On 27.03.2025 16:25, Juergen Gross wrote: > On 26.03.25 17:04, Juergen Gross wrote: >> All patches needed for running with a Linux stubdom device model are >> in the tree and QubesOS is using and testing Linux stubdoms nowadays. >> >> Switch support from "Tech Preview" to "Supported". >> >> Signed-off-by: Juergen Gross <jgr...@suse.com> >> --- >> CHANGELOG.md | 1 + >> SUPPORT.md | 2 +- >> 2 files changed, 2 insertions(+), 1 deletion(-) >> >> diff --git a/CHANGELOG.md b/CHANGELOG.md >> index 9a5919585d..b03e2c73d7 100644 >> --- a/CHANGELOG.md >> +++ b/CHANGELOG.md >> @@ -7,6 +7,7 @@ The format is based on [Keep a >> Changelog](https://keepachangelog.com/en/1.0.0/) >> ## [4.21.0 >> UNRELEASED](https://xenbits.xenproject.org/gitweb/?p=xen.git;a=shortlog;h=staging) >> - TBD >> >> ### Changed >> + - Linux based device model stubdomains are now fully supported. >> >> ### Added >> - On x86: >> diff --git a/SUPPORT.md b/SUPPORT.md >> index 91cb6f8ed2..ed4412f0af 100644 >> --- a/SUPPORT.md >> +++ b/SUPPORT.md >> @@ -260,7 +260,7 @@ Go (golang) bindings for libxl >> >> Support for running qemu-xen device model in a linux stubdomain. >> >> - Status: Tech Preview >> + Status: Supported > > The status change was discussed in the security team. The suggestion was > that the new support state should be "Supported, with caveats", clarifying > that any issue in the stubdomain affecting only the guest it is servicing > would not be regraded to be a security issue.
Mind making this a tiny bit more strict, by saying "affecting only the guest it is servicing or itself"? Jan
