[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <77f6e6fc46232db82a3c63e93877c9534334e407.camel@amazon.de>
Date: Thu, 16 May 2024 15:28:16 +0000
From: "Manthey, Norbert" <nmanthey@...zon.de>
To: "keescook@...omium.org" <keescook@...omium.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
CC: "Woodhouse, David" <dwmw@...zon.co.uk>, "Stieger, Andreas"
<astieger@...zon.de>, "linux-hardening@...r.kernel.org"
<linux-hardening@...r.kernel.org>, "Hemdan, Hagar Gamal Halim"
<hagarhem@...zon.de>
Subject: Extending Linux' Coverity model and also cover aarch64
Dear Kees, all,
we published an extension for the Coverity model that is used by the
CoverityScan setup for the Linux kernel [1]. We have been using this
extension to analyze the 6.1 kernel branch, and reported some fixes to
the upstream code base that are based on this model [2]. Feel free to
merge the pull request, and update the model in the CoverityScan setup.
We do not have access to that project to perform these updates
ourselves.
To increase the analysis coverage to aarch64, we analyzed a x86 and a
aarch64 configuration. The increased coverage is achieved by using re-
configuration and cross-compilation during the analysis build. If you
are interested in this setup we can share the Dockerfile and script we
used for this process.
To prevent regressions in backports to LTS kernels, we wondered whether
the community is interested in setting up CoverityScan projects for
older kernel releases. Would such an extension be useful to show new
defects in addition to the current release testing?
Best,
Norbert
[1] github Coverity model pull request link:
https://github.com/kees/coverity-linux/pull/1
[2] Emails for most fixes by Hagar:
https://lore.kernel.org/all/?q=f%3Ahagarhem
Amazon Web Services Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 257764 B
Sitz: Berlin
Ust-ID: DE 365 538 597
Powered by blists - more mailing lists