* [Bug tapsets/29570] New: Standardized template stap script for security band-aids
@ 2022-09-13 14:59 rgoldber at redhat dot com
2022-10-03 20:48 ` [Bug tapsets/29570] " rgoldber at redhat dot com
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: rgoldber at redhat dot com @ 2022-09-13 14:59 UTC (permalink / raw)
To: systemtap
https://sourceware.org/bugzilla/show_bug.cgi?id=29570
Bug ID: 29570
Summary: Standardized template stap script for security
band-aids
Product: systemtap
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: tapsets
Assignee: systemtap at sourceware dot org
Reporter: rgoldber at redhat dot com
Target Milestone: ---
Created attachment 14333
--> https://sourceware.org/bugzilla/attachment.cgi?id=14333&action=edit
Template prototype stap script
It would be beneficial for the cve-*.stp scripts to begin to standardize
themselves to a single common format. They can all be broken into 2 components:
the boilerplate and the actual trace/fix payloads. And so I propose creating a
standard template as well as some minor stap syntax to remove these common
elements.
The attachment shows a prototype of what this template might look like where
the new proposed syntax `probe livepatch("CVE-YYYY-ABCD").mode(notify_p, fix_p,
trace_p)` is replaced by the stap frontend with the injected boilerplate stap
code.
This not only standardizes and makes the actual cve fix fit in gently, with
minimum boilerplate, but also provides the users with some useful prometheus
metrics such as how long the patch has been applied for and how many times the
fix/trace are used.
--
You are receiving this mail because:
You are the assignee for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug tapsets/29570] Standardized template stap script for security band-aids
2022-09-13 14:59 [Bug tapsets/29570] New: Standardized template stap script for security band-aids rgoldber at redhat dot com
@ 2022-10-03 20:48 ` rgoldber at redhat dot com
2022-10-04 16:33 ` rgoldber at redhat dot com
2022-10-05 20:40 ` fche at redhat dot com
2 siblings, 0 replies; 4+ messages in thread
From: rgoldber at redhat dot com @ 2022-10-03 20:48 UTC (permalink / raw)
To: systemtap
https://sourceware.org/bugzilla/show_bug.cgi?id=29570
Ryan Goldberg <rgoldber at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #14333|0 |1
is obsolete| |
--- Comment #1 from Ryan Goldberg <rgoldber at redhat dot com> ---
Created attachment 14378
--> https://sourceware.org/bugzilla/attachment.cgi?id=14378&action=edit
Submit A Patch for 29570
A new template for future CVE bandaids with a tapset containing some useful
tooling (convenient metrics, global parameters for toggling various aspects of
the patch, timeouts, ...)
--
You are receiving this mail because:
You are the assignee for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug tapsets/29570] Standardized template stap script for security band-aids
2022-09-13 14:59 [Bug tapsets/29570] New: Standardized template stap script for security band-aids rgoldber at redhat dot com
2022-10-03 20:48 ` [Bug tapsets/29570] " rgoldber at redhat dot com
@ 2022-10-04 16:33 ` rgoldber at redhat dot com
2022-10-05 20:40 ` fche at redhat dot com
2 siblings, 0 replies; 4+ messages in thread
From: rgoldber at redhat dot com @ 2022-10-04 16:33 UTC (permalink / raw)
To: systemtap
https://sourceware.org/bugzilla/show_bug.cgi?id=29570
Ryan Goldberg <rgoldber at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #14378|0 |1
is obsolete| |
CC| |rgoldber at redhat dot com
--- Comment #2 from Ryan Goldberg <rgoldber at redhat dot com> ---
Created attachment 14380
--> https://sourceware.org/bugzilla/attachment.cgi?id=14380&action=edit
Submit A Patch for 29570, revised
At fche's suggestion made some nice modifications/simplifications to the
previous patch
--
You are receiving this mail because:
You are the assignee for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug tapsets/29570] Standardized template stap script for security band-aids
2022-09-13 14:59 [Bug tapsets/29570] New: Standardized template stap script for security band-aids rgoldber at redhat dot com
2022-10-03 20:48 ` [Bug tapsets/29570] " rgoldber at redhat dot com
2022-10-04 16:33 ` rgoldber at redhat dot com
@ 2022-10-05 20:40 ` fche at redhat dot com
2 siblings, 0 replies; 4+ messages in thread
From: fche at redhat dot com @ 2022-10-05 20:40 UTC (permalink / raw)
To: systemtap
https://sourceware.org/bugzilla/show_bug.cgi?id=29570
Frank Ch. Eigler <fche at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
CC| |fche at redhat dot com
--- Comment #3 from Frank Ch. Eigler <fche at redhat dot com> ---
commit f2d9285fe0
--
You are receiving this mail because:
You are the assignee for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-10-05 20:40 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-09-13 14:59 [Bug tapsets/29570] New: Standardized template stap script for security band-aids rgoldber at redhat dot com
2022-10-03 20:48 ` [Bug tapsets/29570] " rgoldber at redhat dot com
2022-10-04 16:33 ` rgoldber at redhat dot com
2022-10-05 20:40 ` fche at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).