1.201. systemtap
1.201.1. RHBA-2010:0070: bug fix update
Note
This update has already been released (prior to the GA of this release) as errata RHBA-2010:0070
SystemTap is an instrumentation system for systems running the Linux kernel, version 2.6. Developers can write scripts to collect data on the operation of the system.
This update addresses the following issue:
* abnormal shutdowns, triggered at the same time as probe startups, triggered a race condition, and consequent kernel panics, when multiple systemtap commands ran simultaneously. The probe setup could be called during or after the probe shutdown which lead to kernel callbacks remaining registered after modules were unloaded. Setup activities, shutdown activities and related flags are now guarded by mutex (mutual exclusion) algorithms, ensuring strict ordering which obviates the race condition and prevents the kernel panics from occurring. This update also includes a new test -- /usr/share/systemtap/testsuite/systemtap.base/pr10854.exp -- that checks for this race condition. (BZ#543058)
All systemtap users should upgrade to these updated packages, which resolve this issue.
1.201.2. RHSA-2010:0124: Important security update
Important
This update has already been released (prior to the GA of this release) as the security errata RHSA-2010:0124
This update has been rated as having important security impact by the Red Hat Security Response Team.
SystemTap is an instrumentation system for systems running the Linux kernel, version 2.6. Developers can write scripts to collect data on the operation of the system.
A flaw was found in the SystemTap compile server, stap-server, an optional component of SystemTap. This server did not adequately sanitize input provided by the stap-client program, which may allow a remote user to execute arbitrary shell code with the privileges of the compile server process, which could possibly be running as the root user. (CVE-2009-4273)
Note: stap-server is not run by default. It must be started by a user or administrator.
A buffer overflow flaw was found in SystemTap's tapset __get_argv() function. If a privileged user ran a SystemTap script that called this function, a local, unprivileged user could, while that script is still running, trigger this flaw and cause memory corruption by running a command with a large argument list, which may lead to a system crash or, potentially, arbitrary code execution with root privileges. (CVE-2010-0411)
Note: SystemTap scripts that call __get_argv(), being a privileged function, can only be executed by the root user or users in the stapdev group. As well, if such a script was compiled and installed by root, users in the stapusr group would also be able to execute it.
SystemTap users should upgrade to these updated packages, which contain backported patches to correct these issues.
1.201.3. RHBA-2010:0308: bug fix and enhancement update
SystemTap provides an instrumentation infrastructure for systems running the Linux 2.6 kernel. It allows users to write scripts that probe and trace system events for monitoring and profiling purposes. SystemTap's framework allows users to investigate and monitor a wide variety of kernel functions, system calls, and other evens that occur in both kernel-space and user-space.
With this update, SystemTap is now re-based on upstream release version 1.1 (BZ#515829). This update also applies the following fixes and enhancements:
- The
systemtap-testsuitepackage contained test cases that were incorrectly not configured as 'executable' (systemtap.base/bz10078.stp,buildko/two.stp, andbuildok/thirty.stp). Any test runs involving these cases failed unexpectedly. This release fixes the permissions for all test cases; it also fixes minor test case issues relating to an incorrect header file reference insystemtap.base/sdt.exp, an incorrect execution sequence insystemtap.base/labels.exp, and an incorrect reference to a missing script insystemtap.base/crash.exp. (BZ#506959, BZ#559643, and BZ#513654) - This update also fixes several typographical errors in the
manpages ofstap-serverandstap-client. (BZ#516691) - Using the
task_pid()function in a SystemTap script while thekernel-debuginfopackage was not installed could incorrectly result in a semantic error. This update applies an upstream patch to thetask.stptapset, which fixes the issue. (BZ#519314) - This release also includes sample scripts for probing kernel tracepoints, namely:
memory/mmanonpage.stpmemory/mmfilepage.stpmemory/mmreclaim.stpmemory/mmwriteback.stpnetwork/dropwatch.stpprocess/schedtimes.stp
- Killing concurrent
staprunprocesses could result in a kernel panic. This was becauseruntime/procfs.conly checked if/proc/systemtapwas being used before deleting it, resulting in a race condition that made it possible for/proc/systemtapto be deleted while a module was still loaded inside. This update fixes the race condition by adding instructions to lock the transport directory and check for files under/proc/systemtapbefore deleting it. (BZ#510282) - The
tcpmib.stpandipmib.stptapsets have been updated to provide per-socket network statistics and dynamic TCP connection tracing. (BZ#512202) - SystemTap now supports signal-based log file switching. As such, the on-file flight recorder can easily backup its latest logs on-the-fly. (BZ#517091)
- Using
SIGKILLon thestapprocess will not terminate its child process,stapio. As such, users may not be aware that a SystemTap module is still probing the system, which will result in performance degradation. This update adds a note inman stapwarning users of this behavior. (BZ#523356) - Previous updates to SystemTap changed the order of parameters in the output of
stap. This could cause problems in third-party tools that use SystemTap to probe kernel functions. This update reverts the order of parameters to its original sequence, which is also consistent with their order in the kernel source code. (BZ#560890) - The
sys32_pipefunction was removed in updated kernels, but the system call tapsets for the x86_64 kernel still contained an alias that used this function. As a result, using the probesyscall.*resulted in a semantic error. With this release, the system call tapsets for the x86_64 kernel make thesyscall.pipeprobe alias (which usessys32_pipe) optional, thereby avoiding the error. (BZ#563114) - The unprivileged user mode in this release is stricter, carefully restricting the types of probes an allowed for unprivileged users. In addition, unprivileged user mode also features clearer diagnostic messages whenever users attempt to use restricted probes. (BZ#564443)
- It was possible to call the module shutdown code while a start-up was in progress; this could leave some kernel callbacks registered after the module has unloaded. As such, running multiple SystemTap scripts could crash the system. This update adds mutual exclusions to both shutdown and startup codes, thereby preventing a possible crash. (BZ#521610)
- The
literal_addr_to_sym_addr()function did not correctly compute for marker addresses. As such, markers became inaccessible after runningprelink; this prevented scripts that used markers from compiling. This release fixes theliteral_addr_to_sym_addr(), ensuring that marker addresses are accessible after runningprelink. (BZ#564445) - Updates to GCC changed the format of variable locations it provided during compile time. However, the code used by SystemTap to process variable locations (in
loc2c.c) was not updated accordingly to understand this new format. This could prevent some variables from initializing properly. With this release, theloc2c.cfile is updated to correctly process the new format used by GCC for variable locations. (BZ#536807)
SystemTap users are advised to apply this update.
