This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: How does embedded C + annotations + privileges really play together?

From: fche at redhat dot com (Frank Ch. Eigler)
To: muller at redhat dot com
Cc: systemtap at sourceware dot org
Date: Wed, 30 May 2012 11:30:43 -0400
Subject: Re: How does embedded C + annotations + privileges really play together?
References: <1338386955.24366.17.camel@ziltoid.englab.brq.redhat.com>

Petr Muller <muller@redhat.com> writes:

> Seems logical, but then there follows a description of "The embedded-C
> code may contain markers to ...", which contains stuff like '/*
> unprivileged */' and '/* guru */'. The first one says that with these
> annotations it should be possible to use embedded C even as a
> unprivileged user, and the second one seems simply redundant.

The /* guru */ markup is useful in embedded-C functions in the tapset.
Normally, embedded-C code in the tapset is allowed to be called,
without stap -g guru mode, because it is presumed to be
safely/competently written.  These are usually for direct invocation
from within the tapset handlers themselves.

Such functions may not be invoked from --privilege=stapusr mode at
all, unless they are instead marked /* unprivileged */.  These

Follow-Ups:
- Re: How does embedded C + annotations + privileges really play together?
  - From: Bryn M. Reeves
- Re: How does embedded C + annotations + privileges really play together?
  - From: Frank Ch. Eigler

References:
- How does embedded C + annotations + privileges really play together?
  - From: Petr Muller

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]