Ubuntu
intel-microcode package

microcode packages, like firmware packages, should be in main

Bug #1738272 reported by Steve Langasek
32
This bug affects 4 people
Affects Status Importance Assigned to Milestone
firmware-sof (Ubuntu)
Fix Released
Undecided
Andy Whitcroft
intel-microcode (Ubuntu)
Fix Released
Undecided
Unassigned
iucode-tool (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

The MIR for intel-microcode and iucode-tool in LP: #1388889 requested that these packages be shipped in restricted.

The iucode-tool package is free software, and is shipped in restricted only because of the circular recommends with intel-microcode.

The intel-microcode package contains non-free software (free redistribution, but no source code). However, this code is not part of the OS; it runs /under/ the OS on the CPU, and is analogous to linux-firmware, which we do include in main.

The question of suitability for restricted vs. main in Ubuntu was not examined as part of the previous MIR, and the security team signed off on it for "restricted or main as appropriate"; so I think the decision to put it in restricted was not based on a thorough examination of the facts by an archive admin, and does not represent a precedent that needs to be examined further.

I believe that these two packages should be promoted to main for consistency.

Revision history for this message
Andy Whitcroft (apw) wrote :

/me concurs, the contents of intel-microcode is very analogous to that of linux-firmware, wherein the contents are freely redistributable but may not actually come in source form. It seems entirely reasonable to treat intel-microcode and linux-firmware in a similar manner including component. iucode-tool would follow naturally.

This should also be put on the list of packages which should routinely be kept in sync in -security as -updates.

Revision history for this message
Steve Langasek (vorlon) wrote :

intel-microcode promoted to main in bionic:

Override component to main
intel-microcode 3.20171117.1 in bionic: restricted/admin -> main
intel-microcode 3.20171117.1 in bionic amd64: restricted/admin/extra/100% -> main
intel-microcode 3.20171117.1 in bionic i386: restricted/admin/extra/100% -> main
Override [y|N]? y
3 publications overridden.

Will use components-mismatches to double-check that everything is happy before promoting in stable releases.

Steve Langasek (vorlon)
Changed in intel-microcode (Ubuntu):
status: New → In Progress
Changed in iucode-tool (Ubuntu):
status: New → In Progress
Revision history for this message
Steve Langasek (vorlon) wrote :

Override component to main
iucode-tool 2.2-1 in bionic amd64: restricted/utils/optional/100% -> main
iucode-tool 2.2-1 in bionic i386: restricted/utils/optional/100% -> main
2 publications overridden.

Revision history for this message
Steve Langasek (vorlon) wrote :

Override component to main
intel-microcode 3.20170707.1 in artful: restricted/admin -> main
intel-microcode 3.20170707.1 in artful amd64: restricted/admin/extra/100% -> main
intel-microcode 3.20170707.1 in artful i386: restricted/admin/extra/100% -> main
3 publications overridden.
Override component to main
intel-microcode 3.20170707.1~ubuntu17.04.0 in zesty: restricted/admin -> main
intel-microcode 3.20170707.1~ubuntu17.04.0 in zesty amd64: restricted/admin/extra/100% -> main
intel-microcode 3.20170707.1~ubuntu17.04.0 in zesty i386: restricted/admin/extra/100% -> main
3 publications overridden.
Override component to main
intel-microcode 3.20170707.1~ubuntu16.04.0 in xenial: restricted/admin -> main
intel-microcode 3.20170707.1~ubuntu16.04.0 in xenial amd64: restricted/admin/extra/100% -> main
intel-microcode 3.20170707.1~ubuntu16.04.0 in xenial i386: restricted/admin/extra/100% -> main
3 publications overridden.
Override component to main
intel-microcode 2.20140624-t-1ubuntu2 in trusty: multiverse/admin -> main
intel-microcode 2.20140624-t-1ubuntu2 in trusty amd64: multiverse/admin/extra/100% -> main
intel-microcode 2.20140624-t-1ubuntu2 in trusty i386: multiverse/admin/extra/100% -> main
3 publications overridden.

Changed in intel-microcode (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Steve Langasek (vorlon) wrote :

Override component to main
iucode-tool 2.1.2-2 in artful: restricted/utils -> main
iucode-tool 2.1.2-2 in artful amd64: restricted/utils/optional/100% -> main
iucode-tool 2.1.2-2 in artful i386: restricted/utils/optional/100% -> main
3 publications overridden.
Override component to main
iucode-tool 2.1.1-1 in zesty: restricted/utils -> main
iucode-tool 2.1.1-1 in zesty amd64: restricted/utils/optional/100% -> main
iucode-tool 2.1.1-1 in zesty i386: restricted/utils/optional/100% -> main
3 publications overridden.
Override component to main
iucode-tool 1.5.1-1ubuntu0.1 in xenial: restricted/utils -> main
iucode-tool 1.5.1-1ubuntu0.1 in xenial amd64: restricted/utils/optional/100% -> main
iucode-tool 1.5.1-1ubuntu0.1 in xenial i386: restricted/utils/optional/100% -> main
3 publications overridden.
Override component to main
iucode-tool 1.5.1-1ubuntu0.1 in xenial: restricted/utils -> main
iucode-tool 1.5.1-1ubuntu0.1 in xenial amd64: restricted/utils/optional/100% -> main
iucode-tool 1.5.1-1ubuntu0.1 in xenial i386: restricted/utils/optional/100% -> main
3 publications overridden.
Override component to main
iucode-tool 1.0.1-1 in trusty: multiverse/utils -> main
iucode-tool 1.0.1-1 in trusty amd64: multiverse/utils/optional/100% -> main
iucode-tool 1.0.1-1 in trusty i386: multiverse/utils/optional/100% -> main
3 publications overridden.

Changed in iucode-tool (Ubuntu):
status: In Progress → Fix Released
Francis Ginther (fginther)
tags: added: id-5a20305cc21096d164992af9
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

FYI
There was a request on IRC to also promote firmware-sof
Moving that here to have an auditable trail why things were changed - also I guess we'd want to have an explicit ack by the kernel team that this is the very same case.

From #ubuntu-release
[11:53] <luis220413> ubuntu-archive: Please move the firmware-sof source package to main to be consistent with linux-firmware. See bug
[11:53] <luis220413> See bug 1738272

Even if all other special firmware cases apply this still would need an owning team.
http://reqorts.qa.ubuntu.com/reports/m-r-package-team-mapping.html lists kernel-packages as the owner, so that aspect should be fine indeed.

@Kernel Team - or most likely @apw - do you agree and want this promoted as maintained by the kernel team?

@Luis:
This isn't listed in https://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.html so there would need to be a dependency or seed change to hold it in main.
Do you know (if not coordinate with the kernel team please) where this will be done before being promoted? [Without that it would again fall out of main in the next few hours after promotion]

Changed in firmware-sof (Ubuntu):
status: New → Incomplete
assignee: nobody → Andy Whitcroft (apw)
Revision history for this message
Luís Infante da Câmara (luis220413) wrote :

The dependency change is already done: linux-firmware recommends firmware-sof-signed, that is built by the firmware-sof source package. Please promote the firmware-sof source package (currently in restricted) to main.

Revision history for this message
Steve Langasek (vorlon) wrote :

yes, component-mismatches doesn't report on main/restricted or universe/multiverse mismatches.

It sounds like we are still waiting for kernel team ack for owning the package?

Revision history for this message
Luís Infante da Câmara (luis220413) wrote (last edit ):

The Kernel Packages team already owns the firmware-sof package. Ubuntu Package Archive Administrators, please promote the package to the main component in Ubuntu 22.04 and Kinetic.

Changed in firmware-sof (Ubuntu):
status: Incomplete → New
Revision history for this message
Jeremy Bícha (jbicha) wrote :

By the way, Debian created a new component, non-free-firmware, last month. I don't believe any Debian packages have switched to it yet. Based on this bug history, I'm guessing we'd want to automatically import those packages to universe then (or main where we want it part of our Canonical-supported set).

Revision history for this message
Steve Langasek (vorlon) wrote :

Override component to main
firmware-sof 2.1.1-1ubuntu1 in kinetic: restricted/misc -> main
firmware-sof-signed 2.1.1-1ubuntu1 in kinetic amd64: restricted/kernel/optional/100% -> main
firmware-sof-signed 2.1.1-1ubuntu1 in kinetic arm64: restricted/kernel/optional/100% -> main
firmware-sof-signed 2.1.1-1ubuntu1 in kinetic armhf: restricted/kernel/optional/100% -> main
firmware-sof-signed 2.1.1-1ubuntu1 in kinetic i386: restricted/kernel/optional/100% -> main
firmware-sof-signed 2.1.1-1ubuntu1 in kinetic ppc64el: restricted/kernel/optional/100% -> main
firmware-sof-signed 2.1.1-1ubuntu1 in kinetic riscv64: restricted/kernel/optional/100% -> main
firmware-sof-signed 2.1.1-1ubuntu1 in kinetic s390x: restricted/kernel/optional/100% -> main
8 publications overridden.

Changed in firmware-sof (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.