Back to home page

OSCL-LXR
 
 

     

0001 .. SPDX-License-Identifier: GPL-2.0
0002 
0003 .. _researcher_guidelines:
0004 
0005 Researcher Guidelines
0006 +++++++++++++++++++++
0007 
0008 The Linux kernel community welcomes transparent research on the Linux
0009 kernel, the activities involved in producing it, and any other byproducts
0010 of its development. Linux benefits greatly from this kind of research, and
0011 most aspects of Linux are driven by research in one form or another.
0012 
0013 The community greatly appreciates if researchers can share preliminary
0014 findings before making their results public, especially if such research
0015 involves security. Getting involved early helps both improve the quality
0016 of research and ability for Linux to improve from it. In any case,
0017 sharing open access copies of the published research with the community
0018 is recommended.
0019 
0020 This document seeks to clarify what the Linux kernel community considers
0021 acceptable and non-acceptable practices when conducting such research. At
0022 the very least, such research and related activities should follow
0023 standard research ethics rules. For more background on research ethics
0024 generally, ethics in technology, and research of developer communities
0025 in particular, see:
0026 
0027 * `History of Research Ethics <https://www.unlv.edu/research/ORI-HSR/history-ethics>`_
0028 * `IEEE Ethics <https://www.ieee.org/about/ethics/index.html>`_
0029 * `Developer and Researcher Views on the Ethics of Experiments on Open-Source Projects <https://arxiv.org/pdf/2112.13217.pdf>`_
0030 
0031 The Linux kernel community expects that everyone interacting with the
0032 project is participating in good faith to make Linux better. Research on
0033 any publicly-available artifact (including, but not limited to source
0034 code) produced by the Linux kernel community is welcome, though research
0035 on developers must be distinctly opt-in.
0036 
0037 Passive research that is based entirely on publicly available sources,
0038 including posts to public mailing lists and commits to public
0039 repositories, is clearly permissible. Though, as with any research,
0040 standard ethics must still be followed.
0041 
0042 Active research on developer behavior, however, must be done with the
0043 explicit agreement of, and full disclosure to, the individual developers
0044 involved. Developers cannot be interacted with/experimented on without
0045 consent; this, too, is standard research ethics.
0046 
0047 To help clarify: sending patches to developers *is* interacting
0048 with them, but they have already consented to receiving *good faith
0049 contributions*. Sending intentionally flawed/vulnerable patches or
0050 contributing misleading information to discussions is not consented
0051 to. Such communication can be damaging to the developer (e.g. draining
0052 time, effort, and morale) and damaging to the project by eroding
0053 the entire developer community's trust in the contributor (and the
0054 contributor's organization as a whole), undermining efforts to provide
0055 constructive feedback to contributors, and putting end users at risk of
0056 software flaws.
0057 
0058 Participation in the development of Linux itself by researchers, as
0059 with anyone, is welcomed and encouraged. Research into Linux code is
0060 a common practice, especially when it comes to developing or running
0061 analysis tools that produce actionable results.
0062 
0063 When engaging with the developer community, sending a patch has
0064 traditionally been the best way to make an impact. Linux already has
0065 plenty of known bugs -- what's much more helpful is having vetted fixes.
0066 Before contributing, carefully read the appropriate documentation:
0067 
0068 * Documentation/process/development-process.rst
0069 * Documentation/process/submitting-patches.rst
0070 * Documentation/admin-guide/reporting-issues.rst
0071 * Documentation/admin-guide/security-bugs.rst
0072 
0073 Then send a patch (including a commit log with all the details listed
0074 below) and follow up on any feedback from other developers.
0075 
0076 When sending patches produced from research, the commit logs should
0077 contain at least the following details, so that developers have
0078 appropriate context for understanding the contribution. Answer:
0079 
0080 * What is the specific problem that has been found?
0081 * How could the problem be reached on a running system?
0082 * What effect would encountering the problem have on the system?
0083 * How was the problem found? Specifically include details about any
0084   testing, static or dynamic analysis programs, and any other tools or
0085   methods used to perform the work.
0086 * Which version of Linux was the problem found on? Using the most recent
0087   release or a recent linux-next branch is strongly preferred (see
0088   Documentation/process/howto.rst).
0089 * What was changed to fix the problem, and why it is believed to be correct?
0090 * How was the change build tested and run-time tested?
0091 * What prior commit does this change fix? This should go in a "Fixes:"
0092   tag as the documentation describes.
0093 * Who else has reviewed this patch? This should go in appropriate
0094   "Reviewed-by:" tags; see below.
0095 
0096 For example::
0097 
0098   From: Author <author@email>
0099   Subject: [PATCH] drivers/foo_bar: Add missing kfree()
0100 
0101   The error path in foo_bar driver does not correctly free the allocated
0102   struct foo_bar_info. This can happen if the attached foo_bar device
0103   rejects the initialization packets sent during foo_bar_probe(). This
0104   would result in a 64 byte slab memory leak once per device attach,
0105   wasting memory resources over time.
0106 
0107   This flaw was found using an experimental static analysis tool we are
0108   developing, LeakMagic[1], which reported the following warning when
0109   analyzing the v5.15 kernel release:
0110 
0111    path/to/foo_bar.c:187: missing kfree() call?
0112 
0113   Add the missing kfree() to the error path. No other references to
0114   this memory exist outside the probe function, so this is the only
0115   place it can be freed.
0116 
0117   x86_64 and arm64 defconfig builds with CONFIG_FOO_BAR=y using GCC
0118   11.2 show no new warnings, and LeakMagic no longer warns about this
0119   code path. As we don't have a FooBar device to test with, no runtime
0120   testing was able to be performed.
0121 
0122   [1] https://url/to/leakmagic/details
0123 
0124   Reported-by: Researcher <researcher@email>
0125   Fixes: aaaabbbbccccdddd ("Introduce support for FooBar")
0126   Signed-off-by: Author <author@email>
0127   Reviewed-by: Reviewer <reviewer@email>
0128 
0129 If you are a first time contributor it is recommended that the patch
0130 itself be vetted by others privately before being posted to public lists.
0131 (This is required if you have been explicitly told your patches need
0132 more careful internal review.) These people are expected to have their
0133 "Reviewed-by" tag included in the resulting patch. Finding another
0134 developer familiar with Linux contribution, especially within your own
0135 organization, and having them help with reviews before sending them to
0136 the public mailing lists tends to significantly improve the quality of the
0137 resulting patches, and there by reduces the burden on other developers.
0138 
0139 If no one can be found to internally review patches and you need
0140 help finding such a person, or if you have any other questions
0141 related to this document and the developer community's expectations,
0142 please reach out to the private Technical Advisory Board mailing list:
0143 <tech-board@lists.linux-foundation.org>.
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!