Project

General

Profile

Actions
Copy link

Feature #4775

closed
VJ JI

lua: overhaul lua support

Feature #4775: lua: overhaul lua support

Added by Victor Julien over 4 years ago. Updated 9 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Jason Ish
Target version:
8.0.0
Effort:
Difficulty:
Label:

Description

Implement https://redmine.openinfosecfoundation.org/issues/3307#note-12:

  • vendor a specific version in
  • disallow modules by default (or at all)
  • do proper sandboxing, both for security and performance
  • enable it by default so rule vendors can rely on it to be there

Subtasks 7 (0 open7 closed)

Feature #1971: lua: make mandatoryClosedOISF DevActions
Feature #2290: lua: use script as transformClosedJeff LucovskyActions
Feature #4776: lua: vendor latest lua stableClosedJason IshActions
Task #6961: lua: use a rust crate to vendor luaClosedJason IshActions
Feature #4777: lua: implement sandboxingClosedJason IshActions
Feature #6939: lua: incremement stat when a lua rule exhausts its instruction countClosedJason IshActions
Bug #6940: lua: handle errors in lua rulesClosedJason IshActions

Related issues 7 (3 open4 closed)

Related to Suricata - Task #3307: Research: evaluate future of lua support in SuricataClosedOISF DevActions
Related to Suricata - Feature #1504: lua: better notification in verbose mode on script errorsNewOISF DevActions
Related to Suricata - Feature #1505: lua: show lua scripts during rule (re)loadingNewOISF DevActions
Related to Suricata - Feature #2871: lua: Exposing byte extract to scriptClosedJeff LucovskyActions
Related to Suricata - Task #6443: Suricon 2023 brainstormAssignedVictor JulienActions
Related to Suricata - Feature #7073: lua: expose hashing functions (md5/sha1/sha256)ClosedJason IshActions
Related to Suricata - Feature #7074: lua: expose base64 functionsClosedJason IshActions

VJ Updated by Victor Julien over 4 years ago Actions
Copy link
 #1

  • Related to Task #3307: Research: evaluate future of lua support in Suricata added

VJ Updated by Victor Julien over 4 years ago Actions
Copy link
 #2

  • Related to Feature #1504: lua: better notification in verbose mode on script errors added

VJ Updated by Victor Julien over 4 years ago Actions
Copy link
 #3

  • Related to Feature #1505: lua: show lua scripts during rule (re)loading added

VJ Updated by Victor Julien over 4 years ago Actions
Copy link
 #4

  • Related to Feature #2871: lua: Exposing byte extract to script added

JI Updated by Jason Ish over 3 years ago Actions
Copy link
 #5

Neovim has some discussion on why they use Lua 5.1 vs other versions:

https://github.com/neovim/neovim/wiki/FAQ#why-lua-51-instead-of-lua-53

Also, rlua, the previously most popular Lua bindings for Rust started with Lua 5.3 I think. 5.1 came after due to popular demand. mlua, a fork of rlua that seems to be more popular now, and also supports luajit 5.1.

By using one of these crates we can get Lua vendored for free.

JI Updated by Jason Ish over 2 years ago Actions
Copy link
 #6

  • Assignee set to OISF Dev

JI Updated by Jason Ish over 2 years ago Actions
Copy link
 #7

  • Related to Task #6443: Suricon 2023 brainstorm added

VJ Updated by Victor Julien over 2 years ago Actions
Copy link
 #8

  • Assignee changed from OISF Dev to Jo Johnson

JI Updated by Jason Ish almost 2 years ago Actions
Copy link
 #9

  • Subtask #6939 added

JI Updated by Jason Ish almost 2 years ago Actions
Copy link
 #10

  • Subtask #6940 added

VJ Updated by Victor Julien almost 2 years ago Actions
Copy link
 #11

  • Assignee changed from Jo Johnson to Jason Ish

PA Updated by Philippe Antoine almost 2 years ago Actions
Copy link
 #12

  • Target version set to TBD

VJ Updated by Victor Julien almost 2 years ago Actions
Copy link
 #13

  • Status changed from New to In Progress

VJ Updated by Victor Julien almost 2 years ago Actions
Copy link
 #14

  • Related to Feature #7073: lua: expose hashing functions (md5/sha1/sha256) added

VJ Updated by Victor Julien almost 2 years ago Actions
Copy link
 #15

JI Updated by Jason Ish 9 months ago Actions
Copy link
 #16

  • Status changed from In Progress to Closed
  • Target version changed from TBD to 8.0.0

Closing. All sub-tasks are closed. Any specific issues can get a new ticket.

Actions
Copy link

Also available in: PDF Atom