Linux review board says rogue researchers did not successfully insert buggy patches into kernel
Linux kernel will publish best practices for researchers working with the kernel community
The Linux Foundation's Technical Advisory Board (TAB) has prepared a report to summarize the “Hypocrite Commits” row after a thorough review of all University of Minnesota (UNM) submissions found that none of the buggy code made it to the mainline Linux kernel.
Prepared by TAB with patch review help from several kernel developers, the report summarizes the events that led to a call for a review of all submissions from UNM, along with the findings of the review.
Senior kernel developer Greg Kroah-Hartman asked the community to stop accepting patches from UNM and to review all of their previous contributions after catching UNM researchers deliberately sending compromised code submissions to the kernel.
- Here are the best Linux laptops for running Linux
- Check our list of the best Linux distros for developers
- Also take a look at the best laptops for programming
This incident was preceded by a similar attempt last year by UNM researchers to inject buggy code for their research project.
Kroah-Hartman asked for the UNM ban and code review when he saw another round of doggy patches from the university in April 2021, assuming the resumption of the 2020 experiment.
Regaining trust
The important takeaway from the entire incident however is that none of the buggy code made it into the kernel.
"All patch submissions that were invalid were caught, or ignored, by the Linux kernel developers and maintainers. Our patch-review processes worked as intended when confronted with these malicious patches," finds the TAB report.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The report concluded by reiterating the strong ties between the kernel and the academic institutions, after all the kernel started as Linus Torvalds’ university project.
TAB suggests that going forward UNM should consider getting all its submissions reviewed by an experienced developer, which is a review process that’s followed by many companies that contribute to the kernel.
“Until such a review process is put into place, it will be difficult to re-establish the trust between UMN and the kernel community, and patches from UMN will continue to find a chilly reception.”
- Subscribe to Linux Format magazine for more Linux and open source goodness
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.