Determining userland return address (from syscall)

[Rojer]

Greetings, much respected FreeBAS Hackers! :)

I am developing a kernel module that implements a custom syscall and 
needs to know from what exact userland address was the call made.
Being concerned about choosing the most correct approach, I turned to 
this list for help.
Please provide as much information as you can.

For those interested I will explain the purpose.

I've been thinking of some way to let Apache children a limited ability 
to setuid() as a solution for both suexec and the infamous 
PHP-as-a-module issue.
The solution I am about to implement is based on a custom setuid 
syscall, that would allow limited list of processes to obtain root 
privileges from a limited set of locations (supposedly, the trusted 
ones, originating in the httpd's .text section).
The modified Apache child would issue such a syscall, get root 
privileges and then immediately setusercontext() for the request it is 
about to process.
The list of processes and locations would be maintained by Apache parent 
that runs with root privileges already, child processes would not be 
allowed to modify the list.
The key point here is ability to trust a call being made from a specific 
location. I assume that process cannot change its .text section once 
loaded so this scheme would no be abused by overwriting the location 
with malicious code. Am I correct here? What do you think of this scheme 
overall?

Thank you.

-- 
Deomid Ryabkov aka Rojer
myself at rojer.pp.ru
rojer at sysadmins.ru
ICQ: 8025844
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3228 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20050103/889f3afb/smime.bin