[PATCH v3 6/7] Documentation/security-bugs: clarify hardware vs. software vulnerabilities

[Vegard Nossum]

We should emphasize the fact that we have a separate document for
reporting hardware vulnerabilities.

Link: https://lore.kernel.org/all/nycvar.YFH.7.76.2206062326230.10851@xxxxxxxxxxxxx/
Suggested-by: Jiri Kosina <jikos@xxxxxxxxxx>
Signed-off-by: Vegard Nossum <vegard.nossum@xxxxxxxxxx>
---
 Documentation/process/security-bugs.rst | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Documentation/process/security-bugs.rst b/Documentation/process/security-bugs.rst
index 61742dcfea50..7bd59587332a 100644
--- a/Documentation/process/security-bugs.rst
+++ b/Documentation/process/security-bugs.rst
@@ -15,6 +15,10 @@ While the security list is closed, the security team may bring in extra
 help from the relevant maintainers to understand and fix the security
 vulnerability.
 
+The security list is mainly for software vulnerabilities.  For hardware
+security vulnerabilities, see
+Documentation/process/embargoed-hardware-issues.rst instead.
+
 Note that the main interest of the kernel security list is in getting
 bugs fixed and getting patches reviewed, tested, and merged; CVE
 assignment, disclosure to distributions, and public disclosure happen on
-- 
2.40.0.rc1.2.gd15644fe02