tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Lua as a scripting language in NetBSD



On Sun, 18 Oct 2009, Thor Lancelot Simon wrote:

> On Sun, Oct 18, 2009 at 08:29:02PM +0300, Antti Kantee wrote:
> >
> > I am opposed to "wishful thinking" additions to the base system without
> > any real evidence of the actual usefulness.
>
> You want an example application?  Some of mine are proprietary so I can't
> share their details right now.  But here is one which I think has pretty
> general appeal.  I would like to use Lua, in the kernel, to implement
> stateful application-layer packet filtering and redirection, using our
> existing packet filter hooks and (in some cases) ipfilter's "call" action.

I don't have a great opinion about Lua (my own wishful thinking didn't
come up with any immediate applications :) but I think that is pretty
interesting. In the paper I referenced previously, it mentioned that Lua
code compiles into about 60 instructions run on a Lua virtual machine (in
that implementation), I guess this means that for your purposes the entire
Lua interpreter is not required to be built into the kernel, only the
virtual machine and have the compilation to byte-code in the loader?

Since I know you have security concerns and must have thought about this,
the bpf filter machine is (IIRC) designed to be safe such that the kernel
can test for and reject code that can cause harm to the running system, is
that possible with Lua virtual machine code?

iain




Home | Main Index | Thread Index | Old Index