This is an archive of the discontinued LLVM Phabricator instance.

Differential D99232

[Nomination] Adding new Google representative to security group
ClosedPublic

Authored by george.burgess.iv on Mar 23 2021, 6:07 PM.

Details

Reviewers
ab
jfb
dim
emaste
jkorous
kristof.beyls
probinson
Shayne
ojhunt
psmith
mattdr
ributzka
apilipenko
pietroalbini
peter.smith
Commits
rG5079bc8a2303: docs: Adding Google representative to the security group
Summary

Hi!

I spoke offline with Matthew Riley, who recommended that I nominate myself to join the LLVM security group as a representative of Google. In particular, I intend to register as a vendor contact. I work primarily with toolchains and toolchain teams focused on our open source projects (e.g., Chrome, Chrome OS, Android, ...), and some security-critical parts of varying levels of open-source-ness under those banners. :)

We believe that adding myself as the second representative for Google will help improve the robustness of Google's response to any potential future security issues that the LLVM project may encounter.

Please let me know if I can provide any other information, or if I missed anything in this nomination.

Thank you for your time!

Diff Detail

Event Timeline

george.burgess.iv requested review of this revision.Mar 23 2021, 6:07 PM
george.burgess.iv created this revision.
Herald added a project: Restricted Project. · View Herald TranscriptMar 23 2021, 6:07 PM
Herald added a subscriber: llvm-commits. · View Herald Transcript
mattdr added a comment.EditedMar 23 2021, 9:28 PM

I want to avoid being the first one to approve, given our mutual affiliation, but at least wanted to confirm the story: @george.burgess.iv will be a valuable contact given his existing LLVM affiliation and deep involvement with the deployment of LLVM toolchains across several Google products.

This also helps bring Google in line with what we should consider a best practice -- vendors with vested security interest should have multiple inbound contacts to avoid heroics or single points of failure.

Harbormaster completed remote builds in B95382: Diff 332835.Mar 23 2021, 11:21 PM
kristof.beyls added a comment.Mar 24 2021, 8:57 AM

I approve. Thanks George!

According to the rules in https://llvm.org/docs/Security.html, section "Choosing new members":

If a nomination for LLVM Security Group membership is supported by a majority of existing LLVM Security Group members, then it carries within five business days unless an existing member of the Security Group objects. If an objection is raised, the LLVM Security Group members should discuss the matter and try to come to consensus; failing this, the nomination will succeed only by a two-thirds supermajority vote of the LLVM Security Group.

So if I count correctly, that means we need 8 (out of 15) approvals, assuming no objections are raised.

mattdr accepted this revision.Mar 24 2021, 9:27 AM
This revision is now accepted and ready to land.Mar 24 2021, 9:27 AM
jfb accepted this revision.Mar 24 2021, 9:36 AM

I'm no longer in the security group, but (from the peanut gallery) I endorse Google having a second representative, and George in particular.

dim accepted this revision.Mar 24 2021, 11:24 AM

Looks like a good idea to me.

pietroalbini accepted this revision.Mar 24 2021, 11:31 AM
probinson accepted this revision.Mar 24 2021, 11:48 AM

Welcome to the ranks!

peter.smith accepted this revision.Mar 24 2021, 11:58 AM
peter.smith added a subscriber: peter.smith.

LGTM too.

kristof.beyls accepted this revision.Mar 25 2021, 1:36 AM
ab accepted this revision.Mar 25 2021, 11:22 AM

Thanks George, and welcome!

george.burgess.iv added a comment.Mar 25 2021, 12:42 PM

Thank you all for your support!

It appears this now has the requisite 8 votes, so I assume this is safe to land. I plan to do so tomorrow, in order to give people a last window to raise any concerns. :)

Closed by commit rG5079bc8a2303: docs: Adding Google representative to the security group (authored by george.burgess.iv). · Explain WhyMar 26 2021, 6:56 PM
This revision was automatically updated to reflect the committed changes.
george.burgess.iv added a commit: rG5079bc8a2303: docs: Adding Google representative to the security group.
nikhgupt mentioned this in D106906: [Nomination] Adding an Nvidia representative to security group.Aug 5 2021, 3:19 PM

Revision Contents

PathSize
llvm/
docs/
1 line

Diff 333655

llvm/docs/Security.rst

Show All 23 Lines
The members of the group represent a wide cross-section of the community, and meet the criteria for inclusion below. The members of the group represent a wide cross-section of the community, and meet the criteria for inclusion below.
* Ahmed Bougacha (Apple) * Ahmed Bougacha (Apple)
* Akila Srinivasan (Apple) * Akila Srinivasan (Apple)
* Artur Pilipenko (Azul Systems Inc) * Artur Pilipenko (Azul Systems Inc)
* Dimitry Andric (individual; FreeBSD) * Dimitry Andric (individual; FreeBSD)
* Ed Maste (individual; FreeBSD) * Ed Maste (individual; FreeBSD)
* George Burgess IV (Google)
* Josh Eads (Sony) * Josh Eads (Sony)
* Kristof Beyls (ARM) * Kristof Beyls (ARM)
* Matthew Riley (Google) * Matthew Riley (Google)
* Oliver Hunt (Apple) * Oliver Hunt (Apple)
* Paul Robinson (Sony) * Paul Robinson (Sony)
* Peter Smith (ARM) * Peter Smith (ARM)
* Pietro Albini (individual; Rust) * Pietro Albini (individual; Rust)
* Serge Guelton (RedHat) * Serge Guelton (RedHat)
▲ Show 20 LinesShow All 182 LinesShow Last 20 Lines