On Sun, 5 Mar 2023 23:00:04 +0100, Vegard Nossum wrote: > Jiri Kosina, Jonathan Corbet, and Willy Tarreau all expressed a desire > to move this document under process/. > > Create a new section for security issues in the index and group it with > embargoed-hardware-issues. > > I'm doing this at the start of the series to make all the subsequent > changes show up in 'git blame'. > > Existing references were updated using: > > git grep -l security-bugs ':!Documentation/translations/' | xargs sed -i 's|admin-guide/security-bugs|process/security-bugs|g' > git grep -l security-bugs Documentation/translations/ | xargs sed -i 's|Documentation/admin-guide/security-bugs|Documentation/process/security-bugs|g' > git grep -l security-bugs Documentation/translations/ | xargs sed -i '/Original:/s|\.\./admin-guide/security-bugs|\.\./process/security-bugs|g' > > Notably, the page is not moved in the translations (due to my lack of > knowledge of these languages), but the translations have been updated > to point to the new location of the original document where these > references exist. > > Link: https://lore.kernel.org/all/nycvar.YFH.7.76.2206062326230.10851@xxxxxxxxxxxxx/ > Suggested-by: Jiri Kosina <jikos@xxxxxxxxxx> > Cc: Alex Shi <alexs@xxxxxxxxxx> > Cc: Yanteng Si <siyanteng@xxxxxxxxxxx> > Cc: Hu Haowen <src.res@xxxxxxxx> > Cc: Federico Vaga <federico.vaga@xxxxxxxxxx> > Cc: Tsugikazu Shibata <tshibata@xxxxxxxxxxxxx> > Cc: Minchan Kim <minchan@xxxxxxxxxx> > Cc: Jeimi Lee <jamee.lee@xxxxxxxxxxx> > Cc: Carlos Bilbao <carlos.bilbao@xxxxxxx> > Cc: Akira Yokosawa <akiyks@xxxxxxxxx> > Signed-off-by: Vegard Nossum <vegard.nossum@xxxxxxxxxx> > --- > Documentation/admin-guide/index.rst | 1 - > Documentation/admin-guide/reporting-issues.rst | 4 ++-- > Documentation/process/howto.rst | 2 +- > Documentation/process/index.rst | 9 ++++++++- > Documentation/process/researcher-guidelines.rst | 2 +- > Documentation/{admin-guide => process}/security-bugs.rst | 0 > Documentation/process/stable-kernel-rules.rst | 2 +- > Documentation/process/submitting-patches.rst | 2 +- > .../translations/it_IT/admin-guide/security-bugs.rst | 2 +- > .../translations/it_IT/process/submitting-patches.rst | 2 +- > Documentation/translations/ja_JP/howto.rst | 2 +- For ja_JP part: Reviewed-by: Akira Yokosawa <akiyks@xxxxxxxxx> > Documentation/translations/ko_KR/howto.rst | 2 +- > Documentation/translations/sp_SP/howto.rst | 2 +- > .../translations/sp_SP/process/submitting-patches.rst | 2 +- > .../translations/zh_CN/admin-guide/security-bugs.rst | 2 +- > Documentation/translations/zh_CN/process/howto.rst | 2 +- > .../translations/zh_TW/admin-guide/security-bugs.rst | 2 +- > Documentation/translations/zh_TW/process/howto.rst | 2 +- > MAINTAINERS | 4 ++-- > 19 files changed, 26 insertions(+), 20 deletions(-) > rename Documentation/{admin-guide => process}/security-bugs.rst (100%) > > diff --git a/Documentation/admin-guide/index.rst b/Documentation/admin-guide/index.rst > index 0ad7e7ec0d27..09a563bbe3e7 100644 > --- a/Documentation/admin-guide/index.rst > +++ b/Documentation/admin-guide/index.rst > @@ -36,7 +36,6 @@ problems and bugs in particular. > > reporting-issues > reporting-regressions > - security-bugs > bug-hunting > bug-bisect > tainted-kernels > diff --git a/Documentation/admin-guide/reporting-issues.rst b/Documentation/admin-guide/reporting-issues.rst > index ec62151fe672..2fd5a030235a 100644 > --- a/Documentation/admin-guide/reporting-issues.rst > +++ b/Documentation/admin-guide/reporting-issues.rst > @@ -395,7 +395,7 @@ might want to be aware of; it for example explains how to add your issue to the > list of tracked regressions, to ensure it won't fall through the cracks. > > What qualifies as security issue is left to your judgment. Consider reading > -Documentation/admin-guide/security-bugs.rst before proceeding, as it > +Documentation/process/security-bugs.rst before proceeding, as it > provides additional details how to best handle security issues. > > An issue is a 'really severe problem' when something totally unacceptably bad > @@ -1269,7 +1269,7 @@ them when sending the report by mail. If you filed it in a bug tracker, forward > the report's text to these addresses; but on top of it put a small note where > you mention that you filed it with a link to the ticket. > > -See Documentation/admin-guide/security-bugs.rst for more information. > +See Documentation/process/security-bugs.rst for more information. > > > Duties after the report went out > diff --git a/Documentation/process/howto.rst b/Documentation/process/howto.rst > index cb6abcb2b6d0..deb8235e20ff 100644 > --- a/Documentation/process/howto.rst > +++ b/Documentation/process/howto.rst > @@ -138,7 +138,7 @@ required reading: > philosophy and is very important for people moving to Linux from > development on other Operating Systems. > > - :ref:`Documentation/admin-guide/security-bugs.rst <securitybugs>` > + :ref:`Documentation/process/security-bugs.rst <securitybugs>` > If you feel you have found a security problem in the Linux kernel, > please follow the steps in this document to help notify the kernel > developers, and help solve the issue. > diff --git a/Documentation/process/index.rst b/Documentation/process/index.rst > index d4b6217472b0..565df595152e 100644 > --- a/Documentation/process/index.rst > +++ b/Documentation/process/index.rst > @@ -35,6 +35,14 @@ Below are the essential guides that every developer should read. > kernel-enforcement-statement > kernel-driver-statement > > +For security issues, see: > + > +.. toctree:: > + :maxdepth: 1 > + > + security-bugs > + embargoed-hardware-issues > + > Other guides to the community that are of interest to most developers are: > > .. toctree:: > @@ -47,7 +55,6 @@ Other guides to the community that are of interest to most developers are: > submit-checklist > kernel-docs > deprecated > - embargoed-hardware-issues > maintainers > researcher-guidelines > > diff --git a/Documentation/process/researcher-guidelines.rst b/Documentation/process/researcher-guidelines.rst > index afc944e0e898..9fcfed3c350b 100644 > --- a/Documentation/process/researcher-guidelines.rst > +++ b/Documentation/process/researcher-guidelines.rst > @@ -68,7 +68,7 @@ Before contributing, carefully read the appropriate documentation: > * Documentation/process/development-process.rst > * Documentation/process/submitting-patches.rst > * Documentation/admin-guide/reporting-issues.rst > -* Documentation/admin-guide/security-bugs.rst > +* Documentation/process/security-bugs.rst > > Then send a patch (including a commit log with all the details listed > below) and follow up on any feedback from other developers. > diff --git a/Documentation/admin-guide/security-bugs.rst b/Documentation/process/security-bugs.rst > similarity index 100% > rename from Documentation/admin-guide/security-bugs.rst > rename to Documentation/process/security-bugs.rst > diff --git a/Documentation/process/stable-kernel-rules.rst b/Documentation/process/stable-kernel-rules.rst > index 2fd8aa593a28..51df1197d5ab 100644 > --- a/Documentation/process/stable-kernel-rules.rst > +++ b/Documentation/process/stable-kernel-rules.rst > @@ -39,7 +39,7 @@ Procedure for submitting patches to the -stable tree > > Security patches should not be handled (solely) by the -stable review > process but should follow the procedures in > - :ref:`Documentation/admin-guide/security-bugs.rst <securitybugs>`. > + :ref:`Documentation/process/security-bugs.rst <securitybugs>`. > > For all other submissions, choose one of the following procedures > ----------------------------------------------------------------- > diff --git a/Documentation/process/submitting-patches.rst b/Documentation/process/submitting-patches.rst > index eac7167dce83..7b223f306efa 100644 > --- a/Documentation/process/submitting-patches.rst > +++ b/Documentation/process/submitting-patches.rst > @@ -254,7 +254,7 @@ If you have a patch that fixes an exploitable security bug, send that patch > to security@xxxxxxxxxx. For severe bugs, a short embargo may be considered > to allow distributors to get the patch out to users; in such cases, > obviously, the patch should not be sent to any public lists. See also > -Documentation/admin-guide/security-bugs.rst. > +Documentation/process/security-bugs.rst. > > Patches that fix a severe bug in a released kernel should be directed > toward the stable maintainers by putting a line like this:: > diff --git a/Documentation/translations/it_IT/admin-guide/security-bugs.rst b/Documentation/translations/it_IT/admin-guide/security-bugs.rst > index 18a5822c7d9a..20994f4bfa31 100644 > --- a/Documentation/translations/it_IT/admin-guide/security-bugs.rst > +++ b/Documentation/translations/it_IT/admin-guide/security-bugs.rst > @@ -1,6 +1,6 @@ > .. include:: ../disclaimer-ita.rst > > -:Original: :ref:`Documentation/admin-guide/security-bugs.rst <securitybugs>` > +:Original: :ref:`Documentation/process/security-bugs.rst <securitybugs>` > > .. _it_securitybugs: > > diff --git a/Documentation/translations/it_IT/process/submitting-patches.rst b/Documentation/translations/it_IT/process/submitting-patches.rst > index c2cfa0948b2b..167fce813032 100644 > --- a/Documentation/translations/it_IT/process/submitting-patches.rst > +++ b/Documentation/translations/it_IT/process/submitting-patches.rst > @@ -272,7 +272,7 @@ embargo potrebbe essere preso in considerazione per dare il tempo alle > distribuzioni di prendere la patch e renderla disponibile ai loro utenti; > in questo caso, ovviamente, la patch non dovrebbe essere inviata su alcuna > lista di discussione pubblica. Leggete anche > -Documentation/admin-guide/security-bugs.rst. > +Documentation/process/security-bugs.rst. > > Patch che correggono bachi importanti su un kernel già rilasciato, dovrebbero > essere inviate ai manutentori dei kernel stabili aggiungendo la seguente riga:: > diff --git a/Documentation/translations/ja_JP/howto.rst b/Documentation/translations/ja_JP/howto.rst > index 9b0b3436dfcf..8d856ebe873c 100644 > --- a/Documentation/translations/ja_JP/howto.rst > +++ b/Documentation/translations/ja_JP/howto.rst > @@ -167,7 +167,7 @@ linux-api@xxxxxxxxxxxxxxx に送ることを勧めます。 > このドキュメントは Linux 開発の思想を理解するのに非常に重要です。 > そして、他のOSでの開発者が Linux に移る時にとても重要です。 > > - :ref:`Documentation/admin-guide/security-bugs.rst <securitybugs>` > + :ref:`Documentation/process/security-bugs.rst <securitybugs>` > もし Linux カーネルでセキュリティ問題を発見したように思ったら、こ > のドキュメントのステップに従ってカーネル開発者に連絡し、問題解決を > 支援してください。 > diff --git a/Documentation/translations/ko_KR/howto.rst b/Documentation/translations/ko_KR/howto.rst > index 969e91a95bb0..34f14899c155 100644 > --- a/Documentation/translations/ko_KR/howto.rst > +++ b/Documentation/translations/ko_KR/howto.rst > @@ -157,7 +157,7 @@ mtk.manpages@xxxxxxxxx의 메인테이너에게 보낼 것을 권장한다. > 리눅스로 전향하는 사람들에게는 매우 중요하다. > > > - :ref:`Documentation/admin-guide/security-bugs.rst <securitybugs>` > + :ref:`Documentation/process/security-bugs.rst <securitybugs>` > 여러분들이 리눅스 커널의 보안 문제를 발견했다고 생각한다면 이 문서에 > 나온 단계에 따라서 커널 개발자들에게 알리고 그 문제를 해결할 수 있도록 > 도와 달라. > diff --git a/Documentation/translations/sp_SP/howto.rst b/Documentation/translations/sp_SP/howto.rst > index f9818d687b54..f1629738b49d 100644 > --- a/Documentation/translations/sp_SP/howto.rst > +++ b/Documentation/translations/sp_SP/howto.rst > @@ -135,7 +135,7 @@ de obligada lectura: > de Linux y es muy importante para las personas que se mudan a Linux > tras desarrollar otros sistemas operativos. > > - :ref:`Documentation/admin-guide/security-bugs.rst <securitybugs>` > + :ref:`Documentation/process/security-bugs.rst <securitybugs>` > Si cree que ha encontrado un problema de seguridad en el kernel de > Linux, siga los pasos de este documento para ayudar a notificar a los > desarrolladores del kernel y ayudar a resolver el problema. > diff --git a/Documentation/translations/sp_SP/process/submitting-patches.rst b/Documentation/translations/sp_SP/process/submitting-patches.rst > index bf95ceb5e865..c2757d9ab216 100644 > --- a/Documentation/translations/sp_SP/process/submitting-patches.rst > +++ b/Documentation/translations/sp_SP/process/submitting-patches.rst > @@ -276,7 +276,7 @@ parche a security@xxxxxxxxxx. Para errores graves, se debe mantener un > poco de discreción y permitir que los distribuidores entreguen el parche a > los usuarios; en esos casos, obviamente, el parche no debe enviarse a > ninguna lista pública. Revise también > -Documentation/admin-guide/security-bugs.rst. > +Documentation/process/security-bugs.rst. > > Los parches que corrigen un error grave en un kernel en uso deben dirigirse > hacia los maintainers estables poniendo una línea como esta:: > diff --git a/Documentation/translations/zh_CN/admin-guide/security-bugs.rst b/Documentation/translations/zh_CN/admin-guide/security-bugs.rst > index b8120391755d..d6b8f8a4e7f6 100644 > --- a/Documentation/translations/zh_CN/admin-guide/security-bugs.rst > +++ b/Documentation/translations/zh_CN/admin-guide/security-bugs.rst > @@ -1,6 +1,6 @@ > .. include:: ../disclaimer-zh_CN.rst > > -:Original: :doc:`../../../admin-guide/security-bugs` > +:Original: :doc:`../../../process/security-bugs` > > :译者: > > diff --git a/Documentation/translations/zh_CN/process/howto.rst b/Documentation/translations/zh_CN/process/howto.rst > index 10254751df6a..cc47be356dd3 100644 > --- a/Documentation/translations/zh_CN/process/howto.rst > +++ b/Documentation/translations/zh_CN/process/howto.rst > @@ -125,7 +125,7 @@ Linux内核代码中包含有大量的文档。这些文档对于学习如何与 > 这篇文档对于理解Linux的开发哲学至关重要。对于将开发平台从其他操作系 > 统转移到Linux的人来说也很重要。 > > - :ref:`Documentation/admin-guide/security-bugs.rst <securitybugs>` > + :ref:`Documentation/process/security-bugs.rst <securitybugs>` > 如果你认为自己发现了Linux内核的安全性问题,请根据这篇文档中的步骤来 > 提醒其他内核开发者并帮助解决这个问题。 > > diff --git a/Documentation/translations/zh_TW/admin-guide/security-bugs.rst b/Documentation/translations/zh_TW/admin-guide/security-bugs.rst > index eed260ef0c37..15f8e9005071 100644 > --- a/Documentation/translations/zh_TW/admin-guide/security-bugs.rst > +++ b/Documentation/translations/zh_TW/admin-guide/security-bugs.rst > @@ -2,7 +2,7 @@ > > .. include:: ../disclaimer-zh_TW.rst > > -:Original: :doc:`../../../admin-guide/security-bugs` > +:Original: :doc:`../../../process/security-bugs` > > :譯者: > > diff --git a/Documentation/translations/zh_TW/process/howto.rst b/Documentation/translations/zh_TW/process/howto.rst > index 8fb8edcaee66..ea2f468d3e58 100644 > --- a/Documentation/translations/zh_TW/process/howto.rst > +++ b/Documentation/translations/zh_TW/process/howto.rst > @@ -128,7 +128,7 @@ Linux內核代碼中包含有大量的文檔。這些文檔對於學習如何與 > 這篇文檔對於理解Linux的開發哲學至關重要。對於將開發平台從其他操作系 > 統轉移到Linux的人來說也很重要。 > > - :ref:`Documentation/admin-guide/security-bugs.rst <securitybugs>` > + :ref:`Documentation/process/security-bugs.rst <securitybugs>` > 如果你認爲自己發現了Linux內核的安全性問題,請根據這篇文檔中的步驟來 > 提醒其他內核開發者並幫助解決這個問題。 > > diff --git a/MAINTAINERS b/MAINTAINERS > index b0db911207ba..ed84d41353a7 100644 > --- a/MAINTAINERS > +++ b/MAINTAINERS > @@ -73,7 +73,7 @@ Tips for patch submitters > and ideally, should come with a patch proposal. Please do not send > automated reports to this list either. Such bugs will be handled > better and faster in the usual public places. See > - Documentation/admin-guide/security-bugs.rst for details. > + Documentation/process/security-bugs.rst for details. > > 8. Happy hacking. > > @@ -18807,7 +18807,7 @@ F: include/uapi/linux/sed* > SECURITY CONTACT > M: Security Officers <security@xxxxxxxxxx> > S: Supported > -F: Documentation/admin-guide/security-bugs.rst > +F: Documentation/process/security-bugs.rst > > SECURITY SUBSYSTEM > M: Paul Moore <paul@xxxxxxxxxxxxxx>