lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <75d86e96-cb18-4996-998c-da7ac0e97468@suse.cz>
Date: Mon, 28 Jul 2025 09:58:44 +0200
From: Vlastimil Babka <vbabka@...e.cz>
To: Sasha Levin <sashal@...nel.org>, corbet@....net,
 linux-doc@...r.kernel.org, workflows@...r.kernel.org
Cc: josh@...htriplett.org, kees@...nel.org, konstantin@...uxfoundation.org,
 linux-kernel@...r.kernel.org, rostedt@...dmis.org
Subject: Re: [PATCH 0/4] Add agent coding assistant configuration to Linux
 kernel

On 7/27/25 21:57, Sasha Levin wrote:
> This patch series adds unified configuration and documentation for coding
> agents working with the Linux kernel codebase. As coding agents
> become increasingly common in software development, it's important to
> establish clear guidelines for their use in kernel development.

Hi,

this series seems to me somewhat premature. I think we first need a clear
policy wrt LLM usage for the *humans* to follow. It seemed this thread [1]
was going into that direction wrt usage disclosure. BTW I was quite shocked
by Steven's reply there [2] that he learned from the LWN coverage of a
conference talk that he had received a patch fully written by LLM without
any such indication. Now I'm not naive to believe that it's not been
happening already from e.g. first-time contributors, but if that coverage
was accurate, the patch came from a very seasoned kernel contributor and I
really wouldn't expect that to happen.

Also I don't know e.g. the copyright and licensing implications of LLM usage
beyond, say, a smarter automplete are clear? (again, such as writing the
full patch?) The thread [1] touched on it somewhat but not completely. If
that's clear already (IANAL), I'd hope that to be also part of such policy.

I know that your series has patch 4, but that seems to be part of what the
LLM is supposed to include for its prompt (does it make sense to call it
"legal requirements" then?). If it fails to e.g. add the "Co-developed-by:"
there seems to be nothing saying the human should check these things in the
output.

So without such policy first, I fear just merging this alone would send the
message that the kernel is now officially accepting contributions done with
coding assistants, and those assistants will do the right things based on
these configuration files, and the developers using the assistants don't
need to concern themselves with anything more, as it's all covered by the
configuration.

Vlastimil

[1] https://lore.kernel.org/all/20250724175439.76962-1-linux@treblig.org/
[2] https://lore.kernel.org/all/20250724194556.105803db@gandalf.local.home/

> The series consists of four patches:
> 
> 1. The first patch adds unified configuration files for various coding
> agents (Claude, GitHub Copilot, Cursor, Codeium, Continue,
> Windsurf, and Aider). These are all symlinked to a central documentation
> file to ensure consistency across tools.
> 
> 2. The second patch adds core development references that guide
> agents to essential kernel development documentation including how
> to do kernel development, submitting patches, and the submission
> checklist.
> 
> 3. The third patch adds coding style documentation and explicit rules
> that agents must follow, including the 80 character line limit
> and no trailing whitespace requirements.
> 
> 4. The fourth patch adds legal requirements and agent attribution
> guidelines. All agents are required to identify themselves in
> commits using Co-developed-by tags, ensuring full transparency about
> agent involvement in code development.
> 
> Example agent attribution in commits:
> 
>     Co-developed-by: Claude claude-opus-4-20250514
> 
> 
> Changes since RFC:
> - Switch from markdown to RST
> - Break up into multiple files
> - Simplify instructions (we can always bikeshed those later)
> - AI => Agents
> 
> Sasha Levin (4):
>   agents: add unified agent coding assistant configuration
>   agents: add core development references
>   agents: add coding style documentation and rules
>   agents: add legal requirements and agent attribution guidelines
> 
>  .aider.conf.yml                       |  1 +
>  .codeium/instructions.md              |  1 +
>  .continue/context.md                  |  1 +
>  .cursorrules                          |  1 +
>  .github/copilot-instructions.md       |  1 +
>  .windsurfrules                        |  1 +
>  CLAUDE.md                             |  1 +
>  Documentation/agents/coding-style.rst | 35 ++++++++++++++++++++++
>  Documentation/agents/core.rst         | 28 ++++++++++++++++++
>  Documentation/agents/index.rst        | 13 +++++++++
>  Documentation/agents/legal.rst        | 42 +++++++++++++++++++++++++++
>  Documentation/agents/main.rst         | 22 ++++++++++++++
>  12 files changed, 147 insertions(+)
>  create mode 120000 .aider.conf.yml
>  create mode 120000 .codeium/instructions.md
>  create mode 120000 .continue/context.md
>  create mode 120000 .cursorrules
>  create mode 120000 .github/copilot-instructions.md
>  create mode 120000 .windsurfrules
>  create mode 120000 CLAUDE.md
>  create mode 100644 Documentation/agents/coding-style.rst
>  create mode 100644 Documentation/agents/core.rst
>  create mode 100644 Documentation/agents/index.rst
>  create mode 100644 Documentation/agents/legal.rst
>  create mode 100644 Documentation/agents/main.rst
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ