| *** prabhakarlad <prabhakarlad!~prabhakar@pc.renesas.eu> has quit IRC | 00:18 | |
| *** prabhakarlad <prabhakarlad!~prabhakar@pc.renesas.eu> has joined #cip | 00:53 | |
| *** rajm <rajm!~robert@cpc126990-macc4-2-0-cust43.1-3.cable.virginm.net> has joined #cip | 06:57 | |
| *** helmut <helmut!helmut@subdivi.de> has quit IRC | 08:08 | |
| *** helmut <helmut!helmut@subdivi.de> has joined #cip | 08:12 | |
| *** toscalix <toscalix!~toscalix@73.pool90-167-218.static.orange.es> has joined #cip | 09:21 | |
| *** uli <uli!~uli@55d483ee.access.ecotel.net> has joined #cip | 11:09 | |
| *** fbezdeka <fbezdeka!~flo@2a02:810d:82c0:38fc:30d6:ec3a:bc18:37f5> has joined #cip | 11:58 | |
| *** toscalix <toscalix!~toscalix@73.pool90-167-218.static.orange.es> has quit IRC | 12:40 | |
| *** toscalix <toscalix!~toscalix@73.pool90-167-218.static.orange.es> has joined #cip | 12:40 | |
| *** masami <masami!~masami@FL1-110-233-204-67.tky.mesh.ad.jp> has joined #cip | 12:48 | |
| *** josiah <josiah!~kvirc@pool-100-16-211-90.bltmmd.fios.verizon.net> has joined #cip | 12:57 | |
| *** jki <jki!~jki@165.225.27.7> has joined #cip | 12:59 | |
| *** pave1 <pave1!~pavel@88.103.226.136> has joined #cip | 13:00 | |
| jki | #startmeeting CIP IRC weekly meeting | 13:00 |
|---|---|---|
| brlogger` | Meeting started Thu Mar 10 13:00:57 2022 UTC and is due to finish in 60 minutes. The chair is jki. Information about MeetBot at http://wiki.debian.org/MeetBot. | 13:00 |
| brlogger` | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 13:00 |
| brlogger` | The meeting name has been set to 'cip_irc_weekly_meeting' | 13:00 |
| *** brlogger` changes topic to " (Meeting topic: CIP IRC weekly meeting)" | 13:00 | |
| collab-meetbot | Meeting started Thu Mar 10 13:00:57 2022 UTC and is due to finish in 60 minutes. The chair is jki. Information about MeetBot at http://wiki.debian.org/MeetBot. | 13:00 |
| collab-meetbot | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 13:00 |
| collab-meetbot | The meeting name has been set to 'cip_irc_weekly_meeting' | 13:00 |
| jki | hi! | 13:01 |
| uli | hello | 13:01 |
| iwamatsu | hi | 13:01 |
| masami | hello | 13:01 |
| pave1 | hi! | 13:01 |
| josiah | Hi | 13:03 |
| patersonc[m] | Hello | 13:04 |
| jki | ok, let's go | 13:04 |
| jki | #topic AI review | 13:05 |
| *** brlogger` changes topic to "AI review (Meeting topic: CIP IRC weekly meeting)" | 13:05 | |
| jki | 1. Resolve/filter irrelevant failures of KernelCI for 4.4-cip - patersonc & alicefm | 13:05 |
| patersonc[m] | Sorry, nothing done yet | 13:06 |
| jki | 2. Add 4.9-stable-rc to testing - patersonc | 13:06 |
| patersonc[m] | I started this | 13:06 |
| patersonc[m] | We're missing three configs from cip-kernel-config for 4.9 | 13:07 |
| patersonc[m] | Other then that things are working | 13:07 |
| pave1 | ...and it gave first results. Thanks! | 13:07 |
| patersonc[m] | Do we know if any more boards are supported natively in 4.9 compared to 4.4? | 13:07 |
| patersonc[m] | iwamatsu: Ah I've just seen your email about the configs. Thank you | 13:08 |
| jki | so this topic can be considered done? | 13:09 |
| iwamatsu | patersonc: sorry about it. | 13:09 |
| patersonc[m] | I need to merge, but essentially all is in place | 13:09 |
| jki | perfect | 13:09 |
| jki | anything else before moving on? | 13:10 |
| jki | 3 | 13:10 |
| jki | 2 | 13:10 |
| jki | 1 | 13:10 |
| jki | #topic Kernel maintenance updates | 13:10 |
| *** brlogger` changes topic to "Kernel maintenance updates (Meeting topic: CIP IRC weekly meeting)" | 13:10 | |
| pave1 | I did some reviews on 5.10.104 and 105. Working on scripts for self-maintainance. | 13:11 |
| uli | reviewing 5.10.104 | 13:11 |
| masami | This week reported 12 new CVEs and 3 updated CVEs. | 13:11 |
| masami | Dirty Pipe and BHI (Spectre-BHB) are notable issues. | 13:11 |
| iwamatsu | I could not kernel review work this week. | 13:12 |
| jki | Spectre-BHB is arm64, right? what about that AMD spectre issue? | 13:13 |
| masami | intel and amd cpus are affected | 13:14 |
| pave1 | If there's good summary of the spectre issues, I'd like to know. | 13:14 |
| iwamatsu | Do we need to release 5.10.Y-cip for fixing those CVEs? | 13:14 |
| jki | more than likely | 13:14 |
| jki | I have more and more user with "apps" on their machines, thus not only with fully trusted code | 13:15 |
| patersonc[m] | pave1: There are some links to summaries on here: https://lwn.net/Articles/887326/ | 13:15 |
| pave1 | patersonc: Thank you! | 13:16 |
| masami | PoC is on the github https://github.com/vusec/bhi-spectre-bhb | 13:16 |
| jki | this is really limited to eBPF? | 13:16 |
| jki | hmm, the exploit PoC does not look like bpf | 13:19 |
| masami | It looks like eBPF is one of the methods to abuse this bug. | 13:19 |
| pave1 | jki: The FAQ at https://www.vusec.net/projects/bhi-spectre-bhb/ says eBPF makes it easier, but should not really be a requirement. | 13:20 |
| jki | ok (or not) - then we should better fix soon | 13:20 |
| pave1 | jki: Well, well well. I'll get you a hammer and you can smash all the affected CPUs? :-) | 13:21 |
| jki | need to have a long shaft ;) | 13:21 |
| pave1 | jki: I mean, we can't really _fix_ that. Those CPUs are broken. We can apply workarounds but bug will re-surface. | 13:21 |
| jki | likely | 13:21 |
| pave1 | :-(. | 13:22 |
| jki | but this isssue is also one of those with high public attention | 13:22 |
| pave1 | We can hand out more hammers :-). | 13:22 |
| pave1 | I guess we should make a release once 5.10.105 is out? | 13:22 |
| patersonc[m] | Doesn't affect RISC-V :) | 13:23 |
| jki | let's see when that will change ;) | 13:23 |
| iwamatsu | +1 | 13:23 |
| pave1 | patersonc: There are few high-performance RISC-V CPUs. So that may not really be good news for RISC-V. | 13:23 |
| jki | so, 5.10.105 will be the first to have these "workarounds"? | 13:23 |
| jki | pavel: exactly... | 13:24 |
| patersonc[m] | pave1: :) | 13:24 |
| pave1 | dirty pipe is fixed in 5.10.103 or so. Speculation workarounds are being reveiewed for 5.10.105-rc1. | 13:24 |
| fbezdeka | According to the -rc candidate Greg posted earlier today 5.10.105 will hold such "workarounds" | 13:24 |
| jki | are we ready to release quickly after upstream? | 13:25 |
| jki | or should we better move forward to clean the dirty pipe? | 13:25 |
| jki | granted, that one is easy to fix locally if users are in a hurry | 13:26 |
| pave1 | 5.10.105 can be expected this Friday or next Monday, I'd say. | 13:27 |
| fbezdeka | "Responses should be made by Fri, 11 Mar 2022 15:58:48 +0000." | 13:27 |
| jki | so, what are the opinions? | 13:29 |
| iwamatsu | I think that local fixes mean a fork, so it is not a good way. | 13:30 |
| pave1 | I believe one release based on 5.10.105 should be enough. | 13:31 |
| iwamatsu | I would like to wait for 5.10.105. | 13:31 |
| masami | +1 to wait for 5.10.105 | 13:31 |
| jki | ok, but then let's communicate this to the list | 13:32 |
| pave1 | iwamatsu: You have script modifying wiki when new -rc is out? Could that be suspended for now? | 13:33 |
| pave1 | I'll simply manually update it when uli tells us that he's about to run out of work. | 13:34 |
| iwamatsu | pave1: ok, I will suspend it. | 13:34 |
| pave1 | Thank you! | 13:34 |
| iwamatsu | suspended now. | 13:36 |
| pave1 | Wow, that was quick. Thanks! | 13:37 |
| pave1 | ...mov on? | 13:40 |
| jki | btw, someone read https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/blob/master/issues/CVE-2022-0847.yml and was confused that 4.19 was not in the ignore list | 13:40 |
| masami | jki: 4.19 had uninitialized bug too. | 13:42 |
| masami | so, 4.19 is in fixed-by list. | 13:43 |
| jki | but not the CVE | 13:43 |
| jki | ok, anyway, I explained this (more than once) | 13:43 |
| masami | ah, yes. | 13:43 |
| jki | then let's move on | 13:44 |
| masami | I will update it. | 13:44 |
| jki | thanks! | 13:44 |
| jki | #topic Kernel testing | 13:44 |
| *** brlogger` changes topic to "Kernel testing (Meeting topic: CIP IRC weekly meeting)" | 13:44 | |
| patersonc[m] | As you know I looked at 4.9.y-rc testing | 13:45 |
| patersonc[m] | Other then that not much to report | 13:45 |
| jki | ok - anything else on testing by others? | 13:46 |
| jki | 3 | 13:47 |
| jki | 2 | 13:47 |
| jki | 1 | 13:47 |
| jki | #topic AOB | 13:47 |
| *** brlogger` changes topic to "AOB (Meeting topic: CIP IRC weekly meeting)" | 13:47 | |
| jki | looks like LF actually changed the directory layout of the logger for us! | 13:47 |
| patersonc[m] | Are we aiming for a new 4.19-rt release any time soon? Someone pointed out to me that it's been 3 months since the last one | 13:47 |
| pave1 | patersonc: in february, we did not get matching 4.19-cip and 4.19-rt releases. We should get that in March. | 13:48 |
| jki | I think we need to reconsider this | 13:48 |
| jki | when the gap becomes so large and, thus, unpredictable | 13:49 |
| jki | pavel: did you try in the past to rebase rt queues? | 13:49 |
| patersonc[m] | Can we try and base the cip releases on what is available from rt-stable? | 13:49 |
| pave1 | jki: I tried at some point, and it did not work well. | 13:50 |
| jki | 4.4 or 4.19? | 13:50 |
| jki | or both? | 13:50 |
| pave1 | jki: it is quite possible it would work other times. | 13:50 |
| jki | yes, I would assume so as well | 13:51 |
| jki | alternative: release (extra) CIP kernels that match | 13:51 |
| pave1 | alternative: Adjust -cip releases to match -rt releases. | 13:52 |
| jki | but waiting 3 months for that to happen by chance is not that optimal | 13:52 |
| pave1 | Let me check 4.19-rt releases. | 13:53 |
| pave1 | For 4.4-rt, we'll have to self-maintain, so .. that will be way more fun. | 13:53 |
| jki | sure - and no "excuses" ;) | 13:53 |
| jki | if there is additional effort involved, let's discuss how to tackle it | 13:54 |
| pave1 | 4.19-rt releases are happening about twice a month. | 13:54 |
| pave1 | Last one is Linux 4.19.232-rt104 from Mar 4. | 13:54 |
| pave1 | I believe we decided to do 4.190-rt once per two months? | 13:55 |
| pave1 | Easy solution from my side would be to wait for 4.19-rt when releasing 4.19-cip, at least every other month, so we get match for easy release. | 13:56 |
| jki | ...unless there are prominent CVEs pending | 13:57 |
| jki | I would rather vote for having an extra regular -cip release when in doubt | 13:57 |
| jki | provided we are ready from review and testing perspective | 13:58 |
| jki | but if we aren't we can't release a -rt either | 13:58 |
| pave1 | Yes, we may want to speed up with CVEs. | 13:58 |
| pave1 | Most of speculation fixes will _not_ be in 4.19.234. They should make it to the next one. | 13:59 |
| pave1 | But with -rt releases in the picture, that becomes kind of gamble :-(. | 13:59 |
| jki | CVE trumps -rt | 14:01 |
| jki | once rt caught up, we could do another regular cip release and a corresponding -rt | 14:01 |
| jki | if nothing urgent is in the queue, we try to sync both releases carefully | 14:02 |
| pave1 | Yes, we can always solve problem with more -cip releases :-). | 14:02 |
| pave1 | So the latest 4.19-rt is 4.19.232-rt104. | 14:02 |
| jki | whatever is optimal under speed AND effort constraints :) | 14:02 |
| pave1 | 4.19.235 is likely to have speculation fixes. | 14:03 |
| pave1 | I'd suggest to wait for next 4.19-rt and do both -cip and -rt releases...? | 14:04 |
| *** toscalix <toscalix!~toscalix@73.pool90-167-218.static.orange.es> has quit IRC | 14:05 | |
| jki | well, our beloved CVEs get resolved earlier, I would not delay the regular -cip release - but maybe we will be lucky this time | 14:06 |
| pave1 | Right, if 4.19.235 is out with the fixes and -rt release is nowhere around, we may need to act, anyway. | 14:08 |
| jki | ok - anything else, on this or beyond? | 14:08 |
| jki | if not... | 14:09 |
| jki | 3 | 14:09 |
| jki | 2 | 14:09 |
| jki | 1 | 14:09 |
| jki | #endmeeting | 14:09 |
| collab-meetbot | Meeting ended Thu Mar 10 14:09:46 2022 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 14:09 |
| collab-meetbot | Minutes: http://ircbot.wl.linuxfoundation.org/meetings/cip/2022/03/cip.2022-03-10-13.00.html | 14:09 |
| collab-meetbot | Minutes (text): http://ircbot.wl.linuxfoundation.org/meetings/cip/2022/03/cip.2022-03-10-13.00.txt | 14:09 |
| collab-meetbot | Log: http://ircbot.wl.linuxfoundation.org/meetings/cip/2022/03/cip.2022-03-10-13.00.log.html | 14:09 |
| brlogger` | Meeting ended Thu Mar 10 14:09:46 2022 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 14:09 |
| brlogger` | Minutes: https://irclogs.baserock.org/meetings/cip/2022/03/cip.2022-03-10-13.00.html | 14:09 |
| brlogger` | Minutes (text): https://irclogs.baserock.org/meetings/cip/2022/03/cip.2022-03-10-13.00.txt | 14:09 |
| brlogger` | Log: https://irclogs.baserock.org/meetings/cip/2022/03/cip.2022-03-10-13.00.log.html | 14:09 |
| *** brlogger` changes topic to "Civil Infrastructure Platform Project. Find the logs at https://irclogs.baserock.org/cip/" | 14:09 | |
| pave1 | Thank you... and stay safe! | 14:09 |
| jki | thanks for your time | 14:09 |
| uli | thanks | 14:09 |
| jki | bye! | 14:10 |
| masami | thank you | 14:10 |
| iwamatsu | thank you | 14:10 |
| *** josiah <josiah!~kvirc@pool-100-16-211-90.bltmmd.fios.verizon.net> has quit IRC | 14:10 | |
| *** masami <masami!~masami@FL1-110-233-204-67.tky.mesh.ad.jp> has quit IRC | 14:10 | |
| *** jki <jki!~jki@165.225.27.7> has quit IRC | 14:11 | |
| *** fbezdeka <fbezdeka!~flo@2a02:810d:82c0:38fc:30d6:ec3a:bc18:37f5> has left #cip | 14:11 | |
| *** pave1 <pave1!~pavel@88.103.226.136> has quit IRC | 14:36 | |
| *** toscalix <toscalix!~toscalix@1.pool90-167-219.static.orange.es> has joined #cip | 15:14 | |
| *** toscalix <toscalix!~toscalix@1.pool90-167-219.static.orange.es> has quit IRC | 15:14 | |
| *** prabhakarlad <prabhakarlad!~prabhakar@pc.renesas.eu> has quit IRC | 22:02 | |
| *** rajm <rajm!~robert@cpc126990-macc4-2-0-cust43.1-3.cable.virginm.net> has quit IRC | 23:08 | |
| *** prabhakarlad <prabhakarlad!~prabhakar@pc.renesas.eu> has joined #cip | 23:37 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!