1. 01 Oct, 2017 2 commits
  2. 30 Sep, 2017 1 commit
  3. 01 Sep, 2017 1 commit
  4. 16 Apr, 2017 1 commit
    • Ben Hutchings's avatar
      Move debug symbols back to the main archive · b4b1be4c
      Ben Hutchings authored
      dak currently allows a binary upload to include debug symbol packages
      that don't appear in the overrides file or the Binary field of the
      changes file, so long as they have the appropriate
      'Auto-Built-Package' field and their name matches another binary
      package in the upload plus the '-dbgsym' suffix.
      
      For architectures with code signing enabled, our binary uploads never
      match this condition as the corresponding binary package has the
      '-unsigned' suffix and the debug symbols package does not.  Since we
      do list the debug symbol packages in the Binary field, they do get
      added to the overrides file when accepted through the NEW queue, but
      they are automatically pruned from there some time later.  Later
      uploads then have to go through NEW even though they are not
      introducing new binary packages.  This would be a big problem for
      stable security updates.
      
      For now, move debug symbols back to the main archive with the old
      '-dbg' suffix.  Keep them enabled for all architectures.
      b4b1be4c
  5. 12 Jan, 2017 1 commit
  6. 07 Jan, 2017 1 commit
  7. 04 Dec, 2016 1 commit
  8. 01 Dec, 2016 1 commit
  9. 26 Sep, 2016 1 commit
  10. 14 Jul, 2016 1 commit
  11. 13 Jun, 2016 1 commit
    • Ben Hutchings's avatar
      debian/control: Fix build-dependencies for cross-building · 0aceb873
      Ben Hutchings authored
      The current cross-compiler packages don't set the Multi-Arch field, so
      specify that the cross-compiler package must be native, rather than any
      architecture.
      
      flex doesn't support multi-arch, and this would require splitting it
      (#611230, #761449).  Force use of the native package for now.
      
      openssl doesn't support multi-arch but probably easily could (#827028).
      Force use of the native package for now.
      
      We need the native libssl-dev while building the kernel itself and the
      host libssl-dev while building tools for linux-kbuild.
      
      Document the state of cross-building in README.source.
      0aceb873
  12. 10 Jun, 2016 2 commits
  13. 08 Jun, 2016 1 commit
  14. 06 Jun, 2016 2 commits
  15. 14 May, 2016 1 commit
  16. 04 Apr, 2016 1 commit
    • Ben Hutchings's avatar
      debian/config: Add config variable to control module signing in linux-signed · 516d9dac
      Ben Hutchings authored
      - Enable it by default
      - Disable it for armel/marvell since signature verification is not enabled.
      - Disable it for mips and mipsel so linux-signed can be uploaded without
        waiting for them to build
      - Disable it for all architectures not in the main archive, as linux-signed
        won't support them (at least, not initially).
      
      We don't need a variable to control signing of the image, because
      we should do that for all flavours that have CONFIG_EFI_STUB=y.
      516d9dac
  17. 20 Mar, 2016 3 commits
  18. 27 Jan, 2016 2 commits
  19. 13 Jan, 2016 1 commit
  20. 19 Dec, 2015 1 commit
    • Ben Hutchings's avatar
      Add config parameter to disable linux-headers-all packages · 8571d54a
      Ben Hutchings authored
      The linux-grsec source package needs a way to explicitly disable these
      binary packages which are already built by the linux source package.
      We already do that when there are no actual kernels for the target
      architecture.  Rename the FOREIGN_KERNEL make variable and combine the
      two conditions.
      
      Based on work by Yves-Alexis Perez.
      8571d54a
  21. 10 Dec, 2015 1 commit
    • Ben Hutchings's avatar
      Fix parallel builds of both arch and indep binaries · 02e867b6
      Ben Hutchings authored
      A parallel 'debian/rules build' will now invoke 'debian/rules.real
      build' twice in parallel, which is disastrous.
      
      - Add and use proper build-arch and build-indep targets in
        debian/rules.gen and debian/rules.real
      - Assign a separate temporary directory to each target in
        debian/rules.real.  Add the directories to .gitignore and
        the clean rule.
      - Pull installation of the lockdep wrapper (which is indep)
        up into debian/rules.real so that we don't end up building
        liblockdep twice in parallel.
      02e867b6
  22. 13 Nov, 2015 1 commit
  23. 12 Nov, 2015 4 commits
  24. 11 Nov, 2015 1 commit
  25. 10 Nov, 2015 1 commit
  26. 31 Oct, 2015 1 commit
  27. 14 Oct, 2015 1 commit
  28. 25 Sep, 2015 1 commit
  29. 29 Aug, 2015 1 commit
  30. 27 Apr, 2015 1 commit
    • Ben Hutchings's avatar
      Add security update versions to regex and distribution/version sanity checks · d0824f18
      Ben Hutchings authored
      Currently we don't allow versions like 3.16.7-ckt9-3~deb8u1~bpo7+1 in
      *-backports, but we should!  Add the security suffix as an option
      before the backports suffix.
      
      We also don't check that an upload to *-security or *-lts includes the
      expected suffix and nothing else.  Add a check for that.
      
      svn path=/dists/trunk/linux/; revision=22539
      d0824f18
  31. 15 Dec, 2014 1 commit