* [Bug tapsets/29570] New: Standardized template stap script for security band-aids @ 2022-09-13 14:59 rgoldber at redhat dot com 2022-10-03 20:48 ` [Bug tapsets/29570] " rgoldber at redhat dot com ` (2 more replies) 0 siblings, 3 replies; 4+ messages in thread From: rgoldber at redhat dot com @ 2022-09-13 14:59 UTC (permalink / raw) To: systemtap https://sourceware.org/bugzilla/show_bug.cgi?id=29570 Bug ID: 29570 Summary: Standardized template stap script for security band-aids Product: systemtap Version: unspecified Status: NEW Severity: normal Priority: P2 Component: tapsets Assignee: systemtap at sourceware dot org Reporter: rgoldber at redhat dot com Target Milestone: --- Created attachment 14333 --> https://sourceware.org/bugzilla/attachment.cgi?id=14333&action=edit Template prototype stap script It would be beneficial for the cve-*.stp scripts to begin to standardize themselves to a single common format. They can all be broken into 2 components: the boilerplate and the actual trace/fix payloads. And so I propose creating a standard template as well as some minor stap syntax to remove these common elements. The attachment shows a prototype of what this template might look like where the new proposed syntax `probe livepatch("CVE-YYYY-ABCD").mode(notify_p, fix_p, trace_p)` is replaced by the stap frontend with the injected boilerplate stap code. This not only standardizes and makes the actual cve fix fit in gently, with minimum boilerplate, but also provides the users with some useful prometheus metrics such as how long the patch has been applied for and how many times the fix/trace are used. -- You are receiving this mail because: You are the assignee for the bug. ^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug tapsets/29570] Standardized template stap script for security band-aids 2022-09-13 14:59 [Bug tapsets/29570] New: Standardized template stap script for security band-aids rgoldber at redhat dot com @ 2022-10-03 20:48 ` rgoldber at redhat dot com 2022-10-04 16:33 ` rgoldber at redhat dot com 2022-10-05 20:40 ` fche at redhat dot com 2 siblings, 0 replies; 4+ messages in thread From: rgoldber at redhat dot com @ 2022-10-03 20:48 UTC (permalink / raw) To: systemtap https://sourceware.org/bugzilla/show_bug.cgi?id=29570 Ryan Goldberg <rgoldber at redhat dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #14333|0 |1 is obsolete| | --- Comment #1 from Ryan Goldberg <rgoldber at redhat dot com> --- Created attachment 14378 --> https://sourceware.org/bugzilla/attachment.cgi?id=14378&action=edit Submit A Patch for 29570 A new template for future CVE bandaids with a tapset containing some useful tooling (convenient metrics, global parameters for toggling various aspects of the patch, timeouts, ...) -- You are receiving this mail because: You are the assignee for the bug. ^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug tapsets/29570] Standardized template stap script for security band-aids 2022-09-13 14:59 [Bug tapsets/29570] New: Standardized template stap script for security band-aids rgoldber at redhat dot com 2022-10-03 20:48 ` [Bug tapsets/29570] " rgoldber at redhat dot com @ 2022-10-04 16:33 ` rgoldber at redhat dot com 2022-10-05 20:40 ` fche at redhat dot com 2 siblings, 0 replies; 4+ messages in thread From: rgoldber at redhat dot com @ 2022-10-04 16:33 UTC (permalink / raw) To: systemtap https://sourceware.org/bugzilla/show_bug.cgi?id=29570 Ryan Goldberg <rgoldber at redhat dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #14378|0 |1 is obsolete| | CC| |rgoldber at redhat dot com --- Comment #2 from Ryan Goldberg <rgoldber at redhat dot com> --- Created attachment 14380 --> https://sourceware.org/bugzilla/attachment.cgi?id=14380&action=edit Submit A Patch for 29570, revised At fche's suggestion made some nice modifications/simplifications to the previous patch -- You are receiving this mail because: You are the assignee for the bug. ^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug tapsets/29570] Standardized template stap script for security band-aids 2022-09-13 14:59 [Bug tapsets/29570] New: Standardized template stap script for security band-aids rgoldber at redhat dot com 2022-10-03 20:48 ` [Bug tapsets/29570] " rgoldber at redhat dot com 2022-10-04 16:33 ` rgoldber at redhat dot com @ 2022-10-05 20:40 ` fche at redhat dot com 2 siblings, 0 replies; 4+ messages in thread From: fche at redhat dot com @ 2022-10-05 20:40 UTC (permalink / raw) To: systemtap https://sourceware.org/bugzilla/show_bug.cgi?id=29570 Frank Ch. Eigler <fche at redhat dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED CC| |fche at redhat dot com --- Comment #3 from Frank Ch. Eigler <fche at redhat dot com> --- commit f2d9285fe0 -- You are receiving this mail because: You are the assignee for the bug. ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-10-05 20:40 UTC | newest] Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2022-09-13 14:59 [Bug tapsets/29570] New: Standardized template stap script for security band-aids rgoldber at redhat dot com 2022-10-03 20:48 ` [Bug tapsets/29570] " rgoldber at redhat dot com 2022-10-04 16:33 ` rgoldber at redhat dot com 2022-10-05 20:40 ` fche at redhat dot com
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).