codemadness.org

		kernel_org.atom.xml - sfeed_tests - sfeed tests and RSS and Atom files
		git clone git://git.codemadness.org/sfeed_tests (git://git.codemadness.org)
		Log
		Files
		Refs
		README
		LICENSE
		---
		kernel_org.atom.xml (99877B)
		---
		1 <?xml version="1.0" encoding="utf-8"?>
		2 <feed xmlns="http://www.w3.org/2005/Atom"><title>The Linux Kernel Archives</title><link href="https://www.kernel.org/" rel="alternate"></link><link href="https://www.kernel.org/feeds/all.atom.xml" rel="self"></link><id>https://www.kernel.org/</id><updated>2020-07-02T16:50:07+00:00</updated><entry><title>Active kernel releases</title><link href="https://www.kernel.org/releases.html" rel="alternate"></link><published>2020-07-02T16:50:07+00:00</published><updated>2020-07-02T16:50:07+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2020-07-02:releases.html</id><summary type="html"><p>There are several main categories into which kernel releases may fall:</p>
		3 <dl class="docutils">
		4 <dt>Prepatch</dt>
		5 <dd>Prepatch or &quot;RC&quot; kernels are mainline kernel pre-releases that are
		6 mostly aimed at other kernel developers and Linux enthusiasts. They
		7 must be compiled from source and usually contain new features that
		8 must be tested before they can be put into a stable release.
		9 Prepatch kernels are maintained and released by Linus Torvalds.</dd>
		10 <dt>Mainline</dt>
		11 <dd>Mainline tree is maintained by Linus Torvalds. It's the tree where
		12 all new features are introduced and where all the exciting new
		13 development happens. New mainline kernels are released every 2-3
		14 months.</dd>
		15 <dt>Stable</dt>
		16 <dd>After each mainline kernel is released, it is considered &quot;stable.&quot;
		17 Any bug fixes for a stable kernel are backported from the mainline
		18 tree and applied by a designated stable kernel maintainer. There are
		19 usually only a few bugfix kernel releases until next mainline kernel
		20 becomes available -- unless it is designated a &quot;longterm maintenance
		21 kernel.&quot; Stable kernel updates are released on as-needed basis,
		22 usually once a week.</dd>
		23 <dt>Longterm</dt>
		24 <dd>There are usually several &quot;longterm maintenance&quot; kernel releases
		25 provided for the purposes of backporting bugfixes for older kernel
		26 trees. Only important bugfixes are applied to such kernels and they
		27 don't usually see very frequent releases, especially for older
		28 trees.</dd>
		29 </dl>
		30 <table border="1" class="docutils">
		31 <caption>Longterm release kernels</caption>
		32 <colgroup>
		33 <col width="11%" />
		34 <col width="46%" />
		35 <col width="17%" />
		36 <col width="26%" />
		37 </colgroup>
		38 <thead valign="bottom">
		39 <tr><th class="head">Version</th>
		40 <th class="head">Maintainer</th>
		41 <th class="head">Released</th>
		42 <th class="head">Projected EOL</th>
		43 </tr>
		44 </thead>
		45 <tbody valign="top">
		46 <tr><td>5.4</td>
		47 <td>Greg Kroah-Hartman &amp; Sasha Levin</td>
		48 <td>2019-11-24</td>
		49 <td>Dec, 2025</td>
		50 </tr>
		51 <tr><td>4.19</td>
		52 <td>Greg Kroah-Hartman &amp; Sasha Levin</td>
		53 <td>2018-10-22</td>
		54 <td>Dec, 2024</td>
		55 </tr>
		56 <tr><td>4.14</td>
		57 <td>Greg Kroah-Hartman &amp; Sasha Levin</td>
		58 <td>2017-11-12</td>
		59 <td>Jan, 2024</td>
		60 </tr>
		61 <tr><td>4.9</td>
		62 <td>Greg Kroah-Hartman &amp; Sasha Levin</td>
		63 <td>2016-12-11</td>
		64 <td>Jan, 2023</td>
		65 </tr>
		66 <tr><td>4.4</td>
		67 <td>Greg Kroah-Hartman &amp; Sasha Levin</td>
		68 <td>2016-01-10</td>
		69 <td>Feb, 2022</td>
		70 </tr>
		71 </tbody>
		72 </table>
		73 <div class="section" id="distribution-kernels">
		74 <h2>Distribution kernels</h2>
		75 <p>Many Linux distributions provide their own &quot;longterm maintenance&quot;
		76 kernels that may or may not be based on those maintained by kernel
		77 developers. These kernel releases are not hosted at kernel.org and
		78 kernel developers can provide no support for them.</p>
		79 <p>It is easy to tell if you are running a distribution kernel. Unless you
		80 downloaded, compiled and installed your own version of kernel from
		81 kernel.org, you are running a distribution kernel. To find out the
		82 version of your kernel, run <cite>uname -r</cite>:</p>
		83 <pre class="literal-block">
		84 # uname -r
		85 5.6.19-300.fc32.x86_64
		86 </pre>
		87 <p>If you see anything at all after the dash, you are running a distribution
		88 kernel. Please use the support channels offered by your distribution
		89 vendor to obtain kernel support.</p>
		90 </div>
		91 </summary></entry><entry><title>Git mirror available in Beijing</title><link href="https://www.kernel.org/beijing-git-mirror.html" rel="alternate"></link><published>2020-01-11T00:00:00+00:00</published><updated>2020-01-11T00:00:00+00:00</updated><author><name>Konstantin Ryabitsev</name></author><id>tag:https://www.kernel.org,2020-01-11:beijing-git-mirror.html</id><summary type="html"><p>If you are a developer located around Beijing, or if your connection to
		92 Beijing is faster and more reliable than to locations outside of China,
		93 then you may benefit from the new git.kernel.org mirror kindly provided
		94 by <a class="reference external" href="https://www.codeaurora.org/">Code Aurora Forum</a> at <a class="reference external" href="https://kernel.source.codeaurora.cn/">https://kernel.source.codeaurora.cn/</a>. This is
		95 a full mirror that is updated just as frequently as other git.kernel.org
		96 nodes (in fact, it is managed by the same team as the rest of kernel.org
		97 infrastructure, since CAF is part of Linux Foundation IT projects).</p>
		98 <p>To start using the Beijing mirror, simply clone from that location or
		99 add a separate remote to your existing checkouts, e.g.:</p>
		100 <pre class="literal-block">
		101 git remote add beijing git://kernel.source.codeaurora.cn/pub/scm/.../linux.git
		102 git fetch beijing master
		103 </pre>
		104 <p>You may also use <a class="reference external" href="http://">http://</a> and <a class="reference external" href="https://">https://</a> protocols if that makes it easier
		105 behind corporate firewalls.</p>
		106 </summary></entry><entry><title>Code of Conduct</title><link href="https://www.kernel.org/code-of-conduct.html" rel="alternate"></link><published>2020-01-02T00:00:00+00:00</published><updated>2020-01-02T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2020-01-02:code-of-conduct.html</id><summary type="html"><p>The Linux kernel community operates a <a class="reference external" href="https://www.kernel.org/doc/html/latest/process/code-of-conduct.html">Code of Conduct</a> based on the
		107 <a class="reference external" href="https://www.contributor-covenant.org/version/1/4/code-of-conduct.html">Contributor Covenant Code of Conduct</a>.</p>
		108 <div class="section" id="code-of-conduct-committee">
		109 <h2>Code of Conduct Committee</h2>
		110 <p>The Linux kernel Code of Conduct Committee is currently made up of the
		111 following people:</p>
		112 <blockquote>
		113 <ul class="simple">
		114 <li>Kristen Accardi &lt;<a class="reference external" href="mailto:kristen.c.accardi&#64;intel.com">kristen.c.accardi&#64;intel.com</a>&gt;</li>
		115 <li>Mishi Choudhary &lt;<a class="reference external" href="mailto:mishi&#64;linux.com">mishi&#64;linux.com</a>&gt;</li>
		116 <li>Shuah Khan &lt;<a class="reference external" href="mailto:skhan&#64;linuxfoundation.org">skhan&#64;linuxfoundation.org</a>&gt;</li>
		117 <li>Greg Kroah-Hartman &lt;<a class="reference external" href="mailto:gregkh&#64;linuxfoundation.org">gregkh&#64;linuxfoundation.org</a>&gt;</li>
		118 </ul>
		119 </blockquote>
		120 <p>Committee members can be reached all at once by writing to
		121 &lt;<a class="reference external" href="mailto:conduct&#64;kernel.org">conduct&#64;kernel.org</a>&gt;.</p>
		122 </div>
		123 <div class="section" id="committee-reports">
		124 <h2>Committee Reports</h2>
		125 <p>We would like to thank the Linux kernel community members who have supported
		126 the adoption of the Code of Conduct and who continue to uphold the professional
		127 standards of our community. If you have any questions about these reports,
		128 please write to &lt;<a class="reference external" href="mailto:conduct&#64;kernel.org">conduct&#64;kernel.org</a>&gt;.</p>
		129 <div class="section" id="december-2019">
		130 <h3>December 2019</h3>
		131 <p>Archival copy: <a class="reference external" href="https://lore.kernel.org/lkml/20200103105614.GC1047442&#64;kroah.com/">https://lore.kernel.org/lkml/20200103105614.GC1047442&#64;kroah.com/</a></p>
		132 <p>In the period of December 1, 2019 through December 30, 2019 the Committee
		133 received the following report:</p>
		134 <blockquote>
		135 <ul class="simple">
		136 <li>Insulting behavior in email: 1</li>
		137 </ul>
		138 </blockquote>
		139 <p>The result of the investigation:</p>
		140 <blockquote>
		141 <ul class="simple">
		142 <li>Education and coaching: 1</li>
		143 </ul>
		144 </blockquote>
		145 </div>
		146 <div class="section" id="august-to-november-2019">
		147 <h3>August to November 2019</h3>
		148 <p>Archival copy: <a class="reference external" href="https://lore.kernel.org/lkml/20191218090054.GA5120&#64;kroah.com/">https://lore.kernel.org/lkml/20191218090054.GA5120&#64;kroah.com/</a></p>
		149 <p>In the period of August 1, 2019 through November 31, 2019, the Committee
		150 received no reports.</p>
		151 </div>
		152 <div class="section" id="september-2018-to-july-2019">
		153 <h3>September 2018 to July 2019</h3>
		154 <p>Archival copy: <a class="reference external" href="https://lore.kernel.org/lkml/20190810120700.GA7360&#64;kroah.com/">https://lore.kernel.org/lkml/20190810120700.GA7360&#64;kroah.com/</a></p>
		155 <p>In the period of September 15, 2018 through July 31, 2019, the Committee
		156 received the following reports:</p>
		157 <blockquote>
		158 <ul class="simple">
		159 <li>Inappropriate language in the kernel source: 1</li>
		160 <li>Insulting behavior in email: 3</li>
		161 </ul>
		162 </blockquote>
		163 <p>The result of the investigations:</p>
		164 <blockquote>
		165 <ul class="simple">
		166 <li>Education and coaching: 4</li>
		167 </ul>
		168 </blockquote>
		169 </div>
		170 </div>
		171 </summary></entry><entry><title>Frequently asked questions</title><link href="https://www.kernel.org/faq.html" rel="alternate"></link><published>2019-05-02T13:53:08+00:00</published><updated>2019-05-02T13:53:08+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2019-05-02:faq.html</id><summary type="html"><p>If you have questions, comments or concerns about the F.A.Q. please
		172 contact us at <a class="reference external" href="mailto:webmaster&#64;kernel.org">webmaster&#64;kernel.org</a>.</p>
		173 <div class="section" id="is-linux-kernel-free-software">
		174 <h2>Is Linux Kernel Free Software?</h2>
		175 <p>Linux kernel is released under GNU GPL version 2 and is therefore Free
		176 Software as defined by the <a class="reference external" href="https://www.fsf.org/">Free Software Foundation</a>. You may read the
		177 entire copy of the license in the <a class="reference external" href="/pub/linux/kernel/COPYING">COPYING</a> file distributed with each
		178 release of the Linux kernel.</p>
		179 </div>
		180 <div class="section" id="what-does-stable-eol-and-longterm-mean">
		181 <h2>What does &quot;stable/EOL&quot; and &quot;longterm&quot; mean?</h2>
		182 <p>As kernels move from the &quot;mainline&quot; into the &quot;stable&quot; category, two
		183 things can happen:</p>
		184 <ol class="arabic simple">
		185 <li>They can reach &quot;End of Life&quot; after a few bugfix revisions, which
		186 means that kernel maintainers will release no more bugfixes for this
		187 kernel version, or</li>
		188 <li>They can be put into &quot;longterm&quot; maintenance, which means that
		189 maintainers will provide bugfixes for this kernel revision for a
		190 much longer period of time.</li>
		191 </ol>
		192 <p>If the kernel version you are using is marked &quot;EOL,&quot; you should consider
		193 upgrading to the next major version as there will be no more bugfixes
		194 provided for the kernel version you are using.</p>
		195 <p>Please check the <a class="reference external" href="https://www.kernel.org/releases.html">Releases</a> page for more info.</p>
		196 </div>
		197 <div class="section" id="why-is-an-lts-kernel-marked-as-stable-on-the-front-page">
		198 <h2>Why is an LTS kernel marked as &quot;stable&quot; on the front page?</h2>
		199 <p>Long-term support (&quot;LTS&quot;) kernels announced on the <a class="reference external" href="https://www.kernel.org/releases.html">Releases</a> page will
		200 be marked as &quot;stable&quot; on the front page if there are no other current
		201 stable kernel releases. This is done to avoid breaking automated parsers
		202 monitoring kernel.org with an expectation that there will always be a
		203 kernel release marked as &quot;stable.&quot;</p>
		204 </div>
		205 <div class="section" id="linus-has-tagged-a-new-release-but-it-s-not-listed-on-the-front-page">
		206 <h2>Linus has tagged a new release, but it's not listed on the front page!</h2>
		207 <p>Linus Torvalds PGP-signs git repository tags for all new mainline kernel
		208 releases, however a separate set of PGP signatures needs to be generated
		209 by the stable release team in order to create downloadable tarballs. Due
		210 to timezone differences between Linus and the members of the stable
		211 team, there is usually a delay of several hours between when the new
		212 mainline release is tagged and when PGP-signed tarballs become
		213 available. The front page is updated once that process is completed.</p>
		214 </div>
		215 <div class="section" id="is-there-an-rss-feed-for-the-latest-kernel-version">
		216 <h2>Is there an RSS feed for the latest kernel version?</h2>
		217 <p>Yes, and you can find it at <a class="reference external" href="https://www.kernel.org/feeds/kdist.xml">https://www.kernel.org/feeds/kdist.xml</a>.</p>
		218 <p>We also publish a .json file with the latest release information, which
		219 you can pull from here: <a class="reference external" href="https://www.kernel.org/releases.json">https://www.kernel.org/releases.json</a>.</p>
		220 </div>
		221 <div class="section" id="why-are-there-files-that-are-dated-tomorrow">
		222 <h2>Why are there files that are dated tomorrow?</h2>
		223 <p>All timestamps on kernel.org are in UTC (Coordinated Universal Time). If
		224 you live in the western hemisphere your local time lags behind UTC.
		225 Under Linux/Unix, type <tt class="docutils literal">date <span class="pre">-u</span></tt> to get the current time in UTC.</p>
		226 </div>
		227 <div class="section" id="can-i-get-an-account-on-kernel-org">
		228 <h2>Can I get an account on kernel.org?</h2>
		229 <p>Kernel.org accounts are usually reserved for subsystem maintainers or
		230 high-profile developers. It is absolutely not necessary to have an
		231 account on kernel.org to contribute to the development of the Linux
		232 kernel, unless you submit pull requests directly to Linus.</p>
		233 <p>If you are listed in the MAINTAINERS file or have reasons to believe you
		234 should have an account on kernel.org because of the amount of your
		235 contributions, please refer to the <a class="reference external" href="https://korg.wiki.kernel.org/userdoc/accounts">accounts wiki page</a> for the
		236 procedure to follow.</p>
		237 </div>
		238 <div class="section" id="i-have-cool-project-x-can-you-guys-mirror-it-for-me">
		239 <h2>I have cool project X, can you guys mirror it for me?</h2>
		240 <p>Probably not. Kernel.org deals with the Linux kernel, various
		241 distributions of the kernel and larger repositories of packages. We do
		242 not mirror individual projects, software, etc as we feel there are
		243 better places providing mirrors for those kinds of repositories. If you
		244 feel that kernel.org should mirror your project, please contact
		245 <a class="reference external" href="mailto:ftpadmin&#64;kernel.org">ftpadmin&#64;kernel.org</a> with the following information:</p>
		246 <ul class="simple">
		247 <li>name</li>
		248 <li>project name</li>
		249 <li>project website</li>
		250 <li>detailed project description</li>
		251 <li>reason for wanting us to mirror</li>
		252 </ul>
		253 <p>The Kernel.org admin team will then review your request and talk to you
		254 about it. As with any kind of account on kernel.org it's up to the
		255 discretion of the admin team.</p>
		256 </div>
		257 <div class="section" id="how-does-kernel-org-provide-its-users-access-to-the-git-trees">
		258 <h2>How does kernel.org provide its users access to the git trees?</h2>
		259 <p>We are using an access control system called <a class="reference external" href="https://github.com/sitaramc/gitolite/wiki">gitolite</a>, originally
		260 written and maintained by Sitaram Chamarty. We chose gitolite for a
		261 number of reasons:</p>
		262 <ul class="simple">
		263 <li>Limiting of ssh access to the system</li>
		264 <li>Fine grained control over repository access</li>
		265 <li>Well maintained and supported code base</li>
		266 <li>Responsive development</li>
		267 <li>Broad and diverse install base</li>
		268 </ul>
		269 <p>As well at the time of deployment the code had undergone an external
		270 code review.</p>
		271 </div>
		272 <div class="section" id="how-do-i-create-an-rc-kernel-i-get-reversed-patch-detected">
		273 <h2>How do I create an -rc kernel? I get &quot;Reversed patch detected!&quot;</h2>
		274 <p>-rc kernel patches are generated from the base stable release.</p>
		275 <p>For example: to create the 2.6.14-rc5 kernel, you must:</p>
		276 <ul class="simple">
		277 <li>download 2.6.13 (not 2.6.13.4)</li>
		278 <li>and then apply the 2.6.14-rc5 patch.</li>
		279 </ul>
		280 <p>Yes, you want 2.6.13, not 2.6.14. Remember, that's an -rc kernel, as in, 2.6.14 doesn't exist yet. :)</p>
		281 </div>
		282 <div class="section" id="where-can-i-find-kernel-2-4-20-3-16">
		283 <h2>Where can I find kernel 2.4.20-3.16?</h2>
		284 <p>Kernel version numbers of this form are distribution kernels, meaning
		285 they are modified kernels produced by distributions. Please contact the
		286 relevant distributor; or check out <a class="reference external" href="https://mirrors.kernel.org/">https://mirrors.kernel.org/</a>.</p>
		287 <p>See the <a class="reference external" href="https://www.kernel.org/releases.html">Releases</a> page for more info on distribution kernels.</p>
		288 </div>
		289 <div class="section" id="i-need-help-building-patching-fixing-linux-kernel-modules-drivers">
		290 <h2>I need help building/patching/fixing Linux kernel/modules/drivers!</h2>
		291 <p>Please see the <a class="reference external" href="http://kernelnewbies.org/">Kernel Newbies</a> website.</p>
		292 <p>There is also a wealth of knowledge on many topics involving Linux at
		293 The Linux Documentation Project (<a class="reference external" href="http://www.tldp.org">http://www.tldp.org</a>)</p>
		294 <p>For finding or reporting bugs, look through the archives for the various
		295 Linux mailing lists, and if no specific list seems appropriate, try the
		296 browsing the Linux Kernel Mailing List.</p>
		297 </div>
		298 <div class="section" id="what-happened-to-ftp-kernel-org">
		299 <h2>What happened to ftp.kernel.org?</h2>
		300 <p>FTP service was terminated on March 1, 2017. All content that used to be
		301 available via ftp.kernel.org can be accessed by browsing
		302 <a class="reference external" href="https://www.kernel.org/pub/">https://www.kernel.org/pub/</a>. If you would like to use a command-line
		303 tool for accessing these files, you can do so with lftp:</p>
		304 <blockquote>
		305 lftp <a class="reference external" href="https://www.kernel.org/pub">https://www.kernel.org/pub</a></blockquote>
		306 </div>
		307 <div class="section" id="when-will-the-next-kernel-be-released">
		308 <h2>When will the next kernel be released?</h2>
		309 <p>The next kernel will be released when it is ready. There is no strict
		310 timeline for making releases, but if you really need an educated guess,
		311 visit the Linux kernel <a class="reference external" href="http://phb-crystal-ball.org/">PHB Crystal Ball</a> -- it tries to provide a
		312 ballpark guess based on previous kernel release schedule.</p>
		313 </div>
		314 <div class="section" id="what-will-go-into-the-next-release">
		315 <h2>What will go into the next release?</h2>
		316 <p>It is hard to predict with certainty, but you can either take a peek at
		317 <a class="reference external" href="https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/">linux-next</a> or read the <a class="reference external" href="https://www.linux.com/news/2017/7/linux-weather-forecast">Linux Weather Forecast</a>, where Jonathan
		318 Corbet provides a broad forecast of what will likely be included into
		319 the next mainline release.</p>
		320 </div>
		321 </summary></entry><entry><title>Get notifications for your patches</title><link href="https://www.kernel.org/get-notifications-for-your-patches.html" rel="alternate"></link><published>2018-12-13T00:00:00+00:00</published><updated>2018-12-13T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2018-12-13:get-notifications-for-your-patches.html</id><summary type="html"><p>We are trialing out a new feature that can send you a notification when
		322 the patches you send to the LKML are applied to linux-next or to the
		323 mainline git trees. If you are interested in trying it out, here are the
		324 details:</p>
		325 <ul class="simple">
		326 <li>The patches must be sent to the LKML (<a class="reference external" href="mailto:linux-kernel&#64;vger.kernel.org">linux-kernel&#64;vger.kernel.org</a>).</li>
		327 <li>One of the cc's must be <a class="reference external" href="mailto:notify&#64;kernel.org">notify&#64;kernel.org</a> (Bcc will not work).</li>
		328 <li>Alternatively, there should be a &quot;X-Patchwork-Bot: notify&quot; email header.</li>
		329 <li>The patches must not have been modified by the maintainer(s).</li>
		330 <li>All patches in the series must have been applied, not just some of them.</li>
		331 </ul>
		332 <p>The last two points are important, because if there are changes between
		333 the content of the patch as it was first sent to the mailing list, and
		334 how it looks like by the time it is applied to linux-next or mainline,
		335 the bot will not be able to recognize it as the same patch. Similarly,
		336 for series of multiple patches, the bot must be able to successfully
		337 match all patches in the series in order for the notification to go out.</p>
		338 <p>If you are using <tt class="docutils literal"><span class="pre">git-format-patch</span></tt>, it is best to add the special
		339 header instead of using the Cc notification address, so as to avoid any
		340 unnecessary email traffic:</p>
		341 <pre class="literal-block">
		342 --add-header=&quot;X-Patchwork-Bot: notify&quot;
		343 </pre>
		344 <p>You should receive one notification email per each patch series, so if
		345 you send a series of 20 patches, you will get a single email in the form
		346 of a reply to the cover letter, or to the first patch in the series. The
		347 notification will be sent directly to you, ignoring any other addresses
		348 in the Cc field.</p>
		349 <p>The bot uses our <a class="reference external" href="https://lore.kernel.org/patchwork">LKML patchwork instance</a> to perform matching and
		350 tracking, and the <a class="reference external" href="https://git.kernel.org/pub/scm/linux/kernel/git/mricon/korg-helpers.git/tree/git-patchwork-bot.py">source code</a> for the bot is also available if you
		351 would like to suggest improvements.</p>
		352 </summary></entry><entry><title>List archives on lore.kernel.org</title><link href="https://www.kernel.org/lore.html" rel="alternate"></link><published>2018-12-12T00:00:00+00:00</published><updated>2018-12-12T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2018-12-12:lore.html</id><summary type="html"><p>You may access the archives of many Linux development mailing lists on
		353 <a class="reference external" href="https://lore.kernel.org/lists.html">lore.kernel.org</a>. Most of them include a full archive of messages going
		354 back several decades.</p>
		355 <ul class="simple">
		356 <li><a class="reference external" href="https://lore.kernel.org/lists.html">listing of currently hosted archives</a></li>
		357 </ul>
		358 <p>If you would like to suggest another kernel development mailing list to
		359 be included in this list, please follow the instructions on the
		360 following wiki page:</p>
		361 <ul class="simple">
		362 <li><a class="reference external" href="https://korg.wiki.kernel.org/userdoc/lore">Adding list archives to lore.kernel.org</a></li>
		363 </ul>
		364 <div class="section" id="archiving-software">
		365 <h2>Archiving software</h2>
		366 <p>The software managing the archive is called <a class="reference external" href="https://public-inbox.org/design_notes.html">Public Inbox</a> and offers
		367 the following features:</p>
		368 <ul class="simple">
		369 <li>Fast, searchable web archives</li>
		370 <li>Atom feeds per list or per individual thread</li>
		371 <li>Downloadable mbox archives to make replying easy</li>
		372 <li>Git-backed archival mechanism you can clone and pull</li>
		373 <li>Read-only nntp gateway</li>
		374 </ul>
		375 <p>We collected many list archives going as far back as 1998, and they are
		376 now all available to anyone via a simple git clone. We would like to
		377 extend our thanks to everyone who helped in this effort by donating
		378 their personal archives.</p>
		379 </div>
		380 <div class="section" id="obtaining-full-list-archives">
		381 <h2>Obtaining full list archives</h2>
		382 <p>Git clone URLs are provided at the bottom of each page. Note, that due
		383 mailing list volume, list archives are sharded into multiple
		384 repositories, each roughly 1GB in size. In addition to cloning from
		385 lore.kernel.org, you may also access these repositories on
		386 <a class="reference external" href="https://erol.kernel.org/">erol.kernel.org</a>.</p>
		387 <div class="section" id="mirroring">
		388 <h3>Mirroring</h3>
		389 <p>You can continuously mirror the entire mailing list archive collection
		390 by using the <a class="reference external" href="https://github.com/mricon/grokmirror">grokmirror</a> tool. The following repos.conf file should get
		391 you all you need:</p>
		392 <pre class="literal-block">
		393 [lore.kernel.org]
		394 site = https://lore.kernel.org
		395 manifest = https://lore.kernel.org/manifest.js.gz
		396 toplevel = /path/to/your/local/folder
		397 mymanifest = /path/to/your/local/folder/manifest.js.gz
		398 pull_threads = 4
		399 </pre>
		400 <p>Please note, that you will require at least 20+ GB of local storage. The
		401 mirroring process only replicates the git repositories themselves -- if
		402 you want to use public-inbox with them, you will need to run
		403 &quot;<tt class="docutils literal"><span class="pre">public-inbox-init</span></tt>&quot; and &quot;<tt class="docutils literal"><span class="pre">public-inbox-index</span></tt>&quot; to create the
		404 database files required for public-inbox operation.</p>
		405 </div>
		406 </div>
		407 <div class="section" id="linking-to-list-discussions-from-commits">
		408 <h2>Linking to list discussions from commits</h2>
		409 <p>If you need to reference a mailing list discussion inside code comments
		410 or in a git commit message, please use the &quot;permalink&quot; URL provided by
		411 public-inbox. It is available in the headers of each displayed message
		412 or thread discussion. Alternatively, you can use a generic message-id
		413 redirector in the form:</p>
		414 <ul class="simple">
		415 <li><a class="reference external" href="https://lore.kernel.org/r/message&#64;id">https://lore.kernel.org/r/message&#64;id</a></li>
		416 </ul>
		417 <p>That should display the message regardless in which mailing list archive
		418 it's stored.</p>
		419 </div>
		420 </summary></entry><entry><title>Minor changes to kernel tarball releases</title><link href="https://www.kernel.org/minor-changes-to-tarball-release-format.html" rel="alternate"></link><published>2018-07-27T00:00:00+00:00</published><updated>2018-07-27T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2018-07-27:minor-changes-to-tarball-release-format.html</id><summary type="html"><p>We'd like to announce several small changes to the way Linux tarballs
		421 are produced.</p>
		422 <div class="section" id="mainline-release-tarball-signatures">
		423 <h2>Mainline release tarball signatures</h2>
		424 <p>Starting with the 4.18 final release, all mainline tarball PGP
		425 signatures will be made by Greg Kroah-Hartman instead of Linus Torvalds.
		426 The main goal behind this change is to simplify the <a class="reference external" href="https://www.kernel.org/signature.html">verification
		427 process</a> and make all kernel tarball releases available for download on
		428 kernel.org be signed by the same developer.</p>
		429 <p>Linus Torvalds will continue to PGP-sign all tags in the mainline
		430 git repository. They can be verified using the <tt class="docutils literal">git <span class="pre">verify-tag</span></tt>
		431 command.</p>
		432 </div>
		433 <div class="section" id="sunsetting-gz-tarball-generation">
		434 <h2>Sunsetting .gz tarball generation</h2>
		435 <p>We stopped creating .bz2 copies of tarball releases 5 years ago, and the
		436 time has come to stop producing .gz duplicate copies of all our content
		437 as well, as XZ tools and libraries are now available on all major
		438 platforms. Starting September 1st, 2018, all tarball releases available
		439 via <tt class="docutils literal">/pub</tt> download locations will only be available in XZ-compressed
		440 format.</p>
		441 <p>If you absolutely must have .gz compressed tarballs, you may obtain them
		442 from git.kernel.org by following snapshot download links in the
		443 appropriate repository view.</p>
		444 </div>
		445 <div class="section" id="no-future-pgp-signatures-on-patches-and-changelogs">
		446 <h2>No future PGP signatures on patches and changelogs</h2>
		447 <p>For legacy purposes, we will continue to provide pre-generated
		448 changelogs and patches (both to the previous mainline and incremental
		449 patches to previous stable). However, from now on they will be generated
		450 by automated processes and will no longer carry detached PGP signatures.
		451 If you require cryptographically verified patches, please generate them
		452 directly from the <a class="reference external" href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git">stable git repository</a> after verifying the PGP
		453 signatures on the tags using <tt class="docutils literal">git <span class="pre">verify-tag</span></tt>.</p>
		454 </div>
		455 </summary></entry><entry><title>Best way to do linux clones for your CI</title><link href="https://www.kernel.org/best-way-to-do-linux-clones-for-your-ci.html" rel="alternate"></link><published>2018-07-25T00:00:00+00:00</published><updated>2018-07-25T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2018-07-25:best-way-to-do-linux-clones-for-your-ci.html</id><summary type="html"><p>If you are in charge of CI infrastructure that needs to perform frequent
		456 full clones of kernel trees from git.kernel.org, we strongly recommend
		457 that you use the <a class="reference external" href="https://www.kernel.org/cloning-linux-from-a-bundle.html">git bundles we provide</a> instead of performing a full
		458 clone directly from git repositories.</p>
		459 <p>It is better for you, because downloading the bundle from CDN is
		460 probably going to be much faster for you than cloning from our frontends
		461 due to the CDN being more local. You can even copy the bundle to a
		462 fileserver on your local infrastructure and save a lot of repeated
		463 external traffic.</p>
		464 <p>It is better for us, because if you first clone from the bundle, you
		465 only need to fetch a handful of newer objects directly from
		466 git.kernel.org frontends. This not only uses an order of magnitude less
		467 bandwidth, but also results in a much smaller memory footprint on our
		468 systems -- git daemon needs a lot of RAM when serving full clones of
		469 linux repositories.</p>
		470 <p>Here is a simple script that will help you automate the process of first
		471 downloading the git bundle and then fetching the newer objects:</p>
		472 <ul class="simple">
		473 <li><a class="reference external" href="https://git.kernel.org/pub/scm/linux/kernel/git/mricon/korg-helpers.git/plain/linux-bundle-clone">linux-bundle-clone</a></li>
		474 </ul>
		475 <p>Thank you for helping us keep our systems fast and accessible to all.</p>
		476 </summary></entry><entry><title>Nitrokey digital tokens for kernel developers</title><link href="https://www.kernel.org/nitrokey-digital-tokens-for-kernel-developers.html" rel="alternate"></link><published>2018-04-04T00:00:00+00:00</published><updated>2018-04-04T00:00:00+00:00</updated><author><name>Konstantin Ryabitsev</name></author><id>tag:https://www.kernel.org,2018-04-04:nitrokey-digital-tokens-for-kernel-developers.html</id><summary type="html"><p>The Linux Foundation IT team has been working to improve the code
		477 integrity of git repositories hosted at kernel.org by promoting the use
		478 of PGP-signed git tags and commits. Doing so allows anyone to easily
		479 verify that git repositories have not been altered or tampered with no
		480 matter from which worldwide mirror they may have been cloned. If the
		481 digital signature on your cloned repository matches the PGP key
		482 belonging to Linus Torvalds or any other maintainer, then you can be
		483 assured that what you have on your computer is the exact replica of the
		484 kernel code without any omissions or additions.</p>
		485 <p>To help promote the use of PGP signatures in Linux kernel development,
		486 we now offer a detailed guide within the kernel documentation tree:</p>
		487 <ul class="simple">
		488 <li><a class="reference external" href="https://www.kernel.org/doc/html/latest/process/maintainer-pgp-guide.html">Kernel Maintainer PGP Guide</a></li>
		489 </ul>
		490 <img alt="Nitrokey logo" class="align-left" src="https://www.kernel.org/static/news/images/nitrokey-logo.png" style="width: 207px; height: 70px;" />
		491 <p>Further, we are happy to announce a new special program sponsored by
		492 <a class="reference external" href="https://linuxfoundation.org/">The Linux Foundation</a> in partnership with <a class="reference external" href="https://www.nitrokey.com/">Nitrokey</a> -- the developer
		493 and manufacturer of smartcard-compatible digital tokens capable of
		494 storing private keys and performing PGP operations on-chip. Under this
		495 program, any developer who is listed as a maintainer in the <a class="reference external" href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/MAINTAINERS">MAINTAINERS</a>
		496 file, or who has a kernel.org account can qualify for a free digital
		497 token to help improve the security of their PGP keys. The cost of the
		498 device, including any taxes, shipping and handling will be covered by
		499 The Linux Foundation.</p>
		500 <p>To participate in this program, please access the special store front
		501 on the Nitrokey website:</p>
		502 <ul class="simple">
		503 <li><a class="reference external" href="https://kernel.nitrokey.com/">Nitrokey Start for Kernel Developers</a></li>
		504 </ul>
		505 <div class="section" id="who-qualifies-for-this-program">
		506 <h2>Who qualifies for this program?</h2>
		507 <p>To qualify for the program, you need to have an account at kernel.org or
		508 have your email address listed in the <a class="reference external" href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/MAINTAINERS">MAINTAINERS</a> file (following the
		509 &quot;<tt class="docutils literal">M:</tt>&quot; heading). If you do not currently qualify but think you should,
		510 the easiest course of action is to get yourself added to the MAINTAINERS
		511 file or to <a class="reference external" href="https://korg.wiki.kernel.org/userdoc/accounts">apply for an account at kernel.org</a>.</p>
		512 </div>
		513 <div class="section" id="which-devices-are-available-under-this-program">
		514 <h2>Which devices are available under this program?</h2>
		515 <p>The program is limited to <a class="reference external" href="https://shop.nitrokey.com/shop/product/nitrokey-start-6">Nitrokey Start</a> devices. There are several
		516 reasons why we picked this particular device among several available
		517 options.</p>
		518 <p>First of all, many Linux kernel developers have a strong preference not
		519 just for open-source software, but for open hardware as well. Nitrokey
		520 is one of the few companies selling GnuPG-compatible smartcard devices
		521 that provide both, since Nitrokey Start is based on Gnuk cryptographic
		522 token firmware developed by <a class="reference external" href="https://www.fsij.org/category/gnuk.html">Free Software Initiative of Japan</a>. It is
		523 also one of the few commercially available devices that offer native
		524 support for ECC keys, which are both faster computationally than large
		525 RSA keys and generate smaller digital signatures. With our push to use
		526 more code signing of git objects themselves, both the open nature of the
		527 device and its support for fast modern cryptography were key points in
		528 our evaluation.</p>
		529 <p>Additionally, Nitrokey devices (both Start and Pro models) are already
		530 <a class="reference external" href="https://lwn.net/Articles/736231/">used by open-source developers</a> for cryptographic purposes and they
		531 are known to work well with Linux workstations.</p>
		532 </div>
		533 <div class="section" id="what-is-the-benefit-of-digital-smartcard-tokens">
		534 <h2>What is the benefit of digital smartcard tokens?</h2>
		535 <p>With usual GnuPG operations, the private keys are stored in the home
		536 directory where they can be stolen by malware or exposed via other
		537 means, such as poorly secured backups. Furthermore, each time a GnuPG
		538 operation is performed, the keys are loaded into system memory and can
		539 be stolen from there using sufficiently advanced techniques (the likes
		540 of Meltdown and Spectre).</p>
		541 <p>A digital smartcard token like Nitrokey Start contains a cryptographic
		542 chip that is capable of storing private keys and performing crypto
		543 operations directly on the token itself. Because the key contents never
		544 leave the device, the operating system of the computer into which the
		545 token is plugged in is not able to retrieve the private keys themselves,
		546 therefore significantly limiting the ways in which the keys can be
		547 leaked or stolen.</p>
		548 </div>
		549 <div class="section" id="questions-or-problems">
		550 <h2>Questions or problems?</h2>
		551 <p>If you qualify for the program, but encounter any difficulties
		552 purchasing the device, please contact Nitrokey at <a class="reference external" href="mailto:shop&#64;nitrokey.com">shop&#64;nitrokey.com</a>.</p>
		553 <p>For any questions about the program itself or with any other comments,
		554 please reach out to <a class="reference external" href="mailto:info&#64;linuxfoundation.org">info&#64;linuxfoundation.org</a>.</p>
		555 </div>
		556 </summary></entry><entry><title>Linux kernel releases PGP signatures</title><link href="https://www.kernel.org/signature.html" rel="alternate"></link><published>2018-02-15T00:00:00+00:00</published><updated>2018-02-15T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2018-02-15:signature.html</id><summary type="html"><p>All kernel releases are cryptographically signed using OpenPGP-compliant
		557 signatures. Everyone is strongly encouraged to verify the integrity of
		558 downloaded kernel releases by verifying the corresponding signatures.</p>
		559 <div class="section" id="basic-concepts">
		560 <h2>Basic concepts</h2>
		561 <p>Every kernel release comes with a cryptographic signature from the
		562 person making the release. This cryptographic signature allows anyone to
		563 verify whether the files have been modified or otherwise tampered with
		564 after the developer created and signed them. The signing and
		565 verification process uses public-key cryptography and it is next to
		566 impossible to forge a PGP signature without first gaining access to the
		567 developer's private key. If this does happen, the developers will revoke
		568 the compromised key and will re-sign all their previously signed
		569 releases with the new key.</p>
		570 <p>To learn more about the way PGP works, please consult <a class="reference external" href="https://en.wikipedia.org/wiki/Pretty_Good_Privacy#How_PGP_encryption_works">Wikipedia</a>.</p>
		571 </div>
		572 <div class="section" id="kernel-org-web-of-trust">
		573 <h2>Kernel.org web of trust</h2>
		574 <p>PGP keys used by members of kernel.org are cross-signed by other members
		575 of the Linux kernel development community (and, frequently, by many
		576 other people). If you wanted to verify the validity of any key belonging
		577 to a member of kernel.org, you could review the list of signatures on
		578 their public key and then make a decision whether you trust that key or
		579 not. See the <a class="reference external" href="https://en.wikipedia.org/wiki/Web_of_trust">Wikipedia article</a> on the subject of the Web of Trust.</p>
		580 </div>
		581 <div class="section" id="using-the-web-key-directory">
		582 <h2>Using the Web Key Directory</h2>
		583 <p>If the task of maintaining your own web of trust is too daunting to you,
		584 you can opt to shortcut this process by using the &quot;Trust on First Use&quot;
		585 (TOFU) approach and rely on the kernel.org Web Key Directory (WKD).</p>
		586 <p>To import keys belonging to many kernel developers, you can use the
		587 following command:</p>
		588 <pre class="literal-block">
		589 $ gpg2 --locate-keys [username]&#64;kernel.org
		590 </pre>
		591 <p>For example, to import keys belonging to Linus Torvalds and Greg
		592 Kroah-Hartman, you would use:</p>
		593 <pre class="literal-block">
		594 $ gpg2 --locate-keys torvalds&#64;kernel.org gregkh&#64;kernel.org
		595 </pre>
		596 <p>This command will verify the TLS certificate presented by kernel.org
		597 before importing these keys into your keyring.</p>
		598 </div>
		599 <div class="section" id="using-gnupg-to-verify-kernel-signatures">
		600 <h2>Using GnuPG to verify kernel signatures</h2>
		601 <p>All software released via kernel.org has detached PGP signatures you can
		602 use to verify the integrity of your downloads.</p>
		603 <p>To illustrate the verification process, let's use Linux 4.6.6 release as
		604 a walk-through example. First, use &quot;<tt class="docutils literal">curl</tt>&quot; to download the release
		605 and the corresponding signature:</p>
		606 <pre class="literal-block">
		607 $ curl -OL https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.6.6.tar.xz
		608 $ curl -OL https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.6.6.tar.sign
		609 </pre>
		610 <p>You will notice that the signature is made against the uncompressed
		611 version of the archive. This is done so there is only one signature
		612 required for .gz and .xz compressed versions of the release. Start
		613 by uncompressing the archive, using <tt class="docutils literal">unxz</tt> in our case:</p>
		614 <pre class="literal-block">
		615 $ unxz linux-4.6.6.tar.xz
		616 </pre>
		617 <p>Now verify the .tar archive against the signature:</p>
		618 <pre class="literal-block">
		619 $ gpg2 --verify linux-4.6.6.tar.sign
		620 </pre>
		621 <p>You can combine these steps into a one-liner:</p>
		622 <pre class="literal-block">
		623 $ xz -cd linux-4.6.6.tar.xz \| gpg2 --verify linux-4.6.6.tar.sign -
		624 </pre>
		625 <p>It's possible that you get a &quot;No public key error&quot;:</p>
		626 <pre class="literal-block">
		627 gpg: Signature made Wed 10 Aug 2016 06:55:15 AM EDT using RSA key ID 38DBBDC86092693E
		628 gpg: Can't check signature: No public key
		629 </pre>
		630 <p>Please use the &quot;<tt class="docutils literal">gpg2 <span class="pre">--locate-keys</span></tt>&quot; command listed above to download
		631 the key for Greg Kroah-Hartman and Linus Torvalds and then try again:</p>
		632 <pre class="literal-block">
		633 $ gpg2 --locate-keys torvalds&#64;kernel.org gregkh&#64;kernel.org
		634 $ gpg2 --verify linux-4.6.6.tar.sign
		635 gpg: Signature made Wed 10 Aug 2016 06:55:15 AM EDT
		636 gpg: using RSA key 38DBBDC86092693E
		637 gpg: Good signature from &quot;Greg Kroah-Hartman &lt;gregkh&#64;kernel.org&gt;&quot; [unknown]
		638 gpg: WARNING: This key is not certified with a trusted signature!
		639 gpg: There is no indication that the signature belongs to the owner.
		640 Primary key fingerprint: 647F 2865 4894 E3BD 4571 99BE 38DB BDC8 6092 693E
		641 </pre>
		642 <p>To make the &quot;<tt class="docutils literal">WARNING</tt>&quot; message go away you can indicate that you
		643 choose to trust that key using TOFU:</p>
		644 <pre class="literal-block">
		645 $ gpg2 --tofu-policy good 38DBBDC86092693E
		646 $ gpg2 --trust-model tofu --verify linux-4.6.6.tar.sign
		647 gpg: Signature made Wed 10 Aug 2016 06:55:15 AM EDT
		648 gpg: using RSA key 38DBBDC86092693E
		649 gpg: Good signature from &quot;Greg Kroah-Hartman &lt;gregkh&#64;kernel.org&gt;&quot; [full]
		650 gpg: gregkh&#64;kernel.org: Verified 1 signature in the past 53 seconds. Encrypted
		651 0 messages.
		652 </pre>
		653 <p>Note that you may have to pass &quot;<tt class="docutils literal"><span class="pre">--trust-model</span> tofu</tt>&quot; the first time
		654 you run the verify command, but it should not be necessary after that.</p>
		655 <div class="section" id="the-scripted-version">
		656 <h3>The scripted version</h3>
		657 <p>If you need to perform this task in an automated environment or simply
		658 prefer a more convenient tool, you can use the following helper script
		659 to properly download and verify Linux kernel tarballs:</p>
		660 <blockquote>
		661 <ul class="simple">
		662 <li><a class="reference external" href="https://git.kernel.org/pub/scm/linux/kernel/git/mricon/korg-helpers.git/tree/get-verified-tarball">get-verified-tarball</a></li>
		663 </ul>
		664 </blockquote>
		665 <p>Please review the script before adopting it for your needs.</p>
		666 </div>
		667 </div>
		668 <div class="section" id="important-fingerprints">
		669 <h2>Important fingerprints</h2>
		670 <p>Here are key fingerprints for Linus Torvalds, Greg Kroah-Hartman, Sasha
		671 Levin, and Ben Hutchings, who are most likely to be releasing kernels:</p>
		672 <table border="1" class="docutils">
		673 <colgroup>
		674 <col width="25%" />
		675 <col width="75%" />
		676 </colgroup>
		677 <thead valign="bottom">
		678 <tr><th class="head">Developer</th>
		679 <th class="head">Fingerprint</th>
		680 </tr>
		681 </thead>
		682 <tbody valign="top">
		683 <tr><td>Linus Torvalds</td>
		684 <td><tt class="docutils literal">ABAF 11C6 5A29 70B1 30AB&nbsp; E3C4 79BE 3E43 0041 1886</tt></td>
		685 </tr>
		686 <tr><td>Greg Kroah-Hartman</td>
		687 <td><tt class="docutils literal">647F 2865 4894 E3BD 4571&nbsp; 99BE 38DB BDC8 6092 693E</tt></td>
		688 </tr>
		689 <tr><td>Sasha Levin</td>
		690 <td><tt class="docutils literal">E27E 5D8A 3403 A2EF 6687&nbsp; 3BBC DEA6 6FF7 9777 2CDC</tt></td>
		691 </tr>
		692 <tr><td>Ben Hutchings</td>
		693 <td><tt class="docutils literal">AC2B 29BD 34A6 AFDD B3F6&nbsp; 8F35 E7BF C8EC 9586 1109</tt></td>
		694 </tr>
		695 </tbody>
		696 </table>
		697 <p>Please verify the TLS certificate for this site in your browser before
		698 trusting the above information.</p>
		699 </div>
		700 <div class="section" id="if-you-get-bad-signature">
		701 <h2>If you get &quot;BAD signature&quot;</h2>
		702 <p>If at any time you see &quot;BAD signature&quot; output from &quot;<tt class="docutils literal">gpg2 <span class="pre">--verify</span></tt>&quot;,
		703 please first check the following first:</p>
		704 <ol class="arabic simple">
		705 <li><strong>Make sure that you are verifying the signature against the .tar
		706 version of the archive, not the compressed (.tar.xz) version.</strong></li>
		707 <li>Make sure the the downloaded file is correct and not truncated or
		708 otherwise corrupted.</li>
		709 </ol>
		710 <p>If you repeatedly get the same &quot;BAD signature&quot; output, please email
		711 <a class="reference external" href="mailto:helpdesk&#64;kernel.org">helpdesk&#64;kernel.org</a>, so we can investigate the problem.</p>
		712 </div>
		713 <div class="section" id="kernel-org-checksum-autosigner-and-sha256sums-asc">
		714 <h2>Kernel.org checksum autosigner and sha256sums.asc</h2>
		715 <p>We have a dedicated off-the-network system that connects directly to our
		716 central attached storage and calculates checksums for all uploaded
		717 software releases. The generated <tt class="docutils literal">sha256sums.asc</tt> file is then signed
		718 with a PGP key generated for this purpose and that doesn't exist outside
		719 of that system.</p>
		720 <p>These checksums are <strong>NOT</strong> intended to replace developer signatures. It
		721 is merely a way for someone to quickly verify whether contents on one of
		722 the many kernel.org mirrors match the contents on the master mirror.
		723 While you may use them to quickly verify whether what you have
		724 downloaded matches what we have on our central storage system, you
		725 should continue to use developer signatures for best assurance.</p>
		726 </div>
		727 <div class="section" id="kernel-releases-prior-to-september-2011">
		728 <h2>Kernel releases prior to September, 2011</h2>
		729 <p>Prior to September, 2011 all kernel releases were signed automatically by
		730 the same PGP key:</p>
		731 <pre class="literal-block">
		732 pub 1024D/517D0F0E 2000-10-10 [revoked: 2011-12-11]
		733 Key fingerprint = C75D C40A 11D7 AF88 9981 ED5B C86B A06A 517D 0F0E
		734 uid Linux Kernel Archives Verification Key &lt;ftpadmin&#64;kernel.org&gt;
		735 </pre>
		736 <p>Due to the kernel.org systems compromise, this key has been retired and
		737 revoked. <strong>It will no longer be used to sign future releases and you
		738 should NOT use this key to verify the integrity of any archives. It is
		739 almost certain that this key has fallen into malicious hands.</strong></p>
		740 <p>All kernel releases that were previously signed with this key were
		741 cross-checked and signed with another key, created specifically
		742 for this purpose:</p>
		743 <pre class="literal-block">
		744 pub 3072R/C4790F9D 2013-08-08
		745 Key fingerprint = BFA7 DD3E 0D42 1C9D B6AB 6527 0D3B 3537 C479 0F9D
		746 uid Linux Kernel Archives Verification Key
		747 (One-off resigning of old releases) &lt;ftpadmin&#64;kernel.org&gt;
		748 </pre>
		749 <p>The private key used for this purpose has been destroyed and cannot be
		750 used to sign any releases produced after 2011.</p>
		751 </div>
		752 </summary></entry><entry><title>RC tarballs and patches starting with 4.12-rc1</title><link href="https://www.kernel.org/rc-tarballs-and-patches-starting-with-412-rc1.html" rel="alternate"></link><published>2017-05-16T00:00:00+00:00</published><updated>2017-05-16T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2017-05-16:rc-tarballs-and-patches-starting-with-412-rc1.html</id><summary type="html"><p>As you may be aware, starting with 4.12-rc1 Linus will <a class="reference external" href="https://lwn.net/Articles/722660/">no longer provide</a>
		753 signed tarballs and patches for pre-release (&quot;-rc&quot;) kernels. Reasons for
		754 this are multiple, but largely this is because people who are most
		755 interested in pre-release tags -- kernel developers -- do not rely on
		756 patches and tarballs to do their work.</p>
		757 <div class="section" id="obtaining-tarballs-on-your-own">
		758 <h2>Obtaining tarballs on your own</h2>
		759 <p>Here is how you can generate the tarball from a pre-release tag using
		760 the &quot;<tt class="docutils literal">git archive</tt>&quot; command (we'll use 4.12-rc1 in these examples):</p>
		761 <pre class="literal-block">
		762 git clone git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
		763 cd linux
		764 git verify-tag v4.12-rc1
		765 git archive --format=tar.gz --prefix=linux-4.12-rc1/ \
		766 -o linux-4.12-rc1.tar.gz v4.12-rc1
		767 </pre>
		768 <p>The upside of this method is that during the &quot;<tt class="docutils literal">git <span class="pre">verify-tag</span></tt>&quot; step
		769 you will check the PGP signature on the tag to make sure that what you
		770 cloned is exactly the same tree as on Linus Torvalds's computer.</p>
		771 <p>The downside of this method is that you will need to download about 1
		772 GiB of data -- the entire git history of the Linux kernel -- just to get
		773 the latest tag. Notably, when -rc2 is tagged, all you'll need to do is
		774 run a quick &quot;<tt class="docutils literal">git pull</tt>&quot; to get the latest objects and it will be
		775 dramatically less data to download, so cloning the whole tree may be
		776 worth it to you in the long run if you plan to do this again in the
		777 future.</p>
		778 <p>If you do not want to download the whole git repository and just want to
		779 get the latest tarball, you can download the version automatically
		780 generated by cgit at the following (or similar URL):</p>
		781 <pre class="literal-block">
		782 wget https://git.kernel.org/torvalds/t/linux-4.12-rc1.tar.gz
		783 </pre>
		784 <p>Please note that you will not be able to cryptographically verify the
		785 integrity of this archive, but the download will be about 10 times less
		786 in size than the full git tree.</p>
		787 </div>
		788 <div class="section" id="obtaining-patches-to-the-previous-mainline">
		789 <h2>Obtaining patches to the previous mainline</h2>
		790 <p>If you would like to get just the patch to the previous mainline
		791 release, you can get it from cgit as well:</p>
		792 <pre class="literal-block">
		793 wget -O patch-4.12-rc1 https://git.kernel.org/torvalds/p/v4.12-rc1/v4.11
		794 </pre>
		795 <p>Unfortunately, cgit does not currently offer an easy way to get
		796 gzip-compressed patches, but if you would like to reduce the amount of
		797 data you download, you can use http-level gzip compression:</p>
		798 <pre class="literal-block">
		799 wget -O patch-4.12-rc1.gz --header=&quot;accept-encoding: gzip&quot; \
		800 https://git.kernel.org/torvalds/p/v4.12-rc1/v4.11
		801 </pre>
		802 <p>The links to these patches are available on the front page of
		803 <a class="reference external" href="https://www.kernel.org/">https://www.kernel.org/</a>.</p>
		804 </div>
		805 <div class="section" id="why-not-provide-these-at-their-old-locations">
		806 <h2>Why not provide these at their old locations?</h2>
		807 <p>We intentionally did not provide these automatically generated tarballs
		808 and patches in locations previously used by Linus
		809 (<tt class="docutils literal">/pub/linux/kernel/v4.x/testing</tt>), even if this meant potentially
		810 breaking automated scripts relying on contents published there. Anything
		811 placed in the /pub tree is signed and curated directly by developers
		812 and all patches and software archives published there invariably come
		813 with a PGP signature provided directly by the developer of that software
		814 (or one of the developers).</p>
		815 <p>Patches and tarballs automatically generated by git.kernel.org are NOT
		816 a replacement for this stringent process, but merely a convenience
		817 service that comes with very different trust implications. By providing
		818 these at different URLs we wanted all users of these services to make a
		819 conscious decision on whether they want to trust these automatically
		820 generated tarballs and patches, or whether they want to change their
		821 process to continue to use PGP-verifiable tags directly from the git
		822 tree.</p>
		823 </div>
		824 </summary></entry><entry><title>If you got "BAD Signature" this morning</title><link href="https://www.kernel.org/if-you-got-bad-signature-this-morning.html" rel="alternate"></link><published>2017-05-14T00:00:00+00:00</published><updated>2017-05-14T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2017-05-14:if-you-got-bad-signature-this-morning.html</id><summary type="html"><p>The XZ tarballs for the following kernel releases did not initially pass
		825 signature verification due to benign changes to the tarball structure
		826 done by the pixz compression tool:</p>
		827 <ul class="simple">
		828 <li>4.11.1</li>
		829 <li>4.10.16</li>
		830 <li>4.9.28</li>
		831 <li>4.4.68</li>
		832 </ul>
		833 <p>These changes would have resulted in GPG returning &quot;Bad Signature&quot; if
		834 you tried to verify their integrity. Once we identified the problem, we
		835 generated new XZ tarballs without tar header modifications and now they
		836 should all pass PGP signature verification.</p>
		837 <p>We preserved the original .xz tarballs as -badsig files in the archives
		838 in case you wanted to verify that there was nothing malicious in them,
		839 merely tar header changes. You can find them in the same v4.x directory:</p>
		840 <ul class="simple">
		841 <li><a class="reference external" href="https://www.kernel.org/pub/linux/kernel/v4.x/">https://www.kernel.org/pub/linux/kernel/v4.x/</a></li>
		842 </ul>
		843 <p>Our apologies for this problem and thanks to Brad Spengler and everyone
		844 else who alerted us about this issue.</p>
		845 </summary></entry><entry><title>The Linux Kernel Organization</title><link href="https://www.kernel.org/nonprofit.html" rel="alternate"></link><published>2017-04-13T06:05:03+00:00</published><updated>2017-04-13T06:05:03+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2017-04-13:nonprofit.html</id><summary type="html"><p>The Linux Kernel Organization is a California Public Benefit Corporation
		846 established in 2002 to distribute the Linux kernel and other Open Source
		847 software to the public without charge. We are recognized by the IRS as a
		848 501(c)3 private operating foundation.</p>
		849 <ul class="simple">
		850 <li><a class="reference external" href="https://www.kernel.org/static/corporate/irs-nonprofit-ok-redacted.pdf">IRS determination letter</a></li>
		851 <li><a class="reference external" href="https://www.kernel.org/static/corporate/state-nonprofit-ok-redacted.pdf">California determination letter</a></li>
		852 </ul>
		853 <p>The Linux Kernel Organization is managed by <a class="reference external" href="http://linuxfoundation.org/">The Linux Foundation</a>, which
		854 provides full technical, financial and staffing support for running and
		855 maintaining the kernel.org infrastructure.</p>
		856 <div class="section" id="legal-information">
		857 <h2>Legal information</h2>
		858 <p>Due to U.S. Exports Regulations, all cryptographic software on this site
		859 is subject to the following legal notice:</p>
		860 <blockquote>
		861 <strong>This site includes publicly available encryption source code which,
		862 together with object code resulting from the compiling of publicly
		863 available source code, may be exported from the United States under
		864 License Exception &quot;TSU&quot; pursuant to 15 C.F.R. Section 740.13(e).</strong></blockquote>
		865 <p>This legal notice applies to cryptographic software only. Please see the
		866 <a class="reference external" href="https://www.bis.doc.gov/">Bureau of Industry and Security</a> for more information about current U.S.
		867 regulations.</p>
		868 <p>Our servers are located in Corvallis, Oregon, USA; Palo Alto and San
		869 Francisco, California, USA; Portland, Oregon, USA; and Montréal, Québec,
		870 Canada.</p>
		871 <p>Use in violation of any applicable laws is prohibited.</p>
		872 <p>Linux is a Registered Trademark of Linus Torvalds. All trademarks are
		873 property of their respective owners.</p>
		874 </div>
		875 </summary></entry><entry><title>About Linux Kernel</title><link href="https://www.kernel.org/linux.html" rel="alternate"></link><published>2017-04-13T06:05:03+00:00</published><updated>2017-04-13T06:05:03+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2017-04-13:linux.html</id><summary type="html"><div class="section" id="what-is-linux">
		876 <h2>What is Linux?</h2>
		877 <p>Linux is a clone of the operating system Unix, written from scratch by
		878 Linus Torvalds with assistance from a loosely-knit team of hackers
		879 across the Net. It aims towards POSIX and <a class="reference external" href="http://www.unix.org/">Single UNIX Specification</a>
		880 compliance.</p>
		881 <p>It has all the features you would expect in a modern fully-fledged Unix,
		882 including true multitasking, virtual memory, shared libraries, demand
		883 loading, shared copy-on-write executables, proper memory management, and
		884 multistack networking including IPv4 and IPv6.</p>
		885 <p>Although originally developed first for 32-bit x86-based PCs (386 or
		886 higher), today Linux also runs on a multitude of other processor
		887 architectures, in both 32- and 64-bit variants.</p>
		888 </div>
		889 <div class="section" id="new-to-linux">
		890 <h2>New to Linux?</h2>
		891 <p>If you're new to Linux, you don't want to download the kernel, which is
		892 just a component in a working Linux system. Instead, you want what is
		893 called a distribution of Linux, which is a complete Linux system. There
		894 are numerous distributions available for download on the Internet as
		895 well as for purchase from various vendors; some are general-purpose, and
		896 some are optimized for specific uses. We currently have mirrors of
		897 several distributions available at <a class="reference external" href="https://mirrors.kernel.org/">https://mirrors.kernel.org/</a>.</p>
		898 <p>Note, however, that most distributions are very large (several
		899 gigabytes), so unless you have a fast Internet link you may want to save
		900 yourself some hassle and purchase a CD-ROM with a distribution; such
		901 CD-ROMs are available from a number of vendors.</p>
		902 </div>
		903 <div class="section" id="mailing-lists">
		904 <h2>Mailing lists</h2>
		905 <p>The Linux kernel is discussed on the linux-kernel mailing list at
		906 <a class="reference external" href="http://vger.kernel.org/">vger.kernel.org</a>. Please read the <a class="reference external" href="http://www.tux.org/lkml/">FAQ</a> before subscribing.</p>
		907 <p>Although there is no official archive site, unofficial archives of the list can be found at:</p>
		908 <ul class="simple">
		909 <li><a class="reference external" href="https://lkml.org/">https://lkml.org/</a></li>
		910 <li><a class="reference external" href="https://marc.info/?l=linux-kernel">https://marc.info/?l=linux-kernel</a></li>
		911 </ul>
		912 </div>
		913 </summary></entry><entry><title>Contacts</title><link href="https://www.kernel.org/contact.html" rel="alternate"></link><published>2017-04-13T06:05:03+00:00</published><updated>2017-04-13T06:05:03+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2017-04-13:contact.html</id><summary type="html"><p>Email is the only reliable way of contacting Kernel.org administrators.</p>
		914 <div class="section" id="general-contacts">
		915 <h2>General contacts</h2>
		916 <dl class="docutils">
		917 <dt><a class="reference external" href="mailto:webmaster&#64;kernel.org">webmaster&#64;kernel.org</a>:</dt>
		918 <dd>General requests and comments about kernel.org infrastructure.</dd>
		919 <dt><a class="reference external" href="mailto:ftpadmin&#64;kernel.org">ftpadmin&#64;kernel.org</a>:</dt>
		920 <dd>Questions or comments about kernel.org mirrors.</dd>
		921 <dt><a class="reference external" href="mailto:keys&#64;kernel.org">keys&#64;kernel.org</a>:</dt>
		922 <dd>Account requests (see <a class="reference external" href="https://www.kernel.org/faq.html">FAQ</a>)</dd>
		923 </dl>
		924 <p><strong>Please do not send general Linux questions or bug reports to these
		925 addresses. We do not have the resources to reply to them.</strong></p>
		926 <p>Please try the following sites for general Linux help:</p>
		927 <ul class="simple">
		928 <li><a class="reference external" href="https://superuser.com/">https://superuser.com/</a> - for computer enthusiasts and power users</li>
		929 <li><a class="reference external" href="https://serverfault.com/">https://serverfault.com/</a> - for systems administrators</li>
		930 <li><a class="reference external" href="https://askubuntu.com/">https://askubuntu.com/</a> - for users of Ubuntu Linux</li>
		931 </ul>
		932 <p>Linux Foundation also offers training opportunities if you are
		933 interested in learning more about Linux, want to become a more
		934 proficient Linux systems administrator, or want to know more about how
		935 Linux can help your company succeed.</p>
		936 <ul class="simple">
		937 <li><a class="reference external" href="https://training.linuxfoundation.org/">https://training.linuxfoundation.org/</a></li>
		938 </ul>
		939 </div>
		940 <div class="section" id="mailing-address">
		941 <h2>Mailing address</h2>
		942 <p>Please send any mail correspondence to the Linux Foundation:</p>
		943 <blockquote>
		944 <div class="line-block">
		945 <div class="line">The Linux Foundation</div>
		946 <div class="line">1 Letterman Drive</div>
		947 <div class="line">Building D, Suite D4700</div>
		948 <div class="line">San Francisco, CA 94129</div>
		949 <div class="line">Phone/Fax: +1 415 723 9709</div>
		950 </div>
		951 </blockquote>
		952 </div>
		953 </summary></entry><entry><title>Fast new frontends with Packet</title><link href="https://www.kernel.org/fast-new-frontends-with-packet.html" rel="alternate"></link><published>2017-03-11T00:00:00+00:00</published><updated>2017-03-11T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2017-03-11:fast-new-frontends-with-packet.html</id><summary type="html"><img alt="Packet logo" class="align-left" src="https://www.kernel.org/static/news/images/packet-logo.png" style="width: 176px; height: 60px;" />
		954 <p>We are extremely happy to announce that <a class="reference external" href="https://www.packet.net/">Packet</a> has graciously donated
		955 the new hardware systems providing read-only public access to the
		956 kernel.org git repositories and the public website (git.kernel.org and
		957 www.kernel.org, respectively). We have avoided using cloud providers in
		958 the past due to security implications of sharing hypervisor memory with
		959 external parties, but Packet's hardware-based single-tenant approach
		960 satisfies our security requirements while taking over the burden of
		961 setting up and managing the physical hardware in multiple worldwide
		962 datacenters.</p>
		963 <p>As of March 11, 2017, the four new public frontends are located in the
		964 following geographical locations:</p>
		965 <ul class="simple">
		966 <li>San Jose, California, USA</li>
		967 <li>Parsippany, New Jersey, USA</li>
		968 <li>Amsterdam, Netherlands</li>
		969 <li>Tokyo, Japan</li>
		970 </ul>
		971 <p>We have changed our DNS configuration to support GeoDNS, so your
		972 requests should be routed to the frontend nearest to you.</p>
		973 <p>Each Packet-hosted system is <a class="reference external" href="https://www.packet.net/bare-metal/servers/type-2-virtualization/">significantly more powerful</a> than our
		974 previous generation frontends and have triple the amount of available
		975 RAM, so they should be a lot more responsive even when a lot of people
		976 are cloning linux.git simultaneously.</p>
		977 <p>Our special thanks to the following organizations who have graciously
		978 donated hosting for the previous incarnation of kernel.org frontends:</p>
		979 <ul class="simple">
		980 <li><a class="reference external" href="https://www.isc.org/">Internet Systems Consortium</a></li>
		981 <li><a class="reference external" href="https://www.vexxhost.com/">Vexxhost</a></li>
		982 <li><a class="reference external" href="https://www.tizen.org/">Tizen</a></li>
		983 </ul>
		984 <p>If you notice any problems with the new systems, please email
		985 <a class="reference external" href="mailto:helpdesk&#64;kernel.org">helpdesk&#64;kernel.org</a>.</p>
		986 </summary></entry><entry><title>Shutting down FTP services</title><link href="https://www.kernel.org/shutting-down-ftp-services.html" rel="alternate"></link><published>2017-01-27T00:00:00+00:00</published><updated>2017-01-27T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2017-01-27:shutting-down-ftp-services.html</id><summary type="html"><p>Those of you who have been around for a while may remember a time when
		987 you used to be able to mount kernel.org directly as a partition on your
		988 system using NFS (or even SMB/CIFS). The Wayback Machine shows that this
		989 was still advertised some time in <a class="reference external" href="https://web.archive.org/web/19980130085039/http://www.kernel.org/">January 1998</a>, but was removed by
		990 the time the <a class="reference external" href="https://web.archive.org/web/19981212030306/http://www.kernel.org/">December 1998</a> copy was made.</p>
		991 <p>Let's face it -- while kinda neat and convenient, offering a public
		992 NFS/CIFS server was a Pretty Bad Idea, not only because both these
		993 protocols are pretty terrible over high latency connections, but also
		994 because of important security implications.</p>
		995 <p>Well, 19 years later we're thinking it's time to terminate another
		996 service that has important protocol and security implications -- our
		997 FTP servers. Our decision is driven by the following considerations:</p>
		998 <ul class="simple">
		999 <li>The protocol is inefficient and requires adding awkward kludges to
		1000 firewalls and load-balancing daemons</li>
		1001 <li>FTP servers have no support for caching or accelerators, which has
		1002 significant performance impacts</li>
		1003 <li>Most software implementations have stagnated and see infrequent updates</li>
		1004 </ul>
		1005 <p>All kernel.org FTP services will be shut down by the end of this year.
		1006 In hopes to minimise the potential disruption, we will be doing it in
		1007 two stages:</p>
		1008 <ol class="arabic simple">
		1009 <li><a class="reference external" href="ftp://ftp.kernel.org/">ftp://ftp.kernel.org/</a> service will be terminated on March 1, 2017</li>
		1010 <li><a class="reference external" href="ftp://mirrors.kernel.org/">ftp://mirrors.kernel.org/</a> service will be terminated on December 1, 2017</li>
		1011 </ol>
		1012 <p>If you have any concerns, please feel free to contact
		1013 <a class="reference external" href="mailto:ftpadmin&#64;kernel.org">ftpadmin&#64;kernel.org</a> (ah, the irony).</p>
		1014 </summary></entry><entry><title>Gandi.net TLS certificates</title><link href="https://www.kernel.org/gandinet-tls-certificates.html" rel="alternate"></link><published>2016-10-11T00:00:00+00:00</published><updated>2016-10-11T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2016-10-11:gandinet-tls-certificates.html</id><summary type="html"><img alt="Gandi logo" class="align-left" src="https://www.kernel.org/static/news/images/gandi-logo.png" style="width: 202px; height: 60px;" />
		1015 <p>If your browser alerted you that the site certificates have changed,
		1016 that would be because we replaced our StartCOM, Ltd certificates with
		1017 those offered by our DNS registrar, <a class="reference external" href="https://gandi.net/">Gandi</a>. We are very thankful to
		1018 Gandi for this opportunity.</p>
		1019 <p>A common question is why we aren't using the certificates offered by the
		1020 <a class="reference external" href="https://letsencrypt.org/">Let's Encrypt project</a>, and the answer is that there are several
		1021 technical hurdles (on our end) that currently make it complicated. Once
		1022 we resolve them, we will most likely switch to using certificates issued
		1023 by our fellow Linux Foundation project.</p>
		1024 </summary></entry><entry><title>Cloning Linux from a bundle</title><link href="https://www.kernel.org/cloning-linux-from-a-bundle.html" rel="alternate"></link><published>2016-03-02T00:00:00+00:00</published><updated>2016-03-02T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2016-03-02:cloning-linux-from-a-bundle.html</id><summary type="html"><p>If you find yourself on an unreliable Internet connection and need to
		1025 perform a fresh clone of Linux.git, you may find it tricky to do so if
		1026 your connection resets before you are able to complete the clone. There
		1027 is currently no way to resume a git clone using git, but there is a neat
		1028 trick you can use instead of cloning directly -- using <a class="reference external" href="https://git-scm.com/docs/git-bundle">git bundle</a>
		1029 files.</p>
		1030 <p>Here is how you would do it.</p>
		1031 <ol class="arabic">
		1032 <li><p class="first">Start with &quot;<tt class="docutils literal">wget <span class="pre">-c</span></tt>&quot;, which tells wget to continue interrupted
		1033 downloads. If your connection resets, just rerun the same command while
		1034 in the same directory, and it will pick up where it left off:</p>
		1035 <pre class="literal-block">
		1036 wget -c https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/clone.bundle
		1037 </pre>
		1038 </li>
		1039 <li><p class="first">Once the download is completed, verify that the bundle has downloaded
		1040 correctly:</p>
		1041 <pre class="literal-block">
		1042 git bundle verify clone.bundle
		1043 ...
		1044 clone.bundle is okay
		1045 </pre>
		1046 </li>
		1047 <li><p class="first">Next, clone from the bundle:</p>
		1048 <pre class="literal-block">
		1049 git clone clone.bundle linux
		1050 </pre>
		1051 </li>
		1052 <li><p class="first">Now, point the origin to the live git repository and get the latest changes:</p>
		1053 <pre class="literal-block">
		1054 cd linux
		1055 git remote remove origin
		1056 git remote add origin https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
		1057 git pull origin master
		1058 </pre>
		1059 </li>
		1060 </ol>
		1061 <p>Once this is done, you can delete the &quot;<tt class="docutils literal">clone.bundle</tt>&quot; file, unless
		1062 you think you will need to perform a fresh clone again in the future.</p>
		1063 <p>The &quot;<tt class="docutils literal">clone.bundle</tt>&quot; files are generated weekly on Sunday, so they
		1064 should contain most objects you need, even during kernel merge windows
		1065 when there are lots of changes committed daily.</p>
		1066 </summary></entry><entry><title>Introducing Fastly CDN</title><link href="https://www.kernel.org/introducing-fastly-cdn.html" rel="alternate"></link><published>2015-10-05T00:00:00+00:00</published><updated>2015-10-05T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2015-10-05:introducing-fastly-cdn.html</id><summary type="html"><img alt="Fastly logo" class="align-left" src="https://www.kernel.org/static/news/images/fastly-logo.png" style="width: 156px; height: 60px;" />
		1067 <p>We are happy to announce that <a class="reference external" href="https://fastly.com/">Fastly</a> has offered their worldwide CDN
		1068 network to provide fast download services for Linux kernel releases,
		1069 which should improve download speeds for those of you located outside
		1070 North America. We have modified the front page to offer CDN-powered
		1071 download links, but all the existing URLs should continue to work.</p>
		1072 <p>If you would like to avoid using Fastly, you can simply change the URL
		1073 to have &quot;www.kernel.org&quot; instead of &quot;cdn.kernel.org&quot;. As always, please
		1074 use <a class="reference external" href="https://kernel.org/signature.html">PGP Signature Verification</a> for all downloaded files regardless of
		1075 where you got them.</p>
		1076 </summary></entry><entry><title>Hurr, Durr Im'a Sheep</title><link href="https://www.kernel.org/hurr-durr-ima-sheep.html" rel="alternate"></link><published>2015-04-01T00:00:00+00:00</published><updated>2015-04-01T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2015-04-01:hurr-durr-ima-sheep.html</id><summary type="html"><p>Linus named the upcoming 4.0 release of the kernel &quot;Hurr Durr I'ma
		1077 Sheep&quot; (see his <a class="reference external" href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c517d838eb7d07bbe9507871fab3931deccff539">git commit</a>), so we are celebrating this April Fool's
		1078 day with a minor prank. If you've been redirected to
		1079 <a class="reference external" href="https://imasheep.hurrdurr.org/">imasheep.hurrdurr.org</a>, do not panic. It's all part of the joke.</p>
		1080 <p>We've also restored all FTP and Rsync access to the
		1081 <a class="reference external" href="https://mirrors.kernel.org/">mirrors.kernel.org</a> servers, as we seem to have resolved our SSD
		1082 and dm_cache problems. If you're still using FTP, however, please
		1083 consider switching to HTTP. FTP is a protocol designed for a different
		1084 era -- these days everyone should be avoiding it for <a class="reference external" href="http://mywiki.wooledge.org/FtpMustDie">multiple
		1085 reasons</a>.</p>
		1086 </summary></entry><entry><title>FTP limited on mirrors.kernel.org</title><link href="https://www.kernel.org/ftp-limited-on-mirrorskernelorg.html" rel="alternate"></link><published>2015-02-03T00:00:00+00:00</published><updated>2015-02-03T00:00:00+00:00</updated><author><name>Konstantin Ryabitsev</name></author><id>tag:https://www.kernel.org,2015-02-03:ftp-limited-on-mirrorskernelorg.html</id><summary type="html"><p>We've had to temporarily limit FTP access to mirrors.kernel.org due
		1087 to high IO load.</p>
		1088 <p>We have recently upgraded our hardware in order to increase capacity --
		1089 16TB was no longer nearly sufficient enough to host all the distro
		1090 mirrors and archives. We chose larger but slower disks and offset the
		1091 loss of performance by heavily utilizing SSD IO caching using dm-cache.</p>
		1092 <p>While it was performing very well, we have unfortunately run across an
		1093 FS data corruption bug somewhere along this stack:</p>
		1094 <pre class="literal-block">
		1095 megaraid_sas + dm_cache + libvirt/virtio + xfs
		1096 </pre>
		1097 <p>We've temporarily removed dm-cache from the picture and switched to
		1098 Varnish on top of SSD for http object caching. Unfortunately, as Varnish
		1099 does not support FTP, we had to restrict FTP protocol to a limited
		1100 number of concurrent sessions in order to reduce disk IO. If you are
		1101 affected by this, simply switch to HTTP protocol that does not have such
		1102 restrictions.</p>
		1103 <p>This is a temporary measure until we identify the dm-cache problem that
		1104 was causing data corruption, at which point we will restore unrestricted
		1105 FTP access.</p>
		1106 </summary></entry><entry><title>Heartbleed statement</title><link href="https://www.kernel.org/heartbleed-statement.html" rel="alternate"></link><published>2014-04-10T00:00:00+00:00</published><updated>2014-04-10T00:00:00+00:00</updated><author><name>Konstantin Ryabitsev</name></author><id>tag:https://www.kernel.org,2014-04-10:heartbleed-statement.html</id><summary type="html"><p>Since we rely on the OpenSSL library for serving most of our websites,
		1107 we, together with most of the rest of the open-source world, were
		1108 vulnerable to the <a class="reference external" href="http://heartbleed.com/">HeartBleed</a> vulnerability. We have switched to the
		1109 patched version of OpenSSL within hours of it becoming available, plus
		1110 have performed the following steps to mitigate any sensitive information
		1111 leaked via malicious SSL heartbeat requests:</p>
		1112 <ul class="simple">
		1113 <li>Replaced all SSL keys across all kernel.org sites.</li>
		1114 <li>Expired all active sessions on Bugzilla, Patchwork, and Mediawiki
		1115 sites, requiring everyone to re-login.</li>
		1116 <li>Changed all passwords used for admin-level access to the above sites.</li>
		1117 </ul>
		1118 <p>As kernel.org developers do not rely on SSL to access git repositories,
		1119 there is no need to replace any SSH or PGP keys used for developer
		1120 authentication.</p>
		1121 <p>If you have any questions or concerns, please email us at
		1122 <a class="reference external" href="mailto:webmaster&#64;kernel.org">webmaster&#64;kernel.org</a> for more information.</p>
		1123 </summary></entry><entry><title>Happy new year and good-bye bzip2</title><link href="https://www.kernel.org/happy-new-year-and-good-bye-bzip2.html" rel="alternate"></link><published>2013-12-27T00:00:00+00:00</published><updated>2013-12-27T00:00:00+00:00</updated><author><name>Konstantin Ryabitsev</name></author><id>tag:https://www.kernel.org,2013-12-27:happy-new-year-and-good-bye-bzip2.html</id><summary type="html"><div class="section" id="good-bye-bzip2">
		1124 <h2>Good-bye bzip2</h2>
		1125 <p>We started listing xz-compressed versions of kernel archives in all our
		1126 announcements back in March 2013, and the time has come to complete the
		1127 switch. Effective immediately, we will no longer be providing
		1128 bzip2-compressed versions for new releases of the Linux kernel and other
		1129 software. Any previously released .tar.bz2 archives will continue to be
		1130 available without change, and we will also continue to provide
		1131 gzip-compressed versions of all new releases for the foreseeable future.</p>
		1132 <p>So, from now on, all releases will be offered as both .tar.gz and
		1133 .tar.xz, but not as .tar.bz2. We apologize if this interferes with any
		1134 automated tools.</p>
		1135 </div>
		1136 <div class="section" id="happy-new-year">
		1137 <h2>Happy new year!</h2>
		1138 <p>Happy new year to all kernel.org users and visitors. The Linux
		1139 Foundation and Linux Kernel Archives teams extend their warmest wishes
		1140 to you all, and we hope that 2014 proves to be just as awesome (or
		1141 awesomer) for the Linux kernel.</p>
		1142 </div>
		1143 </summary></entry><entry><title>New frontend and googlesource.com</title><link href="https://www.kernel.org/new-frontend-and-googlesourcecom.html" rel="alternate"></link><published>2013-11-28T00:00:00+00:00</published><updated>2013-11-28T00:00:00+00:00</updated><author><name>Konstantin Ryabitsev</name></author><id>tag:https://www.kernel.org,2013-11-28:new-frontend-and-googlesourcecom.html</id><summary type="html"><div class="section" id="montreal-frontend">
		1144 <h2>Montreal frontend</h2>
		1145 <p>We have added another official frontend for serving the kernel content,
		1146 courtesy of <a class="reference external" href="https://vexxhost.com">Vexxhost, Inc</a>. There is now a total of three frontends,
		1147 one in Palo Alto, California, one in Portland, Oregon, and one in
		1148 Montreal, Quebec. This should allow for better geographic dispersion of
		1149 official mirrors, as well as better fault tolerance.</p>
		1150 </div>
		1151 <div class="section" id="kernel-googlesource-com">
		1152 <h2>Kernel.googlesource.com</h2>
		1153 <p>We are happy to announce that kernel.googlesource.com is now relying on
		1154 grokmirror manifest data to efficiently mirror git.kernel.org, which
		1155 means that if accessing git.kernel.org is too high latency for you due
		1156 to your geographical location (EMEA, APAC), kernel.googlesource.com
		1157 should provide you with a fast local mirror that is at most 5 minutes
		1158 behind official sources.</p>
		1159 <p>We extend our thanks to Google for making this available to all kernel
		1160 hackers and enthusiasts worldwide.</p>
		1161 </div>
		1162 <div class="section" id="tls-1-2-and-pfs">
		1163 <h2>TLS 1.2 and PFS</h2>
		1164 <p>With the latest round of upgrades, we are now serving TLS 1.2 with PFS
		1165 across all kernel.org sites, offering higher protection against
		1166 eavesdropping.</p>
		1167 </div>
		1168 </summary></entry><entry><title>Mirroring kernel.org repositories</title><link href="https://www.kernel.org/mirroring-kernelorg-repositories.html" rel="alternate"></link><published>2013-06-03T00:00:00+00:00</published><updated>2013-06-03T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2013-06-03:mirroring-kernelorg-repositories.html</id><summary type="html"><p>If you would like to mirror all or a subset of kernel.org git
		1169 repositories, please use a tool we wrote for this purpose, called
		1170 grokmirror. Grokmirror is git-aware and will create a complete mirror of
		1171 kernel.org repositories and keep them automatically updated with no
		1172 further involvement on your part.</p>
		1173 <p>Grokmirror works by keeping track of repositories being updated by
		1174 downloading and comparing the master manifest file. This file is only
		1175 downloaded if it's newer on the server, and only the repositories that
		1176 have changed will be updated via &quot;git remote update&quot;.</p>
		1177 <p>You can read more about grokmirror by reading the <a class="reference external" href="https://git.kernel.org/cgit/utils/grokmirror/grokmirror.git/tree/README.rst">README</a> file.</p>
		1178 <div class="section" id="obtaining-grokmirror">
		1179 <h2>Obtaining grokmirror</h2>
		1180 <p>If grokmirror is not yet packaged for your distribution, you can obtain
		1181 it from a git repository:</p>
		1182 <pre class="literal-block">
		1183 git clone git://git.kernel.org/pub/scm/utils/grokmirror/grokmirror.git
		1184 </pre>
		1185 <p>In additon to git, you will need to install the following python
		1186 dependencies on your mirror server:</p>
		1187 <blockquote>
		1188 <ul class="simple">
		1189 <li><a class="reference external" href="https://pypi.python.org/pypi/GitPython/">GitPython</a></li>
		1190 </ul>
		1191 </blockquote>
		1192 </div>
		1193 <div class="section" id="setting-up-a-kernel-org-mirror">
		1194 <h2>Setting up a kernel.org mirror</h2>
		1195 <p>It is recommended that you create a dedicated &quot;mirror&quot; user that will
		1196 own all the content and run all the cron jobs. It is generally
		1197 discouraged to run this as user &quot;root&quot;.</p>
		1198 <p>The default repos.conf already comes pre-configured for kernel.org. We
		1199 reproduce the minimal configuration here:</p>
		1200 <pre class="literal-block">
		1201 [kernel.org]
		1202 site = git://git.kernel.org
		1203 manifest = http://git.kernel.org/manifest.js.gz
		1204 default_owner = Grokmirror User
		1205 #
		1206 # Where are we going to put the mirror on our disk?
		1207 toplevel = /var/lib/git/mirror
		1208 #
		1209 # Where do we store our own manifest? Usually in the toplevel.
		1210 mymanifest = /var/lib/git/mirror/manifest.js.gz
		1211 #
		1212 # Where do we put the logs?
		1213 log = /var/log/mirror/kernelorg.log
		1214 #
		1215 # Log level can be &quot;info&quot; or &quot;debug&quot;
		1216 loglevel = info
		1217 #
		1218 # To prevent multiple grok-pull instances from running at the same
		1219 # time, we first obtain an exclusive lock.
		1220 lock = /var/lock/mirror/kernelorg.lock
		1221 #
		1222 # Use shell-globbing to list the repositories you would like to mirror.
		1223 # If you want to mirror everything, just say &quot;*&quot;. Separate multiple entries
		1224 # with newline plus tab. Examples:
		1225 #
		1226 # mirror everything:
		1227 #include = *
		1228 #
		1229 # mirror just the main kernel sources:
		1230 #include = /pub/scm/linux/kernel/git/torvalds/linux.git
		1231 # /pub/scm/linux/kernel/git/stable/linux-stable.git
		1232 # /pub/scm/linux/kernel/git/next/linux-next.git
		1233 #
		1234 # mirror just git:
		1235 #include = /pub/scm/git/*
		1236 include = *
		1237 #
		1238 # This is processed after the include. If you want to exclude some specific
		1239 # entries from an all-inclusive globbing above. E.g., to exclude all
		1240 # linux-2.4 git sources:
		1241 #exclude = /linux-2.4
		1242 exclude =
		1243 </pre>
		1244 <p>Install this configuration file anywhere that makes sense in your
		1245 environment. You'll need to make sure that the following directories (or
		1246 whatever you changed them to) are writable by the &quot;mirror&quot; user:</p>
		1247 <blockquote>
		1248 <ul class="simple">
		1249 <li><tt class="docutils literal">/var/lib/git/mirror</tt></li>
		1250 <li><tt class="docutils literal">/var/log/mirror</tt></li>
		1251 <li><tt class="docutils literal">/var/lock/mirror</tt></li>
		1252 </ul>
		1253 </blockquote>
		1254 </div>
		1255 <div class="section" id="mirroring-kernel-org-git-repositories">
		1256 <h2>Mirroring kernel.org git repositories</h2>
		1257 <p>Now all you need to do is to add a cronjob that will check the
		1258 kernel.org mirror for updates. The following entry in
		1259 <tt class="docutils literal">/etc/cron.d/grokmirror.cron</tt> will check the mirror every 5 minutes:</p>
		1260 <pre class="literal-block">
		1261 # Run grok-pull every 5 minutes as &quot;mirror&quot; user
		1262 /5 * * * mirror /usr/bin/grok-pull -p -c /etc/grokmirror/repos.conf
		1263 </pre>
		1264 <p>(You will need to adjust the paths to the grok-pull command and to
		1265 repos.conf accordingly to reflect your environment.)</p>
		1266 <p>The initial run will take many hours to complete, as it will need to
		1267 download about 50 GB of data.</p>
		1268 </div>
		1269 <div class="section" id="mirroring-a-subset-of-repositories">
		1270 <h2>Mirroring a subset of repositories</h2>
		1271 <p>If you are only interested in carrying a subset of git repositories
		1272 instead of all of them, you are welcome to tweak the <tt class="docutils literal">include</tt> and
		1273 <tt class="docutils literal">exclude</tt> parameters.</p>
		1274 </div>
		1275 </summary></entry><entry><title>Fifty shades of Tux</title><link href="https://www.kernel.org/fifty-shades-of-tux.html" rel="alternate"></link><published>2013-05-07T00:00:00+00:00</published><updated>2013-05-07T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2013-05-07:fifty-shades-of-tux.html</id><summary type="html"><p>Special thanks to Benoît Monin for donating a MIT-licensed CSS theme to
		1276 the kernel.org project to replace the one we hastily put together.
		1277 Though the Pelican authors have since obtained a free-license
		1278 commitment from the copyright owners of the CSS files shipping with
		1279 Pelican, we wanted to have something that looked a bit less like the
		1280 default theme anyway.</p>
		1281 <p>If anyone else wants to participate, full sources of the kernel.org
		1282 website are available from the <a class="reference external" href="https://git.kernel.org/cgit/docs/kernel/website.git">git repository</a>.</p>
		1283 </summary></entry><entry><title>XZ by default and JSON</title><link href="https://www.kernel.org/xz-by-default-and-json.html" rel="alternate"></link><published>2013-03-11T00:00:00+00:00</published><updated>2013-03-11T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2013-03-11:xz-by-default-and-json.html</id><summary type="html"><p>We've implemented two oft-requested features today:</p>
		1284 <ol class="arabic simple">
		1285 <li>The download links now default to .tar.xz versions of archives</li>
		1286 <li>There is now a JSON file with the release information located in
		1287 <a class="reference external" href="https://www.kernel.org/releases.json">https://www.kernel.org/releases.json</a>. If you've been screen-scraping
		1288 the front page, please use this instead.</li>
		1289 </ol>
		1290 <p>If you have any other feature suggestions, please send them to
		1291 <a class="reference external" href="mailto:webmaster&#64;kernel.org">webmaster&#64;kernel.org</a>.</p>
		1292 </summary></entry><entry><title>/pub tree resync-ing</title><link href="https://www.kernel.org/pub-tree-resync-ing.html" rel="alternate"></link><published>2013-03-08T00:00:00+00:00</published><updated>2013-03-08T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2013-03-08:pub-tree-resync-ing.html</id><summary type="html"><p>Due to a failure in one of the rsync scripts during the maintenance
		1293 window, the mirrors of /pub hierarchy on www.kernel.org got erased. We
		1294 are resyncing them now from the master storage, but in the meantime you
		1295 will probably get an occasional &quot;Forbidden&quot;. The entirety of the archive
		1296 should be rsync'ed in a few hours.</p>
		1297 <p>We apologize profusely for the problem and will fix the script to make
		1298 sure this doesn't happen again.</p>
		1299 <p>Contents of git.kernel.org are unaffected.</p>
		1300 </summary></entry><entry><title>Cleanroom styles</title><link href="https://www.kernel.org/cleanroom-styles.html" rel="alternate"></link><published>2013-03-03T00:00:00+00:00</published><updated>2013-03-03T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2013-03-03:cleanroom-styles.html</id><summary type="html"><p>You are probably wondering what happened to the site's look.
		1301 Unfortunately, we've been alerted that the default theme shipped by
		1302 Pelican (which we largely adapted) has an unclear license. Until this is
		1303 cleared up, we've put together a quick-and-dirty cleanroom CSS
		1304 reimplementation that preserves the functional aspects of the site, but
		1305 sacrifices a lot of the bells and whistles.</p>
		1306 <p>If you are a CSS designer and would like to donate your own cleanroom
		1307 style, please let us know at <a class="reference external" href="mailto:webmaster&#64;kernel.org">webmaster&#64;kernel.org</a>.</p>
		1308 <p>Our apologies, and we promise to keep a keener eye on licensing
		1309 details of various templates distributed with open-source products.</p>
		1310 </summary></entry><entry><title>Pelican</title><link href="https://www.kernel.org/pelican.html" rel="alternate"></link><published>2013-03-01T00:00:00+00:00</published><updated>2013-03-01T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2013-03-01:pelican.html</id><summary type="html"><p>Welcome to the reworked kernel.org website. We have switched to using
		1311 <a class="reference external" href="http://docs.getpelican.com/">Pelican</a> in order to statically render our site content, which
		1312 simplifies mirroring and distribution. You can view the sources used to
		1313 build this website in its own <a class="reference external" href="https://git.kernel.org/?p=docs/kernel/website.git;a=summary">git repository</a>.</p>
		1314 <p>Additionally, we have switched from using gitweb-caching to using <a class="reference external" href="https://git.zx2c4.com/cgit/">cgit</a>
		1315 for <a class="reference external" href="https://git.kernel.org/cgit/">browsing git repositories</a>. There are rewrite rules in place to
		1316 forward old gitweb URLs to the pages serviced by cgit, so there
		1317 shouldn't be any broken links, hopefully. If you notice that something
		1318 that used to work with gitweb no longer works for you with cgit, please
		1319 drop us a note at <a class="reference external" href="mailto:webmaster&#64;kernel.org">webmaster&#64;kernel.org</a>.</p>
		1320 </summary></entry><entry><title>Legal disclaimers and copyright</title><link href="https://www.kernel.org/legal.html" rel="alternate"></link><published>2013-01-01T00:00:00+00:00</published><updated>2013-01-01T00:00:00+00:00</updated><author><name></name></author><id>tag:https://www.kernel.org,2013-01-01:legal.html</id><summary type="html"><div class="section" id="copyright-and-license">
		1321 <h2>Copyright and license</h2>
		1322 <p>Except where otherwise stated, content on this site is
		1323 copyright (C) 1997-2014 by The Linux Kernel Organization, Inc.
		1324 and is made available to you under the
		1325 <a class="reference external" href="https://creativecommons.org/licenses/by-sa/4.0/">Creative Commons Attribution ShareAlike 4.0 International License</a>.</p>
		1326 <p>Distributed software is copyrighted by their respective contributors and
		1327 are distributed under their own individual licenses.</p>
		1328 </div>
		1329 <div class="section" id="legal-disclaimer">
		1330 <h2>Legal Disclaimer</h2>
		1331 <p>This site is provided as a public service by The Linux Kernel
		1332 Organization Inc., a California <a class="reference external" href="https://www.kernel.org/nonprofit.html">501(c)3 nonprofit corporation</a>. Our
		1333 servers are located in San Francisco, CA, USA; Palo Alto, CA, USA;
		1334 Corvallis, OR, USA; Portland, OR, USA and Montréal, Québec, Canada. Use
		1335 in violation of any applicable laws is strictly prohibited.</p>
		1336 <p>Neither the Linux Kernel Organization nor any of its sponsors make any
		1337 guarantees, explicit or implicit, about the contents of this site. Use
		1338 at your own risk.</p>
		1339 </div>
		1340 <div class="section" id="trademarks">
		1341 <h2>Trademarks</h2>
		1342 <p>Linux is a Registered Trademark of Linus Torvalds. All trademarks are
		1343 property of their respective owners.</p>
		1344 </div>
		1345

Response: application/gopher-menu

Original URL	gopher://codemadness.org/1/git/sfeed_tests/file/input/sfe...
Content-Type	application/gopher-menu; charset=utf-8