[LTP] [PATCH v5 1/2] doc: Add CVE catalog to documentation

[LTP] [PATCH v5 1/2] doc: Add CVE catalog to documentation

[Sachin Sant]

Add a new CVE catalog page that automatically generates a comprehensive
list of all CVE reproducers available in LTP. The catalog extracts CVE
information from test metadata tags and presents them in a table format
with links to corresponding test cases.

Changes:
- Add doc/users/cve_catalog.rst as new documentation page
- Implement generate_cve_catalog() in doc/conf.py to extract CVE tags
  from metadata/ltp.json and generate _static/cve.rst
- Configure autosectionlabel with document prefixes to prevent duplicate
  label warnings when same test names appear in multiple files
- Update doc/Makefile to clean generated _static/cve.rst file
- Add CVE catalog link to main documentation index

The catalog displays CVEs in descending order (newest first) with
cross-references to test cases in the test catalog, making it easy
to find reproducers for specific CVEs.

Closes: https://github.com/linux-test-project/ltp/issues/1254
Reviewed-by: Andrea Cervesato <andrea.cervesato@suse.com>
Signed-off-by: Sachin Sant <sachinp@linux.ibm.com>
---
V5 changes:
- Rewrite CVE catalog logic to only use ltp.json metadata
- Remove the dependency on runtest/cve file
- v4 link https://lore.kernel.org/ltp/aftwmBUir04jaik4@yuki.lan/T/#t

V4 changes:
- Simplified the CVE table (id, test name)
- Removed individual CVE pages
- v3 link https://lore.kernel.org/ltp/69f0b046.df0a0220.3765a8.f8e4@mx.google.com/T/#u

V3 changes:
- CVEs sorted in descending order
- append test name to CVE id : CVE (Test Name)
- Separate page for CVE catalog
- Link cve testcases to Test catalog entry
- v2 link https://lore.kernel.org/ltp/0df5f75d-eb8f-428e-9888-bb7a90a6b1a4@linux.ibm.com/

V2 changes:
- Replace Fixes tag by Closes
- V1 link https://lore.kernel.org/ltp/20260423105304.59788-1-sachinp@linux.ibm.com/T/#u

---
 doc/Makefile              |  2 +-
 doc/conf.py               | 84 +++++++++++++++++++++++++++++++++++++++
 doc/index.rst             |  4 ++
 doc/users/cve_catalog.rst |  6 +++
 4 files changed, 95 insertions(+), 1 deletion(-)
 create mode 100644 doc/users/cve_catalog.rst

diff --git a/doc/Makefile b/doc/Makefile
index 3123b1cd7..1da240530 100644
--- a/doc/Makefile
+++ b/doc/Makefile
@@ -31,7 +31,7 @@ spelling:
 
 clean:
 	rm -rf html/ build/ _static/syscalls.rst _static/tests.rst syscalls.tbl \
-		${abs_top_builddir}/metadata/ltp.json
+		_static/cve.rst ${abs_top_builddir}/metadata/ltp.json
 
 distclean: clean
 	rm -rf $(VENV_DIR)
diff --git a/doc/conf.py b/doc/conf.py
index 63d09352e..9b81162c5 100644
--- a/doc/conf.py
+++ b/doc/conf.py
@@ -30,6 +30,15 @@ extensions = [
     'sphinx.ext.extlinks',
 ]
 
+# Configure autosectionlabel to prefix labels with document name
+# This prevents duplicate labels when same test name appears in multiple files
+autosectionlabel_prefix_document = True
+# Only create labels for sections with unique names
+autosectionlabel_maxdepth = 2
+
+# Suppress duplicate label warnings for kernel-doc generated content
+suppress_warnings = ['autosectionlabel.*']
+
 exclude_patterns = ["html*", '_static*', '.venv*']
 extlinks = {
     'repo': (f'{ltp_repo}/%s', '%s'),
@@ -535,6 +544,80 @@ def generate_test_catalog(_):
     with open(output, 'w+', encoding='utf-8') as new_tests:
         new_tests.write('\n'.join(text))
 
+def generate_cve_catalog(_):
+    """
+    Generate CVE catalog in a single file by extracting CVE tags from
+    metadata/ltp.json. This creates a single _static/cve.rst file with
+    all CVE information and links to test sources.
+    """
+    output = '_static/cve.rst'
+    metadata_file = '../metadata/ltp.json'
+
+    # Load metadata
+    metadata = None
+    try:
+        with open(metadata_file, 'r', encoding='utf-8') as data:
+            metadata = json.load(data)
+    except FileNotFoundError:
+        logger = sphinx.util.logging.getLogger(__name__)
+        msg = f"Can't find metadata file ({metadata_file})"
+        logger.warning(msg)
+        return
+
+    # Extract CVE information from test tags
+    cve_data = {}
+    tests = metadata.get('tests', {})
+
+    for test_name, test_info in tests.items():
+        tags = test_info.get('tags', [])
+        for tag in tags:
+            if len(tag) >= 2 and tag[0] == 'CVE':
+                cve_id = tag[1].upper()
+                # Normalize CVE ID format: ensure it starts with "CVE-"
+                if not cve_id.startswith('CVE-'):
+                    cve_id = 'CVE-' + cve_id
+                if cve_id not in cve_data:
+                    cve_data[cve_id] = []
+                cve_data[cve_id].append(test_name)
+
+    # Generate single CVE catalog file
+    total_cves = len(cve_data)
+    text = [
+        '.. warning::',
+        '    The following CVE catalog has been generated from test',
+        '    metadata and includes all CVE reproducers in LTP.',
+        '',
+        f'LTP includes reproducers for {total_cves} known CVEs.',
+        '',
+        '.. list-table::',
+        '   :header-rows: 1',
+        '   :widths: 40 60',
+        '',
+        '   * - CVE ID',
+        '     - Test Name(s)',
+    ]
+
+    # Add CVEs in descending order (newest first)
+    for cve_id in sorted(cve_data.keys(), reverse=True):
+        test_names = cve_data[cve_id]
+
+        # Create cross-references for all tests
+        test_links = []
+        for test_name in sorted(test_names):
+            test_anchor = f"users/test_catalog:{test_name}"
+            test_link = f":ref:`{test_name} <{test_anchor}>`"
+            test_links.append(test_link)
+
+        # Join multiple tests with commas
+        tests_str = ', '.join(test_links)
+
+        text.extend([
+            f'   * - {cve_id}',
+            f'     - {tests_str}',
+        ])
+
+    with open(output, 'w+', encoding='utf-8') as cve_catalog:
+        cve_catalog.write('\n'.join(text))
 
 def setup(app):
     """
@@ -543,4 +626,5 @@ def setup(app):
     """
     app.add_css_file('custom.css')
     app.connect('builder-inited', generate_syscalls_stats)
+    app.connect('builder-inited', generate_cve_catalog)
     app.connect('builder-inited', generate_test_catalog)
diff --git a/doc/index.rst b/doc/index.rst
index 496a12f80..733495f51 100644
--- a/doc/index.rst
+++ b/doc/index.rst
@@ -12,6 +12,7 @@
    users/testers_guide
    users/supported_systems
    users/stats
+   users/cve_catalog
    users/test_catalog
 
 .. toctree::
@@ -58,6 +59,9 @@ For users
 :doc:`users/stats`
    Some LTP statistics
 
+:doc:`users/cve_catalog`
+   LTP reproducers for known CVEs
+
 :doc:`users/test_catalog`
    The LTP test catalog
 
diff --git a/doc/users/cve_catalog.rst b/doc/users/cve_catalog.rst
new file mode 100644
index 000000000..5a5b9b54a
--- /dev/null
+++ b/doc/users/cve_catalog.rst
@@ -0,0 +1,6 @@
+.. SPDX-License-Identifier: GPL-2.0-or-later
+
+CVE catalog
+===========
+
+.. include:: ../_static/cve.rst
-- 
2.39.1


-- 
Mailing list info: https://lists.linux.it/listinfo/ltp

[LTP] [PATCH 2/2] doc: Rename statistics page to 'Supported syscalls'

[Sachin Sant]

Rename the documentation page from 'Statistics' to 'Supported syscalls'
to better reflect its content, which focuses on syscall coverage.

- Renamed doc/users/stats.rst to doc/users/supported_syscalls.rst
- Updated page title and description
- Updated references in doc/index.rst
- Updated spelling exclusion pattern in doc/conf.py
- Renamed function definition from generate_syscalls_stats to
  generate_supported_syscalls
- Updated app.connect() call to use the new function name

Reviewed-by: Andrea Cervesato <andrea.cervesato@suse.com>
Signed-off-by: Sachin Sant <sachinp@linux.ibm.com>
---
 doc/conf.py                      | 13 +++++++------
 doc/index.rst                    |  6 +++---
 doc/users/stats.rst              |  9 ---------
 doc/users/supported_syscalls.rst |  9 +++++++++
 4 files changed, 19 insertions(+), 18 deletions(-)
 delete mode 100644 doc/users/stats.rst
 create mode 100644 doc/users/supported_syscalls.rst

diff --git a/doc/conf.py b/doc/conf.py
index 9b81162c5..013f3d940 100644
--- a/doc/conf.py
+++ b/doc/conf.py
@@ -55,7 +55,7 @@ manpages_url = 'https://man7.org/linux/man-pages/man{section}/{page}.{section}.h
 
 spelling_lang = "en_US"
 spelling_warning = True
-spelling_exclude_patterns = ['users/stats.rst']
+spelling_exclude_patterns = ['users/supported_syscalls.rst']
 spelling_word_list_filename = "spelling_wordlist"
 
 # -- Options for HTML output -------------------------------------------------
@@ -65,11 +65,12 @@ html_theme = 'sphinx_rtd_theme'
 html_static_path = ['_static']
 
 
-def generate_syscalls_stats(_):
+def generate_supported_syscalls(_):
     """
-    Generate statistics for syscalls. We fetch the syscalls list from the kernel
-    sources, then we compare it with testcases/kernel/syscalls folder and
-    generate a file that is included in the statistics documentation section.
+    Generate supported syscalls documentation. We fetch the syscalls list
+    from the kernel sources, then we compare it with testcases/kernel/syscalls
+    folder and generate a file that is included in the supported syscalls
+    documentation section.
     """
     output = '_static/syscalls.rst'
 
@@ -625,6 +626,6 @@ def setup(app):
     customizations.
     """
     app.add_css_file('custom.css')
-    app.connect('builder-inited', generate_syscalls_stats)
+    app.connect('builder-inited', generate_supported_syscalls)
     app.connect('builder-inited', generate_cve_catalog)
     app.connect('builder-inited', generate_test_catalog)
diff --git a/doc/index.rst b/doc/index.rst
index 733495f51..f80ca4be1 100644
--- a/doc/index.rst
+++ b/doc/index.rst
@@ -11,7 +11,7 @@
    users/setup_tests
    users/testers_guide
    users/supported_systems
-   users/stats
+   users/supported_syscalls
    users/cve_catalog
    users/test_catalog
 
@@ -56,8 +56,8 @@ For users
 :doc:`users/supported_systems`
    A list of supported technologies by the LTP framework
 
-:doc:`users/stats`
-   Some LTP statistics
+:doc:`users/supported_syscalls`
+   Syscalls supported by LTP tests
 
 :doc:`users/cve_catalog`
    LTP reproducers for known CVEs
diff --git a/doc/users/stats.rst b/doc/users/stats.rst
deleted file mode 100644
index 7073442aa..000000000
--- a/doc/users/stats.rst
+++ /dev/null
@@ -1,9 +0,0 @@
-.. SPDX-License-Identifier: GPL-2.0-or-later
-
-Statistics
-==========
-
-In this section we collect some statistics related to the current state of
-LTP tests.
-
-.. include:: ../_static/syscalls.rst
diff --git a/doc/users/supported_syscalls.rst b/doc/users/supported_syscalls.rst
new file mode 100644
index 000000000..6914852c6
--- /dev/null
+++ b/doc/users/supported_syscalls.rst
@@ -0,0 +1,9 @@
+.. SPDX-License-Identifier: GPL-2.0-or-later
+
+Supported syscalls
+==================
+
+In this section we collect information about syscalls that are currently
+tested by LTP.
+
+.. include:: ../_static/syscalls.rst
-- 
2.39.1


-- 
Mailing list info: https://lists.linux.it/listinfo/ltp

[LTP] [PATCH v5 1/2] doc: Add CVE catalog to documentation

[Sachin Sant]

Add a new CVE catalog page that automatically generates a comprehensive
list of all CVE reproducers available in LTP. The catalog extracts CVE
information from test metadata tags and presents them in a table format
with links to corresponding test cases.

Changes:
- Add doc/users/cve_catalog.rst as new documentation page
- Implement generate_cve_catalog() in doc/conf.py to extract CVE tags
  from metadata/ltp.json and generate _static/cve.rst
- Configure autosectionlabel with document prefixes to prevent duplicate
  label warnings when same test names appear in multiple files
- Update doc/Makefile to clean generated _static/cve.rst file
- Add CVE catalog link to main documentation index

The catalog displays CVEs in descending order (newest first) with
cross-references to test cases in the test catalog, making it easy
to find reproducers for specific CVEs.

Closes: https://github.com/linux-test-project/ltp/issues/1254
Reviewed-by: Andrea Cervesato <andrea.cervesato@suse.com>
Signed-off-by: Sachin Sant <sachinp@linux.ibm.com>
---
V5 changes:
- Rewrite CVE catalog logic to only use ltp.json metadata
- Remove the dependency on runtest/cve file
- v4 link https://lore.kernel.org/ltp/aftwmBUir04jaik4@yuki.lan/T/#t

V4 changes:
- Simplified the CVE table (id, test name)
- Removed individual CVE pages
- v3 link https://lore.kernel.org/ltp/69f0b046.df0a0220.3765a8.f8e4@mx.google.com/T/#u

V3 changes:
- CVEs sorted in descending order
- append test name to CVE id : CVE (Test Name)
- Separate page for CVE catalog
- Link cve testcases to Test catalog entry
- v2 link https://lore.kernel.org/ltp/0df5f75d-eb8f-428e-9888-bb7a90a6b1a4@linux.ibm.com/

V2 changes:
- Replace Fixes tag by Closes
- V1 link https://lore.kernel.org/ltp/20260423105304.59788-1-sachinp@linux.ibm.com/T/#u
---
 doc/Makefile              |  3 +-
 doc/conf.py               | 84 +++++++++++++++++++++++++++++++++++++++
 doc/index.rst             |  4 ++
 doc/users/cve_catalog.rst |  6 +++
 4 files changed, 95 insertions(+), 2 deletions(-)
 create mode 100644 doc/users/cve_catalog.rst

diff --git a/doc/Makefile b/doc/Makefile
index 3123b1cd7..77a0fafad 100644
--- a/doc/Makefile
+++ b/doc/Makefile
@@ -30,8 +30,7 @@ spelling:
 	$(RUN_VENV); sphinx-build -b spelling -d build/doctree . build/spelling
 
 clean:
-	rm -rf html/ build/ _static/syscalls.rst _static/tests.rst syscalls.tbl \
-		${abs_top_builddir}/metadata/ltp.json
+	rm -rf html/ build/ _static/syscalls.rst _static/tests.rst _static/cve.rst syscalls.tbl
 
 distclean: clean
 	rm -rf $(VENV_DIR)
diff --git a/doc/conf.py b/doc/conf.py
index 63d09352e..a63849322 100644
--- a/doc/conf.py
+++ b/doc/conf.py
@@ -30,6 +30,15 @@ extensions = [
     'sphinx.ext.extlinks',
 ]
 
+# Configure autosectionlabel to prefix labels with document name
+# This prevents duplicate labels when same test name appears in multiple files
+autosectionlabel_prefix_document = True
+# Only create labels for sections with unique names
+autosectionlabel_maxdepth = 2
+
+# Suppress duplicate label warnings for kernel-doc generated content
+suppress_warnings = ['autosectionlabel.*']
+
 exclude_patterns = ["html*", '_static*', '.venv*']
 extlinks = {
     'repo': (f'{ltp_repo}/%s', '%s'),
@@ -535,6 +544,80 @@ def generate_test_catalog(_):
     with open(output, 'w+', encoding='utf-8') as new_tests:
         new_tests.write('\n'.join(text))
 
+def generate_cve_catalog(_):
+    """
+    Generate CVE catalog in a single file by extracting CVE tags from
+    metadata/ltp.json. This creates a single _static/cve.rst file with
+    all CVE information and links to test sources.
+    """
+    output = '_static/cve.rst'
+    metadata_file = '../metadata/ltp.json'
+
+    # Load metadata
+    metadata = None
+    try:
+        with open(metadata_file, 'r', encoding='utf-8') as data:
+            metadata = json.load(data)
+    except FileNotFoundError:
+        logger = sphinx.util.logging.getLogger(__name__)
+        msg = f"Can't find metadata file ({metadata_file})"
+        logger.warning(msg)
+        return
+
+    # Extract CVE information from test tags
+    cve_data = {}
+    tests = metadata.get('tests', {})
+
+    for test_name, test_info in tests.items():
+        tags = test_info.get('tags', [])
+        for tag in tags:
+        	if len(tag) >= 2 and tag[0] == 'CVE':
+        		cve_id = tag[1].upper()
+        		# Normalize CVE ID format: ensure it starts with "CVE-"
+        		if not cve_id.startswith('CVE-'):
+        			cve_id = 'CVE-' + cve_id
+        		if cve_id not in cve_data:
+        			cve_data[cve_id] = []
+        		cve_data[cve_id].append(test_name)
+
+    # Generate single CVE catalog file
+    total_cves = len(cve_data)
+    text = [
+        '.. warning::',
+        '    The following CVE catalog has been generated from test',
+        '    metadata and includes all CVE reproducers in LTP.',
+        '',
+        f'LTP includes reproducers for {total_cves} known CVEs.',
+        '',
+        '.. list-table::',
+        '   :header-rows: 1',
+        '   :widths: 40 60',
+        '',
+        '   * - CVE ID',
+        '     - Test Name(s)',
+    ]
+
+    # Add CVEs in descending order (newest first)
+    for cve_id in sorted(cve_data.keys(), reverse=True):
+        test_names = cve_data[cve_id]
+
+        # Create cross-references for all tests
+        test_links = []
+        for test_name in sorted(test_names):
+            test_anchor = f"users/test_catalog:{test_name}"
+            test_link = f":ref:`{test_name} <{test_anchor}>`"
+            test_links.append(test_link)
+
+        # Join multiple tests with commas
+        tests_str = ', '.join(test_links)
+
+        text.extend([
+            f'   * - {cve_id}',
+            f'     - {tests_str}',
+        ])
+
+    with open(output, 'w+', encoding='utf-8') as cve_catalog:
+        cve_catalog.write('\n'.join(text))
 
 def setup(app):
     """
@@ -543,4 +626,5 @@ def setup(app):
     """
     app.add_css_file('custom.css')
     app.connect('builder-inited', generate_syscalls_stats)
+    app.connect('builder-inited', generate_cve_catalog)
     app.connect('builder-inited', generate_test_catalog)
diff --git a/doc/index.rst b/doc/index.rst
index 496a12f80..733495f51 100644
--- a/doc/index.rst
+++ b/doc/index.rst
@@ -12,6 +12,7 @@
    users/testers_guide
    users/supported_systems
    users/stats
+   users/cve_catalog
    users/test_catalog
 
 .. toctree::
@@ -58,6 +59,9 @@ For users
 :doc:`users/stats`
    Some LTP statistics
 
+:doc:`users/cve_catalog`
+   LTP reproducers for known CVEs
+
 :doc:`users/test_catalog`
    The LTP test catalog
 
diff --git a/doc/users/cve_catalog.rst b/doc/users/cve_catalog.rst
new file mode 100644
index 000000000..5a5b9b54a
--- /dev/null
+++ b/doc/users/cve_catalog.rst
@@ -0,0 +1,6 @@
+.. SPDX-License-Identifier: GPL-2.0-or-later
+
+CVE catalog
+===========
+
+.. include:: ../_static/cve.rst
-- 
2.39.1


-- 
Mailing list info: https://lists.linux.it/listinfo/ltp

[LTP] [PATCH 2/2] doc: Rename statistics page to 'Supported syscalls'

[Sachin Sant]

Rename the documentation page from 'Statistics' to 'Supported syscalls'
to better reflect its content, which focuses on syscall coverage.

- Renamed doc/users/stats.rst to doc/users/supported_syscalls.rst
- Updated page title and description
- Updated references in doc/index.rst
- Updated spelling exclusion pattern in doc/conf.py
- Renamed function definition from generate_syscalls_stats to
  generate_supported_syscalls
- Updated app.connect() call to use the new function name

Reviewed-by: Andrea Cervesato <andrea.cervesato@suse.com>
Signed-off-by: Sachin Sant <sachinp@linux.ibm.com>
---
 doc/conf.py                      | 13 +++++++------
 doc/index.rst                    |  6 +++---
 doc/users/stats.rst              |  9 ---------
 doc/users/supported_syscalls.rst |  9 +++++++++
 4 files changed, 19 insertions(+), 18 deletions(-)
 delete mode 100644 doc/users/stats.rst
 create mode 100644 doc/users/supported_syscalls.rst

diff --git a/doc/conf.py b/doc/conf.py
index a63849322..0b90212dd 100644
--- a/doc/conf.py
+++ b/doc/conf.py
@@ -55,7 +55,7 @@ manpages_url = 'https://man7.org/linux/man-pages/man{section}/{page}.{section}.h
 
 spelling_lang = "en_US"
 spelling_warning = True
-spelling_exclude_patterns = ['users/stats.rst']
+spelling_exclude_patterns = ['users/supported_syscalls.rst']
 spelling_word_list_filename = "spelling_wordlist"
 
 # -- Options for HTML output -------------------------------------------------
@@ -65,11 +65,12 @@ html_theme = 'sphinx_rtd_theme'
 html_static_path = ['_static']
 
 
-def generate_syscalls_stats(_):
+def generate_supported_syscalls(_):
     """
-    Generate statistics for syscalls. We fetch the syscalls list from the kernel
-    sources, then we compare it with testcases/kernel/syscalls folder and
-    generate a file that is included in the statistics documentation section.
+    Generate supported syscalls documentation. We fetch the syscalls list
+    from the kernel sources, then we compare it with testcases/kernel/syscalls
+    folder and generate a file that is included in the supported syscalls
+    documentation section.
     """
     output = '_static/syscalls.rst'
 
@@ -625,6 +626,6 @@ def setup(app):
     customizations.
     """
     app.add_css_file('custom.css')
-    app.connect('builder-inited', generate_syscalls_stats)
+    app.connect('builder-inited', generate_supported_syscalls)
     app.connect('builder-inited', generate_cve_catalog)
     app.connect('builder-inited', generate_test_catalog)
diff --git a/doc/index.rst b/doc/index.rst
index 733495f51..f80ca4be1 100644
--- a/doc/index.rst
+++ b/doc/index.rst
@@ -11,7 +11,7 @@
    users/setup_tests
    users/testers_guide
    users/supported_systems
-   users/stats
+   users/supported_syscalls
    users/cve_catalog
    users/test_catalog
 
@@ -56,8 +56,8 @@ For users
 :doc:`users/supported_systems`
    A list of supported technologies by the LTP framework
 
-:doc:`users/stats`
-   Some LTP statistics
+:doc:`users/supported_syscalls`
+   Syscalls supported by LTP tests
 
 :doc:`users/cve_catalog`
    LTP reproducers for known CVEs
diff --git a/doc/users/stats.rst b/doc/users/stats.rst
deleted file mode 100644
index 7073442aa..000000000
--- a/doc/users/stats.rst
+++ /dev/null
@@ -1,9 +0,0 @@
-.. SPDX-License-Identifier: GPL-2.0-or-later
-
-Statistics
-==========
-
-In this section we collect some statistics related to the current state of
-LTP tests.
-
-.. include:: ../_static/syscalls.rst
diff --git a/doc/users/supported_syscalls.rst b/doc/users/supported_syscalls.rst
new file mode 100644
index 000000000..6914852c6
--- /dev/null
+++ b/doc/users/supported_syscalls.rst
@@ -0,0 +1,9 @@
+.. SPDX-License-Identifier: GPL-2.0-or-later
+
+Supported syscalls
+==================
+
+In this section we collect information about syscalls that are currently
+tested by LTP.
+
+.. include:: ../_static/syscalls.rst
-- 
2.39.1


-- 
Mailing list info: https://lists.linux.it/listinfo/ltp

Re: [LTP] [PATCH v5 1/2] doc: Add CVE catalog to documentation

[Sachin Sant]

Ignore this series. I forgot to remove old copy of patches.
Will resend.

On 07/05/26 4:10 pm, Sachin Sant wrote:
> Add a new CVE catalog page that automatically generates a comprehensive
> list of all CVE reproducers available in LTP. The catalog extracts CVE
> information from test metadata tags and presents them in a table format
> with links to corresponding test cases.
>
> Changes:
> - Add doc/users/cve_catalog.rst as new documentation page
> - Implement generate_cve_catalog() in doc/conf.py to extract CVE tags
>    from metadata/ltp.json and generate _static/cve.rst
> - Configure autosectionlabel with document prefixes to prevent duplicate
>    label warnings when same test names appear in multiple files
> - Update doc/Makefile to clean generated _static/cve.rst file
> - Add CVE catalog link to main documentation index
>
> The catalog displays CVEs in descending order (newest first) with
> cross-references to test cases in the test catalog, making it easy
> to find reproducers for specific CVEs.
>
> Closes: https://github.com/linux-test-project/ltp/issues/1254
> Reviewed-by: Andrea Cervesato <andrea.cervesato@suse.com>
> Signed-off-by: Sachin Sant <sachinp@linux.ibm.com>
> ---
> V5 changes:
> - Rewrite CVE catalog logic to only use ltp.json metadata
> - Remove the dependency on runtest/cve file
> - v4 link https://lore.kernel.org/ltp/aftwmBUir04jaik4@yuki.lan/T/#t
>
> V4 changes:
> - Simplified the CVE table (id, test name)
> - Removed individual CVE pages
> - v3 link https://lore.kernel.org/ltp/69f0b046.df0a0220.3765a8.f8e4@mx.google.com/T/#u
>
> V3 changes:
> - CVEs sorted in descending order
> - append test name to CVE id : CVE (Test Name)
> - Separate page for CVE catalog
> - Link cve testcases to Test catalog entry
> - v2 link https://lore.kernel.org/ltp/0df5f75d-eb8f-428e-9888-bb7a90a6b1a4@linux.ibm.com/
>
> V2 changes:
> - Replace Fixes tag by Closes
> - V1 link https://lore.kernel.org/ltp/20260423105304.59788-1-sachinp@linux.ibm.com/T/#u
>
> ---
>   doc/Makefile              |  2 +-
>   doc/conf.py               | 84 +++++++++++++++++++++++++++++++++++++++
>   doc/index.rst             |  4 ++
>   doc/users/cve_catalog.rst |  6 +++
>   4 files changed, 95 insertions(+), 1 deletion(-)
>   create mode 100644 doc/users/cve_catalog.rst
>
> diff --git a/doc/Makefile b/doc/Makefile
> index 3123b1cd7..1da240530 100644
> --- a/doc/Makefile
> +++ b/doc/Makefile
> @@ -31,7 +31,7 @@ spelling:
>   
>   clean:
>   	rm -rf html/ build/ _static/syscalls.rst _static/tests.rst syscalls.tbl \
> -		${abs_top_builddir}/metadata/ltp.json
> +		_static/cve.rst ${abs_top_builddir}/metadata/ltp.json
>   
>   distclean: clean
>   	rm -rf $(VENV_DIR)
> diff --git a/doc/conf.py b/doc/conf.py
> index 63d09352e..9b81162c5 100644
> --- a/doc/conf.py
> +++ b/doc/conf.py
> @@ -30,6 +30,15 @@ extensions = [
>       'sphinx.ext.extlinks',
>   ]
>   
> +# Configure autosectionlabel to prefix labels with document name
> +# This prevents duplicate labels when same test name appears in multiple files
> +autosectionlabel_prefix_document = True
> +# Only create labels for sections with unique names
> +autosectionlabel_maxdepth = 2
> +
> +# Suppress duplicate label warnings for kernel-doc generated content
> +suppress_warnings = ['autosectionlabel.*']
> +
>   exclude_patterns = ["html*", '_static*', '.venv*']
>   extlinks = {
>       'repo': (f'{ltp_repo}/%s', '%s'),
> @@ -535,6 +544,80 @@ def generate_test_catalog(_):
>       with open(output, 'w+', encoding='utf-8') as new_tests:
>           new_tests.write('\n'.join(text))
>   
> +def generate_cve_catalog(_):
> +    """
> +    Generate CVE catalog in a single file by extracting CVE tags from
> +    metadata/ltp.json. This creates a single _static/cve.rst file with
> +    all CVE information and links to test sources.
> +    """
> +    output = '_static/cve.rst'
> +    metadata_file = '../metadata/ltp.json'
> +
> +    # Load metadata
> +    metadata = None
> +    try:
> +        with open(metadata_file, 'r', encoding='utf-8') as data:
> +            metadata = json.load(data)
> +    except FileNotFoundError:
> +        logger = sphinx.util.logging.getLogger(__name__)
> +        msg = f"Can't find metadata file ({metadata_file})"
> +        logger.warning(msg)
> +        return
> +
> +    # Extract CVE information from test tags
> +    cve_data = {}
> +    tests = metadata.get('tests', {})
> +
> +    for test_name, test_info in tests.items():
> +        tags = test_info.get('tags', [])
> +        for tag in tags:
> +            if len(tag) >= 2 and tag[0] == 'CVE':
> +                cve_id = tag[1].upper()
> +                # Normalize CVE ID format: ensure it starts with "CVE-"
> +                if not cve_id.startswith('CVE-'):
> +                    cve_id = 'CVE-' + cve_id
> +                if cve_id not in cve_data:
> +                    cve_data[cve_id] = []
> +                cve_data[cve_id].append(test_name)
> +
> +    # Generate single CVE catalog file
> +    total_cves = len(cve_data)
> +    text = [
> +        '.. warning::',
> +        '    The following CVE catalog has been generated from test',
> +        '    metadata and includes all CVE reproducers in LTP.',
> +        '',
> +        f'LTP includes reproducers for {total_cves} known CVEs.',
> +        '',
> +        '.. list-table::',
> +        '   :header-rows: 1',
> +        '   :widths: 40 60',
> +        '',
> +        '   * - CVE ID',
> +        '     - Test Name(s)',
> +    ]
> +
> +    # Add CVEs in descending order (newest first)
> +    for cve_id in sorted(cve_data.keys(), reverse=True):
> +        test_names = cve_data[cve_id]
> +
> +        # Create cross-references for all tests
> +        test_links = []
> +        for test_name in sorted(test_names):
> +            test_anchor = f"users/test_catalog:{test_name}"
> +            test_link = f":ref:`{test_name} <{test_anchor}>`"
> +            test_links.append(test_link)
> +
> +        # Join multiple tests with commas
> +        tests_str = ', '.join(test_links)
> +
> +        text.extend([
> +            f'   * - {cve_id}',
> +            f'     - {tests_str}',
> +        ])
> +
> +    with open(output, 'w+', encoding='utf-8') as cve_catalog:
> +        cve_catalog.write('\n'.join(text))
>   
>   def setup(app):
>       """
> @@ -543,4 +626,5 @@ def setup(app):
>       """
>       app.add_css_file('custom.css')
>       app.connect('builder-inited', generate_syscalls_stats)
> +    app.connect('builder-inited', generate_cve_catalog)
>       app.connect('builder-inited', generate_test_catalog)
> diff --git a/doc/index.rst b/doc/index.rst
> index 496a12f80..733495f51 100644
> --- a/doc/index.rst
> +++ b/doc/index.rst
> @@ -12,6 +12,7 @@
>      users/testers_guide
>      users/supported_systems
>      users/stats
> +   users/cve_catalog
>      users/test_catalog
>   
>   .. toctree::
> @@ -58,6 +59,9 @@ For users
>   :doc:`users/stats`
>      Some LTP statistics
>   
> +:doc:`users/cve_catalog`
> +   LTP reproducers for known CVEs
> +
>   :doc:`users/test_catalog`
>      The LTP test catalog
>   
> diff --git a/doc/users/cve_catalog.rst b/doc/users/cve_catalog.rst
> new file mode 100644
> index 000000000..5a5b9b54a
> --- /dev/null
> +++ b/doc/users/cve_catalog.rst
> @@ -0,0 +1,6 @@
> +.. SPDX-License-Identifier: GPL-2.0-or-later
> +
> +CVE catalog
> +===========
> +
> +.. include:: ../_static/cve.rst

-- 
Thanks
- Sachin



-- 
Mailing list info: https://lists.linux.it/listinfo/ltp