| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
* transport/control.c (*_cmd): Return -Ecodes rather than "-1" from
file_operations callbacks.
* staprun/ctl.c (init_ctl_channel): Return distinct error codes.
* staprun/staprun.c (remove_module): Skip connection attempt to .ctl
file; just do delete_module() with O_NONBLOCK.
|
| |
|
|
|
| |
* mainloop.c (cleanup_and_exit): Remove non-BUG9788_WORKAROUND
branch. Remove execlp branch. Pass -v to staprun-d if verbose.
|
| |
|
|
|
|
|
| |
* runtime/staprun/mainloop.c (signal_usr1): Renamed from signal_dontcare.
Sets a new variable, usr1_interrupt.
(start_cmd): Avoids pause() race condition by switching to blocking
SIGUSR1, then waiting on SIGUSR1 with sigsuspend().
|
| |
|
|
|
| |
* staprun_funcs.c (assert_permissions): Move "check_signature_rc"
variable inside #if HAVE_NSS.
|
| |
|
|
|
|
| |
Pending advice from Frank and Dave, changed check_permission to return void and
renamed it to assert_permission. assert_permission simply returns if
permissions are okay, and calls exit(-1) if there are any permissions errors.
|
| |
|
|
|
|
|
| |
* runtime/staprun/staprun.h: Put ppoll() declaration here (so that
relay_old.c can use it).
* runtime/staprun/relay.c (ppoll): Made ppoll() non-static so that
relay_old.c can use it.
|
| |
|
|
|
|
|
|
|
|
|
| |
* runtime/staprun/relay_old.c (switch_oldoutfile): New function for file
switching.
(process_subbufs): Use switch_oldoutfile.
(reader_thread): Use ppoll() instead of poll() for receiving SIGUSR2
and switch output file when receiving a signal(SIGUSR2).
(switchfile_handler): Send SIGUSR2 signal to reader threads for file
switching.
(init_oldrelayfs): Assign switchfile_handler to SIGUSR2.
|
| |
|
|
|
|
|
|
|
|
| |
* runtime/staprun/relay.c (switch_outfile): New function for file switching.
(reader_thread): Don't assign empty_handler to SIGUSR2, and switch output
file when receiving signal(SIGUSR2) on ppoll.
(switchfile_handler): Send SIGUSR2 signal to reader threads for file
switching.
(init_relayfs): Assign switchfile_handler to SIGUSR2.
* staprun.1.in: Add FILE SWITCHING BY SIGNAL section.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
With old relayfs, out_fd is used only when non-bulk mode. However,
open_oldoutfile and open_relayfs_files open files with fopen and
set only percpu_tmpfile. This will cause a problem with -S option,
that out_fd will be closed when the file size reaches fsize_max
and new fd will be opened only on percpu_tmpfile.
So, out_fd should be synchronized with percpu_tmpfile.
* runtime/staprun/relay_old.c (open_oldoutfile): Set fd of output file
to out_fd[cpu].
(open_relayfs_files): Ditto.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2009-09-03 Dave Brolley <brolley@redhat.com>
* tapsets.cxx (visit_cast_op): Don't disallow unprivileged users.
Annotate synthesized function with /* unprivileged */.
* tapset-utrace.cxx (register_tapset_utrace): Call allow_unprivileged
for process begin and end probes.
* translate.cxx (translate_pass): Generate '#define STP_PRIVILEGED 1'
unless --unprivileged was specified.
* runtime/transport/transport.c: Don't define _stp_unprivileged_user.
* runtime/task_finder.c (__stp_utrace_attach_match_filename): Check
that _stp_uid equals the task euid when STP_PRIVILEGED is not defined.
(stap_start_task_finder): Likewise.
* runtime/staprun/staprun.c (insert_stap_module): Don't generate
module option _stp_unprivileged_user.
|
| |
|
|
| |
check_permissions.
|
| |
|
|
| |
* runtime/staprun/staprun.c (enable_uprobes): insmod, not insert_module().
|
| |
|
|
| |
certificates does not exist. It just means that the signed module is untrusted.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* modverify.c (staprun.h): #include it.
(verify_it): Now accepts module data and signature data as arguments.
Don't open and read the signature here. Don't read the module here.
(verify_module): Now accepts module data as argument. Read the signature
once here.
* modverify.h (verify_module): Now accepts module data as argument.
* staprun.c (main): Don't call check_permissions here.
* staprun.h (check_permissions): Prototype removed.
* staprun_funcs.c (check_permissions): Now static. Accepts module data
as argument. Pass module data to check_signature.
(insert_module): Canonicalize the module path early here. Call
check_permissions here, passing it the mapped module data.
(check_signature): Now accepts module data as argument. Pass the module
data to verify_module.
(check_path): Use the already-canonicalized module path.
|
| |
|
|
|
|
|
| |
* runtime/staprun/staprun_funcs.c (check_permissions): Declare
check_signature_rc outside HAVE_NSS block.
Signed-off-by: Mark Wielaard <mjw@redhat.com>
|
| |\
| |
| |
| |
| |
| | |
Conflicts:
cache.cxx
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* cache.cxx (add_to_cache,clean_cache): add static markers
* main.cxx (main): likewise
* runtime/staprun/common.c (send_request): likewise
* runtime/staprun/mainloop.c (stp_main_loop): likewise
* runtime/staprun/staprun.c (remove_module): likewise
* runtime/staprun/staprun.h: include sdt.h
* runtime/staprun/staprun_funcs.c (insert_module): likewise
* util.cxx (stap_system): likewise
* tapset/stap_staticmarkers.stp: new file
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* runtime/staprun/common.c (make_outfile_name): Moved from relay.c, fix not to
open /dev/null.XXX output files, and add 'bulk' argument for bulkmode.
* runtime/staprun/relay.c (make_outfile_name): Moved to common.c.
* runtime/staprun/relay_old.c (open_oldoutfile): Fix to use fopen() and store
FILE * to percpu_tmpfile[cpu].
|
| | |\ |
|
| | |\ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Conflicts:
runtime/print.c
runtime/transport/transport.c
runtime/transport/transport_msgs.h
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
2009-04-02 David Smith <dsmith@redhat.com>
* runtime.h: Defines STP_TRANSPORT_VERSION instead of STP_OLD_TRANSPORT.
* staprun/staprun.h (STP_OLD_TRANSPORT): Ditto.
* print.c: Changed STP_OLD_TRANSPORT to STP_TRANSPORT_VERSION.
* staprun/mainloop.c (stp_main_loop): Ditto.
* transport/transport.c: Ditto.
* transport/transport.h: Ditto.
* transport/transport_msgs.h: Ditto.
* transport/utt.h: Ditto.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Don't generate an error message for unsigned modules.
Make sure module signature exists before attempting to copy to the cache.
Allow timer p[robes for unprivileged users.
|
| |\ \ \ \
| | |_|/
| |/| | |
|
| | | |/
| |/|
| | |
| | |
| | | |
This is needed for run-stap so that stapio and all child processes can
run as the originally invoking user instead of root.
|
| |\| | |
|
| | | |
| | |
| | |
| | | |
HAVE_NSS related compile time warning.
|
| |\| | |
|
| | | | |
|
| |\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
modsign.cxx
runtime/staprun/modverify.c
runtime/staprun/staprun_funcs.c
stap-authorize-server-cert
stap-authorize-signing-cert
stap-serverd
systemtap.spec
|
| | | | |
|
| |\| |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
Makefile.in
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Makefile.am: Add -fno-builtin-strftime to stapio_CFLAGS.
* Makefile.in: Ditto.
* runtime/staprun/common.c (stap_strfloctime): Use strftime(3).
(parse_args): Remove strftime format limitation message.
* main.cxx (usage): Ditto.
* stap.1.in: Ditto.
* staprun.8.in: Ditto.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* translate.cxx (c_unparser::emit_unprivileged_user_check): Generate
code to check _stp_unprivileged_user.
* testsuite/lib/systemtap.exp (setup_server): Copy stap-env to $net_path.
* runtime/transport/transport.c: Set up _stp_unprivileged_user.
* runtime/staprun/staprun_funcs.c (check_signature): Distiguish among
verification failure due to errors, tampering, untrusted signer.
(check_permissions): Likewise.
(check_groups): Set unprivileged_user.
* runtime/staprun/staprun.c (insert_stap_module): Set _stp_unprivileged_user.
* runtime/staprun/modverify.h (MODULE_OK): #define it.
(MODULE_UNTRUSTED,MODULE_CHECK_ERROR,MODULE_ALTERED): Likewise.
* runtime/staprun/modverify.c (modverify.h): #include it.
(verify_it): Distiguish among verification failure due to errors,
tampering, untrusted signer.
(verify_module): Likewise.
* runtime/staprun/common.c (unprivileged_user): Define it.
* runtime/staprun/staprun.h (unprivileged_user): Declare it.
* cache.cxx (get_from_cache): Get the module signature file.
* stap-authorize-server-cert: Source `dirname $0`/stap-env.
* stap-authorize-signing-cert: Likewise.
* stap-client: Likewise.
* stap-find-or-start-server: Likewise.
* stap-find-servers: Likewise.
* stap-gen-cert: Likewise.
* stap-server: Likewise.
* stap-serverd: Likewise.
* stap-start-server: Likewise.
|
| |\| | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
When the relay threads encounter an error, they now send SIGTERM to the
rest of the process before the thread exit, so we get a clean shutdown.
For EPIPE in particular, error messages are also suppressed.
|
| |\| |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
configure
runtime/staprun/staprun_funcs.c
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
This fixes bugs in strftime-subset function. This modifies %C, %l and %j to
fit the output of date command.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This fixes a bug in stapio, which checks written data size and switches
new file when it exceeds a limit. The problem is that written-data-size
counter ignores the first written-data size when switching files. So,
actual file size always exceeds the limit. This changes stapio to
initialize written-data-size counter with the size of the data which
will be written in new file.
|
| |\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
aclocal.m4
configure
testsuite/aclocal.m4
Also:
2009-03-30 Dave Brolley <brolley@redhat.com>
* nsscommon.c (nssError): Handle SEC_ERROR_BAD_SIGNATURE.
2009-03-30 Dave Brolley <brolley@redhat.com>
* modverify.c (verify_it): Print a message if the module may have been
tampered with.
|
| |\| |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
Makefile.in
|
| | | |
| | |
| | |
| | |
| | | |
* runtime/staprun/staprun_funcs.c (check_path): Save fully
canonicalized and checked module path for later loading.
|
| |\| | |
|
| | | |
| | |
| | |
| | |
| | | |
Add strftime subset format support for output file name to systemtap.
This format will be evaluated when opening a new output file.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add file-switching option(-S size[,N]) to stapio. This option has two
arguments, 'size' and 'N', and requires -o option.
- When the size of output file exceeds specified 'size'MB, staprun switches
output file to the next file. For this purpose, all output file has a serial
number as a suffix only when user specifies this option.
- Using this option in bulk mode, the output file name will be
'FILE_cpuX.SERIAL'.
- When the number of files exceeds specified N, staprun removes the oldest
file. This argument can be omitted.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add '-D'(daemon mode) option to staprun/stapio for daemon mode.
In this mode, stapio shows just its pid and detachs from console.
Since it has no stdio, this mode requires -o option. stapio will
exit when it receives SIGTERM or detects some error.
|
| | | |
| | |
| | |
| | |
| | | |
Add an interface (eprintf) to output error messages to syslogd,
because staprun has no stderr after detaching from console.
|
| |\| | |
|
