Documentation/process/embargoed-hardware-issues.rst

Source file repositories/reference/linux-study-clean/Documentation/process/embargoed-hardware-issues.rst

File Facts

System
Linux kernel
Corpus path
Documentation/process/embargoed-hardware-issues.rst
Extension
.rst
Size
15682 bytes
Lines
359
Domain
Support Tooling And Documentation
Bucket
Documentation
Inferred role
Support Tooling And Documentation: documentation
Status
atlas-only

Why This File Exists

Repository support layer: documentation, build tooling, samples, user-space helper tools, generated initramfs support, licenses, and validation utilities.

Dependency Surface

Detected Declarations

Annotated Snippet

.. _embargoed_hardware_issues:

Embargoed hardware issues
=========================

Scope
-----

Hardware issues which result in security problems are a different category
of security bugs than pure software bugs which only affect the Linux
kernel.

Hardware issues like Meltdown, Spectre, L1TF etc. must be treated
differently because they usually affect all Operating Systems ("OS") and
therefore need coordination across different OS vendors, distributions,
silicon vendors, hardware integrators, and other parties. For some of the
issues, software mitigations can depend on microcode or firmware updates,
which need further coordination.

.. _Contact:

Contact
-------

The Linux kernel hardware security team is separate from the regular Linux
kernel security team.

The team only handles developing fixes for embargoed hardware security
issues. Reports of pure software security bugs in the Linux kernel are not
handled by this team and the reporter will be guided to contact the regular
Linux kernel security team (:ref:`Documentation/admin-guide/
<securitybugs>`) instead.

The team can be contacted by email at <hardware-security@kernel.org>. This
is a private list of security officers who will help you coordinate a fix
according to our documented process.

The list is encrypted and email to the list can be sent by either PGP or
S/MIME encrypted and must be signed with the reporter's PGP key or S/MIME
certificate. The list's PGP key and S/MIME certificate are available from
the following URLs:

  - PGP: https://www.kernel.org/static/files/hardware-security.asc
  - S/MIME: https://www.kernel.org/static/files/hardware-security.crt

While hardware security issues are often handled by the affected silicon
vendor, we welcome contact from researchers or individuals who have
identified a potential hardware flaw.

Hardware security officers
^^^^^^^^^^^^^^^^^^^^^^^^^^

The current team of hardware security officers:

  - Linus Torvalds (Linux Foundation Fellow)
  - Greg Kroah-Hartman (Linux Foundation Fellow)
  - Thomas Gleixner (Linux Foundation Fellow)

Operation of mailing-lists
^^^^^^^^^^^^^^^^^^^^^^^^^^

The encrypted mailing-lists which are used in our process are hosted on
Linux Foundation's IT infrastructure. By providing this service, members
of Linux Foundation's IT operations personnel technically have the
ability to access the embargoed information, but are obliged to
confidentiality by their employment contract. Linux Foundation IT
personnel are also responsible for operating and managing the rest of
kernel.org's infrastructure.

The Linux Foundation's current director of IT Project infrastructure is

Annotation

Implementation Notes