Documentation/process/embargoed-hardware-issues.rst

7 -----
23 -------
31 Linux kernel security team (:ref:`Documentation/admin-guide/
34 The team can be contacted by email at <hardware-security@kernel.org>. This
43   - PGP: https://www.kernel.org/static/files/hardware-security.asc
44   - S/MIME: https://www.kernel.org/static/files/hardware-security.crt
55   - Linus Torvalds (Linux Foundation Fellow)
56   - Greg Kroah-Hartman (Linux Foundation Fellow)
57   - Thomas Gleixner (Linux Foundation Fellow)
59 Operation of mailing-lists
62 The encrypted mailing-lists which are used in our process are hosted on
74 Non-disclosure agreements
75 -------------------------
78 unable to enter into any non-disclosure agreements.  The kernel community
84 ---------------------------
118 face-to-face meetings are almost impossible to address hardware security
135 The hardware security team will provide an incident-specific encrypted
148 While individual developers might be covered by a non-disclosure agreement
149 via their employer, they cannot enter individual non-disclosure agreements
157  - The list of disclosed entities allows communication across the
160  - The disclosed entities can be contacted to name experts who should
163  - If an expert who is required to handle an issue is employed by a listed
172 team via the specific encrypted mailing-list.
181 The initial response team sets up an encrypted mailing-list or repurposes
190 a non-public git repository which is only accessible to the participating
220 (e.g. employer build farms, CI systems, etc) when working on patches.
230 industry partners on testing, validation, and logistics, the following
259 relevant kernel trees.  There is no pre-notification process: the
267 dates or other non-technical reasons creates more work and burden for the
281 -------------------
297   RISC-V	Palmer Dabbelt <palmer@dabbelt.com>
304   Debian	Ben Hutchings <ben@decadent.org.uk>
316 understand and support our process fully and is ideally well-connected in
319 Encrypted mailing-lists
320 -----------------------
325 software decrypts the email and re-encrypts it individually for each
338 Subscription to incident-specific lists
341 Subscription to incident-specific lists is handled by the response teams.
354 email from the mailing-list which is signed either with the list's PGP key