[PATCH RESEND] checkpatch: validate upstream commit tags for stable backports

From: Yunseong Kim

Date: Tue May 05 2026 - 07:44:56 EST


According to the stable kernel rules (Option 3), backported patches
should include the upstream commit reference using the SHA1 in one of
two specific formats:

1. commit <40 length sha1> upstream.
2. [ Upstream commit <40 length sha1> ]

Currently, checkpatch.pl does not validate these stable-specific
formats, allowing truncated SHA1 characters to pass without notice.

These tags often conflict with the standard GIT_COMMIT_ID rule, which
expects a "12+ chars of sha1" followed by the commit subject in
parentheses. This causes checkpatch to trigger false positive errors.

ERROR: Please use git commit description style 'commit <12+ chars of sha1> ("<title line>")'
- ie: 'commit e9acda52fd2e ("bonding: fix use-after-free due to enslave fail after slave array update")
#9:
[ Upstream commit e9acda52fd2ee0cdca332f996da7a95c5fd25294 ]

Add validation to ensure these tags use the required 40-hex-character
SHA1 and provide a warning if the format is malformed. For example:

WARNING: Malformed 'commit ... upstream.' line - expected 'commit <40 hex chars SHA1> upstream.'
#7:
commit e9acda5 upstream.

WARNING: Malformed '[ Upstream commit ]' line - expected '[ Upstream commit <40 hex chars SHA1> ]'
#7:
[ Upstream commit e9acda5 ]

Link: https://docs.kernel.org/process/stable-kernel-rules.html#option-3
Signed-off-by: Yunseong Kim <yunseong.kim@xxxxxxxx>
---
scripts/checkpatch.pl | 22 +++++++++++++++++++++-
1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index 3727156e4cca..b2058cd93465 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -3468,7 +3468,10 @@ sub process {

if (defined($id) &&
($short || $long || $space || $case || ($orig_desc ne $description) || !$has_quotes) &&
- $last_git_commit_id_linenr != $linenr - 1) {
+ $last_git_commit_id_linenr != $linenr - 1 &&
+ $line !~ /^\s*commit [0-9a-f]+ upstream\b/ &&
+ $line !~ /^\s*\[\s*Upstream commit [0-9a-f]+\s*\]/) {
+
ERROR("GIT_COMMIT_ID",
"Please use git commit description style 'commit <12+ chars of sha1> (\"<title line>\")' - ie: '${init_char}ommit $id (\"$description\")'\n" . $herectx);
}
@@ -3476,6 +3479,23 @@ sub process {
$last_git_commit_id_linenr = $linenr if ($line =~ /\bcommit\s*$/i);
}

+# Check '[ Upstream commit <sha1> ]' or 'commit <sha1> upstream.' format in stable patches
+ if ($in_commit_log &&
+ $line =~ /^\s*commit [0-9a-f]+ upstream\b/) {
+ if ($line !~ /^\s*commit [0-9a-f]{40} upstream\./) {
+ WARN("BAD_UPSTREAM_COMMIT",
+ "Malformed 'commit ... upstream.' line - expected 'commit <40 hex chars SHA1> upstream.'\n" . $herecurr);
+ }
+ }
+
+ if ($in_commit_log &&
+ $line =~ /^\s*\[\s*Upstream commit\b/) {
+ if ($line !~ /^\s*\[\s*Upstream commit [0-9a-f]{40}\s*\]/) {
+ WARN("BAD_UPSTREAM_COMMIT",
+ "Malformed '[ Upstream commit ]' line - expected '[ Upstream commit <40 hex chars SHA1> ]'\n" . $herecurr);
+ }
+ }
+
# Check for mailing list archives other than lore.kernel.org
if ($rawline =~ m{http.*\b$obsolete_archives}) {
WARN("PREFER_LORE_ARCHIVE",
--
2.43.0