Ubuntu
fwupd-efi package

[MIR] fwupd-efi

Bug #1956768 reported by Mario Limonciello
16
This bug affects 2 people
Affects Status Importance Assigned to Milestone
OEM Priority Project
Fix Released
High
Yuan-Chen Cheng
fwupd-efi (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

fwupd was split into fwupd and fwupd-efi as part of bug 1955386, however the fwupd-efi package is in universe. As the previous fwupd package was already in main, the fwupd-efi source package that stemmed from it should also be brought into main.

Both fwupd-signed and fwupd have a Recommends on fwupd-unsigned, which is provided by the fwupd-efi source package.

[Availability]
The package fwupd-efi/source, fwupd-signed/amd64, fwupd-unsigned/amd64, is already in Ubuntu universe.
It currently builds and works for architectures: amd64
https://bugs.launchpad.net/ubuntu/+source/fwupd-efi

[Rationale]
fwupd is a utility that upgrades bios and lots of firmware of HW components so that they got the last fix from HW vendor.

It has already existed in main for quite a long time. The only reason we
need MIR is the source code split to kind of de-couple the efi
and user-space utility.

[Security]
Given this is a source code split, the security-related issue should have
be properly handled previously.

[Quality assurance - function/usage]
Same as above. If you need further detail on a certain point, please kindly state your request.

[Quality assurance - maintenance]
Same as above. If you need further detail on a certain point, please kindly state your request.

[Quality assurance - testing]
Given this is an EFI app pkg, and it upgrades OS bios, it's not so trivial to test. We do have certain test steps in https://wiki.ubuntu.com/firmware-updates.

[Quality assurance - packaging]
fwupd-efi-1.1$ lintian --pedantic
E: fwupd-efi changes: bad-distribution-in-changes-file unstable
W: fwupd-amd64-signed-template: empty-binary-package
P: fwupd-efi source: silent-on-rules-requiring-root
P: fwupd-efi source: uses-debhelper-compat-file

[UI standards]
This is an EFI app, it provides text mode UI in English and no user interactivity.

[Dependencies]
$ apt-cache depends fwupd-signed
fwupd-signed
  Recommends: secureboot-db
  Recommends: fwupd-unsigned
  Recommends: fwupd

All it’s depends is in main after this MIR is done.

[Standards compliance]
All good per what I know.

[Maintenance/Owner]
It’s properly and actively maintained from upstream:

https://github.com/fwupd/fwupd
https://github.com/fwupd/fwupd-efi
https://fwupd.org/

[Background information]
Given this is a source code split re-MIR, I think it’s quite obvious.
Related links are provided above.

See original description
Tags: oem-priority
Yuan-Chen Cheng (ycheng-twn)
tags: added: oem-priority
Changed in oem-priority:
importance: Undecided → Critical
status: New → Confirmed
Revision history for this message
Yuan-Chen Cheng (ycheng-twn) wrote (last edit ):

MIR template paperwork is done from my POV, please review. ref: https://wiki.ubuntu.com/MainInclusionProcess

Changed in oem-priority:
assignee: nobody → Yuan-Chen Cheng (ycheng-twn)
Yuan-Chen Cheng (ycheng-twn)
description: updated
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Thanky Yuang-Chen,
I first thought "Uh this request is a bit scarce", but I agree since this is just a source split that should be fine.

Reference: Original MIR https://bugs.launchpad.net/ubuntu/+source/fwupd/+bug/1536871
Build logs:
https://launchpadlibrarian.net/578322379/buildlog_ubuntu-jammy-amd64.fwupd-efi_1%3A1.1-3_BUILDING.txt.gz
https://launchpadlibrarian.net/578829290/buildlog_ubuntu-jammy-amd64.fwupd_1.7.1-1ubuntu3_BUILDING.txt.gz

And yeah, this change was driven by upstream and the packaging follows their guidance, see:
https://github.com/fwupd/fwupd/releases/tag/1.6.0
https://github.com/fwupd/fwupd-efi#16x-and-newer
d/rules of fwupd correctly has `-Defi_binary=false `

The new Dependency is:
src:fwupd has bin:fwupd -> bin:fwupd-unsigned of src:fwupd-efi

We also see in component mismatches
https://people.canonical.com/~ubuntu-archive/component-mismatches.html
that it will also autopromote fwupd-unsigned-dev - that has just the pkgconfig and no other dependencies so that is safe (no action needed).

I checked the packages:
- some binaries moved: fwupd-*signed-template
- there are new binary packages fwupd-unsigned, fwupd-unsigned-dev.

Functionally that is ok, Source really just moved. The old `plugins/uefi-capsule/efi` is what became `efi/` in the new source package.

None of the hard show stoppers that we check for are violated, it really is just a package split.
d/rules is a bit complex, but that is common on low level code.

MIR team ack to promote binaries fwupd-unsigned + fwupd-unsigned-dev in Jammy.
Subscribing archive-admins.

Changed in fwupd-efi (Ubuntu):
status: New → Fix Committed
Revision history for this message
Yuan-Chen Cheng (ycheng-twn) wrote :

@Christian, thanks a lot!

Yuan-Chen Cheng (ycheng-twn)
Changed in oem-priority:
status: Confirmed → In Progress
Yuan-Chen Cheng (ycheng-twn)
Changed in oem-priority:
importance: Critical → High
Revision history for this message
Didier Roche-Tolomelli (didrocks) wrote :

Override component to main
fwupd-unsigned 1:1.1-3 in jammy amd64: universe/admin/optional/100% -> main
fwupd-unsigned 1:1.1-3 in jammy arm64: universe/admin/optional/100% -> main
fwupd-unsigned 1:1.1-3 in jammy armhf: universe/admin/optional/100% -> main
fwupd-unsigned-dev 1:1.1-3 in jammy amd64: universe/admin/optional/100% -> main
fwupd-unsigned-dev 1:1.1-3 in jammy arm64: universe/admin/optional/100% -> main
fwupd-unsigned-dev 1:1.1-3 in jammy armhf: universe/admin/optional/100% -> main
Override [y|N]? y
6 publications overridden.

Changed in fwupd-efi (Ubuntu):
status: Fix Committed → Fix Released
Yuan-Chen Cheng (ycheng-twn)
Changed in oem-priority:
status: In Progress → Fix Released
Revision history for this message
Sebastien Bacher (seb128) wrote :

sounds like fwupd-efi is still missing a team subscription from foundations and hasn't been promoted yet?

Changed in fwupd-efi (Ubuntu):
status: Fix Released → Fix Committed
Yuan-Chen Cheng (ycheng-twn)
Changed in oem-priority:
status: Fix Released → Triaged
Revision history for this message
Yuan-Chen Cheng (ycheng-twn) wrote :

@Seb, do you mean the foundation team subscription in https://launchpad.net/ubuntu/+source/fwupd-efi? It seems done now.

Yuan-Chen Cheng (ycheng-twn)
Changed in oem-priority:
status: Triaged → Fix Released
Revision history for this message
Łukasz Zemczak (sil2100) wrote :

Ok, let me promote all the binaries now. I think Christian's ACK still stands and the package now has foundations subscribed. Moving it to main for all the series.

Revision history for this message
Łukasz Zemczak (sil2100) wrote :

Done for jammy, impish and focal!

Changed in fwupd-efi (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.