search

SUSE / libpulp

libpulp enables live patching in user space applications.
GNU Lesser General Public License v2.1
55 stars 11 forks source link

Improve trigger messages #121

Closed giulianobelinassi closed 2 years ago

giulianobelinassi commented 2 years ago

Trigger messages can be quite complicated to understand because of the huge amount of information displayed on screen.

We now refactor this to provide more simplified messages:

For instance, when triggering all processes with the patches in current directory:

$ ulp trigger '*.so'

Summary:
  ulp-test (pid: 25606):
    SKIPPED ./cve-2022-0778_livepatch1-1.1.1l-150400.2.47.so: Build ID mismatch
    SKIPPED ./cve-2022-0778_livepatch1-1.1.1l-150400.3.4.so: Build ID mismatch
    SKIPPED ./cve-2022-0778_livepatch1-1.1.1l-150400.3.11.so: Build ID mismatch
    SKIPPED ./cve-2022-0778_livepatch1-1.1.1l-150400.3.3.so: Build ID mismatch
    SKIPPED ./cve-2022-0778_livepatch1-1.1.1l-150400.3.15.so: Build ID mismatch

Or when asking to revert all patches to libcrypto.so to all processes:

ulp trigger --revert-all=libcrypto.so

Summary:
  ulp-test (pid: 25606):
    SUCCESS reverted all patches from libcrypto.so

Or when a trigger to a single process fails with build id mismatch:

$ ulp trigger -p $(pidof ulp-test) cve-2022-0778_livepatch1-1.1.1l-150400.3.15.so

error: could not apply cve-2022-0778_livepatch1-1.1.1l-150400.3.15.so to ulp-test (pid 25606): Build ID mismatch
note: run `ulp patches -b` to retrieve all build ids from patchable processes.

This should improve readability all across the board.

Signed-off-by: Giuliano Belinassi gbelinassi@suse.de

susematz commented 2 years ago

I think the non-verbose default output should contain only the successful applications, not any of the SKIPPED ones. One line per patched process, like so:

$ ulp trigger *.so
12345 (bash) buildid THE_BUILD_ID_OF_12345 applied cve-2022-0778_livepatch1-1.1.1l-150400.3.4.so
34567 (firefox) buildid THE_BUILD_ID_OF_34567 applied cve-2022-0778_livepatch1-1.1.1l-150400.2.1.so

(note how the fantasy output lists two different live patches being applied, presumably because firefox and that bash were started at different points in time when different on-disk variants of glibc)

giulianobelinassi commented 2 years ago

This PR now includes summarization.

If possible to one-line and summarize the result of process application, then do it. For instance:

    $ ulp trigger 'tests/.libs/*_livepatch1.so'
      sleep (pid: 8253): SKIPPED Target library not loaded
      sleep (pid: 8252): SKIPPED Target library not loaded
      sleep (pid: 8251): SKIPPED Target library not loaded
      sleep (pid: 8250): SKIPPED Target library not loaded
      manyprocesses (pid: 8214): SUCCESS tests/.libs/libmanyprocesses_livepatch1.so

Instead of specifying all patches that were skipped on 8253, just show that all patches were skipped because of reason X. Only show every patch result if summarization failed or verbose mode is enabled.