xref: /linux/Documentation/process/researcher-guidelines.rst (revision c532de5a67a70f8533d495f8f2aaa9a0491c3ad0)
1.. SPDX-License-Identifier: GPL-2.0
2
3.. _researcher_guidelines:
4
5Researcher Guidelines
6+++++++++++++++++++++
7
8The Linux kernel community welcomes transparent research on the Linux
9kernel, the activities involved in producing it, and any other byproducts
10of its development. Linux benefits greatly from this kind of research, and
11most aspects of Linux are driven by research in one form or another.
12
13The community greatly appreciates if researchers can share preliminary
14findings before making their results public, especially if such research
15involves security. Getting involved early helps both improve the quality
16of research and ability for Linux to improve from it. In any case,
17sharing open access copies of the published research with the community
18is recommended.
19
20This document seeks to clarify what the Linux kernel community considers
21acceptable and non-acceptable practices when conducting such research. At
22the very least, such research and related activities should follow
23standard research ethics rules. For more background on research ethics
24generally, ethics in technology, and research of developer communities
25in particular, see:
26
27* `History of Research Ethics <https://www.unlv.edu/research/ORI-HSR/history-ethics>`_
28* `IEEE Ethics <https://www.ieee.org/about/ethics/index.html>`_
29* `Developer and Researcher Views on the Ethics of Experiments on Open-Source Projects <https://arxiv.org/pdf/2112.13217.pdf>`_
30
31The Linux kernel community expects that everyone interacting with the
32project is participating in good faith to make Linux better. Research on
33any publicly-available artifact (including, but not limited to source
34code) produced by the Linux kernel community is welcome, though research
35on developers must be distinctly opt-in.
36
37Passive research that is based entirely on publicly available sources,
38including posts to public mailing lists and commits to public
39repositories, is clearly permissible. Though, as with any research,
40standard ethics must still be followed.
41
42Active research on developer behavior, however, must be done with the
43explicit agreement of, and full disclosure to, the individual developers
44involved. Developers cannot be interacted with/experimented on without
45consent; this, too, is standard research ethics.
46
47Surveys
48=======
49
50Research often takes the form of surveys sent to maintainers or
51contributors.  As a general rule, though, the kernel community derives
52little value from these surveys.  The kernel development process works
53because every developer benefits from their participation, even working
54with others who have different goals.  Responding to a survey, though, is a
55one-way demand placed on busy developers with no corresponding benefit to
56themselves or to the kernel community as a whole.  For this reason, this
57method of research is discouraged.
58
59Kernel community members already receive far too much email and are likely
60to perceive survey requests as just another demand on their time.  Sending
61such requests deprives the community of valuable contributor time and is
62unlikely to yield a statistically useful response.
63
64As an alternative, researchers should consider attending developer events,
65hosting sessions where the research project and its benefits to the
66participants can be explained, and interacting directly with the community
67there.  The information received will be far richer than that obtained from
68an email survey, and the community will gain from the ability to learn from
69your insights as well.
70
71Patches
72=======
73
74To help clarify: sending patches to developers *is* interacting
75with them, but they have already consented to receiving *good faith
76contributions*. Sending intentionally flawed/vulnerable patches or
77contributing misleading information to discussions is not consented
78to. Such communication can be damaging to the developer (e.g. draining
79time, effort, and morale) and damaging to the project by eroding
80the entire developer community's trust in the contributor (and the
81contributor's organization as a whole), undermining efforts to provide
82constructive feedback to contributors, and putting end users at risk of
83software flaws.
84
85Participation in the development of Linux itself by researchers, as
86with anyone, is welcomed and encouraged. Research into Linux code is
87a common practice, especially when it comes to developing or running
88analysis tools that produce actionable results.
89
90When engaging with the developer community, sending a patch has
91traditionally been the best way to make an impact. Linux already has
92plenty of known bugs -- what's much more helpful is having vetted fixes.
93Before contributing, carefully read the appropriate documentation:
94
95* Documentation/process/development-process.rst
96* Documentation/process/submitting-patches.rst
97* Documentation/admin-guide/reporting-issues.rst
98* Documentation/process/security-bugs.rst
99
100Then send a patch (including a commit log with all the details listed
101below) and follow up on any feedback from other developers.
102
103When sending patches produced from research, the commit logs should
104contain at least the following details, so that developers have
105appropriate context for understanding the contribution. Answer:
106
107* What is the specific problem that has been found?
108* How could the problem be reached on a running system?
109* What effect would encountering the problem have on the system?
110* How was the problem found? Specifically include details about any
111  testing, static or dynamic analysis programs, and any other tools or
112  methods used to perform the work.
113* Which version of Linux was the problem found on? Using the most recent
114  release or a recent linux-next branch is strongly preferred (see
115  Documentation/process/howto.rst).
116* What was changed to fix the problem, and why it is believed to be correct?
117* How was the change build tested and run-time tested?
118* What prior commit does this change fix? This should go in a "Fixes:"
119  tag as the documentation describes.
120* Who else has reviewed this patch? This should go in appropriate
121  "Reviewed-by:" tags; see below.
122
123For example::
124
125  From: Author <author@email>
126  Subject: [PATCH] drivers/foo_bar: Add missing kfree()
127
128  The error path in foo_bar driver does not correctly free the allocated
129  struct foo_bar_info. This can happen if the attached foo_bar device
130  rejects the initialization packets sent during foo_bar_probe(). This
131  would result in a 64 byte slab memory leak once per device attach,
132  wasting memory resources over time.
133
134  This flaw was found using an experimental static analysis tool we are
135  developing, LeakMagic[1], which reported the following warning when
136  analyzing the v5.15 kernel release:
137
138   path/to/foo_bar.c:187: missing kfree() call?
139
140  Add the missing kfree() to the error path. No other references to
141  this memory exist outside the probe function, so this is the only
142  place it can be freed.
143
144  x86_64 and arm64 defconfig builds with CONFIG_FOO_BAR=y using GCC
145  11.2 show no new warnings, and LeakMagic no longer warns about this
146  code path. As we don't have a FooBar device to test with, no runtime
147  testing was able to be performed.
148
149  [1] https://url/to/leakmagic/details
150
151  Reported-by: Researcher <researcher@email>
152  Fixes: aaaabbbbccccdddd ("Introduce support for FooBar")
153  Signed-off-by: Author <author@email>
154  Reviewed-by: Reviewer <reviewer@email>
155
156If you are a first time contributor it is recommended that the patch
157itself be vetted by others privately before being posted to public lists.
158(This is required if you have been explicitly told your patches need
159more careful internal review.) These people are expected to have their
160"Reviewed-by" tag included in the resulting patch. Finding another
161developer familiar with Linux contribution, especially within your own
162organization, and having them help with reviews before sending them to
163the public mailing lists tends to significantly improve the quality of the
164resulting patches, and there by reduces the burden on other developers.
165
166If no one can be found to internally review patches and you need
167help finding such a person, or if you have any other questions
168related to this document and the developer community's expectations,
169please reach out to the private Technical Advisory Board mailing list:
170<tech-board@groups.linuxfoundation.org>.
171