/srv/irclogs.ubuntu.com/2011/05/18/#ubuntu-kernel.txt

=== hallyn is now known as hallyn_afk
=== yofel_ is now known as yofel
eruditehermithey06:11
eruditehermitis there a ubuntu kernel guy around?06:11
ppisatimorning07:16
eruditehermitmorning07:18
smbmorning08:13
test___abogani: ping09:00
=== ghostcube_ is now known as ghostcube
fairuzHi12:40
fairuzkernel modules are preemptable?12:40
fairuzi mean is it possible to have half of function done by cpu0 and the other half by cpu1?12:41
apwfairuz, only if there is a lock in the path, otherwise no13:02
fairuzapw: ok thanks13:02
fairuzhm wait, should the lock make sure only cpu do the job?13:03
apwunless you specifically turn on PREEMPT which noone does, then a kernel therad only gives up the CPU when it is reday13:04
apwie, when it sleeps or calles cpu_relax or simila13:04
fairuzapw: ok understood now13:05
fairuzHi, is there any equivalent of sched_setaffinity in kernel space?13:30
fairuzor it doesn't make sense at all13:31
apwfairuz, i believe there is indeed such a thing no idea what its called, as process contexts are process contexts13:38
fairuzI don't if this an appropriate question but I try nevertheless. On SMP processors, if we write to a coprocessor register of a CPU, the value will not disappear as long as the CPU is online right?13:47
tjaaltonwhen will the -9 ABI kernel get pushed to natty-updates?14:00
smbtjaalton, There seem to be two patches that might have been reverted (though I think in the end at least the ath9k may stay) and sconklin was looking into that. So I would expect it to be soon (about next week maybe)14:03
smbOr wait14:03
apwtjaalton, i think we've moved to 3 week cycle now so 3 weeks after it first appeared14:03
smbreverting would mean first week is over so it might be before the verification week...14:04
tjaaltonsmb: ok thanks, I think it should fix the radeon regression that Luca reported here earlier this week14:04
tjaaltonI'll ask him to confirm14:04
smbYeah. I am not so sure anymore. :-P14:05
smoseris it expected that 2.6.32-32.62  will flow soon from -proposed to -updates ?14:18
smbsmoser, That would be expected sooner. And probably I get through with the latest ec2 kernel change into the same as that contains the tsc fix14:19
smosersmb, ?14:19
smoserthere is a -proposed kernel thats been there for 3 weeks (also a -ec2 varient)14:20
smoseri would not expect that new changes would get in at this point.14:20
smoseror maybe i just dont understnad the kernel sru process.14:20
smoseri'd surely be happy if your tsc fix would get in soon.14:20
smbOnly because it is very simple, Steve was in a good mood and I did some regression testing. It should not be the normal flow14:21
smbI will have to take any beating too if anything goes wrong. :-P14:22
smosersmb, so what would be time frame for getting into -updates then?14:26
smbsmoser, That sounded like being just about to (probably this week). But I cannot promise that the updated ec2 kernel goes through. I have to talk with Steve first.14:28
jjohansensconklin: for what its worth, I am with smb on the new ec2 kernel sooner is better, and I kicked off an instance for testing too14:30
smbjjohansen, You found the kernels on tangerine?14:30
jjohansensmb: uh no didn't look, I built one14:31
smbjjohansen, Works the same. Just I could have saved you that effort. :)14:32
jjohansensmb: but where is the fun in that? :)14:33
smbI got a finalized git tree locally and the source package ready to upload. But I wanted sconklin s ok first14:33
* jjohansen has to run to an appointment, back in a bit14:34
* ogasawara back in 2014:45
sconklinsmb: just arrived - sure, go ahead and upload. I didn't realizer that the patch was only on the ec2 branch, so it won't even affect the certification that's already taken place, and we should get these kernels out this week. I'm going to respin Natty with one revert today.14:48
smbsconklin, Ok, so I push out the git tree (finalizing) and upload to our ppa14:54
sconklinsmb: good deal14:57
smosersmb, great.  I will push to get refreshed images out as soon as kernel enters -updates.15:02
smbsmoser, Sure, cool. Shall I ping you when it happens or do you track that15:03
smosersmb, i really wish i had something that tracked that.15:08
smoserthe ultimate scenario would be for something to be notified (or poll) for new kernel in -updates, build an image, automated test it... then send me an email with the changes so i could just sign and forward it on.15:09
smoserdid you want to write that for me ?15:09
smbsmoser, Apart from probably needing some "how do I build those images" tuition, the tracking part maybe can be padded together from rmadison and some shell glue15:10
smoseryeah, there isn't anything technicall difficult, just tying together lots of bits.  i have a start at a program that gets the changes between two images.15:11
smbsmoser, I try to come up with something that can be run from a cronjob and maybe we can try the rest in Dublin15:11
smoserbut it doesn't realize kernel changes because of the package name change.15:11
bjfmoin y'all15:15
ogasawarabjf: welcome back!  hope you've recovered.15:15
smbwelome o bjf. How is life?15:15
JFomoin bjf 15:15
bjfi'm much better, though dealing with a bit of a head cold i brought back from uds15:15
bjfthe other issue seems to be completely resolved15:16
JFoglad to hear it15:16
smbgood news15:16
JFooh btw bjf, the regression-potential report doesn't seem to be updating. is there something I need to do to it?15:19
bjfJFo, i'll look into it15:19
JFothank you sir, not critical, just wanted to mention. :-)15:20
bjfJFo, http://people.canonical.com/~kernel/reports/regressions-potential-report.html looks right to me, or are you referring to another report ?15:27
JFobjf, yep, that is the one, but the numbers are wrong. I removed the tag from the first few before UDS and the number is still the same.15:28
JFoand those bugs are still showing15:28
bjfhmmm, will force an update15:31
JFook15:31
JFolike I said, not critical, the LP search will work for me too if you have other fish to fry15:32
JFojust wanted to mention it in case it was supposed to be updating regularly15:32
bjfJFo, it is, there is probably a bug in there somewhere15:33
JFocool :)15:33
hertonbjf: what you do about embargoed CVEs? I mean, how to identify it etc., so not end up putting accidentaly before time a backport/patch at ubuntu-kernel open mailing list16:13
bjfherton, so, for embargoed CVEs, you will get plenty of warning that a CVE is embargoed and we can discuss that then, but really you don't do anything different except maybe not send the patch email to the mailing list16:13
bjfherton, the two that i pointed you at, CVE-2011-1593 and CVE-2011-1169, neither are embargoed16:14
ubot2bjf: Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1593)16:14
ubot2bjf: Array index error in the asihpi_hpi_ioctl function in sound/pci/asihpi/hpioctl.c in the AudioScience HPI driver in the Linux kernel before 2.6.38.1 might allow local users to cause a denial of service (memory corruption) or possibly gain privileges via a crafted adapter index value that triggers access to an invalid kernel pointer. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1169)16:14
hertonok16:14
bjfherton, note that you do not need to do dapper16:15
hertonyep, steve told me too, seems dapper has his own magic that everyone hates :)16:15
hertonand it's going EOL16:16
bjfherton, really it's because it's going EOL and we've identified the CVEs that were required, hopefully, we've done the last dapper kernel16:16
hertonbjf: I requested access to the CVE spreadsheet, not sure who approves that16:19
bjfherton, looking16:20
bjfherton, should be open to all "canonical" people16:21
bjfsconklin, ^ this ring any bells with you ?16:22
kapareHi there! I have weird dmesg that keep poping ups since upgrade to 11.04:::::::16:22
kaparetype=1400 audit(1305730611.637:128211): apparmor="DENIED" operation="exec" parent=5778 profile="/usr/sbin/libvirtd" name="/usr/local/bin/qemu-system-x86_64" pid=5903 comm="libvirtd" requested_mask="x" denied_mask="x" fsuid=0 ouid=016:22
hertonbjf: hmm strange, here I got that I must be approved, may be because my openid/primary email is herton@gmail.com16:22
sconklinherton: I'll look but make sure that you were logged into google with your canonical address not a personal one16:22
jdstrandkapare: you need to add /usr/local/bin/qemu-system-x86_64 /etc/apparmor.d/abstractions/libvirt-qemu16:23
jjohansenkapare: that means the libvirtd profile is prevent the access16:23
jjohansenkapare: the best way to deal with that is ubuntu-bug apparmor16:23
jdstrandkapare: you probably did it before the upgrade, got prompted during the upgrade for the conffile change, and accepted the defaults16:23
hertonsconklin: yeah, I think it's because I'm logged also on gmail, hang on16:24
jdstrandjjohansen: I doubt I would fix that bug tbh16:24
tgardnerherton, I've found the same issue. I generally have to do a complete flush first.16:24
bjfsconklin, nice catch, i miss the obvious 16:24
jdstrandjjohansen: /usr/local path for qemu. I mean *maybe*, but that is a local change16:24
jjohansenjdstrand: right, but in general denied messages should be filed as a bug16:25
sconklinThat CVE spreadsheet will die soon when new processes are in place.16:25
jjohansenjdstrand: yep16:26
hertonsconklin: worked now, so seems was the gmail logged in16:27
sconklinok16:27
kaparejdstrand, thx what specific access requires these files? I may have click default by mistakes but doesn't remeber that part ;)16:27
jdstrandjjohansen: sure16:27
=== hallyn_afk is now known as hallyn
jdstrandkapare: you can model it after what is already in there. eg: '/usr/local/bin/qemu-system-x86_64 rmix,'16:28
hertonmy launchpad account is tied to gmail account too, so this adds to the confusioin...16:28
herton*confusion16:28
kaparejjohansen: you mean the irc channel or enter a bug un lauchpad? about the ubuntu-bug apparmor16:29
jdstrandkapare: jjohansen is right that in general you would want to file a bug. in this case, I happen to know there was already a bug filed on this, and you know how to proceed, so I don't think it is required. for next time, 'ubuntu-bug apparmor'16:30
jjohansenkapare: enter a bug in launchpad, by opening a terminal and typing "ubuntu-bug apparmor", that will collect the denied messages etc and automatically attach them to the bug report16:30
jdstrandhehe16:30
jdstrandjjohansen: we really should get on the same page here16:30
jdstrandjjohansen: there is already a bug on this16:30
jjohansenkapare: jdstrand, is right, just clarifying the use of ubuntu-bug16:30
jjohansenjdstrand: yep, sorry just trying to clarify the process, not saying to open a bug16:31
jdstrandno worries16:31
* jdstrand slowly backs away from #ubuntu-kernel16:31
jdstrandthing is-- really hit the sweet spot for me-- libvirt *and* apparmor, how could I resist? ;P16:32
hertonbjf, sconklin: ok, for start I'll take CVE-2011-159316:32
ubot2herton: Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1593)16:32
sconklinherton: ok, please feel free to ask about anything16:33
JFofood... bbiab16:41
kaparejdstrand,  /usr/local/bin/qemu-system-x86_64 is already there I searching on lauchpad but did found yet the bug associated to it ...16:44
kaparejjohansen, didn't know about the terminal part will try this right away16:46
jjohansenkapare: please don't, or at least try it and abandon it half way through before the bug actually gets created16:47
jdstrandkapare: the bug is 51021316:47
jjohansenkapare: as jdstrand said he actually already has a bug on this particular one, so it won't help16:47
jjohansenkapare: but in general please do as its the best way for us to track, and the best way to get a response about your problem16:48
jdstrandkapare: I forgot you also have to add the path to /etc/apparmor.d/usr.sbin.libvirtd16:48
jjohansenkapare: dropping into the channel is hit or miss as it depends on who is online at the time16:48
kaparejjohansen, ;) will abandon it but nice report it generates16:49
jjohansenkapare: yep, its real useful16:49
jdstrandkapare: see the bug I mentioned for details16:49
kaparejdstrand, I'm reading it right now16:50
jdstrandkapare: incidentally, since this is not a kernel issue, it should probably be moved to #ubuntu-security16:51
jdstrand(if more discussion is needed)16:51
jjohansenjdstrand: err you mean #ubuntu-hardened?16:52
jdstrandjjohansen: one or the other redirects to the other16:52
jdstrandI forget which16:52
jdstrandwe try to promote #ubuntu-security though in general, since it is easier to find16:53
jjohansenjdstrand: #ubuntu-security requires an invite it seems16:53
kaparejjohansen, jdstrand thx will try to add /etc directories and see if message disappear do I need to restart apparmor?16:53
jdstrandit might if you are already in #ubuntu-hardened16:53
jjohansenjdstrand: oh, hadn't thought of that16:53
jdstrandkapare: I think you mean /usr/local/bin/..., but no, you don't need to restart apparmor. just do 'sudo apparmor_parser -r /etc/apparmor.d/usr.sbin.libvirtd'16:54
jjohansenjdstrand: yep that is what was happening16:54
jdstrandjjohansen: incidentally, while the parser is technically userspace, since it is actually a plumbing layer/kernel interface type thing for the tools, I moved parser stuff to 'Kernel'parser' rather than 'Userspace' in the bp16:55
jjohansenjdstrand: makes sense16:55
jdstrandjjohansen: I think that more accurately conveys what is happening-- ie, kernel changes require parser changes16:55
jdstrandand vice versa16:56
jjohansenyep16:56
jdstrand(well, not always, but you know what I mean)16:56
jjohansenhehe yeah16:56
jdstrandso that should make the distinction between the work items and who does what a little more clear hopefully16:56
hertonbjf: https://bugs.launchpad.net/bugs/784727 (nominations need to be set)17:45
ubot2Launchpad bug 784727 in linux-ti-omap4 "CVE-2011-1593" [Undecided,New]17:45
bjfherton, working it now17:46
hertonAnd if a nomination after approved is not applicable, the thing to do is set to invalid right?17:46
bjfyes, though for karmic, i declined it17:47
bjfi should have done that for dapper as well, but you can just mark it "invalid17:48
bjfherton, should be good to go17:48
hertonok, thanks. Where create-cve-tracker gets the list from releases (karmic, natty, etc.)? Didn't look, but may be we should remove karmic already17:49
jjohansenrunning an errand, back in a bit17:52
bjfherton, it gets that information directly from LaunchPad, so LaunchPad still thinks karmic is supported17:52
=== hallyn is now known as hallyn_afk
Qwc*knock knock*18:51
QwcHi m8s, does a kernel ppa exist for 10.10 with the latest 2.6.38 or 2.6.39rc ? because i've got a serious problem with my xeon E5420, the kernel shipped with natty panics at boot or on starting kde18:53
jjohansenQwc: natty is pretty much the latest 2.6.38 kernel18:54
jjohansenQwc: there are mainline build kernels for 2.6.3918:54
tgardnernot to mention the 2.6.39 kernel. see https://launchpad.net/ubuntu/+source/linux18:55
Qwchmm, wtf? my apt refuses to install ... *gaa* ... okay checking that again (trice now)18:55
* tgardner --> lunch19:06
Qwcokay, well got the 2.6.39rc5 now ... bbl, after reboot and some testing ;)19:14
Qwcjust a little question, which is the latest kernel the nvidia proprietary driver plays with ? o.O19:30
jjohansenQwc: probably most recent natty kernel, I know .39 breaks the ati fglrx driver and I suspect it is the same for the nvidia proprietary driver as well19:31
Qwcah k, i suspect the kernel from the 10.10 repo doesn't understand both of them, huh?19:32
Qwc-kernel +nvidia19:32
Qwchope i'll get not too much dependencies when i download the .deb from natty -.-19:35
Qwci could update the complete dist straight away from a running .39 kernel but working nvidia driver is essential. 19:36
Qwcdammit, my gentoo years are too far ago now... 19:38
Qwcm8s! please keep your fingers crossed, that the .38 kernel does not panic on my damn machine! ;)19:41
hertonhardy master-next is failing to build, probably is the last applied ldm patch:19:48
herton/home/herton/kernels/ubuntu-hardy/fs/partitions/ldm.c: In function 'ldm_parse_vmdb':19:48
herton/home/herton/kernels/ubuntu-hardy/fs/partitions/ldm.c:256: error: 'FALSE' undeclared (first use in this function)19:48
herton/home/herton/kernels/ubuntu-hardy/fs/partitions/ldm.c:256: error: (Each undeclared identifier is reported only once19:48
herton/home/herton/kernels/ubuntu-hardy/fs/partitions/ldm.c:256: error: for each function it appears in.)19:48
* jjohansen -> lunch20:01
Kanohi, why is not rc7 build for 64 bit?20:01
Kanobut daily has 64 bit20:01
bjfherton looking20:38
bjfherton, doing a test build, this will take a bit20:46
hertonbjf: no worries, I reverted the two ldm patches here for now to test build my backport20:47
Qwcwell m8s, the kernel paniced ... btw. where can i find the "panic-log", does it exist?20:53
Qwcdmesg doesnt log that ...20:54
Qwcwell, then i have to wait for 11.10... -.-20:56
bjfherton, same error here, will investigate and get it fixed up21:02
=== hallyn_afk is now known as hallyn
=== _LibertyZero is now known as LibertyZero
hertonok21:12
apwKano, probabally cause someone fixed the compiler failure in -rc722:05
bjfherton, hardy master-next is fixed22:30
hertonbjf: nice. Other thing now, about FixingCVEs text, should I care about item 9. Update the Security Team's CVE tracking... ?22:31
bjfherton, lets hold off on that until you have that CVE applied to all the kernel trees22:31
hertonok22:32
* herton --> eod22:45

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!