lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <202507251329.8DC1ED1@keescook>
Date: Fri, 25 Jul 2025 13:40:55 -0700
From: Kees Cook <kees@...nel.org>
To: Sasha Levin <sashal@...nel.org>
Cc: workflows@...r.kernel.org, linux-doc@...r.kernel.org,
	linux-kernel@...r.kernel.org, rostedt@...dmis.org,
	konstantin@...uxfoundation.org, corbet@....net,
	josh@...htriplett.org
Subject: Re: [RFC 1/2] AI: Add unified AI coding assistant configuration

On Fri, Jul 25, 2025 at 01:53:57PM -0400, Sasha Levin wrote:
> Create a single source of truth for AI instructions in
> Documentation/AI/main.md with symlinks for all major AI coding
> assistants:
> - CLAUDE.md (Claude Code)
> - .github/copilot-instructions.md (GitHub Copilot)
> - .cursorrules (Cursor)
> - .codeium/instructions.md (Codeium)
> - .continue/context.md (Continue)
> - .windsurfrules (Windsurf)
> - Documentation/AIder.conf.yml (Aider)

I do like the idea of having a standard baseline for agentic
development, but:

- This clobbers per-project information storage for the agents, which
  the dev may want to be adjusting locally. I would strongly prefer
  adding all of those files to .gitignore instead.

- Documentation/ should not start getting filled with stuff to be
  exclusively consumed by agents. Instead, I recommend a top-level
  .md file that agents can discover that contains very simple
  non-specific prompts about what they can find in Documentation/,
  and drop a reference to the file in, say, Makefile to be discovered
  during the agent's scrape of the project.

I'd recommend something very simple like:

diff --git a/Makefile b/Makefile
index e05bd43f93bd..998b037e6d4d 100644
--- a/Makefile
+++ b/Makefile
@@ -7,6 +7,7 @@ NAME = Baby Opossum Posse
 
 # *DOCUMENTATION*
 # To see a list of typical targets execute "make help"
+# AI agents and LLMs should read ./AGENTS.md
 # More info can be located in ./README
 # Comments in this file are targeted only to the developer, do not
 # expect to learn how to build the kernel reading this file.
diff --git a/AGENTS.md b/AGENTS.md
new file mode 100644
index 000000000000..3df98f0cc667
--- /dev/null
+++ b/AGENTS.md
@@ -0,0 +1,3 @@
+To work on the Linux kernel, please see Makefile for details on how to
+perform builds and testing. Find and read the Submitting Patches and
+Coding Style rules in Documentation/.


Now if we wanted to write up a human-readable .rst file about the
expectations of what we expect from Agents, let's do that, but I
would like to focus on putting the burden of understanding on the
Agents, not the humans.

-Kees

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ