From 09aa10649f75a262028e9a9b7d859ef7efb23d54 Mon Sep 17 00:00:00 2001
From: Juergen Gross <jgross@suse.com>
Date: Thu, 29 Sep 2022 13:07:35 +0200
Subject: SUPPORT.md: clarify support of untrusted driver domains with
 oxenstored

Add a support statement for the scope of support regarding different
Xenstore variants. Especially oxenstored does not (yet) have security
support of untrusted driver domains, as those might drive oxenstored
out of memory by creating lots of watch events for the guests they are
servicing.

Add a statement regarding Live Update support of oxenstored.

This is part of XSA-326.

Reported-by: Julien Grall <jgrall@amazon.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
Acked-by: George Dunlap <george.dunlap@citrix.com>
Acked-by: Julien Grall <jgrall@amazon.com>
Reviewed-by: Christian Lindig <christian.lindig@citrix.com>

diff --git a/SUPPORT.md b/SUPPORT.md
index 85726102eab8..7d0cb34c8f6f 100644
--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -179,13 +179,18 @@ Support for running qemu-xen device model in a linux stubdomain.
 
     Status: Tech Preview
 
-## Liveupdate of C xenstored daemon
+## Xenstore
 
-    Status: Tech Preview
+### C xenstored daemon
 
-## Liveupdate of OCaml xenstored daemon
+    Status: Supported
+    Status, Liveupdate: Tech Preview
 
-    Status: Tech Preview
+### OCaml xenstored daemon
+
+    Status: Supported
+    Status, untrusted driver domains: Supported, not security supported
+    Status, Liveupdate: Not functional
 
 ## Toolstack/3rd party