1/*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2007-2011 Robert N. M. Watson 5 * Copyright (c) 2015 Allan Jude <allanjude@freebsd.org> 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30#include <sys/cdefs.h> 31__FBSDID("$FreeBSD$"); 32 33#include <sys/param.h> 34#include <sys/capsicum.h> 35#include <sys/socket.h> 36#include <sys/sysctl.h> 37#include <sys/un.h> 38#include <sys/user.h> 39 40#include <netinet/in.h> 41 42#include <arpa/inet.h> 43 44#include <err.h> 45#include <libprocstat.h> 46#include <inttypes.h> 47#include <stdio.h> 48#include <stdlib.h> 49#include <string.h> 50 51#include "procstat.h" 52 53static const char * 54protocol_to_string(int domain, int type, int protocol) 55{ 56 57 switch (domain) { 58 case AF_INET: 59 case AF_INET6: 60 switch (protocol) { 61 case IPPROTO_TCP: 62 return ("TCP"); 63 case IPPROTO_UDP: 64 return ("UDP"); 65 case IPPROTO_ICMP: 66 return ("ICM"); 67 case IPPROTO_RAW: 68 return ("RAW"); 69 case IPPROTO_SCTP: 70 return ("SCT"); 71 case IPPROTO_DIVERT: 72 return ("IPD"); 73 default: 74 return ("IP?"); 75 } 76 77 case AF_LOCAL: 78 switch (type) { 79 case SOCK_STREAM: 80 return ("UDS"); 81 case SOCK_DGRAM: 82 return ("UDD"); 83 default: 84 return ("UD?"); 85 } 86 default: 87 return ("?"); 88 } 89} 90 91static void 92addr_to_string(struct sockaddr_storage *ss, char *buffer, int buflen) 93{ 94 char buffer2[INET6_ADDRSTRLEN]; 95 struct sockaddr_in6 *sin6; 96 struct sockaddr_in *sin; 97 struct sockaddr_un *sun; 98 99 switch (ss->ss_family) { 100 case AF_LOCAL: 101 sun = (struct sockaddr_un *)ss; 102 if (strlen(sun->sun_path) == 0) 103 strlcpy(buffer, "-", buflen); 104 else 105 strlcpy(buffer, sun->sun_path, buflen); 106 break; 107 108 case AF_INET: 109 sin = (struct sockaddr_in *)ss; 110 snprintf(buffer, buflen, "%s:%d", inet_ntoa(sin->sin_addr), 111 ntohs(sin->sin_port)); 112 break; 113 114 case AF_INET6: 115 sin6 = (struct sockaddr_in6 *)ss; 116 if (inet_ntop(AF_INET6, &sin6->sin6_addr, buffer2, 117 sizeof(buffer2)) != NULL) 118 snprintf(buffer, buflen, "%s.%d", buffer2, 119 ntohs(sin6->sin6_port)); 120 else 121 strlcpy(buffer, "-", buflen); 122 break; 123 124 default: 125 strlcpy(buffer, "", buflen); 126 break; 127 } 128} 129 130static struct cap_desc { 131 uint64_t cd_right; 132 const char *cd_desc; 133} cap_desc[] = { 134 /* General file I/O. */ 135 { CAP_READ, "rd" }, 136 { CAP_WRITE, "wr" }, 137 { CAP_SEEK, "se" }, 138 { CAP_MMAP, "mm" }, 139 { CAP_CREATE, "cr" }, 140 { CAP_FEXECVE, "fe" }, 141 { CAP_FSYNC, "fy" }, 142 { CAP_FTRUNCATE, "ft" }, 143 144 /* VFS methods. */ 145 { CAP_FCHDIR, "cd" }, 146 { CAP_FCHFLAGS, "cf" }, 147 { CAP_FCHMOD, "cm" }, 148 { CAP_FCHOWN, "cn" }, 149 { CAP_FCNTL, "fc" }, 150 { CAP_FLOCK, "fl" }, 151 { CAP_FPATHCONF, "fp" }, 152 { CAP_FSCK, "fk" }, 153 { CAP_FSTAT, "fs" }, 154 { CAP_FSTATFS, "sf" }, 155 { CAP_FUTIMES, "fu" }, 156 { CAP_LINKAT_SOURCE, "ls" }, 157 { CAP_LINKAT_TARGET, "lt" }, 158 { CAP_MKDIRAT, "md" }, 159 { CAP_MKFIFOAT, "mf" }, 160 { CAP_MKNODAT, "mn" }, 161 { CAP_RENAMEAT_SOURCE, "rs" }, 162 { CAP_RENAMEAT_TARGET, "rt" }, 163 { CAP_SYMLINKAT, "sl" }, 164 { CAP_UNLINKAT, "un" }, 165 166 /* Lookups - used to constrain *at() calls. */ 167 { CAP_LOOKUP, "lo" }, 168 169 /* Extended attributes. */ 170 { CAP_EXTATTR_GET, "eg" }, 171 { CAP_EXTATTR_SET, "es" }, 172 { CAP_EXTATTR_DELETE, "ed" }, 173 { CAP_EXTATTR_LIST, "el" }, 174 175 /* Access Control Lists. */ 176 { CAP_ACL_GET, "ag" }, 177 { CAP_ACL_SET, "as" }, 178 { CAP_ACL_DELETE, "ad" }, 179 { CAP_ACL_CHECK, "ac" }, 180 181 /* Socket operations. */ 182 { CAP_ACCEPT, "at" }, 183 { CAP_BIND, "bd" }, 184 { CAP_CONNECT, "co" }, 185 { CAP_GETPEERNAME, "pn" }, 186 { CAP_GETSOCKNAME, "sn" }, 187 { CAP_GETSOCKOPT, "gs" }, 188 { CAP_LISTEN, "ln" }, 189 { CAP_PEELOFF, "pf" }, 190 { CAP_SETSOCKOPT, "ss" }, 191 { CAP_SHUTDOWN, "sh" }, 192 193 /* Mandatory Access Control. */ 194 { CAP_MAC_GET, "mg" }, 195 { CAP_MAC_SET, "ms" }, 196 197 /* Methods on semaphores. */ 198 { CAP_SEM_GETVALUE, "sg" }, 199 { CAP_SEM_POST, "sp" }, 200 { CAP_SEM_WAIT, "sw" }, 201 202 /* Event monitoring and posting. */ 203 { CAP_EVENT, "ev" }, 204 { CAP_KQUEUE_EVENT, "ke" }, 205 { CAP_KQUEUE_CHANGE, "kc" }, 206 207 /* Strange and powerful rights that should not be given lightly. */ 208 { CAP_IOCTL, "io" }, 209 { CAP_TTYHOOK, "ty" }, 210 211 /* Process management via process descriptors. */ 212 { CAP_PDGETPID, "pg" }, 213 { CAP_PDWAIT, "pw" }, 214 { CAP_PDKILL, "pk" }, 215 216 /* 217 * Rights that allow to use bindat(2) and connectat(2) syscalls on a 218 * directory descriptor. 219 */ 220 { CAP_BINDAT, "ba" }, 221 { CAP_CONNECTAT, "ca" }, 222 223 /* Aliases and defines that combine multiple rights. */ 224 { CAP_PREAD, "prd" }, 225 { CAP_PWRITE, "pwr" }, 226 227 { CAP_MMAP_R, "mmr" }, 228 { CAP_MMAP_W, "mmw" }, 229 { CAP_MMAP_X, "mmx" }, 230 { CAP_MMAP_RW, "mrw" }, 231 { CAP_MMAP_RX, "mrx" }, 232 { CAP_MMAP_WX, "mwx" }, 233 { CAP_MMAP_RWX, "mma" }, 234 235 { CAP_RECV, "re" }, 236 { CAP_SEND, "sd" }, 237 238 { CAP_SOCK_CLIENT, "scl" }, 239 { CAP_SOCK_SERVER, "ssr" }, 240}; 241static const u_int cap_desc_count = nitems(cap_desc); 242 243static u_int 244width_capability(cap_rights_t *rightsp) 245{ 246 u_int count, i, width; 247 248 count = 0; 249 width = 0; 250 for (i = 0; i < cap_desc_count; i++) { 251 if (cap_rights_is_set(rightsp, cap_desc[i].cd_right)) { 252 width += strlen(cap_desc[i].cd_desc); 253 if (count) 254 width++; 255 count++; 256 } 257 } 258 return (width); 259} 260 261static void 262print_capability(cap_rights_t *rightsp, u_int capwidth) 263{ 264 u_int count, i, width; 265 266 count = 0; 267 width = 0; 268 for (i = width_capability(rightsp); i < capwidth; i++) { 269 if (i != 0) 270 xo_emit(" "); 271 else 272 xo_emit("-"); 273 } 274 xo_open_list("capabilities"); 275 for (i = 0; i < cap_desc_count; i++) { 276 if (cap_rights_is_set(rightsp, cap_desc[i].cd_right)) { 277 xo_emit("{D:/%s}{l:capabilities/%s}", count ? "," : "", 278 cap_desc[i].cd_desc); 279 width += strlen(cap_desc[i].cd_desc); 280 if (count) 281 width++; 282 count++; 283 } 284 } 285 xo_close_list("capabilities"); 286} 287 288void 289procstat_files(struct procstat *procstat, struct kinfo_proc *kipp) 290{ 291 struct sockstat sock; 292 struct filestat_list *head; 293 struct filestat *fst; 294 const char *str; 295 struct vnstat vn; 296 u_int capwidth, width; 297 int error; 298 char src_addr[PATH_MAX]; 299 char dst_addr[PATH_MAX]; 300 301 /* 302 * To print the header in capability mode, we need to know the width 303 * of the widest capability string. Even if we get no processes 304 * back, we will print the header, so we defer aborting due to a lack 305 * of processes until after the header logic. 306 */ 307 capwidth = 0; 308 head = procstat_getfiles(procstat, kipp, 0); 309 if (head != NULL && 310 (procstat_opts & PS_OPT_CAPABILITIES) != 0) { 311 STAILQ_FOREACH(fst, head, next) { 312 width = width_capability(&fst->fs_cap_rights); 313 if (width > capwidth) 314 capwidth = width; 315 } 316 if (capwidth < strlen("CAPABILITIES")) 317 capwidth = strlen("CAPABILITIES"); 318 } 319 320 if ((procstat_opts & PS_OPT_NOHEADER) == 0) { 321 if ((procstat_opts & PS_OPT_CAPABILITIES) != 0) 322 xo_emit("{T:/%5s %-16s %5s %1s %-8s %-*s " 323 "%-3s %-12s}\n", "PID", "COMM", "FD", "T", 324 "FLAGS", capwidth, "CAPABILITIES", "PRO", 325 "NAME"); 326 else 327 xo_emit("{T:/%5s %-16s %5s %1s %1s %-8s " 328 "%3s %7s %-3s %-12s}\n", "PID", "COMM", "FD", "T", 329 "V", "FLAGS", "REF", "OFFSET", "PRO", "NAME"); 330 } 331 332 if (head == NULL) 333 return; 334 xo_emit("{ek:process_id/%5d/%d}", kipp->ki_pid); 335 xo_emit("{e:command/%-16s/%s}", kipp->ki_comm); 336 xo_open_list("files"); 337 STAILQ_FOREACH(fst, head, next) { 338 xo_open_instance("files"); 339 xo_emit("{dk:process_id/%5d/%d} ", kipp->ki_pid); 340 xo_emit("{d:command/%-16s/%s} ", kipp->ki_comm); 341 if (fst->fs_uflags & PS_FST_UFLAG_CTTY) 342 xo_emit("{P: }{:fd/%s} ", "ctty"); 343 else if (fst->fs_uflags & PS_FST_UFLAG_CDIR) 344 xo_emit("{P: }{:fd/%s} ", "cwd"); 345 else if (fst->fs_uflags & PS_FST_UFLAG_JAIL) 346 xo_emit("{P: }{:fd/%s} ", "jail"); 347 else if (fst->fs_uflags & PS_FST_UFLAG_RDIR) 348 xo_emit("{P: }{:fd/%s} ", "root"); 349 else if (fst->fs_uflags & PS_FST_UFLAG_TEXT) 350 xo_emit("{P: }{:fd/%s} ", "text"); 351 else if (fst->fs_uflags & PS_FST_UFLAG_TRACE) 352 xo_emit("{:fd/%s} ", "trace"); 353 else 354 xo_emit("{:fd/%5d} ", fst->fs_fd); 355 356 switch (fst->fs_type) { 357 case PS_FST_TYPE_VNODE: 358 str = "v"; 359 xo_emit("{eq:fd_type/vnode}"); 360 break; 361 362 case PS_FST_TYPE_SOCKET: 363 str = "s"; 364 xo_emit("{eq:fd_type/socket}"); 365 break; 366 367 case PS_FST_TYPE_PIPE: 368 str = "p"; 369 xo_emit("{eq:fd_type/pipe}"); 370 break; 371 372 case PS_FST_TYPE_FIFO: 373 str = "f"; 374 xo_emit("{eq:fd_type/fifo}"); 375 break; 376 377 case PS_FST_TYPE_KQUEUE: 378 str = "k"; 379 xo_emit("{eq:fd_type/kqueue}"); 380 break; 381 382 case PS_FST_TYPE_CRYPTO: 383 str = "c"; 384 xo_emit("{eq:fd_type/crypto}"); 385 break; 386 387 case PS_FST_TYPE_MQUEUE: 388 str = "m"; 389 xo_emit("{eq:fd_type/mqueue}"); 390 break; 391 392 case PS_FST_TYPE_SHM: 393 str = "h"; 394 xo_emit("{eq:fd_type/shm}"); 395 break; 396 397 case PS_FST_TYPE_PTS: 398 str = "t"; 399 xo_emit("{eq:fd_type/pts}"); 400 break; 401 402 case PS_FST_TYPE_SEM: 403 str = "e"; 404 xo_emit("{eq:fd_type/sem}"); 405 break; 406 407 case PS_FST_TYPE_PROCDESC: 408 str = "P"; 409 xo_emit("{eq:fd_type/procdesc}"); 410 break; 411 412 case PS_FST_TYPE_DEV: 413 str = "D"; 414 xo_emit("{eq:fd_type/dev}"); 415 break; 416 417 case PS_FST_TYPE_NONE: 418 str = "?"; 419 xo_emit("{eq:fd_type/none}"); 420 break; 421 422 case PS_FST_TYPE_UNKNOWN: 423 default: 424 str = "?"; 425 xo_emit("{eq:fd_type/unknown}"); 426 break; 427 } 428 xo_emit("{d:fd_type/%1s/%s} ", str); 429 if ((procstat_opts & PS_OPT_CAPABILITIES) == 0) { 430 str = "-"; 431 if (fst->fs_type == PS_FST_TYPE_VNODE) { 432 error = procstat_get_vnode_info(procstat, fst, 433 &vn, NULL); 434 switch (vn.vn_type) { 435 case PS_FST_VTYPE_VREG: 436 str = "r"; 437 xo_emit("{eq:vode_type/regular}"); 438 break; 439 440 case PS_FST_VTYPE_VDIR: 441 str = "d"; 442 xo_emit("{eq:vode_type/directory}"); 443 break; 444 445 case PS_FST_VTYPE_VBLK: 446 str = "b"; 447 xo_emit("{eq:vode_type/block}"); 448 break; 449 450 case PS_FST_VTYPE_VCHR: 451 str = "c"; 452 xo_emit("{eq:vode_type/character}"); 453 break; 454 455 case PS_FST_VTYPE_VLNK: 456 str = "l"; 457 xo_emit("{eq:vode_type/link}"); 458 break; 459 460 case PS_FST_VTYPE_VSOCK: 461 str = "s"; 462 xo_emit("{eq:vode_type/socket}"); 463 break; 464 465 case PS_FST_VTYPE_VFIFO: 466 str = "f"; 467 xo_emit("{eq:vode_type/fifo}"); 468 break; 469 470 case PS_FST_VTYPE_VBAD: 471 str = "x"; 472 xo_emit("{eq:vode_type/revoked_device}"); 473 break; 474 475 case PS_FST_VTYPE_VNON: 476 str = "?"; 477 xo_emit("{eq:vode_type/non}"); 478 break; 479 480 case PS_FST_VTYPE_UNKNOWN: 481 default: 482 str = "?"; 483 xo_emit("{eq:vode_type/unknown}"); 484 break; 485 } 486 } 487 xo_emit("{d:vnode_type/%1s/%s} ", str); 488 } 489 490 xo_emit("{d:/%s}", fst->fs_fflags & PS_FST_FFLAG_READ ? 491 "r" : "-"); 492 xo_emit("{d:/%s}", fst->fs_fflags & PS_FST_FFLAG_WRITE ? 493 "w" : "-"); 494 xo_emit("{d:/%s}", fst->fs_fflags & PS_FST_FFLAG_APPEND ? 495 "a" : "-"); 496 xo_emit("{d:/%s}", fst->fs_fflags & PS_FST_FFLAG_ASYNC ? 497 "s" : "-"); 498 xo_emit("{d:/%s}", fst->fs_fflags & PS_FST_FFLAG_SYNC ? 499 "f" : "-"); 500 xo_emit("{d:/%s}", fst->fs_fflags & PS_FST_FFLAG_NONBLOCK ? 501 "n" : "-"); 502 xo_emit("{d:/%s}", fst->fs_fflags & PS_FST_FFLAG_DIRECT ? 503 "d" : "-"); 504 xo_emit("{d:/%s}", fst->fs_fflags & PS_FST_FFLAG_HASLOCK ? 505 "l" : "-"); 506 xo_emit(" "); 507 xo_open_list("fd_flags"); 508 if (fst->fs_fflags & PS_FST_FFLAG_READ) 509 xo_emit("{elq:fd_flags/read}"); 510 if (fst->fs_fflags & PS_FST_FFLAG_WRITE) 511 xo_emit("{elq:fd_flags/write}"); 512 if (fst->fs_fflags & PS_FST_FFLAG_APPEND) 513 xo_emit("{elq:fd_flags/append}"); 514 if (fst->fs_fflags & PS_FST_FFLAG_ASYNC) 515 xo_emit("{elq:fd_flags/async}"); 516 if (fst->fs_fflags & PS_FST_FFLAG_SYNC) 517 xo_emit("{elq:fd_flags/fsync}"); 518 if (fst->fs_fflags & PS_FST_FFLAG_NONBLOCK) 519 xo_emit("{elq:fd_flags/nonblocking}"); 520 if (fst->fs_fflags & PS_FST_FFLAG_DIRECT) 521 xo_emit("{elq:fd_flags/direct_io}"); 522 if (fst->fs_fflags & PS_FST_FFLAG_HASLOCK) 523 xo_emit("{elq:fd_flags/lock_held}"); 524 xo_close_list("fd_flags"); 525 526 if ((procstat_opts & PS_OPT_CAPABILITIES) == 0) { 527 if (fst->fs_ref_count > -1) 528 xo_emit("{:ref_count/%3d/%d} ", 529 fst->fs_ref_count); 530 else 531 xo_emit("{q:ref_count/%3c/%c} ", '-'); 532 if (fst->fs_offset > -1) 533 xo_emit("{:offset/%7jd/%jd} ", 534 (intmax_t)fst->fs_offset); 535 else 536 xo_emit("{q:offset/%7c/%c} ", '-'); 537 } 538 if ((procstat_opts & PS_OPT_CAPABILITIES) != 0) { 539 print_capability(&fst->fs_cap_rights, capwidth); 540 xo_emit(" "); 541 } 542 switch (fst->fs_type) { 543 case PS_FST_TYPE_SOCKET: 544 error = procstat_get_socket_info(procstat, fst, &sock, 545 NULL); 546 if (error != 0) 547 break; 548 xo_emit("{:protocol/%-3s/%s} ", 549 protocol_to_string(sock.dom_family, 550 sock.type, sock.proto)); 551 if (sock.proto == IPPROTO_TCP || 552 sock.proto == IPPROTO_SCTP || 553 sock.type == SOCK_STREAM) { 554 xo_emit("{:sendq/%u} ", sock.sendq); 555 xo_emit("{:recvq/%u} ", sock.recvq); 556 } 557 /* 558 * While generally we like to print two addresses, 559 * local and peer, for sockets, it turns out to be 560 * more useful to print the first non-nul address for 561 * local sockets, as typically they aren't bound and 562 * connected, and the path strings can get long. 563 */ 564 if (sock.dom_family == AF_LOCAL) { 565 struct sockaddr_un *sun = 566 (struct sockaddr_un *)&sock.sa_local; 567 568 if (sun->sun_path[0] != 0) 569 addr_to_string(&sock.sa_local, 570 src_addr, sizeof(src_addr)); 571 else 572 addr_to_string(&sock.sa_peer, 573 src_addr, sizeof(src_addr)); 574 xo_emit("{:path/%s}", src_addr); 575 } else { 576 addr_to_string(&sock.sa_local, src_addr, 577 sizeof(src_addr)); 578 addr_to_string(&sock.sa_peer, dst_addr, 579 sizeof(dst_addr)); 580 xo_emit("{:path/%s %s}", src_addr, dst_addr); 581 } 582 break; 583 584 default: 585 xo_emit("{:protocol/%-3s/%s} ", "-"); 586 xo_emit("{:path/%-18s/%s}", fst->fs_path != NULL ? 587 fst->fs_path : "-"); 588 } 589 590 xo_emit("\n"); 591 xo_close_instance("files"); 592 } 593 xo_close_list("files"); 594 procstat_freefiles(procstat, head); 595} 596