PIPELINE §5 step 1 follow-up: enable perf in production launchers

The §5 step 1 fixes correct the perf collector's stdout/stderr + event-name parser bugs, but the launchers (run_real_vm_demo / run_tier3_demo) never set enable_perf=True, so production episodes still ship with rows_perf=0 — silently disabled collector, which is exactly the §1 / §4.4 pattern. Turn it on in both launchers. Failure modes (perf binary missing, paranoid level too high) are logged as warnings + return 0 rows visibly, not silently. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-03 17:40:37 -05:00 · 2026-05-03 17:40:37 -05:00 · ac7b85ff8d
commit ac7b85ff8d
parent 4ab5477226
2 changed files with 15 additions and 0 deletions
--- a/tools/run_real_vm_demo.py
+++ b/tools/run_real_vm_demo.py
@ -217,6 +217,17 @@ def main() -> int:
            qmp_socket=qmp_sock if qmp_sock.exists() else None,
            guest_agent_socket=agent_sock if agent_sock.exists() else None,
            bridge_iface=os.environ.get("BRIDGE") or None,
+            # Source 3 (oracle): perf-stat sampling of the qemu PID.
+            # Now that the stdout/stderr + event-name parser bugs are
+            # fixed, perf produces real rows. Per PIPELINE.md §4.4
+            # collectors that emit zero rows shouldn't be in the active
+            # set silently — keeping it default-off was effectively
+            # silencing the source. On x86_64 lab hosts with
+            # perf_event_paranoid <= 2 (cis490 user owns qemu PID), the
+            # collector reads cycles/instructions/page-faults; on hosts
+            # without perf the collector logs a warning and returns 0
+            # rows (visible, not silent).
+            enable_perf=True,
            sample=sample,
        )

--- a/tools/run_tier3_demo.py
+++ b/tools/run_tier3_demo.py
@ -308,6 +308,10 @@ def main() -> int:
            qmp_socket=qmp_sock if qmp_sock.exists() else None,
            guest_agent_socket=agent_sock if agent_sock.exists() else None,
            bridge_iface=os.environ.get("BRIDGE") or None,
+            # Source 3 (oracle): see equivalent in run_real_vm_demo.py.
+            # Now that the perf collector parser is fixed, turn it on
+            # in production rather than leave it silently disabled.
+            enable_perf=True,
            sample=sample,
            exploit_meta={
                "framework": "metasploit",