lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20221206110207.303de16f@kernel.org>
Date:   Tue, 6 Dec 2022 11:02:07 -0800
From:   Jakub Kicinski <kuba@...nel.org>
To:     "netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: driver reviewer rotation

Hi!

As some of you may have noticed we have restarted a structured reviewer
rotation. There should be an uptick in the number of reviews when you
post patches.

Here is some details, and background info.

The majority of submissions we get are for drivers. We have tried 
to create a driver review rotation a while back, to increase the
review coverage, but it fizzled out. We're taking a second go at it.

The new rotation is limited in length (4 weeks) and focused on
involving NIC teams (nVidia, Intel, Broadcom, plus Meta/FB to make 
it 4), rather than particular individuals. I picked the NIC vendors 
for multiple reasons - with small exceptions they send more patches 
than they review. Secondly they have rather large teams, which makes 
it easier to create a stable rotation - employees from the same org 
can load balance and cover for each other. Last but not least, I have 
a possibly unfounded belief, that in a vendor setting the additional
structure of a review rotation is doubly beneficial as "organized
efforts" are usually easier to justify to corporate overlords.

Please feel free to reach out if you'd like to also be a part of 
a review rotation. We can start a second circle or double up one of 
the shifts... we'll figure something out. Also please reach out with 
any comments / concerns / feedback.

FWIW any "corporate involvement" in the community makes me feel uneasy
(and I hope that other community members share this feeling).
So please don't view this as any form of corporate collusion or giving
companies themselves influence. This is also not an indictment against
the community members who are already investing their time in reviewing
code, and making this project work...

HTH

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ