xref: /linux/Documentation/process/stable-kernel-rules.rst (revision f9bff0e31881d03badf191d3b0005839391f5f2b)
1.. _stable_kernel_rules:
2
3Everything you ever wanted to know about Linux -stable releases
4===============================================================
5
6Rules on what kind of patches are accepted, and which ones are not, into the
7"-stable" tree:
8
9 - It must be obviously correct and tested.
10 - It cannot be bigger than 100 lines, with context.
11 - It must fix only one thing.
12 - It must fix a real bug that bothers people (not a, "This could be a
13   problem..." type thing).
14 - It must fix a problem that causes a build error (but not for things
15   marked CONFIG_BROKEN), an oops, a hang, data corruption, a real
16   security issue, or some "oh, that's not good" issue.  In short, something
17   critical.
18 - Serious issues as reported by a user of a distribution kernel may also
19   be considered if they fix a notable performance or interactivity issue.
20   As these fixes are not as obvious and have a higher risk of a subtle
21   regression they should only be submitted by a distribution kernel
22   maintainer and include an addendum linking to a bugzilla entry if it
23   exists and additional information on the user-visible impact.
24 - New device IDs and quirks are also accepted.
25 - No "theoretical race condition" issues, unless an explanation of how the
26   race can be exploited is also provided.
27 - It cannot contain any "trivial" fixes in it (spelling changes,
28   whitespace cleanups, etc).
29 - It must follow the
30   :ref:`Documentation/process/submitting-patches.rst <submittingpatches>`
31   rules.
32 - It or an equivalent fix must already exist in Linus' tree (upstream).
33
34
35Procedure for submitting patches to the -stable tree
36----------------------------------------------------
37
38.. note::
39
40   Security patches should not be handled (solely) by the -stable review
41   process but should follow the procedures in
42   :ref:`Documentation/process/security-bugs.rst <securitybugs>`.
43
44For all other submissions, choose one of the following procedures
45-----------------------------------------------------------------
46
47.. _option_1:
48
49Option 1
50********
51
52To have the patch automatically included in the stable tree, add the tag
53
54.. code-block:: none
55
56     Cc: stable@vger.kernel.org
57
58in the sign-off area. Once the patch is merged it will be applied to
59the stable tree without anything else needing to be done by the author
60or subsystem maintainer.
61
62.. _option_2:
63
64Option 2
65********
66
67After the patch has been merged to Linus' tree, send an email to
68stable@vger.kernel.org containing the subject of the patch, the commit ID,
69why you think it should be applied, and what kernel version you wish it to
70be applied to.
71
72.. _option_3:
73
74Option 3
75********
76
77Send the patch, after verifying that it follows the above rules, to
78stable@vger.kernel.org.  You must note the upstream commit ID in the
79changelog of your submission, as well as the kernel version you wish
80it to be applied to.
81
82:ref:`option_1` is **strongly** preferred, is the easiest and most common.
83:ref:`option_2` and :ref:`option_3` are more useful if the patch isn't deemed
84worthy at the time it is applied to a public git tree (for instance, because
85it deserves more regression testing first).  :ref:`option_3` is especially
86useful if the original upstream patch needs to be backported (for example
87the backport needs some special handling due to e.g. API changes).
88
89Note that for :ref:`option_3`, if the patch deviates from the original
90upstream patch (for example because it had to be backported) this must be very
91clearly documented and justified in the patch description.
92
93The upstream commit ID must be specified with a separate line above the commit
94text, like this:
95
96.. code-block:: none
97
98    commit <sha1> upstream.
99
100or alternatively:
101
102.. code-block:: none
103
104    [ Upstream commit <sha1> ]
105
106Additionally, some patches submitted via :ref:`option_1` may have additional
107patch prerequisites which can be cherry-picked. This can be specified in the
108following format in the sign-off area:
109
110.. code-block:: none
111
112     Cc: <stable@vger.kernel.org> # 3.3.x: a1f84a3: sched: Check for idle
113     Cc: <stable@vger.kernel.org> # 3.3.x: 1b9508f: sched: Rate-limit newidle
114     Cc: <stable@vger.kernel.org> # 3.3.x: fd21073: sched: Fix affinity logic
115     Cc: <stable@vger.kernel.org> # 3.3.x
116     Signed-off-by: Ingo Molnar <mingo@elte.hu>
117
118The tag sequence has the meaning of:
119
120.. code-block:: none
121
122     git cherry-pick a1f84a3
123     git cherry-pick 1b9508f
124     git cherry-pick fd21073
125     git cherry-pick <this commit>
126
127Also, some patches may have kernel version prerequisites.  This can be
128specified in the following format in the sign-off area:
129
130.. code-block:: none
131
132     Cc: <stable@vger.kernel.org> # 3.3.x
133
134The tag has the meaning of:
135
136.. code-block:: none
137
138     git cherry-pick <this commit>
139
140For each "-stable" tree starting with the specified version.
141
142Following the submission:
143
144 - The sender will receive an ACK when the patch has been accepted into the
145   queue, or a NAK if the patch is rejected.  This response might take a few
146   days, according to the developer's schedules.
147 - If accepted, the patch will be added to the -stable queue, for review by
148   other developers and by the relevant subsystem maintainer.
149
150
151Review cycle
152------------
153
154 - When the -stable maintainers decide for a review cycle, the patches will be
155   sent to the review committee, and the maintainer of the affected area of
156   the patch (unless the submitter is the maintainer of the area) and CC: to
157   the linux-kernel mailing list.
158 - The review committee has 48 hours in which to ACK or NAK the patch.
159 - If the patch is rejected by a member of the committee, or linux-kernel
160   members object to the patch, bringing up issues that the maintainers and
161   members did not realize, the patch will be dropped from the queue.
162 - The ACKed patches will be posted again as part of release candidate (-rc)
163   to be tested by developers and testers.
164 - Usually only one -rc release is made, however if there are any outstanding
165   issues, some patches may be modified or dropped or additional patches may
166   be queued. Additional -rc releases are then released and tested until no
167   issues are found.
168 - Responding to the -rc releases can be done on the mailing list by sending
169   a "Tested-by:" email with any testing information desired. The "Tested-by:"
170   tags will be collected and added to the release commit.
171 - At the end of the review cycle, the new -stable release will be released
172   containing all the queued and tested patches.
173 - Security patches will be accepted into the -stable tree directly from the
174   security kernel team, and not go through the normal review cycle.
175   Contact the kernel security team for more details on this procedure.
176
177Trees
178-----
179
180 - The queues of patches, for both completed versions and in progress
181   versions can be found at:
182
183	https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git
184
185 - The finalized and tagged releases of all stable kernels can be found
186   in separate branches per version at:
187
188	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
189
190 - The release candidate of all stable kernel versions can be found at:
191
192        https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/
193
194   .. warning::
195      The -stable-rc tree is a snapshot in time of the stable-queue tree and
196      will change frequently, hence will be rebased often. It should only be
197      used for testing purposes (e.g. to be consumed by CI systems).
198
199
200Review committee
201----------------
202
203 - This is made up of a number of kernel developers who have volunteered for
204   this task, and a few that haven't.
205