diff options
| author | Dave Brolley <brolley@redhat.com> | 2009-09-03 16:13:30 -0400 |
|---|---|---|
| committer | Dave Brolley <brolley@redhat.com> | 2009-09-03 16:13:30 -0400 |
| commit | 5e8a3b7b558273fa06525f642fdf2d678dde85eb (patch) | |
| tree | 9c38b52b46692ac7e906deb33f2a81d062704a6f /runtime/task_finder.c | |
| parent | ceca17997ef0a5310cf887d451651acec73b41da (diff) | |
| download | systemtap-steved-5e8a3b7b558273fa06525f642fdf2d678dde85eb.tar.gz systemtap-steved-5e8a3b7b558273fa06525f642fdf2d678dde85eb.tar.xz systemtap-steved-5e8a3b7b558273fa06525f642fdf2d678dde85eb.zip | |
Allow process begin/end probes for unprivileged users.
2009-09-03 Dave Brolley <brolley@redhat.com>
* tapsets.cxx (visit_cast_op): Don't disallow unprivileged users.
Annotate synthesized function with /* unprivileged */.
* tapset-utrace.cxx (register_tapset_utrace): Call allow_unprivileged
for process begin and end probes.
* translate.cxx (translate_pass): Generate '#define STP_PRIVILEGED 1'
unless --unprivileged was specified.
* runtime/transport/transport.c: Don't define _stp_unprivileged_user.
* runtime/task_finder.c (__stp_utrace_attach_match_filename): Check
that _stp_uid equals the task euid when STP_PRIVILEGED is not defined.
(stap_start_task_finder): Likewise.
* runtime/staprun/staprun.c (insert_stap_module): Don't generate
module option _stp_unprivileged_user.
Diffstat (limited to 'runtime/task_finder.c')
| -rw-r--r-- | runtime/task_finder.c | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/runtime/task_finder.c b/runtime/task_finder.c index ca807020..fb6dc20d 100644 --- a/runtime/task_finder.c +++ b/runtime/task_finder.c @@ -753,6 +753,18 @@ __stp_utrace_attach_match_filename(struct task_struct *tsk, /* Notice that "pid == 0" (which means to probe all * threads) falls through. */ +#ifndef STP_PRIVILEGED + /* Make sure unprivileged users only probe their own threads. */ + if (_stp_uid != tsk->euid) { + if (tgt->pid != 0) { + _stp_warn("Process %d does not belong to unprivileged user %d", + tsk->pid, _stp_uid); + } + continue; + } +#endif + + // Set up events we need for attached tasks. When // register_p is set, we won't actually call the // callbacks here - we'll call it when the thread gets @@ -1414,6 +1426,17 @@ stap_start_task_finder(void) /* Notice that "pid == 0" (which means to * probe all threads) falls through. */ +#ifndef STP_PRIVILEGED + /* Make sure unprivileged users only probe their own threads. */ + if (_stp_uid != tsk->euid) { + if (tgt->pid != 0) { + _stp_warn("Process %d does not belong to unprivileged user %d", + tsk->pid, _stp_uid); + } + continue; + } +#endif + // Set up events we need for attached tasks. rc = __stp_utrace_attach(tsk, &tgt->ops, tgt, __STP_ATTACHED_TASK_EVENTS, |