Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > linux.debian.security > #6277

Bug#1040901: Upcoming changes to Debian Linux kernel packages

From Bastian Blank <waldi@debian.org>
Newsgroups linux.debian.bugs.dist, linux.debian.maint.boot, linux.debian.devel.release, linux.debian.security, linux.debian.kernel
Subject Bug#1040901: Upcoming changes to Debian Linux kernel packages
Date 2023-10-07 17:00 +0200
Message-ID <HmgWB-eblS-1@gated-at.bofh.it> (permalink)
References <GQD57-8S4-3@gated-at.bofh.it> <Hhx21-be81-1@gated-at.bofh.it> <GQD57-8S4-3@gated-at.bofh.it> <Hhx21-be81-1@gated-at.bofh.it>
Organization linux.* mail to news gateway

Cross-posted to 5 groups.

Show all headers | View raw

Moin

On Sun, Sep 24, 2023 at 03:01:51PM +0200, Bastian Blank wrote:
> ## Kernel modules will be signed with an ephemeral key

This is now
https://salsa.debian.org/kernel-team/linux/-/merge_requests/607.

> ## Image packages contains more version info
> 
> Example: linux-image-6.5.3-cloud-arm64

> It will not longer be possible to reliably derive the package name from
> kernel release (see above), as both values are not really related
> anymore.

I missed that apt does something similar (maintainers cced).  It wants
to see if a particular package matches the current kernel to make the
autoremove prevention work.  That lookup is quite a hard problem.

What should work:  We define a new control field.  It contains both the
kernel name and a version prefix. 

Example:
- Linux 6.6 (would match 6.6-1, 6.6.1-1)
- Linux 6.6.3 (would match 6.6.3-1, but not 6.6.3+2-1)
- Linux 6.6.3+2

The algorithm would be something like this:
- Check $(uname -s) against the first word.  Otherwise completely
  ignore.
- Check if $(uname -r) matches the version prefix in this field.  Mark
  as keep if it matches.
- Aggregate packages by version prefix.
- Sort as version, keep newest two(?).

This means:
- Images and headers are always kept with the same versions.
- Different images (-arm64, -rt-arm64) are always kept together.

Counter proposal: Use see the kernel release as debian version and match
on the upstream version.  But then we need to re-define what we put into
the kernel release field.  In 6.6.1-1-cloud-arm64, the upstream version
is 6.6.1-1-cloud, not 6.6.1 as we would need.  We could of course change
that to: 6.6.1-1~cloud+arm64.  That should always sort correctly in
regard of the package version.

> ## Header and tool packages will not longer contain version

This is obsolete with the counter proposal of a meta package that always
pulls in image and headers of the same version.

Regards,
Bastian

-- 
Without followers, evil cannot spread.
		-- Spock, "And The Children Shall Lead", stardate 5029.5

Back to linux.debian.security | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

Bug#1040901: Upcoming changes to Debian Linux kernel packages Bastian Blank <waldi@debian.org> - 2023-09-24 15:10 +0200
  Re: Upcoming changes to Debian Linux kernel packages Andreas Beckmann <anbe@debian.org> - 2023-09-24 23:20 +0200
    Re: Upcoming changes to Debian Linux kernel packages Bastian Blank <waldi@debian.org> - 2023-09-25 01:10 +0200
      Re: Upcoming changes to Debian Linux kernel packages Andreas Beckmann <anbe@debian.org> - 2023-09-25 04:40 +0200
        Re: Upcoming changes to Debian Linux kernel packages Bastian Blank <waldi@debian.org> - 2023-10-01 12:10 +0200
          Re: Upcoming changes to Debian Linux kernel packages Michel Verdier <mv524@free.fr> - 2023-10-01 12:20 +0200
            Re: Upcoming changes to Debian Linux kernel packages Bastian Blank <waldi@debian.org> - 2023-10-01 13:50 +0200
              Re: Upcoming changes to Debian Linux kernel packages Michel Verdier <mv524@free.fr> - 2023-10-01 16:40 +0200
          Re: Upcoming changes to Debian Linux kernel packages Sam Hartman <hartmans@debian.org> - 2023-10-03 16:40 +0200
            Re: Upcoming changes to Debian Linux kernel packages herve <herve@couvelard.com> - 2023-10-03 17:30 +0200
              Re: Upcoming changes to Debian Linux kernel packages Bjørn Mork <bjorn@mork.no> - 2023-10-03 19:10 +0200
                Re: Upcoming changes to Debian Linux kernel packages herve <herve@couvelard.com> - 2023-10-03 20:40 +0200
            Re: Upcoming changes to Debian Linux kernel packages Bastian Blank <waldi@debian.org> - 2023-10-03 19:50 +0200
              Re: Upcoming changes to Debian Linux kernel packages Adrian Bunk <bunk@debian.org> - 2023-10-03 22:00 +0200
                Re: Upcoming changes to Debian Linux kernel packages Robert Nelson <robertcnelson@gmail.com> - 2023-10-03 22:10 +0200
                Re: Upcoming changes to Debian Linux kernel packages Bastian Blank <waldi@debian.org> - 2023-10-05 08:30 +0200
                Re: Upcoming changes to Debian Linux kernel packages Sam Hartman <hartmans@debian.org> - 2023-10-05 16:10 +0200
                Re: Upcoming changes to Debian Linux kernel packages Russ Allbery <rra@debian.org> - 2023-10-05 17:30 +0200
                Re: Upcoming changes to Debian Linux kernel packages Bastian Blank <waldi@debian.org> - 2023-10-26 14:00 +0200
              Re: Upcoming changes to Debian Linux kernel packages Andreas Beckmann <anbe@debian.org> - 2023-10-04 00:00 +0200
                Re: Upcoming changes to Debian Linux kernel packages Bastian Blank <waldi@debian.org> - 2023-10-05 08:10 +0200
  Bug#1040901: Upcoming changes to Debian Linux kernel packages Bastian Blank <waldi@debian.org> - 2023-10-05 21:30 +0200
  Bug#1040901: Upcoming changes to Debian Linux kernel packages Bastian Blank <waldi@debian.org> - 2023-10-07 17:00 +0200
    Bug#1040901: Upcoming changes to Debian Linux kernel packages Bastian Blank <waldi@debian.org> - 2023-10-27 11:00 +0200

csiph-web