[sph]

While I agree that code and science should be separated from politics, isn't this the point of the sanction?

AFAIK the Linux Foundation is a US non-profit, and many core kernel developers, such as Linus Torvalds and Greg KH reside in the United States.

[arp242]

> code and science should be separated from politics

I think almost no one agrees that it should be completely separate; there should be some distance, yes, but all these things do exist in the same reality and that can't always just be ignored. Should Linux also accept North-Korean patches for their ICBMs in mainline? Probably not. They can't prevent Linux from being used in them, but they also have no obligation to go our of their way to review, merge, and maintain the code for it.

There is a lot of grey area and you can argue about the specifics of various situations for ages, but there clearly is a point where politics and the intended purpose of patches do matter.

[sph]

> Should Linux also accept North-Korean patches for their ICBMs in mainline?

While NK is probably not looking to merge their `char/icbm` driver to the mainline tree, what about the NK military fixing a nasty bug in the memory allocator? Should the patch be rejected even if it improves a non-military subsystem, just because of who wrote it?

It's just food-for-thought, personally I do not care one way or the other. As you say, it's all a grey area, and there is not a clear answer, which is where politics and posturing, rather than pragmatism, thrives.

[arp242]

Ignoring trust issues (NK inserting a backdoor), I'd say clean bugfixes should probably be accepted.

My main point was to nuance the absolutist "code and science should be separate". I don't know enough about this code to make a judgement one way or the other: as I understand the commit message it's a cleanup as a prelude to GMAC and X-GMAC SoC support. Maybe the code is badly in need of some cleanup, or maybe it's essentially just fine and there is no reason to merge any of this beyond supporting those SoCs.

[anonymouskimmer]

> Ignoring trust issues (NK inserting a backdoor)

For another option, is it possible that patching a legitimate bug could open up a line of attack in an otherwise unrelated piece of code that the bug was somehow blocking? If it is, even legitimate, verified bug fixes, or even bug reports, from non-trusted sources, should be carefully vetted.

[arp242]

They did end up banning all of the University of Minnesota over trust issues. Everything should be carefully vetted, sure, but it's always possible something gets missed; a good backdoor is indistinguishable from a bug, and those definitely end up getting merged. Any merge is a "risk", so to speak. It's a matter of risk management: a patch from Greg Kroah-Hartman is very unlikely to contain an intentional backdoor and a patch from Kim Jong-un is more likely to contain one, and with lots of shades in-between those two extremes.

[kmac_]

Worse, you can be quite sure that a patch or series of patches from "Kim Jong-un" will introduce a bug (or rather a well hidden corner case) leading to a backdoor. It can be assumed that there's a hidden incentive behind the patches.

[psychphysic]

All I'm hearing is NATO military good guys, everyone else evil.

Somehow I should be agreeable to US weapons teams mainlining patches say for whatever weapon killed that random.man and his children during the fall of Kabul. But not a nasty North Koreans?

[anonymouskimmer]

If that's all you're hearing you are so overly emotionally invested that it's blinding you to context.

No one is saying that citizens and corporations of non-aligned countries shouldn't submit patches which are accepted by the maintainers. They're saying that citizens and corporations of countries which are engaged in hot, cold, or proxy wars with the countries of citizenship of the maintainers shouldn't have patches accepted by said maintainers.

[psychphysic]

This is silly cutting off your nose to spite your face.

And for your users too.

It's very rich to claim I'm too emotionally invested (because I'm rationally assessing the situation??) in the topic then go one about the emotional investment (comfort) of the maintainer to justify their view...

That's classic projection.

[anonymouskimmer]

"All I'm hearing is NATO military good guys, everyone else evil."

This is not rational. It's an emotional interpretation of what was written.

[psychphysic]

Yes just a coincidence everyone in the thread seems okay with NATO national intelligence and military submitting patches to Linux.

But definitely Russian, North Koreans and Iranians shouldn't.

It's like I'm stuck in a Top Gun movie...

[pvaldes]

Clearly, you are not understanding the problem then

[crypt47]

And you think this is a problem with political roots, right?