|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Clarifying the state of ARINC653 scheduler (and other components) in Xen 4.5 and beyond
>>> On 08.06.15 at 22:59, <dario.faggioli@xxxxxxxxxx> wrote: > On Mon, 2015-06-08 at 14:01 +0100, Lars Kurth wrote: >> > On 8 Jun 2015, at 13:19, Ian Campbell <Ian.Campbell@xxxxxxxxxx> wrote: >> > >> > In MAINTAINERS S: Supported means: >> > >> > "Someone is actually paid to look after this.", which I think is >> > distinct from "This works well enough that the project is happy to >> > recommend it is used in production". It's a shame that Supported can be >> > taken to mean both things. >> > >> > For reference Maintained is "Someone actually looks after it.". >> > >> > Alternatively if someone can think of another way to express "paid >> > maintainer" we could switch to that. >> >> And then there is of course the question what we do with ARINC653. >> > Not sure we actually need to do something. The status in MAINTAINERS is > consistent with the existing semantic, as there's actually people > actively looking after the scheduler (and paid to do so, AFAIK). > > Wrt the wiki page, the best way of capturing the state of things is, > basing on what's in there for the other schedulers, 'Supported' there > too. The scheduler has a very limited scope, and is useful only in a > handful of situations, and that's by design. But for those situations it > works pretty well, AFAIK. > > Moreover, there is people in the community providing help to interested > users on how to set it up (there has been a thread on xen-users about > this rather recently). > > Whether we should recommend to use it in production, well, I think we > could, of course for those people and only for them having a requirement > for compliance with the ARINC653 standard, which certainly is not the > most common thing around. But you understand that one primary aspect of whether something is to be considered supported is whether that code, if found to be flawed, may end up triggering security advisories? I.e. apart from people looking after it and people using it (or showing interest to do so) we also need to be convinced that the code quality is good enough. The situation of tmem (also marked Supported in ./MAINTAINERS) is the prime example of when that's not (recognizably) the case. And the bug report (that luckily didn't need to result in an XSA for other reasons) leading to http://lists.xenproject.org/archives/html/xen-devel/2015-06/msg01018.html shows that the code may not have got audited from a security perspective. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |