xref: /linux/Documentation/process/stable-kernel-rules.rst (revision 808094fcbf4196be0feb17afbbdc182ec95c8cec)
1.. _stable_kernel_rules:
2
3Everything you ever wanted to know about Linux -stable releases
4===============================================================
5
6Rules on what kind of patches are accepted, and which ones are not, into the
7"-stable" tree:
8
9 - It must be obviously correct and tested.
10 - It cannot be bigger than 100 lines, with context.
11 - It must fix only one thing.
12 - It must fix a real bug that bothers people (not a, "This could be a
13   problem..." type thing).
14 - It must fix a problem that causes a build error (but not for things
15   marked CONFIG_BROKEN), an oops, a hang, data corruption, a real
16   security issue, or some "oh, that's not good" issue.  In short, something
17   critical.
18 - Serious issues as reported by a user of a distribution kernel may also
19   be considered if they fix a notable performance or interactivity issue.
20   As these fixes are not as obvious and have a higher risk of a subtle
21   regression they should only be submitted by a distribution kernel
22   maintainer and include an addendum linking to a bugzilla entry if it
23   exists and additional information on the user-visible impact.
24 - New device IDs and quirks are also accepted.
25 - No "theoretical race condition" issues, unless an explanation of how the
26   race can be exploited is also provided.
27 - It cannot contain any "trivial" fixes in it (spelling changes,
28   whitespace cleanups, etc).
29 - It must follow the
30   :ref:`Documentation/process/submitting-patches.rst <submittingpatches>`
31   rules.
32 - It or an equivalent fix must already exist in Linus' tree (upstream).
33
34
35Procedure for submitting patches to the -stable tree
36----------------------------------------------------
37
38 - Security patches should not be handled (solely) by the -stable review
39   process but should follow the procedures in
40   :ref:`Documentation/admin-guide/security-bugs.rst <securitybugs>`.
41
42For all other submissions, choose one of the following procedures
43-----------------------------------------------------------------
44
45.. _option_1:
46
47Option 1
48********
49
50To have the patch automatically included in the stable tree, add the tag
51
52.. code-block:: none
53
54     Cc: stable@vger.kernel.org
55
56in the sign-off area. Once the patch is merged it will be applied to
57the stable tree without anything else needing to be done by the author
58or subsystem maintainer.
59
60.. _option_2:
61
62Option 2
63********
64
65After the patch has been merged to Linus' tree, send an email to
66stable@vger.kernel.org containing the subject of the patch, the commit ID,
67why you think it should be applied, and what kernel version you wish it to
68be applied to.
69
70.. _option_3:
71
72Option 3
73********
74
75Send the patch, after verifying that it follows the above rules, to
76stable@vger.kernel.org.  You must note the upstream commit ID in the
77changelog of your submission, as well as the kernel version you wish
78it to be applied to.
79
80:ref:`option_1` is **strongly** preferred, is the easiest and most common.
81:ref:`option_2` and :ref:`option_3` are more useful if the patch isn't deemed
82worthy at the time it is applied to a public git tree (for instance, because
83it deserves more regression testing first).  :ref:`option_3` is especially
84useful if the patch needs some special handling to apply to an older kernel
85(e.g., if API's have changed in the meantime).
86
87Note that for :ref:`option_3`, if the patch deviates from the original
88upstream patch (for example because it had to be backported) this must be very
89clearly documented and justified in the patch description.
90
91The upstream commit ID must be specified with a separate line above the commit
92text, like this:
93
94.. code-block:: none
95
96    commit <sha1> upstream.
97
98Additionally, some patches submitted via :ref:`option_1` may have additional
99patch prerequisites which can be cherry-picked. This can be specified in the
100following format in the sign-off area:
101
102.. code-block:: none
103
104     Cc: <stable@vger.kernel.org> # 3.3.x: a1f84a3: sched: Check for idle
105     Cc: <stable@vger.kernel.org> # 3.3.x: 1b9508f: sched: Rate-limit newidle
106     Cc: <stable@vger.kernel.org> # 3.3.x: fd21073: sched: Fix affinity logic
107     Cc: <stable@vger.kernel.org> # 3.3.x
108     Signed-off-by: Ingo Molnar <mingo@elte.hu>
109
110The tag sequence has the meaning of:
111
112.. code-block:: none
113
114     git cherry-pick a1f84a3
115     git cherry-pick 1b9508f
116     git cherry-pick fd21073
117     git cherry-pick <this commit>
118
119Also, some patches may have kernel version prerequisites.  This can be
120specified in the following format in the sign-off area:
121
122.. code-block:: none
123
124     Cc: <stable@vger.kernel.org> # 3.3.x
125
126The tag has the meaning of:
127
128.. code-block:: none
129
130     git cherry-pick <this commit>
131
132For each "-stable" tree starting with the specified version.
133
134Following the submission:
135
136 - The sender will receive an ACK when the patch has been accepted into the
137   queue, or a NAK if the patch is rejected.  This response might take a few
138   days, according to the developer's schedules.
139 - If accepted, the patch will be added to the -stable queue, for review by
140   other developers and by the relevant subsystem maintainer.
141
142
143Review cycle
144------------
145
146 - When the -stable maintainers decide for a review cycle, the patches will be
147   sent to the review committee, and the maintainer of the affected area of
148   the patch (unless the submitter is the maintainer of the area) and CC: to
149   the linux-kernel mailing list.
150 - The review committee has 48 hours in which to ACK or NAK the patch.
151 - If the patch is rejected by a member of the committee, or linux-kernel
152   members object to the patch, bringing up issues that the maintainers and
153   members did not realize, the patch will be dropped from the queue.
154 - At the end of the review cycle, the ACKed patches will be added to the
155   latest -stable release, and a new -stable release will happen.
156 - Security patches will be accepted into the -stable tree directly from the
157   security kernel team, and not go through the normal review cycle.
158   Contact the kernel security team for more details on this procedure.
159
160Trees
161-----
162
163 - The queues of patches, for both completed versions and in progress
164   versions can be found at:
165
166	https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git
167
168 - The finalized and tagged releases of all stable kernels can be found
169   in separate branches per version at:
170
171	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git
172
173
174Review committee
175----------------
176
177 - This is made up of a number of kernel developers who have volunteered for
178   this task, and a few that haven't.
179