summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKevin F. Quinn <kevquinn@gentoo.org>2007-03-07 16:25:54 +0000
committerKevin F. Quinn <kevquinn@gentoo.org>2007-03-07 16:25:54 +0000
commit71962ac65702b1f65fbf15e378bdc32e764e9a99 (patch)
treeaa86bce266758cdb9ee9012810c95b22d33567b9 /hardened
parentRebuild manifests following bump move (diff)
downloadkevquinn-71962ac65702b1f65fbf15e378bdc32e764e9a99.tar.gz
kevquinn-71962ac65702b1f65fbf15e378bdc32e764e9a99.tar.bz2
kevquinn-71962ac65702b1f65fbf15e378bdc32e764e9a99.zip
Add sys-boot/grub to overlay (bug #168834). Minor tidy-ups in flag-o.
svn path=/; revision=189
Diffstat (limited to 'hardened')
-rw-r--r--hardened/toolchain/branches/pieworld/eclass/flag-o-matic.eclass30
-rw-r--r--hardened/toolchain/branches/pieworld/sys-boot/grub/Manifest10
-rw-r--r--hardened/toolchain/branches/pieworld/sys-boot/grub/files/digest-grub-0.97-r39
-rw-r--r--hardened/toolchain/branches/pieworld/sys-boot/grub/grub-0.97-r3.ebuild163
4 files changed, 199 insertions, 13 deletions
diff --git a/hardened/toolchain/branches/pieworld/eclass/flag-o-matic.eclass b/hardened/toolchain/branches/pieworld/eclass/flag-o-matic.eclass
index 7dfb2f6..670ca84 100644
--- a/hardened/toolchain/branches/pieworld/eclass/flag-o-matic.eclass
+++ b/hardened/toolchain/branches/pieworld/eclass/flag-o-matic.eclass
@@ -121,16 +121,18 @@ setup-allowed-flags() {
return 0
}
+# Internal function for _filter-hardened
+# _manage_hardened <flag being filtered> <minispec to use> <cflag to use>
_manage-hardened() {
- local newspec=$1
- [[ -z $2 ]] && die "Internal flag-o-matic error ($*) - please report"
+ local filter=$1 newspec=$2
+ [[ -z $3 ]] && die "Internal flag-o-matic error ($*) - please report"
if _gcc-specs-exists ${newspec}.specs; then
[[ -z ${GCC_SPECS} ]] || newspec=":${newspec}"
export GCC_SPECS="${GCC_SPECS}${newspec}.specs"
- einfo "Hardened compiler filtered $2 - GCC_SPECS set to ${GCC_SPECS}"
+ einfo "Hardened compiler filtered $1 - GCC_SPECS set to ${GCC_SPECS}"
else
local oldspec=${GCC_SPECS/*\/} newspec=""
- case $1 in
+ case $2 in
"nopie")
case ${oldspec} in
"" | "hardened.specs")
@@ -150,17 +152,19 @@ _manage-hardened() {
"noznow" | "nozrelro")
newspec="vanilla.specs";;
*)
- die "Internal flag-o-matic.eclass error - unrecognised hardened filter $1"
+ die "Internal flag-o-matic.eclass error - unrecognised hardened filter $2"
;;
esac
if [[ -n ${newspec} ]]; then
if _gcc-specs-exists ${newspec}; then
export GCC_SPECS="${newspec}"
- einfo "Hardened compiler filtered $2 - GCC_SPECS set to ${GCC_SPECS}"
+ einfo "Hardened compiler filtered $1 - GCC_SPECS set to ${GCC_SPECS}"
+ else
+ die "Internal flag-o-matic error ($*) - please report"
fi
else
- _raw_append_flag $2
- einfo "Hardened compiler filtered $2 - CFLAGS set to ${CFLAGS}"
+ _raw_append_flag $3
+ einfo "Hardened compiler filtered $1 - CFLAGS set to ${CFLAGS}"
fi
fi
}
@@ -176,19 +180,19 @@ _filter-hardened() {
# thinking about -fPIE.
-fPIC|-fpic|-fPIE|-fpie|-Wl,pie|-pie)
gcc-specs-pie &&
- _manage-hardened nopie -nopie ;;
+ _manage-hardened ${f} nopie -nopie ;;
-fstack-protector)
gcc-specs-ssp &&
- _manage-hardened nossp -fno-stack-protector ;;
+ _manage-hardened ${f} nossp -fno-stack-protector ;;
-fstack-protector-all)
gcc-specs-ssp-to-all &&
- _manage-hardened nosspall -fno-stack-protector-all ;;
+ _manage-hardened ${f} nosspall -fno-stack-protector-all ;;
-now|-Wl,-z,now)
gcc-specs-now &&
- _manage-hardened noznow -nonow ;;
+ _manage-hardened ${f} noznow -nonow ;;
-relro|-Wl,-z,relro)
gcc-specs-now &&
- _manage-hardened nozrelro -norelro ;;
+ _manage-hardened ${f} nozrelro -norelro ;;
esac
done
}
diff --git a/hardened/toolchain/branches/pieworld/sys-boot/grub/Manifest b/hardened/toolchain/branches/pieworld/sys-boot/grub/Manifest
new file mode 100644
index 0000000..24de6ec
--- /dev/null
+++ b/hardened/toolchain/branches/pieworld/sys-boot/grub/Manifest
@@ -0,0 +1,10 @@
+DIST grub-0.97-patches-1.4.tar.bz2 24693 RMD160 6afefff73b5f3ab5c6d05563c4f67f37dbfce16c SHA1 7c26a941467b58380747c9d1e07c14dfc3998b10 SHA256 290dd96fdeb9471c516f061f4949ccda33f8d03ab81a6e2beb5005b3022e71da
+DIST grub-0.97.tar.gz 971783 RMD160 7fb5674edf0c950bd38e94f85ff1e2909aa741f0 SHA1 2580626c4579bd99336d3af4482c346c95dac4fb SHA256 4e1d15d12dbd3e9208111d6b806ad5a9857ca8850c47877d36575b904559260b
+DIST splash.xpm.gz 33856 RMD160 2fead61f91c368429e80936248bb02af2bdf15ff SHA1 98e679f9698be43426f971f89a088c053e8c804a SHA256 b95600f777331b0dd31d51c68f60f0e846e4c8b628857a41165f4e6b30e6acaf
+EBUILD grub-0.97-r3.ebuild 4716 RMD160 76ba5b18b9a7c72f58f931d51b9026ec5c75cef3 SHA1 39eeb8ae832172767b4e658501f06beb3b27f8cb SHA256 b07e9aebac7fea6ba1e8564885ee72f2e87adf28e8105de090c81ac8c814d6c4
+MD5 cbe0f2b7e6dffa4a754628e90663b09e grub-0.97-r3.ebuild 4716
+RMD160 76ba5b18b9a7c72f58f931d51b9026ec5c75cef3 grub-0.97-r3.ebuild 4716
+SHA256 b07e9aebac7fea6ba1e8564885ee72f2e87adf28e8105de090c81ac8c814d6c4 grub-0.97-r3.ebuild 4716
+MD5 95650f97ede7437cc0f34b5a519fafd1 files/digest-grub-0.97-r3 711
+RMD160 f89bb19df1610b09fae5ffed1c4b06572ee38ce9 files/digest-grub-0.97-r3 711
+SHA256 8d0b3d6a65d423c40eb72ac88673e653204c2aa4c579e5284f2c327b6b782342 files/digest-grub-0.97-r3 711
diff --git a/hardened/toolchain/branches/pieworld/sys-boot/grub/files/digest-grub-0.97-r3 b/hardened/toolchain/branches/pieworld/sys-boot/grub/files/digest-grub-0.97-r3
new file mode 100644
index 0000000..26b24df
--- /dev/null
+++ b/hardened/toolchain/branches/pieworld/sys-boot/grub/files/digest-grub-0.97-r3
@@ -0,0 +1,9 @@
+MD5 995985c7bd6d9680b36d6efd677fb751 grub-0.97-patches-1.4.tar.bz2 24693
+RMD160 6afefff73b5f3ab5c6d05563c4f67f37dbfce16c grub-0.97-patches-1.4.tar.bz2 24693
+SHA256 290dd96fdeb9471c516f061f4949ccda33f8d03ab81a6e2beb5005b3022e71da grub-0.97-patches-1.4.tar.bz2 24693
+MD5 cd3f3eb54446be6003156158d51f4884 grub-0.97.tar.gz 971783
+RMD160 7fb5674edf0c950bd38e94f85ff1e2909aa741f0 grub-0.97.tar.gz 971783
+SHA256 4e1d15d12dbd3e9208111d6b806ad5a9857ca8850c47877d36575b904559260b grub-0.97.tar.gz 971783
+MD5 cdd6c89d48982ecd544c0b4774755afd splash.xpm.gz 33856
+RMD160 2fead61f91c368429e80936248bb02af2bdf15ff splash.xpm.gz 33856
+SHA256 b95600f777331b0dd31d51c68f60f0e846e4c8b628857a41165f4e6b30e6acaf splash.xpm.gz 33856
diff --git a/hardened/toolchain/branches/pieworld/sys-boot/grub/grub-0.97-r3.ebuild b/hardened/toolchain/branches/pieworld/sys-boot/grub/grub-0.97-r3.ebuild
new file mode 100644
index 0000000..fd96df3
--- /dev/null
+++ b/hardened/toolchain/branches/pieworld/sys-boot/grub/grub-0.97-r3.ebuild
@@ -0,0 +1,163 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-boot/grub/grub-0.97-r3.ebuild,v 1.7 2007/01/15 01:50:09 metalgod Exp $
+
+WANT_AUTOCONF="latest"
+WANT_AUTOMAKE="latest"
+inherit mount-boot eutils flag-o-matic toolchain-funcs autotools
+
+PATCHVER="1.4"
+DESCRIPTION="GNU GRUB Legacy boot loader"
+HOMEPAGE="http://www.gnu.org/software/grub/"
+SRC_URI="mirror://gentoo/${P}.tar.gz
+ ftp://alpha.gnu.org/gnu/${PN}/${P}.tar.gz
+ mirror://gentoo/splash.xpm.gz
+ mirror://gentoo/${P}-patches-${PATCHVER}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 x86"
+IUSE="static netboot custom-cflags"
+
+DEPEND=">=sys-libs/ncurses-5.2-r5"
+PROVIDE="virtual/bootloader"
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+
+ # patch breaks booting for some people #111885
+ rm "${WORKDIR}"/patch/400_*
+
+ if [[ -n ${PATCHVER} ]] ; then
+ EPATCH_SUFFIX="patch"
+ epatch "${WORKDIR}"/patch
+ eautoreconf
+ fi
+}
+
+src_compile() {
+ use amd64 && multilib_toolchain_setup x86
+
+ unset BLOCK_SIZE #73499
+
+ ### i686-specific code in the boot loader is a bad idea; disabling to ensure
+ ### at least some compatibility if the hard drive is moved to an older or
+ ### incompatible system.
+
+ # grub-0.95 added -fno-stack-protector detection, to disable ssp for stage2,
+ # but the objcopy's (faulty) test fails if -fstack-protector is default.
+ # create a cache telling configure that objcopy is ok, and add -C to econf
+ # to make use of the cache.
+ #
+ # CFLAGS has to be undefined running econf, else -fno-stack-protector detection fails.
+ # STAGE2_CFLAGS is not allowed to be used on emake command-line, it overwrites
+ # -fno-stack-protector detected by configure, removed from netboot's emake.
+ use custom-cflags || unset CFLAGS
+
+ export grub_cv_prog_objcopy_absolute=yes #79734
+ use static && append-ldflags -static
+
+ filter-flags -fPIE -fstack-protector #168834
+
+ # build the net-bootable grub first, but only if "netboot" is set
+ if use netboot ; then
+ econf \
+ --libdir=/lib \
+ --datadir=/usr/lib/grub \
+ --exec-prefix=/ \
+ --disable-auto-linux-mem-opt \
+ --enable-diskless \
+ --enable-{3c{5{03,07,09,29,95},90x},cs89x0,davicom,depca,eepro{,100}} \
+ --enable-{epic100,exos205,ni5210,lance,ne2100,ni{50,65}10,natsemi} \
+ --enable-{ne,ns8390,wd,otulip,rtl8139,sis900,sk-g16,smc9000,tiara} \
+ --enable-{tulip,via-rhine,w89c840} || die "netboot econf failed"
+
+ emake w89c840_o_CFLAGS="-O" || die "making netboot stuff"
+
+ mv -f stage2/{nbgrub,pxegrub} "${S}"/
+ mv -f stage2/stage2 stage2/stage2.netboot
+
+ make clean || die "make clean failed"
+ fi
+
+ # Now build the regular grub
+ # Note that FFS and UFS2 support are broken for now - stage1_5 files too big
+ econf \
+ --libdir=/lib \
+ --datadir=/usr/lib/grub \
+ --exec-prefix=/ \
+ --disable-auto-linux-mem-opt || die "econf failed"
+ emake || die "making regular stuff"
+}
+
+src_test() {
+ # non-default block size also give false pass/fails.
+ unset BLOCK_SIZE
+ make check || die "make check failed"
+}
+
+src_install() {
+ make DESTDIR="${D}" install || die
+ if use netboot ; then
+ exeinto /usr/lib/grub/${CHOST}
+ doexe nbgrub pxegrub stage2/stage2.netboot || die "netboot install"
+ fi
+
+ insinto /boot/grub
+ doins "${DISTDIR}"/splash.xpm.gz
+ newins docs/menu.lst grub.conf.sample
+
+ dodoc AUTHORS BUGS ChangeLog NEWS README THANKS TODO
+ newdoc docs/menu.lst grub.conf.sample
+}
+
+setup_boot_dir() {
+ local dir="${1}"
+
+ [[ ! -e ${dir} ]] && die "${dir} does not exist!"
+ [[ ! -e ${dir}/grub ]] && mkdir "${dir}/grub"
+
+ # change menu.lst to grub.conf
+ if [[ ! -e ${dir}/grub/grub.conf ]] && [[ -e ${dir}/grub/menu.lst ]] ; then
+ mv -f "${dir}"/grub/menu.lst "${dir}"/grub/grub.conf
+ ewarn
+ ewarn "*** IMPORTANT NOTE: menu.lst has been renamed to grub.conf"
+ ewarn
+ fi
+
+ if [[ ! -e ${dir}/grub/menu.lst ]]; then
+ einfo "Linking from new grub.conf name to menu.lst"
+ ln -snf grub.conf "${dir}"/grub/menu.lst
+ fi
+
+ [[ -e ${dir}/grub/stage2 ]] && mv "${dir}"/grub/stage2{,.old}
+
+ einfo "Copying files from /lib/grub and /usr/lib/grub to "${dir}""
+ for x in /lib*/grub/*/* /usr/lib*/grub/*/* ; do
+ [[ -f ${x} ]] && cp -p ${x} "${dir}"/grub/
+ done
+
+ if [[ -e ${dir}/grub/grub.conf ]] ; then
+ egrep \
+ -v '^[[:space:]]*(#|$|default|fallback|initrd|password|splashimage|timeout|title)' \
+ "${dir}"/grub/grub.conf | \
+ /sbin/grub --batch \
+ --device-map="${dir}"/grub/device.map \
+ > /dev/null
+ fi
+}
+
+pkg_postinst() {
+ [[ ${ROOT} != "/" ]] && return 0
+ setup_boot_dir /boot
+ einfo "To install grub files to another device (like a usb stick), just run:"
+ einfo " emerge --config =${PF}"
+}
+
+pkg_config() {
+ local dir
+ einfo "Enter the directory where you want to setup grub:"
+ read dir
+ setup_boot_dir ${dir}
+}