kvm_proc.c revision 1.1
1 /*- 2 * Copyright (c) 1989, 1992, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software developed by the Computer Systems 6 * Engineering group at Lawrence Berkeley Laboratory under DARPA contract 7 * BG 91-66 and contributed to Berkeley. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed by the University of 20 * California, Berkeley and its contributors. 21 * 4. Neither the name of the University nor the names of its contributors 22 * may be used to endorse or promote products derived from this software 23 * without specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 */ 37 38 #if defined(LIBC_SCCS) && !defined(lint) 39 static char sccsid[] = "@(#)kvm_proc.c 8.3 (Berkeley) 9/23/93"; 40 #endif /* LIBC_SCCS and not lint */ 41 42 /* 43 * Proc traversal interface for kvm. ps and w are (probably) the exclusive 44 * users of this code, so we've factored it out into a separate module. 45 * Thus, we keep this grunge out of the other kvm applications (i.e., 46 * most other applications are interested only in open/close/read/nlist). 47 */ 48 49 #include <sys/param.h> 50 #include <sys/user.h> 51 #include <sys/proc.h> 52 #include <sys/exec.h> 53 #include <sys/stat.h> 54 #include <sys/ioctl.h> 55 #include <sys/tty.h> 56 #include <unistd.h> 57 #include <nlist.h> 58 #include <kvm.h> 59 60 #include <vm/vm.h> 61 #include <vm/vm_param.h> 62 #include <vm/swap_pager.h> 63 64 #include <sys/sysctl.h> 65 66 #include <limits.h> 67 #include <db.h> 68 #include <paths.h> 69 70 #include "kvm_private.h" 71 72 static char * 73 kvm_readswap(kd, p, va, cnt) 74 kvm_t *kd; 75 const struct proc *p; 76 u_long va; 77 u_long *cnt; 78 { 79 register int ix; 80 register u_long addr, head; 81 register u_long offset, pagestart, sbstart, pgoff; 82 register off_t seekpoint; 83 struct vm_map_entry vme; 84 struct vm_object vmo; 85 struct pager_struct pager; 86 struct swpager swap; 87 struct swblock swb; 88 static char page[NBPG]; 89 90 head = (u_long)&p->p_vmspace->vm_map.header; 91 /* 92 * Look through the address map for the memory object 93 * that corresponds to the given virtual address. 94 * The header just has the entire valid range. 95 */ 96 addr = head; 97 while (1) { 98 if (kvm_read(kd, addr, (char *)&vme, sizeof(vme)) != 99 sizeof(vme)) 100 return (0); 101 102 if (va >= vme.start && va <= vme.end && 103 vme.object.vm_object != 0) 104 break; 105 106 addr = (u_long)vme.next; 107 if (addr == 0 || addr == head) 108 return (0); 109 } 110 /* 111 * We found the right object -- follow shadow links. 112 */ 113 offset = va - vme.start + vme.offset; 114 addr = (u_long)vme.object.vm_object; 115 while (1) { 116 if (kvm_read(kd, addr, (char *)&vmo, sizeof(vmo)) != 117 sizeof(vmo)) 118 return (0); 119 addr = (u_long)vmo.shadow; 120 if (addr == 0) 121 break; 122 offset += vmo.shadow_offset; 123 } 124 if (vmo.pager == 0) 125 return (0); 126 127 offset += vmo.paging_offset; 128 /* 129 * Read in the pager info and make sure it's a swap device. 130 */ 131 addr = (u_long)vmo.pager; 132 if (kvm_read(kd, addr, (char *)&pager, sizeof(pager)) != sizeof(pager) 133 || pager.pg_type != PG_SWAP) 134 return (0); 135 136 /* 137 * Read in the swap_pager private data, and compute the 138 * swap offset. 139 */ 140 addr = (u_long)pager.pg_data; 141 if (kvm_read(kd, addr, (char *)&swap, sizeof(swap)) != sizeof(swap)) 142 return (0); 143 ix = offset / dbtob(swap.sw_bsize); 144 if (swap.sw_blocks == 0 || ix >= swap.sw_nblocks) 145 return (0); 146 147 addr = (u_long)&swap.sw_blocks[ix]; 148 if (kvm_read(kd, addr, (char *)&swb, sizeof(swb)) != sizeof(swb)) 149 return (0); 150 151 sbstart = (offset / dbtob(swap.sw_bsize)) * dbtob(swap.sw_bsize); 152 sbstart /= NBPG; 153 pagestart = offset / NBPG; 154 pgoff = pagestart - sbstart; 155 156 if (swb.swb_block == 0 || (swb.swb_mask & (1 << pgoff)) == 0) 157 return (0); 158 159 seekpoint = dbtob(swb.swb_block) + ctob(pgoff); 160 errno = 0; 161 if (lseek(kd->swfd, seekpoint, 0) == -1 && errno != 0) 162 return (0); 163 if (read(kd->swfd, page, sizeof(page)) != sizeof(page)) 164 return (0); 165 166 offset %= NBPG; 167 *cnt = NBPG - offset; 168 return (&page[offset]); 169 } 170 171 #define KREAD(kd, addr, obj) \ 172 (kvm_read(kd, addr, (char *)(obj), sizeof(*obj)) != sizeof(*obj)) 173 174 /* 175 * Read proc's from memory file into buffer bp, which has space to hold 176 * at most maxcnt procs. 177 */ 178 static int 179 kvm_proclist(kd, what, arg, p, bp, maxcnt) 180 kvm_t *kd; 181 int what, arg; 182 struct proc *p; 183 struct kinfo_proc *bp; 184 int maxcnt; 185 { 186 register int cnt = 0; 187 struct eproc eproc; 188 struct pgrp pgrp; 189 struct session sess; 190 struct tty tty; 191 struct proc proc; 192 193 for (; cnt < maxcnt && p != NULL; p = proc.p_next) { 194 if (KREAD(kd, (u_long)p, &proc)) { 195 _kvm_err(kd, kd->program, "can't read proc at %x", p); 196 return (-1); 197 } 198 if (KREAD(kd, (u_long)proc.p_cred, &eproc.e_pcred) == 0) 199 KREAD(kd, (u_long)eproc.e_pcred.pc_ucred, 200 &eproc.e_ucred); 201 202 switch(what) { 203 204 case KERN_PROC_PID: 205 if (proc.p_pid != (pid_t)arg) 206 continue; 207 break; 208 209 case KERN_PROC_UID: 210 if (eproc.e_ucred.cr_uid != (uid_t)arg) 211 continue; 212 break; 213 214 case KERN_PROC_RUID: 215 if (eproc.e_pcred.p_ruid != (uid_t)arg) 216 continue; 217 break; 218 } 219 /* 220 * We're going to add another proc to the set. If this 221 * will overflow the buffer, assume the reason is because 222 * nprocs (or the proc list) is corrupt and declare an error. 223 */ 224 if (cnt >= maxcnt) { 225 _kvm_err(kd, kd->program, "nprocs corrupt"); 226 return (-1); 227 } 228 /* 229 * gather eproc 230 */ 231 eproc.e_paddr = p; 232 if (KREAD(kd, (u_long)proc.p_pgrp, &pgrp)) { 233 _kvm_err(kd, kd->program, "can't read pgrp at %x", 234 proc.p_pgrp); 235 return (-1); 236 } 237 eproc.e_sess = pgrp.pg_session; 238 eproc.e_pgid = pgrp.pg_id; 239 eproc.e_jobc = pgrp.pg_jobc; 240 if (KREAD(kd, (u_long)pgrp.pg_session, &sess)) { 241 _kvm_err(kd, kd->program, "can't read session at %x", 242 pgrp.pg_session); 243 return (-1); 244 } 245 if ((proc.p_flag & P_CONTROLT) && sess.s_ttyp != NULL) { 246 if (KREAD(kd, (u_long)sess.s_ttyp, &tty)) { 247 _kvm_err(kd, kd->program, 248 "can't read tty at %x", sess.s_ttyp); 249 return (-1); 250 } 251 eproc.e_tdev = tty.t_dev; 252 eproc.e_tsess = tty.t_session; 253 if (tty.t_pgrp != NULL) { 254 if (KREAD(kd, (u_long)tty.t_pgrp, &pgrp)) { 255 _kvm_err(kd, kd->program, 256 "can't read tpgrp at &x", 257 tty.t_pgrp); 258 return (-1); 259 } 260 eproc.e_tpgid = pgrp.pg_id; 261 } else 262 eproc.e_tpgid = -1; 263 } else 264 eproc.e_tdev = NODEV; 265 eproc.e_flag = sess.s_ttyvp ? EPROC_CTTY : 0; 266 if (sess.s_leader == p) 267 eproc.e_flag |= EPROC_SLEADER; 268 if (proc.p_wmesg) 269 (void)kvm_read(kd, (u_long)proc.p_wmesg, 270 eproc.e_wmesg, WMESGLEN); 271 272 #ifdef sparc 273 (void)kvm_read(kd, (u_long)&proc.p_vmspace->vm_rssize, 274 (char *)&eproc.e_vm.vm_rssize, 275 sizeof(eproc.e_vm.vm_rssize)); 276 (void)kvm_read(kd, (u_long)&proc.p_vmspace->vm_tsize, 277 (char *)&eproc.e_vm.vm_tsize, 278 3 * sizeof(eproc.e_vm.vm_rssize)); /* XXX */ 279 #else 280 (void)kvm_read(kd, (u_long)proc.p_vmspace, 281 (char *)&eproc.e_vm, sizeof(eproc.e_vm)); 282 #endif 283 eproc.e_xsize = eproc.e_xrssize = 0; 284 eproc.e_xccount = eproc.e_xswrss = 0; 285 286 switch (what) { 287 288 case KERN_PROC_PGRP: 289 if (eproc.e_pgid != (pid_t)arg) 290 continue; 291 break; 292 293 case KERN_PROC_TTY: 294 if ((proc.p_flag & P_CONTROLT) == 0 || 295 eproc.e_tdev != (dev_t)arg) 296 continue; 297 break; 298 } 299 bcopy(&proc, &bp->kp_proc, sizeof(proc)); 300 bcopy(&eproc, &bp->kp_eproc, sizeof(eproc)); 301 ++bp; 302 ++cnt; 303 } 304 return (cnt); 305 } 306 307 /* 308 * Build proc info array by reading in proc list from a crash dump. 309 * Return number of procs read. maxcnt is the max we will read. 310 */ 311 static int 312 kvm_deadprocs(kd, what, arg, a_allproc, a_zombproc, maxcnt) 313 kvm_t *kd; 314 int what, arg; 315 u_long a_allproc; 316 u_long a_zombproc; 317 int maxcnt; 318 { 319 register struct kinfo_proc *bp = kd->procbase; 320 register int acnt, zcnt; 321 struct proc *p; 322 323 if (KREAD(kd, a_allproc, &p)) { 324 _kvm_err(kd, kd->program, "cannot read allproc"); 325 return (-1); 326 } 327 acnt = kvm_proclist(kd, what, arg, p, bp, maxcnt); 328 if (acnt < 0) 329 return (acnt); 330 331 if (KREAD(kd, a_zombproc, &p)) { 332 _kvm_err(kd, kd->program, "cannot read zombproc"); 333 return (-1); 334 } 335 zcnt = kvm_proclist(kd, what, arg, p, bp + acnt, maxcnt - acnt); 336 if (zcnt < 0) 337 zcnt = 0; 338 339 return (acnt + zcnt); 340 } 341 342 struct kinfo_proc * 343 kvm_getprocs(kd, op, arg, cnt) 344 kvm_t *kd; 345 int op, arg; 346 int *cnt; 347 { 348 int mib[4], size, st, nprocs; 349 350 if (kd->procbase != 0) { 351 free((void *)kd->procbase); 352 /* 353 * Clear this pointer in case this call fails. Otherwise, 354 * kvm_close() will free it again. 355 */ 356 kd->procbase = 0; 357 } 358 if (ISALIVE(kd)) { 359 size = 0; 360 mib[0] = CTL_KERN; 361 mib[1] = KERN_PROC; 362 mib[2] = op; 363 mib[3] = arg; 364 st = sysctl(mib, 4, NULL, &size, NULL, 0); 365 if (st == -1) { 366 _kvm_syserr(kd, kd->program, "kvm_getprocs"); 367 return (0); 368 } 369 kd->procbase = (struct kinfo_proc *)_kvm_malloc(kd, size); 370 if (kd->procbase == 0) 371 return (0); 372 st = sysctl(mib, 4, kd->procbase, &size, NULL, 0); 373 if (st == -1) { 374 _kvm_syserr(kd, kd->program, "kvm_getprocs"); 375 return (0); 376 } 377 if (size % sizeof(struct kinfo_proc) != 0) { 378 _kvm_err(kd, kd->program, 379 "proc size mismatch (%d total, %d chunks)", 380 size, sizeof(struct kinfo_proc)); 381 return (0); 382 } 383 nprocs = size / sizeof(struct kinfo_proc); 384 } else { 385 struct nlist nl[4], *p; 386 387 nl[0].n_name = "_nprocs"; 388 nl[1].n_name = "_allproc"; 389 nl[2].n_name = "_zombproc"; 390 nl[3].n_name = 0; 391 392 if (kvm_nlist(kd, nl) != 0) { 393 for (p = nl; p->n_type != 0; ++p) 394 ; 395 _kvm_err(kd, kd->program, 396 "%s: no such symbol", p->n_name); 397 return (0); 398 } 399 if (KREAD(kd, nl[0].n_value, &nprocs)) { 400 _kvm_err(kd, kd->program, "can't read nprocs"); 401 return (0); 402 } 403 size = nprocs * sizeof(struct kinfo_proc); 404 kd->procbase = (struct kinfo_proc *)_kvm_malloc(kd, size); 405 if (kd->procbase == 0) 406 return (0); 407 408 nprocs = kvm_deadprocs(kd, op, arg, nl[1].n_value, 409 nl[2].n_value, nprocs); 410 #ifdef notdef 411 size = nprocs * sizeof(struct kinfo_proc); 412 (void)realloc(kd->procbase, size); 413 #endif 414 } 415 *cnt = nprocs; 416 return (kd->procbase); 417 } 418 419 void 420 _kvm_freeprocs(kd) 421 kvm_t *kd; 422 { 423 if (kd->procbase) { 424 free(kd->procbase); 425 kd->procbase = 0; 426 } 427 } 428 429 void * 430 _kvm_realloc(kd, p, n) 431 kvm_t *kd; 432 void *p; 433 size_t n; 434 { 435 void *np = (void *)realloc(p, n); 436 437 if (np == 0) 438 _kvm_err(kd, kd->program, "out of memory"); 439 return (np); 440 } 441 442 #ifndef MAX 443 #define MAX(a, b) ((a) > (b) ? (a) : (b)) 444 #endif 445 446 /* 447 * Read in an argument vector from the user address space of process p. 448 * addr if the user-space base address of narg null-terminated contiguous 449 * strings. This is used to read in both the command arguments and 450 * environment strings. Read at most maxcnt characters of strings. 451 */ 452 static char ** 453 kvm_argv(kd, p, addr, narg, maxcnt) 454 kvm_t *kd; 455 struct proc *p; 456 register u_long addr; 457 register int narg; 458 register int maxcnt; 459 { 460 register char *cp; 461 register int len, cc; 462 register char **argv; 463 464 /* 465 * Check that there aren't an unreasonable number of agruments, 466 * and that the address is in user space. 467 */ 468 if (narg > 512 || addr < VM_MIN_ADDRESS || addr >= VM_MAXUSER_ADDRESS) 469 return (0); 470 471 if (kd->argv == 0) { 472 /* 473 * Try to avoid reallocs. 474 */ 475 kd->argc = MAX(narg + 1, 32); 476 kd->argv = (char **)_kvm_malloc(kd, kd->argc * 477 sizeof(*kd->argv)); 478 if (kd->argv == 0) 479 return (0); 480 } else if (narg + 1 > kd->argc) { 481 kd->argc = MAX(2 * kd->argc, narg + 1); 482 kd->argv = (char **)_kvm_realloc(kd, kd->argv, kd->argc * 483 sizeof(*kd->argv)); 484 if (kd->argv == 0) 485 return (0); 486 } 487 if (kd->argspc == 0) { 488 kd->argspc = (char *)_kvm_malloc(kd, NBPG); 489 if (kd->argspc == 0) 490 return (0); 491 kd->arglen = NBPG; 492 } 493 cp = kd->argspc; 494 argv = kd->argv; 495 *argv = cp; 496 len = 0; 497 /* 498 * Loop over pages, filling in the argument vector. 499 */ 500 while (addr < VM_MAXUSER_ADDRESS) { 501 cc = NBPG - (addr & PGOFSET); 502 if (maxcnt > 0 && cc > maxcnt - len) 503 cc = maxcnt - len;; 504 if (len + cc > kd->arglen) { 505 register int off; 506 register char **pp; 507 register char *op = kd->argspc; 508 509 kd->arglen *= 2; 510 kd->argspc = (char *)_kvm_realloc(kd, kd->argspc, 511 kd->arglen); 512 if (kd->argspc == 0) 513 return (0); 514 cp = &kd->argspc[len]; 515 /* 516 * Adjust argv pointers in case realloc moved 517 * the string space. 518 */ 519 off = kd->argspc - op; 520 for (pp = kd->argv; pp < argv; ++pp) 521 *pp += off; 522 } 523 if (kvm_uread(kd, p, addr, cp, cc) != cc) 524 /* XXX */ 525 return (0); 526 len += cc; 527 addr += cc; 528 529 if (maxcnt == 0 && len > 16 * NBPG) 530 /* sanity */ 531 return (0); 532 533 while (--cc >= 0) { 534 if (*cp++ == 0) { 535 if (--narg <= 0) { 536 *++argv = 0; 537 return (kd->argv); 538 } else 539 *++argv = cp; 540 } 541 } 542 if (maxcnt > 0 && len >= maxcnt) { 543 /* 544 * We're stopping prematurely. Terminate the 545 * argv and current string. 546 */ 547 *++argv = 0; 548 *cp = 0; 549 return (kd->argv); 550 } 551 } 552 } 553 554 static void 555 ps_str_a(p, addr, n) 556 struct ps_strings *p; 557 u_long *addr; 558 int *n; 559 { 560 *addr = (u_long)p->ps_argvstr; 561 *n = p->ps_nargvstr; 562 } 563 564 static void 565 ps_str_e(p, addr, n) 566 struct ps_strings *p; 567 u_long *addr; 568 int *n; 569 { 570 *addr = (u_long)p->ps_envstr; 571 *n = p->ps_nenvstr; 572 } 573 574 /* 575 * Determine if the proc indicated by p is still active. 576 * This test is not 100% foolproof in theory, but chances of 577 * being wrong are very low. 578 */ 579 static int 580 proc_verify(kd, kernp, p) 581 kvm_t *kd; 582 u_long kernp; 583 const struct proc *p; 584 { 585 struct proc kernproc; 586 587 /* 588 * Just read in the whole proc. It's not that big relative 589 * to the cost of the read system call. 590 */ 591 if (kvm_read(kd, kernp, (char *)&kernproc, sizeof(kernproc)) != 592 sizeof(kernproc)) 593 return (0); 594 return (p->p_pid == kernproc.p_pid && 595 (kernproc.p_stat != SZOMB || p->p_stat == SZOMB)); 596 } 597 598 static char ** 599 kvm_doargv(kd, kp, nchr, info) 600 kvm_t *kd; 601 const struct kinfo_proc *kp; 602 int nchr; 603 int (*info)(struct ps_strings*, u_long *, int *); 604 { 605 register const struct proc *p = &kp->kp_proc; 606 register char **ap; 607 u_long addr; 608 int cnt; 609 struct ps_strings arginfo; 610 611 /* 612 * Pointers are stored at the top of the user stack. 613 */ 614 if (p->p_stat == SZOMB || 615 kvm_uread(kd, p, USRSTACK - sizeof(arginfo), (char *)&arginfo, 616 sizeof(arginfo)) != sizeof(arginfo)) 617 return (0); 618 619 (*info)(&arginfo, &addr, &cnt); 620 ap = kvm_argv(kd, p, addr, cnt, nchr); 621 /* 622 * For live kernels, make sure this process didn't go away. 623 */ 624 if (ap != 0 && ISALIVE(kd) && 625 !proc_verify(kd, (u_long)kp->kp_eproc.e_paddr, p)) 626 ap = 0; 627 return (ap); 628 } 629 630 /* 631 * Get the command args. This code is now machine independent. 632 */ 633 char ** 634 kvm_getargv(kd, kp, nchr) 635 kvm_t *kd; 636 const struct kinfo_proc *kp; 637 int nchr; 638 { 639 return (kvm_doargv(kd, kp, nchr, ps_str_a)); 640 } 641 642 char ** 643 kvm_getenvv(kd, kp, nchr) 644 kvm_t *kd; 645 const struct kinfo_proc *kp; 646 int nchr; 647 { 648 return (kvm_doargv(kd, kp, nchr, ps_str_e)); 649 } 650 651 /* 652 * Read from user space. The user context is given by p. 653 */ 654 ssize_t 655 kvm_uread(kd, p, uva, buf, len) 656 kvm_t *kd; 657 register struct proc *p; 658 register u_long uva; 659 register char *buf; 660 register size_t len; 661 { 662 register char *cp; 663 664 cp = buf; 665 while (len > 0) { 666 u_long pa; 667 register int cc; 668 669 cc = _kvm_uvatop(kd, p, uva, &pa); 670 if (cc > 0) { 671 if (cc > len) 672 cc = len; 673 errno = 0; 674 if (lseek(kd->pmfd, (off_t)pa, 0) == -1 && errno != 0) { 675 _kvm_err(kd, 0, "invalid address (%x)", uva); 676 break; 677 } 678 cc = read(kd->pmfd, cp, cc); 679 if (cc < 0) { 680 _kvm_syserr(kd, 0, _PATH_MEM); 681 break; 682 } else if (cc < len) { 683 _kvm_err(kd, kd->program, "short read"); 684 break; 685 } 686 } else if (ISALIVE(kd)) { 687 /* try swap */ 688 register char *dp; 689 int cnt; 690 691 dp = kvm_readswap(kd, p, uva, &cnt); 692 if (dp == 0) { 693 _kvm_err(kd, 0, "invalid address (%x)", uva); 694 return (0); 695 } 696 cc = MIN(cnt, len); 697 bcopy(dp, cp, cc); 698 } else 699 break; 700 cp += cc; 701 uva += cc; 702 len -= cc; 703 } 704 return (ssize_t)(cp - buf); 705 } 706
Indexes created Tue Sep 23 01:09:51 GMT 2025