2 * Copyright (c) 1989, 1992, 1993
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from software developed by the Computer Systems
6 * Engineering group at Lawrence Berkeley Laboratory under DARPA contract
7 * BG 91-66 and contributed to Berkeley.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 * 3. All advertising materials mentioning features or use of this software
18 * must display the following acknowledgement:
19 * This product includes software developed by the University of
20 * California, Berkeley and its contributors.
21 * 4. Neither the name of the University nor the names of its contributors
22 * may be used to endorse or promote products derived from this software
23 * without specific prior written permission.
25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 * $FreeBSD: src/lib/libkvm/kvm_proc.c,v 1.25.2.3 2002/08/24 07:27:46 kris Exp $
38 * $DragonFly: src/lib/libkvm/kvm_proc.c,v 1.7 2004/10/25 19:38:45 drhodus Exp $
40 * @(#)kvm_proc.c 8.3 (Berkeley) 9/23/93
44 * Proc traversal interface for kvm. ps and w are (probably) the exclusive
45 * users of this code, so we've factored it out into a separate module.
46 * Thus, we keep this grunge out of the other kvm applications (i.e.,
47 * most other applications are interested only in open/close/read/nlist).
50 #include <sys/param.h>
55 #include <sys/ioctl.h>
65 #include <vm/vm_param.h>
66 #include <vm/swap_pager.h>
68 #include <sys/sysctl.h>
74 #include "kvm_private.h"
78 kvm_readswap(kvm_t *kd, const struct proc *p, u_long va, u_long *cnt)
80 #if defined(__FreeBSD__) || defined(__DragonFly__)
81 /* XXX Stubbed out, our vm system is differnet */
82 _kvm_err(kd, kd->program, "kvm_readswap not implemented");
88 #define KREAD(kd, addr, obj) \
89 (kvm_read(kd, addr, (char *)(obj), sizeof(*obj)) != sizeof(*obj))
92 * Read proc's from memory file into buffer bp, which has space to hold
93 * at most maxcnt procs.
96 kvm_proclist(kvm_t *kd, int what, int arg, struct proc *p,
97 struct kinfo_proc *bp, int maxcnt)
105 struct thread thread;
108 for (; cnt < maxcnt && p != NULL; p = proc.p_list.le_next) {
109 if (KREAD(kd, (u_long)p, &proc)) {
110 _kvm_err(kd, kd->program, "can't read proc at %x", p);
113 if (KREAD(kd, (u_long)proc.p_thread, &thread)) {
114 _kvm_err(kd, kd->program, "can't read thread at %x",
118 KREAD(kd, (u_long)proc.p_ucred, &eproc.e_ucred);
123 if (proc.p_pid != (pid_t)arg)
128 if (eproc.e_ucred.cr_uid != (uid_t)arg)
133 if (eproc.e_ucred.cr_ruid != (uid_t)arg)
138 * We're going to add another proc to the set. If this
139 * will overflow the buffer, assume the reason is because
140 * nprocs (or the proc list) is corrupt and declare an error.
143 _kvm_err(kd, kd->program, "nprocs corrupt");
150 if (KREAD(kd, (u_long)proc.p_pgrp, &pgrp)) {
151 _kvm_err(kd, kd->program, "can't read pgrp at %x",
156 eproc.e_ppid = proc.p_oppid;
157 else if (proc.p_pptr) {
158 if (KREAD(kd, (u_long)proc.p_pptr, &pproc)) {
159 _kvm_err(kd, kd->program, "can't read pproc at %x",
163 eproc.e_ppid = pproc.p_pid;
166 eproc.e_sess = pgrp.pg_session;
167 eproc.e_pgid = pgrp.pg_id;
168 eproc.e_jobc = pgrp.pg_jobc;
169 if (KREAD(kd, (u_long)pgrp.pg_session, &sess)) {
170 _kvm_err(kd, kd->program, "can't read session at %x",
174 (void)memcpy(eproc.e_login, sess.s_login,
175 sizeof(eproc.e_login));
176 if ((proc.p_flag & P_CONTROLT) && sess.s_ttyp != NULL) {
177 if (KREAD(kd, (u_long)sess.s_ttyp, &tty)) {
178 _kvm_err(kd, kd->program,
179 "can't read tty at %x", sess.s_ttyp);
182 eproc.e_tdev = tty.t_dev;
183 eproc.e_tsess = tty.t_session;
184 if (tty.t_pgrp != NULL) {
185 if (KREAD(kd, (u_long)tty.t_pgrp, &pgrp)) {
186 _kvm_err(kd, kd->program,
187 "can't read tpgrp at %x",
191 eproc.e_tpgid = pgrp.pg_id;
195 eproc.e_tdev = NODEV;
196 eproc.e_flag = sess.s_ttyvp ? EPROC_CTTY : 0;
197 if (sess.s_leader == p)
198 eproc.e_flag |= EPROC_SLEADER;
200 (void)kvm_read(kd, (u_long)thread.td_wmesg,
201 eproc.e_wmesg, WMESGLEN);
204 (void)kvm_read(kd, (u_long)&proc.p_vmspace->vm_rssize,
205 (char *)&eproc.e_vm.vm_rssize,
206 sizeof(eproc.e_vm.vm_rssize));
207 (void)kvm_read(kd, (u_long)&proc.p_vmspace->vm_tsize,
208 (char *)&eproc.e_vm.vm_tsize,
209 3 * sizeof(eproc.e_vm.vm_rssize)); /* XXX */
211 (void)kvm_read(kd, (u_long)proc.p_vmspace,
212 (char *)&eproc.e_vm, sizeof(eproc.e_vm));
214 eproc.e_xsize = eproc.e_xrssize = 0;
215 eproc.e_xccount = eproc.e_xswrss = 0;
220 if (eproc.e_pgid != (pid_t)arg)
225 if ((proc.p_flag & P_CONTROLT) == 0 ||
226 eproc.e_tdev != (dev_t)arg)
230 bcopy(&proc, &bp->kp_proc, sizeof(proc));
231 bcopy(&eproc, &bp->kp_eproc, sizeof(eproc));
239 * Build proc info array by reading in proc list from a crash dump.
240 * Return number of procs read. maxcnt is the max we will read.
243 kvm_deadprocs(kvm_t *kd, int what, int arg, u_long a_allproc,
244 u_long a_zombproc, int maxcnt)
246 struct kinfo_proc *bp = kd->procbase;
250 if (KREAD(kd, a_allproc, &p)) {
251 _kvm_err(kd, kd->program, "cannot read allproc");
254 acnt = kvm_proclist(kd, what, arg, p, bp, maxcnt);
258 if (KREAD(kd, a_zombproc, &p)) {
259 _kvm_err(kd, kd->program, "cannot read zombproc");
262 zcnt = kvm_proclist(kd, what, arg, p, bp + acnt, maxcnt - acnt);
266 return (acnt + zcnt);
270 kvm_getprocs(kvm_t *kd, int op, int arg, int *cnt)
272 int mib[4], st, nprocs;
275 if (kd->procbase != 0) {
276 free((void *)kd->procbase);
278 * Clear this pointer in case this call fails. Otherwise,
279 * kvm_close() will free it again.
289 st = sysctl(mib, op == KERN_PROC_ALL ? 3 : 4, NULL, &size, NULL, 0);
291 _kvm_syserr(kd, kd->program, "kvm_getprocs");
296 kd->procbase = (struct kinfo_proc *)
297 _kvm_realloc(kd, kd->procbase, size);
298 if (kd->procbase == 0)
300 st = sysctl(mib, op == KERN_PROC_ALL ? 3 : 4,
301 kd->procbase, &size, NULL, 0);
302 } while (st == -1 && errno == ENOMEM);
304 _kvm_syserr(kd, kd->program, "kvm_getprocs");
307 if (size % sizeof(struct kinfo_proc) != 0) {
308 _kvm_err(kd, kd->program,
309 "proc size mismatch (%d total, %d chunks)",
310 size, sizeof(struct kinfo_proc));
313 nprocs = size / sizeof(struct kinfo_proc);
315 struct nlist nl[4], *p;
317 nl[0].n_name = "_nprocs";
318 nl[1].n_name = "_allproc";
319 nl[2].n_name = "_zombproc";
322 if (kvm_nlist(kd, nl) != 0) {
323 for (p = nl; p->n_type != 0; ++p)
325 _kvm_err(kd, kd->program,
326 "%s: no such symbol", p->n_name);
329 if (KREAD(kd, nl[0].n_value, &nprocs)) {
330 _kvm_err(kd, kd->program, "can't read nprocs");
333 size = nprocs * sizeof(struct kinfo_proc);
334 kd->procbase = (struct kinfo_proc *)_kvm_malloc(kd, size);
335 if (kd->procbase == 0)
338 nprocs = kvm_deadprocs(kd, op, arg, nl[1].n_value,
339 nl[2].n_value, nprocs);
341 size = nprocs * sizeof(struct kinfo_proc);
342 (void)realloc(kd->procbase, size);
346 return (kd->procbase);
350 _kvm_freeprocs(kvm_t *kd)
359 _kvm_realloc(kvm_t *kd, void *p, size_t n)
361 void *np = (void *)realloc(p, n);
365 _kvm_err(kd, kd->program, "out of memory");
371 #define MAX(a, b) ((a) > (b) ? (a) : (b))
375 * Read in an argument vector from the user address space of process p.
376 * addr if the user-space base address of narg null-terminated contiguous
377 * strings. This is used to read in both the command arguments and
378 * environment strings. Read at most maxcnt characters of strings.
381 kvm_argv(kvm_t *kd, const struct proc *p, u_long addr, int narg, int maxcnt)
383 char *np, *cp, *ep, *ap;
389 * Check that there aren't an unreasonable number of agruments,
390 * and that the address is in user space.
392 if (narg > 512 || addr < VM_MIN_ADDRESS || addr >= VM_MAXUSER_ADDRESS)
396 * kd->argv : work space for fetching the strings from the target
397 * process's space, and is converted for returning to caller
401 * Try to avoid reallocs.
403 kd->argc = MAX(narg + 1, 32);
404 kd->argv = (char **)_kvm_malloc(kd, kd->argc *
408 } else if (narg + 1 > kd->argc) {
409 kd->argc = MAX(2 * kd->argc, narg + 1);
410 kd->argv = (char **)_kvm_realloc(kd, kd->argv, kd->argc *
416 * kd->argspc : returned to user, this is where the kd->argv
417 * arrays are left pointing to the collected strings.
419 if (kd->argspc == 0) {
420 kd->argspc = (char *)_kvm_malloc(kd, PAGE_SIZE);
423 kd->arglen = PAGE_SIZE;
426 * kd->argbuf : used to pull in pages from the target process.
427 * the strings are copied out of here.
429 if (kd->argbuf == 0) {
430 kd->argbuf = (char *)_kvm_malloc(kd, PAGE_SIZE);
435 /* Pull in the target process'es argv vector */
436 cc = sizeof(char *) * narg;
437 if (kvm_uread(kd, p, addr, (char *)kd->argv, cc) != cc)
440 * ap : saved start address of string we're working on in kd->argspc
441 * np : pointer to next place to write in kd->argspc
442 * len: length of data in kd->argspc
443 * argv: pointer to the argv vector that we are hunting around the
444 * target process space for, and converting to addresses in
445 * our address space (kd->argspc).
447 ap = np = kd->argspc;
451 * Loop over pages, filling in the argument vector.
452 * Note that the argv strings could be pointing *anywhere* in
453 * the user address space and are no longer contiguous.
454 * Note that *argv is modified when we are going to fetch a string
455 * that crosses a page boundary. We copy the next part of the string
456 * into to "np" and eventually convert the pointer.
458 while (argv < kd->argv + narg && *argv != 0) {
460 /* get the address that the current argv string is on */
461 addr = (u_long)*argv & ~(PAGE_SIZE - 1);
463 /* is it the same page as the last one? */
465 if (kvm_uread(kd, p, addr, kd->argbuf, PAGE_SIZE) !=
471 /* offset within the page... kd->argbuf */
472 addr = (u_long)*argv & (PAGE_SIZE - 1);
474 /* cp = start of string, cc = count of chars in this chunk */
475 cp = kd->argbuf + addr;
476 cc = PAGE_SIZE - addr;
478 /* dont get more than asked for by user process */
479 if (maxcnt > 0 && cc > maxcnt - len)
482 /* pointer to end of string if we found it in this page */
483 ep = memchr(cp, '\0', cc);
487 * at this point, cc is the count of the chars that we are
488 * going to retrieve this time. we may or may not have found
489 * the end of it. (ep points to the null if the end is known)
492 /* will we exceed the malloc/realloced buffer? */
493 if (len + cc > kd->arglen) {
496 char *op = kd->argspc;
499 kd->argspc = (char *)_kvm_realloc(kd, kd->argspc,
504 * Adjust argv pointers in case realloc moved
507 off = kd->argspc - op;
508 for (pp = kd->argv; pp < argv; pp++)
513 /* np = where to put the next part of the string in kd->argspc*/
514 /* np is kinda redundant.. could use "kd->argspc + len" */
516 np += cc; /* inc counters */
520 * if end of string found, set the *argv pointer to the
521 * saved beginning of string, and advance. argv points to
522 * somewhere in kd->argv.. This is initially relative
523 * to the target process, but when we close it off, we set
524 * it to point in our address space.
530 /* update the address relative to the target process */
534 if (maxcnt > 0 && len >= maxcnt) {
536 * We're stopping prematurely. Terminate the
546 /* Make sure argv is terminated. */
552 ps_str_a(struct ps_strings *p, u_long *addr, int *n)
554 *addr = (u_long)p->ps_argvstr;
559 ps_str_e(struct ps_strings *p, u_long *addr, int *n)
561 *addr = (u_long)p->ps_envstr;
566 * Determine if the proc indicated by p is still active.
567 * This test is not 100% foolproof in theory, but chances of
568 * being wrong are very low.
571 proc_verify(kvm_t *kd, u_long kernp, const struct proc *p)
573 struct kinfo_proc kp;
579 mib[2] = KERN_PROC_PID;
582 if (sysctl(mib, 4, &kp, &len, NULL, 0) == -1)
584 return (p->p_pid == kp.kp_proc.p_pid &&
585 (kp.kp_proc.p_stat != SZOMB || p->p_stat == SZOMB));
589 kvm_doargv(kvm_t *kd, const struct kinfo_proc *kp, int nchr,
590 void (*info)(struct ps_strings *, u_long *, int *))
592 const struct proc *p = &kp->kp_proc;
596 static struct ps_strings arginfo;
597 static u_long ps_strings;
600 if (ps_strings == NULL) {
601 len = sizeof(ps_strings);
602 if (sysctlbyname("kern.ps_strings", &ps_strings, &len, NULL,
604 ps_strings = PS_STRINGS;
608 * Pointers are stored at the top of the user stack.
610 if (p->p_stat == SZOMB ||
611 kvm_uread(kd, p, ps_strings, (char *)&arginfo,
612 sizeof(arginfo)) != sizeof(arginfo))
615 (*info)(&arginfo, &addr, &cnt);
618 ap = kvm_argv(kd, p, addr, cnt, nchr);
620 * For live kernels, make sure this process didn't go away.
622 if (ap != 0 && ISALIVE(kd) &&
623 !proc_verify(kd, (u_long)kp->kp_eproc.e_paddr, p))
629 * Get the command args. This code is now machine independent.
632 kvm_getargv(kvm_t *kd, const struct kinfo_proc *kp, int nchr)
637 static unsigned long buflen;
638 static char *buf, *p;
643 _kvm_err(kd, kd->program,
644 "cannot read user space from dead kernel");
649 bufsz = sizeof(buflen);
650 i = sysctlbyname("kern.ps_arg_cache_limit",
651 &buflen, &bufsz, NULL, 0);
655 buf = malloc(buflen);
659 bufp = malloc(sizeof(char *) * argc);
665 oid[2] = KERN_PROC_ARGS;
666 oid[3] = kp->kp_proc.p_pid;
668 i = sysctl(oid, 4, buf, &bufsz, 0, 0);
669 if (i == 0 && bufsz > 0) {
678 sizeof(char *) * argc);
680 } while (p < buf + bufsz);
685 if (kp->kp_proc.p_flag & P_SYSTEM)
687 return (kvm_doargv(kd, kp, nchr, ps_str_a));
691 kvm_getenvv(kvm_t *kd, const struct kinfo_proc *kp, int nchr)
693 return (kvm_doargv(kd, kp, nchr, ps_str_e));
697 * Read from user space. The user context is given by p.
700 kvm_uread(kvm_t *kd, const struct proc *p, u_long uva, char *buf, size_t len)
703 char procfile[MAXPATHLEN];
708 _kvm_err(kd, kd->program,
709 "cannot read user space from dead kernel");
713 sprintf(procfile, "/proc/%d/mem", p->p_pid);
714 fd = open(procfile, O_RDONLY, 0);
716 _kvm_err(kd, kd->program, "cannot open %s", procfile);
724 if (lseek(fd, (off_t)uva, 0) == -1 && errno != 0) {
725 _kvm_err(kd, kd->program, "invalid address (%x) in %s",
729 amount = read(fd, cp, len);
731 _kvm_syserr(kd, kd->program, "error reading %s",
736 _kvm_err(kd, kd->program, "EOF reading %s", procfile);
745 return ((ssize_t)(cp - buf));
projects / dragonfly.git / blob