social.kernel.org

Greg K-H

@gregkh

Posts

320

Following

Followers

3460

Greg K-H

gregkh

5 hours ago

Saving this here to use later. As seen in the comments on yet-another-ai story on Lobsters:

"How could you claim to have a neutral, informed opinion on LLMs without signing up for a bunch of subscriptions and constantly talking to the liar machine to see if it told a truth today?"

Greg K-H

repeated

Stefan Eissing

icing@chaos.social

6 days ago

One of my fav quotes from this @gregkh interview:

"Open source ends up having better depth of knowledge than closed source has."

(Because for careers in companies you get shifted around while many people in OSS stay in the same field/code for decades.)

https://www.youtube.com/watch?v=-1-OjxPJZcs

Greg K-H

repeated

Christian Brauner 🦊🐺

brauner@mastodon.social

8 days ago

Greg K-H

repeated

Linux Kernel Security

linkersec@infosec.exchange

8 days ago

Linux Kernel Hardening: Ten Years Deep

Talk by @kees about the relevance of various Linux kernel vulnerability classes and the mitigations that address them.

Video: https://www.youtube.com/watch?v=c_NxzSRG50g
Slides: https://static.sched.com/hosted_files/lssna2025/9f/KSPP%20Ten%20Years%20Deep.pdf

Greg K-H

repeated

K. Ryabitsev 🍁

monsieuricon

8 days ago

All the slides at this meeting talk about how much time and effort "AI" would help us save, and all I want to do is point out how much time and effort I've sunk so far into keeping AI crawlers from DDoS'ing our infra.

Greg K-H

repeated

pivotman319 🦊

winload_exe@wetdry.world

8 days ago

Reply to @gregkh

@gregkh linters literally do their job better than a speculation machine

Greg K-H

gregkh

9 days ago

Reply to @ptesarik@infosec.exchange

@ptesarik That's what `drivers/staging/` is for, we just took 10+ patches for that subsystem from new submitters yesterday. That's much easier to accomplish than trying to parse the output of an "AI tool" :)

Greg K-H

gregkh

9 days ago

Reply to @liw@toot.liw.fi

@liw We assign 13 CVEs for Linux every single day. "Fame and fortune" is not something that happens for any of those reports, as a CVE is trivial to get if you actually want to just fix a kernel bug for real.

Greg K-H

gregkh

9 days ago

Days since an "AI found security bug" turned out to be totally false due to the inability of the tool to actually parse C code: 0

I'm seeing multiple of these type of "reports" per week now for Linux. Why do people think that an LLM can somehow do better than a compiler and also not even test their proposed changes to verify they even do anything?

{sigh}

104

159

Greg K-H

gregkh

11 days ago

Reply to @codonell@fosstodon.org

@codonell @brauner Yes, just add them at the end.

And we don't use the "(cherry picked from..." text in the kernel for stable backports, we do a much larger "commit XXXXXX upstream" at the top of the changelog text to make it easier for tools to catch.

Greg K-H

gregkh

12 days ago

Reply to @brauner@mastodon.social

@brauner @codonell That is correct, in the kernel we do NOT clear any of them out, only add new ones as that would "erase" the work that the original developers/reviewers did on the original change, which isn't a kind thing to do in my opinion.

Greg K-H

gregkh

14 days ago

Reply to @nitrokey@nitrokey.com

@nitrokey Thanks, will do!

Greg K-H

gregkh

14 days ago

The second hardest thing in working in an open source developer community is learning who to ignore, be it in patch reviews or other places.

The hardest thing in working in an open source community is realizing that you are the one that everyone is ignoring.

Greg K-H

gregkh

20 days ago

Reply to @totenlegionChris@metalhead.club

@totenlegionChris As the other key works, AND the command line tool test passes with the bad key, yes, the device nodes are correct.

Greg K-H

gregkh

20 days ago

Reply to @brauner@mastodon.social

@brauner Yeah, but they are out of stock :(

Greg K-H

gregkh

20 days ago

Reply to @brauner@mastodon.social

@brauner No idea, I just went and ordered a few more, and some solokeys as I really would like to just use USB C and not have a A->C converter to lug around.

Greg K-H

gregkh

20 days ago

Dear lazyweb. One of my nitrokey 3 devices seems to have “stopped working” when attempting to access the key in it. Running the command line tools seems to say all is good (i.e. nitrocpy nk3 test says all is fine) but yet ssh seems to hate it with an error of:

ssh_sk_sign: fido_dev_get_assert: FIDO_ERR_NO_CREDENTIALS

and it never even attempts to let me “push the button”.

It’s running the latest firmware. Any hints on what to attempt/test to debug this or should I just give up on the thing?

My backup key is working just fine, so it’s not the USB kernel code on my system that is the issue for once :)

Greg K-H

gregkh

1 month ago

Reply to @aho@ioc.exchange

@aho "Don't panic and just follow standard security reporting guidelines".

Greg K-H

gregkh

1 month ago

Yet another thing I never thought I would be doing as a kernel developer, talking about EU regulations with open source finance people...

Greg K-H

repeated

daniel:// stenberg://

bagder@mastodon.social

1 month ago

Reply to @joshbressers@infosec.exchange

@joshbressers indeed. I just find that pURL advocates sometimes forget this gap and there are even online forms now where the pURL is a mandatory field, which have prevented for example me to enter curl in some places because curl nor libcurl have no pURL. So I keep having to remind people...

Show older

About social.kernel.org

Terms of service

Please do not use this service in violation of the Linux Kernel Code of Conduct. Doing so will result in your account suspension with the referral of the matter to the CoC committee.
"Repeating"/"boosting" someone else's status on this platform will be treated as endorsement and will fall under rule #1.
You are encouraged to use this platform to promote your work on the Linux Kernel, but there is no restriction on permitted topics (with the exception of anything covered by #1 above).
There is no requirement to post in English, but it should be considered the primary language of communication on this platform.

Privacy notice

The admins of this service have access to all posted statuses. They aren't looking, but if it's something they shouldn't know about, then you should not post it on this platform.

Please see the Linux Foundation Privacy Policy, which applies to this platform as well.

Getting your own account

If you would like an account on this instance, please check that the following applies to you:

You are listed in MAINTAINERS or CREDITS
OR: You have a kernel.org account or email address
OR: You have a long and established history of involvement with the Linux Kernel

If the above is true and you agree with the Terms of Service and Privacy Notice listed above, please use these instructions to request an account:

How to request an account on social.kernel.org