Results of backporting candidate investigation
After discussion, we identified the following areas as candidates for investigation, and assigned people to investigate them, as follows:
JamieBennett: Compare bootspeed between SoC kernels and mainline kernel (tricky due to architecture differences), and identify potential relative bottlenecks and expected improvements. Primary focus on linux-fsl-imx51 due to increased version skew
- asac: Review ALSA/ASoC stack changes and apparmor support to confirm compatibility of lucid userspace with linux-fsl-imx51 2.6.31 modules.
ogra: support JamieBennett and cooloney in their investigations
- cooloney: Review the contents of kernel/ubuntu, and backport anything of interest
- persia: Review bluetooth stack changes to confirm compatiblity of lucid userspace with linux-fsl-imx 2.6.31 modules.
Bootspeed comparison results
There are three ways to backport the current dev (2.6.32) version of apparmor to 2.6.31. Also note how you do it may depend on whether you are using upsteam 2.6.31 or karmic
First up the current Lucid (dev) version relies on a few patches backported from 2.6.33
commit fe542cf59bf0b31afe72b9e9749c0f6645419fa0 Author: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
- LSM: Move security_path_chmod()/security_path_chown() to after mutex_lock().
commit 89eda06837094ce9f34fae269b8773fcfd70f046 Author: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
- LSM: Add security_path_chmod() and security_path_chown().
commit 8b8efb44033c7e86b3dc76f825c693ec92ae30e9 Author: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
- LSM: Add security_path_chroot().
commit 6e65f92ff0d6f18580737321718d09035085a3fb Author: John Johansen <firstname.lastname@example.org>
- Config option to set a default LSM
The last one config default LSM, already exists in a previous form in Karmic
- commit b90e53cf442462dc5a5bc68932462287dbb824a0
if you are using karmic you have the option to use the Karmic version of the patch (one less change).
The other patches are only required if you choose to keep the path_chmod/chown changes in Lucid. Dropping thes loosens mediation but won't make you incompatible with Lucid profiles.
Beyond the 2.6.33 backport patches there is 1 change to the LSM ptrace routines that needs to be dealt with.
Assuming you will go with #2 but that requires waiting on me to update that tree, which ought happen within the next few days.
1. cherry-pick patches
- This is not recommended because the code has a lot of changes, many of which make cherry-picking just rewriting of patches that get backported.
2. Grabbing the set of changes from git and applying them to 2.6.31
- This keeps the original changes as close as possible but is more work than is needed. Some patches will have to be dropped and others modified. There is a tree where this is started this so there will be a backport but it needs to be updated. If you choose to go this route you can pull from this tree. If you are applying to Karmic there is a little more work as it uses the upstream default LSM patch. This will be a semi maintained upstream branch of AA (not an official release but there for distros who want to back port).
3. Grabbing the security/apparmor directory from Lucid
- If 2 didn't exist this would be the easiest. For both Karmic or upstream you have the choice of backporting the 2.6.33 chmod
chown patches, or dropping those fns from AppArmor (easy todo). I can even do the patch real quick (though I won't maintain it For upstream you need to backport the default LSM patch For Karmic you can use the current default LSM patch or replace with upstream version. For both, you need to reverse apply the devel ptrace patch. I'll lookup it up later as I am running out of time now
Investigate 2 patches for populate_rootfs: UBUNTU: SAUCE: Make populate_rootfs asynchronous a095de283d0219bb79630e88576c8490367dab7c UBUNTU: SAUCE: async_populate_rootfs: move rootfs init earlier 91f1e66d062ddde8fb4d6f5dae6d44e201916586
The backport git branch is based on latest Freescale BSP: http://kernel.ubuntu.com/git?p=roc/ubuntu-lucid.git;a=shortlog;h=refs/heads/backport
Kernel package for testing: http://people.canonical.com/~roc/kernel/populate_rootfs/
run following command will get all checking log of kernel/ubuntu from our latest lucid kernel master branch:
lucid$ git log --oneline ubuntu/
1. AppArmor (skip - AppArmor were moved out of ubuntu/ directory)
837c5e6 Revert "UBUNTU: ubuntu: AppArmor security module"
189c125 Revert "UBUNTU: AppArmor -- fix pstrace_may_access rename"
d3c2819 Revert "UBUNTU: SAUCE: AppArmor: Set error code after structure initialization."
7996f76 Revert "UBUNTU: SAUCE: AppArmor: Fix off by 2 error in getprocattr mem allocation"
fbe086d Revert "UBUNTU: SAUCE: AppArmor: Fix mediation of "deleted" paths"
8781988 Revert "UBUNTU: SAUCE: AppArmor: Policy load and replacement can fail to alloc mem"
d00604a Revert "UBUNTU: SAUCE: AppArmor: Fix oops after profile removal"
b1885cf Revert "UBUNTU: SAUCE: AppArmor: Fix Oops when in apparmor_bprm_set_creds"
3f05c11 Revert "UBUNTU: SAUCE: AppArmor: Fix cap audit_caching preemption disabling"
9456377 Revert "UBUNTU: SAUCE: AppArmor: Fix refcounting bug causing leak of creds"
42e4009 Revert "UBUNTU: SAUCE: AppArmor: Fix oops there is no tracer and doing unsafe transition."
d39b8cb UBUNTU: SAUCE: AppArmor: Fix oops there is no tracer and doing unsafe transition.
2dbf794 UBUNTU: SAUCE: AppArmor: Fix refcounting bug causing leak of creds
1ebff04 UBUNTU: SAUCE: AppArmor: Fix cap audit_caching preemption disabling
597f15d UBUNTU: SAUCE: AppArmor: Fix Oops when in apparmor_bprm_set_creds
9c2b5be UBUNTU: SAUCE: AppArmor: Fix oops after profile removal
e83bf17 UBUNTU: SAUCE: AppArmor: Policy load and replacement can fail to alloc mem
e1cc49b UBUNTU: SAUCE: AppArmor: Fix mediation of "deleted" paths
e5912bb UBUNTU: SAUCE: AppArmor: Fix off by 2 error in getprocattr mem allocation
9155311 UBUNTU: SAUCE: AppArmor: Set error code after structure initialization.
678cf3f UBUNTU: AppArmor -- fix pstrace_may_access rename
7d79d76 UBUNTU: ubuntu: AppArmor security module
2. X86 related modules
- onmibook (skip - x86 based machine)
0769331 UBUNTU: ubuntu: onmibook -- Added missing BOM file
d7d8a28 UBUNTU: ubuntu: omnibook -- support Toshiba (HP) netbooks
- fsam7400 (skip - x86 based machine)
b98ca00 UBUNTU: ubuntu: fsam7400 -- Cleanup Makefile
f52e1c6 UBUNTU: UBUNTU: ubuntu: fsam7400 -- kill switch for Fujitsu Siemens Amilo M 7400
aceacb2 Revert "UBUNTU: ubuntu: fsam7400 -- sw kill switch driver"
ba51b59 UBUNTU: ubuntu: fsam7400 -- sw kill switch driver
- lenovo-sl-laptop (skip - x86 based machine)
48d0119 UBUNTU: ubuntu: lenovo-sl-laptop -- git tip (b19a08f81f)
- rfkill (skip - x86 based rfkill driver)
20d9239 UBUNTU: ubuntu: rfkill drivers -- version 1.3
- ndiswrapper (skip - Wrapper for Windows NDIS network drivers for x86 machine)
f95818c UBUNTU: ubuntu: ndiswrapper -- version 1.55
3. Server modules
- iscsitarget (tbd)
70d6904 UBUNTU: ubuntu: iscsitarget --- version 1.4.19
9ad095b Revert "UBUNTU: ubuntu: iscsitarget -- SVN revision r214"
0c6c08c Revert "UBUNTU: [Config] ubuntu/iscsitarget -- disable"
ce00f22 UBUNTU: [Config] ubuntu/iscsitarget -- disable
b281ecd UBUNTU: ubuntu: iscsitarget -- SVN revision r214
- drbd (tbd)
8876e79 UBUNTU: ubuntu: drbd -- disable
1abaa38 UBUNTU: ubuntu: drbd -- version 8.3.1
- dm-raid45 (tbd)
9fcf519 UBUNTU: ubuntu: dm-raid-45 -- update to compile with 2.6.32
918d7b72 UBUNTU: ubuntu: dm-raid45 -- version 2009.04.24 (2.6.30-rc3)
4. Going to backport to 2.6.31 fsl kernel
3d4ec39 UBUNTU: [Upstream] lirc -- follow removal of .id element
a29de01 UBUNTU: SAUCE: Update to LIRC 0.8.6
e91a714 UBUNTU: ubuntu: LIRC -- version 0.8.5
ef12881 UBUNTU: ubuntu: compcache -- version 0.5.3
d3a3a7e UBUNTU: ubuntu: AUFS -- aufs2 20091209
4d9f97b Revert "UBUNTU: ubuntu: AUFS -- aufs2-30 20090727"
21c010d UBUNTU: ubuntu: AUFS -- aufs2-30 20090727
Author: Andy Whitcroft <email@example.com>
Date: Tue Dec 15 15:51:33 2009 +0000
- UBUNTU: include modules.builtin in the binary debs Now that the kernel is generating the list of builtin modules include this listing in the binary debs.
Signed-off-by: Andy Whitcroft <firstname.lastname@example.org>
Author: Andy Whitcroft <email@example.com>
Date: Tue Dec 15 15:46:36 2009 +0000
- kbuild: generate modules.builtin To make it easier for module-init-tools and scripts like mkinitrd to distinguish builtin and missing modules, install a modules.builtin file listing all builtin modules. This is done by generating an additional config file (tristate.conf) with tristate options set to uppercase 'Y' or 'M'. If we source that config file, the builtin modules appear in obj-Y. Conflicts:
Signed-off-by: Michal Marek <firstname.lastname@example.org>
Signed-off-by: Andy Whitcroft <email@example.com>
bluetooth stack changes
include/net/bluetooth has a bunch of changes, some of which look like they may make a difference
net/bluetooth matches this, and also appears to have lots of changes.
Right now, lucid has bluez 4.51, which matches karmic, so these shouldn't matter much. Upstream has released 4.59, which may end up in lucid, but most of the changelog entries claim to be bugfix (although upstream also says to always use the latest kernel drivers).
I don't think we need to take premptive action on this: we ought run through the stack at some point with a device, and make sure everything works. Yes, there's no BT hardware on the devices we're using, but we can be *sure* that OSG will end up working on a BT device that would benefit from us first making sure it worked.
drivers/bluetooth only includes a new Marvell BT driver, which shouldn't matter for Freescale (and Marvell will be 2.6.32 anyway), and a couple very minor optimisation changes, which do not appear to be important.