[01:51] any way to install the latest stable kernel wihthout much hassle and hoff? I don't want to comile it, can't I just aptitude it? === asac_ is now known as asac === mdomsch_ is now known as mdomsch [07:19] moin === \sh_away is now known as \sh === \sh is now known as \sh_away === doko_ is now known as doko [08:19] btw. the amd64 kernel is suboptimal, it does not show the splash [08:22] Does the Intel M processor use 16- or 32-bit Littleendian? [08:51] BenC: ping. can you tell me what "Declined for Dapper by Kees Cook" means in https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.15/+bug/65631 ? [08:51] Launchpad bug 65631 in linux-source-2.6.15 "skge driver broken: invalid call to spin_unlock causes system crash" [Medium,Fix committed] [08:51] (someone told me to ping you) [13:31] * laga summons rtg [13:32] is there a community kernel team meeting today? [13:32] i don't knopw [13:32] know* === \sh_away is now known as \sh [16:28] rtg: looked at the patches already? [16:33] laga: aufs? not yet. [16:34] rtg: good. aufs upstream is willing to look at the ubuntu kernel and see what it takes to make aufs work with it [16:35] laga: if the kernel patches simply expose some symbols, then it ought not be too difficult. [16:37] rtg: that's all they do i believe. i'm not sure what's needed to work around some API changes introduced by apparmor (IIRC). [16:37] only the aufs guy can tell, i suppose [16:40] http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-hardy.git;a=summary <- is that the kernel tree he should look at? [16:41] laga: yep [16:49] laga: the new aufs upload in Debian (today or tomorrow) will fix the issues, using the patch Kano proposed. [16:50] juliank: i just saw your email. [16:51] juliank: sorry if parts of my msg were redundant, i wrote it earlier today and didn't have the opportunity to send it till now [16:51] laga: who plans to include aufs into l-u-m? [16:52] juliank: rtg said he'd be cool with doing that if i submitted a patch. granted, he has to review the kernel patches proposed by junjiro first [16:53] juliank: with the patches in your package, does the kernel need to be patched at all? (except for the lhash patch which I do need) [16:54] laga: I'm running the normal ubuntu kernel and it works. But some patches may boost performance or improve security. [16:55] juliank: it depends on rtg then. [16:55] * laga digs up lhash patch [16:56] when you guys are ready, send the patches (or a reference to them) on kernel-team@lists.ubuntu.com so I don't forget them. [16:59] juliank: which patches would you recommend? [17:03] laga: I never used them, but I would say: splice, lhash [nfs] , put_filp [nfs] [17:04] sec_perm is not needed anymore with your patches. [17:04] * laga adds question mark [17:04] laga: Right. It's patched like unionfs in l-u-m, but I don't know if this is the best way. [17:05] juliank: does the sec_perm patch actually apply to the ubuntu kernel? [17:05] juliank: have you verified that the ia_file patch doesn't break anything? just commenting out stuff looks scary to me :) [17:06] laga: by Kano. upstream did the same, see his last e-mail. - The problem with upstream's patch (although they may be better) is the size. [17:07] everyone: Is security_inode_permission enabled in the Ubuntu kernel? [17:08] juliank: the last email from upstream is from 6:00am, correct? [17:09] laga: 17:34 (CET) [17:13] juliank: i must be blind. the only email i see from around that time is the one i wrote (17:37) [17:14] laga: Maybe it's not on the list yet. [17:14] the patch is at http://jak.kicks-ass.org/~jak/upstream.diff [17:14] juliank: or he only sent it to you. anyways, if junjiro did the same thing, why not [17:15] The question is: Are the API changes caused by AppArmor only? See the simple patch from Kano at http://jak.kicks-ass.org/~jak/01_vserver_apparmor.dpatch [17:17] juliank: if we put it into l-u-m, does it really matter how big that patch is? [17:17] juliank: i believe the ia_file api change is caused by apparmor patches - at least i found an apparmor patch which removes that member. vanilla 2.6.24 still has it. [17:18] laga: I know this. I'm talking about the other changes. [17:18] ah. [17:18] interesting. that ia_file patch was indeed there earlier [17:22] laga: The aufs-source package will be kept and people who build aufs with it should use the same set of patches like l-u-m. [17:23] juliank: sounds good. but which patch are we going to use? :) [17:25] laga: Kano's patch is much easier to maintain. it's 2-4 kb, whereas upstream's patch is about 57 kb. [17:25] And Kanotix is a live disk, which means it should work [17:27] After Alpha 4, we should start building disks using aufs instead of unionfs (but keep it as a fallback, like in debian-live) [17:30] laga, rtg: I'll provide a patch to add fs/aufs to l-u-m, based on the code in the aufs-source package (new revision not uploaded yet) [17:30] juliank: thanks, much appreciated. [17:34] rtg: It would just be good to keep most of the configuration in http://jak.kicks-ass.org/~jak/conf.mk - should I simply add CONFIG_AUFS=m to config/[archs] and keep the config.mk file inside fs/aufs/ - it exports many variables and EXTRA_CFLAGS [17:37] juliank: If you figure out how to build it under l-u-m, then I can go from there. [17:47] juliank: how does the lhash patch fit in? :) [18:23] hello guys [18:27] what are compilation options for a live CD kernel ? [18:28] https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.22/+bug/151016 [18:28] Launchpad bug 151016 in linux-source-2.6.22 "New in 2.6.22-13: system takes a LONG time to resume from suspend" [Undecided,Confirmed] [18:28] Dekans: it's the stock -generic kernel [18:28] is this fixed on any new hardy kernel ? [18:29] I would like to make a live CD with a vanilla patched kernel [18:30] someone in the last comments says it's fixed in -14-2 but there is no confirmation [18:32] Mithrandir: Mithrandir is the /boot/config-`uname -r` good ? [18:32] Dekans: it should be, yes. [18:33] and I can easily the -generic kernel of a live CD ? [18:33] +replace [18:33] nobody cares about me :( [19:09] hmm, an easy way to install hardy's kernel on gutsy ? === \sh is now known as \sh_away [20:57] Any list moderator here? [20:59] rtg: I finished all patches, but the post "[l-u-m] [PATCH] UBUNTU: Add aufs module version 0+20080129" needs to be approved by a moderator first [20:59] juliank: just did [21:22] wow [21:22] juliank: thanks for the patches [21:22] rtg: thanks for comitting them [22:04] does anyone happen to know when pci_get_device() was added into the kernel? [22:05] (do newer 2.4 kernels have that? or only the pci_find_device()?) [23:40] hi, it seems you forgot to add the aufs config to lum [23:40] heh [23:40] yeah [23:40] just compiled and it was without [23:40] took me some time to fix that [23:40] Kano: workin on it. [23:40] rtg: great. [23:40] did you see my casper patch (similar to live-helper)? [23:41] you should upload a fixed casper package too [23:41] Kano: julian might be interested in that. i think he's going to provide aufs patches for the live disks tomorrow [23:41] laga: the patch didn't apply clean to debian/config/i386 or amd64 because of a prior patch from Fabio. Simple enough to fix. [23:41] i did that yesterady already [23:42] will just change the patch position [23:43] why are my 2 other patches are not used? [23:45] http://kanotix.com/files/fix/casper-aufs.patch [23:45] thats for casper [23:45] then you can use union=aufs [23:45] hum. NFS branch not supported with aufs. either i did something wrong or the autodetection is not working. [23:46] lum pushed [23:46] I'm outta here [23:46] * laga makes a mental note to bug julian tomorrow and leaves [23:50] at least i have got now only 2 extra module packages besides lum... [23:52] BenC: ping. can you tell me what "Declined for Dapper by Kees Cook" means in https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.15/+bug/65631 ? (someone told me to ping you) [23:52] Launchpad bug 65631 in linux-source-2.6.15 "skge driver broken: invalid call to spin_unlock causes system crash" [Medium,Fix committed] [23:52] ln-: how about using sk98lin and blacklist skge? [23:52] ln-: means it wont be fixed in dapper [23:53] BenC: any idea why not? [23:53] ln-: without reading it, I can only guess because it doesn't meet our Stable Release Updates policy [23:54] BenC: it's a security vulnerability; https://bugs.launchpad.net/bugs/cve/2006-7229 [23:55] ln-: looks like it is fixed in dapper already...probably why it was declined...already fixed [23:55] BenC: but it isn't fixed! [23:56] ln-: * [UBUNTU:drivers/net] drop invalid spin_unlock calls in skge (CVE-2006-7229) [23:56] The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly use the spin_lock and spin_unlock functions, which allows remote attackers to cause a denial of service (machine crash) via a flood of network traffic. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7229) [23:56] ln-: that is in the latest changelog for 2.6.15 [23:57] ln-: if you can show that this is reproducible in 2.6.15-51.65 upload, then I'd say take it up with kees [23:58] BenC: please take a look at the skge.log attachment at the end.. i.e. this: http://launchpadlibrarian.net/11562782/skge.log [23:59] ok, i admit there is no spin_unlock visible in it, but still an excellent way to crash the system. [23:59] ln-: I'm going to need to see the version of the linux-image-2.6.15-51-386 package for that log