Re: [PATCH 00/18] prevent bounds-check bypass via speculative execution

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Florian Fainelli <f.fainelli@xxxxxxxxx>, Dan Williams <dan.j.williams@xxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx
Subject: Re: [PATCH 00/18] prevent bounds-check bypass via speculative execution
From: Arjan van de Ven <arjan@xxxxxxxxxxxxxxx>
Date: Sat, 6 Jan 2018 10:59:06 -0800
Cc: Mark Rutland <mark.rutland@xxxxxxx>, peterz@xxxxxxxxxxxxx, Alan Cox <alan.cox@xxxxxxxxx>, Srinivas Pandruvada <srinivas.pandruvada@xxxxxxxxxxxxxxx>, Will Deacon <will.deacon@xxxxxxx>, Solomon Peachy <pizza@xxxxxxxxxxxx>, "H. Peter Anvin" <hpa@xxxxxxxxx>, Christian Lamparter <chunkeey@xxxxxxxxxxxxxx>, Elena Reshetova <elena.reshetova@xxxxxxxxx>, linux-arch@xxxxxxxxxxxxxxx, Andi Kleen <ak@xxxxxxxxxxxxxxx>, "James E.J. Bottomley" <jejb@xxxxxxxxxxxxxxxxxx>, linux-scsi@xxxxxxxxxxxxxxx, Jonathan Corbet <corbet@xxxxxxx>, x86@xxxxxxxxxx, Ingo Molnar <mingo@xxxxxxxxxx>, Alexey Kuznetsov <kuznet@xxxxxxxxxxxxx>, Zhang Rui <rui.zhang@xxxxxxxxx>, linux-media@xxxxxxxxxxxxxxx, Arnd Bergmann <arnd@xxxxxxxx>, Jan Kara <jack@xxxxxxxx>, Eduardo Valentin <edubezval@xxxxxxxxx>, Al Viro <viro@xxxxxxxxxxxxxxxxxx>, qla2xxx-upstream@xxxxxxxxxx, tglx@xxxxxxxxxxxxx, Mauro Carvalho Chehab <mchehab@xxxxxxxxxx>, Kalle Valo <kvalo@xxxxxxxxxxxxxx>, alan@xxxxxxxxxxxxxxx, "Martin K. Petersen" <martin.petersen@xxxxxxxxxx>, Hideaki YOSHIFUJI <yoshfuji@xxxxxxxxxxxxxx>, gregkh@xxxxxxxxxxxxxxxxxxx, linux-wireless@xxxxxxxxxxxxxxx, "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>, netdev@xxxxxxxxxxxxxxx, torvalds@xxxxxxxxxxxxxxxxxxxx, "David S. Miller" <davem@xxxxxxxxxxxxx>, Laurent Pinchart <laurent.pinchart@xxxxxxxxxxxxxxxx>, dan.carpenter@xxxxxxxxxx
In-reply-to: <ca6f24c0-d6cf-e309-aa68-92f1378ee75a@gmail.com>
User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0

It sounds like Coverity was used to produce these patches? If so, is
there a plan to have smatch (hey Dan) or other open source static
analysis tool be possibly enhanced to do a similar type of work?


I'd love for that to happen; the tricky part is being able to have even a
sort of sensible concept of "trusted" vs "untrusted" value...

if you look at a very small window of code, that does not work well;
you likely need to even look (as tool) across .c file boundaries

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

References:
- [PATCH 00/18] prevent bounds-check bypass via speculative execution
  - From: Dan Williams
- Re: [PATCH 00/18] prevent bounds-check bypass via speculative execution
  - From: Florian Fainelli

Prev by Date: Re: [PATCH 00/18] prevent bounds-check bypass via speculative execution
Next by Date: Re: [PATCH 00/18] prevent bounds-check bypass via speculative execution
Previous by thread: Re: [PATCH 00/18] prevent bounds-check bypass via speculative execution
Next by thread: Re: [PATCH 00/18] prevent bounds-check bypass via speculative execution
Index(es):
- Date
- Thread

[Index of Archives] [SCSI Target Devel] [Linux SCSI Target Infrastructure] [Kernel Newbies] [IDE] [Security] [Git] [Netfilter] [Bugtraq] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Linux ATA RAID] [Linux IIO] [Samba] [Device Mapper]