blob: b92cbc265446c45fe86f0ffb09258c134ce43ef7 [file] [log] [blame]
Patrick Williamsc124f4f2015-09-15 14:41:29 -05001SUMMARY = "GRUB2 is the next-generation GRand Unified Bootloader"
2
3DESCRIPTION = "GRUB2 is the next generaion of a GPLed bootloader \
4intended to unify bootloading across x86 operating systems. In \
5addition to loading the Linux kernel, it implements the Multiboot \
6standard, which allows for flexible loading of multiple boot images."
7
8HOMEPAGE = "http://www.gnu.org/software/grub/"
9SECTION = "bootloaders"
10
Andrew Geissler7e0e3c02022-02-25 20:34:39 +000011LICENSE = "GPL-3.0-only"
Patrick Williamsc124f4f2015-09-15 14:41:29 -050012LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
13
Andrew Geissler635e0e42020-08-21 15:58:33 -050014CVE_PRODUCT = "grub2"
15
Andrew Geissler09036742021-06-25 14:25:14 -050016SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \
Brad Bishopd7bf8c12018-02-25 22:55:05 -050017 file://0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch \
Brad Bishopd7bf8c12018-02-25 22:55:05 -050018 file://autogen.sh-exclude-pc.patch \
19 file://grub-module-explicitly-keeps-symbole-.module_license.patch \
20 file://0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch \
Andrew Geisslerd1e89492021-02-12 15:35:20 -060021 file://determinism.patch \
Andrew Geissler95ac1b82021-03-31 14:34:31 -050022 file://0001-RISC-V-Restore-the-typcast-to-long.patch \
Andrew Geissler595f6302022-01-24 19:11:47 +000023 file://CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch \
Andrew Geissler7e0e3c02022-02-25 20:34:39 +000024 file://0001-configure.ac-Use-_zicsr_zifencei-extentions-on-riscv.patch \
Patrick Williams92b42cb2022-09-03 06:53:57 -050025 file://video-Remove-trailing-whitespaces.patch \
26 file://CVE-2021-3695-video-readers-png-Drop-greyscale-support-to-fix-heap.patch \
27 file://CVE-2021-3696-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff.patch \
28 file://video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch \
29 file://video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch \
30 file://CVE-2021-3697-video-readers-jpeg-Block-int-underflow-wild-pointer.patch \
31 file://CVE-2022-28733-net-ip-Do-IP-fragment-maths-safely.patch \
32 file://CVE-2022-28734-net-http-Fix-OOB-write-for-split-http-headers.patch \
33 file://CVE-2022-28734-net-http-Error-out-on-headers-with-LF-without-CR.patch \
34 file://CVE-2022-28735-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch \
Andrew Geissler87f5cff2022-09-30 13:13:31 -050035 file://0001-configure-Remove-obsoleted-malign-jumps-loops-functi.patch \
36 file://0002-configure-Check-for-falign-jumps-1-beside-falign-loo.patch \
Andrew Geissler517393d2023-01-13 08:55:19 -060037 file://loader-efi-chainloader-Simplify-the-loader-state.patch \
38 file://commands-boot-Add-API-to-pass-context-to-loader.patch \
39 file://CVE-2022-28736-loader-efi-chainloader-Use-grub_loader_set_ex.patch\
40 file://0001-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch \
41 file://CVE-2022-2601.patch \
42 file://CVE-2022-3775.patch \
Andrew Geissler6aa7eec2023-03-03 12:41:14 -060043 file://0001-risc-v-Handle-R_RISCV_CALL_PLT-reloc.patch \
Brad Bishopd7bf8c12018-02-25 22:55:05 -050044"
Andrew Geissler95ac1b82021-03-31 14:34:31 -050045
Andrew Geissler09036742021-06-25 14:25:14 -050046SRC_URI[sha256sum] = "23b64b4c741569f9426ed2e3d0e6780796fca081bee4c99f62aa3f53ae803f5f"
William A. Kennington IIIac69b482021-06-02 12:28:27 -070047
48# Applies only to RHEL
Andrew Geissler7e0e3c02022-02-25 20:34:39 +000049CVE_CHECK_IGNORE += "CVE-2019-14865"
Andrew Geissler9aee5002022-03-30 16:27:02 +000050# Applies only to SUSE
51CVE_CHECK_IGNORE += "CVE-2021-46705"
William A. Kennington IIIac69b482021-06-02 12:28:27 -070052
Brad Bishop08902b02019-08-20 09:16:51 -040053DEPENDS = "flex-native bison-native gettext-native"
Patrick Williamsc124f4f2015-09-15 14:41:29 -050054
Andrew Geissler87f5cff2022-09-30 13:13:31 -050055GRUB_COMPATIBLE_HOST = '(x86_64.*|i.86.*|arm.*|aarch64.*|riscv.*)-(linux.*|freebsd.*)'
56COMPATIBLE_HOST = "${GRUB_COMPATIBLE_HOST}"
57# Grub doesn't support hard float toolchain and won't be able to forcefully
58# disable it on some of the target CPUs. See 'configure.ac' for
59# supported/unsupported CPUs in hardfp.
Patrick Williams2390b1b2022-11-03 13:47:49 -050060COMPATIBLE_HOST:armv7a = "${@'null' if bb.utils.contains('TUNE_CCARGS_MFLOAT', 'hard', True, False, d) else d.getVar('GRUB_COMPATIBLE_HOST')}"
61COMPATIBLE_HOST:armv7ve = "${@'null' if bb.utils.contains('TUNE_CCARGS_MFLOAT', 'hard', True, False, d) else d.getVar('GRUB_COMPATIBLE_HOST')}"
Patrick Williamsc124f4f2015-09-15 14:41:29 -050062
Brad Bishopd7bf8c12018-02-25 22:55:05 -050063# configure.ac has code to set this automagically from the target tuple
64# but the OE freeform one (core2-foo-bar-linux) don't work with that.
65
Patrick Williams213cb262021-08-07 19:21:33 -050066GRUBPLATFORM:arm = "efi"
67GRUBPLATFORM:aarch64 = "efi"
68GRUBPLATFORM:riscv32 = "efi"
69GRUBPLATFORM:riscv64 = "efi"
Brad Bishopd7bf8c12018-02-25 22:55:05 -050070GRUBPLATFORM ??= "pc"
Patrick Williamsc124f4f2015-09-15 14:41:29 -050071
Andrew Geissler82c905d2020-04-13 13:39:40 -050072inherit autotools gettext texinfo pkgconfig
Patrick Williamsc124f4f2015-09-15 14:41:29 -050073
Patrick Williams213cb262021-08-07 19:21:33 -050074CFLAGS:remove = "-O2"
William A. Kennington IIIac69b482021-06-02 12:28:27 -070075
Brad Bishopd7bf8c12018-02-25 22:55:05 -050076EXTRA_OECONF = "--with-platform=${GRUBPLATFORM} \
77 --disable-grub-mkfont \
78 --program-prefix="" \
79 --enable-liblzma=no \
80 --enable-libzfs=no \
81 --enable-largefile \
Brad Bishop08902b02019-08-20 09:16:51 -040082 --disable-werror \
Brad Bishopd7bf8c12018-02-25 22:55:05 -050083"
84
Patrick Williamsc124f4f2015-09-15 14:41:29 -050085PACKAGECONFIG ??= ""
86PACKAGECONFIG[grub-mount] = "--enable-grub-mount,--disable-grub-mount,fuse"
Brad Bishop316dfdd2018-06-25 12:45:53 -040087PACKAGECONFIG[device-mapper] = "--enable-device-mapper,--disable-device-mapper,libdevmapper"
Patrick Williamsc124f4f2015-09-15 14:41:29 -050088
Patrick Williamsd8c66bc2016-06-20 12:57:21 -050089# grub2 creates its own set of -nostdinc / -isystem / -ffreestanding CFLAGS and
90# OE's default BUILD_CFLAGS (assigned to CFLAGS for native builds) etc, conflict
91# with that. Note that since BUILD_CFLAGS etc are not used by grub2 target
92# builds, it's safe to clear them unconditionally for both target and native.
93BUILD_CPPFLAGS = ""
94BUILD_CFLAGS = ""
95BUILD_CXXFLAGS = ""
96BUILD_LDFLAGS = ""
97
Brad Bishop96ff1982019-08-19 13:50:42 -040098export PYTHON = "python3"
99
Patrick Williams213cb262021-08-07 19:21:33 -0500100do_configure:prepend() {
Andrew Geissler82c905d2020-04-13 13:39:40 -0500101 cd ${S}
102 FROM_BOOTSTRAP=1 ${S}/autogen.sh
103 cd ${B}
Patrick Williamsd8c66bc2016-06-20 12:57:21 -0500104}