Hostname and NIS domain name namespace: inode number of the
current UTS namespace in the proc filesystem.
+The following man:credentials(7) context fields are supported by LTTng-UST:
+
+`vuid`::
+ Virtual real user ID: real user ID as seen from the point of view of
+ the current man:user_namespaces(7).
+
+`vgid`::
+ Virtual real group ID: real group ID as seen from the point of view of
+ the current man:user_namespaces(7).
+
+`veuid`::
+ Virtual effective user ID: effective user ID as seen from the point of
+ view of the current man:user_namespaces(7).
+
+`vegid`::
+ Virtual effective group ID: effective group ID as seen from the point of
+ view of the current man:user_namespaces(7).
+
+`vsuid`::
+ Virtual saved set-user ID: saved set-user ID as seen from the point of
+ view of the current man:user_namespaces(7).
+
+`vsgid`::
+ Virtual saved set-group ID: saved set-group ID as seen from the point of
+ view of the current man:user_namespaces(7).
+
[[state-dump]]
LTTng-UST state dump
LTTNG_UST_CONTEXT_PID_NS = 12,
LTTNG_UST_CONTEXT_USER_NS = 13,
LTTNG_UST_CONTEXT_UTS_NS = 14,
+ LTTNG_UST_CONTEXT_VUID = 15,
+ LTTNG_UST_CONTEXT_VEUID = 16,
+ LTTNG_UST_CONTEXT_VSUID = 17,
+ LTTNG_UST_CONTEXT_VGID = 18,
+ LTTNG_UST_CONTEXT_VEGID = 19,
+ LTTNG_UST_CONTEXT_VSGID = 20,
};
struct lttng_ust_perf_counter_ctx {
int lttng_add_pid_ns_to_ctx(struct lttng_ctx **ctx);
int lttng_add_user_ns_to_ctx(struct lttng_ctx **ctx);
int lttng_add_uts_ns_to_ctx(struct lttng_ctx **ctx);
+int lttng_add_vuid_to_ctx(struct lttng_ctx **ctx);
+int lttng_add_veuid_to_ctx(struct lttng_ctx **ctx);
+int lttng_add_vsuid_to_ctx(struct lttng_ctx **ctx);
+int lttng_add_vgid_to_ctx(struct lttng_ctx **ctx);
+int lttng_add_vegid_to_ctx(struct lttng_ctx **ctx);
+int lttng_add_vsgid_to_ctx(struct lttng_ctx **ctx);
void lttng_context_vtid_reset(void);
void lttng_context_vpid_reset(void);
void lttng_context_procname_reset(void);
void lttng_context_pid_ns_reset(void);
void lttng_context_user_ns_reset(void);
void lttng_context_uts_ns_reset(void);
+void lttng_context_vuid_reset(void);
+void lttng_context_veuid_reset(void);
+void lttng_context_vsuid_reset(void);
+void lttng_context_vgid_reset(void);
+void lttng_context_vegid_reset(void);
+void lttng_context_vsgid_reset(void);
#ifdef LTTNG_UST_HAVE_PERF_EVENT
int lttng_add_perf_counter_to_ctx(uint32_t type,
extern void ust_after_fork_child(sigset_t *restore_sigset);
extern void ust_after_setns(void);
extern void ust_after_unshare(void);
+extern void ust_after_setuid(void);
+extern void ust_after_setgid(void);
+extern void ust_after_seteuid(void);
+extern void ust_after_setegid(void);
+extern void ust_after_setreuid(void);
+extern void ust_after_setregid(void);
+extern void ust_after_setresuid(void);
+extern void ust_after_setresgid(void);
#ifdef __cplusplus
}
return retval;
}
+int setuid(uid_t uid)
+{
+ static int (*plibc_func)(uid_t uid) = NULL;
+ int retval;
+ int saved_errno;
+
+ if (plibc_func == NULL) {
+ plibc_func = dlsym(RTLD_NEXT, "setuid");
+ if (plibc_func == NULL) {
+ fprintf(stderr, "libustfork: unable to find \"setuid\" symbol\n");
+ errno = ENOSYS;
+ return -1;
+ }
+ }
+
+ /* Do the real setuid */
+ retval = plibc_func(uid);
+ saved_errno = errno;
+
+ ust_after_setuid();
+
+ errno = saved_errno;
+ return retval;
+}
+
+int setgid(gid_t gid)
+{
+ static int (*plibc_func)(gid_t gid) = NULL;
+ int retval;
+ int saved_errno;
+
+ if (plibc_func == NULL) {
+ plibc_func = dlsym(RTLD_NEXT, "setgid");
+ if (plibc_func == NULL) {
+ fprintf(stderr, "libustfork: unable to find \"setgid\" symbol\n");
+ errno = ENOSYS;
+ return -1;
+ }
+ }
+
+ /* Do the real setgid */
+ retval = plibc_func(gid);
+ saved_errno = errno;
+
+ ust_after_setgid();
+
+ errno = saved_errno;
+ return retval;
+}
+
+int seteuid(uid_t euid)
+{
+ static int (*plibc_func)(uid_t euid) = NULL;
+ int retval;
+ int saved_errno;
+
+ if (plibc_func == NULL) {
+ plibc_func = dlsym(RTLD_NEXT, "seteuid");
+ if (plibc_func == NULL) {
+ fprintf(stderr, "libustfork: unable to find \"seteuid\" symbol\n");
+ errno = ENOSYS;
+ return -1;
+ }
+ }
+
+ /* Do the real seteuid */
+ retval = plibc_func(euid);
+ saved_errno = errno;
+
+ ust_after_seteuid();
+
+ errno = saved_errno;
+ return retval;
+}
+
+int setegid(gid_t egid)
+{
+ static int (*plibc_func)(gid_t egid) = NULL;
+ int retval;
+ int saved_errno;
+
+ if (plibc_func == NULL) {
+ plibc_func = dlsym(RTLD_NEXT, "setegid");
+ if (plibc_func == NULL) {
+ fprintf(stderr, "libustfork: unable to find \"setegid\" symbol\n");
+ errno = ENOSYS;
+ return -1;
+ }
+ }
+
+ /* Do the real setegid */
+ retval = plibc_func(egid);
+ saved_errno = errno;
+
+ ust_after_setegid();
+
+ errno = saved_errno;
+ return retval;
+}
+
+int setreuid(uid_t ruid, uid_t euid)
+{
+ static int (*plibc_func)(uid_t ruid, uid_t euid) = NULL;
+ int retval;
+ int saved_errno;
+
+ if (plibc_func == NULL) {
+ plibc_func = dlsym(RTLD_NEXT, "setreuid");
+ if (plibc_func == NULL) {
+ fprintf(stderr, "libustfork: unable to find \"setreuid\" symbol\n");
+ errno = ENOSYS;
+ return -1;
+ }
+ }
+
+ /* Do the real setreuid */
+ retval = plibc_func(ruid, euid);
+ saved_errno = errno;
+
+ ust_after_setreuid();
+
+ errno = saved_errno;
+ return retval;
+}
+
+int setregid(gid_t rgid, gid_t egid)
+{
+ static int (*plibc_func)(gid_t rgid, gid_t egid) = NULL;
+ int retval;
+ int saved_errno;
+
+ if (plibc_func == NULL) {
+ plibc_func = dlsym(RTLD_NEXT, "setregid");
+ if (plibc_func == NULL) {
+ fprintf(stderr, "libustfork: unable to find \"setregid\" symbol\n");
+ errno = ENOSYS;
+ return -1;
+ }
+ }
+
+ /* Do the real setregid */
+ retval = plibc_func(rgid, egid);
+ saved_errno = errno;
+
+ ust_after_setregid();
+
+ errno = saved_errno;
+ return retval;
+}
+
#ifdef __linux__
struct user_desc;
return retval;
}
+int setresuid(uid_t ruid, uid_t euid, uid_t suid)
+{
+ static int (*plibc_func)(uid_t ruid, uid_t euid, uid_t suid) = NULL;
+ int retval;
+ int saved_errno;
+
+ if (plibc_func == NULL) {
+ plibc_func = dlsym(RTLD_NEXT, "setresuid");
+ if (plibc_func == NULL) {
+ fprintf(stderr, "libustfork: unable to find \"setresuid\" symbol\n");
+ errno = ENOSYS;
+ return -1;
+ }
+ }
+
+ /* Do the real setresuid */
+ retval = plibc_func(ruid, euid, suid);
+ saved_errno = errno;
+
+ ust_after_setresuid();
+
+ errno = saved_errno;
+ return retval;
+}
+
+int setresgid(gid_t rgid, gid_t egid, gid_t sgid)
+{
+ static int (*plibc_func)(gid_t rgid, gid_t egid, gid_t sgid) = NULL;
+ int retval;
+ int saved_errno;
+
+ if (plibc_func == NULL) {
+ plibc_func = dlsym(RTLD_NEXT, "setresgid");
+ if (plibc_func == NULL) {
+ fprintf(stderr, "libustfork: unable to find \"setresgid\" symbol\n");
+ errno = ENOSYS;
+ return -1;
+ }
+ }
+
+ /* Do the real setresgid */
+ retval = plibc_func(rgid, egid, sgid);
+ saved_errno = errno;
+
+ ust_after_setresgid();
+
+ errno = saved_errno;
+ return retval;
+}
+
#elif defined (__FreeBSD__)
pid_t rfork(int flags)
lttng-context-pid-ns.c \
lttng-context-user-ns.c \
lttng-context-uts-ns.c \
+ lttng-context-vuid.c \
+ lttng-context-veuid.c \
+ lttng-context-vsuid.c \
+ lttng-context-vgid.c \
+ lttng-context-vegid.c \
+ lttng-context-vsgid.c \
lttng-context.c \
lttng-events.c \
lttng-filter.c \
getenv.h \
string-utils.c \
string-utils.h \
- ns.h
+ ns.h \
+ creds.h
if HAVE_PERF_EVENT
liblttng_ust_runtime_la_SOURCES += \
--- /dev/null
+#ifndef _LTTNG_CREDS_H
+#define _LTTNG_CREDS_H
+
+/*
+ * Copyright (c) 2019 - Michael Jeanson <mjeanson@efficios.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; only
+ * version 2.1 of the License.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+/*
+ * This is used in the kernel as an invalid value.
+ */
+
+#define INVALID_UID (uid_t) -1
+#define INVALID_GID (gid_t) -1
+
+#endif /* _LTTNG_CREDS_H */
--- /dev/null
+/*
+ * lttng-context-vegid.c
+ *
+ * LTTng UST namespaced effective group ID context.
+ *
+ * Copyright (C) 2009-2012 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
+ * 2019 Michael Jeanson <mjeanson@efficios.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; only
+ * version 2.1 of the License.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#define _LGPL_SOURCE
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <lttng/ust-events.h>
+#include <lttng/ust-tracer.h>
+#include <lttng/ringbuffer-config.h>
+#include "creds.h"
+
+
+/*
+ * At the kernel level, user IDs and group IDs are a per-thread attribute.
+ * However, POSIX requires that all threads in a process share the same
+ * credentials. The NPTL threading implementation handles the POSIX
+ * requirements by providing wrapper functions for the various system calls
+ * that change process UIDs and GIDs. These wrapper functions (including those
+ * for setreuid() and setregid()) employ a signal-based technique to ensure
+ * that when one thread changes credentials, all of the other threads in the
+ * process also change their credentials.
+ */
+
+/*
+ * We cache the result to ensure we don't trigger a system call for
+ * each event. User / group IDs are global to the process.
+ */
+static gid_t cached_vegid = INVALID_GID;
+
+static
+gid_t get_vegid(void)
+{
+ gid_t vegid;
+
+ vegid = CMM_LOAD_SHARED(cached_vegid);
+
+ if (caa_unlikely(vegid == INVALID_GID)) {
+ vegid = getegid();
+ CMM_STORE_SHARED(cached_vegid, vegid);
+ }
+
+ return vegid;
+}
+
+/*
+ * The vegid can change on setuid, setreuid, setresuid and seteuid.
+ */
+void lttng_context_vegid_reset(void)
+{
+ CMM_STORE_SHARED(cached_vegid, INVALID_GID);
+}
+
+static
+size_t vegid_get_size(struct lttng_ctx_field *field, size_t offset)
+{
+ size_t size = 0;
+
+ size += lib_ring_buffer_align(offset, lttng_alignof(gid_t));
+ size += sizeof(gid_t);
+ return size;
+}
+
+static
+void vegid_record(struct lttng_ctx_field *field,
+ struct lttng_ust_lib_ring_buffer_ctx *ctx,
+ struct lttng_channel *chan)
+{
+ gid_t vegid;
+
+ vegid = get_vegid();
+ lib_ring_buffer_align_ctx(ctx, lttng_alignof(vegid));
+ chan->ops->event_write(ctx, &vegid, sizeof(vegid));
+}
+
+static
+void vegid_get_value(struct lttng_ctx_field *field,
+ struct lttng_ctx_value *value)
+{
+ value->u.s64 = get_vegid();
+}
+
+int lttng_add_vegid_to_ctx(struct lttng_ctx **ctx)
+{
+ struct lttng_ctx_field *field;
+
+ field = lttng_append_context(ctx);
+ if (!field)
+ return -ENOMEM;
+ if (lttng_find_context(*ctx, "vegid")) {
+ lttng_remove_context_field(ctx, field);
+ return -EEXIST;
+ }
+ field->event_field.name = "vegid";
+ field->event_field.type.atype = atype_integer;
+ field->event_field.type.u.basic.integer.size = sizeof(gid_t) * CHAR_BIT;
+ field->event_field.type.u.basic.integer.alignment = lttng_alignof(gid_t) * CHAR_BIT;
+ field->event_field.type.u.basic.integer.signedness = lttng_is_signed_type(gid_t);
+ field->event_field.type.u.basic.integer.reverse_byte_order = 0;
+ field->event_field.type.u.basic.integer.base = 10;
+ field->event_field.type.u.basic.integer.encoding = lttng_encode_none;
+ field->get_size = vegid_get_size;
+ field->record = vegid_record;
+ field->get_value = vegid_get_value;
+ lttng_context_update(*ctx);
+ return 0;
+}
--- /dev/null
+/*
+ * lttng-context-veuid.c
+ *
+ * LTTng UST namespaced effective user ID context.
+ *
+ * Copyright (C) 2009-2012 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
+ * 2019 Michael Jeanson <mjeanson@efficios.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; only
+ * version 2.1 of the License.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#define _LGPL_SOURCE
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <lttng/ust-events.h>
+#include <lttng/ust-tracer.h>
+#include <lttng/ringbuffer-config.h>
+#include "creds.h"
+
+
+/*
+ * At the kernel level, user IDs and group IDs are a per-thread attribute.
+ * However, POSIX requires that all threads in a process share the same
+ * credentials. The NPTL threading implementation handles the POSIX
+ * requirements by providing wrapper functions for the various system calls
+ * that change process UIDs and GIDs. These wrapper functions (including those
+ * for setreuid() and setregid()) employ a signal-based technique to ensure
+ * that when one thread changes credentials, all of the other threads in the
+ * process also change their credentials.
+ */
+
+/*
+ * We cache the result to ensure we don't trigger a system call for
+ * each event. User / group IDs are global to the process.
+ */
+static uid_t cached_veuid = INVALID_UID;
+
+static
+uid_t get_veuid(void)
+{
+ uid_t veuid;
+
+ veuid = CMM_LOAD_SHARED(cached_veuid);
+
+ if (caa_unlikely(veuid == INVALID_UID)) {
+ veuid = geteuid();
+ CMM_STORE_SHARED(cached_veuid, veuid);
+ }
+
+ return veuid;
+}
+
+/*
+ * The veuid can change on setuid, setreuid, setresuid and seteuid.
+ */
+void lttng_context_veuid_reset(void)
+{
+ CMM_STORE_SHARED(cached_veuid, INVALID_UID);
+}
+
+static
+size_t veuid_get_size(struct lttng_ctx_field *field, size_t offset)
+{
+ size_t size = 0;
+
+ size += lib_ring_buffer_align(offset, lttng_alignof(uid_t));
+ size += sizeof(uid_t);
+ return size;
+}
+
+static
+void veuid_record(struct lttng_ctx_field *field,
+ struct lttng_ust_lib_ring_buffer_ctx *ctx,
+ struct lttng_channel *chan)
+{
+ uid_t veuid;
+
+ veuid = get_veuid();
+ lib_ring_buffer_align_ctx(ctx, lttng_alignof(veuid));
+ chan->ops->event_write(ctx, &veuid, sizeof(veuid));
+}
+
+static
+void veuid_get_value(struct lttng_ctx_field *field,
+ struct lttng_ctx_value *value)
+{
+ value->u.s64 = get_veuid();
+}
+
+int lttng_add_veuid_to_ctx(struct lttng_ctx **ctx)
+{
+ struct lttng_ctx_field *field;
+
+ field = lttng_append_context(ctx);
+ if (!field)
+ return -ENOMEM;
+ if (lttng_find_context(*ctx, "veuid")) {
+ lttng_remove_context_field(ctx, field);
+ return -EEXIST;
+ }
+ field->event_field.name = "veuid";
+ field->event_field.type.atype = atype_integer;
+ field->event_field.type.u.basic.integer.size = sizeof(uid_t) * CHAR_BIT;
+ field->event_field.type.u.basic.integer.alignment = lttng_alignof(uid_t) * CHAR_BIT;
+ field->event_field.type.u.basic.integer.signedness = lttng_is_signed_type(uid_t);
+ field->event_field.type.u.basic.integer.reverse_byte_order = 0;
+ field->event_field.type.u.basic.integer.base = 10;
+ field->event_field.type.u.basic.integer.encoding = lttng_encode_none;
+ field->get_size = veuid_get_size;
+ field->record = veuid_record;
+ field->get_value = veuid_get_value;
+ lttng_context_update(*ctx);
+ return 0;
+}
--- /dev/null
+/*
+ * lttng-context-vgid.c
+ *
+ * LTTng UST namespaced real group ID context.
+ *
+ * Copyright (C) 2009-2012 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
+ * 2019 Michael Jeanson <mjeanson@efficios.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; only
+ * version 2.1 of the License.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#define _LGPL_SOURCE
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <lttng/ust-events.h>
+#include <lttng/ust-tracer.h>
+#include <lttng/ringbuffer-config.h>
+#include "creds.h"
+
+
+/*
+ * At the kernel level, user IDs and group IDs are a per-thread attribute.
+ * However, POSIX requires that all threads in a process share the same
+ * credentials. The NPTL threading implementation handles the POSIX
+ * requirements by providing wrapper functions for the various system calls
+ * that change process UIDs and GIDs. These wrapper functions (including those
+ * for setreuid() and setregid()) employ a signal-based technique to ensure
+ * that when one thread changes credentials, all of the other threads in the
+ * process also change their credentials.
+ */
+
+/*
+ * We cache the result to ensure we don't trigger a system call for
+ * each event. User / group IDs are global to the process.
+ */
+static gid_t cached_vgid = INVALID_GID;
+
+static
+gid_t get_vgid(void)
+{
+ gid_t vgid;
+
+ vgid = CMM_LOAD_SHARED(cached_vgid);
+
+ if (caa_unlikely(cached_vgid == (gid_t) -1)) {
+ vgid = getgid();
+ CMM_STORE_SHARED(cached_vgid, vgid);
+ }
+
+ return vgid;
+}
+
+/*
+ * The vgid can change on setuid, setreuid and setresuid.
+ */
+void lttng_context_vgid_reset(void)
+{
+ CMM_STORE_SHARED(cached_vgid, INVALID_GID);
+}
+
+static
+size_t vgid_get_size(struct lttng_ctx_field *field, size_t offset)
+{
+ size_t size = 0;
+
+ size += lib_ring_buffer_align(offset, lttng_alignof(gid_t));
+ size += sizeof(gid_t);
+ return size;
+}
+
+static
+void vgid_record(struct lttng_ctx_field *field,
+ struct lttng_ust_lib_ring_buffer_ctx *ctx,
+ struct lttng_channel *chan)
+{
+ gid_t vgid;
+
+ vgid = get_vgid();
+ lib_ring_buffer_align_ctx(ctx, lttng_alignof(vgid));
+ chan->ops->event_write(ctx, &vgid, sizeof(vgid));
+}
+
+static
+void vgid_get_value(struct lttng_ctx_field *field,
+ struct lttng_ctx_value *value)
+{
+ value->u.s64 = get_vgid();
+}
+
+int lttng_add_vgid_to_ctx(struct lttng_ctx **ctx)
+{
+ struct lttng_ctx_field *field;
+
+ field = lttng_append_context(ctx);
+ if (!field)
+ return -ENOMEM;
+ if (lttng_find_context(*ctx, "vgid")) {
+ lttng_remove_context_field(ctx, field);
+ return -EEXIST;
+ }
+ field->event_field.name = "vgid";
+ field->event_field.type.atype = atype_integer;
+ field->event_field.type.u.basic.integer.size = sizeof(gid_t) * CHAR_BIT;
+ field->event_field.type.u.basic.integer.alignment = lttng_alignof(gid_t) * CHAR_BIT;
+ field->event_field.type.u.basic.integer.signedness = lttng_is_signed_type(gid_t);
+ field->event_field.type.u.basic.integer.reverse_byte_order = 0;
+ field->event_field.type.u.basic.integer.base = 10;
+ field->event_field.type.u.basic.integer.encoding = lttng_encode_none;
+ field->get_size = vgid_get_size;
+ field->record = vgid_record;
+ field->get_value = vgid_get_value;
+ lttng_context_update(*ctx);
+ return 0;
+}
--- /dev/null
+/*
+ * lttng-context-vsgid.c
+ *
+ * LTTng UST namespaced saved set-group ID context.
+ *
+ * Copyright (C) 2009-2012 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
+ * 2019 Michael Jeanson <mjeanson@efficios.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; only
+ * version 2.1 of the License.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#define _GNU_SOURCE
+#define _LGPL_SOURCE
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <lttng/ust-events.h>
+#include <lttng/ust-tracer.h>
+#include <lttng/ringbuffer-config.h>
+#include "creds.h"
+
+
+/*
+ * At the kernel level, user IDs and group IDs are a per-thread attribute.
+ * However, POSIX requires that all threads in a process share the same
+ * credentials. The NPTL threading implementation handles the POSIX
+ * requirements by providing wrapper functions for the various system calls
+ * that change process UIDs and GIDs. These wrapper functions (including those
+ * for setreuid() and setregid()) employ a signal-based technique to ensure
+ * that when one thread changes credentials, all of the other threads in the
+ * process also change their credentials.
+ */
+
+/*
+ * We cache the result to ensure we don't trigger a system call for
+ * each event. User / group IDs are global to the process.
+ */
+static gid_t cached_vsgid = INVALID_GID;
+
+static
+gid_t get_vsgid(void)
+{
+ gid_t vsgid;
+
+ vsgid = CMM_LOAD_SHARED(cached_vsgid);
+
+ if (caa_unlikely(vsgid == INVALID_GID)) {
+ gid_t gid, egid, sgid;
+
+ if (getresgid(&gid, &egid, &sgid) == 0) {
+ vsgid = sgid;
+ CMM_STORE_SHARED(cached_vsgid, vsgid);
+ }
+ }
+
+ return vsgid;
+}
+
+/*
+ * The vsgid can change on setuid, setreuid and setresuid.
+ */
+void lttng_context_vsgid_reset(void)
+{
+ CMM_STORE_SHARED(cached_vsgid, INVALID_GID);
+}
+
+static
+size_t vsgid_get_size(struct lttng_ctx_field *field, size_t offset)
+{
+ size_t size = 0;
+
+ size += lib_ring_buffer_align(offset, lttng_alignof(gid_t));
+ size += sizeof(gid_t);
+ return size;
+}
+
+static
+void vsgid_record(struct lttng_ctx_field *field,
+ struct lttng_ust_lib_ring_buffer_ctx *ctx,
+ struct lttng_channel *chan)
+{
+ gid_t vsgid;
+
+ vsgid = get_vsgid();
+ lib_ring_buffer_align_ctx(ctx, lttng_alignof(vsgid));
+ chan->ops->event_write(ctx, &vsgid, sizeof(vsgid));
+}
+
+static
+void vsgid_get_value(struct lttng_ctx_field *field,
+ struct lttng_ctx_value *value)
+{
+ value->u.s64 = get_vsgid();
+}
+
+int lttng_add_vsgid_to_ctx(struct lttng_ctx **ctx)
+{
+ struct lttng_ctx_field *field;
+
+ field = lttng_append_context(ctx);
+ if (!field)
+ return -ENOMEM;
+ if (lttng_find_context(*ctx, "vsgid")) {
+ lttng_remove_context_field(ctx, field);
+ return -EEXIST;
+ }
+ field->event_field.name = "vsgid";
+ field->event_field.type.atype = atype_integer;
+ field->event_field.type.u.basic.integer.size = sizeof(gid_t) * CHAR_BIT;
+ field->event_field.type.u.basic.integer.alignment = lttng_alignof(gid_t) * CHAR_BIT;
+ field->event_field.type.u.basic.integer.signedness = lttng_is_signed_type(gid_t);
+ field->event_field.type.u.basic.integer.reverse_byte_order = 0;
+ field->event_field.type.u.basic.integer.base = 10;
+ field->event_field.type.u.basic.integer.encoding = lttng_encode_none;
+ field->get_size = vsgid_get_size;
+ field->record = vsgid_record;
+ field->get_value = vsgid_get_value;
+ lttng_context_update(*ctx);
+ return 0;
+}
--- /dev/null
+/*
+ * lttng-context-vsuid.c
+ *
+ * LTTng UST namespaced saved set-user ID context.
+ *
+ * Copyright (C) 2009-2012 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
+ * 2019 Michael Jeanson <mjeanson@efficios.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; only
+ * version 2.1 of the License.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#define _GNU_SOURCE
+#define _LGPL_SOURCE
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <lttng/ust-events.h>
+#include <lttng/ust-tracer.h>
+#include <lttng/ringbuffer-config.h>
+#include "creds.h"
+
+
+/*
+ * At the kernel level, user IDs and group IDs are a per-thread attribute.
+ * However, POSIX requires that all threads in a process share the same
+ * credentials. The NPTL threading implementation handles the POSIX
+ * requirements by providing wrapper functions for the various system calls
+ * that change process UIDs and GIDs. These wrapper functions (including those
+ * for setreuid() and setregid()) employ a signal-based technique to ensure
+ * that when one thread changes credentials, all of the other threads in the
+ * process also change their credentials.
+ */
+
+/*
+ * We cache the result to ensure we don't trigger a system call for
+ * each event. User / group IDs are global to the process.
+ */
+static uid_t cached_vsuid = INVALID_UID;
+
+static
+uid_t get_vsuid(void)
+{
+ uid_t vsuid;
+
+ vsuid = CMM_LOAD_SHARED(cached_vsuid);
+
+ if (caa_unlikely(vsuid == INVALID_UID)) {
+ uid_t uid, euid, suid;
+
+ if (getresuid(&uid, &euid, &suid) == 0) {
+ vsuid = suid;
+ CMM_STORE_SHARED(cached_vsuid, vsuid);
+ }
+ }
+
+ return vsuid;
+}
+
+/*
+ * The vsuid can change on setuid, setreuid and setresuid.
+ */
+void lttng_context_vsuid_reset(void)
+{
+ CMM_STORE_SHARED(cached_vsuid, INVALID_UID);
+}
+
+static
+size_t vsuid_get_size(struct lttng_ctx_field *field, size_t offset)
+{
+ size_t size = 0;
+
+ size += lib_ring_buffer_align(offset, lttng_alignof(uid_t));
+ size += sizeof(uid_t);
+ return size;
+}
+
+static
+void vsuid_record(struct lttng_ctx_field *field,
+ struct lttng_ust_lib_ring_buffer_ctx *ctx,
+ struct lttng_channel *chan)
+{
+ uid_t vsuid;
+
+ vsuid = get_vsuid();
+ lib_ring_buffer_align_ctx(ctx, lttng_alignof(vsuid));
+ chan->ops->event_write(ctx, &vsuid, sizeof(vsuid));
+}
+
+static
+void vsuid_get_value(struct lttng_ctx_field *field,
+ struct lttng_ctx_value *value)
+{
+ value->u.s64 = get_vsuid();
+}
+
+int lttng_add_vsuid_to_ctx(struct lttng_ctx **ctx)
+{
+ struct lttng_ctx_field *field;
+
+ field = lttng_append_context(ctx);
+ if (!field)
+ return -ENOMEM;
+ if (lttng_find_context(*ctx, "vsuid")) {
+ lttng_remove_context_field(ctx, field);
+ return -EEXIST;
+ }
+ field->event_field.name = "vsuid";
+ field->event_field.type.atype = atype_integer;
+ field->event_field.type.u.basic.integer.size = sizeof(uid_t) * CHAR_BIT;
+ field->event_field.type.u.basic.integer.alignment = lttng_alignof(uid_t) * CHAR_BIT;
+ field->event_field.type.u.basic.integer.signedness = lttng_is_signed_type(uid_t);
+ field->event_field.type.u.basic.integer.reverse_byte_order = 0;
+ field->event_field.type.u.basic.integer.base = 10;
+ field->event_field.type.u.basic.integer.encoding = lttng_encode_none;
+ field->get_size = vsuid_get_size;
+ field->record = vsuid_record;
+ field->get_value = vsuid_get_value;
+ lttng_context_update(*ctx);
+ return 0;
+}
--- /dev/null
+/*
+ * lttng-context-vuid.c
+ *
+ * LTTng UST namespaced real user ID context.
+ *
+ * Copyright (C) 2009-2012 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
+ * 2019 Michael Jeanson <mjeanson@efficios.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; only
+ * version 2.1 of the License.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#define _LGPL_SOURCE
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <lttng/ust-events.h>
+#include <lttng/ust-tracer.h>
+#include <lttng/ringbuffer-config.h>
+#include "creds.h"
+
+
+/*
+ * At the kernel level, user IDs and group IDs are a per-thread attribute.
+ * However, POSIX requires that all threads in a process share the same
+ * credentials. The NPTL threading implementation handles the POSIX
+ * requirements by providing wrapper functions for the various system calls
+ * that change process UIDs and GIDs. These wrapper functions (including those
+ * for setreuid() and setregid()) employ a signal-based technique to ensure
+ * that when one thread changes credentials, all of the other threads in the
+ * process also change their credentials.
+ */
+
+/*
+ * We cache the result to ensure we don't trigger a system call for
+ * each event. User / group IDs are global to the process.
+ */
+static uid_t cached_vuid = INVALID_UID;
+
+static
+uid_t get_vuid(void)
+{
+ uid_t vuid;
+
+ vuid = CMM_LOAD_SHARED(cached_vuid);
+
+ if (caa_unlikely(vuid == INVALID_UID)) {
+ vuid = getuid();
+ CMM_STORE_SHARED(cached_vuid, vuid);
+ }
+
+ return vuid;
+}
+
+/*
+ * The vuid can change on setuid, setreuid and setresuid.
+ */
+void lttng_context_vuid_reset(void)
+{
+ CMM_STORE_SHARED(cached_vuid, INVALID_UID);
+}
+
+static
+size_t vuid_get_size(struct lttng_ctx_field *field, size_t offset)
+{
+ size_t size = 0;
+
+ size += lib_ring_buffer_align(offset, lttng_alignof(uid_t));
+ size += sizeof(uid_t);
+ return size;
+}
+
+static
+void vuid_record(struct lttng_ctx_field *field,
+ struct lttng_ust_lib_ring_buffer_ctx *ctx,
+ struct lttng_channel *chan)
+{
+ uid_t vuid;
+
+ vuid = get_vuid();
+ lib_ring_buffer_align_ctx(ctx, lttng_alignof(vuid));
+ chan->ops->event_write(ctx, &vuid, sizeof(vuid));
+}
+
+static
+void vuid_get_value(struct lttng_ctx_field *field,
+ struct lttng_ctx_value *value)
+{
+ value->u.s64 = get_vuid();
+}
+
+int lttng_add_vuid_to_ctx(struct lttng_ctx **ctx)
+{
+ struct lttng_ctx_field *field;
+
+ field = lttng_append_context(ctx);
+ if (!field)
+ return -ENOMEM;
+ if (lttng_find_context(*ctx, "vuid")) {
+ lttng_remove_context_field(ctx, field);
+ return -EEXIST;
+ }
+ field->event_field.name = "vuid";
+ field->event_field.type.atype = atype_integer;
+ field->event_field.type.u.basic.integer.size = sizeof(uid_t) * CHAR_BIT;
+ field->event_field.type.u.basic.integer.alignment = lttng_alignof(uid_t) * CHAR_BIT;
+ field->event_field.type.u.basic.integer.signedness = lttng_is_signed_type(uid_t);
+ field->event_field.type.u.basic.integer.reverse_byte_order = 0;
+ field->event_field.type.u.basic.integer.base = 10;
+ field->event_field.type.u.basic.integer.encoding = lttng_encode_none;
+ field->get_size = vuid_get_size;
+ field->record = vuid_record;
+ field->get_value = vuid_get_value;
+ lttng_context_update(*ctx);
+ return 0;
+}
WARN("Cannot add context lttng_add_uts_ns_to_ctx");
goto error;
}
+ ret = lttng_add_vuid_to_ctx(ctx);
+ if (ret) {
+ WARN("Cannot add context lttng_add_vuid_to_ctx");
+ goto error;
+ }
+ ret = lttng_add_veuid_to_ctx(ctx);
+ if (ret) {
+ WARN("Cannot add context lttng_add_veuid_to_ctx");
+ goto error;
+ }
+ ret = lttng_add_vsuid_to_ctx(ctx);
+ if (ret) {
+ WARN("Cannot add context lttng_add_vsuid_to_ctx");
+ goto error;
+ }
+ ret = lttng_add_vgid_to_ctx(ctx);
+ if (ret) {
+ WARN("Cannot add context lttng_add_vgid_to_ctx");
+ goto error;
+ }
+ ret = lttng_add_vegid_to_ctx(ctx);
+ if (ret) {
+ WARN("Cannot add context lttng_add_vegid_to_ctx");
+ goto error;
+ }
+ ret = lttng_add_vsgid_to_ctx(ctx);
+ if (ret) {
+ WARN("Cannot add context lttng_add_vsgid_to_ctx");
+ goto error;
+ }
lttng_context_update(*ctx);
return 0;
return lttng_add_user_ns_to_ctx(ctx);
case LTTNG_UST_CONTEXT_UTS_NS:
return lttng_add_uts_ns_to_ctx(ctx);
+ case LTTNG_UST_CONTEXT_VUID:
+ return lttng_add_vuid_to_ctx(ctx);
+ case LTTNG_UST_CONTEXT_VEUID:
+ return lttng_add_veuid_to_ctx(ctx);
+ case LTTNG_UST_CONTEXT_VSUID:
+ return lttng_add_vsuid_to_ctx(ctx);
+ case LTTNG_UST_CONTEXT_VGID:
+ return lttng_add_vgid_to_ctx(ctx);
+ case LTTNG_UST_CONTEXT_VEGID:
+ return lttng_add_vegid_to_ctx(ctx);
+ case LTTNG_UST_CONTEXT_VSGID:
+ return lttng_add_vsgid_to_ctx(ctx);
default:
return -EINVAL;
}
lttng_context_uts_ns_reset();
}
+static
+void ust_context_vuids_reset(void)
+{
+ lttng_context_vuid_reset();
+ lttng_context_veuid_reset();
+ lttng_context_vsuid_reset();
+}
+
+static
+void ust_context_vgids_reset(void)
+{
+ lttng_context_vgid_reset();
+ lttng_context_vegid_reset();
+ lttng_context_vsgid_reset();
+}
+
/*
* We exclude the worker threads across fork and clone (except
* CLONE_VM), because these system calls only keep the forking thread
lttng_context_vtid_reset();
lttng_context_procname_reset();
ust_context_ns_reset();
+ ust_context_vuids_reset();
+ ust_context_vgids_reset();
DBG("process %d", getpid());
/* Release urcu mutexes */
urcu_bp_after_fork_child();
void ust_after_setns(void)
{
ust_context_ns_reset();
+ ust_context_vuids_reset();
+ ust_context_vgids_reset();
}
void ust_after_unshare(void)
{
ust_context_ns_reset();
+ ust_context_vuids_reset();
+ ust_context_vgids_reset();
+}
+
+void ust_after_setuid(void)
+{
+ ust_context_vuids_reset();
+}
+
+void ust_after_seteuid(void)
+{
+ ust_context_vuids_reset();
+}
+
+void ust_after_setreuid(void)
+{
+ ust_context_vuids_reset();
+}
+
+void ust_after_setresuid(void)
+{
+ ust_context_vuids_reset();
+}
+
+void ust_after_setgid(void)
+{
+ ust_context_vgids_reset();
+}
+
+void ust_after_setegid(void)
+{
+ ust_context_vgids_reset();
+}
+
+void ust_after_setregid(void)
+{
+ ust_context_vgids_reset();
+}
+
+void ust_after_setresgid(void)
+{
+ ust_context_vgids_reset();
}
void lttng_ust_sockinfo_session_enabled(void *owner)
projects / lttng-ust.git / commitdiff
