lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20260108151437.3188cd53@gandalf.local.home>
Date: Thu, 8 Jan 2026 15:14:37 -0500
From: Steven Rostedt <rostedt@...dmis.org>
To: Dave Hansen <dave@...1.net>
Cc: Lorenzo Stoakes <lorenzo.stoakes@...cle.com>, Dave Hansen
 <dave.hansen@...el.com>, James Bottomley
 <James.Bottomley@...senpartnership.com>, Dave Hansen
 <dave.hansen@...ux.intel.com>, linux-kernel@...r.kernel.org, Shuah Khan
 <shuah@...nel.org>, Kees Cook <kees@...nel.org>, Greg Kroah-Hartman
 <gregkh@...uxfoundation.org>, Miguel Ojeda <ojeda@...nel.org>, Luis
 Chamberlain <mcgrof@...nel.org>, SeongJae Park <sj@...nel.org>, Dan
 Williams <dan.j.williams@...el.com>, NeilBrown <neilb@...mail.net>,
 Theodore Ts'o <tytso@....edu>, Sasha Levin <sashal@...nel.org>, Jonathan
 Corbet <corbet@....net>, Vlastimil Babka <vbabka@...e.cz>,
 workflows@...r.kernel.org, ksummit@...ts.linux.dev
Subject: Re: [PATCH] [v3] Documentation: Provide guidelines for
 tool-generated content

On Thu, 8 Jan 2026 11:50:29 -0800
Dave Hansen <dave@...1.net> wrote:

> On 1/8/26 11:23, Lorenzo Stoakes wrote:
> > I'm also not sure why we're losing the scrutiny part?
> > 
> > Something like:
> > 
> > +If tools permit you to generate series entirely automatically, expect
> > +additional scrutiny.  
> 
> The reason I resisted integrating this is it tries to draw too specific
> a line in the sand. Someone could rightfully read that and say they
> don't expect additional scrutiny because the entire series was not
> automatically generated.
> 
> What I want to say is: the more automation your tool provides, the more
> scrutiny you get. Maybe:
> 
> 	Expect increasing amounts of maintainer scrutiny on
> 	contributions that were increasingly generated by tooling.

Honestly that just sounds "grumpy" to me ;-)

How about something like:

	All tooling is prone to make mistakes that differ from mistakes
	generated by humans. A maintainer may push back harder on
	submissions that were entirely or partially generated by tooling
	and expect the submitter to demonstrate that even the generated
	code was verified to be accurate.

-- Steve

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ