Difference between revisions of "Kernel Self Protection Project/Patch Tracking"

From Linux Kernel Security Subsystem
Jump to navigation Jump to search
(process overview)
 
m (fix formatting)
Line 1: Line 1:
= Overview =
= Overview =
The primary place where patches are tracked is through our [https://patchwork.kernel.org/project/linux-hardening/list/|patchwork instance]. This helps collect Reviewed-by, Acked-by, Tested-by, etc, tags in a single place to see status.
The primary place where [[Kernel_Self_Protection_Project|KSPP]] patches are tracked is through our [https://patchwork.kernel.org/project/linux-hardening/list/ patchwork instance]. This helps collect Reviewed-by, Acked-by, Tested-by, etc, tags in a single place to see status.


= Process =
= Process =
Line 6: Line 6:
The overview list shows patches that need some kind of work to move through the tracking process:
The overview list shows patches that need some kind of work to move through the tracking process:


* [https://patchwork.kernel.org/project/linux-hardening/list/|Action Needed]: Needs work from someone from the linux-hardening patchwork team.
* [https://patchwork.kernel.org/project/linux-hardening/list/ Action Needed]: Needs work from someone from the linux-hardening patchwork team.


The specific "state machine" we use follows this path:
The specific "state machine" we use follows this path:


* [https://patchwork.kernel.org/project/linux-hardening/list/?series=&submitter=&state=1&q=&archive=&delegate=|New]: No activity yet.
* [https://patchwork.kernel.org/project/linux-hardening/list/?series=&submitter=&state=1&q=&archive=&delegate= New]: No activity yet.
  * Move to "Under Review" (possibly with a delegate assigned to do the review).
** Move to "Under Review" (possibly with a delegate assigned to do the review).
  * Move to "Superseded" if a newer version of the same patch has been sent (the patchwork-bot usually does this automatically).
** Move to "Superseded" if a newer version of the same patch has been sent (the patchwork-bot usually does this automatically).
* [https://patchwork.kernel.org/project/linux-hardening/list/?series=&submitter=&state=2&q=&archive=&delegate=|Under Review]: Reviewers need to give feedback on the patch.
* [https://patchwork.kernel.org/project/linux-hardening/list/?series=&submitter=&state=2&q=&archive=&delegate= Under Review]: Reviewers need to give feedback on the patch.
  * Move to "Changes Requested" if a new version of the patch is needed after review feedback.
** Move to "Changes Requested" if a new version of the patch is needed after review feedback.
  * Move to "Handled Elsewhere" if a non-linux-hardening tree says they are applying the patch.
** Move to "Handled Elsewhere" if a non-linux-hardening tree says they are applying the patch.
  * Move to "Queued" if a linux-hardening tree applies the patch.
** Move to "Queued" if a linux-hardening tree applies the patch.
  * Move to "Superseded" if a newer version of the same patch has been sent (the patchwork-bot usually does this automatically).
** Move to "Superseded" if a newer version of the same patch has been sent (the patchwork-bot usually does this automatically).
  * In rare cases, a patch can be moved to "Rejected", but that is uncommon, as normally review feedback is expected to be acted on.
** In rare cases, a patch can be moved to "Rejected", but that is uncommon, as normally review feedback is expected to be acted on.
* [https://patchwork.kernel.org/project/linux-hardening/list/?series=&submitter=&state=17&q=&archive=&delegate=|Handled Elsewhere]: Going via another tree, but not yet in linux-next.
* [https://patchwork.kernel.org/project/linux-hardening/list/?series=&submitter=&state=17&q=&archive=&delegate= Handled Elsewhere]: Going via another tree, but not yet in linux-next.
  * Move to "Awaiting Upstream" once a patch appears in linux-next (the patchwork-bot usually does this automatically).
** Move to "Awaiting Upstream" once a patch appears in linux-next (the patchwork-bot usually does this automatically).
* [https://patchwork.kernel.org/project/linux-hardening/list/?series=&submitter=&state=13&q=&archive=&delegate=|Queued]: Going via a linux-hardening tree, but not yet in linux-next.
* [https://patchwork.kernel.org/project/linux-hardening/list/?series=&submitter=&state=13&q=&archive=&delegate= Queued]: Going via a linux-hardening tree, but not yet in linux-next.
  * Move to "Awaiting Upstream" once a patch appears in linux-next (the patchwork-bot usually does this automatically).
** Move to "Awaiting Upstream" once a patch appears in linux-next (the patchwork-bot usually does this automatically).
* [https://patchwork.kernel.org/project/linux-hardening/list/?series=&submitter=&state=8&q=&archive=&delegate=|Awaiting Upstream]: In linux-next, but not yet in Linus's tree.
* [https://patchwork.kernel.org/project/linux-hardening/list/?series=&submitter=&state=8&q=&archive=&delegate= Awaiting Upstream]: In linux-next, but not yet in Linus's tree.
  * Move to "Mainlined" once a patch appears in Linus's tree (the patchwork-bot usually does this automatically).
** Move to "Mainlined" once a patch appears in Linus's tree (the patchwork-bot usually does this automatically).
* [https://patchwork.kernel.org/project/linux-hardening/list/?series=&submitter=&state=11&q=&archive=&delegate=|Mainlined]: Done! In Linus's tree.
* [https://patchwork.kernel.org/project/linux-hardening/list/?series=&submitter=&state=11&q=&archive=&delegate= Mainlined]: Done! In Linus's tree.

Revision as of 22:11, 20 October 2021

Overview

The primary place where KSPP patches are tracked is through our patchwork instance. This helps collect Reviewed-by, Acked-by, Tested-by, etc, tags in a single place to see status.

Process

The overview list shows patches that need some kind of work to move through the tracking process:

  • Action Needed: Needs work from someone from the linux-hardening patchwork team.

The specific "state machine" we use follows this path:

  • New: No activity yet.
    • Move to "Under Review" (possibly with a delegate assigned to do the review).
    • Move to "Superseded" if a newer version of the same patch has been sent (the patchwork-bot usually does this automatically).
  • Under Review: Reviewers need to give feedback on the patch.
    • Move to "Changes Requested" if a new version of the patch is needed after review feedback.
    • Move to "Handled Elsewhere" if a non-linux-hardening tree says they are applying the patch.
    • Move to "Queued" if a linux-hardening tree applies the patch.
    • Move to "Superseded" if a newer version of the same patch has been sent (the patchwork-bot usually does this automatically).
    • In rare cases, a patch can be moved to "Rejected", but that is uncommon, as normally review feedback is expected to be acted on.
  • Handled Elsewhere: Going via another tree, but not yet in linux-next.
    • Move to "Awaiting Upstream" once a patch appears in linux-next (the patchwork-bot usually does this automatically).
  • Queued: Going via a linux-hardening tree, but not yet in linux-next.
    • Move to "Awaiting Upstream" once a patch appears in linux-next (the patchwork-bot usually does this automatically).
  • Awaiting Upstream: In linux-next, but not yet in Linus's tree.
    • Move to "Mainlined" once a patch appears in Linus's tree (the patchwork-bot usually does this automatically).
  • Mainlined: Done! In Linus's tree.