More than 80 Linux devs called on to help to fix 'mess' created by rogue contributors

(Image credit: Image Credit: Pixabay)

It took over 80 developers to review the Linux kernel and ensure it was free of tainted code recently submitted by University of Minnesota (UNM) researchers.

The “Hypocrite Commits” row erupted last month when senior kernel developer Greg Kroah-Hartman urged the community to review all contributions made by UNM after catching researchers from the university deliberately sending compromised code submissions to the kernel.

Turning in a set of fixes for the current under development kernel release, Kroah-Hartman last week, noted that the majority of the changes are the result of the thorough review.

“That [review of past UNM submissions] resulted in a bunch of reverts along with the "correct" changes made, such that there is no regression of any of the potential fixes that were made by those individuals. I would like to thank the over 80 different developers who helped with the review and fixes for this mess,“ wrote Kroah-Hartman.

Herculean review

An analysis of Kroah-Hartman’s submission by Phoronix reveals that he reverted just over three dozen UNM patches spanning across several areas of the kernel, from the media subsystem to networking.

These 37 though were part of the over 150 patches that developers from UNM have submitted over the years and reviewing them all in a timely fashion took about seven dozen developers.

Earlier this month, the Linux Foundation’s Technical Advisory Board (TAB) prepared a report about the incident to share findings from the code review.

Importantly, TAB suggested that going forward UNM should consider getting all its submissions reviewed by an experienced developer, which is a review process that’s followed by many companies that contribute to the kernel. 

TAB considered this necessary in order “to re-establish the trust between UMN and the kernel community.”

Via The Register

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.