Introduce the GRUB_MKIMAGE_OPTS variable to allow additional options
to be passed to grub-mkimage, making its behavior more configurable.
(for example, this allows disabling shim lock when necessary).
Update do_mkimage to use ${GRUB_MKIMAGE_OPTS}. This change reduce the
need for hardcoded modifications and makes future adjustments easier.
(From OE-Core rev: a6147adefcba7aae3f4eb8ed76d6a94315cafe61)
Signed-off-by: Valeria Petrov <valeria.petrov@spinetix.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Until now, the default title of a boot entry is its label. The label is
a variable which determines the script to run during an early boot stage
and is not necessarily human readable.
This patch allows to provide a human-readable title for each boot entry.
(From OE-Core rev: a5a7f6ada786b7f2c1a317f20b7e642f1e978de9)
Signed-off-by: Simon A. Eugster <simon.eu@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This option fails with clang compiler when testing for soft-float because
OE enforces this option via CCARGS however, gtub's
makefile/configure does disable all sse options when checking for
soft-float support, but it can not disable -mfpmath=sse as its inserted
by OE, therefore remove it in recipe
Fixes build errors seen with clang/musl like on x86
error: the 'sse' unit is not supported with this instruction set
(From OE-Core rev: ad76da4ff6d7110747b620621ae3728de9905465)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Where recipes use S = ${WORKDIR}, change them to set UNPACKDIR to
a subdir of WORKDIR and make S point at this instead.
I've chosen not to force S into any standard UNPACKDIR we may pick in
future just so the S = UNPACKDIR case is clearly visible by the
directory naming under WORKDIR as that should aid usability.
(From OE-Core rev: d9328e3b0b062f0621de3d114584b44f384a1c02)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Replace references of WORKDIR with UNPACKDIR where it makes sense to do
so in preparation for changing the default value of UNPACKDIR.
(From OE-Core rev: 1f18b9a512800860d5153d89eb82b56388efad6f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Set CVE_STATUS as none of the issues apply against the versions
used in the recipes.
(From OE-Core rev: cea8c8bf73e84133f566d1c2ca0637494f2d7afe)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Redhat/Fedora specific as it affects the grub2-set-bootflag extension
added by Redhat to grub.
(From OE-Core rev: 40cd768368167f81de5bb55e9ff0584035f4c1b4)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A issue was found when I run "runqemu genericx86-64 ovmf", grub failed
to boot, it's a known issue has been fixed in grub upstream, backport
the fix.
(From OE-Core rev: 51eab4bb0cae46c9c32d28986eb97badf47594b7)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It enable the metadata_csum_seed feature by default in e2fsprogs 1.47.0
and causes grub doesn't work. Backport patch to make grub support this
feature.
(From OE-Core rev: ae3b4588d69e534ac8aff136ed44f3975f5a2d4f)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The commit(75dbdea940 grub: Allow build on armv7ve/a with softfp)
enable build on armv7ve/a with softfp, but it acutally enable
build on armv7ve/a with hardfp altogether and result in below build
failure:
| checking for compile options to get strict alignment... -mno-unaligned-access
| checking if compiler generates unaligned accesses... no
| checking if C symbols get an underscore after compilation... no
| checking whether target compiler is working... no
| configure: error: cannot compile for the target
So update the check to disable build on armv7ve/a with hardfp.
(From OE-Core rev: f67b2880fc2cfb21f51216c63b5f24d0524b4278)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Grub tries to force the compilation in softfp mode for some known target
CPU. That is because it doesn't use floats or doubles and there are
known limitations of using a configuration with hardfp. There are though
target CPUs that grub won't know how to configure failing with something
similar to:
| checking for options to get soft-float... no
| configure: error: could not force soft-float
This change relaxes a bit the COMPATIBLE_HOST restriction to only apply
for hardfp configuration even for arm7ve/a.
(From OE-Core rev: 75dbdea94057b6977a20fb738c00c226ca694243)
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport CVE patches from upstream to fix:
CVE-2021-3695
CVE-2021-3696
CVE-2021-3697
CVE-2022-28733
CVE-2022-28734
CVE-2022-28735
Backport the following 5 patches to make CVE patches be applied smoothly.
video-Remove-trailing-whitespaces.patch
video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch
video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch
(From OE-Core rev: db43401a3a4c201f02f4128fa4bac8ce993bfec0)
Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Include all available modules If 'all' is present in GRUB_BUILDIN variable.
To achieve this we need to search for all .mod files in ${B}/grub-core/ and
pass them to grub-mkimage command.
Also, add the verbose option to grub-mkimage.
(From OE-Core rev: ed1bf9aa0af8c12905cf8332bbbb212ab158fe3c)
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An automated conversion using scripts/contrib/convert-spdx-licenses.py to
convert to use the standard SPDX license identifiers. Two recipes in meta-selftest
were not converted as they're that way specifically for testing. A change in
linux-firmware was also skipped and may need a more manual tweak.
(From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
'xen-boot' module is available only for aarch64.
(From OE-Core rev: bfabc6d4f8742cc1fdeb49c180b0f78faf5739a2)
Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes [YOCTO #14538]
Recipes shouldn't use the "virtual/" string in RPROVIDES and RDEPENDS.
That's confusing because "virtual/" has no special meaning in
RPROVIDES and RDEPENDS (unlike in PROVIDES and DEPENDS).
Instead, using "virtual-" instead of "virtual/"
as already done in the glibc recipe.
(From OE-Core rev: 93ac180d8c389f16964bce8bd5538d9389e970e6)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
