------ src:vulkan (Bionic) ------
[Summary]
TODO: MIR team ACK, pending some requested changes (see below) and security
review.
The legacy src:vulkan package is quite big and contains embedded sources. It is
of much bigger scope than the vulkan-tools and vulkan-loader packages there
were split out of it in newer series. Any required changes would need to be
SRUed into Bionic first. I wonder if this is really worth the effort to get it
MIRed? I'd also like to ask for a security review with special regard to the
embedded sources, as those have not been covered by the newer vulkan-loader MIR
(LP: #1742711).
This does need a security review, so I'll assign ubuntu-security
List of specific binary packages to be promoted to main: vulkan-utils,
libvulkan1 (libvulkan-dev can be excluded)
Notes:
The src:vulkan MIR in Bionic basically combines the MIRs of src:vulkan-loader
(libvulkan1) and src:vulkan-tools (vulkan-utils) that are already (being)
accepted in newer series. Therefore, it is pretty similar to the "vulkan-tools"
MIR above and the "vulkan-loader" MIR in LP: #1742711, but due to embedded
sources it is of much bigger scope.
Required TODOs:
* get rid of the embedded sources (or take maintenance of those, in
coordination with the security team)
* make use of the integrated test suite, so that it fails the build if any
tests fails
* keep track of symbol names & changes in a debian/libvulkan1.symbols file
Recommended TODOs:
* Add a team bug subscriber
* add autopkgtests
* fix lintian errors
* fix some build warnings
[Duplication]
* There is no other package in main providing the same functionality.
[Dependencies]
OK:
* no other Dependencies to MIR due to this (quilt is only a build-dep)
* No dependencies in main that are only superficially tested requiring more
tests now?
[Embedded sources and static linking]
OK:
* no static linking (some static linking in loader/ and external/glsl is only
used for Windows builds)
Problems:
* embedded glslang, spirv-{tools,headers}, hlsl, glm and vkjson sources
[Security]
OK:
* history of CVEs does not look concerning
* does not run a daemon as root
* does not use webkit1,2
* does not use lib*v8 directly
* does not parse data formats
* does not open a port
* does not process arbitrary web content
* does not use centralized online accounts
* does not integrate arbitrary javascript into the desktop
* does not deal with system authentication (eg, pam), etc)
[Common blockers]
OK:
* does not FTBFS currently
* no translation present, but none needed for this case (user visible)?
* not a python/go package, no extra constraints to consider in that regard
Problems:
* does have a test suite, but that doesn't seem to run during build
* no autopkgtest
[Packaging red flags]
OK:
* Ubuntu does not carry a delta (but might need one to carry the proposed
changes)
* d/watch is present and looks ok (if needed, e.g. non-native)
* the current release is packaged (almost, lacking 1 release behind, afterwards
the package was split into vulkan-loader and vulkan-tools)
* Upstream update history is good
* Debian/Ubuntu update history is slow (but acceptable)
* promoting this does not seem to cause issues for MOTUs that so far maintained
the package
* d/rules is rather clean
* Does not have Built-Using
* is not on the lto-disabled list (LTO hasn't been a thing for Bionic)
Recommendation:
* fix lintian errors (those only affect libvulkan-dev, that we do not want to
promote):
+ E: libvulkan-dev: missing-dependency-on-libc needed by
usr/lib/x86_64-linux-gnu/libVkLayer_core_validation.so and 5 others (missing
${shlibs:Depends}?)
+ E: libvulkan-dev: package-must-activate-ldconfig-trigger
usr/lib/x86_64-linux-gnu/libVkLayer_utils.so
Problems:
* symbols tracking is NOT in place
[Upstream red flags]
OK:
* no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH (usage is OK inside tests)
* no use of user nobody
* no use of setuid
* no important open bugs (crashers, etc) in Debian or Ubuntu
* no dependency on webkit, qtwebkit, seed or libgoa-*
* not part of the UI for extra checks
Recommended:
* There is some fishy usage of malloc (passing the argument count into malloc)
in cube.c and cube.cpp inside the "WinMain" function, but this seems to be
unused inside the linux build.
* attempt to fix external/glslang build warnings
+ glslang/MachineIndependent/attribute.cpp:85:16: warning: comparison between
signed and unsigned integer expressions [-Wsign-compare]
+ SPIRV/GlslangToSpv.cpp:780:38: warning: comparison between signed and
unsigned integer expressions [-Wsign-compare]
* attempt to fix vulkan build warnings:
+ layers/vk_layer_logging.h:1029:13: warning: ‘void
InsertCmdDebugUtilsLabel(debug_report_data*, VkCommandBuffer, const
VkDebugUtilsLabelEXT*)’ defined but not used [-Wunused-function]
+ layers/vk_layer_logging.h:1013:13: warning: ‘void
EndCmdDebugUtilsLabel(debug_report_data*, VkCommandBuffer)’ defined but not
used [-Wunused-function]
+ layers/vk_layer_logging.h:991:13: warning: ‘void
BeginCmdDebugUtilsLabel(debug_report_data*, VkCommandBuffer, const
VkDebugUtilsLabelEXT*)’ defined but not used [-Wunused-function]
+ layers/vk_layer_logging.h:968:13: warning: ‘void
InsertQueueDebugUtilsLabel(debug_report_data*, VkQueue, const
VkDebugUtilsLabelEXT*)’ defined but not used [-Wunused-function]
+ layers/vk_layer_logging.h:952:13: warning: ‘void
EndQueueDebugUtilsLabel(debug_report_data*, VkQueue)’ defined but not used
[-Wunused-function]
+ layers/vk_layer_logging.h:931:13: warning: ‘void
BeginQueueDebugUtilsLabel(debug_report_data*, VkQueue, const
VkDebugUtilsLabelEXT*)’ defined but not used [-Wunused-function]
+ layers/vk_layer_logging.h:749:13: warning: ‘void
layer_disable_tmp_debug_messengers(debug_report_data*, uint32_t,
VkDebugUtilsMessengerEXT_T**)’ defined but not used [-Wunused-function]
+ layers/vk_layer_logging.h:732:17: warning: ‘VkResult
layer_enable_tmp_debug_messengers(debug_report_data*, uint32_t,
VkDebugUtilsMessengerCreateInfoEXT*, VkDebugUtilsMessengerEXT_T**)’ defined but
not used [-Wunused-function]
+ layers/vk_layer_logging.h:725:13: warning: ‘void
layer_free_tmp_debug_messengers(VkDebugUtilsMessengerCreateInfoEXT*,
VkDebugUtilsMessengerEXT_T**)’ defined but not used [-Wunused-function]
+ layers/vk_layer_logging.h:679:17: warning: ‘VkResult
layer_copy_tmp_debug_messengers(const void*, uint32_t*,
VkDebugUtilsMessengerCreateInfoEXT**, VkDebugUtilsMessengerEXT_T***)’ defined
but not used [-Wunused-function]
+ build/vk_object_types.h:294:35: warning: ‘VkDebugReportObjectTypeEXT
convertCoreObjectToDebugReportObject(VkObjectType)’ defined but not used
[-Wunused-function]
+ loader/debug_utils.c:524:17: warning: ‘severity’ may be used uninitialized
in this function [-Wmaybe-uninitialized]
** Changed in: vulkan-tools (Ubuntu)
Status: New => Incomplete
** Changed in: vulkan (Ubuntu Bionic)
Status: New => Incomplete
** Changed in: vulkan (Ubuntu Bionic)
Assignee: (unassigned) => Lukas Märdian (slyon)
** Also affects: vulkan (Ubuntu Jammy)
Importance: Undecided
Status: Invalid
** Also affects: vulkan-tools (Ubuntu Jammy)
Importance: Undecided
Assignee: Lukas Märdian (slyon)
Status: Incomplete
** Also affects: vulkan (Ubuntu Impish)
Importance: Undecided
Status: New
** Also affects: vulkan-tools (Ubuntu Impish)
Importance: Undecided
Status: New
** No longer affects: vulkan (Ubuntu Impish)
** No longer affects: vulkan (Ubuntu Jammy)
** Changed in: vulkan (Ubuntu Bionic)
Assignee: Lukas Märdian (slyon) => Ubuntu Security Team (ubuntu-security)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1946359
Title:
[MIR] vulkan-tools
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/vulkan/+bug/1946359/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
