#cip log

13:00:59 <jki> #startmeeting CIP IRC weekly meeting
13:00:59 <collab-meetbot> Meeting started Thu Feb 27 13:00:59 2025 UTC and is due to finish in 60 minutes.  The chair is jki. Information about MeetBot at http://wiki.debian.org/MeetBot.
13:00:59 <collab-meetbot> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
13:00:59 <collab-meetbot> The meeting name has been set to 'cip_irc_weekly_meeting'
13:01:04 <jki> #topic AI review
13:01:05 <iwamatsu__> hello
13:01:11 <jki> none recorded
13:01:17 <jki> 5
13:01:19 <jki> 4
13:01:21 <jki> 3
13:01:22 <jki> 2
13:01:24 <jki> 1
13:01:26 <jki> #topic Kernel maintenance updates
13:01:45 <pave1> I'm doing reviews, 6.1.129, .130.
13:01:46 <uli_> i'm working on the next 4.19 release
13:01:47 <masami> This week reported 866 new CVEs and 14 updated CVEs.
13:02:19 <jki> 866 - a serious amount again :)
13:02:41 <pave1> 6.1.129 was huge release. And basically stable patch is copy-pasted into CVE.
13:02:42 <iwamatsu__> I reviewed 6.1.129, and I am reviewing  6.1.130
13:03:07 <masami> more than 800 CVEs were published in a one day
13:03:21 <pave1> (.129 is huge, because it corresponds to -rc1 from mainline).
13:06:38 <jki> there is a new 5.10-rc in the make that should contain at least of the RT fixes we identified
13:07:02 <jki> will likely be 4.19 and older relevant, but still haven't checked
13:07:21 <Asmadeus> (Most of the CVEs that were published are for 2022, so likely not relevant)
13:07:43 <pave1> Next -cip-rt is scheduled to Mar 20th.
13:07:50 <pave1> Do you want earlier one if time permits?
13:08:10 <jki> let's wait for the regular stable-rt first
13:08:32 <pave1> Yes, I'm not doing anything -stable-rt is not doing.
13:08:48 <pave1> But I can do one "soon" after -stable-rt is released...
13:08:53 <pave1> ...or I can keep normal schedule.
13:10:58 <jki> it's not a critical security fix, so no hurry from that perspective
13:11:06 <pave1> Ok.
13:11:27 <jki> concrete deployment with the exact some issue are also not known to me
13:11:58 <jki> we likely only saw it on 6.1 in the wild, even if 5.10 is equally affected
13:12:14 <jki> ok - other maintenance topics?
13:12:28 <jki> 5
13:12:30 <jki> 4
13:12:31 <pave1> (You can also have earlier 6.1
13:12:43 <pave1> if it helps and I have corresponding -stable-rt :-) )
13:12:44 <arisut> I wanted to ask about annotated tags, on release. I see jki mail acking the issue but I didn't see any plan for the future
13:13:14 <jki> uli_: did you address the issue already?
13:13:24 <jki> ...for the next releases?
13:13:29 <uli_> no, not yet
13:13:51 <jki> at all: please align your release toolings!
13:14:08 <jki> we also have slightly different release announcement emails
13:14:15 <jki> not critical but also not really nice
13:14:40 <jki> and different workflows will only generate different mistakes on rainy days ;)
13:15:08 <arisut> we are diverting from upstream release tags without annotated tags
13:15:16 <arisut> tags style
13:15:28 <pave1> and slightly lower chance of one bug affecting everyone :-). This is manual process, announcement mails are hand-crafted :-)
13:15:39 <jki> and both is bad
13:16:13 <jki> use a script that generate both, just using personal data/keys as parameters
13:16:29 <jki> and share that for review/improvements
13:17:03 <pave1> Trouble is ... this is all over the place.
13:17:16 <arisut> each release commit should be signed for verify the origin
13:17:20 <pave1> So you have buch of git commands, ok.
13:17:34 <pave1> But then you submit for testing, and have to check with web browser how that went.
13:17:48 <jki> check isar-cip-core/scripts/make_release for a starter - obviously, the kernel will need more
13:17:53 <arisut> such release scripts should be on gitlab if they are not there yet
13:18:01 <jki> +1
13:18:23 <pave1> And then you push changes, and again, the result is in web browser after random delay.
13:18:33 <iwamatsu__> I can share my script too.
13:18:46 <pave1> I send announcement emails using mutt. I don't know how to script that, really, either.
13:19:16 <pave1> Plus scripts are significantly differnt for -cip, -cip-rt, and self-maintained -cip-rt.
13:20:11 <pave1> So it is like 3 commands, then manual action, then other 3 commands.
13:20:15 <arisut> pave1, you can use sendmail
13:20:27 <pave1> arisut: Not in todays environment.
13:21:02 <arisut> I'm using sendmail on Gentoo kernel announcement
13:21:46 <pave1> arisut: Would not work here, would not work in most of the places.
13:22:56 <arisut> pave1, https://stackoverflow.com/questions/57410259/how-to-send-an-email-using-sendmail-command-in-linux#57411838
13:23:04 <arisut> there is also example with mutt
13:23:21 <arisut> and mail
13:23:35 <pave1> arisut: I know how email worked in 1995, thank you. It does not work like that today.
13:24:43 <jki> ok, one step after the other: maybe those for who scripting seem to work already can share that
13:25:03 <arisut> you could use mailcow for managing your own mail service
13:25:14 <jki> and then look at those workflows together, and if there remains one or two offs, it would still be progress
13:26:16 <pave1> arisut: I'd have to deal with SPF and various such stuff. Plus that's not what my company wants me to use.
13:26:50 <arisut> jki, +1
13:27:58 <iwamatsu__> +1
13:28:30 <uli_> i would appreciate a script that just writes something to stdout
13:28:38 <uli_> then i can copy-and-paste it in any way i want :)
13:30:14 <jki> perfect :)
13:30:19 <uli_> (and i will keep in mind to use annotated tags for the next release)
13:30:22 <jki> then let's sync again next week
13:30:30 <jki> anything else?
13:30:58 <jki> 5
13:30:59 <jki> 4
13:31:00 <jki> 3
13:31:02 <jki> 2
13:31:03 <jki> 1
13:31:05 <jki> #topic Kernel release status
13:31:18 <jki> all LEDs are green today
13:31:50 <jki> anything to add?
13:32:05 <jki> 5
13:32:07 <jki> 4
13:32:08 <jki> 3
13:32:09 <jki> 2
13:32:11 <jki> 1
13:32:12 <jki> #topic Kernel testing
13:32:43 <patersonc> No exciting updates from me this week
13:32:56 <arisut> I'm sent a PR for adding CIP stable kernel to kernelci
13:33:15 <arisut> https://github.com/kernelci/kernelci-pipeline/pull/1053
13:33:22 <arisut> need your approval patersonc
13:33:35 <patersonc> Thanks
13:33:59 <arisut> than I started writing what we are missing https://gist.github.com/aliceinwire/e3c180d0ef8e442c530bfd8e4ddead53
13:34:38 <patersonc> Great
13:34:40 <arisut> patersonc, if you have something to add just fork the gist and update it
13:35:03 <patersonc> Will do
13:35:10 <arisut> thanks
13:36:05 <arisut> the next step I think would be to make the pipeline use the CIP gitlab configurations
13:36:56 <patersonc> Yes
13:38:43 <jki> what about https://lore.kernel.org/cip-dev/OSCPR01MB1483816E3365201CB54911E2FC2C22@OSCPR01MB14838.jpnprd01.prod.outlook.com/T/#u BTW?
13:39:48 <iwamatsu__> We need to update these images, I think.
13:40:04 <patersonc> Yes I saw that. Iwamatsu-san was going to look into updating the LTP rootfs we're using - however if we move to KernelCI setup then it's something KernelCI already does.
13:40:30 <patersonc> Although if we want to use CIP core images then I guess we'll have to bake it into the CIP core image creation
13:40:54 <jki> I think the LSP in isar-cip-core is fairly recent
13:41:02 <patersonc> Okay
13:41:04 <jki> ltp
13:41:11 <jki> ltp-full_20240930.bb
13:41:31 <jki> not even half a year old ;)
13:41:57 <patersonc> :)
13:41:59 <jki> but, yet, maintenance on that thing is needed as well from time to time
13:42:48 <iwamatsu__> OK, I take a look that.
13:42:59 <jki> TIA!
13:43:46 <jki> see also https://lore.kernel.org/cip-dev/20250203115321.3589084-1-Sai.Sathujoda@toshiba-tsip.com/T/#t for more background on LTP packaging and updating
13:44:02 <jki> good
13:44:11 <jki> other testing topics?
13:44:55 <jki> 5
13:44:57 <jki> 4
13:44:58 <jki> 3
13:44:59 <jki> 2
13:45:00 <jki> 1
13:45:03 <jki> #topic AOB
13:46:12 <jki> anything else for today?
13:46:24 <jki> 5
13:46:26 <jki> 4
13:46:28 <jki> 3
13:46:30 <jki> 2
13:46:32 <jki> 1
13:46:33 <jki> #endmeeting