Better living through software

• Reviewed changes to Debian package building in upstream Linux.
• Attended the Debian LTS monthly meeting on IRC.
• Reviewed the following merge requests:
  • linux: [ia64] Workaround an ICE when built with gcc-13 (proposed a less invasive fix)
  • linux: Remove architectures not existing in Debian (ongoing discussion)
  • linux: Build linux-libc-dev as arch-all package (proposed further changes: d/rules.real: Change linux-libc-dev installation again)
  • linux: Merge lintian and piupart jobs (suggested further simplification)
  • linux: Remove use of linux-compiler packages (queried)
  • linux: [x86] Various drivers for ChromeOS devices (merged)
  • linux: [arm64] Enable configs for MediaTek MT8173 and MT8183 Chromebooks (merged)
  • linux: [arm64] Enable more hardware for RK3399 ChromeOS tablets (merged)
  • linux: debian/salsa-ci.yml: Replace except: with rules: and Enable build arm64 on the default branch (changes requested; now merged)
  • linux: d/changelog: Move changelog items before 5.10 to changelog.old (proposed alternate change)
  • linux: [arm64] Increase max CPU count to 512 (queried)
• Updated the linux package for Debian 10 "buster" to 4.19.299, but didn't make an upload.
• Attended mini-DebConf Cambridge and the preceding mini-DebCamp, although I was absent on Sunday due to illness.
• Updated the backports of linux in bullseye-backports and bookworm-backports.
• Proposed fix for build regression for linux with upstream version 6.6.
• With some help from Helmut Grohne, updated kernel team maintained packages to move files under /usr: ethtool, firmware-free, firmware-nonfree, iw, klibc, ktls-utils, kup, linux, wireless-regdb.
• Proposed changes to dput-ng for better compatiblity with dput:
  • Add rsync upload method
  • Add support for config in $XDG_CONFIG_HOME/dput

posted at: 21:41 | path: / | permanent link to this entry

• Discussed several bug/issue reports in Debian:
  • Bug#1053122: linux-image-6.5.0-1-amd64: Kernel page fault in process exit due to bit flip
  • Bug#1052676: linux-config: Enabling Kernel Configurations for MediaTek Platforms (CONFIG_ARCH_MEDIATEK)
  • CONFIG_PREEMPT_DYNAMIC=y?
  • Illegal Instruction Using sudo in Bookworm on i686
• And for Linux stable branches:
  • [PATCH v2] docs: add backporting and conflict resolution document
  • [stable] Documentation: sysctl: align cells in second content column
• Updated the linux-5.10 package in Debian 10 "buster" and issued DLA-3623-1.
• Updated the linux backport in bookworm-backports.
• Updated klibc in Debian, applying a patch from Peng Fan to support the loong64 architecture.

posted at: 21:09 | path: / | permanent link to this entry

• Discussed the ongoing difficulties in supporting the Debian "marvell" kernel flavour. Reviewed the related merge request to fix armel build regression in Debian 12 "bookworm".
• Wrote and recorded a talk for DebConf on What's new in the Linux kernel. Apologies for the poor audio quality; I will use a different microphone if I do this again.
• Reviewed Bastian Blank's proposed changes to kernel package versioning and signing in Debian.
• Reported several bad backports to some Linux stable branches.
• Proposed a build fix for linux 6.5 on s390x.
• Updated the linux package for Debian 10 "buster" to 4.19.295, but didn't make an upload.

posted at: 20:42 | path: / | permanent link to this entry

• Updated the linux-5.10 package in buster and issued DLA-3512-1 for it.
• Together with Aurelien Jarno, I investigated boot failures of Linux 5.10 and later versions on Debian's MIPS buildds, but I didn't find the root cause or any solution.
• Reviewed and tested the kernel mitigations for the SRSO (CVE-2023-20569) issue in AMD CPUs, and added a critical missing patch to the backports.
• Updated the linux (4.19) and linux-5.10 packages in buster, and the linux (5.10) package in bullseye, to include mitigations for GDS (CVE-2022-40982) on Intel processors and (5.10 only) SRSO on AMD. I issued DLA-3524-1 and DLA-3525-1 for buster.
• Nattie and I hosted a 30th birthday party for Debian in Leuven.
• Rebased and submitted my fixes for dahdi-linux.
• Updated the linux master branch to upstream version 6.5-rc4 and uploaded to experimental.
• Updated the backports of linux in bullseye-backports and bookworm-backports.
• Updated jinja-vanish to be compatible with Jinja 3.0. I also wired up its test suite to autopkgtests and added a Salsa CI configuration to catch any future regressions more quickly.
• Reviewed the following merge requests:
  • firmware-nonfree: Update to 20230625 (merged)
  • klibc: Apply ubuntu specific patch (closed as no longer needed)
  • firmware-free: Recommend firmware-ath9k-htc for its seperately-packaged free firmware (rebased and merged)
  • initramfs-tools: mkinitramfs: Warn if initrd size > some ratio of RAM size (changes requested)
  • linux/buster: Add support for ARC-1886 series RAID controllers (queried)
  • nfs-utils: A couple more DEP8 tests (changes requested)
  • initramfs-tools: d/initramfs-tools.maintscripts: Remove code for ancient versions (merged)
• Proposed fixes for some metadata in firmware-nonfree.
• Updated scripts and templates in firmware-free to synchronise with firmware-nonfree.

posted at: 20:20 | path: / | permanent link to this entry

• I fixed native hppa builds of linux, which regressed due to my changes for cross-build support.
• I changed klibc's address layout for some architectures to work around a bug in QEMU user-space emulation. While investigating this I realised why klibc had started failing to link for MIPS R6, and fixed that too.
• I updated my branch fixing some reproducibility issues in linux.
• I packaged ktls-utils, which is needed to support use of TLS by the Linux kernel, in particular for NFS-over-TLS. I opened several upstream issues for problems I found.
• In order to test the NFS client with TLS, I needed Linux 6.5, so I updated the linux package to 6.5-rc3 (not yet uploaded).
• I cherry-picked mitigations for CVE-2023-20593 a.k.a. Zenbleed to various kernel branches, and uploaded linux version 6.1.38-2 to bookworm-security.
• I updated the buster-security branch of linux to upstream stable version 4.19.289, uploaded and issued DLA-3508-1 for it.
• I uploaded linux backport versions 6.3.7-1~bpo12+1 (bookworm-backports), 6.1.28-2~bpo11+1 (bullseye-backports), and 5.10.179-3~deb10u1 (buster-security).
• I made a minimal backport of the fix for CVE-2023-3610 for bullseye-security.
• I released klibc version 2.0.13 after nearly 6 months of development. (At the time of writing, the above link was broken due to an expired certificate.) Headline features are the LoongArch port and the use of 64-bit time_t and RT signals on all architectures. I also uploaded the new version to Debian.

posted at: 17:23 | path: / | permanent link to this entry