From: Alexandre Oliva <lxoliva@fsfla.org>
To: Mark H Weaver <mhw@netris.org>
Cc: guix-devel@gnu.org, Jason Self <jason@bluehome.net>
Subject: Re: Linux-libre 5.8 and beyond
Date: Mon, 24 Aug 2020 00:58:10 -0300 [thread overview]
Message-ID: <or1rjwae5p.fsf@livre.home> (raw)
In-Reply-To: <875z9kv41h.fsf@netris.org> (Mark H. Weaver's message of "Sat, 15 Aug 2020 02:03:27 -0400")
On Aug 15, 2020, Mark H Weaver <mhw@netris.org> wrote:
> Alexandre Oliva <lxoliva@fsfla.org> wrote:
>> On Aug 12, 2020, Mark H Weaver <mhw@netris.org> wrote:
>>
>>>>> It may be useful for users with newer hardware devices, which are
>>>>> not yet well supported by the latest stable release, to use an
>>>>> arbitrary commit from either Linus' mainline git repository or some
>>>>> other subsystem tree.
>>>>
>>>> The cleaning up scripts are version-specific and won't work on an
>>>> "arbitrary commit from Linus's mainline git repository" (i.e., someone
>>>> wanting to get today's most recent commit going into 5.9.) The scripts
>>>> would fall over and die in such a scenario,
>>
>>> Okay, perhaps this was wishful thinking on my part.
>>
>> Yup. If you ran a deblob-check in verify mode on the resulting
>> tarballs, you'd see how error-prone this is. You'd at least stop
>> non-Free code from silently sneaking in and finding its way into running
>> on users' machines. That's the *least* someone who runs the
>> deblob-scripts on their own should do to smoke-test the result WRT
>> *known* freedom issues.
> What is this "verify mode" that you're referring to, and where is it
> documented?
I'm talking about the --list-blobs (default) option of deblob-check,
that tests whether an input file (source file, patch file, or tarball)
contains any suspicious patterns. Running deblob-check with --help
prints a significant amount of documentation, though it is mostly aimed
at the internal purposes that the scripts serve.
The cleaning up scripts are not really meant to be blindly used by third
parties to clean up anything but releases they're associated with;
they're provided for documentation and transparency purposes, but
they're not even something whose existence you should count on. E.g.,
once we realize the long-term vision of having a git repo with the
entire history, manually cleaned-up, there won't be a script to clean
things up any more, though there will surely still be something to help
us identify anything that needs cleaning up.
> The word "verify" does not occur in either of the deblob
> scripts that I know about
That's what the 'check' in deblob-check stands for. Originally, it
would only scan for blobs. Later on, it was extended with other actions
for use in cleaning up.
> I don't see anything like a verification mode mentioned
> in the options documented at the top of those two scripts.
Indeed, deblob-<VERSION>, which is what you use, and deblob-check, as
used by it, do not perform any verification whatsoever. They're not
meant to. They automate and document what we intend to clean up. The
verifications are steps we take once we have a candidate release, that
well us whether or not it's fit for release. If it isn't, we adjust the
scripts and start over.
You'd have to run deblob-check linux-libre-<VERSION>-guix.tar on the
cleaned up tarball to check that none of the suspicious patterns known
by deblob-check have survived in the resulting tarball. It would have
caught the errors that Vagrant hit the other day, and it would have
reported the deblobbing errors you'd have got this week had you not
waited for the updated scripts.
Running this script in -B or -C modes is part of our development process
for new releases, and it is also one of our safety nets to stop us from
releasing non-Free Software: we run it for every release before putting
it out.
> For the record, it was not my intent to skip any automated checking
> provided by these scripts.
I understand it was not your intent, but using the scripts in
environments it wasn't tested, with upstream releases or commits it
wasn't meant for, the expectation that it will do the job you wish
without any of the verification steps we perform is misplaced.
> If we're running the scripts in a suboptimal
> way, please tell me a better way.
> FYI, right now we're simply running the main 'deblob-<VERSION>' script
> with no arguments in the unpacked Linux source directory, with the
> corresponding 'deblob-check' script in $PATH and $PYTHON pointing to
> python 2.x. If 'deblob-<VERSION>' exits abnormally or with a non-zero
> result, the Guix build process fails.
> Last I checked, 'deblob-check' was certainly being run by
> 'deblob-<VERSION>' as a subprocess, because I had to make several
> substitutions of hard-coded paths before it would work in Guix
> (e.g. /bin/sed and /usr/bin/python).
The expected use of the scripts, for people who wish to verify that our
releases have been cleaned up as specified in the scripts, is to do just
what you do, and then compare the resulting source tree with that of our
release. If they match, you know we haven't sneaked in any unintended
changes. If they don't, something went wrong on either end.
Given our amount of experience and automation in the release and
verification processes, that scan the resulting source tree and also
compare the changes with those made by an earlier known good recent
release, a platform-specific bug in the underlying tools, an unexpected
change to regexp engines (as in some recent version of python3), the use
of mismatched scripts are more likely sources of differences than our
failing to notice an unexpected change on our ends.
Now, if you wanted to use the scripts for purposes other than
verification, e.g., to clean up releases before we check them, or even
after we put them out but without any attempt to verify that the result
you get is indeed what we put out, you should take responsibility for
verifying the releases at least as much as we do, otherwise any freedom
issues arising from your not catching a problem we would have caught
would unfairly reflect negatively on our project.
--
Alexandre Oliva, happy hacker
https://FSFLA.org/blogs/lxo/
Free Software Activist
GNU Toolchain Engineer
next prev parent reply other threads:[~2020-08-24 3:58 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-09 20:15 Linux-libre 5.8 and beyond Jason Self
2020-08-13 0:39 ` Mark H Weaver
2020-08-13 16:47 ` Linux-libre git repository Vagrant Cascadian
2020-08-14 0:03 ` Jason Self
2020-08-14 14:03 ` Danny Milosavljevic
2020-08-14 13:47 ` Linux-libre 5.8 and beyond Alexandre Oliva
2020-08-15 6:03 ` Mark H Weaver
2020-08-16 1:24 ` Mark H Weaver
2020-08-16 12:43 ` Jason Self
2020-08-16 10:54 ` Jason Self
2020-08-24 3:45 ` Alexandre Oliva
2020-08-25 4:14 ` Mark H Weaver
2020-08-25 11:12 ` Alexandre Oliva
2020-08-24 3:58 ` Alexandre Oliva [this message]
2020-08-24 4:12 ` Alexandre Oliva
2020-08-24 4:34 ` Alexandre Oliva
2020-08-24 4:42 ` Alexandre Oliva
-- strict thread matches above, loose matches on Subject: below --
2020-08-11 4:07 Mark H Weaver
2020-08-08 20:57 Vagrant Cascadian
2020-08-09 0:02 ` Mark H Weaver
2020-08-09 3:30 ` Mark H Weaver
2020-08-09 3:43 ` Vagrant Cascadian
2020-08-09 18:09 ` Vagrant Cascadian
2020-08-09 22:17 ` Mark H Weaver
2020-08-10 22:39 ` Bengt Richter
2020-08-11 2:37 ` Tobias Geerinckx-Rice
2020-08-09 18:49 ` Leo Famulari
2020-08-25 21:01 ` Leo Famulari
2020-08-26 3:17 ` Leo Famulari
2020-08-26 15:41 ` Katherine Cox-Buday
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=or1rjwae5p.fsf@livre.home \
--to=lxoliva@fsfla.org \
--cc=guix-devel@gnu.org \
--cc=jason@bluehome.net \
--cc=mhw@netris.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.