tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Lua in-kernel (lbuf library)

Terry Moore wrote:
> Just to clarify a bit....
> > Indeed, we started with Lua because AWK was not embeddable and because of
> > the 1-origin issue. 
> We thought, mistakenly, that a language that didn't look very much like C
> would cause fewer problems because of the 0-origin / 1-origin difference.
> Apparently, however, it's a deeper habit of thought. Ditto for the string
> escape sequences. Apparently the '[' and ']' for indexing, and the '\' for
> character escapes, trigger very deeply seated patterns.

While I agree that 0-1 switch is mentally hard [*] but if you often need
to access arrays by index in Lua code then you either solving a wrong
problem of doing something a wrong way.

Lua is designed to be a glue language. If you need arrays (as opposite
to collections which can be iterated over with ipairs/pairs/iterators),
then you're likely doing low-level C stuff in Lua.

Data structures in kernel are often organized as linked lists. To
iterate from Lua, you probably want to write an iterator and also
a lookup function.

Lets say you want to iterate over all "ps" processes from ddb (if gdb
has python support, why can't we have a cooler thing?). You do this:

ddb> lua on
ddb> for p in processes:match("ps") do print( end
ddb> =processes:find(1).path
ddb> lua off

You can do a lot without ever accessing elements by integer indices.

> Based on our experience, it seems risky to use Lua to implement code that
> interoperates with kernel-like C code in security-critical contexts. We
> found this risk to be insurmountable. Engineers who are used to zero-origin
> code, and who are looking at zero-origin code for reference, will make
> zero-origin mistakes. 

Again, don't do C stuff in Lua. However, there is a different kind of
risk when developing security code in Lua: it's the layers of Lua
itselft. Any complex layer introduces a non-neglidgible risk.

[*] I found it out while developing mixed Lua-C module which could also
    detect LuaJIT and use its zero-based FFI structures.


Home | Main Index | Thread Index | Old Index