Return-path: Received: from mga07.intel.com ([134.134.136.100]:23197 "EHLO mga07.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753141AbeAFS7J (ORCPT ); Sat, 6 Jan 2018 13:59:09 -0500 Subject: Re: [PATCH 00/18] prevent bounds-check bypass via speculative execution To: Florian Fainelli , Dan Williams , linux-kernel@vger.kernel.org Cc: Mark Rutland , peterz@infradead.org, Alan Cox , Srinivas Pandruvada , Will Deacon , Solomon Peachy , "H. Peter Anvin" , Christian Lamparter , Elena Reshetova , linux-arch@vger.kernel.org, Andi Kleen , "James E.J. Bottomley" , linux-scsi@vger.kernel.org, Jonathan Corbet , x86@kernel.org, Ingo Molnar , Alexey Kuznetsov , Zhang Rui , linux-media@vger.kernel.org, Arnd Bergmann , Jan Kara , Eduardo Valentin , Al Viro , qla2xxx-upstream@qlogic.com, tglx@linutronix.de, Mauro Carvalho Chehab , Kalle Valo , alan@linux.intel.com, "Martin K. Petersen" , Hideaki YOSHIFUJI , gregkh@linuxfoundation.org, linux-wireless@vger.kernel.org, "Eric W. Biederman" , netdev@vger.kernel.org, torvalds@linux-foundation.org, "David S. Miller" , Laurent Pinchart , dan.carpenter@oracle.com References: <151520099201.32271.4677179499894422956.stgit@dwillia2-desk3.amr.corp.intel.com> From: Arjan van de Ven Message-ID: (sfid-20180106_195932_595259_304968B4) Date: Sat, 6 Jan 2018 10:59:06 -0800 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Sender: linux-wireless-owner@vger.kernel.org List-ID: > It sounds like Coverity was used to produce these patches? If so, is > there a plan to have smatch (hey Dan) or other open source static > analysis tool be possibly enhanced to do a similar type of work? I'd love for that to happen; the tricky part is being able to have even a sort of sensible concept of "trusted" vs "untrusted" value... if you look at a very small window of code, that does not work well; you likely need to even look (as tool) across .c file boundaries