| #ifndef PROCPS_PROC_READPROC_H |
| #define PROCPS_PROC_READPROC_H |
| /* |
| * New Interface to Process Table -- PROCTAB Stream (a la Directory streams) |
| * Copyright 1996 Charles L. Blake. |
| * Copyright 1998 Michael K. Johnson |
| * Copyright 1998-2002 Albert Cahalan |
| * May be distributed under the terms of the |
| * GNU Library General Public License, a copy of which is provided |
| * in the file COPYING |
| */ |
| |
| #include "procps.h" |
| |
| #define SIGNAL_STRING |
| |
| #ifdef FLASK_LINUX |
| #include <fs_secure.h> |
| #endif |
| |
| EXTERN_C_BEGIN |
| |
| /* |
| ld cutime, cstime, priority, nice, timeout, it_real_value, rss, |
| c state, |
| d ppid, pgrp, session, tty, tpgid, |
| s signal, blocked, sigignore, sigcatch, |
| lu flags, min_flt, cmin_flt, maj_flt, cmaj_flt, utime, stime, |
| lu rss_rlim, start_code, end_code, start_stack, kstk_esp, kstk_eip, |
| lu start_time, vsize, wchan, nswap, cnswap, |
| */ |
| |
| /* Basic data structure which holds all information we can get about a process. |
| * (unless otherwise specified, fields are read from /proc/#/stat) |
| * |
| * Most of it comes from task_struct in linux/sched.h |
| */ |
| typedef struct proc_t { |
| // 1st 16 bytes |
| int |
| pid, /* process id */ |
| ppid; /* pid of parent process */ |
| unsigned |
| pcpu; /* %CPU usage (is not filled in by readproc!!!) */ |
| char |
| state, /* single-char code for process state (S=sleeping) */ |
| pad_1, /* padding */ |
| pad_2, /* padding */ |
| pad_3; /* padding */ |
| // 2nd 16 bytes |
| unsigned long long |
| utime, /* user-mode CPU time accumulated by process */ |
| stime, /* kernel-mode CPU time accumulated by process */ |
| // and so on... |
| cutime, /* cumulative utime of process and reaped children */ |
| cstime, /* cumulative stime of process and reaped children */ |
| start_time; /* start time of process -- seconds since 1-1-70 */ |
| #ifdef SIGNAL_STRING |
| char |
| /* Linux 2.1.7x and up have 64 signals. Allow 64, plus '\0' and padding. */ |
| signal[18], /* mask of pending signals */ |
| blocked[18], /* mask of blocked signals */ |
| sigignore[18], /* mask of ignored signals */ |
| sigcatch[18]; /* mask of caught signals */ |
| #else |
| long long |
| /* Linux 2.1.7x and up have 64 signals. */ |
| signal, /* mask of pending signals */ |
| blocked, /* mask of blocked signals */ |
| sigignore, /* mask of ignored signals */ |
| sigcatch; /* mask of caught signals */ |
| #endif |
| long |
| priority, /* kernel scheduling priority */ |
| timeout, /* ? */ |
| nice, /* standard unix nice level of process */ |
| rss, /* resident set size from /proc/#/stat (pages) */ |
| it_real_value, /* ? */ |
| /* the next 7 members come from /proc/#/statm */ |
| size, /* total # of pages of memory */ |
| resident, /* number of resident set (non-swapped) pages (4k) */ |
| share, /* number of pages of shared (mmap'd) memory */ |
| trs, /* text resident set size */ |
| lrs, /* shared-lib resident set size */ |
| drs, /* data resident set size */ |
| dt; /* dirty pages */ |
| unsigned long |
| vm_size, /* same as vsize in kb */ |
| vm_lock, /* locked pages in kb */ |
| vm_rss, /* same as rss in kb */ |
| vm_data, /* data size */ |
| vm_stack, /* stack size */ |
| vm_exe, /* executable size */ |
| vm_lib, /* library size (all pages, not just used ones) */ |
| rtprio, /* real-time priority */ |
| sched, /* scheduling class */ |
| vsize, /* number of pages of virtual memory ... */ |
| rss_rlim, /* resident set size limit? */ |
| flags, /* kernel flags for the process */ |
| min_flt, /* number of minor page faults since process start */ |
| maj_flt, /* number of major page faults since process start */ |
| cmin_flt, /* cumulative min_flt of process and child processes */ |
| cmaj_flt, /* cumulative maj_flt of process and child processes */ |
| nswap, /* ? */ |
| cnswap, /* cumulative nswap ? */ |
| start_code, /* address of beginning of code segment */ |
| end_code, /* address of end of code segment */ |
| start_stack, /* address of the bottom of stack for the process */ |
| kstk_esp, /* kernel stack pointer */ |
| kstk_eip, /* kernel instruction pointer */ |
| wchan; /* address of kernel wait channel proc is sleeping in */ |
| char |
| **environ, /* environment string vector (/proc/#/environ) */ |
| **cmdline; /* command line string vector (/proc/#/cmdline) */ |
| char |
| /* Be compatible: Digital allows 16 and NT allows 14 ??? */ |
| ruser[16], /* real user name */ |
| euser[16], /* effective user name */ |
| suser[16], /* saved user name */ |
| fuser[16], /* filesystem user name */ |
| rgroup[16], /* real group name */ |
| egroup[16], /* effective group name */ |
| sgroup[16], /* saved group name */ |
| fgroup[16], /* filesystem group name */ |
| cmd[16]; /* basename of executable file in call to exec(2) */ |
| int |
| ruid, rgid, /* real */ |
| euid, egid, /* effective */ |
| suid, sgid, /* saved */ |
| fuid, fgid, /* fs (used for file access only) */ |
| pgrp, /* process group id */ |
| session, /* session id */ |
| tty, /* full device number of controlling terminal */ |
| tpgid, /* terminal process group id */ |
| exit_signal, /* might not be SIGCHLD */ |
| processor; /* current (or most recent?) CPU */ |
| #ifdef FLASK_LINUX |
| security_id_t secsid; |
| #endif |
| } proc_t; |
| |
| /* PROCTAB: data structure holding the persistent information readproc needs |
| * from openproc(). The setup is intentionally similar to the dirent interface |
| * and other system table interfaces (utmp+wtmp come to mind). |
| */ |
| #include <sys/types.h> |
| #include <dirent.h> |
| #include <unistd.h> |
| typedef struct PROCTAB { |
| DIR* procfs; |
| int flags; |
| pid_t* pids; /* pids of the procs */ |
| uid_t* uids; /* uids of procs */ |
| int nuid; /* cannot really sentinel-terminate unsigned short[] */ |
| #ifdef FLASK_LINUX |
| security_id_t* sids; /* SIDs of the procs */ |
| #endif |
| } PROCTAB; |
| |
| /* initialize a PROCTAB structure holding needed call-to-call persistent data |
| */ |
| extern PROCTAB* openproc(int flags, ... /* pid_t*|uid_t*|dev_t*|char* [, int n] */ ); |
| |
| |
| /* Convenient wrapper around openproc and readproc to slurp in the whole process |
| * table subset satisfying the constraints of flags and the optional PID list. |
| * Free allocated memory with freeproctab(). Access via tab[N]->member. The |
| * pointer list is NULL terminated. |
| */ |
| extern proc_t** readproctab(int flags, ... /* same as openproc */ ); |
| |
| /* clean-up open files, etc from the openproc() |
| */ |
| extern void closeproc(PROCTAB* PT); |
| |
| /* retrieve the next process matching the criteria set by the openproc() |
| */ |
| extern proc_t* readproc(PROCTAB* PT, proc_t* return_buf); |
| extern proc_t* ps_readproc(PROCTAB* PT, proc_t* return_buf); |
| |
| // warning: interface may change |
| extern int read_cmdline(char *restrict const dst, unsigned sz, unsigned pid); |
| |
| extern void look_up_our_self(proc_t *p); |
| |
| /* deallocate space allocated by readproc |
| */ |
| extern void freeproc(proc_t* p); |
| |
| /* openproc/readproctab: |
| * |
| * Return PROCTAB* / *proc_t[] or NULL on error ((probably) "/proc" cannot be |
| * opened.) By default readproc will consider all processes as valid to parse |
| * and return, but not actually fill in the cmdline, environ, and /proc/#/statm |
| * derived memory fields. |
| * |
| * `flags' (a bitwise-or of PROC_* below) modifies the default behavior. The |
| * "fill" options will cause more of the proc_t to be filled in. The "filter" |
| * options all use the second argument as the pointer to a list of objects: |
| * process status', process id's, user id's. The third |
| * argument is the length of the list (currently only used for lists of user |
| * id's since uid_t supports no convenient termination sentinel.) |
| */ |
| #define PROC_FILLMEM 0x0001 /* read statm */ |
| #define PROC_FILLCOM 0x0002 /* alloc and fill in `cmdline' */ |
| #define PROC_FILLENV 0x0004 /* alloc and fill in `environ' */ |
| #define PROC_FILLUSR 0x0008 /* resolve user id number -> user name */ |
| #define PROC_FILLGRP 0x0010 /* resolve group id number -> group name */ |
| #define PROC_FILLSTATUS 0x0020 /* read status -- currently unconditional */ |
| #define PROC_FILLSTAT 0x0040 /* read stat -- currently unconditional */ |
| #define PROC_FILLWCHAN 0x0080 /* look up WCHAN name */ |
| #define PROC_FILLARG 0x0100 /* alloc and fill in `cmdline' */ |
| |
| #define PROC_FILLBUG 0x0fff /* No idea what we need */ |
| #define PROC_FILLANY 0x0000 /* either stat or status will do */ |
| |
| /* Obsolete, consider only processes with one of the passed: */ |
| #define PROC_PID 0x1000 /* process id numbers ( 0 terminated) */ |
| #define PROC_UID 0x4000 /* user id numbers ( length needed ) */ |
| |
| // it helps to give app code a few spare bits |
| #define PROC_SPARE_1 0x01000000 |
| #define PROC_SPARE_2 0x02000000 |
| #define PROC_SPARE_3 0x04000000 |
| #define PROC_SPARE_4 0x08000000 |
| |
| EXTERN_C_END |
| #endif |