Kernel maintainers Gustavo Silva and Nathan Chancellor will work full-time to maintain and improve the security of the Linux kernel.
Google will pay developers Gustavo Silva and Nathan Chancellor full-time to focus on improving security and maintaining security in the Linux kernel. This emerges from a joint announcement by the Linux Foundation and Google. Google is a platinum member of the non-profit consortium, uses a modified version of the Linux kernel in its Android mobile operating system and operates numerous open source projects.
The joint decision was made to use the financial means for this very purpose according to the Linux Foundation’s press release. A recent “Report on the 2020 FOSS Contributor Survey” published by the Open Source Security Foundation (OpenSSF) in collaboration with Harvard University clearly identified a need for additional work on the security of open source software including the Linux operating system shown. Google’s sponsorship of the newly created positions underscores the great importance of kernel security, its maintenance and improvement.
Fixing bugs and developing protection mechanisms
Gustavo Silva submitted his first kernel patch in 2010 and is a member of the Kernel Self Protection Project (KSPP). As a full-time maintainer, he will reduce the risk of buffer overflows in the kernel code, track down and eliminate programming errors before they end up in the mainline kernel, and also develop proactive protection mechanisms against entire categories of vulnerabilities.
Nathan Chancellor , who has been involved in kernel development for a total of four and a half years, deals with finding and eliminating bugs in the Clang/LLVM compiler and introducing continuous integration systems to support this process. Later he plans to add new features and polish to the kernel using compiler technologies.