static int insert_stap_module(void)
{
char special_options[128];
- char *bufptr = special_options;
/* Add the _stp_bufsize option. */
- if (snprintf_chk(bufptr, sizeof (special_options), "_stp_bufsize=%d", buffer_size))
+ if (snprintf_chk(special_options, sizeof (special_options), "_stp_bufsize=%d", buffer_size))
return -1;
- /* Add the _stp_unprivileged_user option. */
- bufptr += strlen (bufptr);
- if (snprintf_chk(bufptr,
- sizeof (special_options) - (bufptr - special_options),
- " _stp_unprivileged_user=%d", unprivileged_user))
- return -1;
-
return insert_module(modpath, special_options, modoptions);
}
/* Notice that "pid == 0" (which means to probe all
* threads) falls through. */
+#ifndef STP_PRIVILEGED
+ /* Make sure unprivileged users only probe their own threads. */
+ if (_stp_uid != tsk->euid) {
+ if (tgt->pid != 0) {
+ _stp_warn("Process %d does not belong to unprivileged user %d",
+ tsk->pid, _stp_uid);
+ }
+ continue;
+ }
+#endif
+
+
// Set up events we need for attached tasks. When
// register_p is set, we won't actually call the
// callbacks here - we'll call it when the thread gets
/* Notice that "pid == 0" (which means to
* probe all threads) falls through. */
+#ifndef STP_PRIVILEGED
+ /* Make sure unprivileged users only probe their own threads. */
+ if (_stp_uid != tsk->euid) {
+ if (tgt->pid != 0) {
+ _stp_warn("Process %d does not belong to unprivileged user %d",
+ tsk->pid, _stp_uid);
+ }
+ continue;
+ }
+#endif
+
// Set up events we need for attached tasks.
rc = __stp_utrace_attach(tsk, &tgt->ops, tgt,
__STP_ATTACHED_TASK_EVENTS,
module_param(_stp_bufsize, int, 0);
MODULE_PARM_DESC(_stp_bufsize, "buffer size");
-static int _stp_unprivileged_user;
-module_param(_stp_unprivileged_user, int, 1);
-MODULE_PARM_DESC(_stp_unprivileged_user, "user is unprivileged");
-
/* forward declarations */
static void probe_exit(void);
static int probe_start(void);
for (unsigned i = 0; i < roots.size(); ++i)
{
- roots[i]->bind(TOK_BEGIN)->bind(builder);
- roots[i]->bind(TOK_END)->bind(builder);
- roots[i]->bind(TOK_THREAD)->bind(TOK_BEGIN)->bind(builder);
- roots[i]->bind(TOK_THREAD)->bind(TOK_END)->bind(builder);
- roots[i]->bind(TOK_SYSCALL)->bind(builder);
- roots[i]->bind(TOK_SYSCALL)->bind(TOK_RETURN)->bind(builder);
+ roots[i]->bind(TOK_BEGIN)
+ ->allow_unprivileged()
+ ->bind(builder);
+ roots[i]->bind(TOK_END)
+ ->allow_unprivileged()
+ ->bind(builder);
+ roots[i]->bind(TOK_THREAD)->bind(TOK_BEGIN)
+ ->bind(builder);
+ roots[i]->bind(TOK_THREAD)->bind(TOK_END)
+ ->bind(builder);
+ roots[i]->bind(TOK_SYSCALL)
+ ->bind(builder);
+ roots[i]->bind(TOK_SYSCALL)->bind(TOK_RETURN)
+ ->bind(builder);
}
}
void dwarf_cast_expanding_visitor::visit_cast_op (cast_op* e)
{
- if (s.unprivileged)
- throw semantic_error("typecasting may not be used when --unprivileged is specified", e->tok);
-
bool lvalue = is_active_lvalue(e);
if (lvalue && !s.guru_mode)
throw semantic_error("write to typecast value not permitted", e->tok);
else
ec->code += "/* pure */";
+ ec->code += "/* unprivileged */";
+
s.functions[fdecl->name] = fdecl;
// Synthesize a functioncall.
if (ri.recursive) nesting += 10;
// This is at the very top of the file.
+ if (! s.unprivileged)
+ s.op->newline() << "#define STP_PRIVILEGED 1";
s.op->newline() << "#ifndef MAXNESTING";
s.op->newline() << "#define MAXNESTING " << nesting;
s.op->newline() << "#endif";
git://sourceware.org / systemtap.git / commitdiff