@cas Yup, that's another patch coming from some tools or coccinelle without even understanding the code.

And at least two patches are so obviously wrong and so obviously not compiled, that it is actually reassuring. Why? Because it cannot be a try of sneaking faulty patches into the kernel (see UMN.edu and their hypocrite commits). It's just to plain junk code, too obvious for real attack:

https://lore.kernel.org/all/20250313160959132rMOoPpNjSNTlB-E6rMOuj@zte.com.cn/
https://lore.kernel.org/all/20250313144430115dzzemB3yO4jZvI29ZZebY@zte.com.cn/

Although, exhaustion of resources is also sort of an attack...

Here's the flood: https://lore.kernel.org/all/?q=f%3Azte.com.cn

ZTE or zte.com.cn apparently decided to flood kernel with extremely poor quality, automated patches. Reminds me previous flood from Vivo.com. Some of the patches were never built and clearly do not compile. Some are looking correct, but are wrong if you open the context of the file (e.g. using sysfs_emit in procfs or some other code). None of the review feedbacks were responded to, they just keep sending the code, sometimes 5 same patches without noticeable changes or without changelog.

And I bet somewhere within this flood of automation-generated stuff, is actual fix or actual bug pretending to be a fix but introducing a vulnerability.

When Trump says that he can apply economic pressure on Putin, he's lying. He has very few levers that haven't already been pushed. Using his own analogy, Trump acts like he has an ace up his sleeve, but he only has a pair of jokers. The only sure way to apply pressure on Putin is to give Ukraine all they need to win on the battlefield.

If #Ukraine really did attack #Twitter, | think the only logical thing is for #Elon to sign a cease fire immediately, give them half of Twitter and make sure he says thank you.

Good morning to readers; #Kyiv remains in Ukrainian hands.

#Ukraine helped the U.S. in its invasion of Iraq, losing 18 of its own men.

But when #Kyiv needed help, the U.S. leveraged Ukraine's weakness.

Serhii, who served in Iraq, knows the risks of allying with the U.S.

PSA: please don't use git.kernel.org directly for your CI needs. It is not viable for us to provide enough capacity to withstand dozens of CI nodes all trying to clone linux.git at the same time for multiple CI farms. You *will* get ip-blocked. Please set up a local mirror and hit that instead.

I made a developer meme
cc @Codeberg
#ipv6

@rbreich
The leader of the free world right now is Zelenskyy.

While Trump fumes at home Zelenskyy is becoming an icon.

Not only new Linux kernel releases count! Look at LWN summary of v4.19-stable life and how many fixes that kernel received:
https://lwn.net/Articles/1000933/

Appearing on top-bugfix contributors list for v4.19.x series is a pleasant reminder that my contributions might actually help some real users on real products.

If you've ever wondered what it is like to throw up and have diarrhea simultaneously, JIRA now has an AI button.

@kernellogger Wasn't. Although if you combine it with these one-liners:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=812a33a65d00e3d813f5ed2c9923569acd0b445c
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=da968c3ce459442e83b021d73417b9402c8b14c5
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=824ed4cb629c87b0b8aec997d3b7f6f77143ad25
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=859a661eb493fffa88ea5c94b0cd62ecc7b24634
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=aaf69c606f0865c8ad3571e1725372f21b5ad97a
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9b995d1af162f1736dd1d62ec3f6f9a5d6be5c84

... you will get on average not that big patchset, so maybe it was on-average-reviewed-by.

@geert Irony is here that since some time, if as a contributor you receive no responses to your patch or to your ping, please check if you are not on the SDN list or if you are not suspected to be on the SDN list, because even a reply like "I cannot work with you" might be tricky for maintainers. Basically it is indistinguishable between being lost in maintainer's mailbox, being PLONK-ed or being sanctioned. :)

@sima We can rephrase your surprise into:
"Big subsystem had only one maintainer for ~10 years"

That's also wild.

Anyone has cool Arm topics to share? The Call For Papers for Linaro Connect conference in Lisbon is still open (till 13th Feb)!
https://www.linaro.org/connect/call-for-proposals

The Connect will be in May:
https://www.linaro.org/connect/

I’ve told LF repeatedly that “education” as the leading point is insulting. Many maintainers know exactly what they need to do, but they lack time and energy for it. Lecturing them, I mean “giving them skills”, is… not actually a solution.

But it allows LF (and friends like GH) to continue elephant-in-the-room-ing the actual solution, which is paying maintainers for the trillions of dollars of value they create.

https://fosstodon.org/@donmccurdy/113512775802077660

@donmccurdy Copilot training and "3-week program consisting of a 5-10 hour commitment each week" is exactly what community needs to fix cases like XZ with busy maintainer bullied by bad actors.

Microsoft, are you ill? Are you just joking here around or just want to sell your crapy Copilot? This is just an insult to Open Source maintainers.

@martin.social You do not see how inappropriate this is?

I've been expecting something like this since the XZ hack, but still ... frustrated/annoyed/sad to see Microsoft and 13 (!) partners jointly announcing that their answer is to “educate” open source maintainers.

It's nice that they're compensating maintainers for the time spent on that training, but ... compliance with corporate security policies is still a whole lot of ongoing, unpaid work after that? Sigh.

https://github.blog/news-insights/company-news/announcing-github-secure-open-source-fund/