From: Sachin Sant <sachinp@linux.ibm.com>
To: ltp@lists.linux.it
Subject: [LTP] [PATCH v4 1/2] doc: generate CVE catalog documentation
Date: Tue, 28 Apr 2026 20:06:13 +0530 [thread overview]
Message-ID: <20260428143614.69724-1-sachinp@linux.ibm.com> (raw)
Add a Sphinx builder hook to parse runtest/cve and generate a
comprehensive CVE catalog in a single documentation file.
The implementation:
- Parses runtest/cve to extract CVE IDs, test names, and options
- Generates a single CVE catalog file (_static/cve.rst) containing:
* Total CVE count
* All CVEs sorted in descending order (newest first)
* Table of CVEs:
- CVE ID
- Test name (Cross-references to test catalog entries)
- Integrates CVE catalog into main documentation index
Closes: https://github.com/linux-test-project/ltp/issues/1254
Cc: Andrea Cervesato <andrea.cervesato@suse.com>
Cc: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Sachin Sant <sachinp@linux.ibm.com>
---
V4 changes:
- Simplified the CVE table (id, test name)
- Removed individual CVE pages
- v3 link https://lore.kernel.org/ltp/69f0b046.df0a0220.3765a8.f8e4@mx.google.com/T/#u
V3 changes:
- CVEs sorted in descending order
- append test name to CVE id : CVE (Test Name)
- Separate page for CVE catalog
- Link cve testcases to Test catalog entry
- v2 link https://lore.kernel.org/ltp/0df5f75d-eb8f-428e-9888-bb7a90a6b1a4@linux.ibm.com/
V2 changes:
- Replace Fixes tag by Closes
- V1 link https://lore.kernel.org/ltp/20260423105304.59788-1-sachinp@linux.ibm.com/T/#u
---
doc/Makefile | 2 +-
doc/conf.py | 91 +++++++++++++++++++++++++++++++++++++++
doc/index.rst | 4 ++
doc/users/cve_catalog.rst | 6 +++
4 files changed, 102 insertions(+), 1 deletion(-)
create mode 100644 doc/users/cve_catalog.rst
diff --git a/doc/Makefile b/doc/Makefile
index 3123b1cd7..e99cbe666 100644
--- a/doc/Makefile
+++ b/doc/Makefile
@@ -30,7 +30,7 @@ spelling:
$(RUN_VENV); sphinx-build -b spelling -d build/doctree . build/spelling
clean:
- rm -rf html/ build/ _static/syscalls.rst _static/tests.rst syscalls.tbl \
+ rm -rf html/ build/ _static/syscalls.rst _static/tests.rst _static/cve.rst syscalls.tbl \
${abs_top_builddir}/metadata/ltp.json
distclean: clean
diff --git a/doc/conf.py b/doc/conf.py
index 63d09352e..d692638a0 100644
--- a/doc/conf.py
+++ b/doc/conf.py
@@ -30,6 +30,15 @@ extensions = [
'sphinx.ext.extlinks',
]
+# Configure autosectionlabel to prefix labels with document name
+# This prevents duplicate labels when same test name appears in multiple files
+autosectionlabel_prefix_document = True
+# Only create labels for sections with unique names
+autosectionlabel_maxdepth = 2
+
+# Suppress duplicate label warnings for kernel-doc generated content
+suppress_warnings = ['autosectionlabel.*']
+
exclude_patterns = ["html*", '_static*', '.venv*']
extlinks = {
'repo': (f'{ltp_repo}/%s', '%s'),
@@ -535,6 +544,87 @@ def generate_test_catalog(_):
with open(output, 'w+', encoding='utf-8') as new_tests:
new_tests.write('\n'.join(text))
+def generate_cve_catalog(_):
+ """
+ Generate CVE catalog in a single file. Parse runtest/cve file and
+ generate documentation with links to CVE databases and test sources.
+ Similar to test_catalog, creates a single _static/cve.rst file with
+ all CVE information.
+ """
+ output = '_static/cve.rst'
+ runtest_cve = '../runtest/cve'
+ metadata_file = '../metadata/ltp.json'
+
+ # Load metadata to check which tests exist in the catalog
+ metadata = None
+ try:
+ with open(metadata_file, 'r', encoding='utf-8') as data:
+ metadata = json.load(data)
+ except FileNotFoundError:
+ logger = sphinx.util.logging.getLogger(__name__)
+ msg = f"Can't find metadata file ({metadata_file})"
+ logger.warning(msg)
+
+ # Parse runtest/cve file
+ cve_data = {}
+
+ try:
+ with open(runtest_cve, 'r', encoding='utf-8') as f:
+ for line in f:
+ line = line.strip()
+ if not line or line.startswith('#'):
+ continue
+
+ parts = line.split(None, 2)
+ if len(parts) >= 2:
+ cve_id = parts[0].upper()
+ test_name = parts[1]
+
+ cve_data[cve_id] = {
+ 'cve_id': cve_id,
+ 'test_name': test_name,
+ }
+ except FileNotFoundError:
+ logger = sphinx.util.logging.getLogger(__name__)
+ msg = f"Can't find runtest/cve file ({runtest_cve})"
+ logger.warning(msg)
+ return
+
+ # Generate single CVE catalog file
+ total_cves = len(cve_data)
+ text = [
+ '.. warning::',
+ ' The following CVE catalog has been generated from the',
+ ' runtest/cve file and includes all CVE reproducers in LTP.',
+ '',
+ f'LTP includes reproducers for {total_cves} known CVEs.',
+ '',
+ '.. list-table::',
+ ' :header-rows: 1',
+ ' :widths: 40 60',
+ '',
+ ' * - CVE ID',
+ ' - Test Name',
+ ]
+
+ # Add CVEs in descending order (newest first)
+ for cve_id, cve_info in sorted(cve_data.items(), reverse=True):
+ test_name = cve_info["test_name"]
+
+ # Only create cross-reference if test exists in metadata
+ if metadata and test_name in metadata.get('tests', {}):
+ test_anchor = f"users/test_catalog:{test_name}"
+ test_link = f":ref:`{test_name} <{test_anchor}>`"
+ else:
+ test_link = f"``{test_name}``"
+
+ text.extend([
+ f' * - {cve_id}',
+ f' - {test_link}',
+ ])
+
+ with open(output, 'w+', encoding='utf-8') as cve_catalog:
+ cve_catalog.write('\n'.join(text))
def setup(app):
"""
@@ -543,4 +633,5 @@ def setup(app):
"""
app.add_css_file('custom.css')
app.connect('builder-inited', generate_syscalls_stats)
+ app.connect('builder-inited', generate_cve_catalog)
app.connect('builder-inited', generate_test_catalog)
diff --git a/doc/index.rst b/doc/index.rst
index 496a12f80..733495f51 100644
--- a/doc/index.rst
+++ b/doc/index.rst
@@ -12,6 +12,7 @@
users/testers_guide
users/supported_systems
users/stats
+ users/cve_catalog
users/test_catalog
.. toctree::
@@ -58,6 +59,9 @@ For users
:doc:`users/stats`
Some LTP statistics
+:doc:`users/cve_catalog`
+ LTP reproducers for known CVEs
+
:doc:`users/test_catalog`
The LTP test catalog
diff --git a/doc/users/cve_catalog.rst b/doc/users/cve_catalog.rst
new file mode 100644
index 000000000..5a5b9b54a
--- /dev/null
+++ b/doc/users/cve_catalog.rst
@@ -0,0 +1,6 @@
+.. SPDX-License-Identifier: GPL-2.0-or-later
+
+CVE catalog
+===========
+
+.. include:: ../_static/cve.rst
--
2.39.1
--
Mailing list info: https://lists.linux.it/listinfo/ltp
next reply other threads:[~2026-04-28 14:36 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-28 14:36 Sachin Sant [this message]
2026-04-28 14:36 ` [LTP] [PATCH 2/2] doc: Rename statistics page to 'Supported syscalls' Sachin Sant
2026-04-29 7:21 ` Andrea Cervesato via ltp
2026-04-28 16:55 ` [LTP] doc: generate CVE catalog documentation linuxtestproject.agent
2026-04-29 7:20 ` [LTP] [PATCH v4 1/2] " Andrea Cervesato via ltp
2026-05-06 16:05 ` Andrea Cervesato via ltp
2026-05-06 16:47 ` Cyril Hrubis
2026-05-07 10:14 ` Sachin Sant
2026-05-07 10:30 ` Sachin Sant
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260428143614.69724-1-sachinp@linux.ibm.com \
--to=sachinp@linux.ibm.com \
--cc=ltp@lists.linux.it \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.