From 290786e60680ff4af7eb03cb6126d9886884e0ab Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Mon, 14 Jan 2019 09:56:05 +0100
Subject: [PATCH] Correctly set LDFLAGS and make grubby-bls expand all options
 variables

- Correctly set LDFLAGS to include hardened flags (pjones)
  Related: rhbz#1654936
- grubby-bls: expand all variables in options field when updating it
  Resolves: rhbz#1660700

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
 grubby-bls  | 35 +++++++++++++++--------------------
 grubby.spec | 11 +++++++++--
 2 files changed, 24 insertions(+), 22 deletions(-)

diff --git a/grubby-bls b/grubby-bls
index 708f830..8f4b73c 100755
--- a/grubby-bls
+++ b/grubby-bls
@@ -218,6 +218,20 @@ expand_var() {
     echo $var
 }
 
+get_bls_args() {
+    local args=${bls_options[$i]}
+    local opts=(${args})
+
+    for opt in ${opts[*]}; do
+        if [[ $opt =~ ^\$ ]]; then
+            value="$(expand_var $opt)"
+            args="$(echo ${args} | sed -e "s/${opt}/${value}/")"
+        fi
+    done
+
+    echo ${args}
+}
+
 display_info_values() {
     local indexes=($(param_to_indexes "$1"))
     local prefix=$(get_prefix)
@@ -229,15 +243,7 @@ display_info_values() {
     for i in ${indexes[*]}; do
         local root=""
         local value=""
-        local args=${bls_options[$i]}
-        local opts=(${args})
-
-        for opt in ${opts[*]}; do
-            if [[ $opt =~ ^\$ ]]; then
-                value="$(expand_var $opt)"
-                args="$(echo ${args} | sed -e "s/${opt}/${value}/")"
-            fi
-        done
+        local args="$(get_bls_args "$i")"
 
         local opts=(${args})
 
@@ -449,17 +455,6 @@ update_args() {
     echo ${args}
 }
 
-get_bls_args() {
-    if [[ $bootloader = "grub2" && "${bls_options[$i]}" = "\$kernelopts" ]]; then
-        old_args=$(grub2-editenv "${env}" list | grep kernelopts)
-        old_args="${old_args##kernelopts=}"
-    else
-        old_args="${bls_options[$i]}"
-    fi
-
-    echo ${old_args}
-}
-
 update_bls_fragment() {
     local indexes=($(param_to_indexes "$1")) && shift
     local remove_args=$1 && shift
diff --git a/grubby.spec b/grubby.spec
index a9d4b74..2623833 100644
--- a/grubby.spec
+++ b/grubby.spec
@@ -1,6 +1,6 @@
 Name: grubby
 Version: 8.40
-Release: 23%{?dist}
+Release: 24%{?dist}
 Summary: Command line tool for updating bootloader configs
 License: GPLv2+
 URL: https://github.com/rhinstaller/grubby
@@ -59,7 +59,8 @@ git config --unset user.email
 git config --unset user.name
 
 %build
-make %{?_smp_mflags}
+%set_build_flags
+make %{?_smp_mflags} LDFLAGS="${LDFLAGS}"
 
 %ifnarch aarch64 %{arm}
 %check
@@ -130,6 +131,12 @@ current boot environment.
  %{_mandir}/man8/*.8*
 
 %changelog
+* Mon Jan 14 2019 Javier Martinez Canillas <javierm@redhat.com> - 8.40-24
+- Correctly set LDFLAGS to include hardened flags (pjones)
+  Related: rhbz#1654936
+- grubby-bls: expand all variables in options field when updating it
+  Resolves: rhbz#1660700
+
 * Tue Dec 11 2018 Javier Martinez Canillas <javierm@redhat.com> - 8.40-23
 - grubby-bls: lookup default entry by either id or title on grub2
   Related: rhbz#1654936