This article comes from Zhihu , This site only forwards , Do not represent “Linux Code reading field ” Point of view .
The cause of this is computer science at the University of Minnesota & Assistant professor of Engineering Kangjie Lu And his Ph. D. Student Qiushi Wu The paper of 《 The feasibility of covertly introducing vulnerabilities into open source software through hypocrite submission 》, It is said that 2021 In May of 42 the IEEE Security and privacy seminar published ） This article （ Can be in Wu Of github Found on the ）, In this paper, the following ：
They are trying to study the security problems caused by this kind of hypocritical submission , And choose Linux The kernel project as the target , A series of tools have been developed to generate such test patches and validation .
Linux Kernel maintainers found that some of the submissions from Minnesota were meaningless or even significantly wrong code （ come from Aditya Pakki, University of Minnesota Computer Science & Doctor of Engineering , The tutor is Kangjie Lu）, This has provoked the anger of defenders （by Al Viro, Kernel maintainers ）
In short , This patch either means that this person （ To the kernel ） I don't understand at all, or his actions are not sincere , If it's the latter , I can suggest ***（ Coarse mouth ） The sociologists in China ***（ Coarse mouth , Get the hell out of here ）, No more ***（ Coarse mouth , It means rubbish ） To test （ Code ） Is it a review ？
And warnings （Greg K H, Kernel maintainers ）：
Please stop submitting patches that are known to be invalid . Your professor is trying to play with （ Code ） The review process completes the paper in an odd way .
It's not right , Wasted our time , We will have to Report it to your university again ……
however Aditya Pakki Response statement
Sincerely , I ask you to stop making crazy accusations that are close to slander .
These patches were sent as part of a new static analyzer I wrote , They're obviously not very sensitive . I'm sending patches in the hope of getting feedback . We are not Linux Experts in the kernel , It's disgusting to hear these remarks repeatedly .
obviously , This step is wrong , But your preconceived bias is so strong , So much so that your charges are groundless , And don't give us an excuse （ innocence presumption ） Any chance you have .
This attitude is not only unpopular , And it's a threat to novices and non experts , So I won't send any more patches .
Final , Greg K-H Finally, it was decided to prohibit the University of Minnesota from contributing any code to the kernel , And cancel all previous contributions .
Test preparation ：
1. The news about this ：Here's Why University of Minnesota is Getting Banned from Contributing to Linux Kernel Code - It's FOSS News
2. Gerg The decision to withdraw comes from umn.edu All changes of ：
[PATCH 000/190] Revertion of all of the umn.edu commits
3. Gerg The response to this （ And the discussion string ） Re: [PATCH] SUNRPC: Add a check for gss_release_msg
4. The address of the article github.com/QiushiWu/Qiu
5. author Wu The blog of Qiushi Wu
6. Wu github Medium issues, Most of them are aimed at this problem , special “ Dishonest research ”：github.com/QiushiWu/qiu
7. author Lu The home page of www-users.cs.umn.edu/~kjlu/papers/clarifications-hc.pdf
8. Lu Clarification on this matter ：www-users.cs.umn.edu/~kjlu/papers/clarifications-hc.pdf