13:03:06 #startmeeting CIP IRC weekly meeting 13:03:06 Meeting started Thu Oct 10 13:03:06 2024 UTC and is due to finish in 60 minutes. The chair is jki. Information about MeetBot at http://wiki.debian.org/MeetBot. 13:03:06 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 13:03:06 The meeting name has been set to 'cip_irc_weekly_meeting' 13:03:15 #topic AI review 13:03:26 - prepare blog entry on SLTS kernel state and challenges [Jan] 13:03:54 document is opened (again) in a window next to this one ;) 13:03:56 on it 13:04:16 I didn't catch other AIs in last weeks meeting 13:04:57 5 13:04:59 4 13:05:00 3 13:05:01 2 13:05:03 1 13:05:03 #topic Kernel maintenance updates 13:05:16 Quiet week. I did some AUTOSEL reviews. 13:05:18 i released 4.4 13:05:20 This week reported 18 new CVEs and 2 updated CVEs. 13:05:35 I reviewed 6.1.112. 13:07:31 further topics? 13:07:49 5 13:07:51 4 13:07:52 3 13:07:54 2 13:07:56 1 13:07:58 #topic Kernel release status 13:08:16 with the release of today, all green 13:08:25 Yep. Sorry for the delay :-). 13:08:36 any issues in sight? 13:09:01 5 13:09:01 Not really. 13:09:03 4 13:09:05 3 13:09:06 2 13:09:09 1 13:09:10 #topic Kernel testing 13:10:38 chris is no here, it seems :) 13:11:27 no operational issues (anymore), right? 13:11:36 Yep, Chris sent an apology. 13:12:22 ok, then let's move on 13:12:27 5 13:12:29 4 13:12:30 3 13:12:33 2 13:12:35 1 13:12:37 #topic AOB 13:13:04 anyone anything? 13:13:15 Last time you mentioned some stories from Plumbers... 13:13:34 yeah, I shared some points in the TSC meeting on Tuesday already 13:14:02 one was that there are apparently plans to create a Cloud LTS kernel 13:14:34 if someone sees some related announcements on the list(s), please share 13:14:56 that was an info I picked up after the kernel CVE BoF at Plumbers 13:15:14 Ok :-). 13:15:28 I think that session is on youtube by now as well 13:15:57 Yup. 13:15:58 not all rooms are yet, at least I'm still missing the RT session 13:16:18 BTW... Is it only my impression, or does Intel seem to be in trouble? 13:16:51 that's what the media is reporting - or do you mean something more specific? 13:17:23 I got it from social media, so wanted to double-check. No, nothing specific. 13:18:50 back to the Cloud LTS: their threat model is naturally different than ours, some may say, smaller 13:19:29 but we may still benefit from such an initialive and could probably join forces on the common parts 13:20:26 +1. In some cases, thier threat model is bigger, too. We can advise people not to run untrusted code on CPU... 13:20:59 well, we could in the past, but this is / has changed in the last few years 13:21:26 some of our workloads are "multi app", some even "multi tenant" 13:21:55 Well. All of their workloads are :-). 13:22:03 right 13:22:13 well, also not always 13:23:04 however, we should come up with a clearer threat model 13:23:25 to avoid wrong assumptions on any side 13:24:26 I'm not sure if CIP is not already too diverse for that. 13:24:49 We try not to make assumptions, but it is pretty clear that with malicious code running on CPU attack surface is way bigger. 13:25:12 don't disagree 13:25:37 ...so if you try to make super-safe bitcoin wallet, 13:25:53 please don't also add ability to run games from Steam :-). 13:26:15 in the end, we as platform cannot answer how critical the assets are of our downstream users 13:26:34 and if they have some further safety nets 13:27:13 Agreed. 13:28:59 one last point from me: I need a substitute next week 13:29:20 anyone able to announce and host the meeting? 13:30:01 I should be able to do it. 13:31:06 thanks! 13:31:17 ok - last call for today 13:31:27 5 13:31:28 4 13:31:30 3 13:31:32 2 13:31:33 1 13:31:35 #endmeeting