FOSS activity in May 2023
-
Several users reported problems in building and testing patched kernels using the instructions in the Debian Kernel Handbook and the test-patches script included in the source package for this purpose: #871216, #1022061, and #1023773.
The test-patches script hadn't been updated to follow the past few years' packaging changes, and produced somewhat broken packages. It was also not robust to being interrupted and restarted, and was needlessly slow due to running the whole build process under fakeroot. I fixed all these problems in the script.
I updated the Debian Kernel Handbook to cover the changes in test-paches and to note the problems in older versions. I revised the instructions for building without this script to correctly cover disabling debug info, to enable parallel builds, and to include building all required binary packages.
- I issued DLA-3403-1 and DLA-3404-1 for security updates to the linux (4.19) and linux-5.10 packages in Debian LTS.
- I reviewed and accepted a merge request updating linux to upstream version 6.3. I updated further to stable update 6.3.1 and uploaded the package to the experimental suite.
- Following the experimental upload, I investigated and fixed build failures on armel, mips64el, mipsel, and sh4 due to increases in the kernel image size.
-
In cross-building linux for those architectures I found regressions in the way we build the objtool command that's used for post-processing and checking kernel code:
- The upstream build rules for objtool always carry out a native build so that it can be used during a cross-build of the kernel. But we also need to be able to cross-build objtool itself for inclusion in the linux-kbuild-version package. Our previous hack to do this broke.
- objtool was originally introduced specifically to handle x86 code, but now supports PowerPC as well. Since linux-kbuild packages support cross-building kernel modules, a single build of objtool will no longer be sufficient.
-
I updated Debian's patch to fix reproducibility of the manual pages for the perf tool, which was no longer working and partly overlapped with upstream changes. The updated version has now been applied upstream.
Unfortunately, due to reprotest's excessive memory consumption when comparing large packages, we hadn't been able to see that many other reproducibility issues have crept into the linux package over the past years. I've started work on fixing those.
- I investigated Debian bug #1036019: debian-installer: Broken X display with QEMU under UEFI with cirrus and std graphics and found a one-line fix, but there is some reasonable concern that my fix might cause regressions for other systems.
-
I reviewed and accepted several more merge requests for linux targetting the master branch:
- Update to 6.3.2 + 6.3.1-rt13
- [x86,amd64] Enable MEI options for Intel ARC GPUs
- d/templates: Improve package description for "header" packages
- [arm64] drivers/hwtracing/coresight: Enable components
- Enable limiting of compression threading
- [amd64] arch/x86: Enable Intel TDX - Guest Support
- [amd64] drivers/platform/x86/intel/ifs: Enable Intel In-Field Scan (IFS)
I made another upload of linux to the experimental suite with all the above changes.
- I reviewed a merge request to update to a release candidate for 6.4 and fixed a build regression. This isn't merged yet, but as soon as bookworm is released the kernel team should be ready to upload packages based on 6.3 and a 6.4 release candidate to unstable and experimental respectively.
- I updated the buster-security branch of linux to upstream stable version 4.19.283, but didn't make an upload this month.
- I investigated Debian bug #1036543: linux: WARNING at drivers/crypto/ccp/sev-dev.c:168 __sev_do_cmd_locked+0x31b/0x350 [ccp] and found that it was due to an incomplete backport in a stable update. I've reported the missing commits upstream.
- I did some paid work on IPv6 support in Busybox, but I don't yet have permission to make this public.
- I started work on supporting IPv6 in klibc's ipconfig, as requested in Debian bug #627164 12 years ago(!).
- I updated the kernel security tracker to add status for 6.1-upstream-stable and 6.1-bookworm-security branches to all active issues.