Home
release-team@conference.openafs.org
Friday, April 2, 2021< ^ >
kaduk@jabber.openafs.org/barnowl has set the subject to: openafs release team
Room Configuration
Room Occupants

GMT+0
[11:15:10] meffie joins the room
[11:51:57] mbarbosa joins the room
[12:20:27] mbarbosa leaves the room
[12:20:38] mbarbosa joins the room
[13:52:50] Cheyenne joins the room
[14:21:42] kaduk@jabber.openafs.org/barnowl leaves the room
[14:21:45] kaduk@jabber.openafs.org/barnowl joins the room
[15:47:58] yadayada joins the room
[16:00:36] <kaduk@jabber.openafs.org/barnowl> greetings
[16:00:49] <yadayada> hi all
[16:01:05] <Cheyenne> Hello
[16:01:31] wiesand joins the room
[16:01:40] <wiesand> Hello
[16:02:07] <meffie> greetings.
[16:02:46] <wiesand> No news from my side today, I'm very sorry. The week passed by keeping me busy with private stuff.
[16:03:41] <meffie> no worries wiesand
[16:04:41] <wiesand> The good news is that this will be a long weekend for me, and I'll have another 3 days w/o $dayjob duties.
[16:05:06] <kaduk@jabber.openafs.org/barnowl> The first half of the week was pretty distracting for me as well; do
you remember what the remaining items for pre1 are?
[16:06:11] <meffie> i've been bad at releasing notes lately :(
[16:06:33] <wiesand> Me getting around to NEWS. Maybe Big Sur. Maybe more FBSD. But the latter two aren't blockers. I am :-(
[16:07:23] <kaduk@jabber.openafs.org/barnowl> Trust me, I know the feeling.
[16:08:05] <kaduk@jabber.openafs.org/barnowl> On a positive note, I basically just have the last half of rx_knet.c
to look at in the last big sur change, but I think it will end up
being ready to land.
[16:08:15] <meffie> yay!
[16:08:26] <wiesand> Good!
[16:08:47] <meffie> in related macos news, marcio is making good progress on M1 support
[16:09:18] <kaduk@jabber.openafs.org/barnowl> Exciting!
[16:09:56] <meffie> should be mostly build system changes i believe.
[16:10:27] <wiesand> Anyone else here *with* news?
[16:11:17] <meffie> i have built the source tar files for 1.9.1 and have been running them on tests systems
[16:11:27] <Cheyenne> doing a build check with latest linux 5.12 -- will have results in a few minutes
[16:11:31] <meffie> them == the bins made from them
[16:12:07] <meffie> i dont have access to g.c.o to upload the 1.9.1 files, but put them here...
[16:12:35] <wiesand> ok, I promise to create the 1.9.1 g.c.o volume and upload the files over the long weekend
[16:12:37] <meffie> ls /afs/sinenomine.net/public/openafs/bins/1.9.1dev/sdist/
[16:13:55] <meffie> also at https://download.sinenomine.net/openafs/bins/1.9.1dev/sdist/
[16:14:29] <wiesand> NB I did act upon your last "release www.workshop <http://www.workshop>" request, but I think i failed to send a response - anything left to do here?
[16:15:56] <meffie> yes, i did see that, thank you!
[16:16:33] <meffie> nothing else for now. i'll be making more updates as talks are accepted
[16:16:58] <kaduk@jabber.openafs.org/barnowl> I guess I should probably submit a talk, shouldn't I
[16:17:19] <meffie> absolutely!
[16:17:25] <wiesand> I feel I ought to submit something too, I'm just not sure what would make sense.
[16:17:50] Cheyenne smacks forehead.. remember to add -j8 to make
[16:17:55] <wiesand> And obviously Ben has much more to talk about than me.
[16:18:42] <meffie> yes it would be great to here a talk from wiesand!
[16:19:23] <wiesand> So what would you like me to talk about?
[16:19:25] <meffie> does and donts for gerrit submissions would be great to hear :)
[16:19:38] <Cheyenne> yes -- that would be a good one
[16:20:18] <wiesand> Ok, nice starter!
[16:20:26] <kaduk@jabber.openafs.org/barnowl> "Lessons learned from the 1.6.x branch" could be an interesting talk,
but might not be worth the effort needed to produce it.
[16:21:54] <meffie> hmm, yes i suppose that would be a long list.
[16:22:39] <wiesand> Well, the real lesson remains to be learned. What I have learned so far will boil down to those "does and dont's for gerrit submissions" ;-)
[16:22:57] <meffie> excellent.
[16:23:18] <kaduk@jabber.openafs.org/barnowl> Indeed
[16:25:08] <meffie> wiesand i made some comments on the make-release gerrit for you
[16:25:48] <meffie> hopefully you can take a look when you have some time.
[16:26:15] <meffie> 14566
[16:26:25] <wiesand> Yes, saw them. I yet have to check. It works for me, but there's likely a typo in the regex.
[16:26:44] <kaduk@jabber.openafs.org/barnowl> Okay, posted a +2 on 14431 (last bigsur) with some comments.  It looks
like I'll have to rebase anyway, so I can wait a little bit in case
there are replies to those comments
[16:26:58] <meffie> excellent thanks.
[16:29:27] <kaduk@jabber.openafs.org/barnowl> And I seem to recall a pile of bosserver stuff that went by that I
should look at (as well as Stephan's make-release change)
[16:30:11] <Cheyenne> there will be some updates to the bosserver stuff to address some of Andrews feedback
[16:30:59] <meffie> i believe cheyenne going to do another pass, but it would be great to have some feedback on the approach
[16:32:05] <Cheyenne> yes -- I think the biggest guestion is.. increase the size of for the existing RPCs or add new RPCs
[16:33:08] <wiesand> this smells like standardization issues?
[16:33:23] <meffie> not sure. there's a precedent for capping string sizes
[16:33:47] <meffie> this would be increasing the string size to a useful value
[16:34:43] <meffie> and also, i dont think there is a registry for bosserver rpcs.
[16:35:18] <kaduk@jabber.openafs.org/barnowl> There's no standards body for bosserver, correct
[16:35:26] <kaduk@jabber.openafs.org/barnowl> It's just our own internal tool that we can do what we want with
[16:35:40] <wiesand> ok, all the better
[16:35:56] <Cheyenne> Okay :)
[16:36:47] <meffie> ok, thanks kaduk.
[16:38:38] <kaduk@jabber.openafs.org/barnowl> It is sounding like we are running out of topics for this
meeting/today...
[16:38:48] <yadayada> I have one topic for today
[16:38:58] <kaduk@jabber.openafs.org/barnowl> Please go ahead yadayada
[16:39:14] <yadayada> With 14082 we are seeing some strange issue
[16:39:46] <yadayada> what we see is that task is doing a setreuid and there kernel makes a check if cred is proper
[16:40:54] <yadayada> Now what we see is that if cred is not proper then kernel does panic. While debugging I saw that cred is task struct is that of cache_cred
[16:41:18] <yadayada> Now as per code we override cred and then revert it back
[16:41:27] <kaduk@jabber.openafs.org/barnowl> Does that suggest that we are failing to restore the users creds in
some codepath?
[16:41:36] <yadayada> yes
[16:41:40] <Cheyenne> clean master build against latest linux 5.12-rc5+
[16:41:48] <yadayada> and that is strange
[16:42:31] <yadayada> Only new change I added this time was 14082, but in that we do a revert, not sure why revert didn't happened
[16:42:40] <yadayada> analyzing it
[16:43:42] <wiesand> 14082 requires 14099 on top IIRC
[16:44:51] <wiesand> that's "LINUX: Properly revert creds in osi_UFSTruncate"
[16:44:56] <kaduk@jabber.openafs.org/barnowl> Ah, yes, that looks quite apropos
[16:45:22] <wiesand> cheyenne: thanks!
[16:46:58] <wiesand> yadayada: any chance you just missed 14099, or is there some other problem lurking?
[16:47:30] <yadayada> yes I missed 14099, will try this ... thanks for pointing it.
[16:47:40] <meffie> excellent
[16:48:01] <yadayada> Another thing is about crowdstrike falcon LSM issue
[16:48:07] <meffie> (not that you missed it, but it was pointed out)
[16:48:16] <meffie> yes?
[16:49:09] <yadayada> I was going through some discussion on it, Ben might know. I was thinking 14082 might fix this issue https://lists.openafs.org/pipermail/openafs-info/2021-March/043076.html
[16:49:43] <kaduk@jabber.openafs.org/barnowl> It seems like the conclusion from the crowdstrike mail thread is that
we need to put deferred deletes into a dedicated task/thread and not
do them in a user thread
[16:49:59] <yadayada> So one query here
[16:50:02] <kaduk@jabber.openafs.org/barnowl> But I did not get a chance to actually look in much detail.
[16:50:16] <yadayada> we had 10598
[16:50:38] <yadayada> I saw in 10598 we used sock_create_kern instead of sock_create to bypass LSM
[16:50:52] <yadayada> can't same happen with opening of a file in kernel ?
[16:51:56] <meffie> looks promising, i think
[16:52:00] <kaduk@jabber.openafs.org/barnowl> I don't know, off the top of my head.  It sounds plausible.
I wonder if Andrew and/or Cheyenne would have a better sense than me.
[16:52:46] <yadayada> Somewhere in discussion they have written in discussion we need to open a file in such a way that LSM should be bypassed and they say crwodstike can help us in that
[16:53:13] <yadayada> not sure if any thread is started with crwodstrike on it ?
[16:54:13] <kaduk@jabber.openafs.org/barnowl> I did not start one (things have been pretty busy here)
[16:54:13] <yadayada> https://lists.openafs.org/pipermail/openafs-info/2021-March/043077.html
[16:54:35] <yadayada> snippet from Martin Kelly from crowdstike
[16:54:37] <yadayada> ""
[16:54:40] <yadayada> I believe the way to fix this is that OpenAFS needs to open this file in a
way that does not go through the LSM, because there is no process context
here.
[16:55:08] <meffie> yes, that was from Martin Kelly
[16:55:15] <kaduk@jabber.openafs.org/barnowl> The big question seems to be whether there are any KPIs to do that
that are not GPLONLY
[16:55:53] <yadayada> right .. I hope they are not, but in case it is GPL only we need to try some hacks ..
[16:56:46] <meffie> thank you yadayada
[16:57:16] <yadayada> I will drop a note on this and we might need to start thread with crowdstrike to handle this case ...
[16:57:28] <meffie> thank you
[16:57:34] <wiesand> naively, opening a file bypassing LSM "sounds wrong to me"?
[16:58:13] <meffie> also i just added yadayada and ben  to 14584
[16:59:06] <meffie> which should fix the issue reported by Chaskiel
[16:59:33] <kaduk@jabber.openafs.org/barnowl> opening a file bypassing the LSM is an atypical thing to do, yes.  But
when the operation is being done entirely at the initiative of the
kernel itself it can be the right thing to do.
[17:00:32] <wiesand> ok
[17:01:22] <wiesand> Looks like we're finished for today… adjourn?
[17:01:50] <meffie> thanks all, i'll post a summary to openafs-devel today
[17:01:58] <yadayada> Nothing from my side ... Mike will try ansible playbook rc3 in coming week and let you know how it goes
[17:02:22] <meffie> thank you!
[17:03:25] <meffie> have a good weekend all.
[17:03:27] <wiesand> Thanks a lot everybody! Happy Easter (if it has a meaning to you)!
[17:03:34] <yadayada> thanks all
[17:03:57] <Cheyenne> thanks -- have a safe week
[17:04:00] <kaduk@jabber.openafs.org/barnowl> thanks everyone!
[17:04:09] <Cheyenne> Oh .. 1.8.x (with 5.12 patches) still builds cleanly
[17:04:25] <Cheyenne> (just finished)
[17:04:30] <wiesand> Thanks Cheyenne!
[17:28:32] wiesand leaves the room
[18:43:36] Cheyenne leaves the room
[18:51:46] yadayada joins the room
[18:52:58] yadayada leaves the room
[18:56:09] yadayada leaves the room
[19:02:22] meffie leaves the room
[19:51:44] mbarbosa leaves the room