Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

overlay sys-kernel/coreos-firmware: update to 20230625_p20230724 for flatcar-3665 #1039

Merged
merged 2 commits into from
Aug 3, 2023
Merged

overlay sys-kernel/coreos-firmware: update to 20230625_p20230724 for flatcar-3665 #1039

merged 2 commits into from
Aug 3, 2023

Conversation

dongsupark
Copy link
Member

@dongsupark dongsupark commented Aug 1, 2023
edited
Loading

Update sys-kernel/coreos-firmware to 20230625_p20230724, mainly to address CVE-2023-20593.

Based on Gentoo commit 6390ce05738e.

Fix issue of dealing with snapshot directory to avoid build failure.

See also flatcar/Flatcar#1134.

Backporting branches:

Testing done

  • Changelog entries added in the respective changelog/ directory (user-facing change, bug fix, security fix, update)
  • Inspected CI output for image differences: /boot and /usr size, packages, list files for any missing binaries, kernel modules, config files, kernel modules, etc.

@dongsupark
overlay sys-kernel/coreos-firmware: update to 20230625_p20230724
b00964f 
Update coreos-firmware to 20230625_p20230724, mainly to address
CVE-2023-20593.

Gentoo ref: 6390ce05738eac80fc06663a73ca6b22fdaee8d1

Fix issue of dealing with snapshot directory to avoid build failure.
@dongsupark
changelog: add security changelog for linux-firmware 20230625_p20230724
d13ff90
@dongsupark dongsupark temporarily deployed to development August 1, 2023 13:42 — with GitHub Actions Inactive
@dongsupark dongsupark changed the title overlay sys-kernel/coreos-firmware: update to 20230625_p20230724 overlay sys-kernel/coreos-firmware: update to 20230625_p20230724 for flatcar-3665 Aug 1, 2023
@dongsupark dongsupark marked this pull request as ready for review August 2, 2023 12:45
@dongsupark
Copy link
Member Author

Due to slightly different situations of maintenance branches, I had to create all 4 branches to run CI respectively.

Backporting branches:

Jenkins CI:

@github-actions
Copy link

github-actions bot commented Aug 2, 2023
edited
Loading

Build action triggered: https://github.com/flatcar/scripts/actions/runs/5750824634

@dongsupark
Copy link
Member Author

CI passed

@dongsupark dongsupark requested a review from a team August 3, 2023 08:25
pothos
pothos reviewed Aug 3, 2023
View reviewed changes
...er/src/third_party/coreos-overlay/sys-kernel/coreos-firmware/coreos-firmware-99999999.ebuild
@@ -67,6 +68,11 @@ src_unpack() {
git-r3_src_unpack
else
default
# rename directory from git snapshot tarball
if [[ ${#MY_COMMIT} -gt 8 ]]; then
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't understand why this condition is as it is and not, e.g., -gt 0

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not sure.
I just want to keep it as similar as possible to Gentoo.
https://gitweb.gentoo.org/repo/gentoo.git/tree/sys-kernel/linux-firmware/linux-firmware-20230625_p20230724.ebuild#n92

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The only thing that strikes me as odd is that GIT_COMMIT does not show up anywhere else. There's MY_COMMIT, but not GIT_COMMIT. Maybe a bug in the ebuild?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The only thing that strikes me as odd is that GIT_COMMIT does not show up anywhere else. There's MY_COMMIT, but not GIT_COMMIT.

Right. I was wondering about that yesterday. 🤷

@dongsupark dongsupark merged commit 128c626 into flatcar-3665 Aug 3, 2023
5 of 7 checks passed
@dongsupark dongsupark deleted the dongsu/firmware-20230625_p20230724-3665 branch August 3, 2023 12:35
@dongsupark
Copy link
Member Author

Applied to flatcar-3033, flatcar-3510, flatcar-3602.

@github-actions github-actions bot mentioned this pull request Nov 10, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@krnowak krnowak krnowak left review comments

@pothos pothos pothos approved these changes

Assignees
No one assigned
Labels
alpha beta flatcar-3033 flatcar-3510 flatcar-3602 flatcar-3665 lts stable
Projects
None yet
Milestone
No milestone
3 participants
@dongsupark @krnowak @pothos