| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <52988afe-00df-47e5-b577-4e2dc36cf3d4@infradead.org> Date: Tue, 30 Jan 2024 19:20:32 -0800 From: Randy Dunlap <rdunlap@...radead.org> To: Konstantin Ryabitsev <konstantin@...uxfoundation.org> Cc: Tony Luck <tony.luck@...el.com>, x86@...nel.org, Reinette Chatre <reinette.chatre@...el.com>, linux-kernel@...r.kernel.org Subject: Re: commit tag order vs. "b4 am" Hi, On 1/30/24 17:57, Konstantin Ryabitsev wrote: > On Tue, Jan 30, 2024 at 04:47:26PM -0800, Randy Dunlap wrote: >>> Reinette noticed that v14 of my resctrl/SNC patch series[1] did not adhere >>> to the tag order proscribed in Documentation/process/maintainer-tip.rst >>> Specifically my "Signed-off-by:" was now the last tag, instead of >>> appearing before the "Reviewed-by:" and "Tested-by" tags as it had in >>> v13. >>> >>> A little digging showed that my tag had been moved to the end by "b4 am" >>> when I used it to pick up some additonal tags. >>> >>> An e-mail discussion with Konstantin ensued to determine if this was >>> a bug. Konstantin said: >>> >>> This is the intended behaviour, because b4 follows the chain-of-custody >>> procedure. If we encounter a Signed-off-by trailer matching the identity of >>> the user preparing the series, we move it to the bottom to indicate that the >>> chain-of-custody boundary has moved to include the code review trailers >>> received after the initial submission. >>> >>> https://lore.kernel.org/tools/20221031165842.vxr4kp6h7qnkc53l@meerkat.local/ >>> >>> Basically, the "Signed-off-by" trailer is special because it indicates that >>> everything above it is the responsibility of the person doing the sign-off. If >>> we kept your Signed-off-by in the original spot, then it wouldn't be clear who >>> collected and applied the trailers. >> >> I can't find "chain of custody" anywhere in Documentation/process/, nor a >> specification or example of this ordering. >> >> Where did this b4 requirement come from? > > Many discussions at the Maintainer Summit and on the tools/users lists. E.g.: > https://lore.kernel.org/tools/20221031165842.vxr4kp6h7qnkc53l@meerkat.local/ > Not your problem, but decisions that are made at the Maintainer Summit are not well-documented IMO. They don't get passed down to the rest of us. Yes, I do look at Mr Corbet's summaries, but they lack sufficient detail for this. > The chain of custody approach is the only one that makes sense because it > allows keeping track of who applied which trailers. I know that most people > don't think about it twice, but it matters from the perspective of process. > If we need to put it into the official documentation, I'm happy to submit the > patch. I don't yet agree that the tag order change is needed, but yes, it should be documented, so please do that. thanks. -- #Randy
Powered by blists - more mailing lists