From: Greg KH <greg@kroah.com>
To: Jonathan Corbet <corbet@lwn.net>
Cc: Willy Tarreau <w@1wt.eu>, Leon Romanovsky <leon@kernel.org>,
skhan@linuxfoundation.org, security@kernel.org,
workflows@vger.kernel.org, linux-doc@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3 3/3] Documentation: security-bugs: clarify requirements for AI-assisted reports
Date: Wed, 13 May 2026 12:30:10 +0200 [thread overview]
Message-ID: <2026051353-apricot-kleenex-fa57@gregkh> (raw)
In-Reply-To: <87se7wo861.fsf@trenco.lwn.net>
On Tue, May 12, 2026 at 11:21:42AM -0600, Jonathan Corbet wrote:
> Willy Tarreau <w@1wt.eu> writes:
>
> > AI tools are increasingly used to assist in bug discovery. While these
> > tools can identify valid issues, reports that are submitted without
> > manual verification often lack context, contain speculative impact
> > assessments, or include unnecessary formatting. Such reports increase
> > triage effort, waste maintainers' time and may be ignored.
> >
> > Reports where the reporter has verified the issue and the proposed fix
> > typically meet quality standards. This documentation outlines specific
> > requirements for length, formatting, and impact evaluation to reduce
> > the effort needed to deal with these reports.
> >
> > Cc: Greg KH <gregkh@linuxfoundation.org>
> > Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> > Reviewed-by: Leon Romanovsky <leon@kernel.org>
> > Signed-off-by: Willy Tarreau <w@1wt.eu>
> > ---
> > Documentation/process/security-bugs.rst | 57 +++++++++++++++++++++++++
> > 1 file changed, 57 insertions(+)
>
> One nit:
>
> > + * **Impact Evaluation**: Many AI-generated reports lack an understanding of
> > + the kernel's threat model and go to great lengths inventing theoretical
> > + consequences.
>
> If only we had a shiny new document describing that threat model that we
> could reference here... :)
Ah yes, a link to that would make things better, but don't we have that
elsewhere in this series?
thanks,
greg k-h
next prev parent reply other threads:[~2026-05-13 10:35 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-09 9:47 [PATCH v3 0/3] Documentation: security-bugs: new updates covering triage and AI Willy Tarreau
2026-05-09 9:47 ` [PATCH v3 1/3] Documentation: security-bugs: do not systematically Cc the security team Willy Tarreau
2026-05-09 9:47 ` [PATCH v3 2/3] Documentation: security-bugs: explain what is and is not a security bug Willy Tarreau
2026-05-09 19:51 ` Shuah Khan
2026-05-11 17:28 ` Greg KH
2026-05-11 18:03 ` Willy Tarreau
2026-05-11 18:39 ` Jonathan Corbet
2026-05-11 20:26 ` Willy Tarreau
2026-05-11 20:42 ` Jonathan Corbet
2026-05-12 5:46 ` Greg KH
2026-05-12 5:54 ` Willy Tarreau
2026-05-12 17:20 ` Jonathan Corbet
2026-05-13 10:29 ` Greg KH
2026-05-13 11:23 ` Willy Tarreau
2026-05-13 12:52 ` Jonathan Corbet
2026-05-13 13:00 ` Willy Tarreau
2026-05-13 21:04 ` Jonathan Corbet
2026-05-14 4:32 ` Willy Tarreau
2026-05-14 12:22 ` Jonathan Corbet
2026-05-14 13:13 ` Willy Tarreau
2026-05-09 9:47 ` [PATCH v3 3/3] Documentation: security-bugs: clarify requirements for AI-assisted reports Willy Tarreau
2026-05-12 17:21 ` Jonathan Corbet
2026-05-13 10:30 ` Greg KH [this message]
2026-05-13 11:24 ` Willy Tarreau
2026-05-13 12:53 ` Jonathan Corbet
2026-05-13 12:58 ` Willy Tarreau
2026-05-13 21:02 ` Jonathan Corbet
2026-05-14 4:34 ` Willy Tarreau
2026-05-14 7:23 ` Greg KH
2026-05-09 10:52 ` [PATCH v3 0/3] Documentation: security-bugs: new updates covering triage and AI Leon Romanovsky
2026-05-09 10:56 ` Willy Tarreau
2026-05-12 17:14 ` Jonathan Corbet
2026-05-12 19:13 ` Willy Tarreau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2026051353-apricot-kleenex-fa57@gregkh \
--to=greg@kroah.com \
--cc=corbet@lwn.net \
--cc=leon@kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=security@kernel.org \
--cc=skhan@linuxfoundation.org \
--cc=w@1wt.eu \
--cc=workflows@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.