Linux Kernel Bugs/Mentoring/Presentations

Access request for Linux Coverity scans

Posted on by Gustavo A. R. Silva / 0 Comment

I received the following request this evening and it absolutely made my day. 🙂

▫️ “I’m a mechatronics student and I discovered the project from this block post: “https://embeddedor.com/blog/2024/09/28/one-simple-and-rewarding-way-to-contribute-to-the-linux-kernel-fix-coverity-issues/” and as such I’m instersted in contributing as well”

More than a year ago, I wrote a blog post to guide people to resources on how to start contributing to the Linux kernel by fixing Coverity issues. Every few weeks, I receive a request like the one above for access to the Coverity scans, and it makes my day every single time. It makes me really happy that more and more newcomers are finding inspiration in that blog post. 🙂

Someone might ask ‘Why Coverity in particular?’ The answer is quite simple: that’s how I started my career in the Linux kernel almost ten years ago. (That’s not to say this is the best possible way to start contributing to the kernel. This often depends on people’s previous experience and background. 😉)

I can therefore attest that it’s an effective way to gain experience contributing across the entire kernel tree, because it exposes people to all sorts of technical and social challenges, both of which are essential for learning to navigate the, at times, wild waters of the Linux kernel community.

You can check out the blog post via the following links. And if you think someone else might be interested or get inspired by it, please feel free to share it with your network. ✌🏼:

Mastodon: ONE simple and rewarding way to contribute to the Linux Kernel: Fix Coverity issues 🐧

LinkedIn: ONE simple and rewarding way to contribute to the Linux Kernel: Fix Coverity issues 🐧

Or anywhere you’d like: https://embeddedor.com/blog/2024/09/28/one-simple-and-rewarding-way-to-contribute-to-the-linux-kernel-fix-coverity-issues/ 🐧

Thanks!

—–

Now, for someone asking, ‘Why do people even have to ask for access to the Coverity scans for the kernel?’ The answer is straightforward: Black Duck manages the Coverity project directly through a request-for-access scheme, and others and I are only admins for the -rc and linux-next scans. See this for more information: https://scan.coverity.com/about, or contact Black Duck directly. 🙂

Gustavo A. R. Silva
Gustavo A. R. Silva works full-time as an Upstream Linux Kernel Engineer focused on hardening and proactive security. He has spent the past several years fixing all sorts of bugs and hardening the Linux kernel. His work is supported by The Linux Foundation and the Alpha-Omega project. He’s a member of the Linux Kernel Self-Protection Project, and a regular speaker at Kernel Recipes and Open Source Summit. He has also presented at Linux Security Summit, Lund LinuxCon, Linux Plumbers Conference, Everything Open, The University of Adelaide, and Symposium sur la Sécurité des Technologies de l’Information et des Communications (SSTIC) as an invited speaker.

Leave a Comment

Your email address will not be published. Required fields are marked *