felixbuenemann · November 24, 2020 21:16 · mattcaswell · Nov 24, 2020
diff --git a/omc_vote_darwin64-arm64_support.txt b/omc_vote_darwin64-arm64_support.txt
 OMC VOTE: macOS ARM64 Support in OpenSSL 1.1.1

 Background to the vote:

 Apple has recently released new Mac computers that are powered by their own
 ARMv8 compatible SoC called the Apple Silicon M1 or short M1.

 This chip is an evolution of their previous ARM chips in the A series, most
 similar to the A14 used in the latest generations of iPhones and iPads, but
 with a chip configuration like the iPad Pro.

 Since this is a CPU architecture that was previously used by iOS devices, it
 is already well supported by OpenSSL including various assembly optimizations.

 In order to support it on macOS on the current stable version OpenSSL 1.1.1,
 a new build target needs to be added to the build configuration script, which
 has been proposed and discussed in PR #12369.

 This is a problem, because the OpenSSL LTS rules state that only bug fixes and
 security fixes are accepted into the stable codebase.

 It is also unique cause it requires no code changes to support a new platform.

 Since OpenSSL 3.0 is still in alpha and because the code is very low impact,
 with only eight lines of configuration, I would like to ask the OMC to make
 and exception to the rule in this case.

 It is important that this patch is accepted upstream, because there is a good
 amount of uncertainty for maintainers in downstream projects like Homebrew,
 the most popular package manager for macOS, about keeping out of tree patches
 for security sensitive software like OpenSSL.

 Accepting the patch gives these maintainers the certainty, that it is safe to
 use and removes the need vor various downstream projects to maintain the patch.

 This is also important since I've seen multiple variations of the patch in the
 wild that didn't actually work as intended, due to being incorrectly ported
 from the master branch - leading to working, but fully unoptimized builds.

 I would also ask to make this decision independent of the ongoing proposal
 for LTS+ releases by Matt Caswell, that would allow for adding new platforms
 with greater changes to the codebase. I think it has a much bigger scope and
 is likely going to take some time to get right.

 This should be seen as one time exception and is not intended as a precedent
 for future cases, which should be covered by the LTS+ proposal.

 The vote text is as follows:

 topic: Regarding inclusion of macOS ARM64 Support in OpenSSL 1.1.1 LTS:

 The OMC accepts the required configuration change, making an exception to the
 LTS rule that prevents adding new platforms.

 Proposed by Felix Buenemann
	OMC VOTE: macOS ARM64 Support in OpenSSL 1.1.1

	Background to the vote:

	Apple has recently released new Mac computers that are powered by their own
	ARMv8 compatible SoC called the Apple Silicon M1 or short M1.

	This chip is an evolution of their previous ARM chips in the A series, most
	similar to the A14 used in the latest generations of iPhones and iPads, but
	with a chip configuration like the iPad Pro.

	Since this is a CPU architecture that was previously used by iOS devices, it
	is already well supported by OpenSSL including various assembly optimizations.

	In order to support it on macOS on the current stable version OpenSSL 1.1.1,
	a new build target needs to be added to the build configuration script, which
	has been proposed and discussed in PR #12369.

	This is a problem, because the OpenSSL LTS rules state that only bug fixes and
	security fixes are accepted into the stable codebase.

	It is also unique cause it requires no code changes to support a new platform.

	Since OpenSSL 3.0 is still in alpha and because the code is very low impact,
	with only eight lines of configuration, I would like to ask the OMC to make
	and exception to the rule in this case.

	It is important that this patch is accepted upstream, because there is a good
	amount of uncertainty for maintainers in downstream projects like Homebrew,
	the most popular package manager for macOS, about keeping out of tree patches
	for security sensitive software like OpenSSL.

	Accepting the patch gives these maintainers the certainty, that it is safe to
	use and removes the need vor various downstream projects to maintain the patch.

	This is also important since I've seen multiple variations of the patch in the
	wild that didn't actually work as intended, due to being incorrectly ported
	from the master branch - leading to working, but fully unoptimized builds.

	I would also ask to make this decision independent of the ongoing proposal
	for LTS+ releases by Matt Caswell, that would allow for adding new platforms
	with greater changes to the codebase. I think it has a much bigger scope and
	is likely going to take some time to get right.

	This should be seen as one time exception and is not intended as a precedent
	for future cases, which should be covered by the LTS+ proposal.

	The vote text is as follows:

	topic: Regarding inclusion of macOS ARM64 Support in OpenSSL 1.1.1 LTS:

	The OMC accepts the required configuration change, making an exception to the
	LTS rule that prevents adding new platforms.

	Proposed by Felix Buenemann