Re: a kernel plan for sarge and beyond ...
On Thu, 24 Mar 2005 13:32:43 -0500, Joey Hess wrote:
> Otavio Salvador wrote:
>> || On Thu, 24 Mar 2005 12:05:05 -0500
>> || Joey Hess <firstname.lastname@example.org> wrote:
>> jh> Andres Salomon wrote:
>> >> Cons:
>> jh> - Does not address issues with d-i udebs and abi changes at all.
>> jh> - It becomes impossible to include third-party modules in d-i, since we
>> jh> have no precompiled modules for them anymore.
>> I think the udebs won't be build from kernel-source directly. The
>> udebs should be build using the kernel-wedge like now. But it can be
>> all did together and will be faster then the current way.
> Suppose that sarge releases and you buy a copy of the official sarge
> businesscard CD image for your wallet. Or you burn a set of floppies.
> Now a security fix comes out, the kernel ABI is changed, and you try to
> install using your old official sarge installation media. At this point,
> with or without Andres's plan, you'll get a message that the installer
> was unable to find any kernel module udebs matching it kernel on the
> debian mirror.
> Although, with Andres's plan, we don't even track ABIs anymore, so
> perhaps the installer won't even be able to tell that the new udebs will
> not work with it, and will just fail horribly later on instead of
> displaying the error message.
Right. My suggestion doesn't address d-i issues. We have two
options, it seems; the modules that are downloaded from a debian mirror
can either be versioned to support multiple ABIs (either by package name,
or by including multiple versions of modules in the package), or by
downloading module source along w/ a compiler, and building them during
install. Steve expressed concern about doing something like that (for
obvious reasons); however, something to consider is using tcc for building
modules. I have not tried it yet, but one of its touted features is its
ability to compile a kernel in 10 seconds on a 2.4ghz p4. The i386
package appears to be about 100k. I'm not sure if it's been ported to
!i386. More research into that would need to be done, if the d-i folks
found that to be an acceptable solution.
I really don't see any other options available to us, as long as we're
requiring d-i images to download kernel modules from a mirror.