Re: [PULL 00/26] Migration 20240104 patches
On Mon, 8 Jan 2024 at 02:35, Peter Xu wrote: > > On Mon, Jan 08, 2024 at 10:10:24AM +0800, Peter Xu wrote: > > On Sun, Jan 07, 2024 at 11:28:25AM -0500, Stefan Hajnoczi wrote: > > > On Sun, 7 Jan 2024 at 10:23, Peter Maydell > > > wrote: > > > > > > > > On Sun, 7 Jan 2024 at 12:41, Stefan Hajnoczi wrote: > > > > > > > > > > On Sun, 7 Jan 2024 at 07:34, Peter Xu wrote: > > > > > > > > > > > > On Fri, Jan 05, 2024 at 04:08:40PM +, Peter Maydell wrote: > > > > > > > I notice that your gpg key doesn't seem to be signed by anybody > > > > > > > else; you might look at whether it's easy to get it signed > > > > > > > by somebody else (eg some of your redhat colleagues). > > > > > > > > > > > > Hmm, I think I have signed with at least Juan and Stefan. Which is > > > > > > the key > > > > > > server we normally use? Maybe I missed some steps there? > > > > > > > > > > Yes, Peter's key is signed by me: > > > > > > > > > > $ gpg --list-signatures 3B5FCCCDF3ABD706 > > > > > pub ed25519/0x3B5FCCCDF3ABD706 2023-10-03 [SC] > > > > > Key fingerprint = B918 4DC2 0CC4 57DA CF7D D1A9 3B5F CCCD F3AB > > > > > D706 > > > > > uid [ full ] Peter Xu > > > > > sig 30x3B5FCCCDF3ABD706 2023-10-03 [self-signature] > > > > > sig 0x9CA4ABB381AB73C8 2023-10-10 Stefan Hajnoczi > > > > > > > > > > uid [ full ] Peter Xu > > > > > sig 30x3B5FCCCDF3ABD706 2023-10-03 [self-signature] > > > > > sig 0x9CA4ABB381AB73C8 2023-10-10 Stefan Hajnoczi > > > > > > > > > > sub cv25519/0xD5261EB1CB0C6E45 2023-10-03 [E] > > > > > sig 0x3B5FCCCDF3ABD706 2023-10-03 [self-signature] > > > > > > > > > > I have pushed to the keyservers again in case I forget. > > > > > > > > Thanks. Which keyservers did you use? I think these days the > > > > keyserver infrastructure is unfortunately fragmented; I > > > > probably didn't try refreshing from the right keyserver. > > > > > > I ran gpg --send-key again and it said hkps://keyserver.ubuntu.com. > > > > Thanks Stefan. Indeed I can only see Stefan's sig there on the key server: > > > > https://keyserver.ubuntu.com/pks/lookup?search=3b5fcccdf3abd706&fingerprint=on&op=index > > > > I am guessing Juan forgot to do a "gpg --send-keys 3B5FCCCDF3ABD706". I'll > > also try to ask maybe one or two more people to exchange keys. Maybe > > that'll also help. > > Besides that, just now I also tried to do a remote --recv-keys on my own > key and I found that indeed the signature from Stefan was not attached. > > Then I found this: > > https://daniel-lange.com/archives/178-Getting-gpg-to-import-signatures-again.html > > So it seems the default behavior of gpg command changed recently that it'll > stop to receive signatures besides the self signature to avoid DoS to the > keyservers. > > https://dev.gnupg.org/rG23c978640812d123eaffd4108744bdfcf48f7c93 > > In short, now we seem to need: > > $ gpg --recv-keys --keyserver-option no-self-sigs-only $KEY_ID > > To recover the old behavior to receive signs from others. Ah, thank you. Yes, that did the trick and I now can see the signatures on your key from other people. -- PMM
Re: [PULL 00/26] Migration 20240104 patches
On Mon, Jan 08, 2024 at 10:10:24AM +0800, Peter Xu wrote: > On Sun, Jan 07, 2024 at 11:28:25AM -0500, Stefan Hajnoczi wrote: > > On Sun, 7 Jan 2024 at 10:23, Peter Maydell wrote: > > > > > > On Sun, 7 Jan 2024 at 12:41, Stefan Hajnoczi wrote: > > > > > > > > On Sun, 7 Jan 2024 at 07:34, Peter Xu wrote: > > > > > > > > > > On Fri, Jan 05, 2024 at 04:08:40PM +, Peter Maydell wrote: > > > > > > I notice that your gpg key doesn't seem to be signed by anybody > > > > > > else; you might look at whether it's easy to get it signed > > > > > > by somebody else (eg some of your redhat colleagues). > > > > > > > > > > Hmm, I think I have signed with at least Juan and Stefan. Which is > > > > > the key > > > > > server we normally use? Maybe I missed some steps there? > > > > > > > > Yes, Peter's key is signed by me: > > > > > > > > $ gpg --list-signatures 3B5FCCCDF3ABD706 > > > > pub ed25519/0x3B5FCCCDF3ABD706 2023-10-03 [SC] > > > > Key fingerprint = B918 4DC2 0CC4 57DA CF7D D1A9 3B5F CCCD F3AB > > > > D706 > > > > uid [ full ] Peter Xu > > > > sig 30x3B5FCCCDF3ABD706 2023-10-03 [self-signature] > > > > sig 0x9CA4ABB381AB73C8 2023-10-10 Stefan Hajnoczi > > > > > > > > uid [ full ] Peter Xu > > > > sig 30x3B5FCCCDF3ABD706 2023-10-03 [self-signature] > > > > sig 0x9CA4ABB381AB73C8 2023-10-10 Stefan Hajnoczi > > > > > > > > sub cv25519/0xD5261EB1CB0C6E45 2023-10-03 [E] > > > > sig 0x3B5FCCCDF3ABD706 2023-10-03 [self-signature] > > > > > > > > I have pushed to the keyservers again in case I forget. > > > > > > Thanks. Which keyservers did you use? I think these days the > > > keyserver infrastructure is unfortunately fragmented; I > > > probably didn't try refreshing from the right keyserver. > > > > I ran gpg --send-key again and it said hkps://keyserver.ubuntu.com. > > Thanks Stefan. Indeed I can only see Stefan's sig there on the key server: > > https://keyserver.ubuntu.com/pks/lookup?search=3b5fcccdf3abd706&fingerprint=on&op=index > > I am guessing Juan forgot to do a "gpg --send-keys 3B5FCCCDF3ABD706". I'll > also try to ask maybe one or two more people to exchange keys. Maybe > that'll also help. Besides that, just now I also tried to do a remote --recv-keys on my own key and I found that indeed the signature from Stefan was not attached. Then I found this: https://daniel-lange.com/archives/178-Getting-gpg-to-import-signatures-again.html So it seems the default behavior of gpg command changed recently that it'll stop to receive signatures besides the self signature to avoid DoS to the keyservers. https://dev.gnupg.org/rG23c978640812d123eaffd4108744bdfcf48f7c93 In short, now we seem to need: $ gpg --recv-keys --keyserver-option no-self-sigs-only $KEY_ID To recover the old behavior to receive signs from others. Thanks, -- Peter Xu
Re: [PULL 00/26] Migration 20240104 patches
On Sun, Jan 07, 2024 at 11:28:25AM -0500, Stefan Hajnoczi wrote: > On Sun, 7 Jan 2024 at 10:23, Peter Maydell wrote: > > > > On Sun, 7 Jan 2024 at 12:41, Stefan Hajnoczi wrote: > > > > > > On Sun, 7 Jan 2024 at 07:34, Peter Xu wrote: > > > > > > > > On Fri, Jan 05, 2024 at 04:08:40PM +, Peter Maydell wrote: > > > > > I notice that your gpg key doesn't seem to be signed by anybody > > > > > else; you might look at whether it's easy to get it signed > > > > > by somebody else (eg some of your redhat colleagues). > > > > > > > > Hmm, I think I have signed with at least Juan and Stefan. Which is the > > > > key > > > > server we normally use? Maybe I missed some steps there? > > > > > > Yes, Peter's key is signed by me: > > > > > > $ gpg --list-signatures 3B5FCCCDF3ABD706 > > > pub ed25519/0x3B5FCCCDF3ABD706 2023-10-03 [SC] > > > Key fingerprint = B918 4DC2 0CC4 57DA CF7D D1A9 3B5F CCCD F3AB D706 > > > uid [ full ] Peter Xu > > > sig 30x3B5FCCCDF3ABD706 2023-10-03 [self-signature] > > > sig 0x9CA4ABB381AB73C8 2023-10-10 Stefan Hajnoczi > > > > > > uid [ full ] Peter Xu > > > sig 30x3B5FCCCDF3ABD706 2023-10-03 [self-signature] > > > sig 0x9CA4ABB381AB73C8 2023-10-10 Stefan Hajnoczi > > > > > > sub cv25519/0xD5261EB1CB0C6E45 2023-10-03 [E] > > > sig 0x3B5FCCCDF3ABD706 2023-10-03 [self-signature] > > > > > > I have pushed to the keyservers again in case I forget. > > > > Thanks. Which keyservers did you use? I think these days the > > keyserver infrastructure is unfortunately fragmented; I > > probably didn't try refreshing from the right keyserver. > > I ran gpg --send-key again and it said hkps://keyserver.ubuntu.com. Thanks Stefan. Indeed I can only see Stefan's sig there on the key server: https://keyserver.ubuntu.com/pks/lookup?search=3b5fcccdf3abd706&fingerprint=on&op=index I am guessing Juan forgot to do a "gpg --send-keys 3B5FCCCDF3ABD706". I'll also try to ask maybe one or two more people to exchange keys. Maybe that'll also help. Thanks, -- Peter Xu
Re: [PULL 00/26] Migration 20240104 patches
On Sun, 7 Jan 2024 at 10:23, Peter Maydell wrote: > > On Sun, 7 Jan 2024 at 12:41, Stefan Hajnoczi wrote: > > > > On Sun, 7 Jan 2024 at 07:34, Peter Xu wrote: > > > > > > On Fri, Jan 05, 2024 at 04:08:40PM +, Peter Maydell wrote: > > > > I notice that your gpg key doesn't seem to be signed by anybody > > > > else; you might look at whether it's easy to get it signed > > > > by somebody else (eg some of your redhat colleagues). > > > > > > Hmm, I think I have signed with at least Juan and Stefan. Which is the > > > key > > > server we normally use? Maybe I missed some steps there? > > > > Yes, Peter's key is signed by me: > > > > $ gpg --list-signatures 3B5FCCCDF3ABD706 > > pub ed25519/0x3B5FCCCDF3ABD706 2023-10-03 [SC] > > Key fingerprint = B918 4DC2 0CC4 57DA CF7D D1A9 3B5F CCCD F3AB D706 > > uid [ full ] Peter Xu > > sig 30x3B5FCCCDF3ABD706 2023-10-03 [self-signature] > > sig 0x9CA4ABB381AB73C8 2023-10-10 Stefan Hajnoczi > > > > uid [ full ] Peter Xu > > sig 30x3B5FCCCDF3ABD706 2023-10-03 [self-signature] > > sig 0x9CA4ABB381AB73C8 2023-10-10 Stefan Hajnoczi > > > > sub cv25519/0xD5261EB1CB0C6E45 2023-10-03 [E] > > sig 0x3B5FCCCDF3ABD706 2023-10-03 [self-signature] > > > > I have pushed to the keyservers again in case I forget. > > Thanks. Which keyservers did you use? I think these days the > keyserver infrastructure is unfortunately fragmented; I > probably didn't try refreshing from the right keyserver. I ran gpg --send-key again and it said hkps://keyserver.ubuntu.com. Stefan
Re: [PULL 00/26] Migration 20240104 patches
On Sun, 7 Jan 2024 at 12:41, Stefan Hajnoczi wrote: > > On Sun, 7 Jan 2024 at 07:34, Peter Xu wrote: > > > > On Fri, Jan 05, 2024 at 04:08:40PM +, Peter Maydell wrote: > > > I notice that your gpg key doesn't seem to be signed by anybody > > > else; you might look at whether it's easy to get it signed > > > by somebody else (eg some of your redhat colleagues). > > > > Hmm, I think I have signed with at least Juan and Stefan. Which is the key > > server we normally use? Maybe I missed some steps there? > > Yes, Peter's key is signed by me: > > $ gpg --list-signatures 3B5FCCCDF3ABD706 > pub ed25519/0x3B5FCCCDF3ABD706 2023-10-03 [SC] > Key fingerprint = B918 4DC2 0CC4 57DA CF7D D1A9 3B5F CCCD F3AB D706 > uid [ full ] Peter Xu > sig 30x3B5FCCCDF3ABD706 2023-10-03 [self-signature] > sig 0x9CA4ABB381AB73C8 2023-10-10 Stefan Hajnoczi > > uid [ full ] Peter Xu > sig 30x3B5FCCCDF3ABD706 2023-10-03 [self-signature] > sig 0x9CA4ABB381AB73C8 2023-10-10 Stefan Hajnoczi > > sub cv25519/0xD5261EB1CB0C6E45 2023-10-03 [E] > sig 0x3B5FCCCDF3ABD706 2023-10-03 [self-signature] > > I have pushed to the keyservers again in case I forget. Thanks. Which keyservers did you use? I think these days the keyserver infrastructure is unfortunately fragmented; I probably didn't try refreshing from the right keyserver. -- PMM
Re: [PULL 00/26] Migration 20240104 patches
On Sun, 7 Jan 2024 at 07:34, Peter Xu wrote: > > On Fri, Jan 05, 2024 at 04:08:40PM +, Peter Maydell wrote: > > I notice that your gpg key doesn't seem to be signed by anybody > > else; you might look at whether it's easy to get it signed > > by somebody else (eg some of your redhat colleagues). > > Hmm, I think I have signed with at least Juan and Stefan. Which is the key > server we normally use? Maybe I missed some steps there? Yes, Peter's key is signed by me: $ gpg --list-signatures 3B5FCCCDF3ABD706 pub ed25519/0x3B5FCCCDF3ABD706 2023-10-03 [SC] Key fingerprint = B918 4DC2 0CC4 57DA CF7D D1A9 3B5F CCCD F3AB D706 uid [ full ] Peter Xu sig 30x3B5FCCCDF3ABD706 2023-10-03 [self-signature] sig 0x9CA4ABB381AB73C8 2023-10-10 Stefan Hajnoczi uid [ full ] Peter Xu sig 30x3B5FCCCDF3ABD706 2023-10-03 [self-signature] sig 0x9CA4ABB381AB73C8 2023-10-10 Stefan Hajnoczi sub cv25519/0xD5261EB1CB0C6E45 2023-10-03 [E] sig 0x3B5FCCCDF3ABD706 2023-10-03 [self-signature] I have pushed to the keyservers again in case I forget. Stefan
Re: [PULL 00/26] Migration 20240104 patches
On Fri, Jan 05, 2024 at 04:08:40PM +, Peter Maydell wrote: > I notice that your gpg key doesn't seem to be signed by anybody > else; you might look at whether it's easy to get it signed > by somebody else (eg some of your redhat colleagues). Hmm, I think I have signed with at least Juan and Stefan. Which is the key server we normally use? Maybe I missed some steps there? Thanks, -- Peter Xu
Re: [PULL 00/26] Migration 20240104 patches
On Thu, 4 Jan 2024 at 04:33, wrote: > > From: Peter Xu > > The following changes since commit 7425b6277f12e82952cede1f531bfc689bf77fb1: > > Merge tag 'tracing-pull-request' of https://gitlab.com/stefanha/qemu into > staging (2023-12-27 05:15:32 -0500) > > are available in the Git repository at: > > https://gitlab.com/peterx/qemu.git tags/migration-20240104-pull-request > > for you to fetch changes up to b12635ff08ab2e5a6a955c6866ef4525fb3deb5d: > > migration: fix coverity migrate_mode finding (2024-01-04 09:52:42 +0800) > > > migration 1st pull for 9.0 > > - We lost Juan and Leo in the maintainers file > - Steven's suspend state fix > - Steven's fix for coverity on migrate_mode > - Avihai's migration cleanup series > > I notice that your gpg key doesn't seem to be signed by anybody else; you might look at whether it's easy to get it signed by somebody else (eg some of your redhat colleagues). Applied, thanks. Please update the changelog at https://wiki.qemu.org/ChangeLog/9.0 for any user-visible changes. -- PMM