Only run if not in a container
+  Resolves: rhbz#1914571
+- grub-set-password: Always use /boot/grub2/user.cfg as password default
+  Resolves: rhbz#1955294
+- Remove outdated URL for BLS document
+  Resolves: rhbz#1926453
+- templates: Check for EFI at runtime instead of config generation time
+  Resolves: rhbz#1823864
+- efi: Print an error if boot to firmware setup is not supported
+  Resolves: rhbz#1823864
+
 * Tue Jun 15 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.06-2
 - Only try to generate a config if the ESP is mounted