6 files changed, 129 insertions, 58 deletions
diff --git a/runtime/access_process_vm.h b/runtime/access_process_vm.h
new file mode 100644
index 00000000..70489d48
--- /dev/null
+++ b/runtime/access_process_vm.h
@@ -0,0 +1,54 @@
+/*
+ * The kernel's access_process_vm is not exported in kernel.org kernels, although
+ * some distros export it on some architectures.  To workaround this inconsistency,
+ * we copied and pasted it here.  Fortunately, everything it calls is exported.
+ */
+#include <linux/pagemap.h>
+#include <asm/cacheflush.h>
+static int __access_process_vm(struct task_struct *tsk, unsigned long addr, void *buf, int len, int write)
+{
+	struct mm_struct *mm;
+	struct vm_area_struct *vma;
+	struct page *page;
+	void *old_buf = buf;
+
+	mm = get_task_mm(tsk);
+	if (!mm)
+		return 0;
+
+	down_read(&mm->mmap_sem);
+	/* ignore errors, just check how much was sucessfully transfered */
+	while (len) {
+		int bytes, ret, offset;
+		void *maddr;
+
+		ret = get_user_pages(tsk, mm, addr, 1,
+				     write, 1, &page, &vma);
+		if (ret <= 0)
+			break;
+
+		bytes = len;
+		offset = addr & (PAGE_SIZE-1);
+		if (bytes > PAGE_SIZE-offset)
+			bytes = PAGE_SIZE-offset;
+
+		maddr = kmap(page);
+		if (write) {
+			copy_to_user_page(vma, page, addr,
+					  maddr + offset, buf, bytes);
+			set_page_dirty_lock(page);
+		} else {
+			copy_from_user_page(vma, page, addr,
+					    buf, maddr + offset, bytes);
+		}
+		kunmap(page);
+		page_cache_release(page);
+		len -= bytes;
+		buf += bytes;
+		addr += bytes;
+	}
+	up_read(&mm->mmap_sem);
+	mmput(mm);
+
+	return buf - old_buf;
+}
diff --git a/runtime/addr-map.c b/runtime/addr-map.c
index a9aa8d88..35de7a64 100644
--- a/runtime/addr-map.c
+++ b/runtime/addr-map.c
@@ -115,6 +115,10 @@ lookup_bad_addr(unsigned long addr, size_t size)
     return 1;
 
 #ifndef STP_PRIVILEGED
+  /* Unprivileged users must not access memory while the context
+     does not refer to their own process.  */
+  if (! is_myproc ())
+    return 1;
   /* Unprivileged users must not access kernel space memory.  */
   if (addr + size > TASK_SIZE)
     return 1;
diff --git a/runtime/itrace.c b/runtime/itrace.c
index 6fe39db4..03e1e403 100644
--- a/runtime/itrace.c
+++ b/runtime/itrace.c
@@ -77,60 +77,8 @@ static struct itrace_info *create_itrace_info(
 	struct task_struct *tsk, u32 step_flag,
 	struct stap_itrace_probe *itrace_probe);
 
-/*
- * The kernel's access_process_vm is not exported in kernel.org kernels, although
- * some distros export it on some architectures.  To workaround this inconsistency,
- * we copied and pasted it here.  Fortunately, everything it calls is exported.
- */
-#include <linux/pagemap.h>
-#include <asm/cacheflush.h>
-static int __access_process_vm(struct task_struct *tsk, unsigned long addr, void *buf, int len, int write)
-{
-	struct mm_struct *mm;
-	struct vm_area_struct *vma;
-	struct page *page;
-	void *old_buf = buf;
-
-	mm = get_task_mm(tsk);
-	if (!mm)
-		return 0;
-
-	down_read(&mm->mmap_sem);
-	/* ignore errors, just check how much was sucessfully transfered */
-	while (len) {
-		int bytes, ret, offset;
-		void *maddr;
 
-		ret = get_user_pages(tsk, mm, addr, 1,
-				     write, 1, &page, &vma);
-		if (ret <= 0)
-			break;
-
-		bytes = len;
-		offset = addr & (PAGE_SIZE-1);
-		if (bytes > PAGE_SIZE-offset)
-			bytes = PAGE_SIZE-offset;
-
-		maddr = kmap(page);
-		if (write) {
-			copy_to_user_page(vma, page, addr,
-					  maddr + offset, buf, bytes);
-			set_page_dirty_lock(page);
-		} else {
-			copy_from_user_page(vma, page, addr,
-					    buf, maddr + offset, bytes);
-		}
-		kunmap(page);
-		page_cache_release(page);
-		len -= bytes;
-		buf += bytes;
-		addr += bytes;
-	}
-	up_read(&mm->mmap_sem);
-	mmput(mm);
-
-	return buf - old_buf;
-}
+/* Note: __access_process_vm moved to access_process_vm.h */
 
 #ifdef UTRACE_ORIG_VERSION
 static u32 usr_itrace_report_quiesce(struct utrace_attached_engine *engine,
diff --git a/runtime/print.c b/runtime/print.c
index 945f7a72..335403fb 100644
--- a/runtime/print.c
+++ b/runtime/print.c
@@ -225,7 +225,11 @@ static void _stp_print_kernel_info(char *vstr, int ctx, int num_probes)
 #ifdef DEBUG_MEM
                "+alloc"
 #endif
-               ", probes: %d\n",
+               ", probes: %d"
+#ifndef STP_PRIVILEGED
+               ", unpriv-uid: %d"
+#endif
+               "\n",
 	       THIS_MODULE->name,
 	       vstr, 
 #ifndef STAPCONF_GRSECURITY
@@ -242,7 +246,11 @@ static void _stp_print_kernel_info(char *vstr, int ctx, int num_probes)
 #ifdef DEBUG_MEM
 	       _stp_allocated_memory - _stp_allocated_net_memory,
 #endif
-		num_probes);
+		num_probes
+#ifndef STP_PRIVILEGED
+               , _stp_uid
+#endif
+                );
 }
 
 /** @} */
diff --git a/runtime/runtime.h b/runtime/runtime.h
index 064ded7b..7087d435 100644
--- a/runtime/runtime.h
+++ b/runtime/runtime.h
@@ -54,6 +54,32 @@ static void _stp_warn (const char *fmt, ...) __attribute__ ((format (printf, 1,
 
 static void _stp_exit(void);
 
+
+
+/* unprivileged user support */
+
+#ifdef STAPCONF_TASK_UID
+#define STP_CURRENT_EUID (current->euid)
+#else
+#define STP_CURRENT_EUID (task_euid(current))
+#endif
+
+#define is_myproc() (STP_CURRENT_EUID == _stp_uid)
+
+#ifndef STP_PRIVILEGED
+#define assert_is_myproc() do { \
+  if (! is_myproc()) { \
+    snprintf (CONTEXT->error_buffer, MAXSTRINGLEN, "semi-privileged tapset function called without is_myproc checking for pid %d (euid %d)", \
+             current->tgid, STP_CURRENT_EUID); \
+    CONTEXT->last_error = CONTEXT->error_buffer; \
+    goto out; \
+  } } while (0)
+#else
+#define assert_is_myproc() do {} while (0)
+#endif
+
+
+
 #include "debug.h"
 
 /* atomic globals */
@@ -106,6 +132,8 @@ static struct
 #endif
 #include "addr-map.c"
 
+
+
 /* Support functions for int64_t module parameters. */
 static int param_set_int64_t(const char *val, struct kernel_param *kp)
 {
diff --git a/runtime/uprobes2/uprobes.c b/runtime/uprobes2/uprobes.c
index 07ad3984..edf882a6 100644
--- a/runtime/uprobes2/uprobes.c
+++ b/runtime/uprobes2/uprobes.c
@@ -17,6 +17,7 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  *
  * Copyright (C) IBM Corporation, 2006
+ * Copyright (C) Red Hat, Inc. 2009
  */
 #include <linux/types.h>
 #include <linux/hash.h>
@@ -28,6 +29,8 @@
 #include <linux/kref.h>
 #include <linux/utrace.h>
 #include <linux/regset.h>
+#include <linux/file.h>
+#include <linux/version.h>
 #define UPROBES_IMPLEMENTATION 1
 
 /* PR9974: Adapt to struct renaming. */
@@ -1387,6 +1390,9 @@ static noinline unsigned long uprobe_setup_ssol_vma(unsigned long nbytes)
 	unsigned long addr;
 	struct mm_struct *mm;
 	struct vm_area_struct *vma;
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28)
+	struct file *file;
+#endif
 
 	BUG_ON(nbytes & ~PAGE_MASK);
 	if ((addr = find_old_ssol_vma()) != 0)
@@ -1400,17 +1406,40 @@ static noinline unsigned long uprobe_setup_ssol_vma(unsigned long nbytes)
 	 * Find the end of the top mapping and skip a page.
 	 * If there is no space for PAGE_SIZE above
 	 * that, mmap will ignore our address hint.
+	 *
+	 * We allocate a "fake" unlinked shmem file because anonymous
+	 * memory might not be granted execute permission when the selinux
+	 * security hooks have their way. Only do this for 2.6.28 or higher
+	 * since shmem_file_setup() isn't exported before that.
 	 */
 	vma = rb_entry(rb_last(&mm->mm_rb), struct vm_area_struct, vm_rb);
 	addr = vma->vm_end + PAGE_SIZE;
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28)
+	file = shmem_file_setup("uprobes/ssol", nbytes, VM_NORESERVE);
+	if (file) {
+		addr = do_mmap_pgoff(file, addr, nbytes, PROT_EXEC,
+				     MAP_PRIVATE, 0);
+		fput(file);
+	}
+	if (!file || addr & ~PAGE_MASK) {
+#else
 	addr = do_mmap_pgoff(NULL, addr, nbytes, PROT_EXEC,
 					MAP_PRIVATE|MAP_ANONYMOUS, 0);
 	if (addr & ~PAGE_MASK) {
+#endif
 		up_write(&mm->mmap_sem);
 		mmput(mm);
-		printk(KERN_ERR "Uprobes failed to allocate a vma for"
-			" pid/tgid %d/%d for single-stepping out of line.\n",
-			current->pid, current->tgid);
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28)
+		if (!file)
+			printk(KERN_ERR "Uprobes shmem_file_setup failed while"
+				  " allocating vma for pid/tgid %d/%d for"
+				  " single-stepping out of line.\n",
+				  current->pid, current->tgid);
+		else
+#endif
+			printk(KERN_ERR "Uprobes failed to allocate a vma for"
+				" pid/tgid %d/%d for single-stepping out of"
+				" line.\n", current->pid, current->tgid);
 		return addr;
 	}