1.. _stable_kernel_rules: 2 3Everything you ever wanted to know about Linux -stable releases 4=============================================================== 5 6Rules on what kind of patches are accepted, and which ones are not, into the 7"-stable" tree: 8 9 - It must be obviously correct and tested. 10 - It cannot be bigger than 100 lines, with context. 11 - It must fix only one thing. 12 - It must fix a real bug that bothers people (not a, "This could be a 13 problem..." type thing). 14 - It must fix a problem that causes a build error (but not for things 15 marked CONFIG_BROKEN), an oops, a hang, data corruption, a real 16 security issue, or some "oh, that's not good" issue. In short, something 17 critical. 18 - Serious issues as reported by a user of a distribution kernel may also 19 be considered if they fix a notable performance or interactivity issue. 20 As these fixes are not as obvious and have a higher risk of a subtle 21 regression they should only be submitted by a distribution kernel 22 maintainer and include an addendum linking to a bugzilla entry if it 23 exists and additional information on the user-visible impact. 24 - New device IDs and quirks are also accepted. 25 - No "theoretical race condition" issues, unless an explanation of how the 26 race can be exploited is also provided. 27 - It cannot contain any "trivial" fixes in it (spelling changes, 28 whitespace cleanups, etc). 29 - It must follow the 30 :ref:`Documentation/process/submitting-patches.rst <submittingpatches>` 31 rules. 32 - It or an equivalent fix must already exist in Linus' tree (upstream). 33 34 35Procedure for submitting patches to the -stable tree 36---------------------------------------------------- 37 38.. note:: 39 40 Security patches should not be handled (solely) by the -stable review 41 process but should follow the procedures in 42 :ref:`Documentation/admin-guide/security-bugs.rst <securitybugs>`. 43 44For all other submissions, choose one of the following procedures 45----------------------------------------------------------------- 46 47.. _option_1: 48 49Option 1 50******** 51 52To have the patch automatically included in the stable tree, add the tag 53 54.. code-block:: none 55 56 Cc: stable@vger.kernel.org 57 58in the sign-off area. Once the patch is merged it will be applied to 59the stable tree without anything else needing to be done by the author 60or subsystem maintainer. 61 62.. _option_2: 63 64Option 2 65******** 66 67After the patch has been merged to Linus' tree, send an email to 68stable@vger.kernel.org containing the subject of the patch, the commit ID, 69why you think it should be applied, and what kernel version you wish it to 70be applied to. 71 72.. _option_3: 73 74Option 3 75******** 76 77Send the patch, after verifying that it follows the above rules, to 78stable@vger.kernel.org. You must note the upstream commit ID in the 79changelog of your submission, as well as the kernel version you wish 80it to be applied to. 81 82:ref:`option_1` is **strongly** preferred, is the easiest and most common. 83:ref:`option_2` and :ref:`option_3` are more useful if the patch isn't deemed 84worthy at the time it is applied to a public git tree (for instance, because 85it deserves more regression testing first). :ref:`option_3` is especially 86useful if the original upstream patch needs to be backported (for example 87the backport needs some special handling due to e.g. API changes). 88 89Note that for :ref:`option_3`, if the patch deviates from the original 90upstream patch (for example because it had to be backported) this must be very 91clearly documented and justified in the patch description. 92 93The upstream commit ID must be specified with a separate line above the commit 94text, like this: 95 96.. code-block:: none 97 98 commit <sha1> upstream. 99 100or alternatively: 101 102.. code-block:: none 103 104 [ Upstream commit <sha1> ] 105 106Additionally, some patches submitted via :ref:`option_1` may have additional 107patch prerequisites which can be cherry-picked. This can be specified in the 108following format in the sign-off area: 109 110.. code-block:: none 111 112 Cc: <stable@vger.kernel.org> # 3.3.x: a1f84a3: sched: Check for idle 113 Cc: <stable@vger.kernel.org> # 3.3.x: 1b9508f: sched: Rate-limit newidle 114 Cc: <stable@vger.kernel.org> # 3.3.x: fd21073: sched: Fix affinity logic 115 Cc: <stable@vger.kernel.org> # 3.3.x 116 Signed-off-by: Ingo Molnar <mingo@elte.hu> 117 118The tag sequence has the meaning of: 119 120.. code-block:: none 121 122 git cherry-pick a1f84a3 123 git cherry-pick 1b9508f 124 git cherry-pick fd21073 125 git cherry-pick <this commit> 126 127Also, some patches may have kernel version prerequisites. This can be 128specified in the following format in the sign-off area: 129 130.. code-block:: none 131 132 Cc: <stable@vger.kernel.org> # 3.3.x 133 134The tag has the meaning of: 135 136.. code-block:: none 137 138 git cherry-pick <this commit> 139 140For each "-stable" tree starting with the specified version. 141 142Following the submission: 143 144 - The sender will receive an ACK when the patch has been accepted into the 145 queue, or a NAK if the patch is rejected. This response might take a few 146 days, according to the developer's schedules. 147 - If accepted, the patch will be added to the -stable queue, for review by 148 other developers and by the relevant subsystem maintainer. 149 150 151Review cycle 152------------ 153 154 - When the -stable maintainers decide for a review cycle, the patches will be 155 sent to the review committee, and the maintainer of the affected area of 156 the patch (unless the submitter is the maintainer of the area) and CC: to 157 the linux-kernel mailing list. 158 - The review committee has 48 hours in which to ACK or NAK the patch. 159 - If the patch is rejected by a member of the committee, or linux-kernel 160 members object to the patch, bringing up issues that the maintainers and 161 members did not realize, the patch will be dropped from the queue. 162 - The ACKed patches will be posted again as part of release candidate (-rc) 163 to be tested by developers and testers. 164 - Usually only one -rc release is made, however if there are any outstanding 165 issues, some patches may be modified or dropped or additional patches may 166 be queued. Additional -rc releases are then released and tested until no 167 issues are found. 168 - Responding to the -rc releases can be done on the mailing list by sending 169 a "Tested-by:" email with any testing information desired. The "Tested-by:" 170 tags will be collected and added to the release commit. 171 - At the end of the review cycle, the new -stable release will be released 172 containing all the queued and tested patches. 173 - Security patches will be accepted into the -stable tree directly from the 174 security kernel team, and not go through the normal review cycle. 175 Contact the kernel security team for more details on this procedure. 176 177Trees 178----- 179 180 - The queues of patches, for both completed versions and in progress 181 versions can be found at: 182 183 https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git 184 185 - The finalized and tagged releases of all stable kernels can be found 186 in separate branches per version at: 187 188 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git 189 190 - The release candidate of all stable kernel versions can be found at: 191 192 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/ 193 194 .. warning:: 195 The -stable-rc tree is a snapshot in time of the stable-queue tree and 196 will change frequently, hence will be rebased often. It should only be 197 used for testing purposes (e.g. to be consumed by CI systems). 198 199 200Review committee 201---------------- 202 203 - This is made up of a number of kernel developers who have volunteered for 204 this task, and a few that haven't. 205