1 /* $OpenBSD: kvm_proc.c,v 1.35 2007/10/10 15:53:51 art Exp $ */ 2 /* $NetBSD: kvm_proc.c,v 1.30 1999/03/24 05:50:50 mrg Exp $ */ 3 /*- 4 * Copyright (c) 1998 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Charles M. Hannum. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the NetBSD 21 * Foundation, Inc. and its contributors. 22 * 4. Neither the name of The NetBSD Foundation nor the names of its 23 * contributors may be used to endorse or promote products derived 24 * from this software without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 27 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 36 * POSSIBILITY OF SUCH DAMAGE. 37 */ 38 /*- 39 * Copyright (c) 1994, 1995 Charles M. Hannum. All rights reserved. 40 * Copyright (c) 1989, 1992, 1993 41 * The Regents of the University of California. All rights reserved. 42 * 43 * This code is derived from software developed by the Computer Systems 44 * Engineering group at Lawrence Berkeley Laboratory under DARPA contract 45 * BG 91-66 and contributed to Berkeley. 46 * 47 * Redistribution and use in source and binary forms, with or without 48 * modification, are permitted provided that the following conditions 49 * are met: 50 * 1. Redistributions of source code must retain the above copyright 51 * notice, this list of conditions and the following disclaimer. 52 * 2. Redistributions in binary form must reproduce the above copyright 53 * notice, this list of conditions and the following disclaimer in the 54 * documentation and/or other materials provided with the distribution. 55 * 3. Neither the name of the University nor the names of its contributors 56 * may be used to endorse or promote products derived from this software 57 * without specific prior written permission. 58 * 59 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 60 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 61 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 62 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 63 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 64 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 65 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 66 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 67 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 68 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 69 * SUCH DAMAGE. 70 */ 71 72 #if defined(LIBC_SCCS) && !defined(lint) 73 #if 0 74 static char sccsid[] = "@(#)kvm_proc.c 8.3 (Berkeley) 9/23/93"; 75 #else 76 static char *rcsid = "$OpenBSD: kvm_proc.c,v 1.35 2007/10/10 15:53:51 art Exp $"; 77 #endif 78 #endif /* LIBC_SCCS and not lint */ 79 80 /* 81 * Proc traversal interface for kvm. ps and w are (probably) the exclusive 82 * users of this code, so we've factored it out into a separate module. 83 * Thus, we keep this grunge out of the other kvm applications (i.e., 84 * most other applications are interested only in open/close/read/nlist). 85 */ 86 87 #define __need_process 88 #include <sys/param.h> 89 #include <sys/user.h> 90 #include <sys/proc.h> 91 #include <sys/exec.h> 92 #include <sys/stat.h> 93 #include <sys/ioctl.h> 94 #include <sys/tty.h> 95 #include <stdlib.h> 96 #include <string.h> 97 #include <unistd.h> 98 #include <nlist.h> 99 #include <kvm.h> 100 101 #include <uvm/uvm_extern.h> 102 #include <uvm/uvm_amap.h> 103 #include <machine/vmparam.h> 104 #include <machine/pmap.h> 105 106 #include <sys/sysctl.h> 107 108 #include <limits.h> 109 #include <db.h> 110 #include <paths.h> 111 112 #include "kvm_private.h" 113 114 /* 115 * Common info from kinfo_proc and kinfo_proc2 used by helper routines. 116 */ 117 struct miniproc { 118 struct vmspace *p_vmspace; 119 char p_stat; 120 struct proc *p_paddr; 121 pid_t p_pid; 122 }; 123 124 /* 125 * Convert from struct proc and kinfo_proc{,2} to miniproc. 126 */ 127 #define PTOMINI(kp, p) \ 128 do { \ 129 (p)->p_stat = (kp)->p_stat; \ 130 (p)->p_pid = (kp)->p_pid; \ 131 (p)->p_paddr = NULL; \ 132 (p)->p_vmspace = (kp)->p_vmspace; \ 133 } while (/*CONSTCOND*/0); 134 135 #define KPTOMINI(kp, p) \ 136 do { \ 137 (p)->p_stat = (kp)->kp_proc.p_stat; \ 138 (p)->p_pid = (kp)->kp_proc.p_pid; \ 139 (p)->p_paddr = (kp)->kp_eproc.e_paddr; \ 140 (p)->p_vmspace = (kp)->kp_proc.p_vmspace; \ 141 } while (/*CONSTCOND*/0); 142 143 #define KP2TOMINI(kp, p) \ 144 do { \ 145 (p)->p_stat = (kp)->p_stat; \ 146 (p)->p_pid = (kp)->p_pid; \ 147 (p)->p_paddr = (void *)(long)(kp)->p_paddr; \ 148 (p)->p_vmspace = (void *)(long)(kp)->p_vmspace; \ 149 } while (/*CONSTCOND*/0); 150 151 152 #define PTRTOINT64(foo) ((u_int64_t)(u_long)(foo)) 153 154 #define KREAD(kd, addr, obj) \ 155 (kvm_read(kd, addr, (void *)(obj), sizeof(*obj)) != sizeof(*obj)) 156 157 ssize_t kvm_uread(kvm_t *, const struct proc *, u_long, char *, size_t); 158 159 static char *_kvm_ureadm(kvm_t *, const struct miniproc *, u_long, u_long *); 160 static ssize_t kvm_ureadm(kvm_t *, const struct miniproc *, u_long, char *, size_t); 161 162 static char **kvm_argv(kvm_t *, const struct miniproc *, u_long, int, int); 163 164 static int kvm_deadprocs(kvm_t *, int, int, u_long, u_long, int); 165 static char **kvm_doargv(kvm_t *, const struct miniproc *, int, 166 void (*)(struct ps_strings *, u_long *, int *)); 167 static int kvm_proclist(kvm_t *, int, int, struct proc *, 168 struct kinfo_proc *, int); 169 static int proc_verify(kvm_t *, const struct miniproc *); 170 static void ps_str_a(struct ps_strings *, u_long *, int *); 171 static void ps_str_e(struct ps_strings *, u_long *, int *); 172 173 static char * 174 _kvm_ureadm(kvm_t *kd, const struct miniproc *p, u_long va, u_long *cnt) 175 { 176 u_long addr, head, offset, slot; 177 struct vm_anon *anonp, anon; 178 struct vm_map_entry vme; 179 struct vm_amap amap; 180 struct vm_page pg; 181 182 if (kd->swapspc == 0) { 183 kd->swapspc = _kvm_malloc(kd, kd->nbpg); 184 if (kd->swapspc == 0) 185 return (0); 186 } 187 188 /* 189 * Look through the address map for the memory object 190 * that corresponds to the given virtual address. 191 * The header just has the entire valid range. 192 */ 193 head = (u_long)&p->p_vmspace->vm_map.header; 194 addr = head; 195 while (1) { 196 if (KREAD(kd, addr, &vme)) 197 return (0); 198 199 if (va >= vme.start && va < vme.end && 200 vme.aref.ar_amap != NULL) 201 break; 202 203 addr = (u_long)vme.next; 204 if (addr == head) 205 return (0); 206 } 207 208 /* 209 * we found the map entry, now to find the object... 210 */ 211 if (vme.aref.ar_amap == NULL) 212 return (NULL); 213 214 addr = (u_long)vme.aref.ar_amap; 215 if (KREAD(kd, addr, &amap)) 216 return (NULL); 217 218 offset = va - vme.start; 219 slot = offset / kd->nbpg + vme.aref.ar_pageoff; 220 /* sanity-check slot number */ 221 if (slot > amap.am_nslot) 222 return (NULL); 223 224 addr = (u_long)amap.am_anon + (offset / kd->nbpg) * sizeof(anonp); 225 if (KREAD(kd, addr, &anonp)) 226 return (NULL); 227 228 addr = (u_long)anonp; 229 if (KREAD(kd, addr, &anon)) 230 return (NULL); 231 232 addr = (u_long)anon.an_page; 233 if (addr) { 234 if (KREAD(kd, addr, &pg)) 235 return (NULL); 236 237 if (_kvm_pread(kd, kd->pmfd, (void *)kd->swapspc, 238 (size_t)kd->nbpg, (off_t)pg.phys_addr) != kd->nbpg) 239 return (NULL); 240 } else { 241 if (_kvm_pread(kd, kd->swfd, (void *)kd->swapspc, 242 (size_t)kd->nbpg, 243 (off_t)(anon.an_swslot * kd->nbpg)) != kd->nbpg) 244 return (NULL); 245 } 246 247 /* Found the page. */ 248 offset %= kd->nbpg; 249 *cnt = kd->nbpg - offset; 250 return (&kd->swapspc[offset]); 251 } 252 253 char * 254 _kvm_uread(kvm_t *kd, const struct proc *p, u_long va, u_long *cnt) 255 { 256 struct miniproc mp; 257 258 PTOMINI(p, &mp); 259 return (_kvm_ureadm(kd, &mp, va, cnt)); 260 } 261 262 /* 263 * Read proc's from memory file into buffer bp, which has space to hold 264 * at most maxcnt procs. 265 */ 266 static int 267 kvm_proclist(kvm_t *kd, int what, int arg, struct proc *p, 268 struct kinfo_proc *bp, int maxcnt) 269 { 270 struct session sess; 271 struct eproc eproc; 272 struct proc proc; 273 struct process process; 274 struct pgrp pgrp; 275 struct tty tty; 276 int cnt = 0; 277 278 for (; cnt < maxcnt && p != NULL; p = LIST_NEXT(&proc, p_list)) { 279 if (KREAD(kd, (u_long)p, &proc)) { 280 _kvm_err(kd, kd->program, "can't read proc at %x", p); 281 return (-1); 282 } 283 if (KREAD(kd, (u_long)proc.p_p, &process)) { 284 _kvm_err(kd, kd->program, "can't read process at %x", proc.p_p); 285 return (-1); 286 } 287 if (KREAD(kd, (u_long)process.ps_cred, &eproc.e_pcred) == 0) 288 KREAD(kd, (u_long)eproc.e_pcred.pc_ucred, 289 &eproc.e_ucred); 290 291 switch (what) { 292 case KERN_PROC_PID: 293 if (proc.p_pid != (pid_t)arg) 294 continue; 295 break; 296 297 case KERN_PROC_UID: 298 if (eproc.e_ucred.cr_uid != (uid_t)arg) 299 continue; 300 break; 301 302 case KERN_PROC_RUID: 303 if (eproc.e_pcred.p_ruid != (uid_t)arg) 304 continue; 305 break; 306 307 case KERN_PROC_ALL: 308 if (proc.p_flag & P_SYSTEM) 309 continue; 310 break; 311 } 312 /* 313 * We're going to add another proc to the set. If this 314 * will overflow the buffer, assume the reason is because 315 * nprocs (or the proc list) is corrupt and declare an error. 316 */ 317 if (cnt >= maxcnt) { 318 _kvm_err(kd, kd->program, "nprocs corrupt"); 319 return (-1); 320 } 321 /* 322 * gather eproc 323 */ 324 eproc.e_paddr = p; 325 if (KREAD(kd, (u_long)proc.p_pgrp, &pgrp)) { 326 _kvm_err(kd, kd->program, "can't read pgrp at %x", 327 proc.p_pgrp); 328 return (-1); 329 } 330 eproc.e_sess = pgrp.pg_session; 331 eproc.e_pgid = pgrp.pg_id; 332 eproc.e_jobc = pgrp.pg_jobc; 333 if (KREAD(kd, (u_long)pgrp.pg_session, &sess)) { 334 _kvm_err(kd, kd->program, "can't read session at %x", 335 pgrp.pg_session); 336 return (-1); 337 } 338 if ((proc.p_flag & P_CONTROLT) && sess.s_ttyp != NULL) { 339 if (KREAD(kd, (u_long)sess.s_ttyp, &tty)) { 340 _kvm_err(kd, kd->program, 341 "can't read tty at %x", sess.s_ttyp); 342 return (-1); 343 } 344 eproc.e_tdev = tty.t_dev; 345 eproc.e_tsess = tty.t_session; 346 if (tty.t_pgrp != NULL) { 347 if (KREAD(kd, (u_long)tty.t_pgrp, &pgrp)) { 348 _kvm_err(kd, kd->program, 349 "can't read tpgrp at &x", 350 tty.t_pgrp); 351 return (-1); 352 } 353 eproc.e_tpgid = pgrp.pg_id; 354 } else 355 eproc.e_tpgid = -1; 356 } else 357 eproc.e_tdev = NODEV; 358 eproc.e_flag = sess.s_ttyvp ? EPROC_CTTY : 0; 359 if (sess.s_leader == p) 360 eproc.e_flag |= EPROC_SLEADER; 361 if (proc.p_wmesg) 362 (void)kvm_read(kd, (u_long)proc.p_wmesg, 363 eproc.e_wmesg, WMESGLEN); 364 365 (void)kvm_read(kd, (u_long)proc.p_vmspace, 366 &eproc.e_vm, sizeof(eproc.e_vm)); 367 368 eproc.e_xsize = eproc.e_xrssize = 0; 369 eproc.e_xccount = eproc.e_xswrss = 0; 370 371 switch (what) { 372 case KERN_PROC_PGRP: 373 if (eproc.e_pgid != (pid_t)arg) 374 continue; 375 break; 376 377 case KERN_PROC_TTY: 378 if ((proc.p_flag & P_CONTROLT) == 0 || 379 eproc.e_tdev != (dev_t)arg) 380 continue; 381 break; 382 } 383 bcopy(&proc, &bp->kp_proc, sizeof(proc)); 384 bcopy(&eproc, &bp->kp_eproc, sizeof(eproc)); 385 ++bp; 386 ++cnt; 387 } 388 return (cnt); 389 } 390 391 /* 392 * Build proc info array by reading in proc list from a crash dump. 393 * Return number of procs read. maxcnt is the max we will read. 394 */ 395 static int 396 kvm_deadprocs(kvm_t *kd, int what, int arg, u_long a_allproc, 397 u_long a_zombproc, int maxcnt) 398 { 399 struct kinfo_proc *bp = kd->procbase; 400 struct proc *p; 401 int acnt, zcnt; 402 403 if (KREAD(kd, a_allproc, &p)) { 404 _kvm_err(kd, kd->program, "cannot read allproc"); 405 return (-1); 406 } 407 acnt = kvm_proclist(kd, what, arg, p, bp, maxcnt); 408 if (acnt < 0) 409 return (acnt); 410 411 if (KREAD(kd, a_zombproc, &p)) { 412 _kvm_err(kd, kd->program, "cannot read zombproc"); 413 return (-1); 414 } 415 zcnt = kvm_proclist(kd, what, arg, p, bp + acnt, maxcnt - acnt); 416 if (zcnt < 0) 417 zcnt = 0; 418 419 return (acnt + zcnt); 420 } 421 422 struct kinfo_proc2 * 423 kvm_getproc2(kvm_t *kd, int op, int arg, size_t esize, int *cnt) 424 { 425 int mib[6], st, nprocs; 426 struct user user; 427 size_t size; 428 429 if ((ssize_t)esize < 0) 430 return (NULL); 431 432 if (kd->procbase2 != NULL) { 433 free(kd->procbase2); 434 /* 435 * Clear this pointer in case this call fails. Otherwise, 436 * kvm_close() will free it again. 437 */ 438 kd->procbase2 = 0; 439 } 440 441 if (ISALIVE(kd)) { 442 size = 0; 443 mib[0] = CTL_KERN; 444 mib[1] = KERN_PROC2; 445 mib[2] = op; 446 mib[3] = arg; 447 mib[4] = esize; 448 mib[5] = 0; 449 st = sysctl(mib, 6, NULL, &size, NULL, 0); 450 if (st == -1) { 451 _kvm_syserr(kd, kd->program, "kvm_getproc2"); 452 return (NULL); 453 } 454 455 mib[5] = size / esize; 456 kd->procbase2 = _kvm_malloc(kd, size); 457 if (kd->procbase2 == 0) 458 return (NULL); 459 st = sysctl(mib, 6, kd->procbase2, &size, NULL, 0); 460 if (st == -1) { 461 _kvm_syserr(kd, kd->program, "kvm_getproc2"); 462 return (NULL); 463 } 464 nprocs = size / esize; 465 } else { 466 struct kinfo_proc2 kp2, *kp2p; 467 struct kinfo_proc *kp; 468 char *kp2c; 469 int i; 470 471 kp = kvm_getprocs(kd, op, arg, &nprocs); 472 if (kp == NULL) 473 return (NULL); 474 475 kd->procbase2 = _kvm_malloc(kd, nprocs * esize); 476 kp2c = (char *)kd->procbase2; 477 kp2p = &kp2; 478 for (i = 0; i < nprocs; i++, kp++) { 479 memset(kp2p, 0, sizeof(kp2)); 480 kp2p->p_paddr = PTRTOINT64(kp->kp_eproc.e_paddr); 481 482 kp2p->p_addr = PTRTOINT64(kp->kp_proc.p_addr); 483 kp2p->p_fd = PTRTOINT64(kp->kp_proc.p_fd); 484 kp2p->p_stats = PTRTOINT64(kp->kp_proc.p_stats); 485 kp2p->p_limit = PTRTOINT64(kp->kp_eproc.e_limit); 486 kp2p->p_vmspace = PTRTOINT64(kp->kp_proc.p_vmspace); 487 kp2p->p_sigacts = PTRTOINT64(kp->kp_proc.p_sigacts); 488 kp2p->p_sess = PTRTOINT64(kp->kp_eproc.e_sess); 489 kp2p->p_tsess = 0; 490 kp2p->p_ru = PTRTOINT64(kp->kp_proc.p_ru); 491 492 kp2p->p_eflag = 0; 493 kp2p->p_exitsig = kp->kp_proc.p_exitsig; 494 kp2p->p_flag = kp->kp_proc.p_flag; 495 496 kp2p->p_pid = kp->kp_proc.p_pid; 497 498 kp2p->p_ppid = kp->kp_eproc.e_ppid; 499 #if 0 500 kp2p->p_sid = kp->kp_eproc.e_sid; 501 #else 502 kp2p->p_sid = -1; /* XXX */ 503 #endif 504 kp2p->p__pgid = kp->kp_eproc.e_pgid; 505 506 kp2p->p_tpgid = -1; 507 508 kp2p->p_uid = kp->kp_eproc.e_ucred.cr_uid; 509 kp2p->p_ruid = kp->kp_eproc.e_pcred.p_ruid; 510 kp2p->p_gid = kp->kp_eproc.e_ucred.cr_gid; 511 kp2p->p_rgid = kp->kp_eproc.e_pcred.p_rgid; 512 513 memcpy(kp2p->p_groups, kp->kp_eproc.e_ucred.cr_groups, 514 MIN(sizeof(kp2p->p_groups), 515 sizeof(kp->kp_eproc.e_ucred.cr_groups))); 516 kp2p->p_ngroups = kp->kp_eproc.e_ucred.cr_ngroups; 517 518 kp2p->p_jobc = kp->kp_eproc.e_jobc; 519 kp2p->p_tdev = kp->kp_eproc.e_tdev; 520 kp2p->p_tpgid = kp->kp_eproc.e_tpgid; 521 kp2p->p_tsess = PTRTOINT64(kp->kp_eproc.e_tsess); 522 523 kp2p->p_estcpu = kp->kp_proc.p_estcpu; 524 kp2p->p_rtime_sec = kp->kp_proc.p_estcpu; 525 kp2p->p_rtime_usec = kp->kp_proc.p_estcpu; 526 kp2p->p_cpticks = kp->kp_proc.p_cpticks; 527 kp2p->p_pctcpu = kp->kp_proc.p_pctcpu; 528 kp2p->p_swtime = kp->kp_proc.p_swtime; 529 kp2p->p_slptime = kp->kp_proc.p_slptime; 530 kp2p->p_schedflags = 0; 531 532 kp2p->p_uticks = kp->kp_proc.p_uticks; 533 kp2p->p_sticks = kp->kp_proc.p_sticks; 534 kp2p->p_iticks = kp->kp_proc.p_iticks; 535 536 kp2p->p_tracep = PTRTOINT64(kp->kp_proc.p_tracep); 537 kp2p->p_traceflag = kp->kp_proc.p_traceflag; 538 539 kp2p->p_holdcnt = 1; 540 541 kp2p->p_siglist = kp->kp_proc.p_siglist; 542 kp2p->p_sigmask = kp->kp_proc.p_sigmask; 543 kp2p->p_sigignore = kp->kp_proc.p_sigignore; 544 kp2p->p_sigcatch = kp->kp_proc.p_sigcatch; 545 546 kp2p->p_stat = kp->kp_proc.p_stat; 547 kp2p->p_priority = kp->kp_proc.p_priority; 548 kp2p->p_usrpri = kp->kp_proc.p_usrpri; 549 kp2p->p_nice = kp->kp_proc.p_nice; 550 551 kp2p->p_xstat = kp->kp_proc.p_xstat; 552 kp2p->p_acflag = kp->kp_proc.p_acflag; 553 554 strncpy(kp2p->p_comm, kp->kp_proc.p_comm, 555 MIN(sizeof(kp2p->p_comm), sizeof(kp->kp_proc.p_comm))); 556 557 strncpy(kp2p->p_wmesg, kp->kp_eproc.e_wmesg, 558 sizeof(kp2p->p_wmesg)); 559 kp2p->p_wchan = PTRTOINT64(kp->kp_proc.p_wchan); 560 561 strncpy(kp2p->p_login, kp->kp_eproc.e_login, 562 sizeof(kp2p->p_login)); 563 564 kp2p->p_vm_rssize = kp->kp_eproc.e_xrssize; 565 kp2p->p_vm_tsize = kp->kp_eproc.e_vm.vm_tsize; 566 kp2p->p_vm_dsize = kp->kp_eproc.e_vm.vm_dsize; 567 kp2p->p_vm_ssize = kp->kp_eproc.e_vm.vm_ssize; 568 569 kp2p->p_eflag = kp->kp_eproc.e_flag; 570 571 if (P_ZOMBIE(&kp->kp_proc) || kp->kp_proc.p_addr == NULL || 572 KREAD(kd, (u_long)kp->kp_proc.p_addr, &user)) { 573 kp2p->p_uvalid = 0; 574 } else { 575 kp2p->p_uvalid = 1; 576 577 kp2p->p_ustart_sec = user.u_stats.p_start.tv_sec; 578 kp2p->p_ustart_usec = user.u_stats.p_start.tv_usec; 579 580 kp2p->p_uutime_sec = user.u_stats.p_ru.ru_utime.tv_sec; 581 kp2p->p_uutime_usec = user.u_stats.p_ru.ru_utime.tv_usec; 582 kp2p->p_ustime_sec = user.u_stats.p_ru.ru_stime.tv_sec; 583 kp2p->p_ustime_usec = user.u_stats.p_ru.ru_stime.tv_usec; 584 585 kp2p->p_uru_maxrss = user.u_stats.p_ru.ru_maxrss; 586 kp2p->p_uru_ixrss = user.u_stats.p_ru.ru_ixrss; 587 kp2p->p_uru_idrss = user.u_stats.p_ru.ru_idrss; 588 kp2p->p_uru_isrss = user.u_stats.p_ru.ru_isrss; 589 kp2p->p_uru_minflt = user.u_stats.p_ru.ru_minflt; 590 kp2p->p_uru_majflt = user.u_stats.p_ru.ru_majflt; 591 kp2p->p_uru_nswap = user.u_stats.p_ru.ru_nswap; 592 kp2p->p_uru_inblock = user.u_stats.p_ru.ru_inblock; 593 kp2p->p_uru_oublock = user.u_stats.p_ru.ru_oublock; 594 kp2p->p_uru_msgsnd = user.u_stats.p_ru.ru_msgsnd; 595 kp2p->p_uru_msgrcv = user.u_stats.p_ru.ru_msgrcv; 596 kp2p->p_uru_nsignals = user.u_stats.p_ru.ru_nsignals; 597 kp2p->p_uru_nvcsw = user.u_stats.p_ru.ru_nvcsw; 598 kp2p->p_uru_nivcsw = user.u_stats.p_ru.ru_nivcsw; 599 600 kp2p->p_uctime_sec = 601 user.u_stats.p_cru.ru_utime.tv_sec + 602 user.u_stats.p_cru.ru_stime.tv_sec; 603 kp2p->p_uctime_usec = 604 user.u_stats.p_cru.ru_utime.tv_usec + 605 user.u_stats.p_cru.ru_stime.tv_usec; 606 } 607 608 memcpy(kp2c, &kp2, esize); 609 kp2c += esize; 610 } 611 612 free(kd->procbase); 613 } 614 *cnt = nprocs; 615 return (kd->procbase2); 616 } 617 618 struct kinfo_proc * 619 kvm_getprocs(kvm_t *kd, int op, int arg, int *cnt) 620 { 621 int mib[4], st, nprocs; 622 size_t size; 623 624 if (kd->procbase != 0) { 625 free((void *)kd->procbase); 626 /* 627 * Clear this pointer in case this call fails. Otherwise, 628 * kvm_close() will free it again. 629 */ 630 kd->procbase = 0; 631 } 632 if (ISALIVE(kd)) { 633 size = 0; 634 mib[0] = CTL_KERN; 635 mib[1] = KERN_PROC; 636 mib[2] = op; 637 mib[3] = arg; 638 st = sysctl(mib, 4, NULL, &size, NULL, 0); 639 if (st == -1) { 640 _kvm_syserr(kd, kd->program, "kvm_getprocs"); 641 return (0); 642 } 643 kd->procbase = _kvm_malloc(kd, size); 644 if (kd->procbase == 0) 645 return (0); 646 st = sysctl(mib, 4, kd->procbase, &size, NULL, 0); 647 if (st == -1) { 648 _kvm_syserr(kd, kd->program, "kvm_getprocs"); 649 return (0); 650 } 651 if (size % sizeof(struct kinfo_proc) != 0) { 652 _kvm_err(kd, kd->program, 653 "proc size mismatch (%d total, %d chunks)", 654 size, sizeof(struct kinfo_proc)); 655 return (0); 656 } 657 nprocs = size / sizeof(struct kinfo_proc); 658 } else { 659 struct nlist nl[4], *p; 660 661 memset(nl, 0, sizeof(nl)); 662 nl[0].n_name = "_nprocs"; 663 nl[1].n_name = "_allproc"; 664 nl[2].n_name = "_zombproc"; 665 nl[3].n_name = NULL; 666 667 if (kvm_nlist(kd, nl) != 0) { 668 for (p = nl; p->n_type != 0; ++p) 669 ; 670 _kvm_err(kd, kd->program, 671 "%s: no such symbol", p->n_name); 672 return (0); 673 } 674 if (KREAD(kd, nl[0].n_value, &nprocs)) { 675 _kvm_err(kd, kd->program, "can't read nprocs"); 676 return (0); 677 } 678 size = nprocs * sizeof(struct kinfo_proc); 679 kd->procbase = _kvm_malloc(kd, size); 680 if (kd->procbase == 0) 681 return (0); 682 683 nprocs = kvm_deadprocs(kd, op, arg, nl[1].n_value, 684 nl[2].n_value, nprocs); 685 #ifdef notdef 686 size = nprocs * sizeof(struct kinfo_proc); 687 (void)realloc(kd->procbase, size); 688 #endif 689 } 690 *cnt = nprocs; 691 return (kd->procbase); 692 } 693 694 void 695 _kvm_freeprocs(kvm_t *kd) 696 { 697 if (kd->procbase) { 698 free(kd->procbase); 699 kd->procbase = 0; 700 } 701 } 702 703 void * 704 _kvm_realloc(kvm_t *kd, void *p, size_t n) 705 { 706 void *np = (void *)realloc(p, n); 707 708 if (np == 0) 709 _kvm_err(kd, kd->program, "out of memory"); 710 return (np); 711 } 712 713 /* 714 * Read in an argument vector from the user address space of process p. 715 * addr if the user-space base address of narg null-terminated contiguous 716 * strings. This is used to read in both the command arguments and 717 * environment strings. Read at most maxcnt characters of strings. 718 */ 719 static char ** 720 kvm_argv(kvm_t *kd, const struct miniproc *p, u_long addr, int narg, 721 int maxcnt) 722 { 723 char *np, *cp, *ep, *ap, **argv; 724 u_long oaddr = -1; 725 int len, cc; 726 727 /* 728 * Check that there aren't an unreasonable number of agruments, 729 * and that the address is in user space. 730 */ 731 if (narg > ARG_MAX || addr < VM_MIN_ADDRESS || addr >= VM_MAXUSER_ADDRESS) 732 return (0); 733 734 if (kd->argv == 0) { 735 /* 736 * Try to avoid reallocs. 737 */ 738 kd->argc = MAX(narg + 1, 32); 739 kd->argv = _kvm_malloc(kd, kd->argc * 740 sizeof(*kd->argv)); 741 if (kd->argv == 0) 742 return (0); 743 } else if (narg + 1 > kd->argc) { 744 kd->argc = MAX(2 * kd->argc, narg + 1); 745 kd->argv = (char **)_kvm_realloc(kd, kd->argv, kd->argc * 746 sizeof(*kd->argv)); 747 if (kd->argv == 0) 748 return (0); 749 } 750 if (kd->argspc == 0) { 751 kd->argspc = _kvm_malloc(kd, kd->nbpg); 752 if (kd->argspc == 0) 753 return (0); 754 kd->arglen = kd->nbpg; 755 } 756 if (kd->argbuf == 0) { 757 kd->argbuf = _kvm_malloc(kd, kd->nbpg); 758 if (kd->argbuf == 0) 759 return (0); 760 } 761 cc = sizeof(char *) * narg; 762 if (kvm_ureadm(kd, p, addr, (char *)kd->argv, cc) != cc) 763 return (0); 764 ap = np = kd->argspc; 765 argv = kd->argv; 766 len = 0; 767 768 /* 769 * Loop over pages, filling in the argument vector. 770 */ 771 while (argv < kd->argv + narg && *argv != 0) { 772 addr = (u_long)*argv & ~(kd->nbpg - 1); 773 if (addr != oaddr) { 774 if (kvm_ureadm(kd, p, addr, kd->argbuf, kd->nbpg) != 775 kd->nbpg) 776 return (0); 777 oaddr = addr; 778 } 779 addr = (u_long)*argv & (kd->nbpg - 1); 780 cp = kd->argbuf + addr; 781 cc = kd->nbpg - addr; 782 if (maxcnt > 0 && cc > maxcnt - len) 783 cc = maxcnt - len; 784 ep = memchr(cp, '\0', cc); 785 if (ep != 0) 786 cc = ep - cp + 1; 787 if (len + cc > kd->arglen) { 788 int off; 789 char **pp; 790 char *op = kd->argspc; 791 792 kd->arglen *= 2; 793 kd->argspc = (char *)_kvm_realloc(kd, kd->argspc, 794 kd->arglen); 795 if (kd->argspc == 0) 796 return (0); 797 /* 798 * Adjust argv pointers in case realloc moved 799 * the string space. 800 */ 801 off = kd->argspc - op; 802 for (pp = kd->argv; pp < argv; pp++) 803 *pp += off; 804 ap += off; 805 np += off; 806 } 807 memcpy(np, cp, cc); 808 np += cc; 809 len += cc; 810 if (ep != 0) { 811 *argv++ = ap; 812 ap = np; 813 } else 814 *argv += cc; 815 if (maxcnt > 0 && len >= maxcnt) { 816 /* 817 * We're stopping prematurely. Terminate the 818 * current string. 819 */ 820 if (ep == 0) { 821 *np = '\0'; 822 *argv++ = ap; 823 } 824 break; 825 } 826 } 827 /* Make sure argv is terminated. */ 828 *argv = 0; 829 return (kd->argv); 830 } 831 832 static void 833 ps_str_a(struct ps_strings *p, u_long *addr, int *n) 834 { 835 *addr = (u_long)p->ps_argvstr; 836 *n = p->ps_nargvstr; 837 } 838 839 static void 840 ps_str_e(struct ps_strings *p, u_long *addr, int *n) 841 { 842 *addr = (u_long)p->ps_envstr; 843 *n = p->ps_nenvstr; 844 } 845 846 /* 847 * Determine if the proc indicated by p is still active. 848 * This test is not 100% foolproof in theory, but chances of 849 * being wrong are very low. 850 */ 851 static int 852 proc_verify(kvm_t *kd, const struct miniproc *p) 853 { 854 struct proc kernproc; 855 856 /* 857 * Just read in the whole proc. It's not that big relative 858 * to the cost of the read system call. 859 */ 860 if (kvm_read(kd, (u_long)p->p_paddr, &kernproc, sizeof(kernproc)) != 861 sizeof(kernproc)) 862 return (0); 863 return (p->p_pid == kernproc.p_pid && 864 (kernproc.p_stat != SZOMB || p->p_stat == SZOMB)); 865 } 866 867 static char ** 868 kvm_doargv(kvm_t *kd, const struct miniproc *p, int nchr, 869 void (*info)(struct ps_strings *, u_long *, int *)) 870 { 871 static struct ps_strings *ps; 872 struct ps_strings arginfo; 873 u_long addr; 874 char **ap; 875 int cnt; 876 877 if (ps == NULL) { 878 struct _ps_strings _ps; 879 int mib[2]; 880 size_t len; 881 882 mib[0] = CTL_VM; 883 mib[1] = VM_PSSTRINGS; 884 len = sizeof(_ps); 885 sysctl(mib, 2, &_ps, &len, NULL, 0); 886 ps = (struct ps_strings *)_ps.val; 887 } 888 889 /* 890 * Pointers are stored at the top of the user stack. 891 */ 892 if (p->p_stat == SZOMB || 893 kvm_ureadm(kd, p, (u_long)ps, (char *)&arginfo, 894 sizeof(arginfo)) != sizeof(arginfo)) 895 return (0); 896 897 (*info)(&arginfo, &addr, &cnt); 898 if (cnt == 0) 899 return (0); 900 ap = kvm_argv(kd, p, addr, cnt, nchr); 901 /* 902 * For live kernels, make sure this process didn't go away. 903 */ 904 if (ap != 0 && ISALIVE(kd) && !proc_verify(kd, p)) 905 ap = 0; 906 return (ap); 907 } 908 909 static char ** 910 kvm_arg_sysctl(kvm_t *kd, pid_t pid, int nchr, int env) 911 { 912 size_t len, orglen; 913 int mib[4], ret; 914 char *buf; 915 916 orglen = env ? kd->nbpg : 8 * kd->nbpg; /* XXX - should be ARG_MAX */ 917 if (kd->argbuf == NULL && 918 (kd->argbuf = _kvm_malloc(kd, orglen)) == NULL) 919 return (NULL); 920 921 again: 922 mib[0] = CTL_KERN; 923 mib[1] = KERN_PROC_ARGS; 924 mib[2] = (int)pid; 925 mib[3] = env ? KERN_PROC_ENV : KERN_PROC_ARGV; 926 927 len = orglen; 928 ret = (sysctl(mib, 4, kd->argbuf, &len, NULL, 0) < 0); 929 if (ret && errno == ENOMEM) { 930 orglen *= 2; 931 buf = _kvm_realloc(kd, kd->argbuf, orglen); 932 if (buf == NULL) 933 return (NULL); 934 kd->argbuf = buf; 935 goto again; 936 } 937 938 if (ret) { 939 free(kd->argbuf); 940 kd->argbuf = NULL; 941 _kvm_syserr(kd, kd->program, "kvm_arg_sysctl"); 942 return (NULL); 943 } 944 #if 0 945 for (argv = (char **)kd->argbuf; *argv != NULL; argv++) 946 if (strlen(*argv) > nchr) 947 *argv[nchr] = '\0'; 948 #endif 949 950 return (char **)(kd->argbuf); 951 } 952 953 /* 954 * Get the command args. This code is now machine independent. 955 */ 956 char ** 957 kvm_getargv(kvm_t *kd, const struct kinfo_proc *kp, int nchr) 958 { 959 struct miniproc p; 960 961 if (ISALIVE(kd)) 962 return (kvm_arg_sysctl(kd, kp->kp_proc.p_pid, nchr, 0)); 963 KPTOMINI(kp, &p); 964 return (kvm_doargv(kd, &p, nchr, ps_str_a)); 965 } 966 967 char ** 968 kvm_getenvv(kvm_t *kd, const struct kinfo_proc *kp, int nchr) 969 { 970 struct miniproc p; 971 972 if (ISALIVE(kd)) 973 return (kvm_arg_sysctl(kd, kp->kp_proc.p_pid, nchr, 1)); 974 KPTOMINI(kp, &p); 975 return (kvm_doargv(kd, &p, nchr, ps_str_e)); 976 } 977 978 char ** 979 kvm_getargv2(kvm_t *kd, const struct kinfo_proc2 *kp, int nchr) 980 { 981 struct miniproc p; 982 983 if (ISALIVE(kd)) 984 return (kvm_arg_sysctl(kd, kp->p_pid, nchr, 0)); 985 KP2TOMINI(kp, &p); 986 return (kvm_doargv(kd, &p, nchr, ps_str_a)); 987 } 988 989 char ** 990 kvm_getenvv2(kvm_t *kd, const struct kinfo_proc2 *kp, int nchr) 991 { 992 struct miniproc p; 993 994 if (ISALIVE(kd)) 995 return (kvm_arg_sysctl(kd, kp->p_pid, nchr, 1)); 996 KP2TOMINI(kp, &p); 997 return (kvm_doargv(kd, &p, nchr, ps_str_e)); 998 } 999 1000 /* 1001 * Read from user space. The user context is given by p. 1002 */ 1003 static ssize_t 1004 kvm_ureadm(kvm_t *kd, const struct miniproc *p, u_long uva, char *buf, 1005 size_t len) 1006 { 1007 char *cp = buf; 1008 1009 while (len > 0) { 1010 u_long cnt; 1011 size_t cc; 1012 char *dp; 1013 1014 dp = _kvm_ureadm(kd, p, uva, &cnt); 1015 if (dp == 0) { 1016 _kvm_err(kd, 0, "invalid address (%lx)", uva); 1017 return (0); 1018 } 1019 cc = (size_t)MIN(cnt, len); 1020 bcopy(dp, cp, cc); 1021 cp += cc; 1022 uva += cc; 1023 len -= cc; 1024 } 1025 return (ssize_t)(cp - buf); 1026 } 1027 1028 ssize_t 1029 kvm_uread(kvm_t *kd, const struct proc *p, u_long uva, char *buf, 1030 size_t len) 1031 { 1032 struct miniproc mp; 1033 1034 PTOMINI(p, &mp); 1035 return (kvm_ureadm(kd, &mp, uva, buf, len)); 1036 } 1037