|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [COVERITY ACCESS] for Embedded/Automotive team
On 18/11/16 13:36, Artem Mygaiev wrote: > Hello > > I would like to request access to Coverity Scan project. Hereby, I: > - agree to follow the security response process. > - undertake to report security issues discovered to the security team > (security@xxxxxxxxxxxxxx) within 3 days of discovery. > - agree to disclose the issue only to the security team and not to > any other third party > - waive their (security team) right to select the disclosure time > line. Discoveries will follow the default time lines given in the > policy. > > We work with Xen on ARM since 2012. Our primary goal is to introduce > Xen for embedded and in particular in automotive SW domains. Our > current activities are: ARM-based SoCs support (Renesas, TI, etc.), PV > drivers development (audio, video, input, etc.), co-processors support > and trusted environment support through OP-TEE integration. All of our > work is public and published in OSS mailing lists. We would like to > contribute in stability of Xen overall and Xen on ARM in particular > since this is absolutely critical for most of embedded applications. I don't have an objection in principle. However, I doubt you will find access useful. Because of the restriction of only being permitted a single Coverity stream, it is only the x86 build which is submitted for analysis. To submit builds for separate architectures, we need alternative streams. I already requested this but the request was denied. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |