virtio-win drivers

Adam Jackson ajax at redhat.com
Thu Jan 14 21:05:33 UTC 2010 

On Thu, 2010-01-14 at 13:26 -0500, Tom "spot" Callaway wrote:
> > Is it one of our existing written policies that we only provide content 
> > built by Koji?  I'm curious if anyone knows if/where we state that.
> 
> I'm very very very uncomfortable with permitting content into Fedora
> that isn't built via Koji.
> 
> Why can't koji build these drivers? Do they depend on Windows bits to
> build? If so, they're almost certainly not license acceptable for Fedora.

I can't find a mailing list thread to back me up on this, but I believe
the problem was one or more of:

- mingw toolchain not building
- mingw toolchain not working well enough to produce Windows binaries
- insufficient Windows DDK in Fedora packaging

Either of those would preclude using koji to build the Windows virtio
drivers.

If you use Windows to produce the binaries, then there may or may not be
a philosophical problem in hosting them on Fedora infrastructure.  I
could see arguments for drawing lines of acceptability around any
combination of {gcc, msvc} for the compiler and {wine, MS DDK} for the
headers (although some combinations would be more logically consistent
than others).

It's a line worth drawing.  There are other cases where Fedora could
legitimately want to host code that runs on other OSes.  The LiveUSB
creator is probably the most obvious example.

From a FESCO perspective, the question is about the trustworthiness of
the resulting binaries given various build paths.  A Windows image with
nothing else installed but the requisite build tools will produce a
binary with some trust level.  If we say we trust (linux, gcc, wine) to
build virtio-win, but that we don't trust (win7, gcc, wine) to build
virtio-win, then we're implicitly saying there's some attack vector in
win7 that we're not willing to risk.  I have trouble coming up with a
plausible scenario for this, particularly given virtualization with no
network for isolation and guestfish to slurp out the build results.  I
hate Windows and all, but the binaries the build produces are verifiable
objects, even from a Linux machine.

I'm entirely willing to accept that Fedora Infrastructure would be
unwilling to _manage_ other operating systems.  That's well within their
rights.  I'm less willing to believe that the mere hosting of code built
on other platforms is unmanageable, or intrinsically contrary to the
goals of the project.  Not that it's trivially acceptable; but I don't
think it's inherently unacceptable either.

- ajax
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/advisory-board/attachments/20100114/6397a0b8/attachment-0001.bin

More information about the advisory-board mailing list