Hi! First... what I am currently using for testing: gitlab; I simply watch for green ticks there. It takes ~15 minutes to get results. Red cross in compile stage is pretty sure sign of build error. Re

Hi! ... Let me see. 4.19 has that commit; it was merged during merge window. 4.9 does not have that commit. If CVE-2021-39686 is important to you, right way forward would be to backport neccessary cha

Hi! Upstream said this code is correct and affected drivers should be fixed, instead, so we don't plan to do anything here. Best regards, Pavel

#cip

Hi! They certainly have good marketing and clearly want attention. Whether they deserve attention... is hard to tell. Maybe situation will be more clear after reading the paper. There are three more v

Hi! It seems this patch depends on a65655d40c8235. I have backported it an am proceeding with testing. Best regards, Pavel

Hi! My tree currently looks like this: 882867c873bbf048cd3574a3fda18742726839b8 x86/retpoline: Remove minimal retpoline support 5a5cafcebb8d249808b0bd63ca75642e5e1ec821 x86/retpoline: Make CONFIG_RETP

Hi! With all the patches applied, I get this: https://gitlab.com/cip-project/cip-kernel/linux-cip/-/jobs/2581576742 LD arch/x86/platform/intel-mid/built-in.o 1704 CC arch/x86/platform/efi/efi.o 1705 C

Hi! (I put mailing list in the cc). > > > And possibly these? > > > > > > 4.9.306: speculation fixes, mostly x86 + 7833a9b54 > > > > > > ** !M | 890fb470c 0cbb76 o | x86/speculation: Add RETPOLINE_AMD

Hi! Thanks for CVEs. I think there's another one we need to track -- CVE-2021-4034 -- kernel vs pkexec API confusion leads to easy local root. I created an initial yml and pushed it to the repository.

Hi! Yes, it is same thing... see dcd46d897adb70d63e025f175a00a89797d31a43 and https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt . Pkexec is gnome-related, so should not be too usual on embedd

Hi! There's a security problem in pkexec vs. kernel interaction. Impact is local root. If you want to get root on someone else's system, it should be easy right now. It is fixed in 5.18, 5.10.120, and

Hi! Below is document about kernel security I have mentioned on the irc. But looking at it some more, TSC might have been looking at easier "turn this CONFIG on and this off" kind of hardening. I'll l

Hi! Thanks for the report. Unfortunately, mainline seems to be different here. Looking at the code, is min < 0 in your case? Best regards, Pavel

#cip

Hi! New realtime trees should be available at kernel.org. Trees are available at https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git/log/?h=linux-4.4.y-cip-rt https://git.kernel.org/pub/

Hi! https://www.timeanddate.com/worldclock/meetingdetails.html?year=2022&month=5&day=12&hour=12&min=0&sec=0&p1=224&p2=179&p3=136&p4=37&p5=241&p6=248 I'm not sure if I'll be able to make it today. I wa

Hi! Ok, I created 5.10.109-based -rt release. I believe that would be rather "strange". I could do 4.19.240-rt108-cip72 based release, but I guess it will be better to wait for next 4.19-rt and do a m

Hi! New realtime trees should be available at kernel.org. Trees are available at https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git/log/?h=linux-5.10.y-cip-rt https://git.kernel.org/pub

Hi! In previous linux-4.4.y-cip-rebases, order of patches was: git log: [CIP patches] [Greg's stable tree] [Linus tree] With start of self-maintainance, we now have: git log: [-st patches] [CIP patche

Hi! I tried to do some testing, but it fails on two targets: https://gitlab.com/cip-project/cip-kernel/linux-cip/-/pipelines/522211501 And failed test says: https://lava.ciplatform.org/scheduler/job/6

Hi! There's oops during boot on socfpga: 4.19.240-cip72-00010-g0ffbb4b1066 -- https://lava.ciplatform.org/scheduler/job/669893 4.19.240-rc1-g5e5c9d690926 -- https://lava.ciplatform.org/scheduler/job/6