Why Linus Torvalds Just Told the World: You Own Every Line of AI Code in the Linux Kernel

• AI agents cannot add a Signed-off-by tag. This tag is the legally binding Developer Certificate of Origin (DCO), and the policy is explicit that only a human can legally certify it . An AI has no legal standing.
• A new Assisted-by tag is recommended, but not enforced. The policy encourages, but does not mandate, developers to disclose when they have used an AI tool . The goal is transparency, not a rigid rule.
• Humans bear full legal and technical responsibility. The person who submits the patch is accountable for every line of AI-generated code and any resulting bugs or security vulnerabilities . There are no exceptions.
• License compatibility is non-negotiable. All AI-produced code in contributions must be compatible with the kernel's GPL-2.0-only license . This is a safeguard against potential license contamination from AI models trained on code with conflicting licenses.

Torvalds' approach is characteristically blunt. He has called the endless debating about AI in documentation "pointless posturing" and stated that documentation is for "good actors," not the people who would submit AI spam anyway . The real defense, he argues, is that "anybody can send garbage, but maintainers can ignore it" . This policy, therefore, is designed to equip those maintainers—not to stop bad actors, but to create a framework where the good ones act responsibly.

The Breaking Point: An "Unmanageable" Flood of AI Bug Spam

If the code submission policy was proactive, the security reporting rule was a direct reaction to a crisis. In May 2026, Torvalds publicly announced that the Linux kernel's private security mailing list had become "almost entirely unmanageable" . The cause was an overwhelming volume of AI-generated vulnerability reports.

These were not high-quality findings. They were drive-by, often duplicate or entirely hallucinated reports from people who did not understand the code they claimed to be analyzing . Torvalds described them as coming from "drive-by contributors" who fire off a report and disappear, without checking whether an issue was already fixed or even understanding the subsystem they were looking at .

The updated documentation now mandates a simple rule: if you find a potential bug using an AI tool, you must report it publicly to the relevant maintainer. Reports are banned from the private security list and must be in plain text, concise, and include a verified method to reproduce the bug . Torvalds' preference is even stronger: he wants contributors who find real issues to understand the problem deeply and submit a patch to fix it, not just send a report .

The Three Headaches AI Poses for Open Source

The Linux kernel's twin policies are a microcosm of the larger challenges that AI-generated code presents for all open-source projects. The crisis on the security mailing list and the strict liability rule highlight three systemic problems.

1. Maintainer Burnout at Scale

Open-source maintenance is already a high-burnout activity with limited review bandwidth. AI tools multiply the volume of submissions by orders of magnitude, but the number of human hours available to evaluate them remains fixed . The signal-to-noise ratio collapses. The kernel's answer is a bet on triage: make the rules clear enough so low-quality, AI-generated contributions can be dismissed quickly and without apology.

2. The Liability Vacuum

Traditional open-source quality assurance relies on a developer's reputation and the legal commitment of the DCO. An AI agent provides neither. It can produce code that looks correct but is subtly wrong or plagiarized. The kernel's solution is to anchor all liability on the human submitter, making it impossible to blame an AI for a disastrous patch . However, this places a governance burden on the human that many smaller, less structured projects may find difficult to replicate or enforce.

3. A Fork in the Road for LLMs: Copilot Is In, "Slop" Is Out

A remarkable detail of the new policy is a specific carve-out: GitHub Copilot, a Microsoft-owned AI coding assistant, is explicitly approved for use in kernel contributions . The distinction drawn by the maintainers is not between "AI" and "human," but between careful, assisted development and irresponsible automation. The term "AI slop" has become official shorthand for the latter . This creates an uncomfortable new reality for contributors, where the same tool can be used responsibly or recklessly, with only the community's trust in the human developer to differentiate the two. The new policy doesn't fully solve this problem—it hands the responsibility to the developer and the maintainer to figure it out themselves .