Google and the Linux Foundation have announced plans to provide funding to two Linux kernel security developers, one of whom is Nathan Chancellor, a well-known kernel developer on our forums. The two developers focus on improving core security and related initiatives.
The news comes on the heels of the Linux Foundation’s Open Source Security Foundation (OpenSSF) and the Laboratory for Innovation Science at Harvard (LISH), which recently published a report on the open source contributor survey that addresses the need for additional work on identified security in open source. software. In a press release, the Linux Foundation said that Google’s contribution to the endorsement of two full-time security interviewers indicates the importance of maintaining the integrity of open-source software.
“At Google, security is always important, and we understand the critical role it plays in the sustainability of open source software,” said Dan Lorenc, Staff Software Engineer at Google. “We are very privileged to support the efforts of both Gustavo Silva and Nathan Chancellor as they work to improve the security of the Linux kernel.”
Chancellor, who has been submitting patches to the Linux kernel for four and a half years, will focus on detecting and repairing bugs in Clang / LLVM compilers. He will also start adding features and polishing the core with these compilers.
“I hope more and more people will start using the LLVM Compilation Infrastructure Project and contribute solutions to it and the core – it will help a lot to improve Linux security for everyone,” said Chancellor.
Meanwhile, Silva has dedicated its Linux security work to eliminating multiple classes of buffer floods by converting all instances of zero-length and one-element arrays into flexible members. Silva will also focus his time on correcting mistakes before it gets on the main line.
“The security of the Linux kernel is extremely important because it is a critical part of modern computers and infrastructure. It requires all of us to help in any way to ensure that it is sustainably secure, ”said David A. Wheeler, of the Linux Foundation. “We thank Google for endorsing the development of Gustavo and Nathan’s Linux kernel security work, as well as a thank you to all the maintainers, developers, and organizations that have made the Linux kernel a worldwide success.”
Previously, Google and the Linux Foundation independently committed to helping open source projects manage their brands.