Project

General

Profile

Actions
Copy link

Feature #4775

open

lua: overhaul lua support

Added by Victor Julien about 3 years ago. Updated 5 months ago.

Status:
In Progress
Priority:
High
Assignee:
Jason Ish
Target version:
TBD
Effort:
Difficulty:
Label:

Description

Implement https://redmine.openinfosecfoundation.org/issues/3307#note-12:

  • vendor a specific version in
  • disallow modules by default (or at all)
  • do proper sandboxing, both for security and performance
  • enable it by default so rule vendors can rely on it to be there

Subtasks 7 (3 open4 closed)

Feature #1971: lua: make mandatoryClosedOISF DevActions
Feature #2290: lua: use script as transformIn ReviewJeff LucovskyActions
Feature #4776: lua: vendor latest lua stableIn ProgressJason IshActions
Task #6961: lua create: use a rust crate to vendor luaIn ProgressJason IshActions
Feature #4777: lua: implement sandboxingClosedJason IshActions
Feature #6939: lua: incremement stat when a lua rule exhausts its instruction countClosedJason IshActions
Bug #6940: lua: handle errors in lua rulesClosedJason IshActions

Related issues 7 (6 open1 closed)

Related to Suricata - Task #3307: Research: evaluate future of lua support in SuricataNewOISF DevActions
Related to Suricata - Feature #1504: lua: better notification in verbose mode on script errorsNewOISF DevActions
Related to Suricata - Feature #1505: lua: show lua scripts during rule (re)loadingNewOISF DevActions
Related to Suricata - Feature #2871: lua: Exposing byte extract to scriptClosedJeff LucovskyActions
Related to Suricata - Task #6443: Suricon 2023 brainstormAssignedVictor JulienActions
Related to Suricata - Feature #7073: lua: expose hashing functions (md5/sha1/sha256)NewJason IshActions
Related to Suricata - Feature #7074: lua: expose base64 functionsNewJason IshActions
Actions
Copy link
 #1

Updated by Victor Julien about 3 years ago

  • Related to Task #3307: Research: evaluate future of lua support in Suricata added
Actions
Copy link
 #2

Updated by Victor Julien almost 3 years ago

  • Related to Feature #1504: lua: better notification in verbose mode on script errors added
Actions
Copy link
 #3

Updated by Victor Julien almost 3 years ago

  • Related to Feature #1505: lua: show lua scripts during rule (re)loading added
Actions
Copy link
 #4

Updated by Victor Julien almost 3 years ago

  • Related to Feature #2871: lua: Exposing byte extract to script added
Actions
Copy link
 #5

Updated by Jason Ish about 2 years ago

Neovim has some discussion on why they use Lua 5.1 vs other versions:

https://github.com/neovim/neovim/wiki/FAQ#why-lua-51-instead-of-lua-53

Also, rlua, the previously most popular Lua bindings for Rust started with Lua 5.3 I think. 5.1 came after due to popular demand. mlua, a fork of rlua that seems to be more popular now, and also supports luajit 5.1.

By using one of these crates we can get Lua vendored for free.

Actions
Copy link
 #6

Updated by Jason Ish 12 months ago

  • Assignee set to OISF Dev
Actions
Copy link
 #7

Updated by Jason Ish 12 months ago

  • Related to Task #6443: Suricon 2023 brainstorm added
Actions
Copy link
 #8

Updated by Victor Julien 11 months ago

  • Assignee changed from OISF Dev to Jo Johnson
Actions
Copy link
 #9

Updated by Jason Ish 7 months ago

  • Subtask #6939 added
Actions
Copy link
 #10

Updated by Jason Ish 7 months ago

  • Subtask #6940 added
Actions
Copy link
 #11

Updated by Victor Julien 7 months ago

  • Assignee changed from Jo Johnson to Jason Ish
Actions
Copy link
 #12

Updated by Philippe Antoine 7 months ago

  • Target version set to TBD
Actions
Copy link
 #13

Updated by Victor Julien 5 months ago

  • Status changed from New to In Progress
Actions
Copy link
 #14

Updated by Victor Julien 5 months ago

  • Related to Feature #7073: lua: expose hashing functions (md5/sha1/sha256) added
Actions
Copy link
 #15

Updated by Victor Julien 5 months ago

Actions
Copy link

Also available in: Atom PDF