lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241024165650.174-1-cxwdyx620@gmail.com>
Date: Thu, 24 Oct 2024 16:56:50 +0000
From: Hantong Chen <cxwdyx620@...il.com>
To: james.bottomley@...senpartnership.com
Cc: ajhalaney@...il.com,
	allenbh@...il.com,
	andrew@...n.ch,
	andriy.shevchenko@...ux.intel.com,
	andy@...nel.org,
	arnd@...db.de,
	bhelgaas@...gle.com,
	bp@...en8.de,
	broonie@...nel.org,
	cai.huoqing@...ux.dev,
	dave.jiang@...el.com,
	davem@...emloft.net,
	dlemoal@...nel.org,
	dmaengine@...r.kernel.org,
	dushistov@...l.ru,
	fancer.lancer@...il.com,
	geert@...ux-m68k.org,
	gregkh@...uxfoundation.org,
	ink@...assic.park.msu.ru,
	jdmason@...zu.us,
	jiaxun.yang@...goat.com,
	keguang.zhang@...il.com,
	kory.maincent@...tlin.com,
	krzk@...nel.org,
	kuba@...nel.org,
	linux-edac@...r.kernel.org,
	linux-hwmon@...r.kernel.org,
	linux-ide@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	linux-mips@...r.kernel.org,
	linux-pci@...r.kernel.org,
	linux-renesas-soc@...r.kernel.org,
	linux-serial@...r.kernel.org,
	linux-spi@...r.kernel.org,
	linux@...linux.org.uk,
	linux@...ck-us.net,
	manivannan.sadhasivam@...aro.org,
	netdev@...r.kernel.org,
	nikita.shubin@...uefel.me,
	nikita@...n.ru,
	ntb@...ts.linux.dev,
	olteanv@...il.com,
	pabeni@...hat.com,
	paulburton@...nel.org,
	robh@...nel.org,
	s.shtylyov@....ru,
	sergio.paracuellos@...il.com,
	shc_work@...l.ru,
	siyanteng@...ngson.cn,
	tsbogend@...ha.franken.de,
	xeb@...l.ru,
	yoshihiro.shimoda.uh@...esas.com
Subject: Re: linux: Goodbye from a Linux community volunteer

> If you haven't heard of Russian sanctions yet, you should try to read
> the news some day.  And by "news", I don't mean Russian
> state-sponsored spam.

> As to sending me a revert patch - please use whatever mush you call
> brains. I'm Finnish. Did you think I'd be *supporting* Russian
> aggression? Apparently it's not just lack of real news, it's lack of
> history knowledge too.

Hi James,

Here's what Linus has said, and it's more than just "sanction."

Moreover, we have to remove any maintainers who come from the following countries or regions, as they are listed in *Countries of Particular Concern* and are subject to impending sanctions:

- Burma, People’s Republic of China, Cuba, Eritrea, Iran, the Democratic People’s Republic of Korea, Nicaragua, Pakistan, Russia, Saudi Arabia, Tajikistan, and Turkmenistan.
- Algeria, Azerbaijan, the Central African Republic, Comoros, and Vietnam.

For People’s Republic of China, there are about 500 entities that are on the U.S. OFAC SDN / non-SDN lists, especially HUAWEI, which is one of the most active employers from versions 5.16 through 6.1, according to statistics. This is unacceptable, and we must take immediate action to address it, with the **same** reason.

On 10/24/24 10:50 AM, James Bottomley wrote:
> On Thu, 2024-10-24 at 07:27 +0300, Serge Semin wrote:
>> Hello Linux-kernel community,
>>
>> I am sure you have already heard the news caused by the recent Greg'
>> commit 6e90b675cf942e ("MAINTAINERS: Remove some entries due to
>> various compliance requirements."). As you may have noticed the
>> change concerned some of the Ru-related developers removal from the
>> list of the official kernel maintainers, including me.
>>
>> The community members rightly noted that the _quite_ short commit log
>> contained very vague terms with no explicit change justification. No
>> matter how hard I tried to get more details about the reason, alas
>> the senior maintainer I was discussing the matter with haven't given
>> an explanation to what compliance requirements that was.
> 
> Please accept all of our apologies for the way this was handled.  A
> summary of the legal advice the kernel is operating under is
> 
>     If your company is on the U.S. OFAC SDN lists, subject to an OFAC
>     sanctions program, or owned/controlled by a company on the list, our
>     ability to collaborate with you will be subject to restrictions, and
>     you cannot be in the MAINTAINERS file.
> 
> Anyone who wishes to can query the list here:
> 
> https://sanctionssearch.ofac.treas.gov/
> 
> In your specific case, the problem is your employer is on that list.
> If there's been a mistake and your employer isn't on the list, that's
> the documentation Greg is looking for.
> 
> I would also like to thank you for all your past contributions and if
> you (or anyone else) would like an entry in the credit file, I'm happy
> to shepherd it for you if you send me what you'd like.
> 
> Again, we're really sorry it's come to this, but all of the Linux
> infrastructure and a lot of its maintainers are in the US and we can't
> ignore the requirements of US law.  We are hoping that this action
> alone will be sufficient to satisfy the US Treasury department in
> charge of sanctions and we won't also have to remove any existing
> patches.
> 
> Regards,
> 
> James Bottomley
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ