From 5e8a3b7b558273fa06525f642fdf2d678dde85eb Mon Sep 17 00:00:00 2001
From: Dave Brolley <brolley@redhat.com>
Date: Thu, 3 Sep 2009 16:13:30 -0400
Subject: Allow process begin/end probes for unprivileged users.

2009-09-03  Dave Brolley  <brolley@redhat.com>

        * tapsets.cxx (visit_cast_op): Don't disallow unprivileged users.
        Annotate synthesized function with /* unprivileged */.
        * tapset-utrace.cxx (register_tapset_utrace): Call allow_unprivileged
        for process begin and end probes.
        * translate.cxx (translate_pass): Generate '#define STP_PRIVILEGED 1'
        unless --unprivileged was specified.
        * runtime/transport/transport.c: Don't define _stp_unprivileged_user.
        * runtime/task_finder.c (__stp_utrace_attach_match_filename): Check
        that _stp_uid equals the task euid when STP_PRIVILEGED is not defined.
        (stap_start_task_finder): Likewise.
        * runtime/staprun/staprun.c (insert_stap_module): Don't generate
        module option _stp_unprivileged_user.
---
 runtime/task_finder.c | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

(limited to 'runtime/task_finder.c')

diff --git a/runtime/task_finder.c b/runtime/task_finder.c
index ca807020..fb6dc20d 100644
--- a/runtime/task_finder.c
+++ b/runtime/task_finder.c
@@ -753,6 +753,18 @@ __stp_utrace_attach_match_filename(struct task_struct *tsk,
 		/* Notice that "pid == 0" (which means to probe all
 		 * threads) falls through. */
 
+#ifndef STP_PRIVILEGED
+		/* Make sure unprivileged users only probe their own threads. */
+		if (_stp_uid != tsk->euid) {
+			if (tgt->pid != 0) {
+				_stp_warn("Process %d does not belong to unprivileged user %d",
+					  tsk->pid, _stp_uid);
+			}
+			continue;
+		}
+#endif
+
+
 		// Set up events we need for attached tasks. When
 		// register_p is set, we won't actually call the
 		// callbacks here - we'll call it when the thread gets
@@ -1414,6 +1426,17 @@ stap_start_task_finder(void)
 			/* Notice that "pid == 0" (which means to
 			 * probe all threads) falls through. */
 
+#ifndef STP_PRIVILEGED
+			/* Make sure unprivileged users only probe their own threads.  */
+			if (_stp_uid != tsk->euid) {
+				if (tgt->pid != 0) {
+					_stp_warn("Process %d does not belong to unprivileged user %d",
+						  tsk->pid, _stp_uid);
+				}
+				continue;
+			}
+#endif
+
 			// Set up events we need for attached tasks.
 			rc = __stp_utrace_attach(tsk, &tgt->ops, tgt,
 						 __STP_ATTACHED_TASK_EVENTS,
-- 
cgit