aboutsummaryrefslogtreecommitdiff
path: root/projects/grub
diff options
context:
space:
mode:
Diffstat (limited to 'projects/grub')
-rw-r--r--projects/grub/configs/bios/modules-minimal6
-rw-r--r--projects/grub/configs/coreboot/modules-minimal3
-rw-r--r--projects/grub/configs/uefi/modules-minimal3
-rwxr-xr-xprojects/grub/grub-helper12
-rw-r--r--projects/grub/patches/0001-mkstandalone-add-argument-fixed-time-to-override-mti.patch73
-rw-r--r--projects/grub/patches/0002-mkrescue-add-argument-fixed-time-to-get-reproducible.patch68
-rw-r--r--projects/grub/patches/0003-Makefile-use-FIXED_TIMESTAMP-for-mkstandalone-if-set.patch30
7 files changed, 192 insertions, 3 deletions
diff --git a/projects/grub/configs/bios/modules-minimal b/projects/grub/configs/bios/modules-minimal
index ea936115..706aa529 100644
--- a/projects/grub/configs/bios/modules-minimal
+++ b/projects/grub/configs/bios/modules-minimal
@@ -1,8 +1,14 @@
+ahci
biosdisk
+cbfs
cbmemc
+configfile
+ehci
ext2
halt
+loadenv
part_bsd
part_gpt
+pata
reboot
verify
diff --git a/projects/grub/configs/coreboot/modules-minimal b/projects/grub/configs/coreboot/modules-minimal
index 310aef86..0480a0d0 100644
--- a/projects/grub/configs/coreboot/modules-minimal
+++ b/projects/grub/configs/coreboot/modules-minimal
@@ -1,8 +1,11 @@
ahci
+cbfs
cbmemc
+configfile
ehci
ext2
halt
+loadenv
part_bsd
part_gpt
pata
diff --git a/projects/grub/configs/uefi/modules-minimal b/projects/grub/configs/uefi/modules-minimal
index 310aef86..0480a0d0 100644
--- a/projects/grub/configs/uefi/modules-minimal
+++ b/projects/grub/configs/uefi/modules-minimal
@@ -1,8 +1,11 @@
ahci
+cbfs
cbmemc
+configfile
ehci
ext2
halt
+loadenv
part_bsd
part_gpt
pata
diff --git a/projects/grub/grub-helper b/projects/grub/grub-helper
index dd069290..596f7d96 100755
--- a/projects/grub/grub-helper
+++ b/projects/grub/grub-helper
@@ -128,6 +128,9 @@ grub_build_bootable_image() {
local format="$(grub_format "$target" "$@")"
local prefix="$(grub_prefix "$target" "$@")"
local config_path="$(grub_config_path "$target" "$@")"
+ local modmin_path="$(grub_modmin_path "$target" "$@")"
+
+ local -a modmin=($(< "$modmin_path"))
local grub_mkimage="$sources_path/grub-mkimage"
local grub_module_dir="$sources_path/grub-core"
@@ -142,7 +145,7 @@ grub_build_bootable_image() {
--output="$grubimg" \
--format="$format" \
--prefix="$prefix" \
- cbfs configfile
+ "${modmin[@]}"
cat "$grub_bootimg" "$grubimg" > "$grub_bootable_img"
rm -f "$grubimg"
@@ -181,7 +184,7 @@ grub_build_floppy_image() {
mv "$tempfile" "$grubimg"
else
printf '\n%s' "Error: Image ${grubimg##*/} is too large; " 1>&2
- printf '%s\n\n' "it must be less than ${size}KiB in size" 1>&2
+ printf '%s\n\n' "it must be less than ${floppy_size}KiB in size" 1>&2
return 1
fi
@@ -192,6 +195,9 @@ grub_build_standalone_image() {
local format="$(grub_format "$target" "$@")"
local prefix="$(grub_prefix "$target" "$@")"
local config_path="$(grub_config_path "$target" "$@")"
+ local modmin_path="$(grub_modmin_path "$target" "$@")"
+
+ local -a modmin=($(< "$modmin_path"))
local grubimg="$build_path/grub2"
@@ -204,7 +210,7 @@ grub_build_standalone_image() {
--fonts='' \
--themes='' \
--locales='' \
- --install-modules='cbfs configfile' \
+ --install-modules="${modmin[*]}" \
--directory="$grub_module_dir" \
--format="$format" \
--output="$grubimg" \
diff --git a/projects/grub/patches/0001-mkstandalone-add-argument-fixed-time-to-override-mti.patch b/projects/grub/patches/0001-mkstandalone-add-argument-fixed-time-to-override-mti.patch
new file mode 100644
index 00000000..1d537e87
--- /dev/null
+++ b/projects/grub/patches/0001-mkstandalone-add-argument-fixed-time-to-override-mti.patch
@@ -0,0 +1,73 @@
+From 8dde1d7be2dd321a375570b7ff7e22bb01293044 Mon Sep 17 00:00:00 2001
+From: Alexander Couzens <lynxis@fe80.eu>
+Date: Fri, 4 Dec 2015 17:10:42 +0100
+Subject: [PATCH 08/10] mkstandalone: add argument --fixed-time to override
+ mtime of files
+
+mkstandalone adds several files to an archive. Doing this it uses the
+mtime to give these files a timestamp.
+--fixed-time <TIME_EPOCH> overrides these timestamps with a given.
+
+Replacing all timestamps with a specific one is required
+to get reproducible builds. See source epoch specification of
+reproducible-builds.org
+---
+ util/grub-mkstandalone.c | 14 +++++++++++++-
+ 1 file changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/util/grub-mkstandalone.c b/util/grub-mkstandalone.c
+index 4907d44..047f0cd 100644
+--- a/util/grub-mkstandalone.c
++++ b/util/grub-mkstandalone.c
+@@ -30,6 +30,7 @@
+ #pragma GCC diagnostic error "-Wmissing-prototypes"
+ #pragma GCC diagnostic error "-Wmissing-declarations"
+
++static time_t fixed_time;
+ static char *output_image;
+ static char **files;
+ static int nfiles;
+@@ -48,6 +49,7 @@ static struct argp_option options[] = {
+ 0, N_("save output in FILE [required]"), 2},
+ {"format", 'O', N_("FILE"), 0, 0, 2},
+ {"compression", 'C', "xz|none|auto", OPTION_HIDDEN, 0, 2},
++ {"fixed-time", 't', N_("TIMEEPOCH"), 0, N_("Use a fixed timestamp to override mtime of all files. Time since epoch is used."), 2},
+ {0, 0, 0, 0, 0, 0}
+ };
+
+@@ -72,6 +74,7 @@ help_filter (int key, const char *text, void *input __attribute__ ((unused)))
+ static error_t
+ argp_parser (int key, char *arg, struct argp_state *state)
+ {
++ char *b;
+ if (key == 'C')
+ key = GRUB_INSTALL_OPTIONS_INSTALL_CORE_COMPRESS;
+
+@@ -80,6 +83,14 @@ argp_parser (int key, char *arg, struct argp_state *state)
+
+ switch (key)
+ {
++ case 't':
++ fixed_time = strtoll (arg, &b, 10);
++ if (*b !='\0') {
++ printf (_("invalid fixed time number: %s\n"), arg);
++ argp_usage (state);
++ exit (1);
++ }
++ break;
+
+ case 'o':
+ if (output_image)
+@@ -192,7 +203,8 @@ add_tar_file (const char *from,
+ if (grub_util_is_special_file (from))
+ return;
+
+- mtime = grub_util_get_mtime (from);
++ /* use fixed_time if given for mtime */
++ mtime = fixed_time != -1 ? fixed_time : grub_util_get_mtime (from);
+
+ optr = tcn = xmalloc (strlen (to) + 1);
+ for (iptr = to; *iptr == '/'; iptr++);
+--
+1.9.1
+
diff --git a/projects/grub/patches/0002-mkrescue-add-argument-fixed-time-to-get-reproducible.patch b/projects/grub/patches/0002-mkrescue-add-argument-fixed-time-to-get-reproducible.patch
new file mode 100644
index 00000000..0612ade0
--- /dev/null
+++ b/projects/grub/patches/0002-mkrescue-add-argument-fixed-time-to-get-reproducible.patch
@@ -0,0 +1,68 @@
+From 0f1e1a29d4d019e7b2b1a3ac3db7ca22c75e8d88 Mon Sep 17 00:00:00 2001
+From: Alexander Couzens <lynxis@fe80.eu>
+Date: Fri, 4 Dec 2015 17:10:43 +0100
+Subject: [PATCH 09/10] mkrescue: add argument --fixed-time to get reproducible
+ uuids
+
+The uuid generation is based on the time.
+---
+ util/grub-mkrescue.c | 15 ++++++++++++++-
+ 1 file changed, 14 insertions(+), 1 deletion(-)
+
+diff --git a/util/grub-mkrescue.c b/util/grub-mkrescue.c
+index 238d484..a3e0155 100644
+--- a/util/grub-mkrescue.c
++++ b/util/grub-mkrescue.c
+@@ -52,6 +52,7 @@ static int xorriso_arg_alloc;
+ static char **xorriso_argv;
+ static char *iso_uuid;
+ static char *iso9660_dir;
++static time_t fixed_time;
+
+ static void
+ xorriso_push (const char *val)
+@@ -110,6 +111,7 @@ static struct argp_option options[] = {
+ {"product-version", OPTION_PRODUCT_VERSION, N_("STRING"), 0, N_("use STRING as product version"), 2},
+ {"sparc-boot", OPTION_SPARC_BOOT, 0, 0, N_("enable sparc boot. Disables HFS+, APM, ARCS and boot as disk image for i386-pc"), 2},
+ {"arcs-boot", OPTION_ARCS_BOOT, 0, 0, N_("enable ARCS (big-endian mips machines, mostly SGI) boot. Disables HFS+, APM, sparc64 and boot as disk image for i386-pc"), 2},
++ {"fixed-time", 't', N_("TIMEEPOCH"), 0, N_("use a fixed timestamp for uuid generation"), 2},
+ {0, 0, 0, 0, 0, 0}
+ };
+
+@@ -153,6 +155,8 @@ enum {
+ static error_t
+ argp_parser (int key, char *arg, struct argp_state *state)
+ {
++ char *b;
++
+ if (grub_install_parse (key, arg))
+ return 0;
+ switch (key)
+@@ -212,6 +216,15 @@ argp_parser (int key, char *arg, struct argp_state *state)
+ xorriso = xstrdup (arg);
+ return 0;
+
++ case 't':
++ fixed_time = strtoll (arg, &b, 10);
++ if (*b !='\0') {
++ printf (_("invalid fixed time number: %s\n"), arg);
++ argp_usage (state);
++ exit (1);
++ }
++ return 0;
++
+ default:
+ return ARGP_ERR_UNKNOWN;
+ }
+@@ -542,7 +555,7 @@ main (int argc, char *argv[])
+ {
+ time_t tim;
+ struct tm *tmm;
+- tim = time (NULL);
++ tim = fixed_time != -1 ? fixed_time : time (NULL);
+ tmm = gmtime (&tim);
+ iso_uuid = xmalloc (55);
+ grub_snprintf (iso_uuid, 50,
+--
+1.9.1
+
diff --git a/projects/grub/patches/0003-Makefile-use-FIXED_TIMESTAMP-for-mkstandalone-if-set.patch b/projects/grub/patches/0003-Makefile-use-FIXED_TIMESTAMP-for-mkstandalone-if-set.patch
new file mode 100644
index 00000000..f06dbfb5
--- /dev/null
+++ b/projects/grub/patches/0003-Makefile-use-FIXED_TIMESTAMP-for-mkstandalone-if-set.patch
@@ -0,0 +1,30 @@
+From 57174ed960905be4f9c229bbf3913b25745dbfd9 Mon Sep 17 00:00:00 2001
+From: Alexander Couzens <lynxis@fe80.eu>
+Date: Fri, 4 Dec 2015 17:10:44 +0100
+Subject: [PATCH 10/10] Makefile: use FIXED_TIMESTAMP for mkstandalone if set
+
+mkstandalone sets timestamps for files which can be overriden by a fixed_timestamp.
+This makes it possible to build reproducible builds for coreboot.
+
+To build a reproducible build of grub for coreboot do:
+make default_payload.elf FIXED_TIMESTAMP=1134242
+---
+ Makefile.am | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index 00a9663..ed7f148 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -411,7 +411,7 @@ bootcheck: $(BOOTCHECKS)
+ if COND_i386_coreboot
+ default_payload.elf: grub-mkstandalone grub-mkimage FORCE
+ test -f $@ && rm $@ || true
+- pkgdatadir=. ./grub-mkstandalone --grub-mkimage=./grub-mkimage -O i386-coreboot -o $@ --modules='ahci pata ehci uhci ohci usb_keyboard usbms part_msdos ext2 fat at_keyboard part_gpt usbserial_usbdebug cbfs' --install-modules='ls linux search configfile normal cbtime cbls memrw iorw minicmd lsmmap lspci halt reboot hexdump pcidump regexp setpci lsacpi chain test serial multiboot cbmemc linux16 gzio echo help syslinuxcfg xnu $(shell cat grub-core/fs.lst) password_pbkdf2 $(EXTRA_PAYLOAD_MODULES)' --fonts= --themes= --locales= -d grub-core/ /boot/grub/grub.cfg=$(srcdir)/coreboot.cfg
++ pkgdatadir=. ./grub-mkstandalone --grub-mkimage=./grub-mkimage -O i386-coreboot -o $@ --modules='ahci pata ehci uhci ohci usb_keyboard usbms part_msdos ext2 fat at_keyboard part_gpt usbserial_usbdebug cbfs' --install-modules='ls linux search configfile normal cbtime cbls memrw iorw minicmd lsmmap lspci halt reboot hexdump pcidump regexp setpci lsacpi chain test serial multiboot cbmemc linux16 gzio echo help syslinuxcfg xnu $(shell cat grub-core/fs.lst) password_pbkdf2 $(EXTRA_PAYLOAD_MODULES)' --fonts= --themes= --locales= -d grub-core/ /boot/grub/grub.cfg=$(srcdir)/coreboot.cfg $(if $(FIXED_TIMESTAMP),-t $(FIXED_TIMESTAMP))
+ endif
+
+ endif
+--
+1.9.1
+