linux-next/Documentation/process
Thomas Gleixner ddaedbbece Documentation/process: Embargoed hardware security issues
To address the requirements of embargoed hardware issues, like Meltdown,
Spectre, L1TF etc. it is necessary to define and document a process for
handling embargoed hardware security issues.

Following the discussion at the maintainer summit 2018 in Edinburgh
(https://lwn.net/Articles/769417/) the volunteered people have worked
out a process and a Memorandum of Understanding.  The latter addresses
the fact that the Linux kernel community cannot sign NDAs for various
reasons.

The initial contact point for hardware security issues is different from
the regular kernel security contact to provide a known and neutral
interface for hardware vendors and researchers. The initial primary
contact team is proposed to be staffed by Linux Foundation Fellows, who
are not associated to a vendor or a distribution and are well connected
in the industry as a whole.

The process is designed with the experience of the past incidents in
mind and tries to address the remaining gaps, so future (hopefully rare)
incidents can be handled more efficiently.  It won't remove the fact,
that most of this has to be done behind closed doors, but it is set up
to avoid big bureaucratic hurdles for individual developers.

The process is solely for handling hardware security issues and cannot
be used for regular kernel (software only) security bugs.

This memo can help with hardware companies who, and I quote, "[my
manager] doesn't want to bet his job on the list keeping things secret."
This despite numerous leaks directly from that company over the years,
and none ever so far from the kernel security team.  Cognitive
dissidence seems to be a requirement to be a good manager.

To accelerate the adoption of this  process, we introduce the concept of
ambassadors in participating companies. The ambassadors are there to
guide people to comply with the process, but are not automatically
involved in the disclosure of a particular incident.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Acked-by: Laura Abbott <labbott@redhat.com>
Acked-by: Ben Hutchings <ben@decadent.org.uk>
Reviewed-by: Tyler Hicks <tyhicks@canonical.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Jiri Kosina <jkosina@suse.cz>
Link: https://lore.kernel.org/r/20190815212505.GC12041@kroah.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-08-28 22:36:07 +02:00
..
1.Intro.rst doc:it_IT: add some process/* translations 2018-11-20 09:11:12 -07:00
2.Process.rst docs: fix typo in table describing 4.16 development cycle 2018-08-31 16:28:06 -06:00
3.Early-stage.rst Documentation/process: phrasofix 2017-09-26 14:53:51 -06:00
4.Coding.rst docs: fault-injection: convert docs to ReST and rename to *.rst 2019-06-14 14:21:07 -06:00
5.Posting.rst docs: Clarify the usage and sign-off requirements for Co-developed-by 2019-03-25 10:30:32 -06:00
6.Followthrough.rst docs: rename development-process/ to process/ 2016-10-24 08:12:35 -02:00
7.AdvancedTopics.rst docs: rename development-process/ to process/ 2016-10-24 08:12:35 -02:00
8.Conclusion.rst doc:process: add links where missing 2018-12-06 10:21:19 -07:00
adding-syscalls.rst doc:it_IT: add some process/* translations 2018-11-20 09:11:12 -07:00
applying-patches.rst Documentation: change linux-4.x references to 5.x 2019-02-17 15:41:05 -07:00
changes.rst Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2019-07-11 10:55:49 -07:00
clang-format.rst clang-format: add configuration file 2018-04-11 10:28:35 -07:00
code-of-conduct-interpretation.rst Code of Conduct Interpretation: Put in the proper URL for the committee 2018-10-22 07:33:36 +01:00
code-of-conduct.rst Code of Conduct: Change the contact email address 2018-10-22 07:33:36 +01:00
coding-style.rst docs: kbuild: convert docs to ReST and rename to *.rst 2019-06-14 14:21:21 -06:00
deprecated.rst Makefile: Globally enable fall-through warning 2019-07-25 20:13:54 -05:00
development-process.rst docs: rename development-process/ to process/ 2016-10-24 08:12:35 -02:00
email-clients.rst doc: Document suitability of IBM Verse for kernel development 2017-06-22 10:22:41 -06:00
embargoed-hardware-issues.rst Documentation/process: Embargoed hardware security issues 2019-08-28 22:36:07 +02:00
howto.rst docs: Fix spelling mistake 2019-04-09 15:14:44 -06:00
index.rst Documentation/process: Embargoed hardware security issues 2019-08-28 22:36:07 +02:00
kernel-docs.rst Documentation: kernel-docs: Remove entry for vfs.txt 2019-04-08 16:05:18 -06:00
kernel-driver-statement.rst doc:it_IT: add some process/* translations 2018-11-20 09:11:12 -07:00
kernel-enforcement-statement.rst doc:it_IT: add some process/* translations 2018-11-20 09:11:12 -07:00
license-rules.rst LICENSES: Rename other to deprecated 2019-05-03 06:34:32 -06:00
magic-number.rst doc:it_IT: add some process/* translations 2018-11-20 09:11:12 -07:00
maintainer-pgp-guide.rst Documentation: PGP: update for newer HW devices 2019-06-26 16:08:03 -06:00
management-style.rst doc:process: add links where missing 2018-12-06 10:21:19 -07:00
programming-language.rst Compiler Attributes: add Doc/process/programming-language.rst 2018-09-30 20:14:04 +02:00
stable-api-nonsense.rst doc: process: GPL -> GPL-compatible 2019-02-01 16:19:11 -07:00
stable-kernel-rules.rst stable-kernel-rules.rst: add link to networking patch queue 2019-02-01 16:11:55 -07:00
submit-checklist.rst docs: ioctl-number.txt: convert it to ReST format 2019-07-15 09:20:26 -03:00
submitting-drivers.rst docs: power: convert docs to ReST and rename to *.rst 2019-06-14 16:08:36 -05:00
submitting-patches.rst docs: Clarify the usage and sign-off requirements for Co-developed-by 2019-03-25 10:30:32 -06:00
volatile-considered-harmful.rst Documentation/atomic_ops.txt: convert to ReST markup 2016-11-30 17:40:52 -07:00