Steve McIntyre wrote:
> What would I choose to do? My personal preference would be to go with optiob
> 5:
> split the non-free firmware into a special new component and include that on
> official media.
I fully agree with that (as mentioned before when the discussion came up).
I also believe we can stick with building only the firmware-enriched variant
to reduce complexity in the image build/testing; if anyone is concerned
about the firmware packages tools like vrms can be extended to deal with that.
Having a totally separate archive section apart from non-free (which is not
covered by security support) also allows us to include that new section in
what's supported with security updates (to the extent that is possible with
closed blobs, for some firmware there's simply not enough actionable
information).
But for the cases where it was clear and warranted we did make exceptions in
the past before (e.g. for the various microcode updates needed for
Spectre/Meltdown
etc. and a separate archive sections allows for more clarity in that regard.
And since all firmware blobs are required to be fully re-distributable this
would also allow to enable auto-building for that new section (as opposed
to non-free where this is limited).
Cheers,
Moritz
