microcode packages, like firmware packages, should be in main
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
firmware-sof (Ubuntu) |
Fix Released
|
Undecided
|
Andy Whitcroft | ||
intel-microcode (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
iucode-tool (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
The MIR for intel-microcode and iucode-tool in LP: #1388889 requested that these packages be shipped in restricted.
The iucode-tool package is free software, and is shipped in restricted only because of the circular recommends with intel-microcode.
The intel-microcode package contains non-free software (free redistribution, but no source code). However, this code is not part of the OS; it runs /under/ the OS on the CPU, and is analogous to linux-firmware, which we do include in main.
The question of suitability for restricted vs. main in Ubuntu was not examined as part of the previous MIR, and the security team signed off on it for "restricted or main as appropriate"; so I think the decision to put it in restricted was not based on a thorough examination of the facts by an archive admin, and does not represent a precedent that needs to be examined further.
I believe that these two packages should be promoted to main for consistency.
Changed in intel-microcode (Ubuntu): | |
status: | New → In Progress |
Changed in iucode-tool (Ubuntu): | |
status: | New → In Progress |
tags: | added: id-5a20305cc21096d164992af9 |
/me concurs, the contents of intel-microcode is very analogous to that of linux-firmware, wherein the contents are freely redistributable but may not actually come in source form. It seems entirely reasonable to treat intel-microcode and linux-firmware in a similar manner including component. iucode-tool would follow naturally.
This should also be put on the list of packages which should routinely be kept in sync in -security as -updates.