* Preventing a tapscript from accessing user space.
@ 2007-02-06 0:07 David Wilder
2007-06-10 17:23 ` Frank Ch. Eigler
0 siblings, 1 reply; 2+ messages in thread
From: David Wilder @ 2007-02-06 0:07 UTC (permalink / raw)
To: systemtap
What prevents a tapscript from attempting to access user space
directly? For example:
if $arg is a pointer to a struct in user space (presumably passed to
the kernel via some system call).
What prevents me from doing i=$arg->j in the tapscript.
Also when I looked at the code generated by stap I was hoping to see
deref() used but that is not what I found.
I could have missed something...
On i386 the above example works ok because we can just access the user
space, it works but it is not correct.
On s390 I can't do that I must use something like get_user(), but I
cant do that ether because get_user() calls might_sleep() and the probe
is running with interrupts off.
--
David Wilder
IBM Linux Technology Center
Beaverton, Oregon, USA
dwilder@us.ibm.com
(503)578-3789
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Preventing a tapscript from accessing user space.
2007-02-06 0:07 Preventing a tapscript from accessing user space David Wilder
@ 2007-06-10 17:23 ` Frank Ch. Eigler
0 siblings, 0 replies; 2+ messages in thread
From: Frank Ch. Eigler @ 2007-06-10 17:23 UTC (permalink / raw)
To: David Wilder; +Cc: systemtap
David Wilder wrote (some time ago):
> [...] For example: if $arg is a pointer to a struct in user space
> (presumably passed to the kernel via some system call). What
> prevents me from doing i=$arg->j in the tapscript?
Nothing - we can't. The "__user" modifier doesn't make it into the
debugging data. The old bug #2049 outlines a way of letting the
script explicitly designate user- vs. kernel-space pointer
dereferences.
> Also when I looked at the code generated by stap I was hoping to see
> deref() used but that is not what I found.
There should be one there, inside the generated "tvar_get" function.
> On i386 the above example works ok because we can just access the
> user space, it works but it is not correct. On s390 I can't do that
> I must use something like get_user(), but I cant do that ether
> because get_user() calls might_sleep() and the probe is running with
> interrupts off.
The i386 code is predicated on the assumption that user-space accesses
are possible with ordinary loads/stores, but exceptions are caught and
returned as -EFAULT values rather than sleeping or whatnot.
- FChE
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-06-10 17:23 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-02-06 0:07 Preventing a tapscript from accessing user space David Wilder
2007-06-10 17:23 ` Frank Ch. Eigler
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).