[MIR] opal-prd

As discussed, this needs a security review.

Also, it's missing a bug subscriber.

Would IBM be willing to provide backported patches in the event a CVE is found in this code base?

Yes. We (IBM) will try to provide required fixes.

-Vasant

There's a team subscriber now for the package; has it been acked by the security team yet?

The Security Team acks this unreviewed. We reserve the right to perform a security review at a later date. We are operating under the assumptions that 1) IBM will try to provide backported security fixes (per comment #3), 2) Server/Foundations teams will perform testing of the security updates (per email discussion); 3)the opal-prd package is built only for the ppc64el architecture; 4) opal-prd operates on trusted input provided by the Power firmware.

Referencing source bug for ease of navigation: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1555904 .

comment #3 says that IBM will provide necessary patches for this bug, could you please review this bug and post any links to patches that are upstream?

Manoj,

Comment #3 is in response to #2. In case if there is any CVE reported, then IBM will try to provide necessary fixes.

No additional patch is required to address this bug.

-Vasant

I did a quick review of the package for the MIR and it looks fine to me; MIR approved.

Override component to main
skiboot 5.4.3-1 in artful: universe/admin -> main
1 publication overridden.
Override component to main
opal-prd 5.4.3-1 in artful ppc64el: universe/admin/optional/100% -> main
1 publication overridden.