[UNSTABLE,2/2] UBUNTU: [Packaging] add uscan watch file with GPG verification

Reuse upstream released original kernel tarballs and verify GPG
signature of them against the local copy of greg's key.

This should make `uscan --download-current-version` work against
released kernels, in a reproducible manner. This should also enforce
that all our released kernels reuse the kernel.org published orig
tarball.

One caveat is that tripple integer version number is preserved (as in
6.7.0) whereas on kernel.org the tarballs are actually published as
two integers only (as in 6.7). Although I seem to recall everything in
the world breaks when one changes kernel version to not be three
numbers long.

Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
---
 debian/upstream/signing-key.asc | 78 +++++++++++++++++++++++++++++++++
 debian/watch                    |  3 ++
 2 files changed, 81 insertions(+)
 create mode 100644 debian/upstream/signing-key.asc
 create mode 100644 debian/watch

Dimitri John Ledkov wrote:
> Reuse upstream released original kernel tarballs and verify GPG
> signature of them against the local copy of greg's key.
>
> This should make `uscan --download-current-version` work against
> released kernels, in a reproducible manner. This should also enforce
> that all our released kernels reuse the kernel.org published orig
> tarball.
>
> One caveat is that tripple integer version number is preserved (as in

*triple

> 6.7.0) whereas on kernel.org the tarballs are actually published as
> two integers only (as in 6.7). Although I seem to recall everything in
> the world breaks when one changes kernel version to not be three
> numbers long.
>
> Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
> ---
>  debian/upstream/signing-key.asc | 78 +++++++++++++++++++++++++++++++++
>  debian/watch                    |  3 ++
>  2 files changed, 81 insertions(+)
>  create mode 100644 debian/upstream/signing-key.asc
>  create mode 100644 debian/watch
>
> diff --git a/debian/upstream/signing-key.asc b/debian/upstream/signing-key.asc
> new file mode 100644
> index 0000000000..5e3addc4ac
> --- /dev/null
> +++ b/debian/upstream/signing-key.asc
> @@ -0,0 +1,78 @@
> +-----BEGIN PGP PUBLIC KEY BLOCK-----
> +
> +mQINBE58tdUBEADY5iQsoL4k8l06dNt+uP2lH8IPi14M51/tOHsW1ZNc8Iok0stH
> ++uA8w0LpN97UgNhsvXFEkIK2JjLalasUTiUoIeeTshD9t+ekFBx5a9SbLCFlBrDS
> +TwfieK2xalzomoL22N5ztj1XbdLWh6NRM6kKMeYvgAGo8p884WJk4pPIJK6G0wEw
> +e9/TG6ilRSLOtxyaF9yZ+FC1eOA1S47Ld2K25Y5GsQF5agwi7nES+9tVVBZp97kB
> +8IOvELeiSiY0xFXi60yfwIlK6x9dfcxsx5nCyrp2qdqQiPiMD0EJMiuA6wymoi5W
> +XtmfCpweTB8TvW8Y8uqrwYApzmDleBDTIDP0vCY1o9eftJcWWMkRKC9c7Ziy4nT6
> +TzmVkNXgqC8/BuOQbpU7I/1VCMoa6e+2a8jrgy5to4dGgu6xQ6jTxWbvgDeB6Hct
> +WGqf8f9s5lSpH8D8OZLDOXKolqnBd5YrJr0Qmpq4cCcIqwNCMbURtsTpbW/EdWl+
> +AKwnStXXLI5O6Hg+m4c3O8ZwbzcnAOgTJePm2Xoi71t9SbAZZx1/W7p6/57UGrXR
> +Q4WfiwpOPD0siF33yO2L7G7Gmm4zh8ieX8aS8guqfWFhuSsDta77F2FB9ozD9WN0
> +Z5tJowiy3Z1VkxvZjZH8IbcB05yBBBV47BJxrPnSuDT+w45yNTqZ6m4VYwARAQAB
> +tC9HcmVnIEtyb2FoLUhhcnRtYW4gPGdyZWdraEBsaW51eGZvdW5kYXRpb24ub3Jn
> +PokCTgQTAQgAOBYhBGR/KGVIlOO9RXGZvjjbvchgkmk+BQJaHvQRAhsDBQsJCAcC
> +BhUICQoLAgQWAgMBAh4BAheAAAoJEDjbvchgkmk+3/8P+gJ85fYDzXoy47y90FFi
> +PJqqtkZhf/VPMP5YOJzxCnGVh0CUwC2fGFV6SIU5V78Ede+gArocYq+LpTV4nJz5
> +SJZZxNBzuEW8t42juF6GZ9uB5SNlqYHUjWbM0bLpl1gut3pe9yJ7mQ2DaZUMYlav
> +D7sOAiKw/5pCyFLvY9a6ZJmp8QmPUU8Fb9kbbudxfjxgDrAwuVlnGU/I8YIZOHhX
> +s1hjBNagZCWcxawktDLPylifNOL5UtNuoLJRjsUVatAEjp+g1Xq2A8/t/mfi5K1p
> +juQaEr5fVzqhkPqt7UQbT1QuZghStYJ5QRunaYT1trvBXmrXKzebBKk85+nlh58g
> +fRNTyEt2eflNkU1XpFtNcCWo6rke/PZjtHb1CivHD/GhyogeGBfRAMRfmfNDZRZw
> +e5V+EBNI+RUexscvhVyTp0XhxgXdGy9KpSpWbuwGaQ+q9mVLrYRlNn1k3dnYaWxD
> +nk0x7xGCE59dd6vpckcD6t/SXujRwT4b0Ypw1jy3Ve3h8OTB5sP5SBpCA33DoQs9
> +ONbgtL3nX3XST7frXxBkfCD7D58gGCvFvZYAEd1MDGj3250UnBHUPGeVp7/+t/wH
> +MJ/E3rvb45RGYadd736i0vnJStPIae4M/bVG5qddRjU6mcpir5qYHAIrDz6QwWWF
> +2BvR7vqYKa36TGX7TORxuyfotCZHcmVnIEtyb2FoLUhhcnRtYW4gPGdyZWdraEBr
> +ZXJuZWwub3JnPokCTgQTAQgAOBYhBGR/KGVIlOO9RXGZvjjbvchgkmk+BQJaHvNA
> +AhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEDjbvchgkmk+TLEQAJ1Ux/6n
> +//f2jEVBdWb13qYFBBxKJMNeTU9yPMedQAAhrt68IU1Bt8+/nmZLm1iXWOvPQ019
> +21i3HBxANnbTqEYYYWnQJJyROiyTuwY7HWlguQXlkxLa1mahVuFee6DHO+O8IGU8
> +IM+PHdEL08e629sIluu3WGmNXXJ307j47UBu3QFA67YQ7YBmChl7AHBcSpKSplgN
> +82tbAYtrm5ywYHM5uMFhmbw/DJpzLdFsnzRT9E7PKhH+q1MyPojGT4Oytj3D1QZr
> +hp8yZ+Zp8TQnleXeBczLfpQPduzurqVomZpWwIZLHCgBJRWmz7/M0kTDIndQle9L
> +VcJtJqasrRmgL3NsKrYYBw+jHnBe2hp8aq6W3DVaUmkSdshran9ZCaLCpxt62NAg
> +UkI/eg1sSljo1aeXmF33ymYIpxavW5CGUYKlqYRLUT7en6t/mFiYCwPD22KOdLSf
> +svVG+pr4UNsfSZdIF+W9/FLW7HJVZGMIldsrGFv4lOtqiXdbRafMtylYw/mU+xhu
> +9+NslRRrbi1TlWS/BH7ULYu9zKahApf1DFRcrx0PyvtlFleoDZa88uIbmcUO8GzZ
> +XEhejTv9vNnbmjgvYsRywFcJPkJ/TObfasvvSU9GZn6aU36Y7GYSUGjD1anLiUpr
> +0FKkruymqBdXHaXGJ44GZ8Hhd5ZMTavwEX7BtE1HcmVnIEtyb2FoLUhhcnRtYW4g
> +KExpbnV4IGtlcm5lbCBzdGFibGUgcmVsZWFzZSBzaWduaW5nIGtleSkgPGdyZWdA
> +a3JvYWguY29tPokCOAQTAQIAIgUCTny11QIbAwYLCQgHAwIGFQgCCQoLBBYCAwEC
> +HgECF4AACgkQONu9yGCSaT5fXBAAx2NfTb1IZ59eV3PKtqNG0qwQdq/62oSqNKlv
> +lp/JzkeynjeJ7ic1IOs/CTTv2+xoPkLNcNhOPz7uem/4aa/my9A0AEp5UsF6Lvdo
> +/Hy7Jxc++0EgW//TyvWcU9qd5qS/85VZf8I5pL9TZtHVwfIfLME+G8hkQx0+CWRJ
> +loLFG48lwi8khp+TsCRYv1tQei7G22xAY5s+53TssaC1MXyQT7aJBGhwnbspY2Ia
> +RMzsrX0msZn+Fn5WlxxMDxUmUACFMyKGJ+1F6VY01nWolT3G1udOnpee66qXHJo6
> +XnzkNhzeH8Vf3sMe0sXx8YkN682g1NFaa+el0SDcXZvB91pFkWnQaQSfac5gI4Ki
> +ShxAqePAH6Og+a/fhs5XdyYw0SN50O+yaSnqEDl7JkByXVKJiVVihDuEe5JZXkoI
> +O/eTN6uceF89ZQiO/dFn0Kcqc4vL7uuI6FDMRZK7mY7bjFxFW1VjspcxhT1NdR7S
> +FNrK8Glzd5FS67oTwSNB3CzkJ3ON/kOJ8JSxFEt1ZTc2ZpQujrFyTtbksWm3Yy63
> +kbpwxRoR6xgaGwtx0SdkkWDCcA+2GZymCjk5FFQkAhoEk0tu/n5fvHS7TTZui9a2
> +HMsyqmgTJzeU0eQJDgmb/ahzW0VgjHtABaJr40Q83M9upkZdHFXSZb7UHFYkAdH1
> +OxdvSFW5Ag0ETny11QEQALIiIb/niWy6M6GfBMt/2EBWpLuE+FYVeUQGpGhXD2rU
> +hOo9UpoxBD/Y5mc5OaJsVL3fySYQldVFOaT7Pu0J1N5FXIBckgtbT3eg+TGD9WIf
> +Jy6ZpWjBKf6K4frwTwRpLBKqZhcA/78KzxFHeRHjV4cEVZVNoRtVqLYuTlbdlkH6
> +G2YxgCioxAfqvsGjsg2ES7Xl6xz3uaBH1DFX7S2LXHkDHnloWOTaDRe/4h2VnFHf
> +76xsJCgt2seJp91kI8bhuR7CUrO5mkRMhnp/z9v6vc2qcMv8EMK62FiBaqENaKg5
> +6ag8Icujar1YwXG7oYhOuYiWxqGpJUwg5+h/HeYw5Q8ue0UwHPCUZR14pzQCKxag
> +RMibiufOlS6URbCcBG44ddFAt2vqqopIo069moxfqt6OGig59cYv7PSMfHX25dV0
> +1Ns+2R1eo7qiktkV+3CSSs/dUArcTxyovuadIAUaZAJ3XqsS3FGzZsPYMYNM9faZ
> +qOfF6mmGmCZRJMMESWuWjc8ZnVAv4luyD18vlsr/J9rO0t28s4PJyqJGozEXLBLt
> +saCVihxBHMY7QK/pC0jRniLpeniDDHY875TIiG3nrmtR84nnW9WNOG6tuaIcB6hD
> +/DmSr72rRoNEpCa/eT7XiCOymGHS5gWR+94R1+J1rQZbd1T8gSq/nQQluJII7oz7
> +ABEBAAGJAjYEGAECAAkFAk58tdUCGwwAIQkQONu9yGCSaT4WIQRkfyhlSJTjvUVx
> +mb44273IYJJpPjBTEAC+6nWLKuUdxyHZEd/GmYVEFg07C2akTEkHL4pTMNnpGMxN
> +McVvDdiuSRcDVwxChsXa9PGc1mzkHYje7ayn8APUx4XEP8x7m15tlyMlMEfwMF8o
> +xHAXBfd9sfhfsxwsPpdgwgTPtWjR7exPMJWpkzbs2Y9muFYePTktAiWIt5S7Jfni
> +9jAvrqGW8+40+ESwi5ptUZhiFVZ3hlp+FwjRXcsZj8onAFmrimqXNU8QsyTFy8Ia
> +GLX0YN4XfVnz2mW6BXTbTuQiMVv7XXuhfgV7OW7UEalwL2zXZl32uHLcrMurAKjE
> +CBtku8LBoZ8QsNKKQ8mCkE6+mHWBMClfXX/trb+R85hgRT6G2epObiTnqROuWVFf
> +4IKDFDZpnXdx1oW0dPMA6edgk0SNdLQKUTLEhdeegufCNy4txNNVveQ0fssChH/H
> +UmZtHWieEg4H9HAUlxRPf+aUkW1dRpwYJJIKkK0vQd7BTRivS4vk3HnWLuk0bhpw
> +gk214rPU8zJphksRNVj9641nUD/PJo0qztj9IJtrmrjI6YNz+yRIpRB8/vJDwqJT
> +q1SZ5YBp+pS40j3jozRFGwqfGZziC5ZfK9RbB2un4ABh/NyRlTiAYhFVYpK8boJM
> +oOzQe1nlbVwDf6Wty6voekrLOTnu4Y5GpY4Wq5AREyzShd0cpznDnmyjOIKWVA==
> +=Xuim
> +-----END PGP PUBLIC KEY BLOCK-----
> diff --git a/debian/watch b/debian/watch
> new file mode 100644
> index 0000000000..ac0e235e69
> --- /dev/null
> +++ b/debian/watch
> @@ -0,0 +1,3 @@
> +version=4
> +opts="uversionmangle=s%$%.0%,pgpsigurlmangle=s%@ARCHIVE_EXT@$%.tar.sign%,decompress" \
> +https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-@ANY_VERSION@@ARCHIVE_EXT@
> --
> 2.34.1
>
>
> --
> kernel-team mailing list
> kernel-team@lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team

On Wed, Feb 7, 2024 at 11:02 AM Dimitri John Ledkov
<dimitri.ledkov@canonical.com> wrote:
>
> Reuse upstream released original kernel tarballs and verify GPG
> signature of them against the local copy of greg's key.
>
> This should make `uscan --download-current-version` work against
> released kernels, in a reproducible manner. This should also enforce
> that all our released kernels reuse the kernel.org published orig
> tarball.
>
> One caveat is that tripple integer version number is preserved (as in
> 6.7.0) whereas on kernel.org the tarballs are actually published as
> two integers only (as in 6.7). Although I seem to recall everything in
> the world breaks when one changes kernel version to not be three
> numbers long.



Presumably, this is related, but I do not understand
why I can download 6.7.0, but not 6.7.1 ?




masahiro@zoe:~/canonical/noble/linux$ uscan --download-version  6.7.0
Newest version of linux-unstable on remote site is 6.7.0, specified
download version is 6.7.0
gpgv: Signature made Mon 08 Jan 2024 02:47:49 PM JST
gpgv:                using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
gpgv: Good signature from "Greg Kroah-Hartman <gregkh@linuxfoundation.org>"
gpgv:                 aka "Greg Kroah-Hartman <gregkh@kernel.org>"
gpgv:                 aka "Greg Kroah-Hartman (Linux kernel stable
release signing key) <greg@kroah.com>"
Leaving ../linux-unstable_6.7.0.orig.tar.xz where it is.

masahiro@zoe:~/canonical/noble/linux$ uscan --download-version  6.7.1
uscan warn: In debian/watch no matching hrefs for version 6.7.1 in watch line
  https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-(?:[-_]?v?(\d[\-+\.:\~\da-zA-Z]*))(?i)(?:\.(?:tar\.xz|tar\.bz2|tar\.gz|tar\.zstd?|zip|tgz|tbz|txz))















> Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
> ---
>  debian/upstream/signing-key.asc | 78 +++++++++++++++++++++++++++++++++
>  debian/watch                    |  3 ++
>  2 files changed, 81 insertions(+)
>  create mode 100644 debian/upstream/signing-key.asc
>  create mode 100644 debian/watch
>
> diff --git a/debian/upstream/signing-key.asc b/debian/upstream/signing-key.asc
> new file mode 100644
> index 0000000000..5e3addc4ac
> --- /dev/null
> +++ b/debian/upstream/signing-key.asc
> @@ -0,0 +1,78 @@
> +-----BEGIN PGP PUBLIC KEY BLOCK-----
> +
> +mQINBE58tdUBEADY5iQsoL4k8l06dNt+uP2lH8IPi14M51/tOHsW1ZNc8Iok0stH
> ++uA8w0LpN97UgNhsvXFEkIK2JjLalasUTiUoIeeTshD9t+ekFBx5a9SbLCFlBrDS
> +TwfieK2xalzomoL22N5ztj1XbdLWh6NRM6kKMeYvgAGo8p884WJk4pPIJK6G0wEw
> +e9/TG6ilRSLOtxyaF9yZ+FC1eOA1S47Ld2K25Y5GsQF5agwi7nES+9tVVBZp97kB
> +8IOvELeiSiY0xFXi60yfwIlK6x9dfcxsx5nCyrp2qdqQiPiMD0EJMiuA6wymoi5W
> +XtmfCpweTB8TvW8Y8uqrwYApzmDleBDTIDP0vCY1o9eftJcWWMkRKC9c7Ziy4nT6
> +TzmVkNXgqC8/BuOQbpU7I/1VCMoa6e+2a8jrgy5to4dGgu6xQ6jTxWbvgDeB6Hct
> +WGqf8f9s5lSpH8D8OZLDOXKolqnBd5YrJr0Qmpq4cCcIqwNCMbURtsTpbW/EdWl+
> +AKwnStXXLI5O6Hg+m4c3O8ZwbzcnAOgTJePm2Xoi71t9SbAZZx1/W7p6/57UGrXR
> +Q4WfiwpOPD0siF33yO2L7G7Gmm4zh8ieX8aS8guqfWFhuSsDta77F2FB9ozD9WN0
> +Z5tJowiy3Z1VkxvZjZH8IbcB05yBBBV47BJxrPnSuDT+w45yNTqZ6m4VYwARAQAB
> +tC9HcmVnIEtyb2FoLUhhcnRtYW4gPGdyZWdraEBsaW51eGZvdW5kYXRpb24ub3Jn
> +PokCTgQTAQgAOBYhBGR/KGVIlOO9RXGZvjjbvchgkmk+BQJaHvQRAhsDBQsJCAcC
> +BhUICQoLAgQWAgMBAh4BAheAAAoJEDjbvchgkmk+3/8P+gJ85fYDzXoy47y90FFi
> +PJqqtkZhf/VPMP5YOJzxCnGVh0CUwC2fGFV6SIU5V78Ede+gArocYq+LpTV4nJz5
> +SJZZxNBzuEW8t42juF6GZ9uB5SNlqYHUjWbM0bLpl1gut3pe9yJ7mQ2DaZUMYlav
> +D7sOAiKw/5pCyFLvY9a6ZJmp8QmPUU8Fb9kbbudxfjxgDrAwuVlnGU/I8YIZOHhX
> +s1hjBNagZCWcxawktDLPylifNOL5UtNuoLJRjsUVatAEjp+g1Xq2A8/t/mfi5K1p
> +juQaEr5fVzqhkPqt7UQbT1QuZghStYJ5QRunaYT1trvBXmrXKzebBKk85+nlh58g
> +fRNTyEt2eflNkU1XpFtNcCWo6rke/PZjtHb1CivHD/GhyogeGBfRAMRfmfNDZRZw
> +e5V+EBNI+RUexscvhVyTp0XhxgXdGy9KpSpWbuwGaQ+q9mVLrYRlNn1k3dnYaWxD
> +nk0x7xGCE59dd6vpckcD6t/SXujRwT4b0Ypw1jy3Ve3h8OTB5sP5SBpCA33DoQs9
> +ONbgtL3nX3XST7frXxBkfCD7D58gGCvFvZYAEd1MDGj3250UnBHUPGeVp7/+t/wH
> +MJ/E3rvb45RGYadd736i0vnJStPIae4M/bVG5qddRjU6mcpir5qYHAIrDz6QwWWF
> +2BvR7vqYKa36TGX7TORxuyfotCZHcmVnIEtyb2FoLUhhcnRtYW4gPGdyZWdraEBr
> +ZXJuZWwub3JnPokCTgQTAQgAOBYhBGR/KGVIlOO9RXGZvjjbvchgkmk+BQJaHvNA
> +AhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEDjbvchgkmk+TLEQAJ1Ux/6n
> +//f2jEVBdWb13qYFBBxKJMNeTU9yPMedQAAhrt68IU1Bt8+/nmZLm1iXWOvPQ019
> +21i3HBxANnbTqEYYYWnQJJyROiyTuwY7HWlguQXlkxLa1mahVuFee6DHO+O8IGU8
> +IM+PHdEL08e629sIluu3WGmNXXJ307j47UBu3QFA67YQ7YBmChl7AHBcSpKSplgN
> +82tbAYtrm5ywYHM5uMFhmbw/DJpzLdFsnzRT9E7PKhH+q1MyPojGT4Oytj3D1QZr
> +hp8yZ+Zp8TQnleXeBczLfpQPduzurqVomZpWwIZLHCgBJRWmz7/M0kTDIndQle9L
> +VcJtJqasrRmgL3NsKrYYBw+jHnBe2hp8aq6W3DVaUmkSdshran9ZCaLCpxt62NAg
> +UkI/eg1sSljo1aeXmF33ymYIpxavW5CGUYKlqYRLUT7en6t/mFiYCwPD22KOdLSf
> +svVG+pr4UNsfSZdIF+W9/FLW7HJVZGMIldsrGFv4lOtqiXdbRafMtylYw/mU+xhu
> +9+NslRRrbi1TlWS/BH7ULYu9zKahApf1DFRcrx0PyvtlFleoDZa88uIbmcUO8GzZ
> +XEhejTv9vNnbmjgvYsRywFcJPkJ/TObfasvvSU9GZn6aU36Y7GYSUGjD1anLiUpr
> +0FKkruymqBdXHaXGJ44GZ8Hhd5ZMTavwEX7BtE1HcmVnIEtyb2FoLUhhcnRtYW4g
> +KExpbnV4IGtlcm5lbCBzdGFibGUgcmVsZWFzZSBzaWduaW5nIGtleSkgPGdyZWdA
> +a3JvYWguY29tPokCOAQTAQIAIgUCTny11QIbAwYLCQgHAwIGFQgCCQoLBBYCAwEC
> +HgECF4AACgkQONu9yGCSaT5fXBAAx2NfTb1IZ59eV3PKtqNG0qwQdq/62oSqNKlv
> +lp/JzkeynjeJ7ic1IOs/CTTv2+xoPkLNcNhOPz7uem/4aa/my9A0AEp5UsF6Lvdo
> +/Hy7Jxc++0EgW//TyvWcU9qd5qS/85VZf8I5pL9TZtHVwfIfLME+G8hkQx0+CWRJ
> +loLFG48lwi8khp+TsCRYv1tQei7G22xAY5s+53TssaC1MXyQT7aJBGhwnbspY2Ia
> +RMzsrX0msZn+Fn5WlxxMDxUmUACFMyKGJ+1F6VY01nWolT3G1udOnpee66qXHJo6
> +XnzkNhzeH8Vf3sMe0sXx8YkN682g1NFaa+el0SDcXZvB91pFkWnQaQSfac5gI4Ki
> +ShxAqePAH6Og+a/fhs5XdyYw0SN50O+yaSnqEDl7JkByXVKJiVVihDuEe5JZXkoI
> +O/eTN6uceF89ZQiO/dFn0Kcqc4vL7uuI6FDMRZK7mY7bjFxFW1VjspcxhT1NdR7S
> +FNrK8Glzd5FS67oTwSNB3CzkJ3ON/kOJ8JSxFEt1ZTc2ZpQujrFyTtbksWm3Yy63
> +kbpwxRoR6xgaGwtx0SdkkWDCcA+2GZymCjk5FFQkAhoEk0tu/n5fvHS7TTZui9a2
> +HMsyqmgTJzeU0eQJDgmb/ahzW0VgjHtABaJr40Q83M9upkZdHFXSZb7UHFYkAdH1
> +OxdvSFW5Ag0ETny11QEQALIiIb/niWy6M6GfBMt/2EBWpLuE+FYVeUQGpGhXD2rU
> +hOo9UpoxBD/Y5mc5OaJsVL3fySYQldVFOaT7Pu0J1N5FXIBckgtbT3eg+TGD9WIf
> +Jy6ZpWjBKf6K4frwTwRpLBKqZhcA/78KzxFHeRHjV4cEVZVNoRtVqLYuTlbdlkH6
> +G2YxgCioxAfqvsGjsg2ES7Xl6xz3uaBH1DFX7S2LXHkDHnloWOTaDRe/4h2VnFHf
> +76xsJCgt2seJp91kI8bhuR7CUrO5mkRMhnp/z9v6vc2qcMv8EMK62FiBaqENaKg5
> +6ag8Icujar1YwXG7oYhOuYiWxqGpJUwg5+h/HeYw5Q8ue0UwHPCUZR14pzQCKxag
> +RMibiufOlS6URbCcBG44ddFAt2vqqopIo069moxfqt6OGig59cYv7PSMfHX25dV0
> +1Ns+2R1eo7qiktkV+3CSSs/dUArcTxyovuadIAUaZAJ3XqsS3FGzZsPYMYNM9faZ
> +qOfF6mmGmCZRJMMESWuWjc8ZnVAv4luyD18vlsr/J9rO0t28s4PJyqJGozEXLBLt
> +saCVihxBHMY7QK/pC0jRniLpeniDDHY875TIiG3nrmtR84nnW9WNOG6tuaIcB6hD
> +/DmSr72rRoNEpCa/eT7XiCOymGHS5gWR+94R1+J1rQZbd1T8gSq/nQQluJII7oz7
> +ABEBAAGJAjYEGAECAAkFAk58tdUCGwwAIQkQONu9yGCSaT4WIQRkfyhlSJTjvUVx
> +mb44273IYJJpPjBTEAC+6nWLKuUdxyHZEd/GmYVEFg07C2akTEkHL4pTMNnpGMxN
> +McVvDdiuSRcDVwxChsXa9PGc1mzkHYje7ayn8APUx4XEP8x7m15tlyMlMEfwMF8o
> +xHAXBfd9sfhfsxwsPpdgwgTPtWjR7exPMJWpkzbs2Y9muFYePTktAiWIt5S7Jfni
> +9jAvrqGW8+40+ESwi5ptUZhiFVZ3hlp+FwjRXcsZj8onAFmrimqXNU8QsyTFy8Ia
> +GLX0YN4XfVnz2mW6BXTbTuQiMVv7XXuhfgV7OW7UEalwL2zXZl32uHLcrMurAKjE
> +CBtku8LBoZ8QsNKKQ8mCkE6+mHWBMClfXX/trb+R85hgRT6G2epObiTnqROuWVFf
> +4IKDFDZpnXdx1oW0dPMA6edgk0SNdLQKUTLEhdeegufCNy4txNNVveQ0fssChH/H
> +UmZtHWieEg4H9HAUlxRPf+aUkW1dRpwYJJIKkK0vQd7BTRivS4vk3HnWLuk0bhpw
> +gk214rPU8zJphksRNVj9641nUD/PJo0qztj9IJtrmrjI6YNz+yRIpRB8/vJDwqJT
> +q1SZ5YBp+pS40j3jozRFGwqfGZziC5ZfK9RbB2un4ABh/NyRlTiAYhFVYpK8boJM
> +oOzQe1nlbVwDf6Wty6voekrLOTnu4Y5GpY4Wq5AREyzShd0cpznDnmyjOIKWVA==
> +=Xuim
> +-----END PGP PUBLIC KEY BLOCK-----
> diff --git a/debian/watch b/debian/watch
> new file mode 100644
> index 0000000000..ac0e235e69
> --- /dev/null
> +++ b/debian/watch
> @@ -0,0 +1,3 @@
> +version=4
> +opts="uversionmangle=s%$%.0%,pgpsigurlmangle=s%@ARCHIVE_EXT@$%.tar.sign%,decompress" \
> +https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-@ANY_VERSION@@ARCHIVE_EXT@
> --
> 2.34.1
>

On Wed, 14 Feb 2024, 02:35 Masahiro Yamada, <masahiro.yamada@canonical.com>
wrote:

> On Wed, Feb 7, 2024 at 11:02 AM Dimitri John Ledkov
> <dimitri.ledkov@canonical.com> wrote:
> >
> > Reuse upstream released original kernel tarballs and verify GPG
> > signature of them against the local copy of greg's key.
> >
> > This should make `uscan --download-current-version` work against
> > released kernels, in a reproducible manner. This should also enforce
> > that all our released kernels reuse the kernel.org published orig
> > tarball.
> >
> > One caveat is that tripple integer version number is preserved (as in
> > 6.7.0) whereas on kernel.org the tarballs are actually published as
> > two integers only (as in 6.7). Although I seem to recall everything in
> > the world breaks when one changes kernel version to not be three
> > numbers long.
>
>
>
> Presumably, this is related, but I do not understand
> why I can download 6.7.0, but not 6.7.1 ?
>

Although we don't use the .n releases, the mangling of versions can be
fixed up to work correctly for point tarballs too. Because yes that would
be very convenient.

Also I wonder if in the future we could fetch the point release diff, apply
that, then generate our delta patch. Because that would show the real deal.
And preserve using the same orig tarball without exploding mirror storage.



>
> masahiro@zoe:~/canonical/noble/linux$ uscan --download-version  6.7.0
> Newest version of linux-unstable on remote site is 6.7.0, specified
> download version is 6.7.0
> gpgv: Signature made Mon 08 Jan 2024 02:47:49 PM JST
> gpgv:                using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
> gpgv: Good signature from "Greg Kroah-Hartman <gregkh@linuxfoundation.org
> >"
> gpgv:                 aka "Greg Kroah-Hartman <gregkh@kernel.org>"
> gpgv:                 aka "Greg Kroah-Hartman (Linux kernel stable
> release signing key) <greg@kroah.com>"
> Leaving ../linux-unstable_6.7.0.orig.tar.xz where it is.
>
> masahiro@zoe:~/canonical/noble/linux$ uscan --download-version  6.7.1
> uscan warn: In debian/watch no matching hrefs for version 6.7.1 in watch
> line
>   https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-(?:[-_]?v?(\d[\-+\.
> <https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-(?:[-_]?v?(%5Cd[%5C-+%5C.>
> :\~\da-zA-Z]*))(?i)(?:\.(?:tar\.xz|tar\.bz2|tar\.gz|tar\.zstd?|zip|tgz|tbz|txz))
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
> > ---
> >  debian/upstream/signing-key.asc | 78 +++++++++++++++++++++++++++++++++
> >  debian/watch                    |  3 ++
> >  2 files changed, 81 insertions(+)
> >  create mode 100644 debian/upstream/signing-key.asc
> >  create mode 100644 debian/watch
> >
> > diff --git a/debian/upstream/signing-key.asc
> b/debian/upstream/signing-key.asc
> > new file mode 100644
> > index 0000000000..5e3addc4ac
> > --- /dev/null
> > +++ b/debian/upstream/signing-key.asc
> > @@ -0,0 +1,78 @@
> > +-----BEGIN PGP PUBLIC KEY BLOCK-----
> > +
> > +mQINBE58tdUBEADY5iQsoL4k8l06dNt+uP2lH8IPi14M51/tOHsW1ZNc8Iok0stH
> > ++uA8w0LpN97UgNhsvXFEkIK2JjLalasUTiUoIeeTshD9t+ekFBx5a9SbLCFlBrDS
> > +TwfieK2xalzomoL22N5ztj1XbdLWh6NRM6kKMeYvgAGo8p884WJk4pPIJK6G0wEw
> > +e9/TG6ilRSLOtxyaF9yZ+FC1eOA1S47Ld2K25Y5GsQF5agwi7nES+9tVVBZp97kB
> > +8IOvELeiSiY0xFXi60yfwIlK6x9dfcxsx5nCyrp2qdqQiPiMD0EJMiuA6wymoi5W
> > +XtmfCpweTB8TvW8Y8uqrwYApzmDleBDTIDP0vCY1o9eftJcWWMkRKC9c7Ziy4nT6
> > +TzmVkNXgqC8/BuOQbpU7I/1VCMoa6e+2a8jrgy5to4dGgu6xQ6jTxWbvgDeB6Hct
> > +WGqf8f9s5lSpH8D8OZLDOXKolqnBd5YrJr0Qmpq4cCcIqwNCMbURtsTpbW/EdWl+
> > +AKwnStXXLI5O6Hg+m4c3O8ZwbzcnAOgTJePm2Xoi71t9SbAZZx1/W7p6/57UGrXR
> > +Q4WfiwpOPD0siF33yO2L7G7Gmm4zh8ieX8aS8guqfWFhuSsDta77F2FB9ozD9WN0
> > +Z5tJowiy3Z1VkxvZjZH8IbcB05yBBBV47BJxrPnSuDT+w45yNTqZ6m4VYwARAQAB
> > +tC9HcmVnIEtyb2FoLUhhcnRtYW4gPGdyZWdraEBsaW51eGZvdW5kYXRpb24ub3Jn
> > +PokCTgQTAQgAOBYhBGR/KGVIlOO9RXGZvjjbvchgkmk+BQJaHvQRAhsDBQsJCAcC
> > +BhUICQoLAgQWAgMBAh4BAheAAAoJEDjbvchgkmk+3/8P+gJ85fYDzXoy47y90FFi
> > +PJqqtkZhf/VPMP5YOJzxCnGVh0CUwC2fGFV6SIU5V78Ede+gArocYq+LpTV4nJz5
> > +SJZZxNBzuEW8t42juF6GZ9uB5SNlqYHUjWbM0bLpl1gut3pe9yJ7mQ2DaZUMYlav
> > +D7sOAiKw/5pCyFLvY9a6ZJmp8QmPUU8Fb9kbbudxfjxgDrAwuVlnGU/I8YIZOHhX
> > +s1hjBNagZCWcxawktDLPylifNOL5UtNuoLJRjsUVatAEjp+g1Xq2A8/t/mfi5K1p
> > +juQaEr5fVzqhkPqt7UQbT1QuZghStYJ5QRunaYT1trvBXmrXKzebBKk85+nlh58g
> > +fRNTyEt2eflNkU1XpFtNcCWo6rke/PZjtHb1CivHD/GhyogeGBfRAMRfmfNDZRZw
> > +e5V+EBNI+RUexscvhVyTp0XhxgXdGy9KpSpWbuwGaQ+q9mVLrYRlNn1k3dnYaWxD
> > +nk0x7xGCE59dd6vpckcD6t/SXujRwT4b0Ypw1jy3Ve3h8OTB5sP5SBpCA33DoQs9
> > +ONbgtL3nX3XST7frXxBkfCD7D58gGCvFvZYAEd1MDGj3250UnBHUPGeVp7/+t/wH
> > +MJ/E3rvb45RGYadd736i0vnJStPIae4M/bVG5qddRjU6mcpir5qYHAIrDz6QwWWF
> > +2BvR7vqYKa36TGX7TORxuyfotCZHcmVnIEtyb2FoLUhhcnRtYW4gPGdyZWdraEBr
> > +ZXJuZWwub3JnPokCTgQTAQgAOBYhBGR/KGVIlOO9RXGZvjjbvchgkmk+BQJaHvNA
> > +AhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEDjbvchgkmk+TLEQAJ1Ux/6n
> > +//f2jEVBdWb13qYFBBxKJMNeTU9yPMedQAAhrt68IU1Bt8+/nmZLm1iXWOvPQ019
> > +21i3HBxANnbTqEYYYWnQJJyROiyTuwY7HWlguQXlkxLa1mahVuFee6DHO+O8IGU8
> > +IM+PHdEL08e629sIluu3WGmNXXJ307j47UBu3QFA67YQ7YBmChl7AHBcSpKSplgN
> > +82tbAYtrm5ywYHM5uMFhmbw/DJpzLdFsnzRT9E7PKhH+q1MyPojGT4Oytj3D1QZr
> > +hp8yZ+Zp8TQnleXeBczLfpQPduzurqVomZpWwIZLHCgBJRWmz7/M0kTDIndQle9L
> > +VcJtJqasrRmgL3NsKrYYBw+jHnBe2hp8aq6W3DVaUmkSdshran9ZCaLCpxt62NAg
> > +UkI/eg1sSljo1aeXmF33ymYIpxavW5CGUYKlqYRLUT7en6t/mFiYCwPD22KOdLSf
> > +svVG+pr4UNsfSZdIF+W9/FLW7HJVZGMIldsrGFv4lOtqiXdbRafMtylYw/mU+xhu
> > +9+NslRRrbi1TlWS/BH7ULYu9zKahApf1DFRcrx0PyvtlFleoDZa88uIbmcUO8GzZ
> > +XEhejTv9vNnbmjgvYsRywFcJPkJ/TObfasvvSU9GZn6aU36Y7GYSUGjD1anLiUpr
> > +0FKkruymqBdXHaXGJ44GZ8Hhd5ZMTavwEX7BtE1HcmVnIEtyb2FoLUhhcnRtYW4g
> > +KExpbnV4IGtlcm5lbCBzdGFibGUgcmVsZWFzZSBzaWduaW5nIGtleSkgPGdyZWdA
> > +a3JvYWguY29tPokCOAQTAQIAIgUCTny11QIbAwYLCQgHAwIGFQgCCQoLBBYCAwEC
> > +HgECF4AACgkQONu9yGCSaT5fXBAAx2NfTb1IZ59eV3PKtqNG0qwQdq/62oSqNKlv
> > +lp/JzkeynjeJ7ic1IOs/CTTv2+xoPkLNcNhOPz7uem/4aa/my9A0AEp5UsF6Lvdo
> > +/Hy7Jxc++0EgW//TyvWcU9qd5qS/85VZf8I5pL9TZtHVwfIfLME+G8hkQx0+CWRJ
> > +loLFG48lwi8khp+TsCRYv1tQei7G22xAY5s+53TssaC1MXyQT7aJBGhwnbspY2Ia
> > +RMzsrX0msZn+Fn5WlxxMDxUmUACFMyKGJ+1F6VY01nWolT3G1udOnpee66qXHJo6
> > +XnzkNhzeH8Vf3sMe0sXx8YkN682g1NFaa+el0SDcXZvB91pFkWnQaQSfac5gI4Ki
> > +ShxAqePAH6Og+a/fhs5XdyYw0SN50O+yaSnqEDl7JkByXVKJiVVihDuEe5JZXkoI
> > +O/eTN6uceF89ZQiO/dFn0Kcqc4vL7uuI6FDMRZK7mY7bjFxFW1VjspcxhT1NdR7S
> > +FNrK8Glzd5FS67oTwSNB3CzkJ3ON/kOJ8JSxFEt1ZTc2ZpQujrFyTtbksWm3Yy63
> > +kbpwxRoR6xgaGwtx0SdkkWDCcA+2GZymCjk5FFQkAhoEk0tu/n5fvHS7TTZui9a2
> > +HMsyqmgTJzeU0eQJDgmb/ahzW0VgjHtABaJr40Q83M9upkZdHFXSZb7UHFYkAdH1
> > +OxdvSFW5Ag0ETny11QEQALIiIb/niWy6M6GfBMt/2EBWpLuE+FYVeUQGpGhXD2rU
> > +hOo9UpoxBD/Y5mc5OaJsVL3fySYQldVFOaT7Pu0J1N5FXIBckgtbT3eg+TGD9WIf
> > +Jy6ZpWjBKf6K4frwTwRpLBKqZhcA/78KzxFHeRHjV4cEVZVNoRtVqLYuTlbdlkH6
> > +G2YxgCioxAfqvsGjsg2ES7Xl6xz3uaBH1DFX7S2LXHkDHnloWOTaDRe/4h2VnFHf
> > +76xsJCgt2seJp91kI8bhuR7CUrO5mkRMhnp/z9v6vc2qcMv8EMK62FiBaqENaKg5
> > +6ag8Icujar1YwXG7oYhOuYiWxqGpJUwg5+h/HeYw5Q8ue0UwHPCUZR14pzQCKxag
> > +RMibiufOlS6URbCcBG44ddFAt2vqqopIo069moxfqt6OGig59cYv7PSMfHX25dV0
> > +1Ns+2R1eo7qiktkV+3CSSs/dUArcTxyovuadIAUaZAJ3XqsS3FGzZsPYMYNM9faZ
> > +qOfF6mmGmCZRJMMESWuWjc8ZnVAv4luyD18vlsr/J9rO0t28s4PJyqJGozEXLBLt
> > +saCVihxBHMY7QK/pC0jRniLpeniDDHY875TIiG3nrmtR84nnW9WNOG6tuaIcB6hD
> > +/DmSr72rRoNEpCa/eT7XiCOymGHS5gWR+94R1+J1rQZbd1T8gSq/nQQluJII7oz7
> > +ABEBAAGJAjYEGAECAAkFAk58tdUCGwwAIQkQONu9yGCSaT4WIQRkfyhlSJTjvUVx
> > +mb44273IYJJpPjBTEAC+6nWLKuUdxyHZEd/GmYVEFg07C2akTEkHL4pTMNnpGMxN
> > +McVvDdiuSRcDVwxChsXa9PGc1mzkHYje7ayn8APUx4XEP8x7m15tlyMlMEfwMF8o
> > +xHAXBfd9sfhfsxwsPpdgwgTPtWjR7exPMJWpkzbs2Y9muFYePTktAiWIt5S7Jfni
> > +9jAvrqGW8+40+ESwi5ptUZhiFVZ3hlp+FwjRXcsZj8onAFmrimqXNU8QsyTFy8Ia
> > +GLX0YN4XfVnz2mW6BXTbTuQiMVv7XXuhfgV7OW7UEalwL2zXZl32uHLcrMurAKjE
> > +CBtku8LBoZ8QsNKKQ8mCkE6+mHWBMClfXX/trb+R85hgRT6G2epObiTnqROuWVFf
> > +4IKDFDZpnXdx1oW0dPMA6edgk0SNdLQKUTLEhdeegufCNy4txNNVveQ0fssChH/H
> > +UmZtHWieEg4H9HAUlxRPf+aUkW1dRpwYJJIKkK0vQd7BTRivS4vk3HnWLuk0bhpw
> > +gk214rPU8zJphksRNVj9641nUD/PJo0qztj9IJtrmrjI6YNz+yRIpRB8/vJDwqJT
> > +q1SZ5YBp+pS40j3jozRFGwqfGZziC5ZfK9RbB2un4ABh/NyRlTiAYhFVYpK8boJM
> > +oOzQe1nlbVwDf6Wty6voekrLOTnu4Y5GpY4Wq5AREyzShd0cpznDnmyjOIKWVA==
> > +=Xuim
> > +-----END PGP PUBLIC KEY BLOCK-----
> > diff --git a/debian/watch b/debian/watch
> > new file mode 100644
> > index 0000000000..ac0e235e69
> > --- /dev/null
> > +++ b/debian/watch
> > @@ -0,0 +1,3 @@
> > +version=4
> > +opts="uversionmangle=s%$%.0%,pgpsigurlmangle=s%@ARCHIVE_EXT@$%.tar.sign%,decompress"
> \
> > +
> https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-@ANY_VERSION@@ARCHIVE_EXT@
> > --
> > 2.34.1
> >
>

On Wed, Feb 14, 2024 at 11:49 AM Dimitri John Ledkov
<dimitri.ledkov@canonical.com> wrote:
>
>
>
> On Wed, 14 Feb 2024, 02:35 Masahiro Yamada, <masahiro.yamada@canonical.com> wrote:
>>
>> On Wed, Feb 7, 2024 at 11:02 AM Dimitri John Ledkov
>> <dimitri.ledkov@canonical.com> wrote:
>> >
>> > Reuse upstream released original kernel tarballs and verify GPG
>> > signature of them against the local copy of greg's key.
>> >
>> > This should make `uscan --download-current-version` work against
>> > released kernels, in a reproducible manner. This should also enforce
>> > that all our released kernels reuse the kernel.org published orig
>> > tarball.
>> >
>> > One caveat is that tripple integer version number is preserved (as in
>> > 6.7.0) whereas on kernel.org the tarballs are actually published as
>> > two integers only (as in 6.7). Although I seem to recall everything in
>> > the world breaks when one changes kernel version to not be three
>> > numbers long.
>>
>>
>>
>> Presumably, this is related, but I do not understand
>> why I can download 6.7.0, but not 6.7.1 ?
>
>
> Although we don't use the .n releases, the mangling of versions can be fixed up to work correctly for point tarballs too. Because yes that would be very convenient.


I slightly tweaked uversionmangle.


  uversionmangle=s%^([0-9]*\.[0-9]*)$%\\1.0%


With this,

  uscan --download-version  6.7.1

and

  uscan --download-version  6.7.0

worked.





> Also I wonder if in the future we could fetch the point release diff, apply that, then generate our delta patch. Because that would show the real deal. And preserve using the same orig tarball without exploding mirror storage.


Yes, this is my preference, and I asked in MM a couple of times,
although I did not get agreement.

https://chat.canonical.com/canonical/pl/uwzq86aqptgepdize8q3h8bz5a




>
>
>>
>>
>> masahiro@zoe:~/canonical/noble/linux$ uscan --download-version  6.7.0
>> Newest version of linux-unstable on remote site is 6.7.0, specified
>> download version is 6.7.0
>> gpgv: Signature made Mon 08 Jan 2024 02:47:49 PM JST
>> gpgv:                using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
>> gpgv: Good signature from "Greg Kroah-Hartman <gregkh@linuxfoundation.org>"
>> gpgv:                 aka "Greg Kroah-Hartman <gregkh@kernel.org>"
>> gpgv:                 aka "Greg Kroah-Hartman (Linux kernel stable
>> release signing key) <greg@kroah.com>"
>> Leaving ../linux-unstable_6.7.0.orig.tar.xz where it is.
>>
>> masahiro@zoe:~/canonical/noble/linux$ uscan --download-version  6.7.1
>> uscan warn: In debian/watch no matching hrefs for version 6.7.1 in watch line
>>   https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-(?:[-_]?v?(\d[\-+\.:\~\da-zA-Z]*))(?i)(?:\.(?:tar\.xz|tar\.bz2|tar\.gz|tar\.zstd?|zip|tgz|tbz|txz))
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> > Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
>> > ---
>> >  debian/upstream/signing-key.asc | 78 +++++++++++++++++++++++++++++++++
>> >  debian/watch                    |  3 ++
>> >  2 files changed, 81 insertions(+)
>> >  create mode 100644 debian/upstream/signing-key.asc
>> >  create mode 100644 debian/watch
>> >
>> > diff --git a/debian/upstream/signing-key.asc b/debian/upstream/signing-key.asc
>> > new file mode 100644
>> > index 0000000000..5e3addc4ac
>> > --- /dev/null
>> > +++ b/debian/upstream/signing-key.asc
>> > @@ -0,0 +1,78 @@
>> > +-----BEGIN PGP PUBLIC KEY BLOCK-----
>> > +
>> > +mQINBE58tdUBEADY5iQsoL4k8l06dNt+uP2lH8IPi14M51/tOHsW1ZNc8Iok0stH
>> > ++uA8w0LpN97UgNhsvXFEkIK2JjLalasUTiUoIeeTshD9t+ekFBx5a9SbLCFlBrDS
>> > +TwfieK2xalzomoL22N5ztj1XbdLWh6NRM6kKMeYvgAGo8p884WJk4pPIJK6G0wEw
>> > +e9/TG6ilRSLOtxyaF9yZ+FC1eOA1S47Ld2K25Y5GsQF5agwi7nES+9tVVBZp97kB
>> > +8IOvELeiSiY0xFXi60yfwIlK6x9dfcxsx5nCyrp2qdqQiPiMD0EJMiuA6wymoi5W
>> > +XtmfCpweTB8TvW8Y8uqrwYApzmDleBDTIDP0vCY1o9eftJcWWMkRKC9c7Ziy4nT6
>> > +TzmVkNXgqC8/BuOQbpU7I/1VCMoa6e+2a8jrgy5to4dGgu6xQ6jTxWbvgDeB6Hct
>> > +WGqf8f9s5lSpH8D8OZLDOXKolqnBd5YrJr0Qmpq4cCcIqwNCMbURtsTpbW/EdWl+
>> > +AKwnStXXLI5O6Hg+m4c3O8ZwbzcnAOgTJePm2Xoi71t9SbAZZx1/W7p6/57UGrXR
>> > +Q4WfiwpOPD0siF33yO2L7G7Gmm4zh8ieX8aS8guqfWFhuSsDta77F2FB9ozD9WN0
>> > +Z5tJowiy3Z1VkxvZjZH8IbcB05yBBBV47BJxrPnSuDT+w45yNTqZ6m4VYwARAQAB
>> > +tC9HcmVnIEtyb2FoLUhhcnRtYW4gPGdyZWdraEBsaW51eGZvdW5kYXRpb24ub3Jn
>> > +PokCTgQTAQgAOBYhBGR/KGVIlOO9RXGZvjjbvchgkmk+BQJaHvQRAhsDBQsJCAcC
>> > +BhUICQoLAgQWAgMBAh4BAheAAAoJEDjbvchgkmk+3/8P+gJ85fYDzXoy47y90FFi
>> > +PJqqtkZhf/VPMP5YOJzxCnGVh0CUwC2fGFV6SIU5V78Ede+gArocYq+LpTV4nJz5
>> > +SJZZxNBzuEW8t42juF6GZ9uB5SNlqYHUjWbM0bLpl1gut3pe9yJ7mQ2DaZUMYlav
>> > +D7sOAiKw/5pCyFLvY9a6ZJmp8QmPUU8Fb9kbbudxfjxgDrAwuVlnGU/I8YIZOHhX
>> > +s1hjBNagZCWcxawktDLPylifNOL5UtNuoLJRjsUVatAEjp+g1Xq2A8/t/mfi5K1p
>> > +juQaEr5fVzqhkPqt7UQbT1QuZghStYJ5QRunaYT1trvBXmrXKzebBKk85+nlh58g
>> > +fRNTyEt2eflNkU1XpFtNcCWo6rke/PZjtHb1CivHD/GhyogeGBfRAMRfmfNDZRZw
>> > +e5V+EBNI+RUexscvhVyTp0XhxgXdGy9KpSpWbuwGaQ+q9mVLrYRlNn1k3dnYaWxD
>> > +nk0x7xGCE59dd6vpckcD6t/SXujRwT4b0Ypw1jy3Ve3h8OTB5sP5SBpCA33DoQs9
>> > +ONbgtL3nX3XST7frXxBkfCD7D58gGCvFvZYAEd1MDGj3250UnBHUPGeVp7/+t/wH
>> > +MJ/E3rvb45RGYadd736i0vnJStPIae4M/bVG5qddRjU6mcpir5qYHAIrDz6QwWWF
>> > +2BvR7vqYKa36TGX7TORxuyfotCZHcmVnIEtyb2FoLUhhcnRtYW4gPGdyZWdraEBr
>> > +ZXJuZWwub3JnPokCTgQTAQgAOBYhBGR/KGVIlOO9RXGZvjjbvchgkmk+BQJaHvNA
>> > +AhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEDjbvchgkmk+TLEQAJ1Ux/6n
>> > +//f2jEVBdWb13qYFBBxKJMNeTU9yPMedQAAhrt68IU1Bt8+/nmZLm1iXWOvPQ019
>> > +21i3HBxANnbTqEYYYWnQJJyROiyTuwY7HWlguQXlkxLa1mahVuFee6DHO+O8IGU8
>> > +IM+PHdEL08e629sIluu3WGmNXXJ307j47UBu3QFA67YQ7YBmChl7AHBcSpKSplgN
>> > +82tbAYtrm5ywYHM5uMFhmbw/DJpzLdFsnzRT9E7PKhH+q1MyPojGT4Oytj3D1QZr
>> > +hp8yZ+Zp8TQnleXeBczLfpQPduzurqVomZpWwIZLHCgBJRWmz7/M0kTDIndQle9L
>> > +VcJtJqasrRmgL3NsKrYYBw+jHnBe2hp8aq6W3DVaUmkSdshran9ZCaLCpxt62NAg
>> > +UkI/eg1sSljo1aeXmF33ymYIpxavW5CGUYKlqYRLUT7en6t/mFiYCwPD22KOdLSf
>> > +svVG+pr4UNsfSZdIF+W9/FLW7HJVZGMIldsrGFv4lOtqiXdbRafMtylYw/mU+xhu
>> > +9+NslRRrbi1TlWS/BH7ULYu9zKahApf1DFRcrx0PyvtlFleoDZa88uIbmcUO8GzZ
>> > +XEhejTv9vNnbmjgvYsRywFcJPkJ/TObfasvvSU9GZn6aU36Y7GYSUGjD1anLiUpr
>> > +0FKkruymqBdXHaXGJ44GZ8Hhd5ZMTavwEX7BtE1HcmVnIEtyb2FoLUhhcnRtYW4g
>> > +KExpbnV4IGtlcm5lbCBzdGFibGUgcmVsZWFzZSBzaWduaW5nIGtleSkgPGdyZWdA
>> > +a3JvYWguY29tPokCOAQTAQIAIgUCTny11QIbAwYLCQgHAwIGFQgCCQoLBBYCAwEC
>> > +HgECF4AACgkQONu9yGCSaT5fXBAAx2NfTb1IZ59eV3PKtqNG0qwQdq/62oSqNKlv
>> > +lp/JzkeynjeJ7ic1IOs/CTTv2+xoPkLNcNhOPz7uem/4aa/my9A0AEp5UsF6Lvdo
>> > +/Hy7Jxc++0EgW//TyvWcU9qd5qS/85VZf8I5pL9TZtHVwfIfLME+G8hkQx0+CWRJ
>> > +loLFG48lwi8khp+TsCRYv1tQei7G22xAY5s+53TssaC1MXyQT7aJBGhwnbspY2Ia
>> > +RMzsrX0msZn+Fn5WlxxMDxUmUACFMyKGJ+1F6VY01nWolT3G1udOnpee66qXHJo6
>> > +XnzkNhzeH8Vf3sMe0sXx8YkN682g1NFaa+el0SDcXZvB91pFkWnQaQSfac5gI4Ki
>> > +ShxAqePAH6Og+a/fhs5XdyYw0SN50O+yaSnqEDl7JkByXVKJiVVihDuEe5JZXkoI
>> > +O/eTN6uceF89ZQiO/dFn0Kcqc4vL7uuI6FDMRZK7mY7bjFxFW1VjspcxhT1NdR7S
>> > +FNrK8Glzd5FS67oTwSNB3CzkJ3ON/kOJ8JSxFEt1ZTc2ZpQujrFyTtbksWm3Yy63
>> > +kbpwxRoR6xgaGwtx0SdkkWDCcA+2GZymCjk5FFQkAhoEk0tu/n5fvHS7TTZui9a2
>> > +HMsyqmgTJzeU0eQJDgmb/ahzW0VgjHtABaJr40Q83M9upkZdHFXSZb7UHFYkAdH1
>> > +OxdvSFW5Ag0ETny11QEQALIiIb/niWy6M6GfBMt/2EBWpLuE+FYVeUQGpGhXD2rU
>> > +hOo9UpoxBD/Y5mc5OaJsVL3fySYQldVFOaT7Pu0J1N5FXIBckgtbT3eg+TGD9WIf
>> > +Jy6ZpWjBKf6K4frwTwRpLBKqZhcA/78KzxFHeRHjV4cEVZVNoRtVqLYuTlbdlkH6
>> > +G2YxgCioxAfqvsGjsg2ES7Xl6xz3uaBH1DFX7S2LXHkDHnloWOTaDRe/4h2VnFHf
>> > +76xsJCgt2seJp91kI8bhuR7CUrO5mkRMhnp/z9v6vc2qcMv8EMK62FiBaqENaKg5
>> > +6ag8Icujar1YwXG7oYhOuYiWxqGpJUwg5+h/HeYw5Q8ue0UwHPCUZR14pzQCKxag
>> > +RMibiufOlS6URbCcBG44ddFAt2vqqopIo069moxfqt6OGig59cYv7PSMfHX25dV0
>> > +1Ns+2R1eo7qiktkV+3CSSs/dUArcTxyovuadIAUaZAJ3XqsS3FGzZsPYMYNM9faZ
>> > +qOfF6mmGmCZRJMMESWuWjc8ZnVAv4luyD18vlsr/J9rO0t28s4PJyqJGozEXLBLt
>> > +saCVihxBHMY7QK/pC0jRniLpeniDDHY875TIiG3nrmtR84nnW9WNOG6tuaIcB6hD
>> > +/DmSr72rRoNEpCa/eT7XiCOymGHS5gWR+94R1+J1rQZbd1T8gSq/nQQluJII7oz7
>> > +ABEBAAGJAjYEGAECAAkFAk58tdUCGwwAIQkQONu9yGCSaT4WIQRkfyhlSJTjvUVx
>> > +mb44273IYJJpPjBTEAC+6nWLKuUdxyHZEd/GmYVEFg07C2akTEkHL4pTMNnpGMxN
>> > +McVvDdiuSRcDVwxChsXa9PGc1mzkHYje7ayn8APUx4XEP8x7m15tlyMlMEfwMF8o
>> > +xHAXBfd9sfhfsxwsPpdgwgTPtWjR7exPMJWpkzbs2Y9muFYePTktAiWIt5S7Jfni
>> > +9jAvrqGW8+40+ESwi5ptUZhiFVZ3hlp+FwjRXcsZj8onAFmrimqXNU8QsyTFy8Ia
>> > +GLX0YN4XfVnz2mW6BXTbTuQiMVv7XXuhfgV7OW7UEalwL2zXZl32uHLcrMurAKjE
>> > +CBtku8LBoZ8QsNKKQ8mCkE6+mHWBMClfXX/trb+R85hgRT6G2epObiTnqROuWVFf
>> > +4IKDFDZpnXdx1oW0dPMA6edgk0SNdLQKUTLEhdeegufCNy4txNNVveQ0fssChH/H
>> > +UmZtHWieEg4H9HAUlxRPf+aUkW1dRpwYJJIKkK0vQd7BTRivS4vk3HnWLuk0bhpw
>> > +gk214rPU8zJphksRNVj9641nUD/PJo0qztj9IJtrmrjI6YNz+yRIpRB8/vJDwqJT
>> > +q1SZ5YBp+pS40j3jozRFGwqfGZziC5ZfK9RbB2un4ABh/NyRlTiAYhFVYpK8boJM
>> > +oOzQe1nlbVwDf6Wty6voekrLOTnu4Y5GpY4Wq5AREyzShd0cpznDnmyjOIKWVA==
>> > +=Xuim
>> > +-----END PGP PUBLIC KEY BLOCK-----
>> > diff --git a/debian/watch b/debian/watch
>> > new file mode 100644
>> > index 0000000000..ac0e235e69
>> > --- /dev/null
>> > +++ b/debian/watch
>> > @@ -0,0 +1,3 @@
>> > +version=4
>> > +opts="uversionmangle=s%$%.0%,pgpsigurlmangle=s%@ARCHIVE_EXT@$%.tar.sign%,decompress" \
>> > +https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-@ANY_VERSION@@ARCHIVE_EXT@
>> > --
>> > 2.34.1
>> >

On Wed, Feb 14, 2024 at 2:09 PM Masahiro Yamada
<masahiro.yamada@canonical.com> wrote:
>
> On Wed, Feb 14, 2024 at 11:49 AM Dimitri John Ledkov
> <dimitri.ledkov@canonical.com> wrote:
> >
> >
> >
> > On Wed, 14 Feb 2024, 02:35 Masahiro Yamada, <masahiro.yamada@canonical.com> wrote:
> >>
> >> On Wed, Feb 7, 2024 at 11:02 AM Dimitri John Ledkov
> >> <dimitri.ledkov@canonical.com> wrote:
> >> >
> >> > Reuse upstream released original kernel tarballs and verify GPG
> >> > signature of them against the local copy of greg's key.
> >> >
> >> > This should make `uscan --download-current-version` work against
> >> > released kernels, in a reproducible manner. This should also enforce
> >> > that all our released kernels reuse the kernel.org published orig
> >> > tarball.
> >> >
> >> > One caveat is that tripple integer version number is preserved (as in
> >> > 6.7.0) whereas on kernel.org the tarballs are actually published as
> >> > two integers only (as in 6.7). Although I seem to recall everything in
> >> > the world breaks when one changes kernel version to not be three
> >> > numbers long.
> >>
> >>
> >>
> >> Presumably, this is related, but I do not understand
> >> why I can download 6.7.0, but not 6.7.1 ?
> >
> >
> > Although we don't use the .n releases, the mangling of versions can be fixed up to work correctly for point tarballs too. Because yes that would be very convenient.
>
>
> I slightly tweaked uversionmangle.
>
>
>   uversionmangle=s%^([0-9]*\.[0-9]*)$%\\1.0%
>
>
> With this,
>
>   uscan --download-version  6.7.1
>
> and
>
>   uscan --download-version  6.7.0
>
> worked.



Ignoring the minute, better to merge it.


Acked-by: Masahiro Yamada <masahiro.yamada@canonical.com>



>
>
>
> > Also I wonder if in the future we could fetch the point release diff, apply that, then generate our delta patch. Because that would show the real deal. And preserve using the same orig tarball without exploding mirror storage.
>
>
> Yes, this is my preference, and I asked in MM a couple of times,
> although I did not get agreement.
>
> https://chat.canonical.com/canonical/pl/uwzq86aqptgepdize8q3h8bz5a
>
>
>
>
> >
> >
> >>
> >>
> >> masahiro@zoe:~/canonical/noble/linux$ uscan --download-version  6.7.0
> >> Newest version of linux-unstable on remote site is 6.7.0, specified
> >> download version is 6.7.0
> >> gpgv: Signature made Mon 08 Jan 2024 02:47:49 PM JST
> >> gpgv:                using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
> >> gpgv: Good signature from "Greg Kroah-Hartman <gregkh@linuxfoundation.org>"
> >> gpgv:                 aka "Greg Kroah-Hartman <gregkh@kernel.org>"
> >> gpgv:                 aka "Greg Kroah-Hartman (Linux kernel stable
> >> release signing key) <greg@kroah.com>"
> >> Leaving ../linux-unstable_6.7.0.orig.tar.xz where it is.
> >>
> >> masahiro@zoe:~/canonical/noble/linux$ uscan --download-version  6.7.1
> >> uscan warn: In debian/watch no matching hrefs for version 6.7.1 in watch line
> >>   https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-(?:[-_]?v?(\d[\-+\.:\~\da-zA-Z]*))(?i)(?:\.(?:tar\.xz|tar\.bz2|tar\.gz|tar\.zstd?|zip|tgz|tbz|txz))
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> > Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
> >> > ---
> >> >  debian/upstream/signing-key.asc | 78 +++++++++++++++++++++++++++++++++
> >> >  debian/watch                    |  3 ++
> >> >  2 files changed, 81 insertions(+)
> >> >  create mode 100644 debian/upstream/signing-key.asc
> >> >  create mode 100644 debian/watch
> >> >
> >> > diff --git a/debian/upstream/signing-key.asc b/debian/upstream/signing-key.asc
> >> > new file mode 100644
> >> > index 0000000000..5e3addc4ac
> >> > --- /dev/null
> >> > +++ b/debian/upstream/signing-key.asc
> >> > @@ -0,0 +1,78 @@
> >> > +-----BEGIN PGP PUBLIC KEY BLOCK-----
> >> > +
> >> > +mQINBE58tdUBEADY5iQsoL4k8l06dNt+uP2lH8IPi14M51/tOHsW1ZNc8Iok0stH
> >> > ++uA8w0LpN97UgNhsvXFEkIK2JjLalasUTiUoIeeTshD9t+ekFBx5a9SbLCFlBrDS
> >> > +TwfieK2xalzomoL22N5ztj1XbdLWh6NRM6kKMeYvgAGo8p884WJk4pPIJK6G0wEw
> >> > +e9/TG6ilRSLOtxyaF9yZ+FC1eOA1S47Ld2K25Y5GsQF5agwi7nES+9tVVBZp97kB
> >> > +8IOvELeiSiY0xFXi60yfwIlK6x9dfcxsx5nCyrp2qdqQiPiMD0EJMiuA6wymoi5W
> >> > +XtmfCpweTB8TvW8Y8uqrwYApzmDleBDTIDP0vCY1o9eftJcWWMkRKC9c7Ziy4nT6
> >> > +TzmVkNXgqC8/BuOQbpU7I/1VCMoa6e+2a8jrgy5to4dGgu6xQ6jTxWbvgDeB6Hct
> >> > +WGqf8f9s5lSpH8D8OZLDOXKolqnBd5YrJr0Qmpq4cCcIqwNCMbURtsTpbW/EdWl+
> >> > +AKwnStXXLI5O6Hg+m4c3O8ZwbzcnAOgTJePm2Xoi71t9SbAZZx1/W7p6/57UGrXR
> >> > +Q4WfiwpOPD0siF33yO2L7G7Gmm4zh8ieX8aS8guqfWFhuSsDta77F2FB9ozD9WN0
> >> > +Z5tJowiy3Z1VkxvZjZH8IbcB05yBBBV47BJxrPnSuDT+w45yNTqZ6m4VYwARAQAB
> >> > +tC9HcmVnIEtyb2FoLUhhcnRtYW4gPGdyZWdraEBsaW51eGZvdW5kYXRpb24ub3Jn
> >> > +PokCTgQTAQgAOBYhBGR/KGVIlOO9RXGZvjjbvchgkmk+BQJaHvQRAhsDBQsJCAcC
> >> > +BhUICQoLAgQWAgMBAh4BAheAAAoJEDjbvchgkmk+3/8P+gJ85fYDzXoy47y90FFi
> >> > +PJqqtkZhf/VPMP5YOJzxCnGVh0CUwC2fGFV6SIU5V78Ede+gArocYq+LpTV4nJz5
> >> > +SJZZxNBzuEW8t42juF6GZ9uB5SNlqYHUjWbM0bLpl1gut3pe9yJ7mQ2DaZUMYlav
> >> > +D7sOAiKw/5pCyFLvY9a6ZJmp8QmPUU8Fb9kbbudxfjxgDrAwuVlnGU/I8YIZOHhX
> >> > +s1hjBNagZCWcxawktDLPylifNOL5UtNuoLJRjsUVatAEjp+g1Xq2A8/t/mfi5K1p
> >> > +juQaEr5fVzqhkPqt7UQbT1QuZghStYJ5QRunaYT1trvBXmrXKzebBKk85+nlh58g
> >> > +fRNTyEt2eflNkU1XpFtNcCWo6rke/PZjtHb1CivHD/GhyogeGBfRAMRfmfNDZRZw
> >> > +e5V+EBNI+RUexscvhVyTp0XhxgXdGy9KpSpWbuwGaQ+q9mVLrYRlNn1k3dnYaWxD
> >> > +nk0x7xGCE59dd6vpckcD6t/SXujRwT4b0Ypw1jy3Ve3h8OTB5sP5SBpCA33DoQs9
> >> > +ONbgtL3nX3XST7frXxBkfCD7D58gGCvFvZYAEd1MDGj3250UnBHUPGeVp7/+t/wH
> >> > +MJ/E3rvb45RGYadd736i0vnJStPIae4M/bVG5qddRjU6mcpir5qYHAIrDz6QwWWF
> >> > +2BvR7vqYKa36TGX7TORxuyfotCZHcmVnIEtyb2FoLUhhcnRtYW4gPGdyZWdraEBr
> >> > +ZXJuZWwub3JnPokCTgQTAQgAOBYhBGR/KGVIlOO9RXGZvjjbvchgkmk+BQJaHvNA
> >> > +AhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEDjbvchgkmk+TLEQAJ1Ux/6n
> >> > +//f2jEVBdWb13qYFBBxKJMNeTU9yPMedQAAhrt68IU1Bt8+/nmZLm1iXWOvPQ019
> >> > +21i3HBxANnbTqEYYYWnQJJyROiyTuwY7HWlguQXlkxLa1mahVuFee6DHO+O8IGU8
> >> > +IM+PHdEL08e629sIluu3WGmNXXJ307j47UBu3QFA67YQ7YBmChl7AHBcSpKSplgN
> >> > +82tbAYtrm5ywYHM5uMFhmbw/DJpzLdFsnzRT9E7PKhH+q1MyPojGT4Oytj3D1QZr
> >> > +hp8yZ+Zp8TQnleXeBczLfpQPduzurqVomZpWwIZLHCgBJRWmz7/M0kTDIndQle9L
> >> > +VcJtJqasrRmgL3NsKrYYBw+jHnBe2hp8aq6W3DVaUmkSdshran9ZCaLCpxt62NAg
> >> > +UkI/eg1sSljo1aeXmF33ymYIpxavW5CGUYKlqYRLUT7en6t/mFiYCwPD22KOdLSf
> >> > +svVG+pr4UNsfSZdIF+W9/FLW7HJVZGMIldsrGFv4lOtqiXdbRafMtylYw/mU+xhu
> >> > +9+NslRRrbi1TlWS/BH7ULYu9zKahApf1DFRcrx0PyvtlFleoDZa88uIbmcUO8GzZ
> >> > +XEhejTv9vNnbmjgvYsRywFcJPkJ/TObfasvvSU9GZn6aU36Y7GYSUGjD1anLiUpr
> >> > +0FKkruymqBdXHaXGJ44GZ8Hhd5ZMTavwEX7BtE1HcmVnIEtyb2FoLUhhcnRtYW4g
> >> > +KExpbnV4IGtlcm5lbCBzdGFibGUgcmVsZWFzZSBzaWduaW5nIGtleSkgPGdyZWdA
> >> > +a3JvYWguY29tPokCOAQTAQIAIgUCTny11QIbAwYLCQgHAwIGFQgCCQoLBBYCAwEC
> >> > +HgECF4AACgkQONu9yGCSaT5fXBAAx2NfTb1IZ59eV3PKtqNG0qwQdq/62oSqNKlv
> >> > +lp/JzkeynjeJ7ic1IOs/CTTv2+xoPkLNcNhOPz7uem/4aa/my9A0AEp5UsF6Lvdo
> >> > +/Hy7Jxc++0EgW//TyvWcU9qd5qS/85VZf8I5pL9TZtHVwfIfLME+G8hkQx0+CWRJ
> >> > +loLFG48lwi8khp+TsCRYv1tQei7G22xAY5s+53TssaC1MXyQT7aJBGhwnbspY2Ia
> >> > +RMzsrX0msZn+Fn5WlxxMDxUmUACFMyKGJ+1F6VY01nWolT3G1udOnpee66qXHJo6
> >> > +XnzkNhzeH8Vf3sMe0sXx8YkN682g1NFaa+el0SDcXZvB91pFkWnQaQSfac5gI4Ki
> >> > +ShxAqePAH6Og+a/fhs5XdyYw0SN50O+yaSnqEDl7JkByXVKJiVVihDuEe5JZXkoI
> >> > +O/eTN6uceF89ZQiO/dFn0Kcqc4vL7uuI6FDMRZK7mY7bjFxFW1VjspcxhT1NdR7S
> >> > +FNrK8Glzd5FS67oTwSNB3CzkJ3ON/kOJ8JSxFEt1ZTc2ZpQujrFyTtbksWm3Yy63
> >> > +kbpwxRoR6xgaGwtx0SdkkWDCcA+2GZymCjk5FFQkAhoEk0tu/n5fvHS7TTZui9a2
> >> > +HMsyqmgTJzeU0eQJDgmb/ahzW0VgjHtABaJr40Q83M9upkZdHFXSZb7UHFYkAdH1
> >> > +OxdvSFW5Ag0ETny11QEQALIiIb/niWy6M6GfBMt/2EBWpLuE+FYVeUQGpGhXD2rU
> >> > +hOo9UpoxBD/Y5mc5OaJsVL3fySYQldVFOaT7Pu0J1N5FXIBckgtbT3eg+TGD9WIf
> >> > +Jy6ZpWjBKf6K4frwTwRpLBKqZhcA/78KzxFHeRHjV4cEVZVNoRtVqLYuTlbdlkH6
> >> > +G2YxgCioxAfqvsGjsg2ES7Xl6xz3uaBH1DFX7S2LXHkDHnloWOTaDRe/4h2VnFHf
> >> > +76xsJCgt2seJp91kI8bhuR7CUrO5mkRMhnp/z9v6vc2qcMv8EMK62FiBaqENaKg5
> >> > +6ag8Icujar1YwXG7oYhOuYiWxqGpJUwg5+h/HeYw5Q8ue0UwHPCUZR14pzQCKxag
> >> > +RMibiufOlS6URbCcBG44ddFAt2vqqopIo069moxfqt6OGig59cYv7PSMfHX25dV0
> >> > +1Ns+2R1eo7qiktkV+3CSSs/dUArcTxyovuadIAUaZAJ3XqsS3FGzZsPYMYNM9faZ
> >> > +qOfF6mmGmCZRJMMESWuWjc8ZnVAv4luyD18vlsr/J9rO0t28s4PJyqJGozEXLBLt
> >> > +saCVihxBHMY7QK/pC0jRniLpeniDDHY875TIiG3nrmtR84nnW9WNOG6tuaIcB6hD
> >> > +/DmSr72rRoNEpCa/eT7XiCOymGHS5gWR+94R1+J1rQZbd1T8gSq/nQQluJII7oz7
> >> > +ABEBAAGJAjYEGAECAAkFAk58tdUCGwwAIQkQONu9yGCSaT4WIQRkfyhlSJTjvUVx
> >> > +mb44273IYJJpPjBTEAC+6nWLKuUdxyHZEd/GmYVEFg07C2akTEkHL4pTMNnpGMxN
> >> > +McVvDdiuSRcDVwxChsXa9PGc1mzkHYje7ayn8APUx4XEP8x7m15tlyMlMEfwMF8o
> >> > +xHAXBfd9sfhfsxwsPpdgwgTPtWjR7exPMJWpkzbs2Y9muFYePTktAiWIt5S7Jfni
> >> > +9jAvrqGW8+40+ESwi5ptUZhiFVZ3hlp+FwjRXcsZj8onAFmrimqXNU8QsyTFy8Ia
> >> > +GLX0YN4XfVnz2mW6BXTbTuQiMVv7XXuhfgV7OW7UEalwL2zXZl32uHLcrMurAKjE
> >> > +CBtku8LBoZ8QsNKKQ8mCkE6+mHWBMClfXX/trb+R85hgRT6G2epObiTnqROuWVFf
> >> > +4IKDFDZpnXdx1oW0dPMA6edgk0SNdLQKUTLEhdeegufCNy4txNNVveQ0fssChH/H
> >> > +UmZtHWieEg4H9HAUlxRPf+aUkW1dRpwYJJIKkK0vQd7BTRivS4vk3HnWLuk0bhpw
> >> > +gk214rPU8zJphksRNVj9641nUD/PJo0qztj9IJtrmrjI6YNz+yRIpRB8/vJDwqJT
> >> > +q1SZ5YBp+pS40j3jozRFGwqfGZziC5ZfK9RbB2un4ABh/NyRlTiAYhFVYpK8boJM
> >> > +oOzQe1nlbVwDf6Wty6voekrLOTnu4Y5GpY4Wq5AREyzShd0cpznDnmyjOIKWVA==
> >> > +=Xuim
> >> > +-----END PGP PUBLIC KEY BLOCK-----
> >> > diff --git a/debian/watch b/debian/watch
> >> > new file mode 100644
> >> > index 0000000000..ac0e235e69
> >> > --- /dev/null
> >> > +++ b/debian/watch
> >> > @@ -0,0 +1,3 @@
> >> > +version=4
> >> > +opts="uversionmangle=s%$%.0%,pgpsigurlmangle=s%@ARCHIVE_EXT@$%.tar.sign%,decompress" \
> >> > +https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-@ANY_VERSION@@ARCHIVE_EXT@
> >> > --
> >> > 2.34.1
> >> >