From 6ecd877049008c5abe9c6720ea8fc64732f47eb5 Mon Sep 17 00:00:00 2001 From: "Frank Ch. Eigler" Date: Wed, 16 Sep 2009 22:32:28 -0400 Subject: PR10650: markup some unprivileged-safe tapset functions Add /* unprivileged */ to a variety of tapset embedded-c functions, together with uid-assertion-checking code as needed. This is only an initial set, and may need to grow or shrink after further testing. Prototyped-By: Dave Brolley * runtime/runtime.h (is_myproc, assert_is_myproc): New macros. * runtime/addr-map.c (lookup_bad_addr): Reject if !is_myproc in unprivileged mode. * runtime/print.c (_stp_print_kernel_info): Add unprivileged mode info. * tapset/DEVGUIDE: Document /* pure */ and /* unprivileged */. * tapset/*.stp: Add /* unprivileged */ here and there, in questionable cases along with an assert_is_myproc(). --- runtime/addr-map.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'runtime/addr-map.c') diff --git a/runtime/addr-map.c b/runtime/addr-map.c index a9aa8d88..35de7a64 100644 --- a/runtime/addr-map.c +++ b/runtime/addr-map.c @@ -115,6 +115,10 @@ lookup_bad_addr(unsigned long addr, size_t size) return 1; #ifndef STP_PRIVILEGED + /* Unprivileged users must not access memory while the context + does not refer to their own process. */ + if (! is_myproc ()) + return 1; /* Unprivileged users must not access kernel space memory. */ if (addr + size > TASK_SIZE) return 1; -- cgit