From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:403:478a::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms9.migadu.com with LMTPS id 0GWLAg0gtGTCEwAASxT56A (envelope-from ) for ; Sun, 16 Jul 2023 18:51:25 +0200 Received: from aspmx1.migadu.com ([2001:41d0:403:478a::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id aFOJAQ0gtGTPTgAAG6o9tA (envelope-from ) for ; Sun, 16 Jul 2023 18:51:25 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 823204EDE7 for ; Sun, 16 Jul 2023 18:51:24 +0200 (CEST) Authentication-Results: aspmx1.migadu.com; dkim=none; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Seal: i=1; s=key1; d=yhetil.org; t=1689526284; a=rsa-sha256; cv=none; b=sJdwSox2x4FCp2sjxWix1szrcfXI7Y+nur/sXeIpTMqddg1ogwYkEDDtgvPwQlLELH6juH xMhF6vAMIX1rfOlYGYXsd7DqhkTp6mflqE94iv6ItglcgMqNswDbvWV8Y9iRwoFUa9TtUu DKCr2uHCCG4IgE6FyV0AbOr88R52+LwTTZAS64nM9KoY+vlV+akiv0whj3eK4fW2Gyvji/ WEfgrI6npiCCQJVM9a11Vmsva5TlKwn/o8bd2qh7bcOyrKAIAxz0cdfKBAHfXYT7BmckT4 y/YN/0vlptlILlO3q0blPid0jyBETyOpY65vEDTApVgIqjlu8FWQUfGmWNGx8w== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1689526284; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=PKa5KO9+3BGm7L6HDjz14jOzyskM1vKOuu8prMx6208=; b=Xf4ZJEnSTM0WFL0DGEME1yLCmHsyI9pCsDFbd3eWTvCOvWe+hXuP+koq4gG0h2BJHQ/lvS 2uuESphHHThVw58PE7RgJcUdSMgiCMjch3fpEXc6+wVEPLenuF8Im7DzDe/5lH63PfX9xh KbAeoxoQMJl/o6K43fF+R2lEK2QucHm25X3KtSXemgLNJYBpwyU1zm65yp9Cj3vPS7s62A 8eLPTMMwwreGc+IOXflGY3FCbzhIVZEAY3K6MjH5aWrpOllWBobj/hlXrcyUcDiSlvrk63 fXCkgpiumpjFIZ9qKzYddXfTWLRwicng9XygISCDusVfdjgWdPXcvmjC9IgIMA== Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qL4xf-0006P4-10; Sun, 16 Jul 2023 12:51:07 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qL4xb-0006OK-Ew for guix-patches@gnu.org; Sun, 16 Jul 2023 12:51:03 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1qL4xb-0006Rb-4O for guix-patches@gnu.org; Sun, 16 Jul 2023 12:51:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1qL4xb-0001Gw-06 for guix-patches@gnu.org; Sun, 16 Jul 2023 12:51:03 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#64668] [PATCH 0/1] Add grub-coreboot Resent-From: Denis 'GNUtoo' Carikli Original-Sender: "Debbugs-submit" Resent-CC: , guix-patches@gnu.org Resent-Date: Sun, 16 Jul 2023 16:51:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 64668 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 64668@debbugs.gnu.org Cc: Denis 'GNUtoo' Carikli , ( , Christopher Baines , Ludovic =?UTF-8?Q?Court=C3=A8s?= , Mathieu Othacehe , Raghav Gururajan , Ricardo Wurmus , Simon Tournier , Tobias Geerinckx-Rice , jgart X-Debbugs-Original-To: guix-patches@gnu.org X-Debbugs-Original-Xcc: ( , Christopher Baines , Ludovic =?UTF-8?Q?Court=C3=A8s?= , Mathieu Othacehe , Raghav Gururajan , Ricardo Wurmus , Simon Tournier , Tobias Geerinckx-Rice , jgart Received: via spool by submit@debbugs.gnu.org id=B.16895262054797 (code B ref -1); Sun, 16 Jul 2023 16:51:02 +0000 Received: (at submit) by debbugs.gnu.org; 16 Jul 2023 16:50:05 +0000 Received: from localhost ([127.0.0.1]:48452 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qL4we-0001FD-Gh for submit@debbugs.gnu.org; Sun, 16 Jul 2023 12:50:05 -0400 Received: from lists.gnu.org ([2001:470:142::17]:56082) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qL4wa-0001EO-3L for submit@debbugs.gnu.org; Sun, 16 Jul 2023 12:50:02 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qL4wU-0005A4-Hm for guix-patches@gnu.org; Sun, 16 Jul 2023 12:49:54 -0400 Received: from cyberdimension.org ([2001:910:1314:ffff::1] helo=gnutoo.cyberdimension.org) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256) (Exim 4.90_1) (envelope-from ) id 1qL4wS-00063l-9r for guix-patches@gnu.org; Sun, 16 Jul 2023 12:49:54 -0400 Received: from gnutoo.cyberdimension.org (localhost [127.0.0.1]) by cyberdimension.org (OpenSMTPD) with ESMTP id 2dace947; Sun, 16 Jul 2023 16:49:47 +0000 (UTC) Received: from localhost.localdomain (localhost [::1]) by gnutoo.cyberdimension.org (OpenSMTPD) with ESMTP id dc4a3bab; Sun, 16 Jul 2023 16:49:47 +0000 (UTC) From: Denis 'GNUtoo' Carikli Date: Sun, 16 Jul 2023 18:49:31 +0200 Message-ID: X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2001:910:1314:ffff::1; envelope-from=GNUtoo@cyberdimension.org; helo=gnutoo.cyberdimension.org X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Scanner: mx0.migadu.com X-Migadu-Spam-Score: -4.64 X-Spam-Score: -4.64 X-Migadu-Queue-Id: 823204EDE7 X-TUID: /QmvtiQvdgko Hi, In the following mail there will be a patch that adds grub-coreboot. The './pre-inst-env guix lint grub-coreboot' command shows some warnings: [...]/bootloaders.scm:301:2: grub-coreboot@2.06: label 'qemu' does not match package name 'qemu-minimal' [...]/bootloaders.scm:301:2: grub-coreboot@2.06: label 'gettext' does not match package name 'gettext-minimal' [...]/bootloaders.scm:301:2: grub-coreboot@2.06: file names of patches should start with the package name [...]/bootloaders.scm:301:2: grub-coreboot@2.06: probably vulnerable to CVE-2022-2601, CVE-2022-3775, CVE-2021-3981 [...]/bootloaders.scm:301:2: grub-coreboot@2.06: updater 'gnu' failed to find upstream releases but since this package is based on grub-coreboot, I guess that things should be fixed there instead. A standalone image was built with the following commands: modules="ahci at_keyboard cbfs ehci ext2 fat ohci part_gpt part_msdos \ pata uhci usb_keyboard usbms usbserial_usbdebug" install_modules="acpi ahci all_video archelp at_keyboard ata blocklist \ boot btrfs cat cbfs cbls cbls cbmemc cbmemc cbtime cbtime chain chain \ cmosdump cmostest cmp configfile configfile cpio cpuid crc64 crypto \ cryptodisk cs5536 date datehook datetime disk diskfilter div dm_nv echo \ echo ehci elf eval exfat ext2 extcmd fat file fshelp gcry_crc gcry_rfc2268 \ gcry_rijndael gcry_rsa gcry_seed gcry_serpent gcry_sha1 gcry_sha256 \ gcry_sha512 gcry_twofish gettext gfxmenu gfxterm_background gfxterm_menu \ gptsync gzio gzio halt halt hashsum hdparm help help hexdump hexdump iorw \ iorw iso9660 jpeg keylayouts keystatus ldm linux linux linux16 linux16 \ loadenv loopback ls ls lsacpi lsacpi lsmmap lsmmap lspci lspci luks lvm \ lzopio mda_text memdisk memrw memrw minicmd minicmd mmap morse mpi \ msdospart multiboot multiboot multiboot2 nativedisk newc nilfs2 normal \ normal odc offsetio ohci part_gpt part_msdos parttool password \ password_pbkdf2 password_pbkdf2 pata pbkdf2 pci pcidump pcidump pgp play \ priority_queue probe procfs progress random read reboot reboot regexp \ regexp relocator romfs scsi search search search_fs_file search_fs_uuid \ search_label serial serial setjmp setpci setpci sfs sleep spkmodem squash4 \ syslinuxcfg syslinuxcfg tar terminal terminfo test test testload testspeed \ time tr trig true udf uhci usb usb_keyboard usbms usbserial_common \ usbserial_ftdi usbserial_pl2303 usbserial_usbdebug video_colors videoinfo \ xnu xzio" "/gnu/store/[...]/bin/grub-mkstandalone" \ -O i386-coreboot \ -o grub_payload.elf \ --fonts= \ --themes= \ --locales= \ --modules="${modules}" \ --install-modules="${install_modules}" \ /boot/grub/grub.cfg=coreboot.cfg The coreboot.cfg file was taken from grub source code (GPLv3+) and consist of the following: if test -f (cbfsdisk)/etc/grub.cfg; then source (cbfsdisk)/etc/grub.cfg fi The resulting image was tested on a Thinkpad X200 running a custom 100% free software version of Coreboot with as a GRUB payload) with the following commands: chainloader /path/to/grub_payload.elf boot It then booted fine. As for the partitions I used, I have LUKS encrypted hard drive with LVM2 and a mix of BTRFS and ext4 partitions. Denis 'GNUtoo' Carikli (1): gnu: Add grub-coreboot gnu/packages/bootloaders.scm | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) base-commit: 796c823a0d1d0aec9f4af908eca462e58e5675b5 -- 2.41.0