IRC logs for #cip for Thursday, 2020-10-08

*** patersonc has quit IRC06:35
*** yoshidak[m] has quit IRC06:35
*** patersonc has joined #cip06:41
*** rajm has joined #cip06:45
*** yoshidak[m] has joined #cip06:55
*** monstr has joined #cip07:11
*** masashi910 has joined #cip08:11
*** fujita has joined #cip08:47
*** pavelm1 has joined #cip08:59
masashi910#startmeeting CIP IRC weekly meeting09:00
brlogger`Meeting started Thu Oct  8 09:00:00 2020 UTC and is due to finish in 60 minutes.  The chair is masashi910. Information about MeetBot at http://wiki.debian.org/MeetBot.09:00
brlogger`Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.09:00
brlogger`The meeting name has been set to 'cip_irc_weekly_meeting'09:00
*** brlogger` changes topic to " (Meeting topic: CIP IRC weekly meeting)"09:00
masashi910#topic rollcall09:00
*** brlogger` changes topic to "rollcall (Meeting topic: CIP IRC weekly meeting)"09:00
masashi910please say hi if you're around09:00
pavelm1hi09:00
wenshi09:00
masashi910Today yoshidak[m] and iwamatsu are not here, so I will share their status.09:01
masashi910#topic AI review09:01
*** brlogger` changes topic to "AI review (Meeting topic: CIP IRC weekly meeting)"09:01
masashi9101. Combine root filesystem with kselftest binary - iwamatsu09:01
masashi910Quote from Iwamatsu-san "No update."09:01
masashi9102. Check whether CVE-2020-25284 needs to be backported to 4.4-rt09:01
masashi910      ->  Delete rbd ( Ceph block device ) from 4.4-rt x86 config - iwamatsu09:01
masashi910      ->  Done, so I close it.09:01
masashi910https://lore.kernel.org/cip-dev/OSBPR01MB29833C0DA59C4F77B159DE2492300@OSBPR01MB2983.jpnprd01.prod.outlook.com/09:02
masashi910any other topics?09:02
masashi910309:02
masashi910209:02
masashi910109:02
masashi910#topic Kernel maintenance updates09:02
*** brlogger` changes topic to "Kernel maintenance updates (Meeting topic: CIP IRC weekly meeting)"09:02
masashi910== Quote from iwamatsu ==09:02
masashi910I reviewed 4.4.y-rc.09:02
masashi910====09:02
pavelm1I have released v4.19.148-cip35-rt15, and reviewed 4.19.150.09:02
wensFive new CVEs:09:03
wens- CVE-2019-0145, CVE-2019-0147, CVE-2019-0148 [net/i40e] - Fixed for09:03
wensmainline and 4.19+09:03
wens  - This is enabled in Siemens x86 configs for both 4.4 and 4.1909:03
wens    and we should probably backport them.09:03
wens- CVE-2020-25643 [hdlc_ppp] - Fixed in all current stable kernels09:03
wens- CVE-2020-26541 [UEFI secure boot] - Fix posted but hasn't landed09:03
wensI also reviewed some patches from Daniel for cip-kernel-sec on the mailing list09:03
masashi910pavelm1, wens: Thanks for your reports!09:03
pavelm1v4.19.148-cip35-rt15 has problems on arm64_renesas.09:04
pavelm1Question is if we should release -rt16 cca next week to fix them.09:04
masashi910pavelm1: Thanks for raising this. Does anyone have any opinion?09:05
patersoncIf it's not too much hassle it may be worth doing.09:05
patersoncWe should try and keep things working on our reference platforms if possible imho09:06
pavelm1I was wondering if someone is using realtime branch on renesas.09:06
patersoncRenesas is. We have a RT version of our BSP based on cip-rt.09:07
pavelm1Ok.09:07
patersoncThat said, we don't follow every release, so it's not a showstopper for us09:07
pavelm1So I'll do -rt16 when new -cip is available.09:07
masashi910pavelm1, patersonc: Thanks for your discussion.09:07
patersoncThank you for your efforts pavelm109:07
masashi910Any other topics?09:09
masashi910wens: BTW, you mention that - CVE-2019-0145, CVE-2019-0147, CVE-2019-0148 [net/i40e] - Fixed for09:10
masashi910<wens> mainline and 4.19+09:10
wensyes.09:10
pavelm1i40e stuff. I'll take a look.09:10
wensi40e is a high-end 10/40G ethernet adapter09:10
masashi910wens: Does it mean LTS4.4 backporting might be needed?09:10
wensmakes sense Siemens might use it on their servers09:10
pavelm1If someone has git hashes, that is more useful than CVE numbers.09:10
wensthe hashes are in cip-kernel-sec09:11
wensjust a min.09:11
pavelm1Ok, let's talk after the meeting.09:11
pavelm1I'll need to learn to pull them myself.09:11
wenshttps://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/merge_requests/75/diffs09:11
wensso the annoying thing about this group of CVEs is that Intel failed to tag the mainline patches09:12
pavelm1Thank you.09:12
wensthey later requested backports of four patches # https://lists.osuosl.org/pipermail/intel-wired-lan/Week-of-Mon-20200810/021006.html09:12
masashi910wens, pavelm1: thanks. If needed, let's discuss offline.09:12
pavelm1wens: Well, that used to be common policy. Don't talk about CVEs in commit logs.09:12
wensbut it is unclear which patch fixes what issue, or whether they are sufficient09:12
wenspavelm1: I meant they didn't add Fixes tags09:13
wensmasashi910: ok09:13
masashi910Thanks for your works!09:13
wenspavelm1: I won't be around after the meeting, so please send me an email.09:13
pavelm1wens: aha. That's unfortunate :-(.09:13
masashi910so, shall we move on?09:13
wenssure.09:13
masashi910Thanks.09:13
masashi910#topic Kernel testing09:14
*** brlogger` changes topic to "Kernel testing (Meeting topic: CIP IRC weekly meeting)"09:14
patersoncHi, sorry09:14
masashi910Chris-san, please.09:14
patersoncI've started work on upgrading our LAVA master + workers to the latest version of lava-docker/lava09:14
patersonchttps://gitlab.com/cip-project/cip-testing/lava-docker/-/merge_requests/2809:14
patersoncNow just waiting on feedback before merging. Then we'll need to schedule a time to do the upgrade on production09:14
patersoncThat's about it from me I think...09:14
masashi910patersonc: Thanks for your works!09:15
masashi910any other topics?09:15
masashi910309:15
masashi910209:15
masashi910109:15
masashi910#topic CIP Security09:15
*** brlogger` changes topic to "CIP Security (Meeting topic: CIP IRC weekly meeting)"09:15
masashi910== Quote from yoshidak[m] ==09:15
masashi910Both minor updates were once reported, but since they are protracted, I will summarize again here.09:15
masashi910Major updates:09:15
masashi910 There is no major update this week.09:15
masashi910Minor updates:09:15
masashi910 1. Gap assessment for the development process (IEC 62443-4-1):09:15
masashi910  The report from the certification body, whether development process for OSS meets to the IEC 62443-4-1 standard, is delayed.09:15
masashi910  But, perhaps we can get it the end of this week.09:15
masashi910  And then, we'll plan to share the documents on the development process that reflects the feedback from the report.09:15
masashi910 2. Gap assessment for security features of security packages we suggested (IEC 62443-4-2):09:15
masashi910  We started review security features of security packages we suggested to add as CIP core packages.09:15
masashi910  The completion date is scheduled by the end of December.09:15
masashi910any other topics?09:16
masashi910309:16
masashi910209:16
masashi910109:16
masashi910#topic AOB09:16
*** brlogger` changes topic to "AOB (Meeting topic: CIP IRC weekly meeting)"09:16
masashi910Are there any business to discuss?09:16
pavelm1I guess we should talk to Siemens.09:16
pavelm1Their kernel config contains... everything.09:16
wensthe x86 ones?09:17
pavelm1It would be good to strip it down, so we can focus on things they actually use.09:17
pavelm1Yes, x86: siemens_server_defconfig.09:17
masashi910pavelm1: OK, then, shall I ask them?09:17
wensthey probably used some generic one as the template :(09:17
pavelm1masashi910: Yes please, that would be nice.09:17
pavelm1CONFIG_NE2K_PCI=m is example of driver they probably don't use.09:18
wensrofl09:18
masashi910pavelm1: Sure!09:18
pavelm1Thank you!09:18
masashi910Welcome!09:18
masashi910So, if there are no other topics, let's close the meeting today.09:19
masashi910309:19
masashi910209:19
masashi910109:19
masashi910#endmeeting09:19
brlogger`Meeting ended Thu Oct  8 09:19:34 2020 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)09:19
brlogger`Minutes:        https://irclogs.baserock.org/meetings/cip/2020/10/cip.2020-10-08-09.00.html09:19
brlogger`Minutes (text): https://irclogs.baserock.org/meetings/cip/2020/10/cip.2020-10-08-09.00.txt09:19
brlogger`Log:            https://irclogs.baserock.org/meetings/cip/2020/10/cip.2020-10-08-09.00.log.html09:19
*** brlogger` changes topic to "Civil Infrastructure Platform Project. Find the logs at https://irclogs.baserock.org/cip/"09:19
pavelm1Thank you, stay safe.09:19
masashi910Thanks, Bye!09:19
pavelm1wens: You gave me pointer to the git, I think I can find it now. Thanks!09:19
wenspavelm1: ok :)09:21
*** masashi910 has quit IRC09:43
*** fujita has quit IRC09:52
*** pavelm1 has quit IRC10:03
*** monstr has quit IRC16:20
*** rajm has quit IRC22:01

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!