The fire between the Linux kernel community and the University of Minnesota (UMN) is being put out. Thanks to an ill-thought-out Linux security project[1], two UMN graduate students tried to insert deliberately buggy patches into Linux[2]. Greg Kroah-Hartman, the well-respected Linux kernel maintainer for the Linux stable branch, responded by banning not only them but any UMN-connected developers from contributing to the Linux kernel. Now, UMN has addressed the Linux kernel developer's community's concerns[3]. And, in a message to the Linux Kernel Mailing List (LKML)[4], the Linux Foundation[5] Technical Advisory Board (TAB)[6] and volunteer senior Linux kernel maintainers and developers have reported on what they found[7] when they closely and thoroughly examined patches from UMN academics.

First things first: 435 commits coming from UMN-associated developers were re-reviewed. "The huge majority of the reviewed commits were found to be correct." Of the rest, 39 commits were incorrect and in need of fixing; 25 had already been fixed by later commits; 12 no longer mattered; 9 had been made before the guilty research group existed and one commit has been removed by its author's request. 

Five deliberately corrupt changes had been submitted to the LKML. "These changes were submitted using two fake identities, which is against the documented requirements for how to contribute code to the Linux kernel. The University appears to have allowed researchers to use fake identities when agreeing to the 'Developers Certificate of Origin[8],' a legal statement about the work being submitted."

However, unlike what was claimed by the researchers, Qiushi Wu and Aditya Pakki, and their graduate advisor, Kangjie Lu, an assistant professor in the UMN Computer Science & Engineering Department's paper, "On

Read more from our friends at ZDNet