kvm_proc.c revision 130728
1/*- 2 * Copyright (c) 1989, 1992, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software developed by the Computer Systems 6 * Engineering group at Lawrence Berkeley Laboratory under DARPA contract 7 * BG 91-66 and contributed to Berkeley. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed by the University of 20 * California, Berkeley and its contributors. 21 * 4. Neither the name of the University nor the names of its contributors 22 * may be used to endorse or promote products derived from this software 23 * without specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 */ 37 38#if 0 39#if defined(LIBC_SCCS) && !defined(lint) 40static char sccsid[] = "@(#)kvm_proc.c 8.3 (Berkeley) 9/23/93"; 41#endif /* LIBC_SCCS and not lint */ 42#endif 43 44#include <sys/cdefs.h> 45__FBSDID("$FreeBSD: head/lib/libkvm/kvm_proc.c 130728 2004-06-19 14:08:10Z gad $"); 46 47/* 48 * Proc traversal interface for kvm. ps and w are (probably) the exclusive 49 * users of this code, so we've factored it out into a separate module. 50 * Thus, we keep this grunge out of the other kvm applications (i.e., 51 * most other applications are interested only in open/close/read/nlist). 52 */ 53 54#include <sys/param.h> 55#define _WANT_UCRED /* make ucred.h give us 'struct ucred' */ 56#include <sys/ucred.h> 57#include <sys/user.h> 58#include <sys/proc.h> 59#include <sys/exec.h> 60#include <sys/stat.h> 61#include <sys/sysent.h> 62#include <sys/ioctl.h> 63#include <sys/tty.h> 64#include <sys/file.h> 65#include <stdio.h> 66#include <stdlib.h> 67#include <unistd.h> 68#include <nlist.h> 69#include <kvm.h> 70 71#include <vm/vm.h> 72#include <vm/vm_param.h> 73 74#include <sys/sysctl.h> 75 76#include <limits.h> 77#include <memory.h> 78#include <paths.h> 79 80#include "kvm_private.h" 81 82#define KREAD(kd, addr, obj) \ 83 (kvm_read(kd, addr, (char *)(obj), sizeof(*obj)) != sizeof(*obj)) 84 85/* 86 * Read proc's from memory file into buffer bp, which has space to hold 87 * at most maxcnt procs. 88 */ 89static int 90kvm_proclist(kd, what, arg, p, bp, maxcnt) 91 kvm_t *kd; 92 int what, arg; 93 struct proc *p; 94 struct kinfo_proc *bp; 95 int maxcnt; 96{ 97 int cnt = 0; 98 struct kinfo_proc kinfo_proc, *kp; 99 struct pgrp pgrp; 100 struct session sess; 101 struct tty tty; 102 struct vmspace vmspace; 103 struct sigacts sigacts; 104 struct pstats pstats; 105 struct ucred ucred; 106 struct thread mtd; 107 struct kse mke; 108 struct ksegrp mkg; 109 struct proc proc; 110 struct proc pproc; 111 struct timeval tv; 112 struct sysentvec sysent; 113 char svname[KI_EMULNAMELEN]; 114 115 kp = &kinfo_proc; 116 kp->ki_structsize = sizeof(kinfo_proc); 117 for (; cnt < maxcnt && p != NULL; p = LIST_NEXT(&proc, p_list)) { 118 memset(kp, 0, sizeof *kp); 119 if (KREAD(kd, (u_long)p, &proc)) { 120 _kvm_err(kd, kd->program, "can't read proc at %x", p); 121 return (-1); 122 } 123 if (proc.p_state != PRS_ZOMBIE) { 124 if (KREAD(kd, (u_long)TAILQ_FIRST(&proc.p_threads), 125 &mtd)) { 126 _kvm_err(kd, kd->program, 127 "can't read thread at %x", 128 TAILQ_FIRST(&proc.p_threads)); 129 return (-1); 130 } 131 if (proc.p_flag & P_SA == 0) { 132 if (KREAD(kd, 133 (u_long)TAILQ_FIRST(&proc.p_ksegrps), 134 &mkg)) { 135 _kvm_err(kd, kd->program, 136 "can't read ksegrp at %x", 137 TAILQ_FIRST(&proc.p_ksegrps)); 138 return (-1); 139 } 140 if (KREAD(kd, 141 (u_long)TAILQ_FIRST(&mkg.kg_kseq), &mke)) { 142 _kvm_err(kd, kd->program, 143 "can't read kse at %x", 144 TAILQ_FIRST(&mkg.kg_kseq)); 145 return (-1); 146 } 147 } 148 } 149 if (KREAD(kd, (u_long)proc.p_ucred, &ucred) == 0) { 150 kp->ki_ruid = ucred.cr_ruid; 151 kp->ki_svuid = ucred.cr_svuid; 152 kp->ki_rgid = ucred.cr_rgid; 153 kp->ki_svgid = ucred.cr_svgid; 154 kp->ki_ngroups = ucred.cr_ngroups; 155 bcopy(ucred.cr_groups, kp->ki_groups, 156 NGROUPS * sizeof(gid_t)); 157 kp->ki_uid = ucred.cr_uid; 158 } 159 160 switch(what & ~KERN_PROC_INC_THREAD) { 161 162 case KERN_PROC_GID: 163 if (kp->ki_groups[0] != (gid_t)arg) 164 continue; 165 break; 166 167 case KERN_PROC_PID: 168 if (proc.p_pid != (pid_t)arg) 169 continue; 170 break; 171 172 case KERN_PROC_RGID: 173 if (kp->ki_rgid != (gid_t)arg) 174 continue; 175 break; 176 177 case KERN_PROC_UID: 178 if (kp->ki_uid != (uid_t)arg) 179 continue; 180 break; 181 182 case KERN_PROC_RUID: 183 if (kp->ki_ruid != (uid_t)arg) 184 continue; 185 break; 186 } 187 /* 188 * We're going to add another proc to the set. If this 189 * will overflow the buffer, assume the reason is because 190 * nprocs (or the proc list) is corrupt and declare an error. 191 */ 192 if (cnt >= maxcnt) { 193 _kvm_err(kd, kd->program, "nprocs corrupt"); 194 return (-1); 195 } 196 /* 197 * gather kinfo_proc 198 */ 199 kp->ki_paddr = p; 200 kp->ki_addr = proc.p_uarea; 201 /* kp->ki_kstack = proc.p_thread.td_kstack; XXXKSE */ 202 kp->ki_args = proc.p_args; 203 kp->ki_tracep = proc.p_tracevp; 204 kp->ki_textvp = proc.p_textvp; 205 kp->ki_fd = proc.p_fd; 206 kp->ki_vmspace = proc.p_vmspace; 207 if (proc.p_sigacts != NULL) { 208 if (KREAD(kd, (u_long)proc.p_sigacts, &sigacts)) { 209 _kvm_err(kd, kd->program, 210 "can't read sigacts at %x", proc.p_sigacts); 211 return (-1); 212 } 213 kp->ki_sigignore = sigacts.ps_sigignore; 214 kp->ki_sigcatch = sigacts.ps_sigcatch; 215 } 216 if ((proc.p_sflag & PS_INMEM) && proc.p_stats != NULL) { 217 if (KREAD(kd, (u_long)proc.p_stats, &pstats)) { 218 _kvm_err(kd, kd->program, 219 "can't read stats at %x", proc.p_stats); 220 return (-1); 221 } 222 kp->ki_start = pstats.p_start; 223 kp->ki_rusage = pstats.p_ru; 224 kp->ki_childstime = pstats.p_cru.ru_stime; 225 kp->ki_childutime = pstats.p_cru.ru_utime; 226 /* Some callers want child-times in a single value */ 227 timeradd(&kp->ki_childstime, &kp->ki_childutime, 228 &kp->ki_childtime); 229 } 230 if (proc.p_oppid) 231 kp->ki_ppid = proc.p_oppid; 232 else if (proc.p_pptr) { 233 if (KREAD(kd, (u_long)proc.p_pptr, &pproc)) { 234 _kvm_err(kd, kd->program, 235 "can't read pproc at %x", proc.p_pptr); 236 return (-1); 237 } 238 kp->ki_ppid = pproc.p_pid; 239 } else 240 kp->ki_ppid = 0; 241 if (proc.p_pgrp == NULL) 242 goto nopgrp; 243 if (KREAD(kd, (u_long)proc.p_pgrp, &pgrp)) { 244 _kvm_err(kd, kd->program, "can't read pgrp at %x", 245 proc.p_pgrp); 246 return (-1); 247 } 248 kp->ki_pgid = pgrp.pg_id; 249 kp->ki_jobc = pgrp.pg_jobc; 250 if (KREAD(kd, (u_long)pgrp.pg_session, &sess)) { 251 _kvm_err(kd, kd->program, "can't read session at %x", 252 pgrp.pg_session); 253 return (-1); 254 } 255 kp->ki_sid = sess.s_sid; 256 (void)memcpy(kp->ki_login, sess.s_login, 257 sizeof(kp->ki_login)); 258 kp->ki_kiflag = sess.s_ttyvp ? KI_CTTY : 0; 259 if (sess.s_leader == p) 260 kp->ki_kiflag |= KI_SLEADER; 261 if ((proc.p_flag & P_CONTROLT) && sess.s_ttyp != NULL) { 262 if (KREAD(kd, (u_long)sess.s_ttyp, &tty)) { 263 _kvm_err(kd, kd->program, 264 "can't read tty at %x", sess.s_ttyp); 265 return (-1); 266 } 267 kp->ki_tdev = tty.t_dev; /* XXX: wrong */ 268 if (tty.t_pgrp != NULL) { 269 if (KREAD(kd, (u_long)tty.t_pgrp, &pgrp)) { 270 _kvm_err(kd, kd->program, 271 "can't read tpgrp at %x", 272 tty.t_pgrp); 273 return (-1); 274 } 275 kp->ki_tpgid = pgrp.pg_id; 276 } else 277 kp->ki_tpgid = -1; 278 if (tty.t_session != NULL) { 279 if (KREAD(kd, (u_long)tty.t_session, &sess)) { 280 _kvm_err(kd, kd->program, 281 "can't read session at %x", 282 tty.t_session); 283 return (-1); 284 } 285 kp->ki_tsid = sess.s_sid; 286 } 287 } else { 288nopgrp: 289 kp->ki_tdev = NODEV; 290 } 291 if ((proc.p_state != PRS_ZOMBIE) && mtd.td_wmesg) 292 (void)kvm_read(kd, (u_long)mtd.td_wmesg, 293 kp->ki_wmesg, WMESGLEN); 294 295#ifdef sparc 296 (void)kvm_read(kd, (u_long)&proc.p_vmspace->vm_rssize, 297 (char *)&kp->ki_rssize, 298 sizeof(kp->ki_rssize)); 299 (void)kvm_read(kd, (u_long)&proc.p_vmspace->vm_tsize, 300 (char *)&kp->ki_tsize, 301 3 * sizeof(kp->ki_rssize)); /* XXX */ 302#else 303 (void)kvm_read(kd, (u_long)proc.p_vmspace, 304 (char *)&vmspace, sizeof(vmspace)); 305 kp->ki_size = vmspace.vm_map.size; 306 kp->ki_rssize = vmspace.vm_swrss; /* XXX */ 307 kp->ki_swrss = vmspace.vm_swrss; 308 kp->ki_tsize = vmspace.vm_tsize; 309 kp->ki_dsize = vmspace.vm_dsize; 310 kp->ki_ssize = vmspace.vm_ssize; 311#endif 312 313 switch (what & ~KERN_PROC_INC_THREAD) { 314 315 case KERN_PROC_PGRP: 316 if (kp->ki_pgid != (pid_t)arg) 317 continue; 318 break; 319 320 case KERN_PROC_SESSION: 321 if (kp->ki_sid != (pid_t)arg) 322 continue; 323 break; 324 325 case KERN_PROC_TTY: 326 if ((proc.p_flag & P_CONTROLT) == 0 || 327 kp->ki_tdev != (dev_t)arg) 328 continue; 329 break; 330 } 331 if (proc.p_comm[0] != 0) { 332 strncpy(kp->ki_comm, proc.p_comm, MAXCOMLEN); 333 kp->ki_comm[MAXCOMLEN] = 0; 334 } 335 (void)kvm_read(kd, (u_long)proc.p_sysent, (char *)&sysent, 336 sizeof(sysent)); 337 (void)kvm_read(kd, (u_long)sysent.sv_name, (char *)&svname, 338 sizeof(svname)); 339 if (svname[0] != 0) 340 strlcpy(kp->ki_emul, svname, KI_EMULNAMELEN); 341 if ((proc.p_state != PRS_ZOMBIE) && 342 (mtd.td_blocked != 0)) { 343 kp->ki_kiflag |= KI_LOCKBLOCK; 344 if (mtd.td_lockname) 345 (void)kvm_read(kd, 346 (u_long)mtd.td_lockname, 347 kp->ki_lockname, LOCKNAMELEN); 348 kp->ki_lockname[LOCKNAMELEN] = 0; 349 } 350 bintime2timeval(&proc.p_runtime, &tv); 351 kp->ki_runtime = (u_int64_t)tv.tv_sec * 1000000 + tv.tv_usec; 352 kp->ki_pid = proc.p_pid; 353 kp->ki_siglist = proc.p_siglist; 354 SIGSETOR(kp->ki_siglist, mtd.td_siglist); 355 kp->ki_sigmask = mtd.td_sigmask; 356 kp->ki_xstat = proc.p_xstat; 357 kp->ki_acflag = proc.p_acflag; 358 kp->ki_lock = proc.p_lock; 359 if (proc.p_state != PRS_ZOMBIE) { 360 kp->ki_swtime = proc.p_swtime; 361 kp->ki_flag = proc.p_flag; 362 kp->ki_sflag = proc.p_sflag; 363 kp->ki_nice = proc.p_nice; 364 kp->ki_traceflag = proc.p_traceflag; 365 if (proc.p_state == PRS_NORMAL) { 366 if (TD_ON_RUNQ(&mtd) || 367 TD_CAN_RUN(&mtd) || 368 TD_IS_RUNNING(&mtd)) { 369 kp->ki_stat = SRUN; 370 } else if (mtd.td_state == 371 TDS_INHIBITED) { 372 if (P_SHOULDSTOP(&proc)) { 373 kp->ki_stat = SSTOP; 374 } else if ( 375 TD_IS_SLEEPING(&mtd)) { 376 kp->ki_stat = SSLEEP; 377 } else if (TD_ON_LOCK(&mtd)) { 378 kp->ki_stat = SLOCK; 379 } else { 380 kp->ki_stat = SWAIT; 381 } 382 } 383 } else { 384 kp->ki_stat = SIDL; 385 } 386 /* Stuff from the thread */ 387 kp->ki_pri.pri_level = mtd.td_priority; 388 kp->ki_pri.pri_native = mtd.td_base_pri; 389 kp->ki_lastcpu = mtd.td_lastcpu; 390 kp->ki_wchan = mtd.td_wchan; 391 kp->ki_oncpu = mtd.td_oncpu; 392 393 if (!(proc.p_flag & P_SA)) { 394 /* stuff from the ksegrp */ 395 kp->ki_slptime = mkg.kg_slptime; 396 kp->ki_pri.pri_class = mkg.kg_pri_class; 397 kp->ki_pri.pri_user = mkg.kg_user_pri; 398 kp->ki_estcpu = mkg.kg_estcpu; 399 400 /* Stuff from the kse */ 401 kp->ki_pctcpu = mke.ke_pctcpu; 402 kp->ki_rqindex = mke.ke_rqindex; 403 } else { 404 kp->ki_tdflags = -1; 405 /* All the rest are 0 for now */ 406 } 407 } else { 408 kp->ki_stat = SZOMB; 409 } 410 bcopy(&kinfo_proc, bp, sizeof(kinfo_proc)); 411 ++bp; 412 ++cnt; 413 } 414 return (cnt); 415} 416 417/* 418 * Build proc info array by reading in proc list from a crash dump. 419 * Return number of procs read. maxcnt is the max we will read. 420 */ 421static int 422kvm_deadprocs(kd, what, arg, a_allproc, a_zombproc, maxcnt) 423 kvm_t *kd; 424 int what, arg; 425 u_long a_allproc; 426 u_long a_zombproc; 427 int maxcnt; 428{ 429 struct kinfo_proc *bp = kd->procbase; 430 int acnt, zcnt; 431 struct proc *p; 432 433 if (KREAD(kd, a_allproc, &p)) { 434 _kvm_err(kd, kd->program, "cannot read allproc"); 435 return (-1); 436 } 437 acnt = kvm_proclist(kd, what, arg, p, bp, maxcnt); 438 if (acnt < 0) 439 return (acnt); 440 441 if (KREAD(kd, a_zombproc, &p)) { 442 _kvm_err(kd, kd->program, "cannot read zombproc"); 443 return (-1); 444 } 445 zcnt = kvm_proclist(kd, what, arg, p, bp + acnt, maxcnt - acnt); 446 if (zcnt < 0) 447 zcnt = 0; 448 449 return (acnt + zcnt); 450} 451 452struct kinfo_proc * 453kvm_getprocs(kd, op, arg, cnt) 454 kvm_t *kd; 455 int op, arg; 456 int *cnt; 457{ 458 int mib[4], st, nprocs; 459 size_t size; 460 int temp_op; 461 462 if (kd->procbase != 0) { 463 free((void *)kd->procbase); 464 /* 465 * Clear this pointer in case this call fails. Otherwise, 466 * kvm_close() will free it again. 467 */ 468 kd->procbase = 0; 469 } 470 if (ISALIVE(kd)) { 471 size = 0; 472 mib[0] = CTL_KERN; 473 mib[1] = KERN_PROC; 474 mib[2] = op; 475 mib[3] = arg; 476 temp_op = op & ~KERN_PROC_INC_THREAD; 477 st = sysctl(mib, 478 temp_op == KERN_PROC_ALL || temp_op == KERN_PROC_PROC ? 479 3 : 4, NULL, &size, NULL, 0); 480 if (st == -1) { 481 _kvm_syserr(kd, kd->program, "kvm_getprocs"); 482 return (0); 483 } 484 /* 485 * We can't continue with a size of 0 because we pass 486 * it to realloc() (via _kvm_realloc()), and passing 0 487 * to realloc() results in undefined behavior. 488 */ 489 if (size == 0) { 490 /* 491 * XXX: We should probably return an invalid, 492 * but non-NULL, pointer here so any client 493 * program trying to dereference it will 494 * crash. However, _kvm_freeprocs() calls 495 * free() on kd->procbase if it isn't NULL, 496 * and free()'ing a junk pointer isn't good. 497 * Then again, _kvm_freeprocs() isn't used 498 * anywhere . . . 499 */ 500 kd->procbase = _kvm_malloc(kd, 1); 501 goto liveout; 502 } 503 do { 504 size += size / 10; 505 kd->procbase = (struct kinfo_proc *) 506 _kvm_realloc(kd, kd->procbase, size); 507 if (kd->procbase == 0) 508 return (0); 509 st = sysctl(mib, temp_op == KERN_PROC_ALL || 510 temp_op == KERN_PROC_PROC ? 3 : 4, 511 kd->procbase, &size, NULL, 0); 512 } while (st == -1 && errno == ENOMEM); 513 if (st == -1) { 514 _kvm_syserr(kd, kd->program, "kvm_getprocs"); 515 return (0); 516 } 517 /* 518 * We have to check the size again because sysctl() 519 * may "round up" oldlenp if oldp is NULL; hence it 520 * might've told us that there was data to get when 521 * there really isn't any. 522 */ 523 if (size > 0 && 524 kd->procbase->ki_structsize != sizeof(struct kinfo_proc)) { 525 _kvm_err(kd, kd->program, 526 "kinfo_proc size mismatch (expected %d, got %d)", 527 sizeof(struct kinfo_proc), 528 kd->procbase->ki_structsize); 529 return (0); 530 } 531liveout: 532 nprocs = size == 0 ? 0 : size / kd->procbase->ki_structsize; 533 } else { 534 struct nlist nl[4], *p; 535 536 nl[0].n_name = "_nprocs"; 537 nl[1].n_name = "_allproc"; 538 nl[2].n_name = "_zombproc"; 539 nl[3].n_name = 0; 540 541 if (kvm_nlist(kd, nl) != 0) { 542 for (p = nl; p->n_type != 0; ++p) 543 ; 544 _kvm_err(kd, kd->program, 545 "%s: no such symbol", p->n_name); 546 return (0); 547 } 548 if (KREAD(kd, nl[0].n_value, &nprocs)) { 549 _kvm_err(kd, kd->program, "can't read nprocs"); 550 return (0); 551 } 552 size = nprocs * sizeof(struct kinfo_proc); 553 kd->procbase = (struct kinfo_proc *)_kvm_malloc(kd, size); 554 if (kd->procbase == 0) 555 return (0); 556 557 nprocs = kvm_deadprocs(kd, op, arg, nl[1].n_value, 558 nl[2].n_value, nprocs); 559#ifdef notdef 560 size = nprocs * sizeof(struct kinfo_proc); 561 (void)realloc(kd->procbase, size); 562#endif 563 } 564 *cnt = nprocs; 565 return (kd->procbase); 566} 567 568void 569_kvm_freeprocs(kd) 570 kvm_t *kd; 571{ 572 if (kd->procbase) { 573 free(kd->procbase); 574 kd->procbase = 0; 575 } 576} 577 578void * 579_kvm_realloc(kd, p, n) 580 kvm_t *kd; 581 void *p; 582 size_t n; 583{ 584 void *np = (void *)realloc(p, n); 585 586 if (np == 0) { 587 free(p); 588 _kvm_err(kd, kd->program, "out of memory"); 589 } 590 return (np); 591} 592 593#ifndef MAX 594#define MAX(a, b) ((a) > (b) ? (a) : (b)) 595#endif 596 597/* 598 * Read in an argument vector from the user address space of process kp. 599 * addr if the user-space base address of narg null-terminated contiguous 600 * strings. This is used to read in both the command arguments and 601 * environment strings. Read at most maxcnt characters of strings. 602 */ 603static char ** 604kvm_argv(kd, kp, addr, narg, maxcnt) 605 kvm_t *kd; 606 struct kinfo_proc *kp; 607 u_long addr; 608 int narg; 609 int maxcnt; 610{ 611 char *np, *cp, *ep, *ap; 612 u_long oaddr = -1; 613 int len, cc; 614 char **argv; 615 616 /* 617 * Check that there aren't an unreasonable number of agruments, 618 * and that the address is in user space. 619 */ 620 if (narg > 512 || addr < VM_MIN_ADDRESS || addr >= VM_MAXUSER_ADDRESS) 621 return (0); 622 623 /* 624 * kd->argv : work space for fetching the strings from the target 625 * process's space, and is converted for returning to caller 626 */ 627 if (kd->argv == 0) { 628 /* 629 * Try to avoid reallocs. 630 */ 631 kd->argc = MAX(narg + 1, 32); 632 kd->argv = (char **)_kvm_malloc(kd, kd->argc * 633 sizeof(*kd->argv)); 634 if (kd->argv == 0) 635 return (0); 636 } else if (narg + 1 > kd->argc) { 637 kd->argc = MAX(2 * kd->argc, narg + 1); 638 kd->argv = (char **)_kvm_realloc(kd, kd->argv, kd->argc * 639 sizeof(*kd->argv)); 640 if (kd->argv == 0) 641 return (0); 642 } 643 /* 644 * kd->argspc : returned to user, this is where the kd->argv 645 * arrays are left pointing to the collected strings. 646 */ 647 if (kd->argspc == 0) { 648 kd->argspc = (char *)_kvm_malloc(kd, PAGE_SIZE); 649 if (kd->argspc == 0) 650 return (0); 651 kd->arglen = PAGE_SIZE; 652 } 653 /* 654 * kd->argbuf : used to pull in pages from the target process. 655 * the strings are copied out of here. 656 */ 657 if (kd->argbuf == 0) { 658 kd->argbuf = (char *)_kvm_malloc(kd, PAGE_SIZE); 659 if (kd->argbuf == 0) 660 return (0); 661 } 662 663 /* Pull in the target process'es argv vector */ 664 cc = sizeof(char *) * narg; 665 if (kvm_uread(kd, kp, addr, (char *)kd->argv, cc) != cc) 666 return (0); 667 /* 668 * ap : saved start address of string we're working on in kd->argspc 669 * np : pointer to next place to write in kd->argspc 670 * len: length of data in kd->argspc 671 * argv: pointer to the argv vector that we are hunting around the 672 * target process space for, and converting to addresses in 673 * our address space (kd->argspc). 674 */ 675 ap = np = kd->argspc; 676 argv = kd->argv; 677 len = 0; 678 /* 679 * Loop over pages, filling in the argument vector. 680 * Note that the argv strings could be pointing *anywhere* in 681 * the user address space and are no longer contiguous. 682 * Note that *argv is modified when we are going to fetch a string 683 * that crosses a page boundary. We copy the next part of the string 684 * into to "np" and eventually convert the pointer. 685 */ 686 while (argv < kd->argv + narg && *argv != 0) { 687 688 /* get the address that the current argv string is on */ 689 addr = (u_long)*argv & ~(PAGE_SIZE - 1); 690 691 /* is it the same page as the last one? */ 692 if (addr != oaddr) { 693 if (kvm_uread(kd, kp, addr, kd->argbuf, PAGE_SIZE) != 694 PAGE_SIZE) 695 return (0); 696 oaddr = addr; 697 } 698 699 /* offset within the page... kd->argbuf */ 700 addr = (u_long)*argv & (PAGE_SIZE - 1); 701 702 /* cp = start of string, cc = count of chars in this chunk */ 703 cp = kd->argbuf + addr; 704 cc = PAGE_SIZE - addr; 705 706 /* dont get more than asked for by user process */ 707 if (maxcnt > 0 && cc > maxcnt - len) 708 cc = maxcnt - len; 709 710 /* pointer to end of string if we found it in this page */ 711 ep = memchr(cp, '\0', cc); 712 if (ep != 0) 713 cc = ep - cp + 1; 714 /* 715 * at this point, cc is the count of the chars that we are 716 * going to retrieve this time. we may or may not have found 717 * the end of it. (ep points to the null if the end is known) 718 */ 719 720 /* will we exceed the malloc/realloced buffer? */ 721 if (len + cc > kd->arglen) { 722 int off; 723 char **pp; 724 char *op = kd->argspc; 725 726 kd->arglen *= 2; 727 kd->argspc = (char *)_kvm_realloc(kd, kd->argspc, 728 kd->arglen); 729 if (kd->argspc == 0) 730 return (0); 731 /* 732 * Adjust argv pointers in case realloc moved 733 * the string space. 734 */ 735 off = kd->argspc - op; 736 for (pp = kd->argv; pp < argv; pp++) 737 *pp += off; 738 ap += off; 739 np += off; 740 } 741 /* np = where to put the next part of the string in kd->argspc*/ 742 /* np is kinda redundant.. could use "kd->argspc + len" */ 743 memcpy(np, cp, cc); 744 np += cc; /* inc counters */ 745 len += cc; 746 747 /* 748 * if end of string found, set the *argv pointer to the 749 * saved beginning of string, and advance. argv points to 750 * somewhere in kd->argv.. This is initially relative 751 * to the target process, but when we close it off, we set 752 * it to point in our address space. 753 */ 754 if (ep != 0) { 755 *argv++ = ap; 756 ap = np; 757 } else { 758 /* update the address relative to the target process */ 759 *argv += cc; 760 } 761 762 if (maxcnt > 0 && len >= maxcnt) { 763 /* 764 * We're stopping prematurely. Terminate the 765 * current string. 766 */ 767 if (ep == 0) { 768 *np = '\0'; 769 *argv++ = ap; 770 } 771 break; 772 } 773 } 774 /* Make sure argv is terminated. */ 775 *argv = 0; 776 return (kd->argv); 777} 778 779static void 780ps_str_a(p, addr, n) 781 struct ps_strings *p; 782 u_long *addr; 783 int *n; 784{ 785 *addr = (u_long)p->ps_argvstr; 786 *n = p->ps_nargvstr; 787} 788 789static void 790ps_str_e(p, addr, n) 791 struct ps_strings *p; 792 u_long *addr; 793 int *n; 794{ 795 *addr = (u_long)p->ps_envstr; 796 *n = p->ps_nenvstr; 797} 798 799/* 800 * Determine if the proc indicated by p is still active. 801 * This test is not 100% foolproof in theory, but chances of 802 * being wrong are very low. 803 */ 804static int 805proc_verify(curkp) 806 struct kinfo_proc *curkp; 807{ 808 struct kinfo_proc newkp; 809 int mib[4]; 810 size_t len; 811 812 mib[0] = CTL_KERN; 813 mib[1] = KERN_PROC; 814 mib[2] = KERN_PROC_PID; 815 mib[3] = curkp->ki_pid; 816 len = sizeof(newkp); 817 if (sysctl(mib, 4, &newkp, &len, NULL, 0) == -1) 818 return (0); 819 return (curkp->ki_pid == newkp.ki_pid && 820 (newkp.ki_stat != SZOMB || curkp->ki_stat == SZOMB)); 821} 822 823static char ** 824kvm_doargv(kd, kp, nchr, info) 825 kvm_t *kd; 826 struct kinfo_proc *kp; 827 int nchr; 828 void (*info)(struct ps_strings *, u_long *, int *); 829{ 830 char **ap; 831 u_long addr; 832 int cnt; 833 static struct ps_strings arginfo; 834 static u_long ps_strings; 835 size_t len; 836 837 if (ps_strings == 0) { 838 len = sizeof(ps_strings); 839 if (sysctlbyname("kern.ps_strings", &ps_strings, &len, NULL, 840 0) == -1) 841 ps_strings = PS_STRINGS; 842 } 843 844 /* 845 * Pointers are stored at the top of the user stack. 846 */ 847 if (kp->ki_stat == SZOMB || 848 kvm_uread(kd, kp, ps_strings, (char *)&arginfo, 849 sizeof(arginfo)) != sizeof(arginfo)) 850 return (0); 851 852 (*info)(&arginfo, &addr, &cnt); 853 if (cnt == 0) 854 return (0); 855 ap = kvm_argv(kd, kp, addr, cnt, nchr); 856 /* 857 * For live kernels, make sure this process didn't go away. 858 */ 859 if (ap != 0 && ISALIVE(kd) && !proc_verify(kp)) 860 ap = 0; 861 return (ap); 862} 863 864/* 865 * Get the command args. This code is now machine independent. 866 */ 867char ** 868kvm_getargv(kd, kp, nchr) 869 kvm_t *kd; 870 const struct kinfo_proc *kp; 871 int nchr; 872{ 873 int oid[4]; 874 int i; 875 size_t bufsz; 876 static unsigned long buflen; 877 static char *buf, *p; 878 static char **bufp; 879 static int argc; 880 881 if (!ISALIVE(kd)) { 882 _kvm_err(kd, kd->program, 883 "cannot read user space from dead kernel"); 884 return (0); 885 } 886 887 if (!buflen) { 888 bufsz = sizeof(buflen); 889 i = sysctlbyname("kern.ps_arg_cache_limit", 890 &buflen, &bufsz, NULL, 0); 891 if (i == -1) { 892 buflen = 0; 893 } else { 894 buf = malloc(buflen); 895 if (buf == NULL) 896 buflen = 0; 897 argc = 32; 898 bufp = malloc(sizeof(char *) * argc); 899 } 900 } 901 if (buf != NULL) { 902 oid[0] = CTL_KERN; 903 oid[1] = KERN_PROC; 904 oid[2] = KERN_PROC_ARGS; 905 oid[3] = kp->ki_pid; 906 bufsz = buflen; 907 i = sysctl(oid, 4, buf, &bufsz, 0, 0); 908 if (i == 0 && bufsz > 0) { 909 i = 0; 910 p = buf; 911 do { 912 bufp[i++] = p; 913 p += strlen(p) + 1; 914 if (i >= argc) { 915 argc += argc; 916 bufp = realloc(bufp, 917 sizeof(char *) * argc); 918 } 919 } while (p < buf + bufsz); 920 bufp[i++] = 0; 921 return (bufp); 922 } 923 } 924 if (kp->ki_flag & P_SYSTEM) 925 return (NULL); 926 return (kvm_doargv(kd, kp, nchr, ps_str_a)); 927} 928 929char ** 930kvm_getenvv(kd, kp, nchr) 931 kvm_t *kd; 932 const struct kinfo_proc *kp; 933 int nchr; 934{ 935 return (kvm_doargv(kd, kp, nchr, ps_str_e)); 936} 937 938/* 939 * Read from user space. The user context is given by p. 940 */ 941ssize_t 942kvm_uread(kd, kp, uva, buf, len) 943 kvm_t *kd; 944 struct kinfo_proc *kp; 945 u_long uva; 946 char *buf; 947 size_t len; 948{ 949 char *cp; 950 char procfile[MAXPATHLEN]; 951 ssize_t amount; 952 int fd; 953 954 if (!ISALIVE(kd)) { 955 _kvm_err(kd, kd->program, 956 "cannot read user space from dead kernel"); 957 return (0); 958 } 959 960 sprintf(procfile, "/proc/%d/mem", kp->ki_pid); 961 fd = open(procfile, O_RDONLY, 0); 962 if (fd < 0) { 963 _kvm_err(kd, kd->program, "cannot open %s", procfile); 964 close(fd); 965 return (0); 966 } 967 968 cp = buf; 969 while (len > 0) { 970 errno = 0; 971 if (lseek(fd, (off_t)uva, 0) == -1 && errno != 0) { 972 _kvm_err(kd, kd->program, "invalid address (%x) in %s", 973 uva, procfile); 974 break; 975 } 976 amount = read(fd, cp, len); 977 if (amount < 0) { 978 _kvm_syserr(kd, kd->program, "error reading %s", 979 procfile); 980 break; 981 } 982 if (amount == 0) { 983 _kvm_err(kd, kd->program, "EOF reading %s", procfile); 984 break; 985 } 986 cp += amount; 987 uva += amount; 988 len -= amount; 989 } 990 991 close(fd); 992 return ((ssize_t)(cp - buf)); 993} 994