diff options
| author | Frank Ch. Eigler <fche@elastic.org> | 2009-09-16 22:32:28 -0400 |
|---|---|---|
| committer | Frank Ch. Eigler <fche@elastic.org> | 2009-09-16 22:37:24 -0400 |
| commit | 6ecd877049008c5abe9c6720ea8fc64732f47eb5 (patch) | |
| tree | 407a536c1271b8e5757899e461c481e599266d67 /runtime/addr-map.c | |
| parent | 6846cfc8a5cdb24fccb19037b27a180d2300ee09 (diff) | |
| download | systemtap-steved-6ecd877049008c5abe9c6720ea8fc64732f47eb5.tar.gz systemtap-steved-6ecd877049008c5abe9c6720ea8fc64732f47eb5.tar.xz systemtap-steved-6ecd877049008c5abe9c6720ea8fc64732f47eb5.zip | |
PR10650: markup some unprivileged-safe tapset functions
Add /* unprivileged */ to a variety of tapset embedded-c functions,
together with uid-assertion-checking code as needed. This is only
an initial set, and may need to grow or shrink after further testing.
Prototyped-By: Dave Brolley <brolley@redhat.com>
* runtime/runtime.h (is_myproc, assert_is_myproc): New macros.
* runtime/addr-map.c (lookup_bad_addr): Reject if !is_myproc
in unprivileged mode.
* runtime/print.c (_stp_print_kernel_info): Add unprivileged
mode info.
* tapset/DEVGUIDE: Document /* pure */ and /* unprivileged */.
* tapset/*.stp: Add /* unprivileged */ here and there, in
questionable cases along with an assert_is_myproc().
Diffstat (limited to 'runtime/addr-map.c')
| -rw-r--r-- | runtime/addr-map.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/runtime/addr-map.c b/runtime/addr-map.c index a9aa8d88..35de7a64 100644 --- a/runtime/addr-map.c +++ b/runtime/addr-map.c @@ -115,6 +115,10 @@ lookup_bad_addr(unsigned long addr, size_t size) return 1; #ifndef STP_PRIVILEGED + /* Unprivileged users must not access memory while the context + does not refer to their own process. */ + if (! is_myproc ()) + return 1; /* Unprivileged users must not access kernel space memory. */ if (addr + size > TASK_SIZE) return 1; |