On 19/03/20(Thu) 20:53, Klemens Nanni wrote:
> Changing file permissions on /dev/dt to allow non-root access and a
> simple `btrace -l' as non-root user already dt(4)'s KASSERT()s.
Would you mind sharing traces?
> Instead of panicing the machine I think we can return early just like
> in other failure cases and either allow the requested operation as
> non-root (listing available probes works) or let it fail further down
> in the ioctl path (probing as non-root will not work).
>
> Feedback? OK?
Silence failure is not helping. This sounds like a hack to be able to
run dt(4) as a user, not a real audit of what can be done or not.
These two functions aren't safe to be call by !root so why are they
called? That might be a way forward.
That said I'd prefer if we could delay this kind of refactoring until
most of the features are supported. This isn't a priority right now.
> Index: dev/dt/dt_dev.c
> ===================================================================
> RCS file: /cvs/src/sys/dev/dt/dt_dev.c,v
> retrieving revision 1.4
> diff -u -p -r1.4 dt_dev.c
> --- dev/dt/dt_dev.c 4 Feb 2020 10:56:15 -0000 1.4
> +++ dev/dt/dt_dev.c 19 Mar 2020 19:44:27 -0000
> @@ -406,7 +406,8 @@ dt_ioctl_record_stop(struct dt_softc *sc
> {
> struct dt_pcb *dp;
>
> - KASSERT(suser(curproc) == 0);
> + if (suser(curproc) != 0)
> + return;
>
> if (!sc->ds_recording)
> return;
> @@ -438,7 +439,8 @@ dt_ioctl_probe_enable(struct dt_softc *s
> struct dt_pcb *dp;
> int error;
>
> - KASSERT(suser(curproc) == 0);
> + if (suser(curproc) != 0)
> + return EPERM;
>
> if (!dtioc_req_isvalid(dtrq))
> return EINVAL;
>
