#mageia-qa log

20:03:12 <wilcal> #startmeeting
20:03:12 <Inigo_Montoya> Meeting started Thu Jan 11 20:03:12 2018 UTC.  The chair is wilcal. Information about MeetBot at http://wiki.debian.org/MeetBot.
20:03:12 <Inigo_Montoya> Useful Commands: #action #agreed #help #info #idea #link #topic.
20:03:23 <wilcal> #chair lewyssmith
20:03:23 <Inigo_Montoya> Current chairs: lewyssmith wilcal
20:03:35 <wilcal> #topic Who's new?
20:03:42 <wilcal> anyone new?
20:04:06 <lewyssmith> If anyone here is new to one of these meetings, please do speak up.
20:04:49 <lewyssmith> Looks not...
20:05:02 <wilcal> Lets get right to it then
20:05:10 <wilcal> #topic testing kernel 4.14.13-1
20:05:26 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=22334
20:05:28 <[mbot> [ 22334 – Update request: kernel 4.14.13 ]
20:05:36 <brian_> it's been interesting, but for me working
20:05:45 <brian_> but at moment testing mga5's
20:05:48 <wilcal> I've spent all morning over a Hot testing computer on this one in frustration
20:06:01 <wilcal> actually a couple of computers
20:06:03 <brian_> :0(
20:06:07 <wilcal> overall it's fine
20:06:12 <lewyssmith> I have nothing to say beyond ... more kernels! Which should one start with?
20:06:27 <wilcal> except when you mix, as you guessed, Vbox and nvidia in there
20:06:59 <lewyssmith> Do you mean Vbox host + nVidia?
20:06:59 <wilcal> I just added a bunch of comments at the end of this bug so do look them over and add what you can
20:07:05 <wilcal> yes
20:07:29 <tmb> no such issues here
20:07:36 <wilcal> It appears I cannot create a working vbox client on my Intel i7 Vbox nvidia platform
20:07:46 <wilcal> It has to be a brand new client
20:07:54 <lewyssmith> I feel guilty not having nVidia to share the suffering a bit.
20:08:12 <wilcal> I used the easiest iso the m6 x86_64 Live-DVD
20:08:36 <wilcal> If I create the client on a non-nvidia platform it works fine
20:09:03 <wilcal> even if I export that to a vdi and crate a new client with that on the nvidia platform
20:09:18 <wilcal> that works fine too
20:09:31 <wilcal> so I gotta push away from the table for a day or two on this one
20:09:54 <lewyssmith> Very curious. There should be nothing of nVidia in the client, surely.
20:10:08 <tmb> Anyway, we can/have to expect some issues with the kernel lockdown... but we will have to live with it so far as they fix extremely critical issue
20:10:09 <wilcal> I saw this with the last kernel change and kind didn't believe it so I figured it was an error on my part
20:10:12 <wilcal> maybe still is
20:10:24 <wilcal> I agree with that tmb
20:10:48 <wilcal> I can work around this for now and just create clients on my non-nvidia platform
20:10:52 <lewyssmith> Hello Ben.
20:11:03 <wilcal> makes me crazy
20:11:10 <tmb> problem is the fallout of this security issues will expand to months/years... depending issue...
20:11:32 <lewyssmith> wil Please do not go crazy, Bill: we need you.
20:11:41 <wilcal> I'm sure others will see what I'm seeing and something will get fixt
20:11:43 <wilcal> fixed
20:11:45 <Benmc> Lewis,  Qa, Good morning
20:12:03 <hviaene|2> But we cann't go on fixing M5, cann't we?
20:12:09 <tmb> upstream is now on revision 8 or so with the spectre parts... but we still need the matching stuff for gcc/binutils too...
20:12:32 <wilcal> Still more kernels on the way right tmb?
20:12:52 <tmb> no, for mga5 we only fix the most easy exploited meltdown
20:13:09 <lewyssmith> hviaene|2, I think we are agreed to see the vital fixes done for M5, Herman.
20:13:13 <wilcal> And that's the end for M5 for sure?
20:13:25 <hviaene|2> I hopr-pray
20:13:27 <tmb> then we lock mga5 back down.
20:13:28 <lewyssmith> Essentially.
20:13:52 <wilcal> If you have a problem with Vbox on M5 the fix will be to move to M6
20:14:08 <tmb> becuse there is not even a guarantee yet that the spectre fixes will even land in upstream 4.4 as they need a lot of stuff from newer kernels...
20:14:21 <lewyssmith> I have no problem with M5 updates beyond the extra work. I keep M5 anyway.
20:14:30 <wilcal> And none of this is being exploted yet right?
20:15:01 <tmb> the poc for meltdown is published, so ....
20:15:16 <wilcal> so.... it's a maybe for now
20:15:32 <tmb> the other bits are only "spectre-like" exploits so far...
20:16:09 <wilcal> We're kinda like waiting for the "Mother" of all explots to appear
20:16:18 <tmb> it will get fixed in 4.14 and newer kernels + more microcode updates depending on Intel/AMD work
20:16:37 <lewyssmith> No exploit cannot affect most users.
20:17:01 <wilcal> Cross fingers my Raspberry Pi won't get bonked
20:18:20 <wilcal> So I will test M5 sans Vbox and leave it at that
20:18:32 <tmb> also note the nvidia-current is for mga5 too as it exposes memory the same way
20:18:56 <wilcal> I am really getting to dislike nvidia
20:19:05 <tmb> so some test on atleat x86_&4 would be good
20:19:27 <lewyssmith> Is M5 more urgent than M6?
20:19:34 <wilcal> Do we still have a large base of nvidia users
20:19:41 <wilcal> probably so
20:20:04 <brian_> yes
20:20:11 <hviaene|2> Yes, me, but not on my test machines
20:20:38 <tmb> nah, I think we can prioritize mga6 but it depends on how fast you want to close down mga5 :)
20:21:00 <lewyssmith> ASAP.
20:21:10 <wilcal> Anyway keep work'n it as the list, bless David, has gotten quite short
20:21:36 <wilcal> Lets move away from this
20:21:37 <wilcal> #topic Testing Updates & Backports
20:21:43 <wilcal> not kernel testing
20:21:58 <wilcal> I see Flash has reared it's ugly head again
20:22:14 <wilcal> Easy test with notes from previous testing
20:22:36 <wilcal> FWIW brick wall EOL Jan 2020 for Flash
20:22:50 <lewyssmith> Good news indeed.
20:23:01 <wilcal> Browser won't support it from that date on
20:23:13 <wilcal> Browsers that is as in all of them
20:23:20 <hviaene|2> All browsers???
20:23:23 <wilcal> Yes
20:23:33 <hviaene|2> I wonder
20:23:42 <lewyssmith> [wise]
20:23:49 <wilcal> I'm sure people will find a way around that but officially Adobe brick wall EOL it
20:24:01 <wilcal> Hello Luigi
20:24:02 <lewyssmith> Welcom David.
20:24:08 * Luigi12_work has been spotted
20:24:15 <wilcal> Thank you for being here
20:24:24 <tmb> btw, I've also pushed new graphical stack to mga6 (mesa/libdrm/amdgpu/ati/intel/...) to add more hw support matching the 4.14 series kernels,  but I wont assign it to QA yet as current kernel stuff is more important
20:24:35 <Luigi12_work> yeah I saw your e-mail, figured I'd stop by just in case you need me
20:24:56 <wilcal> We're deep in the weeds on the Kernel things
20:24:58 <lewyssmith> Nice to have you - so long as you not a bringer of doom.
20:25:07 <Luigi12_work> nah I don't have anything
20:25:12 <wilcal> Actually moved on
20:25:24 <hviaene|2> Phew
20:25:28 <wilcal> Any thoughts Luigi
20:25:30 <lewyssmith> Luigi12_work, Are you satisfied with the state of play?
20:26:47 <Luigi12_work> I was a little disappointed to see that we haven't picked up any kernel patches for Spectre, but not really surprised
20:27:17 <brian_> what I've read, spectre is pretty complicated to clean-up, even more so than meltdown
20:27:18 <Luigi12_work> fortunately that one's a lot harder to exploit, Meltdown was the really big deal
20:27:30 <Luigi12_work> brian_: oh yeah, inifinitely more complicated to clean up
20:27:32 <lewyssmith> It seemed more difficult & more obscure.
20:27:54 <Luigi12_work> the patches other distros added to their kernels is very preliminary work for it, but there's also adjustments being made in web browser and other apps
20:28:02 <tmb> yep, that's why I'm waiting it out... spectre set is currently on revision 8+ or so...
20:28:03 <brian_> Luigi - my interpretation of meltdown is more of an exposure on machines supporting VM type multi-user work.  What's your take?
20:28:16 <Luigi12_work> there will also be adjustments made to apps to mitigate the performance issues, so it'll be an ongoing thing for a while
20:28:55 <Luigi12_work> brian_: actually the other way around
20:29:27 <Luigi12_work> Meltdown lets a process read from kernel space's memory, Spectre can allow reading memory from other processes or from beyond VM boundaries
20:29:33 <brian_> so more risk on individual machines and hardware
20:29:36 <tmb> there will be patches for toolchain (binutils/gcc) to add full support for spectre but that to is still going through reviews
20:30:10 <Luigi12_work> yeah that too, and then everything will eventually need to be recompiled with those changes (but just recompiling kernel and a few other select things with the patched compilers can help a lot)
20:30:42 <Luigi12_work> but Meltdown is more risk in terms of being much easier to exploit, but it was also much easier to fix, which our current set of kernel updates will do
20:31:04 <Luigi12_work> Spectre has more far-ranging consequences if you can exploit it, but that's a lot harder (but as you said, it's harder to clean up too)
20:31:10 <tmb> then there are wip in progress for libvirt/qemu/xen to properly support the hardened kernels/microcodes/... so it will be fun...
20:31:18 <lewyssmith> tjandrews, Welcome TJ.
20:31:25 <tjandrews> Hi.
20:31:28 <Luigi12_work> yeah and our libvirt package in mga6 won't even build right now
20:31:43 <Luigi12_work> it's not obvious to me why it won't
20:31:51 <wilcal> gracious
20:32:00 <hviaene|2> So assembler code could get around all corrective gcc etc ...???
20:32:03 <Luigi12_work> NVIDIA also released 384.111 to cope with Spectre changes
20:32:11 <tmb> Luigi12_work, yeah, I checked it out and have mitigation fixes added too but it breaks tests so they need to be adjusted a bit
20:32:35 <Luigi12_work> yeah, and it was already breaking before you added anything
20:32:45 <tmb> Yep, I have 384.111 in testing for both mga5/6
20:32:50 <Luigi12_work> the patch I added was only a one-liner, so I wouldn't think that would have broken it
20:33:37 <Luigi12_work> the Linux community has done a pretty amazing job dealing with all this stuff so far
20:33:48 <lewyssmith> So quickly.
20:33:53 <kekePower> so many smart folks out there
20:33:56 <kekePower> I'm amazed
20:34:19 <lewyssmith> Hello Leen!
20:34:20 <tmb> depending on the needed changes for properly supporting spectre fixes/bits... I'm thinking of simplly breaking current version policy and update to properly fixed code from upstream...
20:34:35 <tarazed> Sorry I'm late.
20:34:39 <Luigi12_work> tmb: for which package?
20:34:48 <lewyssmith> tmb, Sounds like a good idea to me.
20:34:59 <tmb> Luigi12_work, for libvirt/qemu/xen
20:35:04 <Luigi12_work> tmb: yeah I think that's a good idea
20:35:28 <tarazed> Hi Leewis
20:35:36 <Luigi12_work> it's good we've updated the kernel to 4.14.x as it is.  I saw greg-kh's warnings about the backports to older kernels.
20:36:35 <tmb> yeah... and he even pointed out he might switch to 4.15 or so as LTS in a mail thread depending of how the securitty fixes go :)
20:37:04 <wilcal> We going to see kernels every couple weeks or so?
20:37:11 <Luigi12_work> tmb: oh wow
20:37:33 <brian_> wow
20:37:35 <tmb> wilcal, probably
20:37:46 <wilcal> All critical probably
20:37:50 <lewyssmith> wilcal, I wondered whether we could agree among ourselves who test what.
20:37:51 <Luigi12_work> wilcal: yeah probably for the next couple months
20:38:04 <Luigi12_work> not critical necessary, just fixing fallout from the new changes, mainly
20:38:13 <wilcal> Not a good thing for me. Notes at end of meeting
20:38:14 <lewyssmith> There are simply too many.
20:38:46 <tarazed> As long as we cover a range of hardware
20:38:50 <lewyssmith> tmb, Could we suspend linus & tmb kernels until things settle down?
20:39:11 <brian_> so - could this be a planned schedule - a monthly release of a kernel fix, versus rushing a weekly in
20:39:13 <brian_> ?
20:39:36 <kekePower> tmb: in light of this possibility, is it an idea to try out 4.15-rc now?
20:39:56 <brian_> <<of course>> unless there known exploits
20:39:58 <tmb> lewyssmith, yeah, I will keep them updated but I can keep them in testing only
20:40:19 <lewyssmith> It would help a lot not having to test them all the time.
20:40:31 <lewyssmith> Unntil the dust settles.
20:40:38 <brian_> agreed
20:40:39 <tmb> as the core kernel is the most importan one... as long as we get the 4.14.13 validated
20:41:28 <brian_> :wilcal - I have nvidia antiques, but nothing with VBox capability on ... unless I steal my son's machine
20:41:40 <tmb> (to close down the meltdown on all kernels)
20:41:51 <wilcal> I would be agreeable to releasing the present kernel bug knowing of the nvidia issue
20:42:06 <brian_> ...with vbox new builds
20:42:21 <wilcal> Ya it's a problem a very confusing one
20:42:42 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=22334
20:42:44 <[mbot> [ 22334 – Update request: kernel 4.14.13 ]
20:42:45 <tmb> I also have a feeling we will see new virtualbox next week when nect oracle cpu is published...
20:43:08 <wilcal> wilcal hangs his head :-0
20:43:43 <Luigi12_work> yeah probably
20:43:43 <lewyssmith> So: I take it that the 4.4.13 kernels - all of them - 'fix' the Meltown issue.
20:43:55 <Luigi12_work> yes
20:44:02 <wilcal> And more a coming
20:44:02 <Luigi12_work> as do the 4.4.111
20:44:20 <lewyssmith> Just to stop my head spinning.
20:44:22 <brian_> dumb question - does the kernel disable meltodwn by default on AMD?
20:44:57 <tmb> brian_, yep
20:45:11 <brian_> cool!
20:45:12 <Luigi12_work> meltdown didn't affect most AMDs I thought...
20:45:24 <Luigi12_work> oh you mean does it disable the mitigations for performance reasons
20:45:26 <Luigi12_work> yeah it does
20:45:27 <brian_> yes, but code might still be in loop otherwise
20:45:50 <tmb> according to what is know so far AMD is not vulnerable to meltdown... but time will tell
20:46:06 <lewyssmith> {Smug]
20:46:11 <brian_> that's my take on meltdown.  Was curious if Kernel did that or if we needed the parameter
20:47:06 <Luigi12_work> the parameter is for disabling it on intel if you feel you're not exposed to the issue
20:47:39 <brian_> I run more intel than AMD these days ....
20:48:03 <tmb> note that the microcode update also mitigates some parts of spectre and adds bits to support mitigations for kernels (and to get some performance back)
20:48:31 <Luigi12_work> maybe my newest PC might have updated firmware, but they probably haven't gotten to the CPUs in most of my machines
20:48:34 <brian_> good as I did see pauses in firefox after patch
20:48:46 <brian_> on intel i3 2100 series
20:49:18 <brian_> my new stuff is gen-7, but not touchable yet
20:49:18 <Luigi12_work> Firefox 52.6 will just have an adjustment to make the timing API less precise, so you can't use it for timing attacks
20:49:28 <tmb> brian_, you think that is bad... some network services looses up to 50% of performance due to this :)
20:49:54 <brian_> yeah - servers for net, io and dbms sound like nightmares
20:50:01 <wilcal> AWS?
20:50:03 <tmb> Like haproxy running on vm setups
20:50:06 <hviaene|2> I have to go, g'night all
20:50:10 <brian_> night
20:50:14 <wilcal> night
20:50:37 <wilcal> Amazon Web Services people have got to be sweating all this
20:51:07 <tmb> wilcal, not they, but their customers that have to buy more performance...
20:51:52 <brian_> yeah  - plus google, M$
20:52:01 <wilcal> I remember back in the day when you had to live within 1028 bytes :-))
20:52:05 <brian_> hi everyone - gotta drop
20:52:11 <tmb> anyway... should we get back on topic for non-kernel stuff :)
20:52:12 <wilcal> bye brian
20:52:17 <lewyssmith> Goodbye Brian.
20:52:24 <wilcal> Ya lets move on
20:52:29 <wilcal> too stressful
20:52:39 <lewyssmith> wilcal, Shall we kill this topic now & move on?
20:52:40 <wilcal> #topic Anything else?
20:52:49 <lewyssmith> Yes - you move?
20:52:55 <wilcal> Couple of announcements from me
20:53:03 <wilcal> Starting on Mon 22 Jan and running probably until the following Monday, 29 Jan my availablity will be very sporatic as I will be moving. I will for sure not be here on Thurs 25 Jan ( move in day ). I should be fully moved in and settled down by Thurs 1 Feb. All my test computers should ( fingers crossed ) be up and running by then.
20:53:30 <lewyssmith> Best of luck with it all.
20:53:32 <wilcal> and to answer the obvious
20:53:34 <wilcal> I am moving to a City I have been to many times during my Career. I am moving to ( North ) Las Vegas NV. About 8 miles North of "The Strip". There is a very nice retirement community there and the cost of living is low, stable, quiet and safe. A person would be fine there as long as they didn't partake of the obvious that's going on all around them.
20:54:15 <wilcal> And ya it gets really hot there May -> Sept
20:54:20 <wilcal> 100's
20:54:37 <lewyssmith> !
20:55:11 <tjandrews> So, are you going to change your nickname? How about "Vegas Bill?"
20:55:28 <wilcal> Better would be "Sin City Bill" :-))
20:55:28 <kekePower> I've heard Houston only has 3 seasons, Spring, Summer and Houston
20:55:55 <wilcal> Houston was one of my choices when I came out of School in 68
20:55:57 <tmb> wilcal, you'll need watercooling for your computers then :)
20:56:15 <kekePower> wilcal: and BeerCooling for yourself
20:56:17 <wilcal> Air Conditioning for sure
20:56:49 <wilcal> Always something to do, 24/7/360 in Vegas
20:57:07 <wilcal> Anything else
20:57:15 <lewyssmith> Not frp me.
20:57:20 <wilcal> I'm done
20:57:27 <tmb> not for me
20:57:28 <tjandrews> We have four seasons here. Not Winter, Almost Winter, Winter, and Mud.
20:57:35 <wilcal> bye all count down time
20:57:38 <wilcal> T-5
20:57:42 <kekePower> tjandrews: heh
20:57:45 <lewyssmith> Goodby everyone.
20:57:48 <wilcal> T-4
20:57:49 <kekePower> until next time
20:57:52 <tarazed> Cheerio
20:57:52 <wilcal> T-3
20:57:56 <wilcal> T-2
20:58:00 <wilcal> T-1
20:58:03 <wilcal> bye all
20:58:05 <wilcal> #endmeeting