| *** iwamatsu__ has joined #cip | 01:06 | |
| *** iwamatsu__ has quit IRC | 06:26 | |
| *** pave1 has joined #cip | 08:57 | |
| *** vidda has joined #cip | 09:00 | |
| szlin | #startmeeting CIP IRC weekly meeting | 09:00 |
|---|---|---|
| brlogger | Meeting started Thu May 16 09:00:14 2019 UTC and is due to finish in 60 minutes. The chair is szlin. Information about MeetBot at http://wiki.debian.org/MeetBot. | 09:00 |
| brlogger | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 09:00 |
| brlogger | The meeting name has been set to 'cip_irc_weekly_meeting' | 09:00 |
| *** brlogger changes topic to " (Meeting topic: CIP IRC weekly meeting)" | 09:00 | |
| szlin | #topic rollcall | 09:00 |
| *** brlogger changes topic to "rollcall (Meeting topic: CIP IRC weekly meeting)" | 09:00 | |
| szlin | please say hi if you're here | 09:00 |
| iwamatsu | hi | 09:00 |
| patersonc | hi | 09:00 |
| vidda | hi | 09:00 |
| pave1 | hi | 09:00 |
| mungaip[m] | hi | 09:00 |
| *** kazu_ has joined #cip | 09:00 | |
| fujita[m] | hi | 09:00 |
| kazu_ | hi | 09:01 |
| szlin | #topic AI review | 09:01 |
| *** brlogger changes topic to "AI review (Meeting topic: CIP IRC weekly meeting)" | 09:01 | |
| szlin | AI: Send list of binary packages to cip-dev - kazu | 09:01 |
| kazu_ | See https://lists.cip-project.org/pipermail/cip-dev/2019-May/002225.html | 09:01 |
| szlin | #info https://lists.cip-project.org/pipermail/cip-dev/2019-May/002225.html | 09:01 |
| szlin | kazu_: thank you! | 09:01 |
| szlin | -> Done | 09:01 |
| szlin | #topic Kernel maintenance updates | 09:01 |
| *** brlogger changes topic to "Kernel maintenance updates (Meeting topic: CIP IRC weekly meeting)" | 09:01 | |
| *** sangorrin has joined #cip | 09:02 | |
| szlin | iwamatsu: pave1 give the floor to you | 09:02 |
| pave1 | I did some more reviews. | 09:02 |
| pave1 | More importantly, I created scripts that allow me to tell when the same patch was reviewed in 4.4 / 4.19, so it is easier to mark it as already reviewed. | 09:03 |
| pave1 | Results are in lts-commit-list repository. | 09:03 |
| patersonc | Nice | 09:03 |
| iwamatsu | pavel: thanks | 09:03 |
| pave1 | We should at some point decide where to put such scripts. | 09:04 |
| szlin | pave1: thank you! | 09:04 |
| pave1 | But from the conference call... it seems that more pressing issue is that we should actually do some kernel releases :-). | 09:04 |
| patersonc | Ha | 09:05 |
| patersonc | pave1: iwamatsu: I had a question about the patches from Fab | 09:05 |
| patersonc | iwamatsu-san has asked Fab to do a v2 on the novel patches, however I think they have already been applied by pave1 | 09:06 |
| patersonc | How should we continue? | 09:06 |
| pave1 | Yep, sorry about that. I guess I was a bit too quick there. | 09:06 |
| iwamatsu | pavel: no problem. I guess we use force push. | 09:07 |
| patersonc | No worries :) | 09:07 |
| szlin | pave1: could you share the script? not sure if you already did. | 09:08 |
| patersonc | Okay. I'll ask Fab to repost the whole series then to make it easier for you. | 09:08 |
| pave1 | iwamatsu: If we decide to rollback the repository, we should do it ASAP (because it will cause problems for people pulling it in the meantime). | 09:08 |
| iwamatsu | patersonc: OK, thanks. | 09:09 |
| patersonc | pave1: Agreed | 09:09 |
| patersonc | We should work out a way to avoid this in future though. | 09:09 |
| iwamatsu | pavel: Agree. I will rollback now | 09:09 |
| pave1 | iwamatsu: Thanks! | 09:09 |
| szlin | any other topic? | 09:10 |
| pave1 | szlin: Yes, I can. I guess easiest option would be to put it directly into lts-commit-list repository. | 09:10 |
| szlin | pave1: yes, please | 09:10 |
| pave1 | szlin: ok ;-). | 09:10 |
| szlin | pave1: thank you for your great effort | 09:10 |
| iwamatsu | pavel: and about your scirpt of reviewing, I think you can use -commit-list repository. | 09:11 |
| szlin | Ben shared the news with MDS and other speculation issues | 09:11 |
| szlin | #info https://lists.cip-project.org/pipermail/cip-dev/2019-May/002305.html | 09:11 |
| iwamatsu | pavel: OK | 09:11 |
| sangorrin | do we need to update microcode? | 09:11 |
| sangorrin | the latest seems old: https://downloadcenter.intel.com/download/28087/Linux-Processor-Microcode-Data-File | 09:11 |
| pave1 | sangorrin: If you run Intel CPUs in production then yes, microcode update is needed AFAICT. | 09:12 |
| sangorrin | ok, I will wait until it is published then | 09:13 |
| szlin | #action Upload check script to lts-commit-list repository - Pavel | 09:13 |
| szlin | any other topic? | 09:13 |
| szlin | 3 | 09:13 |
| szlin | 2 | 09:13 |
| szlin | 1 | 09:13 |
| pave1 | ye | 09:14 |
| pave1 | yes. | 09:14 |
| pave1 | In the emails, there was a question when to do the -cip kernel releases. | 09:14 |
| pave1 | I'd say it does not matter much _when_ we do it, as long as we do them relatively regulary. | 09:14 |
| pave1 | But it sounds like we should do one now. | 09:14 |
| patersonc | Agreed. | 09:15 |
| pave1 | iwamatsu: Can you do the release (and perhaps document steps doing so)? | 09:15 |
| pave1 | Or should I attempt to do a release? Or is there good reason release should wait? | 09:15 |
| iwamatsu | pavel: OK, I will release 4.4 and 4.19. | 09:16 |
| pave1 | iwamatsu: Thanks! | 09:16 |
| szlin | iwamatsu: do you have the time table? | 09:16 |
| iwamatsu | I will start working after this meeting. | 09:16 |
| szlin | #action 4.4 and 4.19 kernel will be released - iwamatsu | 09:18 |
| iwamatsu | szlin: for release? I can release it tomorrow morning at japan time. | 09:18 |
| szlin | iwamatsu: got it, thanks. | 09:18 |
| szlin | iwamatsu: can you prepare the release document for us? | 09:18 |
| sangorrin | maybe it would be good to release 4.4 after the spectre test | 09:18 |
| sangorrin | Ben mentioned that he didn't test it much | 09:19 |
| pave1 | sangorrin: I'd prefer to do the release now. I've seen the patches... | 09:19 |
| iwamatsu | szlin: sure | 09:19 |
| szlin | #action Prepare the CIP kernel release document - Iwamatsu | 09:19 |
| szlin | iwamatsu: many thanks! | 09:19 |
| pave1 | ..and there's 260 of them. That will take some time. | 09:19 |
| fujita[m] | iwamatsu: I have a question | 09:19 |
| sangorrin | pave1: OK | 09:20 |
| pave1 | We'll probably want to do another release after it settles down, but I'd not slow it down now. | 09:20 |
| iwamatsu | sangorrin: 4.4.180 is not release yet. We need to release this version. | 09:20 |
| fujita[m] | Can we assume 4.19 is suitable for 32bit Arm arch? | 09:20 |
| fujita[m] | Currently no 32bit arm boards are used for 4.19 | 09:21 |
| szlin | #agree Release CIP kernel 4.4 without MDS and other speculation patches | 09:21 |
| iwamatsu | fujita[m]: Yes, I think so. 4.19 | 09:22 |
| iwamatsu | 4.19 is also used by other ARM SoCs. | 09:22 |
| fujita[m] | Understood. Thanks | 09:22 |
| szlin | any other topic? | 09:22 |
| szlin | #topic Kernel testing | 09:23 |
| *** brlogger changes topic to "Kernel testing (Meeting topic: CIP IRC weekly meeting)" | 09:23 | |
| iwamatsu | If renesas does not support aarch32 in 4.19, we may need to consider other ARM SoCs as real hardware. | 09:23 |
| patersonc | iwamatsu: The iwg20m and iwg22m are present in the v4.19 Kernel, but Renesas doesn't have a BSP using that Kernel | 09:24 |
| iwamatsu | patersonc: 4,4.y only use? | 09:25 |
| patersonc | I guess there is no reason not to support iwg20m in cip-core with v4.19, so we can probably still test the CIP Kernel | 09:25 |
| patersonc | iwamatsu: Our RZ/G1 BSP uses CIP v4.4. The RZ/G2 BSP uses CIP v4.19 | 09:25 |
| pave1 | fujita: What SoC do you use? I believe best option would be to test a similar configuration. | 09:25 |
| fujita[m] | Renesas can also propose another boards for 4.19 if you want. | 09:26 |
| iwamatsu | patersonc: I see. | 09:26 |
| pave1 | fujita: 32-bit vs. 64-bit is only part of the problem... There is a lot of drivers involved. | 09:26 |
| fujita[m] | Currently, we are using RZ/G1 and G2 series SOCs | 09:26 |
| sangorrin | patersonc: we should use cip-core not renesas bsp (as a project) | 09:26 |
| pave1 | fujita: Aha, ok. | 09:26 |
| patersonc | sangorrin: Agreed | 09:26 |
| fujita[m] | sangorrin: I also agreed | 09:27 |
| fujita[m] | pave1: correct | 09:27 |
| szlin | any other topic? | 09:28 |
| szlin | for kernel testing | 09:28 |
| patersonc | For testing... | 09:29 |
| patersonc | As mentioned in the TSC we now have an RZ/G2M board in the LAVA lab | 09:29 |
| patersonc | Good for v4.19 testing | 09:29 |
| patersonc | iwamatsu: I see you've already run a test - great | 09:29 |
| sangorrin | patersonc: do we have spectre/meltdown tests? | 09:29 |
| patersonc | sangorrin: Not at the moment | 09:29 |
| szlin | patersonc: thank you for your work :D | 09:30 |
| patersonc | szlin: It was all mungaip :) | 09:30 |
| sangorrin | patersonc: i will try to add them when i get some time | 09:31 |
| szlin | mungaip[m]: :D | 09:31 |
| patersonc | sangorrin: Great | 09:31 |
| szlin | any other topic? | 09:31 |
| szlin | 3 | 09:31 |
| szlin | 2 | 09:31 |
| szlin | 1 | 09:31 |
| szlin | #topic CIP Core | 09:31 |
| *** brlogger changes topic to "CIP Core (Meeting topic: CIP IRC weekly meeting)" | 09:31 | |
| patersonc | sangorrin: If you get time, can you submit a PR to https://gitlab.com/cip-project/cip-testing/cip-kernel-tests? | 09:31 |
| sangorrin | patersonc: yes | 09:32 |
| szlin | The CIP Security WG plans to provide the essential packages (est.)two weeks later | 09:32 |
| kazu_ | szlin: thank you for the confirmation | 09:32 |
| szlin | kazu_: give the floor to you | 09:32 |
| sangorrin | cip-core will need more resources to deal with the requirements from cip security | 09:32 |
| szlin | sangorrin: do you mean human resources? | 09:32 |
| sangorrin | there are many things to add: microcode loading, encryption, integrity, secure boot?, apparmor.. | 09:33 |
| sangorrin | yeah, we need to collaborate between both groups | 09:33 |
| szlin | let's loop these two groups | 09:33 |
| sangorrin | szlin: sure | 09:34 |
| szlin | we can have a discussion with it, I can arrange this. | 09:34 |
| szlin | kazu_: sangorrin is it ok for you? | 09:34 |
| kazu_ | szlin: Yes | 09:35 |
| szlin | #action Arrange a meeting between CIP core and CIP security WG - szlin | 09:35 |
| szlin | any other topic? | 09:35 |
| kazu_ | In the above mail, I proposed the next steps to decide supported package list. I need to decide the due date for additional discussion, it should be before the next TSC meeting. | 09:35 |
| kazu_ | #info https://lists.cip-project.org/pipermail/cip-dev/2019-May/002225.html | 09:36 |
| szlin | kazu_: thank you for the update | 09:36 |
| szlin | any other topic? | 09:36 |
| szlin | 3 | 09:36 |
| szlin | 2 | 09:36 |
| szlin | 1 | 09:36 |
| szlin | #topic Software update | 09:37 |
| *** brlogger changes topic to "Software update (Meeting topic: CIP IRC weekly meeting)" | 09:37 | |
| sangorrin | No updates, we will have a meeting next week. | 09:37 |
| sangorrin | If someone wants to participate in the group/meetings let me know. | 09:37 |
| szlin | sangorrin: is it a public or private meeting? | 09:37 |
| sangorrin | it is open to any CIP member | 09:38 |
| szlin | sangorrin: I see, could you send the invitation email to cip-members? | 09:38 |
| sangorrin | ok, I will ask Christian | 09:39 |
| szlin | sangorrin: thank you. | 09:39 |
| szlin | any other topic? | 09:39 |
| szlin | 3 | 09:39 |
| szlin | 2 | 09:39 |
| szlin | 1 | 09:39 |
| szlin | #topic AOB | 09:39 |
| *** brlogger changes topic to "AOB (Meeting topic: CIP IRC weekly meeting)" | 09:39 | |
| szlin | any other business? | 09:39 |
| szlin | 3 | 09:40 |
| szlin | 2 | 09:40 |
| szlin | 1 | 09:40 |
| szlin | #endmeeting | 09:40 |
| brlogger | Meeting ended Thu May 16 09:40:06 2019 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 09:40 |
| brlogger | Minutes: https://irclogs.baserock.org/meetings/cip/2019/05/cip.2019-05-16-09.00.html | 09:40 |
| brlogger | Minutes (text): https://irclogs.baserock.org/meetings/cip/2019/05/cip.2019-05-16-09.00.txt | 09:40 |
| brlogger | Log: https://irclogs.baserock.org/meetings/cip/2019/05/cip.2019-05-16-09.00.log.html | 09:40 |
| *** brlogger changes topic to "Civil Infrastructure Platform Project. Find the logs at https://irclogs.baserock.org/cip/" | 09:40 | |
| szlin | thank you all! | 09:40 |
| pave1 | Thank you! | 09:40 |
| kazu_ | Thank you | 09:40 |
| sangorrin | xie xie! | 09:40 |
| fujita[m] | Thank you | 09:40 |
| iwamatsu | thank you! | 09:40 |
| pave1 | sangorrin: Are you running Intel CPUs in production? | 09:40 |
| pave1 | Do you use hyperthreading? Do you run untrusted code? | 09:41 |
| sangorrin | I disable the HT on the bios | 09:42 |
| pave1 | That's probably good idea at the moment. I'm using "l1tf=full" on kernel command line, which disables HT as a side effect. | 09:43 |
| sangorrin | oh, good to know, I will note it down | 09:43 |
| sangorrin | our systems are usually not directly connected to the Internet, but just in case. | 09:44 |
| pave1 | sanorrin: For the spectre/meltdown, it is okay to be connected to the internet, but it is dangerous to run untrusted code. | 09:45 |
| sangorrin | you mean sometthing like javascript? | 09:46 |
| pave1 | Yes, like javascript. | 09:46 |
| pave1 | Or cloud provider running VMs from customers, or shell provider giving access to strangers. | 09:47 |
| sangorrin | docker can be also an issue if it was used | 09:47 |
| sangorrin | specially if you dont have your own registry | 09:47 |
| sangorrin | fortunately Ive always disabled HT because it causes some real-time issues | 09:48 |
| pave1 | Yes. It is good to have the issues fixed. | 09:48 |
| pave1 | But the complex CPUs are so complex that new issues can be expected in future :-(. | 09:49 |
| sangorrin | pave1: thanks for the advice! | 09:50 |
| pave1 | You are welcome. Sorry for bad news... | 09:51 |
| *** sangorrin has quit IRC | 09:56 | |
| *** kazu_ has quit IRC | 09:56 | |
| *** pave1 has quit IRC | 10:04 | |
| *** bwh has joined #cip | 13:01 | |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!