This isn't about patches at all. They can submit patches. Anyone can.
This is about being listed as a contact. You can EITHER work for a company that produces CPUs for the Russian army OR answer mail on behalf of the linux kernel maintainers, but not both.
So, what, the espionage concern is that a person who is listed as a contact might read emails on LKML.org?
The only possible justification for this is the one being offered, that some lawyers do not believe it is safe for Linus to head a project with ties that could be made real to a jury between its leaders and sanctioned entities.
Considering the fact that individual people need to stay out of court as badly as they need to avoid being convicted this is not such a difficult decision to empathize with, but it is being conducted in a typical Kernel fashion, with personal views being injected at all the worst moments and contributors leaving who would not have had any quarrels if they had not been fabricated.
They still able to read LKML, so it's not, but they no longer ask questions like "Tell me details of your hardware because I'm official kernel maintainer while you is just engineerer, so I can easily harm you career if you refuse to cooperate.", then use this information to improve hardware used in Russian weapons.
If official kernel maintainers could harm careers over not telling them proprietary hardware details, NVIDIA would be selling hot dogs at a street corner.
It doesn't matter. The sanctions say "don't cooperate with those companies", not "unless the cooperation is harmless" or "only according to your judgment" or anything like that.
> Could this have been an NSA attack? Maybe. But there were many others who had the skill and motivation to carry out this attack. Unless somebody confesses, or a smoking-gun document turns up, we’ll never know.
We can't open a discussion about obfuscated FSB patches if we aren't going to ask what we're doing about obsfucated NSA patches.