next/1335/80x/20260508/v1#15343
Merged
victorjulien merged 18 commits intoOISF:main-8.0.xfrom May 9, 2026
Merged
Conversation
Add flushing logic driven off of the file contexts. This is a simpler solution that removes the need for logger registration changes. Overview: Use the heartbeat-driven thread to periodically flush all registered EVE contexts via a global flush list. The global flush list is a mutex-protected TAILQ of LogFileFlushEntry nodes; each node points to a LogFileCtx. Mutex = log_file_flush_mutex Periodic flushing performed by a thread according to the heartbeat.output-flush-interval [1,60]. LogFileFlushAll() is invoked to initiate flushing of registered LogFileCtx structs; each struct's fp_mutex is obtained while the flush occurs to synchronize with LogFileWrite activity. Interacts with file-rotation via the fp_mutex. Deadlock prevention: the log_file_flush_mutex must be obtained before the fp_mutex. Issue: 8286 (cherry picked from commit a78911f)
Remove packet-based flush logic in favor of simpler solution Issue: 8286 (cherry picked from commit d0ba1c4)
Remove log flush functions and update registration logic as context-based flushing doesn't require it. Issue: 8286 (cherry picked from commit 1923ca1)
Update output flushing description to reflect EVE based approach in documentation and config template. Added: Provide update callout for out-of-tree output plugins. Issue: 8286 (cherry picked from commit e7dc0d8)
Update the public suffix list to the latest release. Ticket: OISF#8360
When libraries add their own -march flags to CFLAGS, let them. But if -march=native should be added (it should by default), add it as the last -march flag to "win". This ensures, that even if a library brings their own minimal -march, it will not downgrade the instruction set for the whole Suricata. This happened with DPDK which, when enabled, downgraded the instruction set to -march=corei7 or -march=haswell. When building packages with --disable-gccmarch-native, the instruction set is auto-upgraded to instruction set requested by libraries. E.g. from RPM builds: `CFLAGS="-march=x86_64" ./configure --enable-dpdk` upgrades instruction set to DPDK's corei7 architecture. Ticket: 8169 (cherry picked from commit 0cb88d6)
Add a file containing rules to match bittorrent protocol events. Ticket: 8421 (cherry picked from commit 42123cc)
Add a file containing rules to match SNMP protocol events. Ticket: 8421 (cherry picked from commit cff3d64)
util-logopenfile.c:837:11: error: initializing 'char *' with an expression of type 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
837 | char *dot = strrchr(base, '.');
| ^ ~~~~~~~~~~~~~~~~~~
util-logopenfile.c:848:13: error: assigning to 'char *' from 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
848 | dot = strrchr(original_name, '.');
| ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~
2 errors generated.
(cherry picked from commit cd1c596)
app-layer-ftp.c:278:14: error: initializing 'uint8_t *' (aka 'unsigned char *') with an expression of type 'const void *' discards qualifiers
[-Werror,-Wincompatible-pointer-types-discards-qualifiers]
278 | uint8_t *lf_idx = memchr(input->buf + input->consumed, 0x0a, input->len);
| ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
app-layer-ftp.c:1392:11: error: initializing 'char *' with an expression of type 'const char *' discards qualifiers
[-Werror,-Wincompatible-pointer-types-discards-qualifiers]
1392 | char *c = strchr(buffer, '\n');
| ^ ~~~~~~~~~~~~~~~~~~~~
2 errors generated.
(cherry picked from commit c21275c)
app-layer-smtp.c:566:14: error: initializing 'uint8_t *' (aka 'unsigned char *') with an expression of type 'const void *' discards qualifiers
[-Werror,-Wincompatible-pointer-types-discards-qualifiers]
566 | uint8_t *lf_idx = memchr(input->buf + input->consumed, 0x0a, input->len);
| ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 error generated.
(cherry picked from commit 5aee5ff)
conf-yaml-loader.c:87:8: error: assigning to 'char *' from 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
87 | ep = strrchr(filename, '\\');
| ^ ~~~~~~~~~~~~~~~~~~~~~~~
conf-yaml-loader.c:89:12: error: assigning to 'char *' from 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
89 | ep = strrchr(filename, '/');
| ^ ~~~~~~~~~~~~~~~~~~~~~~
2 errors generated.
datasets.c:159:11: error: initializing 'char *' with an expression of type 'const char *' discards qualifiers
[-Werror,-Wincompatible-pointer-types-discards-qualifiers]
159 | char *got_colon = strchr(line, ':');
| ^ ~~~~~~~~~~~~~~~~~
1 error generated.
(cherry picked from commit 90ce1c5)
decode.c:767:19: error: initializing 'char *' with an expression of type 'const char *' discards qualifiers
[-Werror,-Wincompatible-pointer-types-discards-qualifiers]
767 | char *dot = strchr(DEvents[i].event_name, '.');
| ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 error generated.
(cherry picked from commit a45a70b)
detect-app-layer-protocol.c:160:11: error: initializing 'char *' with an expression of type 'const char *' discards qualifiers
[-Werror,-Wincompatible-pointer-types-discards-qualifiers]
160 | char *sep = strchr(arg, ',');
| ^ ~~~~~~~~~~~~~~~~
1 error generated.
(cherry picked from commit 3564f2f)
detect-pcre.c:419:11: error: initializing 'char *' with an expression of type 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
419 | char *fcap = strstr(regexstr, "flow:");
| ^ ~~~~~~~~~~~~~~~~~~~~~~~~~
detect-pcre.c:420:11: error: initializing 'char *' with an expression of type 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
420 | char *pcap = strstr(regexstr, "pkt:");
| ^ ~~~~~~~~~~~~~~~~~~~~~~~~
detect-pcre.c:421:11: error: initializing 'char *' with an expression of type 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
421 | char *acap = strstr(regexstr, "alert:");
| ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~
3 errors generated.
(cherry picked from commit 0a4685f)
util-magic.c:436:11: error: initializing 'char *' with an expression of type 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
436 | char *str = strstr(result, "OpenDocument Text");
| ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 error generated.
util-path.c:251:11: error: initializing 'char *' with an expression of type 'const char *' discards qualifiers
[-Werror,-Wincompatible-pointer-types-discards-qualifiers]
251 | char *final = strrchr(path, DIRECTORY_SEPARATOR);
| ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 error generated.
(cherry picked from commit 72e3d7a)
victorjulien
requested review from
a team,
jasonish and
jufajardini
as code owners
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main-8.0.x #15343 +/- ##
==============================================
+ Coverage 81.61% 81.62% +0.01%
==============================================
Files 1012 1012
Lines 275304 275230 -74
==============================================
- Hits 224678 224655 -23
+ Misses 50626 50575 -51
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
|
Information: QA ran without warnings. Pipeline = 31311 |
This was referenced May 9, 2026
Closed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Staging: