Profile cover photo
Profile photo
Greg Kroah-Hartman
About
Posts

Post has attachment
A new file for the kernel's Documentation directory explaining how we feel our copyright should be enforced.

If lkml.org isn't up and running (it's a flaky box), here's a copy of my pull request that should provide you will all of the needed information about this file:

-------------
Documentation: Add a file explaining the requested Linux kernel license enforcement policy

Here's a pull request to add a new file to the kernel's Documentation directory.
It adds a short document describing the views of how the Linux kernel community
feels about enforcing the license of the kernel.

The patch has been reviewed by a large number of kernel developers already, as
seen by their acks on the patch, and their agreement of the statement with
their names on it. The location of the file was also agreed upon by the
Documentation maintainer, so all should be good there.

For some background information about this statement, see this article
written by some of the kernel developers involved in drafting it:
http://kroah.com/log/blog/2017/10/16/linux-kernel-community-enforcement-statement/
and this article that answers a number of questions that came up in the
discussion of this statement with the kernel developer community:
http://kroah.com/log/blog/2017/10/16/linux-kernel-community-enforcement-statement-faq/

If anyone has any further questions about it, please let me, and the TAB
members, know and we will be glad to help answer them.
-------------

And here's a link to the patch itself with the initial set of acks and the document, and the developers who agree with it.
https://lkml.org/lkml/2017/10/16/131

Post has attachment
I think I found my new office location...
Photo

Post has attachment
My Kernel Recipes talk about the "Linux kernel release model" is now up. Watch at the end as I crash two phones with a userspace program because they were not up to date.

My slides are also online, and can be found at:
https://kernel-recipes.org/en/2017/talks/linux-kernel-release-model/
where you can see Brendan Gregg's excellent talk as well.

Post has attachment

Post has shared content

Post has shared content
#Linux stable kernel 4.13.2 and 4.12.13 as well as the longterm kernels 4.9.50, 4.4.88 and 3.18.71 (which is kind of EOL to be precise) are out now. As usual, they contain fixes throughout the tree and some of them might fix security bugs – users thus should upgrade to one of these versions.

Just this time I'll be more precise. I know there are at least two important fixes in there. But the "at least" is the important part. Read it as: There might be more. And that's why you always should upgrade to new stable and longterm kernels, if your distribution hasn't you covered.
Photo

Post has shared content

Post has attachment
My office chair for this week, yes I am ignoring your patches...
Photo

Post has attachment

Post has shared content
'[…] "Buying Into the Bias: Why Vulnerability Statistics Suck" by Steve Christey (MITRE) & Brian Martin (OSF)" are worth reading by anyone who thinks that it is easy to track vulnerabilities by a simple number, or by just a CVE, or really by any method at all. […]' That's a quote from a G+ post +Greg Kroah-Hartman shared a few days ago. He linked a whitepaper and a slides from the talk. Turns out there is a video recording as well. Really worth watching (but the slides are really great as well).
Greg's post: https://plus.google.com/+gregkroahhartman/posts/EyRv8WjbWqR
Whitepaper: https://media.blackhat.com/us-13/US-13-Martin-Buying-Into-The-Bias-Why-Vulnerability-Statistics-Suck-WP.pdf
Slides: https://media.blackhat.com/us-13/US-13-Martin-Buying-Into-The-Bias-Why-Vulnerability-Statistics-Suck-Slides.pdf
Wait while more posts are being loaded