Difference between revisions of "Xen Project Release Features/Definitions"

From Xen
Jump to: navigation, search
m (User-facing Support Criteria)
(Replace with definitions from Support.MD)
Line 1: Line 1:
{{InfoLeft|This is a draft, that is based on what we have done in the past. The exact text will still need to be agreed formally. Once approved, this will be copied into in-tree documentation and links from here to those pages, will be created.}}
+
{{InfoLeft|These definitions are based on [http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=SUPPORT.md SUPPORT.md], which is a machine readable version of this document, which was introduced in Xen 4.10.}}
  
== User-facing Support Criteria ==
+
The definitions in this document primarily refer to the information in [[Xen Project Release Features]] or its archived version.
  
=== Functionally complete ===
+
= Definition of Support Labels =
Does it behave like a fully functional feature?  Does it work on all expected platforms, or does it only work
 
for a very specific sub-case?  Does it have a sensible UI, or do you
 
have to have a deep understanding of the internals to get it to work
 
properly?
 
  
=== Functional stability ===
+
Each status value besides a {{Tick}} or {{HalfDone}} corresponds to levels of security support, testing, stability, etc., as in the following subsections.
 +
Note that format in [[Xen Project Release Features]] typically follows the following convention
 +
* {{Tick}}  [footnote] [support label]
 +
* {{HalfDone}}  [footnote] [support label]
 +
If no support label is specified besides a {{Tick}}, the feature is normally considered '''Supported''' unless otherwise specified.
 +
 
 +
== Experimental ==
 +
 
 +
    Functional completeness: No
 +
    Functional stability: Here be dragons
 +
    Interface stability: Not stable
 +
    Security supported: No
 +
 
 +
== Tech Preview ==
 +
 
 +
    Functional completeness: Yes
 +
    Functional stability: Quirky
 +
    Interface stability: Provisionally stable
 +
    Security supported: No
 +
 
 +
== Supported ==
 +
 
 +
    Functional completeness: Yes
 +
    Functional stability: Normal
 +
    Interface stability: Yes
 +
    Security supported: Yes
 +
 
 +
== Deprecated ==
 +
 
 +
    Functional completeness: Yes
 +
    Functional stability: Quirky
 +
    Interface stability: No (as in, may disappear the next release)
 +
    Security supported: Yes
 +
 
 +
All of these may appear in modified form via footnotes.
 +
 
 +
= Definition of the status label interpretation tags =
 +
 
 +
== Functionally complete  ==
 +
 
 +
Does it behave like a fully functional feature? Yes = {{Tick}}
 +
 
 +
Does it work on all expected platforms, or does it only work for a very specific sub-case? No = {{HalfDone}}
 +
 
 +
Does it have a sensible UI, or do you have to have a deep understanding of the internals to get it to work properly? No = {{HalfDone}}
 +
 
 +
== Functional stability ==
  
 
What is the risk of it exhibiting bugs?
 
What is the risk of it exhibiting bugs?
Line 15: Line 57:
 
General answers to the above:
 
General answers to the above:
  
* '''Here be dragons''': Pretty likely to still crash / fail to work.  Not recommended unless you like life on the bleeding edge.
+
* '''Here be dragons'''
* '''Quirky''': Mostly works but may have odd behavior here and there. Recommended for playing around or for non-production use cases.
 
* '''Normal''': Ready for production use
 
  
=== Interface stability ===
+
: Pretty likely to still crash / fail to work.
 +
: Not recommended unless you like life on the bleeding edge.
 +
 
 +
* '''Quirky'''
 +
 
 +
: Mostly works but may have odd behavior here and there.
 +
: Recommended for playing around or for non-production use cases.
 +
 
 +
* '''Normal'''
 +
 
 +
: Ready for production use
 +
 
 +
== Interface stability ==
  
 
If I build a system based on the current interfaces, will they still work when I upgrade to the next version?
 
If I build a system based on the current interfaces, will they still work when I upgrade to the next version?
  
* '''Not stable''': Interface is still in the early stages and still fairly likely to be broken in future updates.
+
* '''Not stable'''
* '''Provisionally stable''': We're not yet promising backwards compatibility, but we think this is probably the final form of the interface. It may still require some tweaks.
+
 
* '''Stable''': We will try very hard to avoid breaking backwards compatibility, and to fix any regressions that are reported.
+
: Interface is still in the early stages and still fairly likely to be broken in future updates.
 +
 
 +
* '''Provisionally stable'''
 +
 
 +
: We're not yet promising backwards compatibility, but we think this is probably the final form of the interface.
 +
: It may still require some tweaks.
 +
 
 +
* '''Stable'''
 +
 
 +
: We will try very hard to avoid breaking backwards compatibility, and to fix any regressions that are reported.
 +
 
 +
== Security supported ==
  
=== Security supported ===
 
 
Will XSAs be issued if security-related bugs are discovered in the functionality?
 
Will XSAs be issued if security-related bugs are discovered in the functionality?
  
== Definition of Support Labels ==
+
If "no", anyone who finds a security-related bug in the feature will be advised to post it publicly to the Xen Project mailing lists (or contact another security response team, if a relevant one exists).
 +
 
 +
Bugs found after the end of '''Security-Support-Until''' in the Release Support section will receive an XSA if they also affect newer, security-supported, versions of Xen.
 +
 
 +
However, the Xen Project will not provide official fixes or non-security-supported versions.
 +
 
 +
== Interaction with other features ==
  
Rather than specify each level above, we have some short-hand labels that we use to denote general answer to the above questions.
+
Not all features interact well with all other features.
 +
Some features are only for HVM guests; some don't work with migration, &c.
  
=== Experimental ===
+
== External security support ==
* Functional completeness: No
 
* Functional stability: Here be dragons
 
* Interface stability: Not stable
 
* Security supported: No
 
  
=== Tech Preview ===
+
The Xen Project security team provides security support for Xen Project projects.
* Functional completeness: Yes
 
* Functional stability: Quirky
 
* Interface stability: Provisionally stable
 
* Security supported: No.
 
  
=== Supported ===
+
We also provide security support for Xen-related code in Linux, which is an external project but doesn't have its own security process.
* Functional completeness: Yes
 
* Functional stability: Normal
 
* Interface stability: Yes
 
* Security supported: Yes
 
  
=== Deprecated ===
+
External projects that provide their own security support for Xen-related features are listed below.
* Functional completeness: Yes
+
* QEMU: https://wiki.qemu.org/index.php/SecurityProcess
* Functional stability: Quirky
+
* Libvirt: https://libvirt.org/securityprocess.html
* Interface stability: No (as in, may disappear the next release)
+
* FreeBSD: https://www.freebsd.org/security/
* Security supported: Yes
+
* NetBSD: http://www.netbsd.org/support/security/
 +
* OpenBSD: https://www.openbsd.org/security.html
  
 
[[Category:Xen]] [[Category:Users]] [[Category:Fundamentals]]
 
[[Category:Xen]] [[Category:Users]] [[Category:Fundamentals]]

Revision as of 16:22, 12 March 2018

Icon Info.png {{{1}}}


The definitions in this document primarily refer to the information in Xen Project Release Features or its archived version.

Definition of Support Labels

Each status value besides a or corresponds to levels of security support, testing, stability, etc., as in the following subsections. Note that format in Xen Project Release Features typically follows the following convention

  • [footnote] [support label]
  • [footnote] [support label]

If no support label is specified besides a , the feature is normally considered Supported unless otherwise specified.

Experimental

   Functional completeness: No
   Functional stability: Here be dragons
   Interface stability: Not stable
   Security supported: No

Tech Preview

   Functional completeness: Yes
   Functional stability: Quirky
   Interface stability: Provisionally stable
   Security supported: No

Supported

   Functional completeness: Yes
   Functional stability: Normal
   Interface stability: Yes
   Security supported: Yes

Deprecated

   Functional completeness: Yes
   Functional stability: Quirky
   Interface stability: No (as in, may disappear the next release)
   Security supported: Yes

All of these may appear in modified form via footnotes.

Definition of the status label interpretation tags

Functionally complete

Does it behave like a fully functional feature? Yes =

Does it work on all expected platforms, or does it only work for a very specific sub-case? No =

Does it have a sensible UI, or do you have to have a deep understanding of the internals to get it to work properly? No =

Functional stability

What is the risk of it exhibiting bugs?

General answers to the above:

  • Here be dragons
Pretty likely to still crash / fail to work.
Not recommended unless you like life on the bleeding edge.
  • Quirky
Mostly works but may have odd behavior here and there.
Recommended for playing around or for non-production use cases.
  • Normal
Ready for production use

Interface stability

If I build a system based on the current interfaces, will they still work when I upgrade to the next version?

  • Not stable
Interface is still in the early stages and still fairly likely to be broken in future updates.
  • Provisionally stable
We're not yet promising backwards compatibility, but we think this is probably the final form of the interface.
It may still require some tweaks.
  • Stable
We will try very hard to avoid breaking backwards compatibility, and to fix any regressions that are reported.

Security supported

Will XSAs be issued if security-related bugs are discovered in the functionality?

If "no", anyone who finds a security-related bug in the feature will be advised to post it publicly to the Xen Project mailing lists (or contact another security response team, if a relevant one exists).

Bugs found after the end of Security-Support-Until in the Release Support section will receive an XSA if they also affect newer, security-supported, versions of Xen.

However, the Xen Project will not provide official fixes or non-security-supported versions.

Interaction with other features

Not all features interact well with all other features. Some features are only for HVM guests; some don't work with migration, &c.

External security support

The Xen Project security team provides security support for Xen Project projects.

We also provide security support for Xen-related code in Linux, which is an external project but doesn't have its own security process.

External projects that provide their own security support for Xen-related features are listed below.