Given the static code analysis efforts, I wonder whether we should also
make use of Coverity wrt Spectre vulnerabilities. Synopsis announced
they somewhat support this [1].

Unfortunately, I do not have access to the Linux project on Coverity
Scan [2]. Does anybody on this list have access to that project there
and can make sure the new scanner is enabled as well, or at least
enabled in some kind of beta phase so that we can judge the usefulness
of the reported defects. This way, we could consume the output and
compare it to the upgraded version of smatch.

Norbert

PS: sorry for the previous mail which got totally scrambled

[1]
https://www.synopsys.com/blogs/software-security/detecting-spectre-vulnerability-exploits-with-static-analysis/
[2] https://scan.coverity.com/projects/linux

On 06/06/2018 01:56 AM, speck for Jiri Kosina wrote:
> On Tue, 5 Jun 2018, speck for Linus Torvalds wrote:
>
>> Useless.
> Fully agreed.
>
>> Can some Intel person explain how the processor could possibly 
>> speculatively do a 'ret' instruction that actually uses the value that 
>> the front-end doesn't even have (ie "not RSB/BTB")?
> I earlier today already asked for more details about exactly this back 
> through the official channel I've received the whitepaper from as well. 
> I'll relay any information I eventually receive to this list.
>
> Thanks,
>