From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 3431A3858D1E; Tue, 13 Sep 2022 14:59:08 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 3431A3858D1E DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1663081148; bh=xuhIdKncqSqo2Yid8qCcUfBFNX2Ek3WC69EJyNaEjU4=; h=From:To:Subject:Date:From; b=l9DhPspLwW4TqSUn2opWCKjiIcpnz/pNw7M8zuHWTxIslghXEfFXaT6ImyzphmKNJ kVXUh1GW2Q1VXLwPyDRjohuH9aoA7veRQSurjGuDNdvupOOn0xF43FFmti5onxQPLw fY3KPqjdWQcwmCh+DJ90fN8n5P/FvsuPgyUP22qo= From: "rgoldber at redhat dot com" To: systemtap@sourceware.org Subject: [Bug tapsets/29570] New: Standardized template stap script for security band-aids Date: Tue, 13 Sep 2022 14:59:07 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: systemtap X-Bugzilla-Component: tapsets X-Bugzilla-Version: unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: rgoldber at redhat dot com X-Bugzilla-Status: NEW X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: systemtap at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter target_milestone attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://sourceware.org/bugzilla/show_bug.cgi?id=3D29570 Bug ID: 29570 Summary: Standardized template stap script for security band-aids Product: systemtap Version: unspecified Status: NEW Severity: normal Priority: P2 Component: tapsets Assignee: systemtap at sourceware dot org Reporter: rgoldber at redhat dot com Target Milestone: --- Created attachment 14333 --> https://sourceware.org/bugzilla/attachment.cgi?id=3D14333&action=3Ded= it Template prototype stap script It would be beneficial for the cve-*.stp scripts to begin to standardize themselves to a single common format. They can all be broken into 2 compone= nts: the boilerplate and the actual trace/fix payloads. And so I propose creatin= g a standard template as well as some minor stap syntax to remove these common elements.=20 The attachment shows a prototype of what this template might look like where the new proposed syntax `probe livepatch("CVE-YYYY-ABCD").mode(notify_p, fi= x_p, trace_p)` is replaced by the stap frontend with the injected boilerplate st= ap code. This not only standardizes and makes the actual cve fix fit in gently, with minimum boilerplate, but also provides the users with some useful prometheus metrics such as how long the patch has been applied for and how many times = the fix/trace are used. --=20 You are receiving this mail because: You are the assignee for the bug.=