On Tue, Mar 06, 2018 at 05:08:43PM +0000, George Dunlap wrote: > We don't promise to protect you against rogue stub domain binaries; > only from the running domain once the guest has come up. > > Signed-off-by: George Dunlap <george.dun...@citrix.com> > --- > CC: Ian Jackson <ian.jack...@citrix.com> > CC: Wei Liu <wei.l...@citrix.com> > CC: Andrew Cooper <andrew.coop...@citrix.com> > CC: Jan Beulich <jbeul...@suse.com> > CC: Tim Deegan <t...@xen.org> > CC: Stefano Stabellini <sstabell...@kernel.org> > CC: Konrad Wilk <konrad.w...@oracle.com> > CC: Julien Grall <julien.gr...@arm.com> > --- > SUPPORT.md | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/SUPPORT.md b/SUPPORT.md > index a1810b8046..ce9f68e1c2 100644 > --- a/SUPPORT.md > +++ b/SUPPORT.md > @@ -501,6 +501,11 @@ for more information about security support. > > Status: Supported, with caveats > > +Only stub domain binaries provided by the host admin > +or trusted users are security supported;
I'm not sure I follow -- why would / should upstream support a binary that is not produced from upstream source code? Wei. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
