From 8f6d8c2bd3e5c1d2881e2ebe1c7ad5deb389e581 Mon Sep 17 00:00:00 2001
From: Dave Brolley <brolley@redhat.com>
Date: Tue, 13 Oct 2009 11:52:22 -0400
Subject: Ensure that unprivileged-authorized probe point functions are hashed
 differently than non-authorized ones for the purpose of removing duplicates.

2009-10-13  Dave Brolley  <brolley@redhat.com>

        * elaborate.h (print_dupe_stamp_unprivileged): New static method
        of derived_probe.
        (print_dupe_stamp_unprivileged_process_owner): Likewise.

        * elaborate.cxx (print_dupe_stamp_unprivileged): New static method
        of derived_probe.
        (print_dupe_stamp_unprivileged_process_owner): Likewise.

        * tapset-been.cxx (print_dupe_stamp): New virtual method of be_derived_p
robe
        and never_derived_probe.

        * tapset-utrace.cxx (print_dupe_stamp): New virtual method of utrace_der
ived_probe

        * tapset-itrace.cxx (itrace_derived_probe::emit_unprivileged_assertion):
 Removed.
        (itrace_builder::check_unprivileged): Removed.

        * tapsets.cxx (print_dupe_stamp): New virtual method of uprobe_derived_p
robe
---
 elaborate.cxx     | 11 +++++++++++
 elaborate.h       |  3 +++
 tapset-been.cxx   |  4 +++-
 tapset-itrace.cxx | 15 ---------------
 tapset-timers.cxx |  2 ++
 tapset-utrace.cxx | 15 +++++++++++++++
 tapsets.cxx       |  1 +
 7 files changed, 35 insertions(+), 16 deletions(-)

diff --git a/elaborate.cxx b/elaborate.cxx
index e8795a6c..22a39c3e 100644
--- a/elaborate.cxx
+++ b/elaborate.cxx
@@ -162,6 +162,17 @@ derived_probe::emit_process_owner_assertion (translator_output* o)
   o->newline(-1) << "#endif";
 }
 
+void
+derived_probe::print_dupe_stamp_unprivileged(ostream& o)
+{
+  o << "unprivileged users: authorized" << endl;
+}
+
+void
+derived_probe::print_dupe_stamp_unprivileged_process_owner(ostream& o)
+{
+  o << "unprivileged users: authorized for process owner" << endl;
+}
 
 // ------------------------------------------------------------------------
 // Members of derived_probe_builder
diff --git a/elaborate.h b/elaborate.h
index d41608cb..2da4fa1e 100644
--- a/elaborate.h
+++ b/elaborate.h
@@ -159,6 +159,9 @@ public:
   // From within unparser::emit_probe, emit a check that the current
   // process belongs to the user.
 
+  static void print_dupe_stamp_unprivileged(std::ostream& o);
+  static void print_dupe_stamp_unprivileged_process_owner(std::ostream& o);
+
   virtual bool needs_global_locks () { return true; }
   // by default, probes need locks around global variables
 };
diff --git a/tapset-been.cxx b/tapset-been.cxx
index 002bf66a..d7d74c33 100644
--- a/tapset-been.cxx
+++ b/tapset-been.cxx
@@ -56,6 +56,8 @@ struct be_derived_probe: public derived_probe
   // unprivileged users.
   void emit_unprivileged_assertion (translator_output*) {}
 
+  void print_dupe_stamp(ostream& o) { print_dupe_stamp_unprivileged (o); }
+
   bool needs_global_locks () { return false; }
   // begin/end probes don't need locks around global variables, since
   // they aren't run concurrently with any other probes
@@ -197,7 +199,7 @@ struct never_derived_probe: public derived_probe
   never_derived_probe (probe* p, probe_point* l): derived_probe (p, l) {}
   void join_group (systemtap_session&) { /* thus no probe_group */ }
   void emit_unprivileged_assertion (translator_output*) {}
-
+  void print_dupe_stamp(ostream& o) { print_dupe_stamp_unprivileged (o); }
 };
 
 
diff --git a/tapset-itrace.cxx b/tapset-itrace.cxx
index 512a70b0..cdd7ac19 100644
--- a/tapset-itrace.cxx
+++ b/tapset-itrace.cxx
@@ -44,8 +44,6 @@ struct itrace_derived_probe: public derived_probe
                         bool hp, string &pn, int64_t pd, int ss
 			);
   void join_group (systemtap_session& s);
-
-  void emit_unprivileged_assertion (translator_output*);
 };
 
 
@@ -80,15 +78,6 @@ itrace_derived_probe::itrace_derived_probe (systemtap_session &s,
 }
 
 
-void
-itrace_derived_probe::emit_unprivileged_assertion (translator_output* o)
-{
-  // These probes are allowed for unprivileged users, but only in the
-  // context of processes which they own.
-  emit_process_owner_assertion (o);
-}
-
-
 void
 itrace_derived_probe::join_group (systemtap_session& s)
 {
@@ -132,10 +121,6 @@ struct itrace_builder: public derived_probe_builder
 							single_step
 							));
   }
-
-  // No action required. These probes are allowed for unprivileged users.
-  virtual void check_unprivileged (const systemtap_session & sess,
-				   const literal_map_t & parameters) {}
 };
 
 
diff --git a/tapset-timers.cxx b/tapset-timers.cxx
index de57d81a..65746266 100644
--- a/tapset-timers.cxx
+++ b/tapset-timers.cxx
@@ -41,6 +41,7 @@ struct timer_derived_probe: public derived_probe
   // No assertion need be emitted, since this probe is allowed for unprivileged
   // users.
   void emit_unprivileged_assertion (translator_output*) {}
+  void print_dupe_stamp(ostream& o) { print_dupe_stamp_unprivileged (o); }
 };
 
 
@@ -212,6 +213,7 @@ struct hrtimer_derived_probe: public derived_probe
   // No assertion need be emitted, since these probes are allowed for
   // unprivileged users.
   void emit_unprivileged_assertion (translator_output*) {}
+  void print_dupe_stamp(ostream& o) { print_dupe_stamp_unprivileged (o); }
 };
 
 
diff --git a/tapset-utrace.cxx b/tapset-utrace.cxx
index 819a2d87..a8500493 100644
--- a/tapset-utrace.cxx
+++ b/tapset-utrace.cxx
@@ -62,6 +62,7 @@ struct utrace_derived_probe: public derived_probe
   void join_group (systemtap_session& s);
 
   void emit_unprivileged_assertion (translator_output*);
+  void print_dupe_stamp(ostream& o);
 };
 
 
@@ -210,6 +211,20 @@ utrace_derived_probe::emit_unprivileged_assertion (translator_output* o)
   emit_process_owner_assertion (o);
 }
 
+void
+utrace_derived_probe::print_dupe_stamp(ostream& o)
+{
+  // Process end probes are allowed for unprivileged users, even if the process
+  // does not belong to them. They are required to check is_myproc() from within
+  // their probe script before doing anything "dangerous".
+  // Other process probes are allowed for unprivileged users, but only in the
+  // context of processes which they own.
+  if (flags == UDPF_END)
+    print_dupe_stamp_unprivileged (o);
+  else
+    print_dupe_stamp_unprivileged_process_owner (o);
+}
+
 
 void
 utrace_var_expanding_visitor::visit_target_symbol_cached (target_symbol* e)
diff --git a/tapsets.cxx b/tapsets.cxx
index 88c10f85..290a54da 100644
--- a/tapsets.cxx
+++ b/tapsets.cxx
@@ -410,6 +410,7 @@ struct uprobe_derived_probe: public dwarf_derived_probe
   void join_group (systemtap_session& s);
 
   void emit_unprivileged_assertion (translator_output*);
+  void print_dupe_stamp(ostream& o) { print_dupe_stamp_unprivileged_process_owner (o); }
 };
 
 struct dwarf_derived_probe_group: public derived_probe_group
-- 
cgit