Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure that dom0 kernel is kept up to date if GPU acceleration is used #8972

Open
Tracked by #8552
DemiMarie opened this issue Feb 25, 2024 · 0 comments
Open
Tracked by #8552

Ensure that dom0 kernel is kept up to date if GPU acceleration is used #8972

DemiMarie opened this issue Feb 25, 2024 · 0 comments
Labels
C: GPU acceleration C: infrastructure C: kernel P: major Priority: major. Between "default" and "critical" in severity. security This issue pertains to the security of Qubes OS. T: enhancement Type: enhancement. A new feature that does not yet exist or improvement of existing functionality.

Comments

@DemiMarie
Copy link

How to file a helpful issue

The problem you're addressing (if any)

Linux does not have any analog of the Xen security predisclosure process. Any GPU driver vulnerabilities will become 0days at the time the patch is posted to the respective mailing list, which is before the fix is available to users.

The solution you'd like

Ensure that if GPU acceleration is turned on, every kernel update is treated as providing security fixes. This means that they will be available in security-testing very soon (less than a week, preferably a day or less) after being released by the Linux stable release team.

The value to a user, and who that user might be

Users using GPU acceleration will not need to fear long patch gaps.
@DemiMarie DemiMarie added T: enhancement Type: enhancement. A new feature that does not yet exist or improvement of existing functionality. P: major Priority: major. Between "default" and "critical" in severity. P: default Priority: default. Default priority for new issues, to be replaced given sufficient information. C: GPU acceleration labels Feb 25, 2024
@DemiMarie DemiMarie self-assigned this Feb 25, 2024
@DemiMarie DemiMarie mentioned this issue Feb 25, 2024
Open
18 tasks
@andrewdavidwong andrewdavidwong added security This issue pertains to the security of Qubes OS. C: kernel C: infrastructure and removed P: default Priority: default. Default priority for new issues, to be replaced given sufficient information. labels Feb 25, 2024
@DemiMarie DemiMarie removed their assignment Mar 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
C: GPU acceleration C: infrastructure C: kernel P: major Priority: major. Between "default" and "critical" in severity. security This issue pertains to the security of Qubes OS. T: enhancement Type: enhancement. A new feature that does not yet exist or improvement of existing functionality.
Projects
GPU acceleration
Status: Todo
Milestone
No milestone
Development

No branches or pull requests
2 participants
@DemiMarie @andrewdavidwong