1 /*- 2 * Copyright (c) 1989, 1992, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software developed by the Computer Systems 6 * Engineering group at Lawrence Berkeley Laboratory under DARPA contract 7 * BG 91-66 and contributed to Berkeley. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed by the University of 20 * California, Berkeley and its contributors. 21 * 4. Neither the name of the University nor the names of its contributors 22 * may be used to endorse or promote products derived from this software 23 * without specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 * 37 * $FreeBSD$ 38 */ 39 40 #if defined(LIBC_SCCS) && !defined(lint) 41 static char sccsid[] = "@(#)kvm_proc.c 8.3 (Berkeley) 9/23/93"; 42 #endif /* LIBC_SCCS and not lint */ 43 44 /* 45 * Proc traversal interface for kvm. ps and w are (probably) the exclusive 46 * users of this code, so we've factored it out into a separate module. 47 * Thus, we keep this grunge out of the other kvm applications (i.e., 48 * most other applications are interested only in open/close/read/nlist). 49 */ 50 51 #include <sys/param.h> 52 #include <sys/lock.h> 53 #include <sys/mutex.h> 54 #include <sys/user.h> 55 #include <sys/proc.h> 56 #include <sys/exec.h> 57 #include <sys/stat.h> 58 #include <sys/ioctl.h> 59 #include <sys/tty.h> 60 #include <sys/file.h> 61 #include <stdio.h> 62 #include <stdlib.h> 63 #include <unistd.h> 64 #include <nlist.h> 65 #include <kvm.h> 66 67 #include <vm/vm.h> 68 #include <vm/vm_param.h> 69 #include <vm/swap_pager.h> 70 71 #include <sys/sysctl.h> 72 73 #include <limits.h> 74 #include <memory.h> 75 #include <paths.h> 76 77 #include "kvm_private.h" 78 79 #if used 80 static char * 81 kvm_readswap(kd, p, va, cnt) 82 kvm_t *kd; 83 const struct proc *p; 84 u_long va; 85 u_long *cnt; 86 { 87 #ifdef __FreeBSD__ 88 /* XXX Stubbed out, our vm system is differnet */ 89 _kvm_err(kd, kd->program, "kvm_readswap not implemented"); 90 return(0); 91 #endif /* __FreeBSD__ */ 92 } 93 #endif 94 95 #define KREAD(kd, addr, obj) \ 96 (kvm_read(kd, addr, (char *)(obj), sizeof(*obj)) != sizeof(*obj)) 97 98 /* 99 * Read proc's from memory file into buffer bp, which has space to hold 100 * at most maxcnt procs. 101 */ 102 static int 103 kvm_proclist(kd, what, arg, p, bp, maxcnt) 104 kvm_t *kd; 105 int what, arg; 106 struct proc *p; 107 struct kinfo_proc *bp; 108 int maxcnt; 109 { 110 register int cnt = 0; 111 struct kinfo_proc kinfo_proc, *kp; 112 struct pgrp pgrp; 113 struct session sess; 114 struct tty tty; 115 struct vmspace vmspace; 116 struct procsig procsig; 117 struct pcred pcred; 118 struct pstats pstats; 119 struct ucred ucred; 120 struct proc proc; 121 struct proc pproc; 122 123 kp = &kinfo_proc; 124 kp->ki_structsize = sizeof(kinfo_proc); 125 for (; cnt < maxcnt && p != NULL; p = LIST_NEXT(&proc, p_list)) { 126 if (KREAD(kd, (u_long)p, &proc)) { 127 _kvm_err(kd, kd->program, "can't read proc at %x", p); 128 return (-1); 129 } 130 if (KREAD(kd, (u_long)proc.p_cred, &pcred) == 0) { 131 kp->ki_ruid = pcred.p_ruid; 132 kp->ki_svuid = pcred.p_svuid; 133 kp->ki_rgid = pcred.p_rgid; 134 kp->ki_svgid = pcred.p_svgid; 135 (void)(KREAD(kd, (u_long)pcred.pc_ucred, &ucred)); 136 kp->ki_ngroups = ucred.cr_ngroups; 137 bcopy(ucred.cr_groups, kp->ki_groups, 138 NGROUPS * sizeof(gid_t)); 139 kp->ki_uid = ucred.cr_uid; 140 } 141 142 switch(what) { 143 144 case KERN_PROC_PID: 145 if (proc.p_pid != (pid_t)arg) 146 continue; 147 break; 148 149 case KERN_PROC_UID: 150 if (kp->ki_uid != (uid_t)arg) 151 continue; 152 break; 153 154 case KERN_PROC_RUID: 155 if (kp->ki_ruid != (uid_t)arg) 156 continue; 157 break; 158 } 159 /* 160 * We're going to add another proc to the set. If this 161 * will overflow the buffer, assume the reason is because 162 * nprocs (or the proc list) is corrupt and declare an error. 163 */ 164 if (cnt >= maxcnt) { 165 _kvm_err(kd, kd->program, "nprocs corrupt"); 166 return (-1); 167 } 168 /* 169 * gather kinfo_proc 170 */ 171 kp->ki_paddr = p; 172 kp->ki_addr = proc.p_addr; 173 kp->ki_args = proc.p_args; 174 kp->ki_tracep = proc.p_tracep; 175 kp->ki_textvp = proc.p_textvp; 176 kp->ki_fd = proc.p_fd; 177 kp->ki_vmspace = proc.p_vmspace; 178 if (proc.p_procsig != NULL) { 179 if (KREAD(kd, (u_long)proc.p_procsig, &procsig)) { 180 _kvm_err(kd, kd->program, 181 "can't read procsig at %x", proc.p_procsig); 182 return (-1); 183 } 184 kp->ki_sigignore = procsig.ps_sigignore; 185 kp->ki_sigcatch = procsig.ps_sigcatch; 186 } 187 if ((proc.p_sflag & PS_INMEM) && proc.p_stats != NULL) { 188 if (KREAD(kd, (u_long)proc.p_stats, &pstats)) { 189 _kvm_err(kd, kd->program, 190 "can't read stats at %x", proc.p_stats); 191 return (-1); 192 } 193 kp->ki_start = pstats.p_start; 194 kp->ki_rusage = pstats.p_ru; 195 kp->ki_childtime.tv_sec = pstats.p_cru.ru_utime.tv_sec + 196 pstats.p_cru.ru_stime.tv_sec; 197 kp->ki_childtime.tv_usec = 198 pstats.p_cru.ru_utime.tv_usec + 199 pstats.p_cru.ru_stime.tv_usec; 200 } 201 if (KREAD(kd, (u_long)proc.p_pgrp, &pgrp)) { 202 _kvm_err(kd, kd->program, "can't read pgrp at %x", 203 proc.p_pgrp); 204 return (-1); 205 } 206 if (proc.p_oppid) 207 kp->ki_ppid = proc.p_oppid; 208 else if (proc.p_pptr) { 209 if (KREAD(kd, (u_long)proc.p_pptr, &pproc)) { 210 _kvm_err(kd, kd->program, 211 "can't read pproc at %x", proc.p_pptr); 212 return (-1); 213 } 214 kp->ki_ppid = pproc.p_pid; 215 } else 216 kp->ki_ppid = 0; 217 kp->ki_pgid = pgrp.pg_id; 218 kp->ki_jobc = pgrp.pg_jobc; 219 if (KREAD(kd, (u_long)pgrp.pg_session, &sess)) { 220 _kvm_err(kd, kd->program, "can't read session at %x", 221 pgrp.pg_session); 222 return (-1); 223 } 224 kp->ki_sid = sess.s_sid; 225 (void)memcpy(kp->ki_login, sess.s_login, 226 sizeof(kp->ki_login)); 227 kp->ki_kiflag = sess.s_ttyvp ? KI_CTTY : 0; 228 if (sess.s_leader == p) 229 kp->ki_kiflag |= KI_SLEADER; 230 if ((proc.p_flag & P_CONTROLT) && sess.s_ttyp != NULL) { 231 if (KREAD(kd, (u_long)sess.s_ttyp, &tty)) { 232 _kvm_err(kd, kd->program, 233 "can't read tty at %x", sess.s_ttyp); 234 return (-1); 235 } 236 kp->ki_tdev = tty.t_dev; 237 if (tty.t_pgrp != NULL) { 238 if (KREAD(kd, (u_long)tty.t_pgrp, &pgrp)) { 239 _kvm_err(kd, kd->program, 240 "can't read tpgrp at &x", 241 tty.t_pgrp); 242 return (-1); 243 } 244 kp->ki_tpgid = pgrp.pg_id; 245 } else 246 kp->ki_tpgid = -1; 247 if (tty.t_session != NULL) { 248 if (KREAD(kd, (u_long)tty.t_session, &sess)) { 249 _kvm_err(kd, kd->program, 250 "can't read session at %x", 251 tty.t_session); 252 return (-1); 253 } 254 kp->ki_tsid = sess.s_sid; 255 } 256 } else 257 kp->ki_tdev = NODEV; 258 if (proc.p_wmesg) 259 (void)kvm_read(kd, (u_long)proc.p_wmesg, 260 kp->ki_wmesg, WMESGLEN); 261 262 #ifdef sparc 263 (void)kvm_read(kd, (u_long)&proc.p_vmspace->vm_rssize, 264 (char *)&kp->ki_rssize, 265 sizeof(kp->ki_rssize)); 266 (void)kvm_read(kd, (u_long)&proc.p_vmspace->vm_tsize, 267 (char *)&kp->ki_tsize, 268 3 * sizeof(kp->ki_rssize)); /* XXX */ 269 #else 270 (void)kvm_read(kd, (u_long)proc.p_vmspace, 271 (char *)&vmspace, sizeof(vmspace)); 272 kp->ki_size = vmspace.vm_map.size; 273 kp->ki_rssize = vmspace.vm_swrss; /* XXX */ 274 kp->ki_swrss = vmspace.vm_swrss; 275 kp->ki_tsize = vmspace.vm_tsize; 276 kp->ki_dsize = vmspace.vm_dsize; 277 kp->ki_ssize = vmspace.vm_ssize; 278 #endif 279 280 switch (what) { 281 282 case KERN_PROC_PGRP: 283 if (kp->ki_pgid != (pid_t)arg) 284 continue; 285 break; 286 287 case KERN_PROC_TTY: 288 if ((proc.p_flag & P_CONTROLT) == 0 || 289 kp->ki_tdev != (dev_t)arg) 290 continue; 291 break; 292 } 293 if (proc.p_comm[0] != 0) { 294 strncpy(kp->ki_comm, proc.p_comm, MAXCOMLEN); 295 kp->ki_comm[MAXCOMLEN] = 0; 296 } 297 if (proc.p_blocked != 0) { 298 kp->ki_kiflag |= KI_MTXBLOCK; 299 if (proc.p_mtxname) 300 (void)kvm_read(kd, (u_long)proc.p_mtxname, 301 kp->ki_mtxname, MTXNAMELEN); 302 kp->ki_mtxname[MTXNAMELEN] = 0; 303 } 304 kp->ki_runtime = proc.p_runtime; 305 kp->ki_pid = proc.p_pid; 306 kp->ki_siglist = proc.p_siglist; 307 kp->ki_sigmask = proc.p_sigmask; 308 kp->ki_xstat = proc.p_xstat; 309 kp->ki_acflag = proc.p_acflag; 310 kp->ki_pctcpu = proc.p_pctcpu; 311 kp->ki_estcpu = proc.p_estcpu; 312 kp->ki_slptime = proc.p_slptime; 313 kp->ki_swtime = proc.p_swtime; 314 kp->ki_flag = proc.p_flag; 315 kp->ki_sflag = proc.p_sflag; 316 kp->ki_wchan = proc.p_wchan; 317 kp->ki_traceflag = proc.p_traceflag; 318 kp->ki_stat = proc.p_stat; 319 kp->ki_pri = proc.p_pri; 320 kp->ki_nice = proc.p_nice; 321 kp->ki_lock = proc.p_lock; 322 kp->ki_rqindex = proc.p_rqindex; 323 kp->ki_oncpu = proc.p_oncpu; 324 kp->ki_lastcpu = proc.p_lastcpu; 325 bcopy(&kinfo_proc, bp, sizeof(kinfo_proc)); 326 ++bp; 327 ++cnt; 328 } 329 return (cnt); 330 } 331 332 /* 333 * Build proc info array by reading in proc list from a crash dump. 334 * Return number of procs read. maxcnt is the max we will read. 335 */ 336 static int 337 kvm_deadprocs(kd, what, arg, a_allproc, a_zombproc, maxcnt) 338 kvm_t *kd; 339 int what, arg; 340 u_long a_allproc; 341 u_long a_zombproc; 342 int maxcnt; 343 { 344 register struct kinfo_proc *bp = kd->procbase; 345 register int acnt, zcnt; 346 struct proc *p; 347 348 if (KREAD(kd, a_allproc, &p)) { 349 _kvm_err(kd, kd->program, "cannot read allproc"); 350 return (-1); 351 } 352 acnt = kvm_proclist(kd, what, arg, p, bp, maxcnt); 353 if (acnt < 0) 354 return (acnt); 355 356 if (KREAD(kd, a_zombproc, &p)) { 357 _kvm_err(kd, kd->program, "cannot read zombproc"); 358 return (-1); 359 } 360 zcnt = kvm_proclist(kd, what, arg, p, bp + acnt, maxcnt - acnt); 361 if (zcnt < 0) 362 zcnt = 0; 363 364 return (acnt + zcnt); 365 } 366 367 struct kinfo_proc * 368 kvm_getprocs(kd, op, arg, cnt) 369 kvm_t *kd; 370 int op, arg; 371 int *cnt; 372 { 373 int mib[4], st, nprocs; 374 size_t size; 375 376 if (kd->procbase != 0) { 377 free((void *)kd->procbase); 378 /* 379 * Clear this pointer in case this call fails. Otherwise, 380 * kvm_close() will free it again. 381 */ 382 kd->procbase = 0; 383 } 384 if (ISALIVE(kd)) { 385 size = 0; 386 mib[0] = CTL_KERN; 387 mib[1] = KERN_PROC; 388 mib[2] = op; 389 mib[3] = arg; 390 st = sysctl(mib, op == KERN_PROC_ALL ? 3 : 4, NULL, &size, NULL, 0); 391 if (st == -1) { 392 _kvm_syserr(kd, kd->program, "kvm_getprocs"); 393 return (0); 394 } 395 do { 396 size += size / 10; 397 kd->procbase = (struct kinfo_proc *) 398 _kvm_realloc(kd, kd->procbase, size); 399 if (kd->procbase == 0) 400 return (0); 401 st = sysctl(mib, op == KERN_PROC_ALL ? 3 : 4, 402 kd->procbase, &size, NULL, 0); 403 } while (st == -1 && errno == ENOMEM); 404 if (st == -1) { 405 _kvm_syserr(kd, kd->program, "kvm_getprocs"); 406 return (0); 407 } 408 if (size > 0 && 409 kd->procbase->ki_structsize != sizeof(struct kinfo_proc)) { 410 _kvm_err(kd, kd->program, 411 "kinfo_proc size mismatch (expected %d, got %d)", 412 sizeof(struct kinfo_proc), 413 kd->procbase->ki_structsize); 414 return (0); 415 } 416 nprocs = size == 0 ? 0 : size / kd->procbase->ki_structsize; 417 } else { 418 struct nlist nl[4], *p; 419 420 nl[0].n_name = "_nprocs"; 421 nl[1].n_name = "_allproc"; 422 nl[2].n_name = "_zombproc"; 423 nl[3].n_name = 0; 424 425 if (kvm_nlist(kd, nl) != 0) { 426 for (p = nl; p->n_type != 0; ++p) 427 ; 428 _kvm_err(kd, kd->program, 429 "%s: no such symbol", p->n_name); 430 return (0); 431 } 432 if (KREAD(kd, nl[0].n_value, &nprocs)) { 433 _kvm_err(kd, kd->program, "can't read nprocs"); 434 return (0); 435 } 436 size = nprocs * sizeof(struct kinfo_proc); 437 kd->procbase = (struct kinfo_proc *)_kvm_malloc(kd, size); 438 if (kd->procbase == 0) 439 return (0); 440 441 nprocs = kvm_deadprocs(kd, op, arg, nl[1].n_value, 442 nl[2].n_value, nprocs); 443 #ifdef notdef 444 size = nprocs * sizeof(struct kinfo_proc); 445 (void)realloc(kd->procbase, size); 446 #endif 447 } 448 *cnt = nprocs; 449 return (kd->procbase); 450 } 451 452 void 453 _kvm_freeprocs(kd) 454 kvm_t *kd; 455 { 456 if (kd->procbase) { 457 free(kd->procbase); 458 kd->procbase = 0; 459 } 460 } 461 462 void * 463 _kvm_realloc(kd, p, n) 464 kvm_t *kd; 465 void *p; 466 size_t n; 467 { 468 void *np = (void *)realloc(p, n); 469 470 if (np == 0) { 471 free(p); 472 _kvm_err(kd, kd->program, "out of memory"); 473 } 474 return (np); 475 } 476 477 #ifndef MAX 478 #define MAX(a, b) ((a) > (b) ? (a) : (b)) 479 #endif 480 481 /* 482 * Read in an argument vector from the user address space of process kp. 483 * addr if the user-space base address of narg null-terminated contiguous 484 * strings. This is used to read in both the command arguments and 485 * environment strings. Read at most maxcnt characters of strings. 486 */ 487 static char ** 488 kvm_argv(kd, kp, addr, narg, maxcnt) 489 kvm_t *kd; 490 struct kinfo_proc *kp; 491 register u_long addr; 492 register int narg; 493 register int maxcnt; 494 { 495 register char *np, *cp, *ep, *ap; 496 register u_long oaddr = -1; 497 register int len, cc; 498 register char **argv; 499 500 /* 501 * Check that there aren't an unreasonable number of agruments, 502 * and that the address is in user space. 503 */ 504 if (narg > 512 || addr < VM_MIN_ADDRESS || addr >= VM_MAXUSER_ADDRESS) 505 return (0); 506 507 /* 508 * kd->argv : work space for fetching the strings from the target 509 * process's space, and is converted for returning to caller 510 */ 511 if (kd->argv == 0) { 512 /* 513 * Try to avoid reallocs. 514 */ 515 kd->argc = MAX(narg + 1, 32); 516 kd->argv = (char **)_kvm_malloc(kd, kd->argc * 517 sizeof(*kd->argv)); 518 if (kd->argv == 0) 519 return (0); 520 } else if (narg + 1 > kd->argc) { 521 kd->argc = MAX(2 * kd->argc, narg + 1); 522 kd->argv = (char **)_kvm_realloc(kd, kd->argv, kd->argc * 523 sizeof(*kd->argv)); 524 if (kd->argv == 0) 525 return (0); 526 } 527 /* 528 * kd->argspc : returned to user, this is where the kd->argv 529 * arrays are left pointing to the collected strings. 530 */ 531 if (kd->argspc == 0) { 532 kd->argspc = (char *)_kvm_malloc(kd, PAGE_SIZE); 533 if (kd->argspc == 0) 534 return (0); 535 kd->arglen = PAGE_SIZE; 536 } 537 /* 538 * kd->argbuf : used to pull in pages from the target process. 539 * the strings are copied out of here. 540 */ 541 if (kd->argbuf == 0) { 542 kd->argbuf = (char *)_kvm_malloc(kd, PAGE_SIZE); 543 if (kd->argbuf == 0) 544 return (0); 545 } 546 547 /* Pull in the target process'es argv vector */ 548 cc = sizeof(char *) * narg; 549 if (kvm_uread(kd, kp, addr, (char *)kd->argv, cc) != cc) 550 return (0); 551 /* 552 * ap : saved start address of string we're working on in kd->argspc 553 * np : pointer to next place to write in kd->argspc 554 * len: length of data in kd->argspc 555 * argv: pointer to the argv vector that we are hunting around the 556 * target process space for, and converting to addresses in 557 * our address space (kd->argspc). 558 */ 559 ap = np = kd->argspc; 560 argv = kd->argv; 561 len = 0; 562 /* 563 * Loop over pages, filling in the argument vector. 564 * Note that the argv strings could be pointing *anywhere* in 565 * the user address space and are no longer contiguous. 566 * Note that *argv is modified when we are going to fetch a string 567 * that crosses a page boundary. We copy the next part of the string 568 * into to "np" and eventually convert the pointer. 569 */ 570 while (argv < kd->argv + narg && *argv != 0) { 571 572 /* get the address that the current argv string is on */ 573 addr = (u_long)*argv & ~(PAGE_SIZE - 1); 574 575 /* is it the same page as the last one? */ 576 if (addr != oaddr) { 577 if (kvm_uread(kd, kp, addr, kd->argbuf, PAGE_SIZE) != 578 PAGE_SIZE) 579 return (0); 580 oaddr = addr; 581 } 582 583 /* offset within the page... kd->argbuf */ 584 addr = (u_long)*argv & (PAGE_SIZE - 1); 585 586 /* cp = start of string, cc = count of chars in this chunk */ 587 cp = kd->argbuf + addr; 588 cc = PAGE_SIZE - addr; 589 590 /* dont get more than asked for by user process */ 591 if (maxcnt > 0 && cc > maxcnt - len) 592 cc = maxcnt - len; 593 594 /* pointer to end of string if we found it in this page */ 595 ep = memchr(cp, '\0', cc); 596 if (ep != 0) 597 cc = ep - cp + 1; 598 /* 599 * at this point, cc is the count of the chars that we are 600 * going to retrieve this time. we may or may not have found 601 * the end of it. (ep points to the null if the end is known) 602 */ 603 604 /* will we exceed the malloc/realloced buffer? */ 605 if (len + cc > kd->arglen) { 606 register int off; 607 register char **pp; 608 register char *op = kd->argspc; 609 610 kd->arglen *= 2; 611 kd->argspc = (char *)_kvm_realloc(kd, kd->argspc, 612 kd->arglen); 613 if (kd->argspc == 0) 614 return (0); 615 /* 616 * Adjust argv pointers in case realloc moved 617 * the string space. 618 */ 619 off = kd->argspc - op; 620 for (pp = kd->argv; pp < argv; pp++) 621 *pp += off; 622 ap += off; 623 np += off; 624 } 625 /* np = where to put the next part of the string in kd->argspc*/ 626 /* np is kinda redundant.. could use "kd->argspc + len" */ 627 memcpy(np, cp, cc); 628 np += cc; /* inc counters */ 629 len += cc; 630 631 /* 632 * if end of string found, set the *argv pointer to the 633 * saved beginning of string, and advance. argv points to 634 * somewhere in kd->argv.. This is initially relative 635 * to the target process, but when we close it off, we set 636 * it to point in our address space. 637 */ 638 if (ep != 0) { 639 *argv++ = ap; 640 ap = np; 641 } else { 642 /* update the address relative to the target process */ 643 *argv += cc; 644 } 645 646 if (maxcnt > 0 && len >= maxcnt) { 647 /* 648 * We're stopping prematurely. Terminate the 649 * current string. 650 */ 651 if (ep == 0) { 652 *np = '\0'; 653 *argv++ = ap; 654 } 655 break; 656 } 657 } 658 /* Make sure argv is terminated. */ 659 *argv = 0; 660 return (kd->argv); 661 } 662 663 static void 664 ps_str_a(p, addr, n) 665 struct ps_strings *p; 666 u_long *addr; 667 int *n; 668 { 669 *addr = (u_long)p->ps_argvstr; 670 *n = p->ps_nargvstr; 671 } 672 673 static void 674 ps_str_e(p, addr, n) 675 struct ps_strings *p; 676 u_long *addr; 677 int *n; 678 { 679 *addr = (u_long)p->ps_envstr; 680 *n = p->ps_nenvstr; 681 } 682 683 /* 684 * Determine if the proc indicated by p is still active. 685 * This test is not 100% foolproof in theory, but chances of 686 * being wrong are very low. 687 */ 688 static int 689 proc_verify(curkp) 690 struct kinfo_proc *curkp; 691 { 692 struct kinfo_proc newkp; 693 int mib[4]; 694 size_t len; 695 696 mib[0] = CTL_KERN; 697 mib[1] = KERN_PROC; 698 mib[2] = KERN_PROC_PID; 699 mib[3] = curkp->ki_pid; 700 len = sizeof(newkp); 701 if (sysctl(mib, 4, &newkp, &len, NULL, 0) == -1) 702 return (0); 703 return (curkp->ki_pid == newkp.ki_pid && 704 (newkp.ki_stat != SZOMB || curkp->ki_stat == SZOMB)); 705 } 706 707 static char ** 708 kvm_doargv(kd, kp, nchr, info) 709 kvm_t *kd; 710 struct kinfo_proc *kp; 711 int nchr; 712 void (*info)(struct ps_strings *, u_long *, int *); 713 { 714 char **ap; 715 u_long addr; 716 int cnt; 717 static struct ps_strings arginfo; 718 static u_long ps_strings; 719 size_t len; 720 721 if (ps_strings == NULL) { 722 len = sizeof(ps_strings); 723 if (sysctlbyname("kern.ps_strings", &ps_strings, &len, NULL, 724 0) == -1) 725 ps_strings = PS_STRINGS; 726 } 727 728 /* 729 * Pointers are stored at the top of the user stack. 730 */ 731 if (kp->ki_stat == SZOMB || 732 kvm_uread(kd, kp, ps_strings, (char *)&arginfo, 733 sizeof(arginfo)) != sizeof(arginfo)) 734 return (0); 735 736 (*info)(&arginfo, &addr, &cnt); 737 if (cnt == 0) 738 return (0); 739 ap = kvm_argv(kd, kp, addr, cnt, nchr); 740 /* 741 * For live kernels, make sure this process didn't go away. 742 */ 743 if (ap != 0 && ISALIVE(kd) && !proc_verify(kp)) 744 ap = 0; 745 return (ap); 746 } 747 748 /* 749 * Get the command args. This code is now machine independent. 750 */ 751 char ** 752 kvm_getargv(kd, kp, nchr) 753 kvm_t *kd; 754 const struct kinfo_proc *kp; 755 int nchr; 756 { 757 int oid[4]; 758 int i; 759 size_t bufsz; 760 static int buflen; 761 static char *buf, *p; 762 static char **bufp; 763 static int argc; 764 765 if (!ISALIVE(kd)) { 766 _kvm_err(kd, kd->program, 767 "cannot read user space from dead kernel"); 768 return (0); 769 } 770 771 if (!buflen) { 772 bufsz = sizeof(buflen); 773 i = sysctlbyname("kern.ps_arg_cache_limit", 774 &buflen, &bufsz, NULL, 0); 775 if (i == -1) { 776 buflen = 0; 777 } else { 778 buf = malloc(buflen); 779 if (buf == NULL) 780 buflen = 0; 781 argc = 32; 782 bufp = malloc(sizeof(char *) * argc); 783 } 784 } 785 if (buf != NULL) { 786 oid[0] = CTL_KERN; 787 oid[1] = KERN_PROC; 788 oid[2] = KERN_PROC_ARGS; 789 oid[3] = kp->ki_pid; 790 bufsz = buflen; 791 i = sysctl(oid, 4, buf, &bufsz, 0, 0); 792 if (i == 0 && bufsz > 0) { 793 i = 0; 794 p = buf; 795 do { 796 bufp[i++] = p; 797 p += strlen(p) + 1; 798 if (i >= argc) { 799 argc += argc; 800 bufp = realloc(bufp, 801 sizeof(char *) * argc); 802 } 803 } while (p < buf + bufsz); 804 bufp[i++] = 0; 805 return (bufp); 806 } 807 } 808 if (kp->ki_flag & P_SYSTEM) 809 return (NULL); 810 return (kvm_doargv(kd, kp, nchr, ps_str_a)); 811 } 812 813 char ** 814 kvm_getenvv(kd, kp, nchr) 815 kvm_t *kd; 816 const struct kinfo_proc *kp; 817 int nchr; 818 { 819 return (kvm_doargv(kd, kp, nchr, ps_str_e)); 820 } 821 822 /* 823 * Read from user space. The user context is given by p. 824 */ 825 ssize_t 826 kvm_uread(kd, kp, uva, buf, len) 827 kvm_t *kd; 828 struct kinfo_proc *kp; 829 register u_long uva; 830 register char *buf; 831 register size_t len; 832 { 833 register char *cp; 834 char procfile[MAXPATHLEN]; 835 ssize_t amount; 836 int fd; 837 838 if (!ISALIVE(kd)) { 839 _kvm_err(kd, kd->program, 840 "cannot read user space from dead kernel"); 841 return (0); 842 } 843 844 sprintf(procfile, "/proc/%d/mem", kp->ki_pid); 845 fd = open(procfile, O_RDONLY, 0); 846 if (fd < 0) { 847 _kvm_err(kd, kd->program, "cannot open %s", procfile); 848 close(fd); 849 return (0); 850 } 851 852 cp = buf; 853 while (len > 0) { 854 errno = 0; 855 if (lseek(fd, (off_t)uva, 0) == -1 && errno != 0) { 856 _kvm_err(kd, kd->program, "invalid address (%x) in %s", 857 uva, procfile); 858 break; 859 } 860 amount = read(fd, cp, len); 861 if (amount < 0) { 862 _kvm_syserr(kd, kd->program, "error reading %s", 863 procfile); 864 break; 865 } 866 if (amount == 0) { 867 _kvm_err(kd, kd->program, "EOF reading %s", procfile); 868 break; 869 } 870 cp += amount; 871 uva += amount; 872 len -= amount; 873 } 874 875 close(fd); 876 return ((ssize_t)(cp - buf)); 877 } 878