The submitting patches mentions criteria for a fix to be called
"security fix". Add a link to document explaining the entire process
of handling security bugs.
Cc: Greg KH <[email protected]>
Cc: Marek Szyprowski <[email protected]>
Cc: Linus Torvalds <[email protected]>
Cc: Kees Cook <[email protected]>
Signed-off-by: Krzysztof Kozlowski <[email protected]>
---
Documentation/process/submitting-patches.rst | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/Documentation/process/submitting-patches.rst b/Documentation/process/submitting-patches.rst
index 5219bf3cddfc..d5b3c5a74d5d 100644
--- a/Documentation/process/submitting-patches.rst
+++ b/Documentation/process/submitting-patches.rst
@@ -299,7 +299,8 @@ sending him e-mail.
If you have a patch that fixes an exploitable security bug, send that patch
to [email protected]. For severe bugs, a short embargo may be considered
to allow distributors to get the patch out to users; in such cases,
-obviously, the patch should not be sent to any public lists.
+obviously, the patch should not be sent to any public lists. See also
+:ref:`Documentation/admin-guide/security-bugs.rst <security-bugs>`.
Patches that fix a severe bug in a released kernel should be directed
toward the stable maintainers by putting a line like this::
--
2.17.1
On Thu, Aug 27, 2020 at 12:53:18PM +0200, Krzysztof Kozlowski wrote:
> The submitting patches mentions criteria for a fix to be called
> "security fix". Add a link to document explaining the entire process
> of handling security bugs.
>
> Cc: Greg KH <[email protected]>
> Cc: Marek Szyprowski <[email protected]>
> Cc: Linus Torvalds <[email protected]>
> Cc: Kees Cook <[email protected]>
> Signed-off-by: Krzysztof Kozlowski <[email protected]>
> ---
> Documentation/process/submitting-patches.rst | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
Reviewed-by: Greg Kroah-Hartman <[email protected]>
Hi,
On Thu, Aug 27, 2020 at 1:54 PM Krzysztof Kozlowski <[email protected]> wrote:
>
> The submitting patches mentions criteria for a fix to be called
> "security fix". Add a link to document explaining the entire process
> of handling security bugs.
>
> Cc: Greg KH <[email protected]>
> Cc: Marek Szyprowski <[email protected]>
> Cc: Linus Torvalds <[email protected]>
> Cc: Kees Cook <[email protected]>
> Signed-off-by: Krzysztof Kozlowski <[email protected]>
> ---
> Documentation/process/submitting-patches.rst | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/Documentation/process/submitting-patches.rst b/Documentation/process/submitting-patches.rst
> index 5219bf3cddfc..d5b3c5a74d5d 100644
> --- a/Documentation/process/submitting-patches.rst
> +++ b/Documentation/process/submitting-patches.rst
> @@ -299,7 +299,8 @@ sending him e-mail.
> If you have a patch that fixes an exploitable security bug, send that patch
> to [email protected]. For severe bugs, a short embargo may be considered
> to allow distributors to get the patch out to users; in such cases,
> -obviously, the patch should not be sent to any public lists.
> +obviously, the patch should not be sent to any public lists. See also
> +:ref:`Documentation/admin-guide/security-bugs.rst <security-bugs>`.
>
> Patches that fix a severe bug in a released kernel should be directed
> toward the stable maintainers by putting a line like this::
> --
> 2.17.1
Reviewed-by: Felipe Balbi <[email protected]>
--
balbi
On Thu, 27 Aug 2020 12:53:18 +0200
Krzysztof Kozlowski <[email protected]> wrote:
> The submitting patches mentions criteria for a fix to be called
> "security fix". Add a link to document explaining the entire process
> of handling security bugs.
>
> Cc: Greg KH <[email protected]>
> Cc: Marek Szyprowski <[email protected]>
> Cc: Linus Torvalds <[email protected]>
> Cc: Kees Cook <[email protected]>
> Signed-off-by: Krzysztof Kozlowski <[email protected]>
> ---
> Documentation/process/submitting-patches.rst | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/Documentation/process/submitting-patches.rst b/Documentation/process/submitting-patches.rst
> index 5219bf3cddfc..d5b3c5a74d5d 100644
> --- a/Documentation/process/submitting-patches.rst
> +++ b/Documentation/process/submitting-patches.rst
> @@ -299,7 +299,8 @@ sending him e-mail.
> If you have a patch that fixes an exploitable security bug, send that patch
> to [email protected]. For severe bugs, a short embargo may be considered
> to allow distributors to get the patch out to users; in such cases,
> -obviously, the patch should not be sent to any public lists.
> +obviously, the patch should not be sent to any public lists. See also
> +:ref:`Documentation/admin-guide/security-bugs.rst <security-bugs>`.
I've applied this (but not part 2).
Thanks,
jon