Recognized XDA Developer Funded by Google to Improve Linux Kernel Security

Google and the Linux Foundation have announced their intention to provide funding to two Linux kernel security developers, including Nathan Chancellor, a well-known kernel developer on our forums. Both developers will devote their time to improving kernel security and related initiatives.

The news comes on the heels of the Linux Foundation’s Open Source Security Foundation (OpenSSF) and the Laboratory for Innovation Science at Harvard (LISH) who recently released an open-source contributor survey report that identified a need. additional work on security in open-source software. In a press release, the Linux Foundation said that Google’s contribution to the underwriting of two full-time security officers signals how important it is to maintain the integrity of open source software.

“At Google, security is always a priority and we understand the critical role it plays in the sustainability of open source software,” said Dan Lorenc, software engineer at Google. “We are honored to support the efforts of Gustavo Silva and Nathan Chancellor as they work to improve the security of the Linux kernel.”

Chancellor, who has been working on patching the Linux kernel for four and a half years, will focus on sorting out and fixing bugs found in the Clang / LLVM compilers. It will also start adding functionality and tweaking the kernel using these compilers.

“I hope more and more people start using the LLVM Compiler Infrastructure Project and making fixes to it and the kernel – this will go a long way in improving Linux security for everyone,” Chancellor said. .

Silva, meanwhile, has dedicated his Linux security work to eliminating several classes of buffer overflows by turning all instances of zero-length and one-element arrays into flexible array members. Silva will also be focusing his time on fixing bugs before they reach the mainline.

“Ensuring the security of the Linux kernel is extremely important because it is an essential part of modern computing and infrastructure. It forces all of us to help in any way we can to ensure lasting security, ”said David A. Wheeler, Linux Foundation. “Special thanks to Google for endorsing the Linux kernel security development work of Gustavo and Nathan, as well as all of the leaders, developers and organizations who have made the Linux kernel a collaborative global success.

Previously, Google and the Linux Foundation independently engaged in helping open source projects run their brands.