diff options
author | Dave Brolley <brolley@redhat.com> | 2009-10-13 11:52:22 -0400 |
---|---|---|
committer | Dave Brolley <brolley@redhat.com> | 2009-10-13 11:52:22 -0400 |
commit | 8f6d8c2bd3e5c1d2881e2ebe1c7ad5deb389e581 (patch) | |
tree | f8a2e01b07e9fd351a1d598846b5d51ee69736f1 /tapset-utrace.cxx | |
parent | 2865d17a48d055b3aef6e45506292908800cdb21 (diff) | |
download | systemtap-steved-8f6d8c2bd3e5c1d2881e2ebe1c7ad5deb389e581.tar.gz systemtap-steved-8f6d8c2bd3e5c1d2881e2ebe1c7ad5deb389e581.tar.xz systemtap-steved-8f6d8c2bd3e5c1d2881e2ebe1c7ad5deb389e581.zip |
Ensure that unprivileged-authorized probe point functions are hashed differently
than non-authorized ones for the purpose of removing duplicates.
2009-10-13 Dave Brolley <brolley@redhat.com>
* elaborate.h (print_dupe_stamp_unprivileged): New static method
of derived_probe.
(print_dupe_stamp_unprivileged_process_owner): Likewise.
* elaborate.cxx (print_dupe_stamp_unprivileged): New static method
of derived_probe.
(print_dupe_stamp_unprivileged_process_owner): Likewise.
* tapset-been.cxx (print_dupe_stamp): New virtual method of be_derived_p
robe
and never_derived_probe.
* tapset-utrace.cxx (print_dupe_stamp): New virtual method of utrace_der
ived_probe
* tapset-itrace.cxx (itrace_derived_probe::emit_unprivileged_assertion):
Removed.
(itrace_builder::check_unprivileged): Removed.
* tapsets.cxx (print_dupe_stamp): New virtual method of uprobe_derived_p
robe
Diffstat (limited to 'tapset-utrace.cxx')
-rw-r--r-- | tapset-utrace.cxx | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/tapset-utrace.cxx b/tapset-utrace.cxx index 819a2d87..a8500493 100644 --- a/tapset-utrace.cxx +++ b/tapset-utrace.cxx @@ -62,6 +62,7 @@ struct utrace_derived_probe: public derived_probe void join_group (systemtap_session& s); void emit_unprivileged_assertion (translator_output*); + void print_dupe_stamp(ostream& o); }; @@ -210,6 +211,20 @@ utrace_derived_probe::emit_unprivileged_assertion (translator_output* o) emit_process_owner_assertion (o); } +void +utrace_derived_probe::print_dupe_stamp(ostream& o) +{ + // Process end probes are allowed for unprivileged users, even if the process + // does not belong to them. They are required to check is_myproc() from within + // their probe script before doing anything "dangerous". + // Other process probes are allowed for unprivileged users, but only in the + // context of processes which they own. + if (flags == UDPF_END) + print_dupe_stamp_unprivileged (o); + else + print_dupe_stamp_unprivileged_process_owner (o); +} + void utrace_var_expanding_visitor::visit_target_symbol_cached (target_symbol* e) |