log from the meeting. /Magnus
[21:32:25] <Zorry> 1.0 Toolchain [21:32:57] <Zorry> not that mutch new thing there [21:33:05] <prometheanfire> 4.8 live soon? [21:33:39] <Zorry> still waithing for review of my upstrem gcc 4.9 patches [21:33:54] <Zorry> 4.8.2 is in tree unstable [21:34:40] <Zorry> else nothing new from may part [21:34:47] <Zorry> anyone else? [21:34:54] <prometheanfire> non [21:35:18] <Zorry> okay next [21:35:36] <Zorry> 2.0 Kernel and Grsec/pax [21:35:53] <Zorry> blueness is not here so [21:36:03] <Zorry> some one else have any thing? [21:36:16] <Zorry> pipacs: do you have anything from upstrem? [21:36:41] <pipacs> humm, what upstream? ;) [21:36:57] <Zorry> kernel and pax stuff [21:37:07] <pipacs> oh that'd be me ;) [21:37:15] <lejonet> pipacs: you know, that snotty bastard who always is an asshole to people? ;) :P [21:37:16] <pipacs> i have my 3.12.1 port out, spender will do his part soon i guess [21:37:29] <pipacs> that also means EOL for 3.11 [21:37:55] <pipacs> there's a new size overflow plugin in there, expect some false positive reports, direct them to Emese and me [21:37:59] <Zero_Chaos> pipacs: there have been a lot of random issues which seem to only be replicatable on 3.12 (non-pax related). Are you aware? [21:38:15] <pipacs> like what issues? [21:38:33] <Zero_Chaos> pipacs: wierd build failures that look like parallelization issues but only occur on 3.12 kernel. [21:38:35] <pipacs> at least my port seems to run fine [21:38:48] <pipacs> i build with -j8 and no issues herey ChanServ [21:39:44] <klondike> Sorry for delay [21:39:49] <Zero_Chaos> "look like parallelization issues" [21:40:15] <pipacs> did these get reported to lkml? [21:40:31] <Zero_Chaos> pipacs: https://bugs.gentoo.org/show_bug.cgi?id=490946 [21:40:51] <Zero_Chaos> pipacs: it notes another bug, both are 3.12 only and wierdish. Just something to be aware of, it may be an issue. [21:41:03] <Zero_Chaos> pipacs: again, a 3.12 issue, not *your* issue [21:41:15] <Zero_Chaos> but that's all I've seen [21:41:26] <pipacs> hmm, interesting, i did see wierd sandbox violations while under 3.12 [21:41:45] <pipacs> but i chalked them up to sandbox not the kernel ;P [21:42:23] <Zero_Chaos> pipacs: it appears to only happen with kernel 3.12, and now you are aware :-) [21:42:30] <pipacs> eah [21:42:39] <pipacs> but i'm not gonna be able to fix this i'm afraid [21:42:41] <pipacs> tell lkml [21:43:38] <Zorry> next? [21:43:44] <klondike> Wait [21:43:51] <klondike> Can I just say a kick thing on toolchain? [21:43:55] <Zero_Chaos> pipacs: like I said, I only wanted you to know it was a bug, not asking for a fix [21:43:56] <klondike> *quick [21:44:06] <Zorry> klondike: quik [21:44:51] <klondike> The llvm transforms are done and published code can be downloaded from http://klondike.es/llvm.tar.xz [21:45:02] <klondike> I'm starting the writing part of the thesis now :) [21:45:04] <klondike> That's it [21:45:29] <klondike> Thanks Zorry :) [21:45:30] <Zorry> okey [21:45:33] <Zorry> next [21:45:38] <Zorry> 3.0 Selinux [21:45:46] <Zorry> no SwifT ether :( [21:45:55] <Zorry> prometheanfire: did you have anything? [21:45:55] <klondike> :( [21:45:57] <prometheanfire> just a minor note here, I'm working on native selinux support for ZoL [21:46:08] <prometheanfire> my in progress work is here https://github.com/zfsonlinux/zfs/pull/1835 [21:46:11] <prometheanfire> that's it [21:46:41] <Zorry> any one else? [21:46:58] <Zorry> next [21:47:02] <Zorry> 4.0 System Integrity [21:47:12] <Zorry> more SwifT stuff [21:47:22] <Zorry> so next? [21:47:39] <Zorry> 5.0 Profiles [21:47:51] <prometheanfire> steev: ping [21:47:56] <prometheanfire> steev: arm selinux work? [21:48:06] <Zorry> Zero_Chaos: did you test any thing on the desktop profile? Note: bug 492312 [21:48:24] <prometheanfire> dunno if it's anything official, but I've been working with steev on arm selinux [21:48:40] <prometheanfire> so it's a work in progress [21:48:42] <prometheanfire> that's it [21:48:53] <Zero_Chaos> Zorry: I've been running a desktop hardened profile for a long time now. I just have not officially added it back to gentoo yet. [21:49:14] <steev> prometheanfire: pong, what's been done is what's done, i wanted to talk to SwifT regarding keywording since the kernel versions seem to matter greatly [21:49:21] <Zero_Chaos> Zorry: as it stands, I see no issues why it won't work, still. I'll try to add it back and let others test (but I do have a few hundred users running it now) [21:50:23] <steev> prometheanfire: but he appears to be devaway til january [21:50:37] <steev> perhaps i should just use email [21:50:42] <Zorry> Zero_Chaos: the prob with the old one was that it overwite the hardened one [21:51:28] <Zorry> the stacking order of the profiles [21:51:44] <prometheanfire> steev: ya, I'd email [21:52:33] <Zero_Chaos> Zorry: yes but if the inherit order is reversed then hardened overwrites the desktop one (which is how I've been running it for years) [21:54:12] <klondike> I think blueness has something to say on that [21:55:07] <Zero_Chaos> klondike: in all honesty I have >2k users running a "hardened desktop profile" right now. I'll re-add one to gentoo (but not to profiles.desc) and ask for testing. [21:57:21] <klondike> Ok, ok I just recall blueness saying there was some issue with that [21:57:34] <Zorry> Zero_Chaos: you can't have it the hardened/linux/.... for then the desktop profile will be before the base profiles and stuff or after hardened [21:57:35] <prometheanfire> the profile stacking was bad or something [21:57:41] <Zorry> prometheanfire: yes [21:58:13] <Zero_Chaos> Zorry: how about this, I'll add it, and ask for testers. If it all works out then people can just be happy :-) [21:58:34] <prometheanfire> add it but don't publish it I think? [21:58:43] <Zorry> yep [21:58:45] <Zero_Chaos> prometheanfire: for sure, NOT going in profiles.desc until tested [21:58:57] <Zero_Chaos> tested by others than myself [21:59:04] <prometheanfire> sounds workable, all the unpublish ones are ymmv stuff [21:59:12] <Zero_Chaos> for sure [21:59:55] <Zorry> okay next? [22:00:09] <prometheanfire> next [22:00:22] <Zorry> 6.0 Docs [22:00:35] <Zorry> anything new there? [22:01:10] <klondike> Not from me [22:01:16] <klondike> haven't had time for them :( [22:01:19] <Zorry> okey next then [22:01:34] <Zorry> 7.0 Bugs [22:01:51] <Zorry> move on? [22:02:08] <prometheanfire> yar [22:02:10] <Zorry> 8.0 Media [22:03:01] <Zorry> klondike: any news? [22:03:11] <klondike> no, no talks or anything scheduled [22:03:18] <klondike> We should prepare for FOSDEM though [22:03:23] <Zorry> yep [22:03:27] <klondike> have you sent your suggestion Zorry? [22:03:43] <Zorry> klondike: havne't sent anything [22:04:05] <klondike> I think we still have time but we should prepare [22:04:38] <klondike> I'd like to at least repeat the hardened user-dev meeting [22:04:49] <Zorry> klondike: yep [22:05:28] <klondike> I'll write the distro miniconf responsible and ask then [22:05:41] <klondike> Zorry: do you want to present something? [22:05:54] <Zorry> mayby [22:06:09] <klondike> I may try to do the "last year in hardening updates" talk though [22:06:53] -*- prometheanfire has thought about fosdem this year, but nothing useful yet [22:07:07] <Zorry> yee som gcc stuff have change [22:07:30] <Zorry> were we input the spec [22:07:55] <klondike> :) [22:08:13] <klondike> I insist it would be EPIC having you talking on how do you do hardening gcc side [22:08:27] <klondike> pipacs: probably agrees too :P [22:09:32] <pipacs> go for it ;) [22:09:49] <Zorry> so last year hardened and user-dev stuff for fosdem? [22:10:19] <klondike> And Zorry presents: gcc! [22:10:43] <klondike> I'll help you preparing the talk Zorry :) [22:10:48] <Zorry> :) [22:11:07] <klondike> And I'll be your assistant so we can leave lejonet in peace [22:11:14] <klondike> And prometheanfire xD [22:11:54] <Zorry> do we have any thing else? [22:12:19] <klondike> Unless prometheanfire feels like speaking on hardened virtualization I doubt that's the case :P [22:13:05] <Zorry> next [22:13:16] <prometheanfire> klondike: not much to say on that subjectr [22:13:28] <Zorry> 9.0 Open floor [22:13:44] <Zorry> ty all for the meeting
