It took over 80 developers to review the Linux kernel and ensure it was free of tainted code recently submitted by University of Minnesota (UNM) researchers.
The “Hypocrite Commits” row erupted last month when senior kernel developer Greg Kroah-Hartman urged the community to review all contributions made by UNM after catching researchers from the university deliberately sending compromised code submissions to the kernel.
Turning in a set of fixes for the current under development kernel release, Kroah-Hartman last week, noted that the majority of the changes are the result of the thorough review.
“That [review of past UNM submissions] resulted in a bunch of reverts along with the “correct” changes made, such that there is no regression of any of the potential fixes that were made by those individuals. I would like to thank the over 80 different developers who helped with the review and fixes for this mess,“ wrote Kroah-Hartman.
An analysis of Kroah-Hartman’s submission by Phoronix reveals that he reverted just over three dozen UNM patches spanning across several areas of the kernel, from the media subsystem to networking.
These 37 though were part of the over 150 patches that developers from UNM have submitted over the years and reviewing them all in a timely fashion took about seven dozen developers.
Earlier this month, the Linux Foundation’s Technical Advisory Board (TAB) prepared a report about the incident to share findings from the code review.
Importantly, TAB suggested that going forward UNM should consider getting all its submissions reviewed by an experienced developer, which is a review process that’s followed by many companies that contribute to the kernel.
TAB considered this necessary in order “to re-establish the trust between UMN and the kernel community.”
Via The Register
social experiment by Livio Acerbo #greengroundit #techradar https://www.techradar.com/news/more-than-80-linux-devs-called-on-to-help-to-fix-mess-created-by-rogue-contributors/