PR10650: markup some unprivileged-safe tapset functions

Add /* unprivileged */ to a variety of tapset embedded-c functions,
together with uid-assertion-checking code as needed.  This is only
an initial set, and may need to grow or shrink after further testing.

Prototyped-By: Dave Brolley <brolley@redhat.com>

* runtime/runtime.h (is_myproc, assert_is_myproc): New macros.
* runtime/addr-map.c (lookup_bad_addr): Reject if !is_myproc
  in unprivileged mode.
* runtime/print.c (_stp_print_kernel_info): Add unprivileged
  mode info.
* tapset/DEVGUIDE: Document /* pure */ and /* unprivileged */.
* tapset/*.stp: Add /* unprivileged */ here and there, in
  questionable cases along with an assert_is_myproc().

1 files changed, 28 insertions, 0 deletions

diff --git a/runtime/runtime.h b/runtime/runtime.h
index 064ded7b..7087d435 100644
--- a/runtime/runtime.h
+++ b/runtime/runtime.h
@@ -54,6 +54,32 @@ static void _stp_warn (const char *fmt, ...) __attribute__ ((format (printf, 1,
 
 static void _stp_exit(void);
 
+
+
+/* unprivileged user support */
+
+#ifdef STAPCONF_TASK_UID
+#define STP_CURRENT_EUID (current->euid)
+#else
+#define STP_CURRENT_EUID (task_euid(current))
+#endif
+
+#define is_myproc() (STP_CURRENT_EUID == _stp_uid)
+
+#ifndef STP_PRIVILEGED
+#define assert_is_myproc() do { \
+  if (! is_myproc()) { \
+    snprintf (CONTEXT->error_buffer, MAXSTRINGLEN, "semi-privileged tapset function called without is_myproc checking for pid %d (euid %d)", \
+             current->tgid, STP_CURRENT_EUID); \
+    CONTEXT->last_error = CONTEXT->error_buffer; \
+    goto out; \
+  } } while (0)
+#else
+#define assert_is_myproc() do {} while (0)
+#endif
+
+
+
 #include "debug.h"
 
 /* atomic globals */
@@ -106,6 +132,8 @@ static struct
 #endif
 #include "addr-map.c"
 
+
+
 /* Support functions for int64_t module parameters. */
 static int param_set_int64_t(const char *val, struct kernel_param *kp)
 {