On Wed, Apr 21, 2021 at 03:21:15PM +0200, gregkh@xxxxxxxxxxxxxxxxxxx wrote: > On Wed, Apr 21, 2021 at 01:11:03PM +0000, Trond Myklebust wrote: > > On Wed, 2021-04-21 at 15:19 +0300, Leon Romanovsky wrote: > > > On Wed, Apr 21, 2021 at 11:58:08AM +0000, Shelat, Abhi wrote: > > > > > > > > > > > > > > They introduce kernel bugs on purpose. Yesterday, I took a > > > > > > > > look on 4 > > > > > > > > accepted patches from Aditya and 3 of them added various > > > > > > > > severity security > > > > > > > > "holes". > > > > > > > > > > > > > > All contributions by this group of people need to be > > > > > > > reverted, if they > > > > > > > have not been done so already, as what they are doing is > > > > > > > intentional > > > > > > > malicious behavior and is not acceptable and totally > > > > > > > unethical. I'll > > > > > > > look at it after lunch unless someone else wants to do it… > > > > > > > > > > > > > > <snip> > > > > > > > > Academic research should NOT waste the time of a community. > > > > > > > > If you believe this behavior deserves an escalation, you can > > > > contact the Institutional Review Board (irb@xxxxxxx) at UMN to > > > > investigate whether this behavior was harmful; in particular, > > > > whether the research activity had an appropriate IRB review, and > > > > what safeguards prevent repeats in other communities. > > > > > > The huge advantage of being "community" is that we don't need to do > > > all > > > the above and waste our time to fill some bureaucratic forms with > > > unclear > > > timelines and results. > > > > > > Our solution to ignore all @umn.edu contributions is much more > > > reliable > > > to us who are suffering from these researchers. > > > > > > > <shrug>That's an easy thing to sidestep by just shifting to using a > > private email address.</shrug> > > If they just want to be jerks, yes. But they can't then use that type > of "hiding" to get away with claiming it was done for a University > research project as that's even more unethical than what they are doing > now. > > > There really is no alternative for maintainers other than to always be > > sceptical of patches submitted by people who are not known and trusted > > members of the community, and to scrutinise those patches with more > > care. > > Agreed, and when we notice things like this that were determined to be > bad, we have the ability to easily go back and rip the changes out and > we can slowly add them back if they are actually something we want to > do. > > Which is what I just did: > https://lore.kernel.org/lkml/20210421130105.1226686-1-gregkh@xxxxxxxxxxxxxxxxxxx/ Greg, Did you push your series to the public git? I would like to add you a couple of reverts. And do you have a list of not reverted commits? It will save us from doing same comparison of reverted/not reverted over and over. Thanks > > thanks, > > greg k-h
