#mageia-qa log

20:03:53 <wilcal> #startmeeting
20:03:53 <Inigo_Montoya> Meeting started Thu Feb 15 20:03:53 2018 UTC.  The chair is wilcal. Information about MeetBot at http://wiki.debian.org/MeetBot.
20:03:53 <Inigo_Montoya> Useful Commands: #action #agreed #help #info #idea #link #topic.
20:04:32 <wilcal> #chair tjandrews
20:04:32 <Inigo_Montoya> Current chairs: tjandrews wilcal
20:04:48 <wilcal> #topic Who's new?
20:04:54 <wilcal> Anyone new here
20:05:27 <tjandrews> I've been drafted - again.
20:05:56 <brian_> congrats!
20:06:08 <wilcal> Lets move on to this
20:06:09 <wilcal> #topic Spectre and Meltdown kernel updates
20:06:15 <wilcal> with tmb here
20:06:25 <wilcal> he release a .19 on wed
20:06:35 <brian_> sounds like we can expect 4.14.20 soon
20:06:36 <wilcal> where are we now tmb?
20:06:50 <tmb> and put it on pause today...
20:07:51 <tjandrews> Reminds me of a movie quote: "Will this madness NEVER end?"
20:07:55 <tmb> there is a bug in the pti code for 32bit that should hopefully soon have a fix, so we'll wait for that. and
20:08:22 <brian_> I'm not pursuing tmb version as I figure it'll get patched with the latest soon.
20:09:00 <wilcal> I just got finished with x86_64 on real hardware and that looks good so I'll put that in the bug
20:09:12 <tmb> 4.14.20 started its review process today, with some nasty bugfixes in it, so I think its best to wait for that... end of review is on saturday, so hopefylly I can wrap it all up then and we go from there
20:09:40 <wilcal> A record number of kernel tests in the last weeks
20:09:43 <brian_> tmb:  thx for the planned schedule
20:10:15 <wilcal> Still no real expoits in the wild?
20:10:30 <brian_> I'd read there are over 100 out there two weeks ago
20:10:58 <wilcal> But don't they require physical contact with the platform under attack
20:11:16 <brian_> no - can be accessed via shared tenant cloud servers
20:11:36 <wilcal> How about personal work stations?
20:11:42 <tmb> well they are tracking atleast ~150 tries to exploit it so far so it will probably show up as a successful exploit at some time
20:11:56 <brian_> so, if I can run the code on my VM and it shares hardware, I can possibly see other tenants memory
20:12:37 <tmb> brian_, yeah...
20:12:41 <brian_> if I can set off the code on your box, it is plausible to see your passwords if you store them in browser
20:13:02 <wilcal> how about in lastpass
20:13:15 <brian_> no idea on lastpas, but check for patches
20:13:53 <tmb> for workstations... before you had a fixed web-browser, if you for example had up 2 pages, a malware in one window could snoop the stuff from the other window and so on...
20:13:53 <wilcal> rumors that Intel is releasing firmware updates
20:13:55 <brian_> tmb:  yes, I haven't tried the exploit examples myself
20:14:09 <brian_> and won't on public cloud, don't need to get in trouble
20:14:53 <brian_> wants some trivia?
20:15:18 <tmb> yeah, Intel has release new firmware for Skylake, and will do the rest in "the coming days...", but that is already a week ago... :)
20:15:57 <wilcal> I am terrified to change the bios in my motherboards
20:16:02 <tmb> turns out its not that easy to fix the firmware without messing other stuff up...
20:16:10 <brian_> exactly
20:16:21 <wilcal> brick your mobo
20:17:09 <tmb> I actually patched one of our dell servers at work, and now they have revoked the bios, but I cant downgrade.,, :/
20:17:09 <wilcal> So for now we await .20
20:17:26 <brian_> tmb:  yikes
20:17:30 <Benmc> good morning/afternoon/evening
20:17:37 <brian_> Benmc!
20:17:37 <wilcal> Hi Ben
20:17:59 <rindolf> Benmc: hi
20:18:56 <tjandrews> The motherboards on most of my machines are over 10 years old. Seriously doubt that BIOS fixes will show up for them.
20:19:19 <tmb> tjandrews, and no microcode either probably....
20:19:57 <tmb> so far Intel has only stated they'll fix all platforms that are 5 years or younger...
20:20:29 <tmb> Amd is also somewhat silent...
20:20:31 <tjandrews> A Core 2 Duo and a first-generation i3 and a late-model Pentium 4.
20:20:33 <brian_> tmb: logically.  That's the typical expected life of commericial
20:21:16 <tmb> brian_, yep...
20:21:41 <wilcal> A lot of these things are in crucal applications
20:22:27 <brian_> so kernel and software patches are key for us
20:22:42 <wilcal> Anyway not much we can do about it other then keep testing patches and new kernel
20:23:20 <wilcal> Lets move on
20:23:21 <tjandrews> I would dare say that most of our user base falls into the 5years-or-older category.
20:23:24 <tmb> yeah... and time will tell if all done so far is enough...
20:23:24 <wilcal> #topic Testing Updates & Backports
20:24:24 <wilcal> not a big list some of them can be pushed with x86_64 tested
20:24:36 <tjandrews> On the hplip update - we don't seem to have anybody with a "newer" printer that can test it.
20:24:41 <wilcal> M5 is truly behind us
20:24:42 <brian_> anyone deal with flatpak before?  I was curious if the testing is more on the build side
20:24:57 <wilcal> I have no idea what that is
20:25:07 <brian_> sorry tj, move to brother awhile ago
20:25:32 <wintpe> flatpack is like appimage a universal application runtime format
20:25:38 <tmb> brian_, it meeds dnf repos configured
20:25:50 <brian_> ahhh - good to know
20:25:56 <tjandrews> We may have to let it go with just tests with "older" printers.
20:26:08 <brian_> then remove stuff like libreoffice and redeploy using dnf?
20:26:35 <wilcal> my printer is at least 3-years old
20:26:43 <wilcal> hp printer
20:27:32 <wintpe> is it worth aproaching the two people who were looking for hplip updates recently on the forum
20:27:40 <alfred_> maye someone in the forums https://forums.mageia.org/en/viewtopic.php?f=7&t=12261
20:27:41 <[mbot> [ Mageia forum • View topic - HPLIP update ]
20:27:42 <wintpe> and ask them to test
20:28:11 <wilcal> does it apply to all HP printers even the real cheap ones
20:28:28 <wintpe> yes inkjet included
20:28:34 <wilcal> you can by an HP printer here at Walmart for like $60
20:28:46 <tjandrews> I don't really know.
20:29:05 <tmb> hm.. printer... what is that...
20:29:12 <wilcal> Otherwise we just have to go with what we have
20:29:34 <wilcal> I'd say push it on
20:30:24 <tjandrews> No problems with it so far on older printers. I could validate it after the meeting.
20:30:29 <brian_> I like the idea of someone posting to the forum and ask for a volunteer to test.
20:30:55 <brian_> give them a day or two to respond.  No response, push it on
20:31:00 <tarazed_> And one of us could mentor them.
20:31:17 <wintpe> ill see if i can find the person who was looking i replied to there thread the other day
20:31:31 <brian_> yeah - I've done the shoot myself in the foot thing when I started.
20:31:49 <wilcal> I agree brian
20:32:00 <tjandrews> Florian said something in the bug about asking on the forum. I don't remember the exact wording.
20:33:03 <brian_> gotta rum - bye everyone
20:33:06 <brian_> run
20:33:10 <wilcal> bye brian
20:35:23 <tjandrews> Bug 21945 Comment 15
20:36:00 <tjandrews> https://bugs.mageia.org/show_bug.cgi?id=21945
20:36:02 <[mbot> [ 21945 – Update request: HPLIP 3.17.10 ]
20:38:01 <wilcal> anything else on update?
20:38:08 <wilcal> updates?
20:39:14 <tmb> I think we should validate kernel-linus/tmb and NetworkManager
20:40:03 <tmb> and if we go by "only one OK needed to validate", the list gets almost empty...
20:40:12 <wintpe> rodgosling was looking for an hplip update backin dec ive just pm'ed him also
20:40:57 <wilcal> at the .19 level tmb?
20:41:02 <tjandrews> OK, we'll give it a couple of days.
20:41:25 <wilcal> with .20 close
20:41:31 <tmb> wilcal, no, they are at the older 4.14.18 set for full retpoline
20:41:37 <tarazed_> tmb: what about nasm.  Can we forego 32-bit testing?
20:42:59 <wilcal> I think I can do those as Vbox clients
20:43:38 <tarazed_> Yeah.  I found a problem with my 32-bit vm.
20:43:48 <tarazed_> It is OK now though.
20:44:46 <wilcal> Can we move on the "Anything else"
20:45:02 <tmb> nasm could do with some/one 32bit test as its pretty low-level, but its not critical requirement... it has not broken anything in cauldron either...
20:45:55 <tarazed_> Yep.  Is the new Intel i9 architecture compatible with current kernels?
20:46:52 <tmb> it should be... we even have some bits for hw showing up next year... :)
20:47:42 <tmb> Intel adds "early support" for new hw for easier bringup / testing on linux
20:47:43 <tarazed_> Might trade up within the year.
20:48:40 <tmb> well, they have stated their spectre/meltdown "safe" silicon should show up as new cpus by the end of the year...
20:49:10 <tmb> no ideas if they will actually be able to pull it off
20:49:11 <wintpe> why not reizen, its as fast taking into account the effects of meltdown
20:49:16 <wilcal> Nice of them to do that
20:49:32 <wintpe> as alot cheaper
20:49:39 <tarazed_> Reizen was an alternative.
20:50:01 <wintpe> i have the 1950X and it works fine with mga6
20:50:10 <tmb> yeah, I'm so happy I sold all my old hw, and switched to a Ryzen ThreadRipper last year :)
20:50:30 <wilcal> Come on Rasberry V4
20:50:47 <tmb> ThreadRipper is quite nice to build stuff with...
20:50:59 <wilcal> Raspberry Pi i am told is immune to all of this
20:51:00 <tarazed_> Good to know wintpe.
20:51:05 <wintpe> a new one comming soon
20:51:13 <wintpe> TR2
20:51:24 <wintpe> 10% faster again
20:51:27 <wilcal> Lets move on
20:51:28 <wilcal> #topic Anything else?
20:51:47 <wilcal> Nothing from me
20:51:59 <tarazed_> Nor me.
20:52:00 <tmb> yeah, we had early zyzen/threadripper support at mga6 release time :)
20:52:22 <wintpe> and now the sensors all work as well
20:52:28 <tjandrews> I'm good. For now.
20:52:31 <tmb> nothing else from me
20:52:41 <wintpe> :)
20:52:43 <rindolf> nothing else here either
20:52:49 <wilcal> OK folks thanks all for coming
20:52:57 <wilcal> time for count down
20:53:03 <wilcal> T-5
20:53:14 <wilcal> T-4
20:53:17 <tarazed_> Thanks wilcal.  Good night all.
20:53:19 <wilcal> T-3
20:53:24 <wilcal> T-2
20:53:27 <rindolf> thanks all
20:53:29 <wilcal> T-1
20:53:32 <wilcal> #endmeeting