lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 11 Apr 2024 11:19:57 +0200
From: Geert Uytterhoeven <geert@...ux-m68k.org>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Thorsten Leemhuis <linux@...mhuis.info>, Sasha Levin <sashal@...nel.org>, 
	Jonathan Corbet <corbet@....net>, stable@...r.kernel.org, workflows@...r.kernel.org, 
	linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 2/4] docs: stable-kernel-rules: mention "no
 semi-automatic backport"

On Thu, Apr 11, 2024 at 11:13 AM Greg Kroah-Hartman
<gregkh@...uxfoundation.org> wrote:
> On Thu, Apr 11, 2024 at 09:50:24AM +0200, Thorsten Leemhuis wrote:
> > On 11.04.24 09:40, Greg Kroah-Hartman wrote:
> > > On Thu, Apr 11, 2024 at 08:59:39AM +0200, Thorsten Leemhuis wrote:
> > >> On 11.04.24 07:29, Greg Kroah-Hartman wrote:
> > >>> On Thu, Apr 11, 2024 at 07:25:04AM +0200, Thorsten Leemhuis wrote:
> > >>>> Some developers deliberately steer clear of 'Fixes:' tags to prevent
> > >>>> changes from being backported semi-automatically by the stable team.
> > >>>> That somewhat undermines the reason for the existence of the Fixes: tag,
> > >>>> hence point out there is an alternative to reach the same effect.
> > > [...]
> > >>> I do not understand, why are you saying "cc: stable" here if you do NOT
> > >>> want it backported?
> > >> Because the only alternative the developers have to make the stable team
> > >> not pick a single patch[1] is to deliberately omit a Fixes: tag even if
> > >> the patch normally should have one. Like it was done here:
> > >> https://lore.kernel.org/all/cover.1712226175.git.antony.antony@secunet.com/
> > > That feels odd, but ok I now see the need for this for some minor set of
> > > changes (i.e. this has rarely come up in the past 15+ years)
> > >
> > > [...]
> > >> E.g. 'ignore for the AUTOSEL and the "Fixes tag only" tools'. That was
> > >> the best term I came up with.
> > >
> > > Thinking about it more, I think we need to be much more explicit, and
> > > provide the reason why.
> > >
> > > How about:
> > >     cc: <do-not-apply-to-stable@...nel.org> # Reason goes here, and must be present
> > >
> > > and we can make that address be routed to /dev/null just like
> > > <stable@...nel.org> is?
> >
> > Totally fine with me, but that feels somewhat long and hard to type.
>
> I want it long and hard to type and very very explicit that this is what
> the developer/maintainer wants to have happen (again, because this is
> such a rare occurrence.)
>
> > How
> > about just 'no-stable@...nel.org' (or 'nostable@...nel.org')?
>
> More words are better :)

And after that, someone discovers this turns out to be (a hard
dependency for) a very critical fix that does need backporting?

Gr{oetje,eeting}s,

                        Geert

-- 
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@...ux-m68korg

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ