[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YOSKuEcPoy/dw0st@kroah.com>
Date: Tue, 6 Jul 2021 18:54:16 +0200
From: Kroah-Hartman <greg@...ah.com>
To: Norbert Manthey <nmanthey@...zon.de>
Cc: LKML <linux-kernel@...r.kernel.org>,
"Woodhouse, David" <dwmw@...zon.co.uk>,
"foersleo@...zon.de" <foersleo@...zon.de>,
Gustavo Pimentel <gustavo.pimentel@...opsys.com>,
"Gustavo A. R. Silva" <garsilva@...eddedor.com>,
Kees Cook <keescook@...omium.org>,
Thomas Gleixner <tglx@...utronix.de>
Subject: Re: Coverity Scan model file, license, public access
On Tue, Jul 06, 2021 at 09:45:47AM +0200, Norbert Manthey wrote:
> Dear all,
>
> I would like to work with code analysis on the Linux kernel. The
> currently used Coverity setup already uses a model file [1] to improve
> the precision of the analysis. To the best of my knowledge, this model
> file is currently not publicly accessible. I did not find a license
> attached to [1], nor any information about licensing.
I have no idea who wrote that thing, sorry.
> To improve the way Coverity is used, I would like to move this model
> file into a public repository, and add a license. I wonder whom else I
> should involve into this process. Is there a recommended place for the
> location of the license? I assume the targeted license should be GPL,
> and would like to understand whether that works with the way this file
> is currently maintained.
How is adding this file anywhere going to help? Coverity is a closed
source tool that a few of us are "lucky" to be able to use, and even
then, it's tightly restricted what we can do with it. The only real
users that this could benefit is anyone who is paying for the tool, and
if they are doing that, they are not allowed to share the results of the
output with anyone else (as per the license of the tool). So unless you
are going to be doing this work on your own, with a paid copy of the
tool, who will use it?
thanks,
greg k-h
Powered by blists - more mailing lists