Feature #15309

Upgrade to Linux 4.15

Added by intrigeri 2018-02-13 12:06:08 . Updated 2018-03-14 11:09:25 .

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Hardware support
Target version:
Start date:
2018-02-13
Due date:
% Done:

100%

Feature Branch:
feature/15309-linux-4.15
Type of work:
Code
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description


Subtasks


Related issues

Blocks Tails - Feature #15000: Ensure we benefit from new security features in Linux 4.14 Resolved 2017-11-25
Blocked by Tails - Bug #15270: devel branch FTBFS since torbrowser-launcher 0.2.9 entered sid Resolved 2018-01-30
Blocks Tails - Feature #15329: Ensure we benefit from security features introduced in Linux 4.15 Resolved 2018-02-19

History

#1 Updated by intrigeri 2018-02-13 12:06:18

  • blocks Feature #15000: Ensure we benefit from new security features in Linux 4.14 added

#2 Updated by intrigeri 2018-02-13 12:07:23

There’s a chance it gets uploaded to sid in time for 3.6~rc1.

#3 Updated by intrigeri 2018-02-18 06:33:05

carnil said he may upload linux 4.15.4-1 to sid today. I’ll check what’s going on on the aufs-dkms side.

#4 Updated by intrigeri 2018-02-18 06:47:45

aufs-dkms is not ready for 4.15, reported https://bugs.debian.org/890733 to track this problem.

#5 Updated by intrigeri 2018-02-18 12:10:15

intrigeri wrote:
> aufs-dkms is not ready for 4.15, reported https://bugs.debian.org/890733 to track this problem.

Worst case we can always switch back to the upstream aufs (first step: revert commit:31a272ad21c0bec2dec126fbe17eaf64c1124bb7).

#6 Updated by intrigeri 2018-02-19 08:48:32

  • Status changed from Confirmed to In Progress
  • % Done changed from 0 to 10
  • Feature Branch set to feature/15309-linux-4.15
  • Type of work changed from Wait to Code

intrigeri wrote:
> Worst case we can always switch back to the upstream aufs (first step: revert commit:31a272ad21c0bec2dec126fbe17eaf64c1124bb7).

I did that in order to cut corners and learn about any 4.15 regression ASAP. Depending on whether the Debian maintainer for aufs is fast enough for our needs or not (I’ve proposed my help) we can either use the DKMS module or keep my implementation.

#7 Updated by intrigeri 2018-02-19 09:07:57

  • blocked by Bug #15270: devel branch FTBFS since torbrowser-launcher 0.2.9 entered sid added

#8 Updated by intrigeri 2018-02-19 12:24:05

  • Assignee changed from intrigeri to bertagaz
  • % Done changed from 10 to 50
  • QA Check set to Ready for QA

The first full test suite run on my local Jenkins passed except “Scenario: The shipped Tails OpenPGP keys are up-to-date” (Bug #15318). So let’s review and merge this!

If aufs-dkms is updated for Linux 4.15 in a timely manner I’ll probably propose to revert back to it but it would seem unreasonable to block on this given the past history.

#9 Updated by intrigeri 2018-02-19 12:31:29

  • blocks Feature #15329: Ensure we benefit from security features introduced in Linux 4.15 added

#10 Updated by intrigeri 2018-02-19 21:07:26

  • Assignee changed from bertagaz to intrigeri
  • QA Check changed from Ready for QA to Dev Needed

Conflicts with current devel since I’ve merged Bug #14818. I’ll resolve the conflict tomorrow.

#11 Updated by intrigeri 2018-02-20 07:34:44

intrigeri wrote:
> I’ll resolve the conflict tomorrow.

Done & pushed, now building and testing.

#12 Updated by intrigeri 2018-02-20 11:42:15

  • Assignee changed from intrigeri to bertagaz
  • QA Check changed from Dev Needed to Ready for QA

Full test suite passed on first try!

#13 Updated by bertagaz 2018-02-21 13:02:30

  • % Done changed from 50 to 90
  • QA Check changed from Ready for QA to Pass

Passes the automated test suite locally and without particular troubles in Jenkins, so I’m all to merge it. I’ll wait for Jenkins to finish its last build of it before doing so.

#14 Updated by intrigeri 2018-02-21 13:17:54

FYI there’ll probably be a follow-up branch for https://tracker.debian.org/news/934871 but I don’t think we should block on that: the more testing we get on 4.15, the better, regardless of how exactly aufs.ko is built.

#15 Updated by bertagaz 2018-02-21 13:25:40

intrigeri wrote:
> FYI there’ll probably be a follow-up branch for https://tracker.debian.org/news/934871 but I don’t think we should block on that: the more testing we get on 4.15, the better, regardless of how exactly aufs.ko is built.

Ack, great. I’ve merged the branch already. Let’s keep this ticket open then, until we get the updated aufs package in.

#16 Updated by bertagaz 2018-02-21 14:58:57

  • Status changed from In Progress to Fix committed
  • % Done changed from 90 to 100

Applied in changeset commit:846670875c54d03bfed29eacd40c97f7151cba70.

#17 Updated by intrigeri 2018-02-21 16:06:10

> Ack, great. I’ve merged the branch already.

Thanks!

> Let’s keep this ticket open then, until we get the updated aufs package in.

I prefer to track this on Feature #15339 because IMO it’s not a blocker for “Upgrade to Linux 4.15” and it’s acceptable to release with the code that was merged already.

#18 Updated by bertagaz 2018-02-21 16:23:26

  • Assignee deleted (bertagaz)

intrigeri wrote:
> > Let’s keep this ticket open then, until we get the updated aufs package in.
>
> I prefer to track this on Feature #15339 because IMO it’s not a blocker for “Upgrade to Linux 4.15” and it’s acceptable to release with the code that was merged already.

Ok, closing this one for real then.

#19 Updated by bertagaz 2018-03-14 11:09:25

  • Status changed from Fix committed to Resolved