1/*-
2 * Copyright (c) 2011, David E. O'Brien.
3 * Copyright (c) 2009-2011, Juniper Networks, Inc.
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY JUNIPER NETWORKS AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL JUNIPER NETWORKS OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 */
27
28#include <sys/cdefs.h>
| 1/*-
2 * Copyright (c) 2011, David E. O'Brien.
3 * Copyright (c) 2009-2011, Juniper Networks, Inc.
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY JUNIPER NETWORKS AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL JUNIPER NETWORKS OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 */
27
28#include <sys/cdefs.h>
|
29__FBSDID("$FreeBSD: head/sys/dev/filemon/filemon.c 253977 2013-08-06 02:14:30Z hrs $");
| 29__FBSDID("$FreeBSD: head/sys/dev/filemon/filemon.c 255219 2013-09-05 00:09:56Z pjd $");
|
30
31#include "opt_compat.h"
32
33#include <sys/param.h>
34#include <sys/file.h>
35#include <sys/systm.h>
36#include <sys/buf.h>
37#include <sys/condvar.h>
38#include <sys/conf.h>
39#include <sys/fcntl.h>
40#include <sys/ioccom.h>
41#include <sys/kernel.h>
42#include <sys/malloc.h>
43#include <sys/module.h>
44#include <sys/mutex.h>
45#include <sys/poll.h>
46#include <sys/proc.h>
47#include <sys/queue.h>
48#include <sys/syscall.h>
49#include <sys/sysent.h>
50#include <sys/sysproto.h>
51#include <sys/uio.h>
52
53#if __FreeBSD_version >= 900041
54#include <sys/capability.h>
55#endif
56
57#include "filemon.h"
58
59#if defined(COMPAT_IA32) || defined(COMPAT_FREEBSD32) || defined(COMPAT_ARCH32)
60#include <compat/freebsd32/freebsd32_syscall.h>
61#include <compat/freebsd32/freebsd32_proto.h>
62
63extern struct sysentvec ia32_freebsd_sysvec;
64#endif
65
66extern struct sysentvec elf32_freebsd_sysvec;
67extern struct sysentvec elf64_freebsd_sysvec;
68
69static d_close_t filemon_close;
70static d_ioctl_t filemon_ioctl;
71static d_open_t filemon_open;
72static int filemon_unload(void);
73static void filemon_load(void *);
74
75static struct cdevsw filemon_cdevsw = {
76 .d_version = D_VERSION,
77 .d_close = filemon_close,
78 .d_ioctl = filemon_ioctl,
79 .d_open = filemon_open,
80 .d_name = "filemon",
81};
82
83MALLOC_DECLARE(M_FILEMON);
84MALLOC_DEFINE(M_FILEMON, "filemon", "File access monitor");
85
86struct filemon {
87 TAILQ_ENTRY(filemon) link; /* Link into the in-use list. */
88 struct mtx mtx; /* Lock mutex for this filemon. */
89 struct cv cv; /* Lock condition variable for this
90 filemon. */
91 struct file *fp; /* Output file pointer. */
92 struct thread *locker; /* Ptr to the thread locking this
93 filemon. */
94 pid_t pid; /* The process ID being monitored. */
95 char fname1[MAXPATHLEN]; /* Temporary filename buffer. */
96 char fname2[MAXPATHLEN]; /* Temporary filename buffer. */
97 char msgbufr[1024]; /* Output message buffer. */
98};
99
100static TAILQ_HEAD(, filemon) filemons_inuse = TAILQ_HEAD_INITIALIZER(filemons_inuse);
101static TAILQ_HEAD(, filemon) filemons_free = TAILQ_HEAD_INITIALIZER(filemons_free);
102static int n_readers = 0;
103static struct mtx access_mtx;
104static struct cv access_cv;
105static struct thread *access_owner = NULL;
106static struct thread *access_requester = NULL;
107
108static struct cdev *filemon_dev;
109
110#include "filemon_lock.c"
111#include "filemon_wrapper.c"
112
113static void
114filemon_dtr(void *data)
115{
116 struct filemon *filemon = data;
117
118 if (filemon != NULL) {
119 struct file *fp = filemon->fp;
120
121 /* Get exclusive write access. */
122 filemon_lock_write();
123
124 /* Remove from the in-use list. */
125 TAILQ_REMOVE(&filemons_inuse, filemon, link);
126
127 filemon->fp = NULL;
128 filemon->pid = -1;
129
130 /* Add to the free list. */
131 TAILQ_INSERT_TAIL(&filemons_free, filemon, link);
132
133 /* Give up write access. */
134 filemon_unlock_write();
135
136 if (fp != NULL)
137 fdrop(fp, curthread);
138 }
139}
140
| 30
31#include "opt_compat.h"
32
33#include <sys/param.h>
34#include <sys/file.h>
35#include <sys/systm.h>
36#include <sys/buf.h>
37#include <sys/condvar.h>
38#include <sys/conf.h>
39#include <sys/fcntl.h>
40#include <sys/ioccom.h>
41#include <sys/kernel.h>
42#include <sys/malloc.h>
43#include <sys/module.h>
44#include <sys/mutex.h>
45#include <sys/poll.h>
46#include <sys/proc.h>
47#include <sys/queue.h>
48#include <sys/syscall.h>
49#include <sys/sysent.h>
50#include <sys/sysproto.h>
51#include <sys/uio.h>
52
53#if __FreeBSD_version >= 900041
54#include <sys/capability.h>
55#endif
56
57#include "filemon.h"
58
59#if defined(COMPAT_IA32) || defined(COMPAT_FREEBSD32) || defined(COMPAT_ARCH32)
60#include <compat/freebsd32/freebsd32_syscall.h>
61#include <compat/freebsd32/freebsd32_proto.h>
62
63extern struct sysentvec ia32_freebsd_sysvec;
64#endif
65
66extern struct sysentvec elf32_freebsd_sysvec;
67extern struct sysentvec elf64_freebsd_sysvec;
68
69static d_close_t filemon_close;
70static d_ioctl_t filemon_ioctl;
71static d_open_t filemon_open;
72static int filemon_unload(void);
73static void filemon_load(void *);
74
75static struct cdevsw filemon_cdevsw = {
76 .d_version = D_VERSION,
77 .d_close = filemon_close,
78 .d_ioctl = filemon_ioctl,
79 .d_open = filemon_open,
80 .d_name = "filemon",
81};
82
83MALLOC_DECLARE(M_FILEMON);
84MALLOC_DEFINE(M_FILEMON, "filemon", "File access monitor");
85
86struct filemon {
87 TAILQ_ENTRY(filemon) link; /* Link into the in-use list. */
88 struct mtx mtx; /* Lock mutex for this filemon. */
89 struct cv cv; /* Lock condition variable for this
90 filemon. */
91 struct file *fp; /* Output file pointer. */
92 struct thread *locker; /* Ptr to the thread locking this
93 filemon. */
94 pid_t pid; /* The process ID being monitored. */
95 char fname1[MAXPATHLEN]; /* Temporary filename buffer. */
96 char fname2[MAXPATHLEN]; /* Temporary filename buffer. */
97 char msgbufr[1024]; /* Output message buffer. */
98};
99
100static TAILQ_HEAD(, filemon) filemons_inuse = TAILQ_HEAD_INITIALIZER(filemons_inuse);
101static TAILQ_HEAD(, filemon) filemons_free = TAILQ_HEAD_INITIALIZER(filemons_free);
102static int n_readers = 0;
103static struct mtx access_mtx;
104static struct cv access_cv;
105static struct thread *access_owner = NULL;
106static struct thread *access_requester = NULL;
107
108static struct cdev *filemon_dev;
109
110#include "filemon_lock.c"
111#include "filemon_wrapper.c"
112
113static void
114filemon_dtr(void *data)
115{
116 struct filemon *filemon = data;
117
118 if (filemon != NULL) {
119 struct file *fp = filemon->fp;
120
121 /* Get exclusive write access. */
122 filemon_lock_write();
123
124 /* Remove from the in-use list. */
125 TAILQ_REMOVE(&filemons_inuse, filemon, link);
126
127 filemon->fp = NULL;
128 filemon->pid = -1;
129
130 /* Add to the free list. */
131 TAILQ_INSERT_TAIL(&filemons_free, filemon, link);
132
133 /* Give up write access. */
134 filemon_unlock_write();
135
136 if (fp != NULL)
137 fdrop(fp, curthread);
138 }
139}
140
|
141#if __FreeBSD_version < 900041
142#define FGET_WRITE(a1, a2, a3) fget_write((a1), (a2), (a3))
143#else
144#define FGET_WRITE(a1, a2, a3) fget_write((a1), (a2), CAP_WRITE | CAP_SEEK, (a3))
145#endif
146
| |
147static int
148filemon_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag __unused,
149 struct thread *td)
150{
151 int error = 0;
152 struct filemon *filemon;
153 struct proc *p;
| 141static int
142filemon_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag __unused,
143 struct thread *td)
144{
145 int error = 0;
146 struct filemon *filemon;
147 struct proc *p;
|
| 148#if __FreeBSD_version >= 900041
149 cap_rights_t rights;
150#endif
|
154
155 devfs_get_cdevpriv((void **) &filemon);
156
157 switch (cmd) {
158 /* Set the output file descriptor. */
159 case FILEMON_SET_FD:
| 151
152 devfs_get_cdevpriv((void **) &filemon);
153
154 switch (cmd) {
155 /* Set the output file descriptor. */
156 case FILEMON_SET_FD:
|
160 if ((error = FGET_WRITE(td, *(int *)data, &filemon->fp)) == 0)
| 157 error = fget_write(td, *(int *)data,
158#if __FreeBSD_version >= 900041
159 cap_rights_init(&rights, CAP_PWRITE),
160#endif
161 &filemon->fp);
162 if (error == 0)
|
161 /* Write the file header. */
162 filemon_comment(filemon);
163 break;
164
165 /* Set the monitored process ID. */
166 case FILEMON_SET_PID:
167 error = pget(*((pid_t *)data), PGET_CANDEBUG | PGET_NOTWEXIT,
168 &p);
169 if (error == 0) {
170 filemon->pid = p->p_pid;
171 PROC_UNLOCK(p);
172 }
173 break;
174
175 default:
176 error = EINVAL;
177 break;
178 }
179
180 return (error);
181}
182
183static int
184filemon_open(struct cdev *dev, int oflags __unused, int devtype __unused,
185 struct thread *td __unused)
186{
187 struct filemon *filemon;
188
189 /* Get exclusive write access. */
190 filemon_lock_write();
191
192 if ((filemon = TAILQ_FIRST(&filemons_free)) != NULL)
193 TAILQ_REMOVE(&filemons_free, filemon, link);
194
195 /* Give up write access. */
196 filemon_unlock_write();
197
198 if (filemon == NULL) {
199 filemon = malloc(sizeof(struct filemon), M_FILEMON,
200 M_WAITOK | M_ZERO);
201
202 filemon->fp = NULL;
203
204 mtx_init(&filemon->mtx, "filemon", "filemon", MTX_DEF);
205 cv_init(&filemon->cv, "filemon");
206 }
207
208 filemon->pid = curproc->p_pid;
209
210 devfs_set_cdevpriv(filemon, filemon_dtr);
211
212 /* Get exclusive write access. */
213 filemon_lock_write();
214
215 /* Add to the in-use list. */
216 TAILQ_INSERT_TAIL(&filemons_inuse, filemon, link);
217
218 /* Give up write access. */
219 filemon_unlock_write();
220
221 return (0);
222}
223
224static int
225filemon_close(struct cdev *dev __unused, int flag __unused, int fmt __unused,
226 struct thread *td __unused)
227{
228
229 return (0);
230}
231
232static void
233filemon_load(void *dummy __unused)
234{
235 mtx_init(&access_mtx, "filemon", "filemon", MTX_DEF);
236 cv_init(&access_cv, "filemon");
237
238 /* Install the syscall wrappers. */
239 filemon_wrapper_install();
240
241 filemon_dev = make_dev(&filemon_cdevsw, 0, UID_ROOT, GID_WHEEL, 0666,
242 "filemon");
243}
244
245static int
246filemon_unload(void)
247{
248 struct filemon *filemon;
249 int error = 0;
250
251 /* Get exclusive write access. */
252 filemon_lock_write();
253
254 if (TAILQ_FIRST(&filemons_inuse) != NULL)
255 error = EBUSY;
256 else {
257 destroy_dev(filemon_dev);
258
259 /* Deinstall the syscall wrappers. */
260 filemon_wrapper_deinstall();
261 }
262
263 /* Give up write access. */
264 filemon_unlock_write();
265
266 if (error == 0) {
267 /* free() filemon structs free list. */
268 filemon_lock_write();
269 while ((filemon = TAILQ_FIRST(&filemons_free)) != NULL) {
270 TAILQ_REMOVE(&filemons_free, filemon, link);
271 mtx_destroy(&filemon->mtx);
272 cv_destroy(&filemon->cv);
273 free(filemon, M_FILEMON);
274 }
275 filemon_unlock_write();
276
277 mtx_destroy(&access_mtx);
278 cv_destroy(&access_cv);
279 }
280
281 return (error);
282}
283
284static int
285filemon_modevent(module_t mod __unused, int type, void *data)
286{
287 int error = 0;
288
289 switch (type) {
290 case MOD_LOAD:
291 filemon_load(data);
292 break;
293
294 case MOD_UNLOAD:
295 error = filemon_unload();
296 break;
297
298 case MOD_SHUTDOWN:
299 break;
300
301 default:
302 error = EOPNOTSUPP;
303 break;
304
305 }
306
307 return (error);
308}
309
310DEV_MODULE(filemon, filemon_modevent, NULL);
311MODULE_VERSION(filemon, 1);
| 163 /* Write the file header. */
164 filemon_comment(filemon);
165 break;
166
167 /* Set the monitored process ID. */
168 case FILEMON_SET_PID:
169 error = pget(*((pid_t *)data), PGET_CANDEBUG | PGET_NOTWEXIT,
170 &p);
171 if (error == 0) {
172 filemon->pid = p->p_pid;
173 PROC_UNLOCK(p);
174 }
175 break;
176
177 default:
178 error = EINVAL;
179 break;
180 }
181
182 return (error);
183}
184
185static int
186filemon_open(struct cdev *dev, int oflags __unused, int devtype __unused,
187 struct thread *td __unused)
188{
189 struct filemon *filemon;
190
191 /* Get exclusive write access. */
192 filemon_lock_write();
193
194 if ((filemon = TAILQ_FIRST(&filemons_free)) != NULL)
195 TAILQ_REMOVE(&filemons_free, filemon, link);
196
197 /* Give up write access. */
198 filemon_unlock_write();
199
200 if (filemon == NULL) {
201 filemon = malloc(sizeof(struct filemon), M_FILEMON,
202 M_WAITOK | M_ZERO);
203
204 filemon->fp = NULL;
205
206 mtx_init(&filemon->mtx, "filemon", "filemon", MTX_DEF);
207 cv_init(&filemon->cv, "filemon");
208 }
209
210 filemon->pid = curproc->p_pid;
211
212 devfs_set_cdevpriv(filemon, filemon_dtr);
213
214 /* Get exclusive write access. */
215 filemon_lock_write();
216
217 /* Add to the in-use list. */
218 TAILQ_INSERT_TAIL(&filemons_inuse, filemon, link);
219
220 /* Give up write access. */
221 filemon_unlock_write();
222
223 return (0);
224}
225
226static int
227filemon_close(struct cdev *dev __unused, int flag __unused, int fmt __unused,
228 struct thread *td __unused)
229{
230
231 return (0);
232}
233
234static void
235filemon_load(void *dummy __unused)
236{
237 mtx_init(&access_mtx, "filemon", "filemon", MTX_DEF);
238 cv_init(&access_cv, "filemon");
239
240 /* Install the syscall wrappers. */
241 filemon_wrapper_install();
242
243 filemon_dev = make_dev(&filemon_cdevsw, 0, UID_ROOT, GID_WHEEL, 0666,
244 "filemon");
245}
246
247static int
248filemon_unload(void)
249{
250 struct filemon *filemon;
251 int error = 0;
252
253 /* Get exclusive write access. */
254 filemon_lock_write();
255
256 if (TAILQ_FIRST(&filemons_inuse) != NULL)
257 error = EBUSY;
258 else {
259 destroy_dev(filemon_dev);
260
261 /* Deinstall the syscall wrappers. */
262 filemon_wrapper_deinstall();
263 }
264
265 /* Give up write access. */
266 filemon_unlock_write();
267
268 if (error == 0) {
269 /* free() filemon structs free list. */
270 filemon_lock_write();
271 while ((filemon = TAILQ_FIRST(&filemons_free)) != NULL) {
272 TAILQ_REMOVE(&filemons_free, filemon, link);
273 mtx_destroy(&filemon->mtx);
274 cv_destroy(&filemon->cv);
275 free(filemon, M_FILEMON);
276 }
277 filemon_unlock_write();
278
279 mtx_destroy(&access_mtx);
280 cv_destroy(&access_cv);
281 }
282
283 return (error);
284}
285
286static int
287filemon_modevent(module_t mod __unused, int type, void *data)
288{
289 int error = 0;
290
291 switch (type) {
292 case MOD_LOAD:
293 filemon_load(data);
294 break;
295
296 case MOD_UNLOAD:
297 error = filemon_unload();
298 break;
299
300 case MOD_SHUTDOWN:
301 break;
302
303 default:
304 error = EOPNOTSUPP;
305 break;
306
307 }
308
309 return (error);
310}
311
312DEV_MODULE(filemon, filemon_modevent, NULL);
313MODULE_VERSION(filemon, 1);
|