Skip to content

Test PR 3, take 3#5

Open
espeer wants to merge 10 commits intonova-testfrom
test_pr_3_t3
Open

Test PR 3, take 3#5
espeer wants to merge 10 commits intonova-testfrom
test_pr_3_t3

Conversation

@espeer
Copy link
Copy Markdown
Collaborator

@espeer espeer commented Mar 25, 2026

This is a test - do not merge

espeer added 10 commits March 25, 2026 00:40
@espeer
Add default Ubuntu config
fc0700d 
Using the Ubuntu configuration on the test branch is a known good
general starting point. This configuration will be pared down and
refined in future commits in order to reduce build time while still
retaining some degree of hardware flexibility for the test cluster.

Signed-off-by: Edwin Peer <epeer@nvidia.com>
@espeer
Reduce kernel build configuration
412eb70 
Signed-off-by: Edwin Peer <epeer@nvidia.com>
@espeer
Create GH workflow
499fb28 
Signed-off-by: Edwin Peer <epeer@nvidia.com>
@espeer
Colossus provisioning
8dfdfad 
Signed-off-by: Edwin Peer <epeer@nvidia.com>
@espeer
Nova test branch README
331e930 
Signed-off-by: Edwin Peer <epeer@nvidia.com>
@espeer
Remove Hopper target GPU
d213b34 
Colossus is not presently able to satisfy Hopper leasing requests:

Checking leases...
5eca02db-a682-4e5b-8985-576494fd75fc,PROVISIONING,,Nova CI/CD,Blackwell
645aa0fc-bf13-4330-ac6d-4c36da6918d8,PROVISIONING,,Nova CI/CD,Turing
49da4390-7f9b-4f07-a75b-a985a0d15826,PROVISIONING,,Nova CI/CD,Ampere
Leasing error: No available pools meet the policy requirements for this lease request

Signed-off-by: Edwin Peer <epeer@nvidia.com>
@espeer
Add Blossom CI hook.
cb1ad09 
Signed-off-by: Edwin Peer <epeer@nvidia.com>
@espeer
Remove legacy GitHub self hosted runner flow.
a7e1266 
Signed-off-by: Edwin Peer <epeer@nvidia.com>
@espeer
Add Manish as builder
cece59c 
Signed-off-by: Edwin Peer <epeer@nvidia.com>
@espeer
Test PR 3
a7cd2aa 
Signed-off-by: Edwin Peer <epeer@nvidia.com>
@espeer
Copy link
Copy Markdown
Collaborator Author

espeer commented Mar 25, 2026

/build

@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 25, 2026

👎 Promotion blocked, new vulnerability found

Vulnerability report

Component Vulnerability Description Severity
Linux Kernel CVE-2021-46973 In the Linux kernel, the following vulnerability has been resolved:

net: qrtr: Avoid potential use after free in MHI send

It is possible that the MHI ul_callback will be invoked immediately
following the queueing of the skb for transmission, leading to the
callback decrementing the refcount of the associated sk and freeing the
skb.

As such the dereference of skb and the increment of the sk refcount must
happen before the skb is queued, to avoid the skb to be used after free
and potentially the sk to drop its last refcount..|HIGH
Linux Kernel|CVE-2022-2785|There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAP_BPF can arbitrarily read memory from anywhere on the system. We recommend upgrading past commit 86f44fc|MEDIUM

@espeer
Copy link
Copy Markdown
Collaborator Author

espeer commented Mar 25, 2026

/build

@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 25, 2026

👎 Promotion blocked, new vulnerability found

Vulnerability report

Component Vulnerability Description Severity
Linux Kernel CVE-2021-46973 In the Linux kernel, the following vulnerability has been resolved:

net: qrtr: Avoid potential use after free in MHI send

It is possible that the MHI ul_callback will be invoked immediately
following the queueing of the skb for transmission, leading to the
callback decrementing the refcount of the associated sk and freeing the
skb.

As such the dereference of skb and the increment of the sk refcount must
happen before the skb is queued, to avoid the skb to be used after free
and potentially the sk to drop its last refcount..|HIGH
Linux Kernel|CVE-2022-2785|There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAP_BPF can arbitrarily read memory from anywhere on the system. We recommend upgrading past commit 86f44fc|MEDIUM

@magrawal1008
Copy link
Copy Markdown

magrawal1008 commented Mar 25, 2026

/build

@github-actions github-actions bot force-pushed the nova-test branch 6 times, most recently from 1f6f8b6 to 780e8f1 Compare March 31, 2026 04:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@espeer @magrawal1008