lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <8739gjf9de.fsf@hepworth.siccegge.de>
Date:	Tue, 30 Aug 2011 13:04:45 +0200
From:	Christoph Egger <siccegge@...fau.de>
To:	vamos-dev@...informatik.uni-erlangen.de,
	linux-kernel@...r.kernel.org
Subject: [ANNOUNCE] undertaker 1.2

The VAMOS team is pleased to announce the release of the undertaker tool
version 1.2. The tool is a result of the VAMOS[1] research project.

Please visit our project site at:
http://vamos.informatik.uni-erlangen.de/trac/undertaker

What is new in undertaker 1.2
-----------------------------

 * Coverage support: Generate partial (Kconfig) configurations to cover
   each conditional block [3]
 * Rewritten Kconfig constraints extractor in python improving support
   for some kconfig constructs
 * Improved #define/#undef support
 * The analysis is no longer restricted to CPP Macros that start with
   CONFIG_ (regex can be overriden in the configuration model)

What is undertaker?
-------------------
The undertaker is a tool for static code analysis for code with C
preprocessor directives, which can be used in various modes. The most
prominent one checks every single preprocessor block within the file
whether it can be selected or deselected, which in many cases is a great
asset for code maintenance.

Some preprocessor blocks are only seemingly conditional. In many cases,
it turns out that additional constraints from the project's
configuration model causes such conditional blocks to be in fact
unconditionally selected or unselected. We call such block "dead" and
"undead" conditional blocks.

Undertaker provides tools to extract the configuration model from the
Linux configuration tooling Kconfig and to perform this check on whole
source trees.

What undertaker is not?
-----------------------
It isn't an automatic patch generator. Because of peculiarities in the
Kconfig semantics, (ignored) coding guidelines and simply engineering
issues, the reports might contain false negatives. Note that our
philosophy is that we prefer false negatives over false positives, i.e.,
we prefer to miss reports than reports that are no issue at all.

What else can i do with undertaker?
-----------------------------------
You can extract boolean formulas (with or without model) for a given
line of sourcecode in a file or for a given symbol. There is also an
integration for emacs for interactive browsing of block and symbol
preconditions.

Additional uses are currently under development.

[1] http://www4.informatik.uni-erlangen.de/Research/VAMOS/
[2] Configuration Coverage in the Analysis of Large-Scale System
    Software, Reinhard Tartler et. al., publication accepted for the
    PLOS Workshop 2011

-- 
Christoph Egger
9FED 5C6C E206 B70A 5857  70CA 9655 22B9 D49A E731
Debian Developer | Lisp Hacker | CaCert Assurer

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ