Google and the Linux Foundation announced plans to provide funding to two Linux kernel security developers, one of whom is Nathan Chancellor, a well-known kernel developer on our forums. The two developers will focus their time on improving kernel security and associated initiatives.
The news comes on the heels of the Linux Foundation’s Open Source Security Foundation (OpenSSF) and the Laboratory for Innovation Science at Harvard (LISH) recently published an open source contributor survey report that identified the need for additional work on security. in open source software. In a press release, the Linux Foundation said that Google’s contribution to the subscription of two full-time security maintainers indicates how important it is to maintain the integrity of open source software.
“At Google, security is always a priority and we understand the critical role it plays in the sustainability of open source software,” said Dan Lorenc, Google software engineer. “We are honored to support the efforts of Gustavo Silva and Nathan Chancellor as they work to improve the security of the Linux kernel.”
Chancellor, who has been working to patch the Linux kernel for four and a half years, will focus on triaging and fixing the bugs found in the Clang / LLVM compilers. You will also start adding features and polishing the kernel using these compilers.
“I hope that more and more people will start using the LLVM compiler infrastructure project and contribute fixes to it and the kernel; It will go a long way toward improving Linux security for everyone, ”Chancellor said.
Silva, meanwhile, has been dedicating his Linux security work to eliminating various kinds of buffer overflows by transforming all zero-length, one-element array instances into flexible array members. Silva will also focus his time on correcting mistakes before they hit the main line.
“Ensuring the security of the Linux kernel is extremely important, as it is a critical part of modern computing and infrastructure. It requires all of us to help in whatever way we can to ensure that it is safe and sustainable, ”said David A. Wheeler of the Linux Foundation. “We extend a special thanks to Google for supporting Gustavo and Nathan’s Linux kernel security development work, along with a special thanks to all the maintainers, developers, and organizations that have made the Linux kernel a collaborative global success.”
Previously, Google and the Linux Foundation independently pledged to help open source projects manage their trademarks.