This is an archive of the discontinued LLVM Phabricator instance.

[Nomination] Adding Nvidia Compiler security representative to the LLVM security group.
ClosedPublic

Authored by mrragava on Feb 22 2023, 11:38 AM.

Details

Summary

I'm from Nvidia Corporation. I work primarily on the Security aspect of Compiler toolchains based out of LLVM. I would like to nominate myself to join the LLVM security group as a vendor contact representative of Nvidia.

According to the information on the website, https://llvm.org/docs/Security.html, I fall under the following category: Vendor contacts.

We are particularly interested in the following:

  • Being aware of any security vulnerability that has been found in the compiler in a timely manner.
  • Correctly reporting any vulnerabilities or other security issues we have found in the compiler stack.
  • Discussing our use of static analysis / dynamic analysis / fuzzing / threat modelling with the committee and raising any concerns that have risen from said activities.

Looking forward to participating in further discussions and security sync ups with the rest of the committee
Please let me know if I need to provide any other information required for this nomination.
Thanks,
Ragavan

Diff Detail

Event Timeline

mrragava created this revision.Feb 22 2023, 11:38 AM
Herald added a project: Restricted Project. · View Herald TranscriptFeb 22 2023, 11:38 AM
mrragava requested review of this revision.Feb 22 2023, 11:38 AM
Herald added a project: Restricted Project. · View Herald TranscriptFeb 22 2023, 11:38 AM
mrragava retitled this revision from Adding myself as Nvidia Compiler security representative to the LLVM security group. to [Nomination] Adding Nvidia Compiler security representative to the LLVM security group..Feb 22 2023, 11:42 AM
mrragava edited the summary of this revision. (Show Details)
mrragava edited the summary of this revision. (Show Details)
This comment was removed by mrragava.

As a current representative from Nvidia, I confirm that Raghavan is a member of our org. We would like to maintain a second representative from the organization as a backup and to reduce liability.

pietroalbini accepted this revision.Feb 22 2023, 1:50 PM

Having a second representative from an existing company sounds fine to me.

This revision is now accepted and ready to land.Feb 22 2023, 1:50 PM
nikhgupt accepted this revision.Feb 22 2023, 3:17 PM

Thanks Pietro! Requesting other reviewers to chime in so we can get our requisite 50% committee approval.

kristof.beyls accepted this revision.Feb 22 2023, 10:09 PM
peter.smith accepted this revision.Feb 23 2023, 1:00 AM

LGTM too.

apilipenko accepted this revision.Feb 23 2023, 5:15 PM
mattdr accepted this revision.Feb 27 2023, 4:30 PM
probinson accepted this revision.Feb 28 2023, 11:59 AM

Sony has two reps for much the same reason. LGTM.

Looks like I made this reach the 50% mark, so I think you're good to go.

ab accepted this revision.Feb 28 2023, 12:01 PM

Thank you all for the quick responses! Yes, it looks like we have indeed crossed our 50% upvote threshold.