diff options
author | Dave Brolley <brolley@redhat.com> | 2009-09-03 16:13:30 -0400 |
---|---|---|
committer | Dave Brolley <brolley@redhat.com> | 2009-09-03 16:13:30 -0400 |
commit | 5e8a3b7b558273fa06525f642fdf2d678dde85eb (patch) | |
tree | 9c38b52b46692ac7e906deb33f2a81d062704a6f | |
parent | ceca17997ef0a5310cf887d451651acec73b41da (diff) | |
download | systemtap-steved-5e8a3b7b558273fa06525f642fdf2d678dde85eb.tar.gz systemtap-steved-5e8a3b7b558273fa06525f642fdf2d678dde85eb.tar.xz systemtap-steved-5e8a3b7b558273fa06525f642fdf2d678dde85eb.zip |
Allow process begin/end probes for unprivileged users.
2009-09-03 Dave Brolley <brolley@redhat.com>
* tapsets.cxx (visit_cast_op): Don't disallow unprivileged users.
Annotate synthesized function with /* unprivileged */.
* tapset-utrace.cxx (register_tapset_utrace): Call allow_unprivileged
for process begin and end probes.
* translate.cxx (translate_pass): Generate '#define STP_PRIVILEGED 1'
unless --unprivileged was specified.
* runtime/transport/transport.c: Don't define _stp_unprivileged_user.
* runtime/task_finder.c (__stp_utrace_attach_match_filename): Check
that _stp_uid equals the task euid when STP_PRIVILEGED is not defined.
(stap_start_task_finder): Likewise.
* runtime/staprun/staprun.c (insert_stap_module): Don't generate
module option _stp_unprivileged_user.
-rw-r--r-- | runtime/staprun/staprun.c | 10 | ||||
-rw-r--r-- | runtime/task_finder.c | 23 | ||||
-rw-r--r-- | runtime/transport/transport.c | 4 | ||||
-rw-r--r-- | tapset-utrace.cxx | 20 | ||||
-rw-r--r-- | tapsets.cxx | 5 | ||||
-rw-r--r-- | translate.cxx | 2 |
6 files changed, 42 insertions, 22 deletions
diff --git a/runtime/staprun/staprun.c b/runtime/staprun/staprun.c index 7eb7f28f..da3e304b 100644 --- a/runtime/staprun/staprun.c +++ b/runtime/staprun/staprun.c @@ -145,19 +145,11 @@ static int enable_uprobes(void) static int insert_stap_module(void) { char special_options[128]; - char *bufptr = special_options; /* Add the _stp_bufsize option. */ - if (snprintf_chk(bufptr, sizeof (special_options), "_stp_bufsize=%d", buffer_size)) + if (snprintf_chk(special_options, sizeof (special_options), "_stp_bufsize=%d", buffer_size)) return -1; - /* Add the _stp_unprivileged_user option. */ - bufptr += strlen (bufptr); - if (snprintf_chk(bufptr, - sizeof (special_options) - (bufptr - special_options), - " _stp_unprivileged_user=%d", unprivileged_user)) - return -1; - return insert_module(modpath, special_options, modoptions); } diff --git a/runtime/task_finder.c b/runtime/task_finder.c index ca807020..fb6dc20d 100644 --- a/runtime/task_finder.c +++ b/runtime/task_finder.c @@ -753,6 +753,18 @@ __stp_utrace_attach_match_filename(struct task_struct *tsk, /* Notice that "pid == 0" (which means to probe all * threads) falls through. */ +#ifndef STP_PRIVILEGED + /* Make sure unprivileged users only probe their own threads. */ + if (_stp_uid != tsk->euid) { + if (tgt->pid != 0) { + _stp_warn("Process %d does not belong to unprivileged user %d", + tsk->pid, _stp_uid); + } + continue; + } +#endif + + // Set up events we need for attached tasks. When // register_p is set, we won't actually call the // callbacks here - we'll call it when the thread gets @@ -1414,6 +1426,17 @@ stap_start_task_finder(void) /* Notice that "pid == 0" (which means to * probe all threads) falls through. */ +#ifndef STP_PRIVILEGED + /* Make sure unprivileged users only probe their own threads. */ + if (_stp_uid != tsk->euid) { + if (tgt->pid != 0) { + _stp_warn("Process %d does not belong to unprivileged user %d", + tsk->pid, _stp_uid); + } + continue; + } +#endif + // Set up events we need for attached tasks. rc = __stp_utrace_attach(tsk, &tgt->ops, tgt, __STP_ATTACHED_TASK_EVENTS, diff --git a/runtime/transport/transport.c b/runtime/transport/transport.c index ec73f05f..1d029e53 100644 --- a/runtime/transport/transport.c +++ b/runtime/transport/transport.c @@ -59,10 +59,6 @@ static int _stp_bufsize; module_param(_stp_bufsize, int, 0); MODULE_PARM_DESC(_stp_bufsize, "buffer size"); -static int _stp_unprivileged_user; -module_param(_stp_unprivileged_user, int, 1); -MODULE_PARM_DESC(_stp_unprivileged_user, "user is unprivileged"); - /* forward declarations */ static void probe_exit(void); static int probe_start(void); diff --git a/tapset-utrace.cxx b/tapset-utrace.cxx index 6872c87c..d9d95f82 100644 --- a/tapset-utrace.cxx +++ b/tapset-utrace.cxx @@ -1033,12 +1033,20 @@ register_tapset_utrace(systemtap_session& s) for (unsigned i = 0; i < roots.size(); ++i) { - roots[i]->bind(TOK_BEGIN)->bind(builder); - roots[i]->bind(TOK_END)->bind(builder); - roots[i]->bind(TOK_THREAD)->bind(TOK_BEGIN)->bind(builder); - roots[i]->bind(TOK_THREAD)->bind(TOK_END)->bind(builder); - roots[i]->bind(TOK_SYSCALL)->bind(builder); - roots[i]->bind(TOK_SYSCALL)->bind(TOK_RETURN)->bind(builder); + roots[i]->bind(TOK_BEGIN) + ->allow_unprivileged() + ->bind(builder); + roots[i]->bind(TOK_END) + ->allow_unprivileged() + ->bind(builder); + roots[i]->bind(TOK_THREAD)->bind(TOK_BEGIN) + ->bind(builder); + roots[i]->bind(TOK_THREAD)->bind(TOK_END) + ->bind(builder); + roots[i]->bind(TOK_SYSCALL) + ->bind(builder); + roots[i]->bind(TOK_SYSCALL)->bind(TOK_RETURN) + ->bind(builder); } } diff --git a/tapsets.cxx b/tapsets.cxx index fccb73c8..6a52050c 100644 --- a/tapsets.cxx +++ b/tapsets.cxx @@ -2510,9 +2510,6 @@ void dwarf_cast_expanding_visitor::filter_special_modules(string& module) void dwarf_cast_expanding_visitor::visit_cast_op (cast_op* e) { - if (s.unprivileged) - throw semantic_error("typecasting may not be used when --unprivileged is specified", e->tok); - bool lvalue = is_active_lvalue(e); if (lvalue && !s.guru_mode) throw semantic_error("write to typecast value not permitted", e->tok); @@ -2618,6 +2615,8 @@ void dwarf_cast_expanding_visitor::visit_cast_op (cast_op* e) else ec->code += "/* pure */"; + ec->code += "/* unprivileged */"; + s.functions[fdecl->name] = fdecl; // Synthesize a functioncall. diff --git a/translate.cxx b/translate.cxx index 65acd2ca..c0f7b48b 100644 --- a/translate.cxx +++ b/translate.cxx @@ -5210,6 +5210,8 @@ translate_pass (systemtap_session& s) if (ri.recursive) nesting += 10; // This is at the very top of the file. + if (! s.unprivileged) + s.op->newline() << "#define STP_PRIVILEGED 1"; s.op->newline() << "#ifndef MAXNESTING"; s.op->newline() << "#define MAXNESTING " << nesting; s.op->newline() << "#endif"; |