Project

General

Profile

Actions

Feature #4775

open

lua: overhaul lua support

Added by Victor Julien over 2 years ago. Updated about 2 months ago.

Status:
New
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

Implement https://redmine.openinfosecfoundation.org/issues/3307#note-12:

  • vendor a specific version in
  • disallow modules by default (or at all)
  • do proper sandboxing, both for security and performance
  • enable it by default so rule vendors can rely on it to be there

Subtasks 7 (7 open0 closed)

Feature #1971: lua: make mandatoryIn ProgressOISF DevActions
Feature #2290: lua: use script as transformAssignedJeff LucovskyActions
Feature #4776: lua: vendor latest lua stableAssignedJason IshActions
Task #6961: lua create: use a rust crate to vendor luaIn ProgressJason IshActions
Feature #4777: lua: implement sandboxingIn ProgressJason IshActions
Feature #6939: lua: incremement stat when a lua rule exhausts its instruction countNewOISF DevActions
Bug #6940: lua: handle errors in lua rulesIn ProgressOISF DevActions

Related issues 5 (4 open1 closed)

Related to Suricata - Task #3307: Research: evaluate future of lua support in SuricataNewOISF DevActions
Related to Suricata - Feature #1504: lua: better notification in verbose mode on script errorsNewOISF DevActions
Related to Suricata - Feature #1505: lua: show lua scripts during rule (re)loadingNewOISF DevActions
Related to Suricata - Feature #2871: lua: Exposing byte extract to scriptClosedJeff LucovskyActions
Related to Suricata - Task #6443: Suricon 2023 brainstormAssignedVictor JulienActions
Actions #1

Updated by Victor Julien over 2 years ago

  • Related to Task #3307: Research: evaluate future of lua support in Suricata added
Actions #2

Updated by Victor Julien over 2 years ago

  • Related to Feature #1504: lua: better notification in verbose mode on script errors added
Actions #3

Updated by Victor Julien over 2 years ago

  • Related to Feature #1505: lua: show lua scripts during rule (re)loading added
Actions #4

Updated by Victor Julien over 2 years ago

  • Related to Feature #2871: lua: Exposing byte extract to script added
Actions #5

Updated by Jason Ish over 1 year ago

Neovim has some discussion on why they use Lua 5.1 vs other versions:

https://github.com/neovim/neovim/wiki/FAQ#why-lua-51-instead-of-lua-53

Also, rlua, the previously most popular Lua bindings for Rust started with Lua 5.3 I think. 5.1 came after due to popular demand. mlua, a fork of rlua that seems to be more popular now, and also supports luajit 5.1.

By using one of these crates we can get Lua vendored for free.

Actions #6

Updated by Jason Ish 7 months ago

  • Assignee set to OISF Dev
Actions #7

Updated by Jason Ish 7 months ago

  • Related to Task #6443: Suricon 2023 brainstorm added
Actions #8

Updated by Victor Julien 6 months ago

  • Assignee changed from OISF Dev to Jo Johnson
Actions #9

Updated by Jason Ish about 2 months ago

  • Subtask #6939 added
Actions #10

Updated by Jason Ish about 2 months ago

  • Subtask #6940 added
Actions #11

Updated by Victor Julien about 2 months ago

  • Assignee changed from Jo Johnson to Jason Ish
Actions #12

Updated by Philippe Antoine about 2 months ago

  • Target version set to TBD
Actions

Also available in: Atom PDF