1SUMMARY = "GRUB2 is the next-generation GRand Unified Bootloader" 2 3DESCRIPTION = "GRUB2 is the next generaion of a GPLed bootloader \ 4intended to unify bootloading across x86 operating systems. In \ 5addition to loading the Linux kernel, it implements the Multiboot \ 6standard, which allows for flexible loading of multiple boot images." 7 8HOMEPAGE = "http://www.gnu.org/software/grub/" 9SECTION = "bootloaders" 10 11LICENSE = "GPL-3.0-only" 12LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" 13 14CVE_PRODUCT = "grub2" 15 16SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ 17 file://0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch \ 18 file://autogen.sh-exclude-pc.patch \ 19 file://grub-module-explicitly-keeps-symbole-.module_license.patch \ 20 file://0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch \ 21 file://determinism.patch \ 22 file://0001-RISC-V-Restore-the-typcast-to-long.patch \ 23 file://CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch \ 24 file://0001-configure.ac-Use-_zicsr_zifencei-extentions-on-riscv.patch \ 25 file://video-Remove-trailing-whitespaces.patch \ 26 file://CVE-2021-3695-video-readers-png-Drop-greyscale-support-to-fix-heap.patch \ 27 file://CVE-2021-3696-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff.patch \ 28 file://video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch \ 29 file://video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch \ 30 file://CVE-2021-3697-video-readers-jpeg-Block-int-underflow-wild-pointer.patch \ 31 file://CVE-2022-28733-net-ip-Do-IP-fragment-maths-safely.patch \ 32 file://CVE-2022-28734-net-http-Fix-OOB-write-for-split-http-headers.patch \ 33 file://CVE-2022-28734-net-http-Error-out-on-headers-with-LF-without-CR.patch \ 34 file://CVE-2022-28735-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch \ 35 file://0001-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch \ 36 file://CVE-2022-2601.patch \ 37 file://CVE-2022-3775.patch \ 38 file://loader-efi-chainloader-Simplify-the-loader-state.patch \ 39 file://commands-boot-Add-API-to-pass-context-to-loader.patch \ 40 file://CVE-2022-28736-loader-efi-chainloader-Use-grub_loader_set_ex.patch \ 41" 42 43SRC_URI[sha256sum] = "23b64b4c741569f9426ed2e3d0e6780796fca081bee4c99f62aa3f53ae803f5f" 44 45# Applies only to RHEL 46CVE_CHECK_IGNORE += "CVE-2019-14865" 47# Applies only to SUSE 48CVE_CHECK_IGNORE += "CVE-2021-46705" 49 50DEPENDS = "flex-native bison-native gettext-native" 51 52COMPATIBLE_HOST = '(x86_64.*|i.86.*|arm.*|aarch64.*|riscv.*)-(linux.*|freebsd.*)' 53COMPATIBLE_HOST:armv7a = 'null' 54COMPATIBLE_HOST:armv7ve = 'null' 55 56# configure.ac has code to set this automagically from the target tuple 57# but the OE freeform one (core2-foo-bar-linux) don't work with that. 58 59GRUBPLATFORM:arm = "efi" 60GRUBPLATFORM:aarch64 = "efi" 61GRUBPLATFORM:riscv32 = "efi" 62GRUBPLATFORM:riscv64 = "efi" 63GRUBPLATFORM ??= "pc" 64 65inherit autotools gettext texinfo pkgconfig 66 67CFLAGS:remove = "-O2" 68 69EXTRA_OECONF = "--with-platform=${GRUBPLATFORM} \ 70 --disable-grub-mkfont \ 71 --program-prefix="" \ 72 --enable-liblzma=no \ 73 --enable-libzfs=no \ 74 --enable-largefile \ 75 --disable-werror \ 76" 77 78PACKAGECONFIG ??= "" 79PACKAGECONFIG[grub-mount] = "--enable-grub-mount,--disable-grub-mount,fuse" 80PACKAGECONFIG[device-mapper] = "--enable-device-mapper,--disable-device-mapper,libdevmapper" 81 82# grub2 creates its own set of -nostdinc / -isystem / -ffreestanding CFLAGS and 83# OE's default BUILD_CFLAGS (assigned to CFLAGS for native builds) etc, conflict 84# with that. Note that since BUILD_CFLAGS etc are not used by grub2 target 85# builds, it's safe to clear them unconditionally for both target and native. 86BUILD_CPPFLAGS = "" 87BUILD_CFLAGS = "" 88BUILD_CXXFLAGS = "" 89BUILD_LDFLAGS = "" 90 91export PYTHON = "python3" 92 93do_configure:prepend() { 94 cd ${S} 95 FROM_BOOTSTRAP=1 ${S}/autogen.sh 96 cd ${B} 97} 98