2009-04-22 Dave Brolley <brolley@redhat.com>

	* elaborate.h (unprivileged_whitelist): Removed.
	(unprivileged_ok): New member of match_node.
	(allow_unprivileged,unprivileged_allowed): New methods of match_node.

	* elaborate.cxx (match_node): Initialize unprivileged_ok. Remove
	initialization of unprivileged_whitelist.
	(allow_unprivileged,unprivileged_allowed): New methods of match_node.
	(matchnode::find_and_build): Remove check of unprivileged_whitelist.
	Call unprivileged_allowed.

	* tapsets.cxx (dwarf_derived_probe::register_function_and_statement_variants):
	New parameter: unprivileged_ok.
	(dwarf_derived_probe::register_function_variants): Likewise.
	(dwarf_derived_probe::register_statement_variants): Likeiwse.
	(register_standard_tapsets): Call allow_unprivileged for nodes which are
	safe for unprivileged users.

3 files changed, 82 insertions, 49 deletions

diff --git a/elaborate.cxx b/elaborate.cxx
index b5d6046b..a1c2e652 100644
--- a/elaborate.cxx
+++ b/elaborate.cxx
@@ -261,9 +261,8 @@ match_key::globmatch(match_key const & other) const
 // ------------------------------------------------------------------------
 
 match_node::match_node()
-  : end(NULL)
+  : end(NULL), unprivileged_ok (false)
 {
-  unprivileged_whitelist.push_back ("process");
 }
 
 match_node *
@@ -306,6 +305,18 @@ match_node::bind_num(string const & k)
   return bind(match_key(k).with_number());
 }
 
+match_node*
+match_node::allow_unprivileged (bool b)
+{
+  unprivileged_ok = b;
+  return this;
+}
+
+bool
+match_node::unprivileged_allowed () const
+{
+  return unprivileged_ok;
+}
 
 void
 match_node::find_and_build (systemtap_session& s,
@@ -313,23 +324,6 @@ match_node::find_and_build (systemtap_session& s,
                             vector<derived_probe *>& results)
 {
   assert (pos <= loc->components.size());
-
-  // If we are in --unprivileged mode, exclude all "unsafe" probes.
-  if (s.unprivileged && pos == 0)
-    {
-      unsigned i;
-      for (i = 0; i < unprivileged_whitelist.size(); i++)
-	{
-	  if (unprivileged_whitelist[i] == loc->components[pos]->functor)
-	    break;
-	}
-      if (i == unprivileged_whitelist.size()) {
-	throw semantic_error (string("probe class ") +
-			      loc->components[pos]->functor +
-			      " is not allowed for unprivileged users");
-      }
-    }
-
   if (pos == loc->components.size()) // matched all probe point components so far
     {
       derived_probe_builder *b = end; // may be 0 if only nested names are bound
@@ -350,6 +344,14 @@ match_node::find_and_build (systemtap_session& s,
         param_map[loc->components[i]->functor] = loc->components[i]->arg;
       // maybe 0
 
+      // Are we compiling for unprivileged users?  */
+      if (s.unprivileged)
+	{
+	  // Is this probe point ok for unprivileged users?
+	  if (! unprivileged_allowed ())
+	    throw semantic_error (string("probe point is not allowed for unprivileged users"));
+	}
+
       b->build (s, p, loc, param_map, results);
     }
   else if (isglob(loc->components[pos]->functor)) // wildcard?
diff --git a/elaborate.h b/elaborate.h
index ca0182d1..36439c4f 100644
--- a/elaborate.h
+++ b/elaborate.h
@@ -236,8 +236,7 @@ match_node
   typedef std::map<match_key, match_node*>::iterator sub_map_iterator_t;
   sub_map_t sub;
   derived_probe_builder* end;
-
-  std::vector<std::string> unprivileged_whitelist;
+  bool unprivileged_ok;
 
  public:
   match_node();
@@ -252,6 +251,9 @@ match_node
   match_node* bind_str(std::string const & k);
   match_node* bind_num(std::string const & k);
   void bind(derived_probe_builder* e);
+
+  match_node* allow_unprivileged (bool b = true);
+  bool unprivileged_allowed () const;
 };
 
 // ------------------------------------------------------------------------
diff --git a/tapsets.cxx b/tapsets.cxx
index f99fbef4..deb9044c 100644
--- a/tapsets.cxx
+++ b/tapsets.cxx
@@ -2578,11 +2578,14 @@ struct dwarf_derived_probe: public derived_probe
 
   // Pattern registration helpers.
   static void register_statement_variants(match_node * root,
-					  dwarf_builder * dw);
+					  dwarf_builder * dw,
+					  bool unprivileged_ok = false);
   static void register_function_variants(match_node * root,
-					  dwarf_builder * dw);
+					 dwarf_builder * dw,
+					 bool unprivileged_ok = false);
   static void register_function_and_statement_variants(match_node * root,
-						       dwarf_builder * dw);
+						       dwarf_builder * dw,
+						       bool unprivileged_ok = false);
   static void register_patterns(systemtap_session& s);
 };
 
@@ -5499,25 +5502,28 @@ dwarf_derived_probe::dwarf_derived_probe(const string& funcname,
 
 void
 dwarf_derived_probe::register_statement_variants(match_node * root,
-						 dwarf_builder * dw)
+						 dwarf_builder * dw,
+						 bool unprivileged_ok)
 {
-  root->bind(dw);
+  root->allow_unprivileged(unprivileged_ok)->bind(dw);
 }
 
 void
 dwarf_derived_probe::register_function_variants(match_node * root,
-						dwarf_builder * dw)
+						dwarf_builder * dw,
+						bool unprivileged_ok)
 {
-  root->bind(dw);
-  root->bind(TOK_INLINE)->bind(dw);
-  root->bind(TOK_CALL)->bind(dw);
-  root->bind(TOK_RETURN)->bind(dw);
-  root->bind(TOK_RETURN)->bind_num(TOK_MAXACTIVE)->bind(dw);
+  root->allow_unprivileged(unprivileged_ok)->bind(dw);
+  root->bind(TOK_INLINE)->allow_unprivileged(unprivileged_ok)->bind(dw);
+  root->bind(TOK_CALL)->allow_unprivileged(unprivileged_ok)->bind(dw);
+  root->bind(TOK_RETURN)->allow_unprivileged(unprivileged_ok)->bind(dw);
+  root->bind(TOK_RETURN)->allow_unprivileged(unprivileged_ok)->bind_num(TOK_MAXACTIVE)->bind(dw);
 }
 
 void
 dwarf_derived_probe::register_function_and_statement_variants(match_node * root,
-							      dwarf_builder * dw)
+							      dwarf_builder * dw,
+							      bool unprivileged_ok)
 {
   // Here we match 4 forms:
   //
@@ -5526,10 +5532,10 @@ dwarf_derived_probe::register_function_and_statement_variants(match_node * root,
   // .statement("foo")
   // .statement(0xdeadbeef)
 
-  register_function_variants(root->bind_str(TOK_FUNCTION), dw);
-  register_function_variants(root->bind_num(TOK_FUNCTION), dw);
-  register_statement_variants(root->bind_str(TOK_STATEMENT), dw);
-  register_statement_variants(root->bind_num(TOK_STATEMENT), dw);
+  register_function_variants(root->bind_str(TOK_FUNCTION), dw, unprivileged_ok);
+  register_function_variants(root->bind_num(TOK_FUNCTION), dw, unprivileged_ok);
+  register_statement_variants(root->bind_str(TOK_STATEMENT), dw, unprivileged_ok);
+  register_statement_variants(root->bind_num(TOK_STATEMENT), dw, unprivileged_ok);
 }
 
 void
@@ -5545,11 +5551,10 @@ dwarf_derived_probe::register_patterns(systemtap_session& s)
   register_function_and_statement_variants(root->bind_str(TOK_MODULE), dw);
   root->bind(TOK_KERNEL)->bind_num(TOK_STATEMENT)->bind(TOK_ABSOLUTE)->bind(dw);
   root->bind(TOK_KERNEL)->bind_str(TOK_FUNCTION)->bind_str(TOK_LABEL)->bind(dw);
-  root->bind_str(TOK_PROCESS)->bind_str(TOK_FUNCTION)->bind_str(TOK_LABEL)->bind(dw);
-
-  register_function_and_statement_variants(root->bind_str(TOK_PROCESS), dw);
-  root->bind_str(TOK_PROCESS)->bind_str(TOK_MARK)->bind(dw);
-  root->bind_str(TOK_PROCESS)->bind_num(TOK_MARK)->bind(dw);
+  root->bind_str(TOK_PROCESS)->bind_str(TOK_FUNCTION)->bind_str(TOK_LABEL)->allow_unprivileged()->bind(dw);
+  register_function_and_statement_variants(root->bind_str(TOK_PROCESS), dw, true/*unprivileged_ok*/);
+  root->bind_str(TOK_PROCESS)->bind_str(TOK_MARK)->allow_unprivileged()->bind(dw);
+  root->bind_str(TOK_PROCESS)->bind_num(TOK_MARK)->allow_unprivileged()->bind(dw);
 }
 
 void
@@ -11758,14 +11763,14 @@ perfmon_derived_probe_group::emit_module_init (translator_output* o)
 void
 register_standard_tapsets(systemtap_session & s)
 {
-  s.pattern_root->bind(TOK_BEGIN)->bind(new be_builder(BEGIN));
-  s.pattern_root->bind_num(TOK_BEGIN)->bind(new be_builder(BEGIN));
-  s.pattern_root->bind(TOK_END)->bind(new be_builder(END));
-  s.pattern_root->bind_num(TOK_END)->bind(new be_builder(END));
-  s.pattern_root->bind(TOK_ERROR)->bind(new be_builder(ERROR));
-  s.pattern_root->bind_num(TOK_ERROR)->bind(new be_builder(ERROR));
+  s.pattern_root->bind(TOK_BEGIN)->allow_unprivileged()->bind(new be_builder(BEGIN));
+  s.pattern_root->bind_num(TOK_BEGIN)->allow_unprivileged()->bind(new be_builder(BEGIN));
+  s.pattern_root->bind(TOK_END)->allow_unprivileged()->bind(new be_builder(END));
+  s.pattern_root->bind_num(TOK_END)->allow_unprivileged()->bind(new be_builder(END));
+  s.pattern_root->bind(TOK_ERROR)->allow_unprivileged()->bind(new be_builder(ERROR));
+  s.pattern_root->bind_num(TOK_ERROR)->allow_unprivileged()->bind(new be_builder(ERROR));
 
-  s.pattern_root->bind(TOK_NEVER)->bind(new never_builder());
+  s.pattern_root->bind(TOK_NEVER)->allow_unprivileged()->bind(new never_builder());
 
   timer_builder::register_patterns(s);
   s.pattern_root->bind(TOK_TIMER)->bind("profile")->bind(new profile_builder());
@@ -11778,57 +11783,81 @@ register_standard_tapsets(systemtap_session & s)
   // XXX: user-space starter set
   s.pattern_root->bind_num(TOK_PROCESS)
     ->bind_num(TOK_STATEMENT)->bind(TOK_ABSOLUTE)
+    ->allow_unprivileged()
     ->bind(new uprobe_builder ());
   s.pattern_root->bind_num(TOK_PROCESS)
     ->bind_num(TOK_STATEMENT)->bind(TOK_ABSOLUTE)->bind(TOK_RETURN)
+    ->allow_unprivileged()
     ->bind(new uprobe_builder ());
 
   // utrace user-space probes
   s.pattern_root->bind_str(TOK_PROCESS)->bind(TOK_BEGIN)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind_num(TOK_PROCESS)->bind(TOK_BEGIN)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind(TOK_PROCESS)->bind(TOK_BEGIN)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind_str(TOK_PROCESS)->bind(TOK_END)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind_num(TOK_PROCESS)->bind(TOK_END)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind(TOK_PROCESS)->bind(TOK_END)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind_str(TOK_PROCESS)->bind(TOK_THREAD)->bind(TOK_BEGIN)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind_num(TOK_PROCESS)->bind(TOK_THREAD)->bind(TOK_BEGIN)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind(TOK_PROCESS)->bind(TOK_THREAD)->bind(TOK_BEGIN)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind_str(TOK_PROCESS)->bind(TOK_THREAD)->bind(TOK_END)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind_num(TOK_PROCESS)->bind(TOK_THREAD)->bind(TOK_END)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind(TOK_PROCESS)->bind(TOK_THREAD)->bind(TOK_END)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind_str(TOK_PROCESS)->bind(TOK_SYSCALL)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind_num(TOK_PROCESS)->bind(TOK_SYSCALL)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind(TOK_PROCESS)->bind(TOK_SYSCALL)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind_str(TOK_PROCESS)->bind(TOK_SYSCALL)->bind(TOK_RETURN)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind_num(TOK_PROCESS)->bind(TOK_SYSCALL)->bind(TOK_RETURN)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
   s.pattern_root->bind(TOK_PROCESS)->bind(TOK_SYSCALL)->bind(TOK_RETURN)
+    ->allow_unprivileged()
     ->bind(new utrace_builder ());
 
   // itrace user-space probes
   s.pattern_root->bind_str(TOK_PROCESS)->bind(TOK_INSN)
+    ->allow_unprivileged()
     ->bind(new itrace_builder ());
   s.pattern_root->bind_num(TOK_PROCESS)->bind(TOK_INSN)
+    ->allow_unprivileged()
     ->bind(new itrace_builder ());
   s.pattern_root->bind_str(TOK_PROCESS)->bind(TOK_INSN)->bind(TOK_BLOCK)
+    ->allow_unprivileged()
     ->bind(new itrace_builder ());
   s.pattern_root->bind_num(TOK_PROCESS)->bind(TOK_INSN)->bind(TOK_BLOCK)
+    ->allow_unprivileged()
     ->bind(new itrace_builder ());
 
   // marker-based parts