From d41db4aa74cb0c2d92f89453006fd4f1d2bb9459 Mon Sep 17 00:00:00 2001
From: Peridot Bot <rockyautomation@rockylinux.org>
Date: Tue, 7 Nov 2023 15:45:46 +0000
Subject: [PATCH] import grub2-2.06-70.el9_3.1
---
.grub2.checksum | 2 +-
.grub2.metadata | 2 +-
...dont-overwrite-BLS-cmdline-if-BLSCFG.patch | 73 +++++++
...ass-all-boot-params-when-used-by-ana.patch | 37 ++++
SOURCES/grub.macros | 1 +
SOURCES/grub.patches | 2 +
SPECS/grub2.spec | 187 +++++++++++-------
7 files changed, 232 insertions(+), 72 deletions(-)
create mode 100644 SOURCES/0327-grub-mkconfig-dont-overwrite-BLS-cmdline-if-BLSCFG.patch
create mode 100644 SOURCES/0328-grub2-mkconfig-Pass-all-boot-params-when-used-by-ana.patch
diff --git a/.grub2.checksum b/.grub2.checksum
index 27467d5..13f9b3d 100644
--- a/.grub2.checksum
+++ b/.grub2.checksum
@@ -1 +1 @@
-8a5bff6712f7a47836754016f79c603edf99b74e0d2d9d708d01566d9a87ee9d
+8878d473700765c4d72429495cdd01b0f78f282b99d04b67e94be8ca0f4a101e
diff --git a/.grub2.metadata b/.grub2.metadata
index 3f85c53..a2b4b5e 100644
--- a/.grub2.metadata
+++ b/.grub2.metadata
@@ -1,4 +1,4 @@
b79ea44af91b93d17cd3fe80bdae6ed43770678a9a5ae192ccea803ebb657ee1 SOURCES/grub-2.06.tar.xz
+aea0ea746353c6c2b5b8874e65facd087bb0346ec198993f8aaaa21eea040378 SOURCES/unifont-13.0.06.pcf.gz
f3bd4a5087865b78217fc68fe2d1abc8be90bd48e3b9cb077c1979441a6f9e8d SOURCES/gnulib-9f48fb992a3d7e96610c4ce8be969cff2d61a01b.tar.gz
1fddd06b4854598a18ff3742c472c6a5c609929ce1ab74ec9901812aaf30be02 SOURCES/theme.tar.bz2
-aea0ea746353c6c2b5b8874e65facd087bb0346ec198993f8aaaa21eea040378 SOURCES/unifont-13.0.06.pcf.gz
diff --git a/SOURCES/0327-grub-mkconfig-dont-overwrite-BLS-cmdline-if-BLSCFG.patch b/SOURCES/0327-grub-mkconfig-dont-overwrite-BLS-cmdline-if-BLSCFG.patch
new file mode 100644
index 0000000..641050d
--- /dev/null
+++ b/SOURCES/0327-grub-mkconfig-dont-overwrite-BLS-cmdline-if-BLSCFG.patch
@@ -0,0 +1,73 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Fedora Ninjas <grub2-owner@fedoraproject.org>
+Date: Tue, 8 Aug 2023 05:44:48 -0400
+Subject: [PATCH] grub-mkconfig dont overwrite BLS cmdline if BLSCFG
+
+If GRUB_ENABLE_BLSCFG is true, running grub2-mkconfig will not
+overwrite kernel cmdline in BLS snippets with what is in
+GRUB_CMDLINE_LINUX in /etc/default/grub. Update can be forced by
+sending new arg --update-bls-cmdline
+
+Signed-off-by: mkl <mlewando@redhat.com>
+---
+ util/grub-mkconfig.in | 10 ++++++++++
+ util/grub.d/10_linux.in | 4 +++-
+ 2 files changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
+index 520a672cd2c8..30a2d097823d 100644
+--- a/util/grub-mkconfig.in
++++ b/util/grub-mkconfig.in
+@@ -51,6 +51,7 @@ export TEXTDOMAIN=@PACKAGE@
+ export TEXTDOMAINDIR="@localedir@"
+
+ export GRUB_GRUBENV_UPDATE="yes"
++export GRUB_UPDATE_BLS_CMDLINE="yes"
+
+ . "${pkgdatadir}/grub-mkconfig_lib"
+
+@@ -62,6 +63,7 @@ usage () {
+ echo
+ print_option_help "-o, --output=$(gettext FILE)" "$(gettext "output generated config to FILE [default=stdout]")"
+ print_option_help "--no-grubenv-update" "$(gettext "do not update variables in the grubenv file")"
++ print_option_help "--update-bls-cmdline" "$(gettext "overwrite BLS cmdline args with default args")"
+ print_option_help "-h, --help" "$(gettext "print this message and exit")"
+ print_option_help "-V, --version" "$(gettext "print the version information and exit")"
+ echo
+@@ -100,6 +102,9 @@ do
+ --no-grubenv-update)
+ GRUB_GRUBENV_UPDATE="no"
+ ;;
++ --update-bls-cmdline)
++ bls_cmdline_update=true
++ ;;
+ -*)
+ gettext_printf "Unrecognized option \`%s'\n" "$option" 1>&2
+ usage
+@@ -167,6 +172,11 @@ fi
+
+ eval "$("${grub_get_kernel_settings}")" || true
+
++if [ "x${GRUB_ENABLE_BLSCFG}" = "xtrue" ] && \
++ [ "x${bls_cmdline_update}" != "xtrue" ]; then
++ GRUB_UPDATE_BLS_CMDLINE="no"
++fi
++
+ if [ "x${GRUB_DISABLE_UUID}" = "xtrue" ]; then
+ if [ -z "${GRUB_DISABLE_LINUX_UUID}" ]; then
+ GRUB_DISABLE_LINUX_UUID="true"
+diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
+index 4795a63b4ce6..76fc21fb6528 100644
+--- a/util/grub.d/10_linux.in
++++ b/util/grub.d/10_linux.in
+@@ -265,7 +265,9 @@ if [ -z "\${kernelopts}" ]; then
+ fi
+ EOF
+
+- if [ "x${GRUB_GRUBENV_UPDATE}" = "xyes" ]; then
++ if [ "x${GRUB_UPDATE_BLS_CMDLINE}" = "xyes" ] || \
++ ( [ -w /etc/kernel ] && [[ ! -f /etc/kernel/cmdline ]] && \
++ [ "x${GRUB_GRUBENV_UPDATE}" = "xyes" ] ); then
+ update_bls_cmdline
+ fi
+
diff --git a/SOURCES/0328-grub2-mkconfig-Pass-all-boot-params-when-used-by-ana.patch b/SOURCES/0328-grub2-mkconfig-Pass-all-boot-params-when-used-by-ana.patch
new file mode 100644
index 0000000..e74d3c6
--- /dev/null
+++ b/SOURCES/0328-grub2-mkconfig-Pass-all-boot-params-when-used-by-ana.patch
@@ -0,0 +1,37 @@
+From f4f134582912851628e15df4963b3b8a6652aa26 Mon Sep 17 00:00:00 2001
+From: Marta Lewandowska <mlewando@redhat.com>
+Date: Tue, 29 Aug 2023 16:40:47 +0200
+Subject: [PATCH] grub2-mkconfig: Pass all boot params when used by anaconda
+
+Previous patch makes it so that the machine can boot, but not all
+boot params are passed from /etc/default/grub to BLS snippets
+because /etc/default/grub gets written by anaconda during boot
+loader installation, long after grub rpms first got installed.
+
+Signed-off-by: Marta Lewandowska <mlewando@redhat.com>
+---
+ util/grub.d/10_linux.in | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
+index 76fc21fb6528..041a11529588 100644
+--- a/util/grub.d/10_linux.in
++++ b/util/grub.d/10_linux.in
+@@ -265,9 +265,11 @@ if [ -z "\${kernelopts}" ]; then
+ fi
+ EOF
+
+- if [ "x${GRUB_UPDATE_BLS_CMDLINE}" = "xyes" ] || \
+- ( [ -w /etc/kernel ] && [[ ! -f /etc/kernel/cmdline ]] && \
+- [ "x${GRUB_GRUBENV_UPDATE}" = "xyes" ] ); then
++ if [ "x${GRUB_UPDATE_BLS_CMDLINE}" = "xyes" ] || [[ -d /run/install ]]; then
++ # only update the bls cmdline if the user specifically requests it or _anytime_
++ # in the installer environment: /run/install directory only exists during the
++ # installation and not in cloud images, so this should get all the boot params
++ # from /etc/default/grub into BLS snippets
+ update_bls_cmdline
+ fi
+
+--
+2.41.0
+
diff --git a/SOURCES/grub.macros b/SOURCES/grub.macros
index 4a2883d..aa6921c 100755
--- a/SOURCES/grub.macros
+++ b/SOURCES/grub.macros
@@ -30,6 +30,7 @@
-e 's/-fcf-protection//g' \\\
-e 's/-fasynchronous-unwind-tables//g' \\\
-e 's/^/ -fno-strict-aliasing /' \\\
+ -e 's,-march=x86-64-v[[:alnum:]._-]*,-march=x86-64,g' \\\
%{nil}
%global host_cflags %{expand:%%(echo %{build_cflags} %{?_hardening_cflags} | %{cflags_sed})}
diff --git a/SOURCES/grub.patches b/SOURCES/grub.patches
index 0074325..38f43d8 100644
--- a/SOURCES/grub.patches
+++ b/SOURCES/grub.patches
@@ -324,3 +324,5 @@ Patch0323: 0323-util-Enable-default-kernel-for-updates.patch
Patch0324: 0324-kern-ieee1275-init-Convert-plain-numbers-to-constant.patch
Patch0325: 0325-kern-ieee1275-init-Extended-support-in-Vec5.patch
Patch0326: 0326-efi-http-change-uint32_t-to-uintn_t.patch
+Patch0327: 0327-grub-mkconfig-dont-overwrite-BLS-cmdline-if-BLSCFG.patch
+Patch0328: 0328-grub2-mkconfig-Pass-all-boot-params-when-used-by-ana.patch
diff --git a/SPECS/grub2.spec b/SPECS/grub2.spec
index 5f2d4aa..8887a29 100644
--- a/SPECS/grub2.spec
+++ b/SPECS/grub2.spec
@@ -13,27 +13,27 @@
# and it is *awful* to update this.
%global gnulibversion 9f48fb992a3d7e96610c4ce8be969cff2d61a01b
-Name: grub2
-Epoch: 1
-Version: 2.06
-Release: 61%{?dist}.1.rocky.0.2
-Summary: Bootloader with support for Linux, Multiboot and more
-License: GPLv3+
-URL: http://www.gnu.org/software/grub/
-Obsoletes: grub < 1:0.98
-Source0: https://ftp.gnu.org/gnu/grub/grub-%{tarversion}.tar.xz
-Source1: grub.macros
-Source2: gnulib-%{gnulibversion}.tar.gz
-Source3: 99-grub-mkconfig.install
-Source4: http://unifoundry.com/pub/unifont/unifont-13.0.06/font-builds/unifont-13.0.06.pcf.gz
-Source5: theme.tar.bz2
-Source6: gitignore
-Source7: bootstrap
-Source8: bootstrap.conf
-Source9: strtoull_test.c
-Source10: 20-grub.install
-Source11: grub.patches
-Source12: sbat.csv.in
+Name: grub2
+Epoch: 1
+Version: 2.06
+Release: 70%{?dist}.1.rocky.0.2
+Summary: Bootloader with support for Linux, Multiboot and more
+License: GPLv3+
+URL: http://www.gnu.org/software/grub/
+Obsoletes: grub < 1:0.98
+Source0: https://ftp.gnu.org/gnu/grub/grub-%{tarversion}.tar.xz
+Source1: grub.macros
+Source2: gnulib-%{gnulibversion}.tar.gz
+Source3: 99-grub-mkconfig.install
+Source4: http://unifoundry.com/pub/unifont/unifont-13.0.06/font-builds/unifont-13.0.06.pcf.gz
+Source5: theme.tar.bz2
+Source6: gitignore
+Source7: bootstrap
+Source8: bootstrap.conf
+Source9: strtoull_test.c
+Source10: 20-grub.install
+Source11: grub.patches
+Source12: sbat.csv.in
%include %{SOURCE1}
@@ -59,36 +59,36 @@ Source12: sbat.csv.in
%endif
-BuildRequires: gcc efi-srpm-macros
-BuildRequires: flex bison binutils python3
-BuildRequires: ncurses-devel xz-devel bzip2-devel
-BuildRequires: freetype-devel libusb-devel
-BuildRequires: fuse-devel
-BuildRequires: rpm-devel rpm-libs
-BuildRequires: autoconf automake device-mapper-devel
-BuildRequires: freetype-devel gettext-devel git
-BuildRequires: texinfo
-BuildRequires: dejavu-sans-fonts
-BuildRequires: help2man
+BuildRequires: gcc efi-srpm-macros
+BuildRequires: flex bison binutils python3
+BuildRequires: ncurses-devel xz-devel bzip2-devel
+BuildRequires: freetype-devel libusb-devel
+BuildRequires: fuse-devel
+BuildRequires: rpm-devel rpm-libs
+BuildRequires: autoconf automake device-mapper-devel
+BuildRequires: freetype-devel gettext-devel git
+BuildRequires: texinfo
+BuildRequires: dejavu-sans-fonts
+BuildRequires: help2man
# For %%_userunitdir macro
-BuildRequires: systemd
+BuildRequires: systemd
%ifarch %{efi_arch}
-BuildRequires: pesign >= 0.99-8
+BuildRequires: pesign >= 0.99-8
%endif
%ifarch aarch64 ppc64le x86_64
-BuildRequires: system-sb-certs
+BuildRequires: system-sb-certs
%endif
%if %{?_with_ccache: 1}%{?!_with_ccache: 0}
-BuildRequires: ccache
+BuildRequires: ccache
%endif
-ExcludeArch: s390 s390x
-Obsoletes: %{name} <= %{evr}
+ExcludeArch: s390 s390x
+Obsoletes: %{name} <= %{evr}
%if 0%{with_legacy_arch}
-Requires: %{name}-%{legacy_package_arch} = %{evr}
+Requires: %{name}-%{legacy_package_arch} = %{evr}
%else
-Requires: %{name}-%{package_arch} = %{evr}
+Requires: %{name}-%{package_arch} = %{evr}
%endif
%global desc \
@@ -105,9 +105,9 @@ hardware devices.\
%{desc}
%package common
-Summary: grub2 common layout
-BuildArch: noarch
-Conflicts: grubby < 8.40-18
+Summary: grub2 common layout
+BuildArch: noarch
+Conflicts: grubby < 8.40-18
Requires(post): util-linux
%description common
@@ -115,10 +115,10 @@ This package provides some directories which are required by various grub2
subpackages.
%package tools
-Summary: Support tools for GRUB.
-Obsoletes: %{name}-tools < %{evr}
-Requires: %{name}-common = %{epoch}:%{version}-%{release}
-Requires: gettext os-prober which file
+Summary: Support tools for GRUB.
+Obsoletes: %{name}-tools < %{evr}
+Requires: %{name}-common = %{epoch}:%{version}-%{release}
+Requires: gettext os-prober which file
Requires(pre): dracut
Requires(post): dracut
@@ -128,10 +128,10 @@ This subpackage provides tools for support of all platforms.
%ifarch x86_64
%package tools-efi
-Summary: Support tools for GRUB.
-Requires: gettext os-prober which file
-Requires: %{name}-common = %{epoch}:%{version}-%{release}
-Obsoletes: %{name}-tools < %{evr}
+Summary: Support tools for GRUB.
+Requires: gettext os-prober which file
+Requires: %{name}-common = %{epoch}:%{version}-%{release}
+Obsoletes: %{name}-tools < %{evr}
%description tools-efi
%{desc}
@@ -139,21 +139,21 @@ This subpackage provides tools for support of EFI platforms.
%endif
%package tools-minimal
-Summary: Support tools for GRUB.
-Requires: gettext
-Requires: %{name}-common = %{epoch}:%{version}-%{release}
-Obsoletes: %{name}-tools < %{evr}
+Summary: Support tools for GRUB.
+Requires: gettext
+Requires: %{name}-common = %{epoch}:%{version}-%{release}
+Obsoletes: %{name}-tools < %{evr}
%description tools-minimal
%{desc}
This subpackage provides tools for support of all platforms.
%package tools-extra
-Summary: Support tools for GRUB.
-Requires: gettext os-prober which file
-Requires: %{name}-tools-minimal = %{epoch}:%{version}-%{release}
-Requires: %{name}-common = %{epoch}:%{version}-%{release}
-Obsoletes: %{name}-tools < %{evr}
+Summary: Support tools for GRUB.
+Requires: gettext os-prober which file
+Requires: %{name}-tools-minimal = %{epoch}:%{version}-%{release}
+Requires: %{name}-common = %{epoch}:%{version}-%{release}
+Obsoletes: %{name}-tools < %{evr}
%description tools-extra
%{desc}
@@ -168,16 +168,16 @@ This subpackage provides tools for support of all platforms.
%if 0%{with_emu_arch}
%package emu
-Summary: GRUB user-space emulation.
-Requires: %{name}-tools-minimal = %{epoch}:%{version}-%{release}
+Summary: GRUB user-space emulation.
+Requires: %{name}-tools-minimal = %{epoch}:%{version}-%{release}
%description emu
%{desc}
This subpackage provides the GRUB user-space emulation support of all platforms.
%package emu-modules
-Summary: GRUB user-space emulation modules.
-Requires: %{name}-tools-minimal = %{epoch}:%{version}-%{release}
+Summary: GRUB user-space emulation modules.
+Requires: %{name}-tools-minimal = %{epoch}:%{version}-%{release}
%description emu-modules
%{desc}
@@ -191,7 +191,7 @@ mkdir grub-%{grubefiarch}-%{tarversion}
grep -A100000 '# stuff "make" creates' .gitignore > grub-%{grubefiarch}-%{tarversion}/.gitignore
cp %{SOURCE4} grub-%{grubefiarch}-%{tarversion}/unifont.pcf.gz
sed -e "s,@@VERSION@@,%{version},g" -e "s,@@VERSION_RELEASE@@,%{version}-%{release},g" \
- %{SOURCE12} > grub-%{grubefiarch}-%{tarversion}/sbat.csv
+ -e '/Red Hat Enterprise Linux/ s,\.rocky\.[0-9]\.[0-9],,g' %{SOURCE12} > grub-%{grubefiarch}-%{tarversion}/sbat.csv
git add grub-%{grubefiarch}-%{tarversion}
%endif
%if 0%{with_legacy_arch}
@@ -534,19 +534,66 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg
%endif
%changelog
-* Tue Aug 01 2023 Release Engineering <releng@rockylinux.org> - 2.06-61.rocky.0.2
+* Tue Nov 07 2023 Release Engineering <releng@rockylinux.org> - 2.06-70.rocky.0.2
- Removing redhat old cert sources entries (Sherif Nagy)
- Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194
- Adding prod cert
-- Porting to 9.2
+- Porting to 9.3
- Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT
- Cleaning up grup.macro extra signing certs
- Adding Rocky testing CA, CERT and sbat files
- Use DER for ppc64le builds from rocky-sb-certs (Louis Abel)
-* Fri Jun 16 2023 Nicolas Frayer <nfrayer@redhat.com> - 2.06-61.el9_2.1
-- Sync with 9.3 (actually 2.06-65)
-- Resolves: #2216022
+* Thu Sep 7 2023 Nicolas Frayer <nfrayer@redhat.com> - 2.06-70.el9_3.1
+- Bump spec release version
+- Related: #2203203
+- Related: #2212320
+- Related: #2221543
+
+* Tue Aug 29 2023 Nicolas Frayer <nfrayer@redhat.com> - 2.06-70
+- grub2-mkconfig: Pass all boot params when used by anaconda
+- Resolves: #2203203
+- Resolves: #2212320
+- Resolves: #2221543
+
+* Thu Aug 24 2023 Nicolas Frayer <nfrayer@redhat.com> - 2.06-69
+- grub2-mkconfig: dont overwrite BLS cmdline if BLSCFG is true
+- This is an updated version of the 2.06-67 patch
+- Resolves: #2203203
+- Resolves: #2212320
+- Resolves: #2221543
+
+* Wed Aug 2 2023 Nicolas Frayer <nfrayer@redhat.com> - 2.06-68
+- Revert previous patch as it breaks install
+- Related: #2203203
+- Related: #2212320
+- Related: #2221543
+
+* Mon Jul 24 2023 Nicolas Frayer <nfrayer@redhat.com> - 2.06-67
+- grub2-mkconfig: dont overwrite BLS cmdline if BLSCFG is true
+- Resolves: #2203203
+- Resolves: #2212320
+- Resolves: #2221543
+
+* Thu Jul 20 2023 Nicolas Frayer <nfrayer@redhat.com> - 2.06-66
+- build with baseline ISA flags
+- Resolves: #2215860
+
+* Wed Jun 07 2023 Nicolas Frayer <nfrayer@redhat.com> - 2.06-65
+- efi/http: change uint32_t to uintn_t
+- Resolves: #2207851
+
+* Fri May 26 2023 Nicolas Frayer <nfrayer@redhat.com> - 2.06-64
+- kern/ieee1275/init: sync vec5 patchset with upstream
+- Resolves: #2183939
+
+* Wed May 24 2023 Nicolas Frayer <nfrayer@redhat.com> - 2.06-63
+- util: Enable default kernel for updates
+- Resolves: #2184069
+
+* Tue May 23 2023 Javier Martinez Canillas <javierm@redhat.com> - 2.06-62
+- 20-grub-install: Explicitly check '+debug' suffix for debug kernels
+- Resolves: #2148351
* Mon Feb 20 2023 Robbie Harwood <rharwood@redhat.com> - 2.06-61
- ppc64le sysfs and mm update
--
GitLab