Project

General

Profile

Actions
Copy link

Feature #4775

open

lua: overhaul lua support

Added by Victor Julien over 2 years ago. Updated 6 days ago.

Status:
New
Priority:
Normal
Assignee:
Jason Ish
Target version:
TBD
Effort:
Difficulty:
Label:

Description

Implement https://redmine.openinfosecfoundation.org/issues/3307#note-12:

  • vendor a specific version in
  • disallow modules by default (or at all)
  • do proper sandboxing, both for security and performance
  • enable it by default so rule vendors can rely on it to be there

Subtasks 7 (7 open0 closed)

Feature #1971: lua: make mandatoryIn ProgressOISF DevActions
Feature #2290: lua: use script as transformAssignedJeff LucovskyActions
Feature #4776: lua: vendor latest lua stableAssignedJason IshActions
Task #6961: lua create: use a rust crate to vendor luaIn ProgressJason IshActions
Feature #4777: lua: implement sandboxingIn ProgressJason IshActions
Feature #6939: lua: incremement stat when a lua rule exhausts its instruction countNewOISF DevActions
Feature #6940: lua: handle errors in lua rulesNewOISF DevActions

Related issues 5 (4 open1 closed)

Related to Suricata - Task #3307: Research: evaluate future of lua support in SuricataNewOISF DevActions
Related to Suricata - Feature #1504: lua: better notification in verbose mode on script errorsNewOISF DevActions
Related to Suricata - Feature #1505: lua: show lua scripts during rule (re)loadingNewOISF DevActions
Related to Suricata - Feature #2871: lua: Exposing byte extract to scriptClosedJeff LucovskyActions
Related to Suricata - Task #6443: Suricon 2023 brainstormAssignedVictor JulienActions
Actions
Copy link
 #1

Updated by Victor Julien over 2 years ago

  • Related to Task #3307: Research: evaluate future of lua support in Suricata added
Actions
Copy link
 #2

Updated by Victor Julien over 2 years ago

  • Related to Feature #1504: lua: better notification in verbose mode on script errors added
Actions
Copy link
 #3

Updated by Victor Julien over 2 years ago

  • Related to Feature #1505: lua: show lua scripts during rule (re)loading added
Actions
Copy link
 #4

Updated by Victor Julien over 2 years ago

  • Related to Feature #2871: lua: Exposing byte extract to script added
Actions
Copy link
 #5

Updated by Jason Ish over 1 year ago

Neovim has some discussion on why they use Lua 5.1 vs other versions:

https://github.com/neovim/neovim/wiki/FAQ#why-lua-51-instead-of-lua-53

Also, rlua, the previously most popular Lua bindings for Rust started with Lua 5.3 I think. 5.1 came after due to popular demand. mlua, a fork of rlua that seems to be more popular now, and also supports luajit 5.1.

By using one of these crates we can get Lua vendored for free.

Actions
Copy link
 #6

Updated by Jason Ish 5 months ago

  • Assignee set to OISF Dev
Actions
Copy link
 #7

Updated by Jason Ish 5 months ago

  • Related to Task #6443: Suricon 2023 brainstorm added
Actions
Copy link
 #8

Updated by Victor Julien 5 months ago

  • Assignee changed from OISF Dev to Jo Johnson
Actions
Copy link
 #9

Updated by Jason Ish 7 days ago

  • Subtask #6939 added
Actions
Copy link
 #10

Updated by Jason Ish 7 days ago

  • Subtask #6940 added
Actions
Copy link
 #11

Updated by Victor Julien 6 days ago

  • Assignee changed from Jo Johnson to Jason Ish
Actions
Copy link
 #12

Updated by Philippe Antoine 6 days ago

  • Target version set to TBD
Actions
Copy link

Also available in: Atom PDF