Documentation/project_ideas: Update after 2019
The coverity project is done, for the most part, so drop it. Expand a bit on the scope of the toolchain binary project, and point out that the Ghidra project already has code from GSoC 2019 but could be developed further. Change-Id: I7342cc3133494f69b175b11b1f8342a0f40840e7 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/39086 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Jacob Garber <jgarber1@ualberta.ca> Reviewed-by: Patrick Rudolph <siro@das-labor.org>
This commit is contained in:
parent
c44d1e2c7c
commit
6a4f46ac5e
|
@ -27,7 +27,9 @@ which is a bad experience when trying to build coreboot the first time.
|
||||||
|
|
||||||
Provide packages/installers of our compiler toolchain for Linux distros,
|
Provide packages/installers of our compiler toolchain for Linux distros,
|
||||||
Windows, Mac OS. For Windows, this should also include the environment
|
Windows, Mac OS. For Windows, this should also include the environment
|
||||||
(shell, make, ...).
|
(shell, make, ...). A student doesn't have to cover _all_ platforms, but
|
||||||
|
pick a set of systems that match their interest and knowledge and lay
|
||||||
|
out a plan on how to do this.
|
||||||
|
|
||||||
The scripts to generate these packages should be usable on a Linux
|
The scripts to generate these packages should be usable on a Linux
|
||||||
host, as that's what we're using for our automated build testing system
|
host, as that's what we're using for our automated build testing system
|
||||||
|
@ -131,26 +133,6 @@ their bug reports.
|
||||||
### Mentors
|
### Mentors
|
||||||
* Patrick Georgi <patrick@georgi.software>
|
* Patrick Georgi <patrick@georgi.software>
|
||||||
|
|
||||||
## Make coreboot coverity clean
|
|
||||||
coreboot and several other of our projects are automatically tested
|
|
||||||
using Synopsys' free "Coverity Scan" service. While some fare pretty
|
|
||||||
good, like [em100](https://scan.coverity.com/projects/em100) at 0 known
|
|
||||||
defects, there are still many open issues in other projects, most notably
|
|
||||||
[coreboot](https://scan.coverity.com/projects/coreboot) itself (which
|
|
||||||
is also the largest codebase).
|
|
||||||
|
|
||||||
Not all of the reports are actual issues, but the project benefits a
|
|
||||||
lot if the list of unhandled reports is down to 0 because that provides
|
|
||||||
a baseline when future changes reintroduce new issues: it's easier to
|
|
||||||
triage and handle a list of 5 issues rather than more than 350.
|
|
||||||
|
|
||||||
This project would be going through all reports and handling them
|
|
||||||
appropriately: Figure out if reports are valid or not and mark them
|
|
||||||
as such. For valid reports, provide patches to fix the underlying issue.
|
|
||||||
|
|
||||||
### Mentors
|
|
||||||
* Patrick Georgi <patrick@georgi.software>
|
|
||||||
|
|
||||||
## Extend Ghidra to support analysis of firmware images
|
## Extend Ghidra to support analysis of firmware images
|
||||||
[Ghidra](https://ghidra-sre.org) is a recently released cross-platform
|
[Ghidra](https://ghidra-sre.org) is a recently released cross-platform
|
||||||
disassembler and decompiler that is extensible through plugins. Make it
|
disassembler and decompiler that is extensible through plugins. Make it
|
||||||
|
@ -158,6 +140,11 @@ useful for firmware related work: Automatically parse formats (eg. by
|
||||||
integrating UEFITool, cbfstool, decompressors), automatically identify
|
integrating UEFITool, cbfstool, decompressors), automatically identify
|
||||||
16/32/64bit code on x86/amd64, etc.
|
16/32/64bit code on x86/amd64, etc.
|
||||||
|
|
||||||
|
This has been done in 2019 with [some neat
|
||||||
|
features](https://github.com/al3xtjames/ghidra-firmware-utils) being
|
||||||
|
developed, but it may be possible to expand support for all kinds of firmware
|
||||||
|
analyses.
|
||||||
|
|
||||||
## Learn hardware behavior from I/O and memory access logs
|
## Learn hardware behavior from I/O and memory access logs
|
||||||
[SerialICE](https://www.serialice.com) is a tool to trace the behavior of
|
[SerialICE](https://www.serialice.com) is a tool to trace the behavior of
|
||||||
executable code like firmware images. One result of that is a long log file
|
executable code like firmware images. One result of that is a long log file
|
||||||
|
|
Loading…
Reference in New Issue