#cip log

09:00:01 <masashi910> #startmeeting CIP IRC weekly meeting
09:00:01 <brlogger> Meeting started Thu Dec 10 09:00:01 2020 UTC and is due to finish in 60 minutes.  The chair is masashi910. Information about MeetBot at http://wiki.debian.org/MeetBot.
09:00:01 <brlogger> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
09:00:01 <brlogger> The meeting name has been set to 'cip_irc_weekly_meeting'
09:00:05 <masashi910> #topic rollcall
09:00:11 <masashi910> please say hi if you're around
09:00:20 <sudip> hi
09:00:37 <pavel1> hi
09:00:39 <gavinlai> hi
09:00:40 <iwamatsu> hi
09:00:49 <yoshidak[m]> hi
09:01:01 <masashi910> #topic AI review
09:01:02 <wens> hi
09:01:11 <masashi910> 1. Combine root filesystem with kselftest binary - iwamatsu
09:01:24 <iwamatsu> no update
09:01:37 <masashi910> iwamatsu: Noted. Thanks.
09:01:44 <masashi910> 2. Do some experiment to lower burdens on CI - patersonc
09:01:50 <masashi910> Based on the offline discussion after the last IRC meeting, I created this AI.
09:02:04 <masashi910> patersonc: are you around?
09:02:47 <masashi910> OK, let's come back when he joins.
09:02:48 <masashi910> any other topics?
09:02:55 <masashi910> 3
09:02:59 <masashi910> 2
09:03:03 <masashi910> 1
09:03:06 <masashi910> #topic Kernel maintenance updates
09:03:38 <iwamatsu> I reviewed 4.4.247 and 4.4.248-rc
09:03:45 <pavel1> I have reviewed 4.19.162 and started reviews on 4.19.163.
09:04:13 <wens> Five new issues this week. I believe we would want to backport the fix for CVE-2020-28588
09:04:30 <wens> It was not tagged for stable.
09:04:55 <pavel1> Let me investigate....
09:05:38 <wens> also, hitachi enables DRM_NOUVEAU in their omap defconfig, which is perplexing.
09:06:07 <masashi910> wens: Then, shall I ask them about it?
09:06:18 <wens> masashi910: Yes, please.
09:06:27 <masashi910> wens: Sure.
09:06:44 <masashi910> wens: Also, for the record, let me just log the url of your cip-kernel-sec report sent to cip-dev.
09:06:50 <masashi910> https://lore.kernel.org/cip-dev/CAGb2v641=SrfdDh9CS4fwWVrfuCG2O2oni9V_QsVJEza+g5mRg@mail.gmail.com/T/#u
09:07:03 <masashi910> wens: I have a couple of questions about cip-kernel-sec. Could I ask such questions after this meeting?
09:07:22 <wens> sure.
09:07:31 <masashi910> wens: Thanks!
09:09:12 <masashi910> pavel1, iwamatsu, wens: Thanks for your works!
09:09:17 <masashi910> pavel1: While you are investigating the cve, shall we move on?
09:09:51 <pavel1> masashi910: Yes, move on. It makes sense to continue over email.
09:10:01 <masashi910> pavel1: Thanks!
09:10:09 <masashi910> any other topics?
09:10:14 <masashi910> 3
09:10:18 <masashi910> 2
09:10:22 <masashi910> 1
09:10:25 <masashi910> #topic Kernel testing
09:10:37 <masashi910> patersonc: are you here?
09:11:14 <masashi910> So, let's skip this part this week.
09:11:16 <masashi910> #topic CIP Security
09:11:22 <masashi910> yoshidak[m]: the floor is yours.
09:11:25 <yoshidak[m]> hi
09:11:42 <yoshidak[m]> There is no major update from last week.
09:12:01 <yoshidak[m]> We hold the meeting w/ Exida tomorrow.
09:12:16 <yoshidak[m]> That's the end from me today.
09:12:27 <masashi910> yoshidak[m]: Thanks for your works!
09:12:40 <masashi910> any other topics?
09:12:48 <masashi910> 3
09:12:51 <masashi910> 2
09:12:55 <masashi910> 1
09:12:58 <masashi910> #topic AOB
09:13:37 <masashi910> Regarding the development start based on 5.10, it was announced with the following blog.
09:13:50 <masashi910> https://www.cip-project.org/blog/2020/12/02/cip-to-embark-on-kernel-5-10-development-for-slts
09:14:05 <masashi910> That's it from me.
09:14:14 <pavel1> So...
09:14:29 <masashi910> pavel1: Please.
09:14:38 <pavel1> Do we start preparations? 5.10.1 is likely to be huge.
09:14:51 <pavel1> As in -- lots of stuff to review.
09:15:08 <masashi910> pavel1: Yes, but after 5.10 is released.
09:15:26 <wens> IIRC -rt is not merged into mainline yet?
09:15:37 <pavel1> Alternatively, we could wait for say 5.10.5 before forking cip branch.
09:15:48 <iwamatsu> yes, it is  not merge yet.
09:15:59 <pavel1> Major effect would be that we would not have reviewed 5.10 to 5.10.5 changes :-).
09:16:14 <pavel1> No, -rt is not yet merged into mainline in an usable way.
09:17:14 <masashi910> pavel1: I think we can choose the best timing.
09:17:39 <pavel1> Ok :-).
09:18:36 <masashi910> pavel1, iwamatsu, wens: Let's discuss about it in the future. :)
09:18:49 <iwamatsu> OK
09:19:35 <masashi910> pavel1: Do you have any insights on CVE-2020-28588
09:19:44 <masashi910> ?
09:20:17 <pavel1> It looks to me like vulnerable code is not in 4.4 or 4.19, but let me confirm.
09:20:24 <sudip> CVE-2020-28588 was introduced by 631b7abacd02 in v5.1 and that has not been backported so I dont  think any CIP kernel is affected
09:20:26 <pavel1> If it is, it is easy to fix/backport.
09:21:16 <masashi910> sudip: Thanks for this info!
09:22:12 <wens> If it's a straightforward backport, I suppose we could still ask greg to include it for v5.4, as a way of showing the helpful side of CIP
09:23:07 <pavel1> wens: I'd let someone else do that. I'm pretty sure we are not the only ones watching CVEs.
09:23:12 <iwamatsu> Oh, this commit's comit date is CommitDate: Fri Apr 5 09:26:43 2019 -0400. but Auther date is Mon Nov 7 16:26:37 2016 -0500
09:23:13 <iwamatsu> .
09:23:48 <pavel1> wens: Or maybe we can/should do that if it is not fixed by january :-).
09:24:12 <wens> pavel1: fine with me. I suppose we might see bwh or some other distro guys asking for it. :)
09:24:46 <masashi910> So, shall we keep our eyes on this CVE, and decide what to do in the future?
09:25:04 <masashi910> I mean, make this as an AI.
09:25:27 <wens> Sure. Let's keep it until, say, mid-January?
09:25:43 <iwamatsu> +1
09:25:52 <pavel1> +1
09:26:02 <masashi910> Great! Thanks!
09:26:10 <masashi910> Any other topics?
09:26:27 <masashi910> If there are no topics, then, let's close the meeting.
09:26:34 <masashi910> #endmeeting