1 /* 2 * cn_proc.c - process events connector 3 * 4 * Copyright (C) Matt Helsley, IBM Corp. 2005 5 * Based on cn_fork.c by Guillaume Thouvenin <guillaume.thouvenin@bull.net> 6 * Original copyright notice follows: 7 * Copyright (C) 2005 BULL SA. 8 * 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License as published by 12 * the Free Software Foundation; either version 2 of the License, or 13 * (at your option) any later version. 14 * 15 * This program is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 * GNU General Public License for more details. 19 * 20 * You should have received a copy of the GNU General Public License 21 * along with this program; if not, write to the Free Software 22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 */ 24 25 #include <linux/module.h> 26 #include <linux/kernel.h> 27 #include <linux/ktime.h> 28 #include <linux/init.h> 29 #include <linux/connector.h> 30 #include <linux/gfp.h> 31 #include <linux/ptrace.h> 32 #include <linux/atomic.h> 33 34 #include <asm/unaligned.h> 35 36 #include <linux/cn_proc.h> 37 38 #define CN_PROC_MSG_SIZE (sizeof(struct cn_msg) + sizeof(struct proc_event)) 39 40 static atomic_t proc_event_num_listeners = ATOMIC_INIT(0); 41 static struct cb_id cn_proc_event_id = { CN_IDX_PROC, CN_VAL_PROC }; 42 43 /* proc_event_counts is used as the sequence number of the netlink message */ 44 static DEFINE_PER_CPU(__u32, proc_event_counts) = { 0 }; 45 46 static inline void get_seq(__u32 *ts, int *cpu) 47 { 48 preempt_disable(); 49 *ts = __this_cpu_inc_return(proc_event_counts) -1; 50 *cpu = smp_processor_id(); 51 preempt_enable(); 52 } 53 54 void proc_fork_connector(struct task_struct *task) 55 { 56 struct cn_msg *msg; 57 struct proc_event *ev; 58 __u8 buffer[CN_PROC_MSG_SIZE]; 59 struct timespec ts; 60 struct task_struct *parent; 61 62 if (atomic_read(&proc_event_num_listeners) < 1) 63 return; 64 65 msg = (struct cn_msg*)buffer; 66 ev = (struct proc_event*)msg->data; 67 get_seq(&msg->seq, &ev->cpu); 68 ktime_get_ts(&ts); /* get high res monotonic timestamp */ 69 put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns); 70 ev->what = PROC_EVENT_FORK; 71 rcu_read_lock(); 72 parent = rcu_dereference(task->real_parent); 73 ev->event_data.fork.parent_pid = parent->pid; 74 ev->event_data.fork.parent_tgid = parent->tgid; 75 rcu_read_unlock(); 76 ev->event_data.fork.child_pid = task->pid; 77 ev->event_data.fork.child_tgid = task->tgid; 78 79 memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); 80 msg->ack = 0; /* not used */ 81 msg->len = sizeof(*ev); 82 /* If cn_netlink_send() failed, the data is not sent */ 83 cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); 84 } 85 86 void proc_exec_connector(struct task_struct *task) 87 { 88 struct cn_msg *msg; 89 struct proc_event *ev; 90 struct timespec ts; 91 __u8 buffer[CN_PROC_MSG_SIZE]; 92 93 if (atomic_read(&proc_event_num_listeners) < 1) 94 return; 95 96 msg = (struct cn_msg*)buffer; 97 ev = (struct proc_event*)msg->data; 98 get_seq(&msg->seq, &ev->cpu); 99 ktime_get_ts(&ts); /* get high res monotonic timestamp */ 100 put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns); 101 ev->what = PROC_EVENT_EXEC; 102 ev->event_data.exec.process_pid = task->pid; 103 ev->event_data.exec.process_tgid = task->tgid; 104 105 memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); 106 msg->ack = 0; /* not used */ 107 msg->len = sizeof(*ev); 108 cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); 109 } 110 111 void proc_id_connector(struct task_struct *task, int which_id) 112 { 113 struct cn_msg *msg; 114 struct proc_event *ev; 115 __u8 buffer[CN_PROC_MSG_SIZE]; 116 struct timespec ts; 117 const struct cred *cred; 118 119 if (atomic_read(&proc_event_num_listeners) < 1) 120 return; 121 122 msg = (struct cn_msg*)buffer; 123 ev = (struct proc_event*)msg->data; 124 ev->what = which_id; 125 ev->event_data.id.process_pid = task->pid; 126 ev->event_data.id.process_tgid = task->tgid; 127 rcu_read_lock(); 128 cred = __task_cred(task); 129 if (which_id == PROC_EVENT_UID) { 130 ev->event_data.id.r.ruid = cred->uid; 131 ev->event_data.id.e.euid = cred->euid; 132 } else if (which_id == PROC_EVENT_GID) { 133 ev->event_data.id.r.rgid = cred->gid; 134 ev->event_data.id.e.egid = cred->egid; 135 } else { 136 rcu_read_unlock(); 137 return; 138 } 139 rcu_read_unlock(); 140 get_seq(&msg->seq, &ev->cpu); 141 ktime_get_ts(&ts); /* get high res monotonic timestamp */ 142 put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns); 143 144 memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); 145 msg->ack = 0; /* not used */ 146 msg->len = sizeof(*ev); 147 cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); 148 } 149 150 void proc_sid_connector(struct task_struct *task) 151 { 152 struct cn_msg *msg; 153 struct proc_event *ev; 154 struct timespec ts; 155 __u8 buffer[CN_PROC_MSG_SIZE]; 156 157 if (atomic_read(&proc_event_num_listeners) < 1) 158 return; 159 160 msg = (struct cn_msg *)buffer; 161 ev = (struct proc_event *)msg->data; 162 get_seq(&msg->seq, &ev->cpu); 163 ktime_get_ts(&ts); /* get high res monotonic timestamp */ 164 put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns); 165 ev->what = PROC_EVENT_SID; 166 ev->event_data.sid.process_pid = task->pid; 167 ev->event_data.sid.process_tgid = task->tgid; 168 169 memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); 170 msg->ack = 0; /* not used */ 171 msg->len = sizeof(*ev); 172 cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); 173 } 174 175 void proc_ptrace_connector(struct task_struct *task, int ptrace_id) 176 { 177 struct cn_msg *msg; 178 struct proc_event *ev; 179 struct timespec ts; 180 __u8 buffer[CN_PROC_MSG_SIZE]; 181 182 if (atomic_read(&proc_event_num_listeners) < 1) 183 return; 184 185 msg = (struct cn_msg *)buffer; 186 ev = (struct proc_event *)msg->data; 187 get_seq(&msg->seq, &ev->cpu); 188 ktime_get_ts(&ts); /* get high res monotonic timestamp */ 189 put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns); 190 ev->what = PROC_EVENT_PTRACE; 191 ev->event_data.ptrace.process_pid = task->pid; 192 ev->event_data.ptrace.process_tgid = task->tgid; 193 if (ptrace_id == PTRACE_ATTACH) { 194 ev->event_data.ptrace.tracer_pid = current->pid; 195 ev->event_data.ptrace.tracer_tgid = current->tgid; 196 } else if (ptrace_id == PTRACE_DETACH) { 197 ev->event_data.ptrace.tracer_pid = 0; 198 ev->event_data.ptrace.tracer_tgid = 0; 199 } else 200 return; 201 202 memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); 203 msg->ack = 0; /* not used */ 204 msg->len = sizeof(*ev); 205 cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); 206 } 207 208 void proc_exit_connector(struct task_struct *task) 209 { 210 struct cn_msg *msg; 211 struct proc_event *ev; 212 __u8 buffer[CN_PROC_MSG_SIZE]; 213 struct timespec ts; 214 215 if (atomic_read(&proc_event_num_listeners) < 1) 216 return; 217 218 msg = (struct cn_msg*)buffer; 219 ev = (struct proc_event*)msg->data; 220 get_seq(&msg->seq, &ev->cpu); 221 ktime_get_ts(&ts); /* get high res monotonic timestamp */ 222 put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns); 223 ev->what = PROC_EVENT_EXIT; 224 ev->event_data.exit.process_pid = task->pid; 225 ev->event_data.exit.process_tgid = task->tgid; 226 ev->event_data.exit.exit_code = task->exit_code; 227 ev->event_data.exit.exit_signal = task->exit_signal; 228 229 memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); 230 msg->ack = 0; /* not used */ 231 msg->len = sizeof(*ev); 232 cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); 233 } 234 235 /* 236 * Send an acknowledgement message to userspace 237 * 238 * Use 0 for success, EFOO otherwise. 239 * Note: this is the negative of conventional kernel error 240 * values because it's not being returned via syscall return 241 * mechanisms. 242 */ 243 static void cn_proc_ack(int err, int rcvd_seq, int rcvd_ack) 244 { 245 struct cn_msg *msg; 246 struct proc_event *ev; 247 __u8 buffer[CN_PROC_MSG_SIZE]; 248 struct timespec ts; 249 250 if (atomic_read(&proc_event_num_listeners) < 1) 251 return; 252 253 msg = (struct cn_msg*)buffer; 254 ev = (struct proc_event*)msg->data; 255 msg->seq = rcvd_seq; 256 ktime_get_ts(&ts); /* get high res monotonic timestamp */ 257 put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns); 258 ev->cpu = -1; 259 ev->what = PROC_EVENT_NONE; 260 ev->event_data.ack.err = err; 261 memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); 262 msg->ack = rcvd_ack + 1; 263 msg->len = sizeof(*ev); 264 cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); 265 } 266 267 /** 268 * cn_proc_mcast_ctl 269 * @data: message sent from userspace via the connector 270 */ 271 static void cn_proc_mcast_ctl(struct cn_msg *msg, 272 struct netlink_skb_parms *nsp) 273 { 274 enum proc_cn_mcast_op *mc_op = NULL; 275 int err = 0; 276 277 if (msg->len != sizeof(*mc_op)) 278 return; 279 280 mc_op = (enum proc_cn_mcast_op*)msg->data; 281 switch (*mc_op) { 282 case PROC_CN_MCAST_LISTEN: 283 atomic_inc(&proc_event_num_listeners); 284 break; 285 case PROC_CN_MCAST_IGNORE: 286 atomic_dec(&proc_event_num_listeners); 287 break; 288 default: 289 err = EINVAL; 290 break; 291 } 292 cn_proc_ack(err, msg->seq, msg->ack); 293 } 294 295 /* 296 * cn_proc_init - initialization entry point 297 * 298 * Adds the connector callback to the connector driver. 299 */ 300 static int __init cn_proc_init(void) 301 { 302 int err; 303 304 if ((err = cn_add_callback(&cn_proc_event_id, "cn_proc", 305 &cn_proc_mcast_ctl))) { 306 printk(KERN_WARNING "cn_proc failed to register\n"); 307 return err; 308 } 309 return 0; 310 } 311 312 module_init(cn_proc_init); 313