1 /*- 2 * Copyright (c) 1989, 1992, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software developed by the Computer Systems 6 * Engineering group at Lawrence Berkeley Laboratory under DARPA contract 7 * BG 91-66 and contributed to Berkeley. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed by the University of 20 * California, Berkeley and its contributors. 21 * 4. Neither the name of the University nor the names of its contributors 22 * may be used to endorse or promote products derived from this software 23 * without specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 * 37 * $FreeBSD: src/lib/libkvm/kvm_proc.c,v 1.25.2.3 2002/08/24 07:27:46 kris Exp $ 38 * $DragonFly: src/lib/libkvm/kvm_proc.c,v 1.15 2007/05/09 04:33:50 dillon Exp $ 39 * 40 * @(#)kvm_proc.c 8.3 (Berkeley) 9/23/93 41 */ 42 43 /* 44 * Proc traversal interface for kvm. ps and w are (probably) the exclusive 45 * users of this code, so we've factored it out into a separate module. 46 * Thus, we keep this grunge out of the other kvm applications (i.e., 47 * most other applications are interested only in open/close/read/nlist). 48 */ 49 50 #include <sys/user.h> /* MUST BE FIRST */ 51 #include <sys/conf.h> 52 #include <sys/param.h> 53 #include <sys/proc.h> 54 #include <sys/exec.h> 55 #include <sys/stat.h> 56 #include <sys/ioctl.h> 57 #include <sys/tty.h> 58 #include <sys/file.h> 59 #include <sys/jail.h> 60 #include <stdio.h> 61 #include <stdlib.h> 62 #include <unistd.h> 63 #include <nlist.h> 64 #include <kvm.h> 65 66 #include <vm/vm.h> 67 #include <vm/vm_param.h> 68 #include <vm/swap_pager.h> 69 70 #include <sys/sysctl.h> 71 72 #include <limits.h> 73 #include <memory.h> 74 #include <paths.h> 75 76 #include "kvm_private.h" 77 78 #if used 79 static char * 80 kvm_readswap(kvm_t *kd, const struct proc *p, u_long va, u_long *cnt) 81 { 82 #if defined(__FreeBSD__) || defined(__DragonFly__) 83 /* XXX Stubbed out, our vm system is differnet */ 84 _kvm_err(kd, kd->program, "kvm_readswap not implemented"); 85 return(0); 86 #endif 87 } 88 #endif 89 90 #define KREAD(kd, addr, obj) \ 91 (kvm_read(kd, addr, (char *)(obj), sizeof(*obj)) != sizeof(*obj)) 92 93 94 static struct kinfo_proc * 95 kinfo_resize_proc(kvm_t *kd, struct kinfo_proc *bp) 96 { 97 if (bp < kd->procend) 98 return bp; 99 100 size_t pos = bp - kd->procend; 101 size_t size = kd->procend - kd->procbase; 102 103 if (size == 0) 104 size = 8; 105 else 106 size *= 2; 107 kd->procbase = _kvm_realloc(kd, kd->procbase, sizeof(*bp) * size); 108 if (kd->procbase == NULL) 109 return NULL; 110 kd->procend = kd->procbase + size; 111 bp = kd->procbase + pos; 112 return bp; 113 } 114 115 /* 116 * note: this function is also used by /usr/src/sys/kern/kern_kinfo.c as 117 * compiled by userland. 118 */ 119 dev_t 120 dev2udev(cdev_t dev) 121 { 122 if (dev == NULL) 123 return NOUDEV; 124 if ((dev->si_umajor & 0xffffff00) || 125 (dev->si_uminor & 0x0000ff00)) { 126 return NOUDEV; 127 } 128 return((dev->si_umajor << 8) | dev->si_uminor); 129 } 130 131 132 /* 133 * Read proc's from memory file into buffer bp, which has space to hold 134 * at most maxcnt procs. 135 */ 136 static int 137 kvm_proclist(kvm_t *kd, int what, int arg, struct proc *p, 138 struct kinfo_proc *bp) 139 { 140 struct pgrp pgrp; 141 struct pgrp tpgrp; 142 struct session sess; 143 struct tty tty; 144 struct proc proc; 145 struct ucred ucred; 146 struct thread thread; 147 struct proc pproc; 148 struct cdev cdev; 149 struct vmspace vmspace; 150 struct prison prison; 151 struct lwp lwp; 152 uintptr_t lwppos; 153 154 for (; p != NULL; p = proc.p_list.le_next) { 155 if (KREAD(kd, (u_long)p, &proc)) { 156 _kvm_err(kd, kd->program, "can't read proc at %x", p); 157 return (-1); 158 } 159 if (KREAD(kd, (u_long)proc.p_ucred, &ucred)) { 160 _kvm_err(kd, kd->program, "can't read ucred at %p", 161 proc.p_ucred); 162 return (-1); 163 } 164 proc.p_ucred = &ucred; 165 166 switch(what & ~KERN_PROC_FLAGMASK) { 167 168 case KERN_PROC_PID: 169 if (proc.p_pid != (pid_t)arg) 170 continue; 171 break; 172 173 case KERN_PROC_UID: 174 if (ucred.cr_uid != (uid_t)arg) 175 continue; 176 break; 177 178 case KERN_PROC_RUID: 179 if (ucred.cr_ruid != (uid_t)arg) 180 continue; 181 break; 182 } 183 184 if (KREAD(kd, (u_long)proc.p_pgrp, &pgrp)) { 185 _kvm_err(kd, kd->program, "can't read pgrp at %x", 186 proc.p_pgrp); 187 return (-1); 188 } 189 proc.p_pgrp = &pgrp; 190 if (proc.p_pptr) { 191 if (KREAD(kd, (u_long)proc.p_pptr, &pproc)) { 192 _kvm_err(kd, kd->program, "can't read pproc at %x", 193 proc.p_pptr); 194 return (-1); 195 } 196 proc.p_pptr = &pproc; 197 } 198 if (KREAD(kd, (u_long)pgrp.pg_session, &sess)) { 199 _kvm_err(kd, kd->program, "can't read session at %x", 200 pgrp.pg_session); 201 return (-1); 202 } 203 pgrp.pg_session = &sess; 204 205 if ((proc.p_flag & P_CONTROLT) && sess.s_ttyp != NULL) { 206 if (KREAD(kd, (u_long)sess.s_ttyp, &tty)) { 207 _kvm_err(kd, kd->program, 208 "can't read tty at %x", sess.s_ttyp); 209 return (-1); 210 } 211 sess.s_ttyp = &tty; 212 if (tty.t_dev && tty.t_dev != NULL) { 213 if (KREAD(kd, (u_long)tty.t_dev, &cdev)) 214 tty.t_dev = NULL; 215 else 216 tty.t_dev = &cdev; 217 } 218 if (tty.t_pgrp != NULL) { 219 if (KREAD(kd, (u_long)tty.t_pgrp, &tpgrp)) { 220 _kvm_err(kd, kd->program, 221 "can't read tpgrp at %x", 222 tty.t_pgrp); 223 return (-1); 224 } 225 tty.t_pgrp = &tpgrp; 226 } 227 } 228 229 if (KREAD(kd, (u_long)proc.p_vmspace, &vmspace)) { 230 _kvm_err(kd, kd->program, "can't read vmspace at %p", 231 proc.p_vmspace); 232 return (-1); 233 } 234 proc.p_vmspace = &vmspace; 235 236 if (ucred.cr_prison != NULL) { 237 if (KREAD(kd, (u_long)ucred.cr_prison, &prison)) { 238 _kvm_err(kd, kd->program, "can't read prison at %p", 239 ucred.cr_prison); 240 return (-1); 241 } 242 ucred.cr_prison = &prison; 243 } 244 245 switch (what & ~KERN_PROC_FLAGMASK) { 246 247 case KERN_PROC_PGRP: 248 if (proc.p_pgrp->pg_id != (pid_t)arg) 249 continue; 250 break; 251 252 case KERN_PROC_TTY: 253 if ((proc.p_flag & P_CONTROLT) == 0 || 254 dev2udev(proc.p_pgrp->pg_session->s_ttyp->t_dev) 255 != (dev_t)arg) 256 continue; 257 break; 258 } 259 260 if ((bp = kinfo_resize_proc(kd, bp)) == NULL) 261 return (-1); 262 fill_kinfo_proc(&proc, bp); 263 bp->kp_paddr = (uintptr_t)p; 264 265 lwppos = (uintptr_t)proc.p_lwps.lh_first; 266 if (lwppos == 0) 267 bp++; /* Just export the proc then */ 268 while (lwppos != 0) { 269 if (KREAD(kd, lwppos, &lwp)) { 270 _kvm_err(kd, kd->program, "can't read lwp at %p", 271 lwppos); 272 return (-1); 273 } 274 if (p != lwp.lwp_proc) { 275 _kvm_err(kd, kd->program, "lwp has wrong parent"); 276 return (-1); 277 } 278 lwp.lwp_proc = &proc; 279 if (KREAD(kd, (u_long)lwp.lwp_thread, &thread)) { 280 _kvm_err(kd, kd->program, "can't read thread at %x", 281 lwp.lwp_thread); 282 return (-1); 283 } 284 lwp.lwp_thread = &thread; 285 286 if ((bp = kinfo_resize_proc(kd, bp)) == NULL) 287 return (-1); 288 fill_kinfo_proc(&proc, bp); 289 fill_kinfo_lwp(&lwp, &bp->kp_lwp); 290 bp->kp_paddr = (uintptr_t)p; 291 bp++; 292 if ((what & KERN_PROC_FLAG_LWP) == 0) 293 break; 294 295 lwppos = (uintptr_t)lwp.lwp_list.le_next; 296 } 297 } 298 return (0); 299 } 300 301 /* 302 * Build proc info array by reading in proc list from a crash dump. 303 * We reallocate kd->procbase as necessary. 304 */ 305 static int 306 kvm_deadprocs(kvm_t *kd, int what, int arg, u_long a_allproc, 307 u_long a_zombproc) 308 { 309 struct kinfo_proc *bp = kd->procbase; 310 int acnt, zcnt; 311 struct proc *p; 312 313 if (KREAD(kd, a_allproc, &p)) { 314 _kvm_err(kd, kd->program, "cannot read allproc"); 315 return (-1); 316 } 317 acnt = kvm_proclist(kd, what, arg, p, bp); 318 if (acnt < 0) 319 return (acnt); 320 321 if (KREAD(kd, a_zombproc, &p)) { 322 _kvm_err(kd, kd->program, "cannot read zombproc"); 323 return (-1); 324 } 325 zcnt = kvm_proclist(kd, what, arg, p, bp + acnt); 326 if (zcnt < 0) 327 zcnt = 0; 328 329 return (acnt + zcnt); 330 } 331 332 struct kinfo_proc * 333 kvm_getprocs(kvm_t *kd, int op, int arg, int *cnt) 334 { 335 int mib[4], st, nprocs; 336 size_t size; 337 338 if (kd->procbase != 0) { 339 free((void *)kd->procbase); 340 /* 341 * Clear this pointer in case this call fails. Otherwise, 342 * kvm_close() will free it again. 343 */ 344 kd->procbase = 0; 345 } 346 if (ISALIVE(kd)) { 347 size = 0; 348 mib[0] = CTL_KERN; 349 mib[1] = KERN_PROC; 350 mib[2] = op; 351 mib[3] = arg; 352 st = sysctl(mib, op == KERN_PROC_ALL ? 3 : 4, NULL, &size, NULL, 0); 353 if (st == -1) { 354 _kvm_syserr(kd, kd->program, "kvm_getprocs"); 355 return (0); 356 } 357 do { 358 size += size / 10; 359 kd->procbase = (struct kinfo_proc *) 360 _kvm_realloc(kd, kd->procbase, size); 361 if (kd->procbase == 0) 362 return (0); 363 st = sysctl(mib, op == KERN_PROC_ALL ? 3 : 4, 364 kd->procbase, &size, NULL, 0); 365 } while (st == -1 && errno == ENOMEM); 366 if (st == -1) { 367 _kvm_syserr(kd, kd->program, "kvm_getprocs"); 368 return (0); 369 } 370 if (size % sizeof(struct kinfo_proc) != 0) { 371 _kvm_err(kd, kd->program, 372 "proc size mismatch (%d total, %d chunks)", 373 size, sizeof(struct kinfo_proc)); 374 return (0); 375 } 376 nprocs = size / sizeof(struct kinfo_proc); 377 } else { 378 struct nlist nl[4], *p; 379 380 nl[0].n_name = "_nprocs"; 381 nl[1].n_name = "_allproc"; 382 nl[2].n_name = "_zombproc"; 383 nl[3].n_name = 0; 384 385 if (kvm_nlist(kd, nl) != 0) { 386 for (p = nl; p->n_type != 0; ++p) 387 ; 388 _kvm_err(kd, kd->program, 389 "%s: no such symbol", p->n_name); 390 return (0); 391 } 392 if (KREAD(kd, nl[0].n_value, &nprocs)) { 393 _kvm_err(kd, kd->program, "can't read nprocs"); 394 return (0); 395 } 396 nprocs = kvm_deadprocs(kd, op, arg, nl[1].n_value, 397 nl[2].n_value); 398 #ifdef notdef 399 size = nprocs * sizeof(struct kinfo_proc); 400 (void)realloc(kd->procbase, size); 401 #endif 402 } 403 *cnt = nprocs; 404 return (kd->procbase); 405 } 406 407 void 408 _kvm_freeprocs(kvm_t *kd) 409 { 410 if (kd->procbase) { 411 free(kd->procbase); 412 kd->procbase = 0; 413 } 414 } 415 416 void * 417 _kvm_realloc(kvm_t *kd, void *p, size_t n) 418 { 419 void *np = (void *)realloc(p, n); 420 421 if (np == 0) { 422 free(p); 423 _kvm_err(kd, kd->program, "out of memory"); 424 } 425 return (np); 426 } 427 428 #ifndef MAX 429 #define MAX(a, b) ((a) > (b) ? (a) : (b)) 430 #endif 431 432 /* 433 * Read in an argument vector from the user address space of process pid. 434 * addr if the user-space base address of narg null-terminated contiguous 435 * strings. This is used to read in both the command arguments and 436 * environment strings. Read at most maxcnt characters of strings. 437 */ 438 static char ** 439 kvm_argv(kvm_t *kd, pid_t pid, u_long addr, int narg, int maxcnt) 440 { 441 char *np, *cp, *ep, *ap; 442 u_long oaddr = -1; 443 int len, cc; 444 char **argv; 445 446 /* 447 * Check that there aren't an unreasonable number of agruments, 448 * and that the address is in user space. 449 */ 450 if (narg > 512 || 451 addr < VM_MIN_USER_ADDRESS || addr >= VM_MAX_USER_ADDRESS) { 452 return (0); 453 } 454 455 /* 456 * kd->argv : work space for fetching the strings from the target 457 * process's space, and is converted for returning to caller 458 */ 459 if (kd->argv == 0) { 460 /* 461 * Try to avoid reallocs. 462 */ 463 kd->argc = MAX(narg + 1, 32); 464 kd->argv = (char **)_kvm_malloc(kd, kd->argc * 465 sizeof(*kd->argv)); 466 if (kd->argv == 0) 467 return (0); 468 } else if (narg + 1 > kd->argc) { 469 kd->argc = MAX(2 * kd->argc, narg + 1); 470 kd->argv = (char **)_kvm_realloc(kd, kd->argv, kd->argc * 471 sizeof(*kd->argv)); 472 if (kd->argv == 0) 473 return (0); 474 } 475 /* 476 * kd->argspc : returned to user, this is where the kd->argv 477 * arrays are left pointing to the collected strings. 478 */ 479 if (kd->argspc == 0) { 480 kd->argspc = (char *)_kvm_malloc(kd, PAGE_SIZE); 481 if (kd->argspc == 0) 482 return (0); 483 kd->arglen = PAGE_SIZE; 484 } 485 /* 486 * kd->argbuf : used to pull in pages from the target process. 487 * the strings are copied out of here. 488 */ 489 if (kd->argbuf == 0) { 490 kd->argbuf = (char *)_kvm_malloc(kd, PAGE_SIZE); 491 if (kd->argbuf == 0) 492 return (0); 493 } 494 495 /* Pull in the target process'es argv vector */ 496 cc = sizeof(char *) * narg; 497 if (kvm_uread(kd, pid, addr, (char *)kd->argv, cc) != cc) 498 return (0); 499 /* 500 * ap : saved start address of string we're working on in kd->argspc 501 * np : pointer to next place to write in kd->argspc 502 * len: length of data in kd->argspc 503 * argv: pointer to the argv vector that we are hunting around the 504 * target process space for, and converting to addresses in 505 * our address space (kd->argspc). 506 */ 507 ap = np = kd->argspc; 508 argv = kd->argv; 509 len = 0; 510 /* 511 * Loop over pages, filling in the argument vector. 512 * Note that the argv strings could be pointing *anywhere* in 513 * the user address space and are no longer contiguous. 514 * Note that *argv is modified when we are going to fetch a string 515 * that crosses a page boundary. We copy the next part of the string 516 * into to "np" and eventually convert the pointer. 517 */ 518 while (argv < kd->argv + narg && *argv != 0) { 519 520 /* get the address that the current argv string is on */ 521 addr = (u_long)*argv & ~(PAGE_SIZE - 1); 522 523 /* is it the same page as the last one? */ 524 if (addr != oaddr) { 525 if (kvm_uread(kd, pid, addr, kd->argbuf, PAGE_SIZE) != 526 PAGE_SIZE) 527 return (0); 528 oaddr = addr; 529 } 530 531 /* offset within the page... kd->argbuf */ 532 addr = (u_long)*argv & (PAGE_SIZE - 1); 533 534 /* cp = start of string, cc = count of chars in this chunk */ 535 cp = kd->argbuf + addr; 536 cc = PAGE_SIZE - addr; 537 538 /* dont get more than asked for by user process */ 539 if (maxcnt > 0 && cc > maxcnt - len) 540 cc = maxcnt - len; 541 542 /* pointer to end of string if we found it in this page */ 543 ep = memchr(cp, '\0', cc); 544 if (ep != 0) 545 cc = ep - cp + 1; 546 /* 547 * at this point, cc is the count of the chars that we are 548 * going to retrieve this time. we may or may not have found 549 * the end of it. (ep points to the null if the end is known) 550 */ 551 552 /* will we exceed the malloc/realloced buffer? */ 553 if (len + cc > kd->arglen) { 554 int off; 555 char **pp; 556 char *op = kd->argspc; 557 558 kd->arglen *= 2; 559 kd->argspc = (char *)_kvm_realloc(kd, kd->argspc, 560 kd->arglen); 561 if (kd->argspc == 0) 562 return (0); 563 /* 564 * Adjust argv pointers in case realloc moved 565 * the string space. 566 */ 567 off = kd->argspc - op; 568 for (pp = kd->argv; pp < argv; pp++) 569 *pp += off; 570 ap += off; 571 np += off; 572 } 573 /* np = where to put the next part of the string in kd->argspc*/ 574 /* np is kinda redundant.. could use "kd->argspc + len" */ 575 memcpy(np, cp, cc); 576 np += cc; /* inc counters */ 577 len += cc; 578 579 /* 580 * if end of string found, set the *argv pointer to the 581 * saved beginning of string, and advance. argv points to 582 * somewhere in kd->argv.. This is initially relative 583 * to the target process, but when we close it off, we set 584 * it to point in our address space. 585 */ 586 if (ep != 0) { 587 *argv++ = ap; 588 ap = np; 589 } else { 590 /* update the address relative to the target process */ 591 *argv += cc; 592 } 593 594 if (maxcnt > 0 && len >= maxcnt) { 595 /* 596 * We're stopping prematurely. Terminate the 597 * current string. 598 */ 599 if (ep == 0) { 600 *np = '\0'; 601 *argv++ = ap; 602 } 603 break; 604 } 605 } 606 /* Make sure argv is terminated. */ 607 *argv = 0; 608 return (kd->argv); 609 } 610 611 static void 612 ps_str_a(struct ps_strings *p, u_long *addr, int *n) 613 { 614 *addr = (u_long)p->ps_argvstr; 615 *n = p->ps_nargvstr; 616 } 617 618 static void 619 ps_str_e(struct ps_strings *p, u_long *addr, int *n) 620 { 621 *addr = (u_long)p->ps_envstr; 622 *n = p->ps_nenvstr; 623 } 624 625 /* 626 * Determine if the proc indicated by p is still active. 627 * This test is not 100% foolproof in theory, but chances of 628 * being wrong are very low. 629 */ 630 static int 631 proc_verify(kvm_t *kd, const struct kinfo_proc *p) 632 { 633 struct kinfo_proc kp; 634 int mib[4]; 635 size_t len; 636 int error; 637 638 mib[0] = CTL_KERN; 639 mib[1] = KERN_PROC; 640 mib[2] = KERN_PROC_PID; 641 mib[3] = p->kp_pid; 642 643 len = sizeof(kp); 644 error = sysctl(mib, 4, &kp, &len, NULL, 0); 645 if (error) 646 return (0); 647 648 error = (p->kp_pid == kp.kp_pid && 649 (kp.kp_stat != SZOMB || p->kp_stat == SZOMB)); 650 return (error); 651 } 652 653 static char ** 654 kvm_doargv(kvm_t *kd, const struct kinfo_proc *kp, int nchr, 655 void (*info)(struct ps_strings *, u_long *, int *)) 656 { 657 char **ap; 658 u_long addr; 659 int cnt; 660 static struct ps_strings arginfo; 661 static u_long ps_strings; 662 size_t len; 663 664 if (ps_strings == NULL) { 665 len = sizeof(ps_strings); 666 if (sysctlbyname("kern.ps_strings", &ps_strings, &len, NULL, 667 0) == -1) 668 ps_strings = PS_STRINGS; 669 } 670 671 /* 672 * Pointers are stored at the top of the user stack. 673 */ 674 if (kp->kp_stat == SZOMB || 675 kvm_uread(kd, kp->kp_pid, ps_strings, (char *)&arginfo, 676 sizeof(arginfo)) != sizeof(arginfo)) 677 return (0); 678 679 (*info)(&arginfo, &addr, &cnt); 680 if (cnt == 0) 681 return (0); 682 ap = kvm_argv(kd, kp->kp_pid, addr, cnt, nchr); 683 /* 684 * For live kernels, make sure this process didn't go away. 685 */ 686 if (ap != 0 && ISALIVE(kd) && 687 !proc_verify(kd, kp)) 688 ap = 0; 689 return (ap); 690 } 691 692 /* 693 * Get the command args. This code is now machine independent. 694 */ 695 char ** 696 kvm_getargv(kvm_t *kd, const struct kinfo_proc *kp, int nchr) 697 { 698 int oid[4]; 699 int i; 700 size_t bufsz; 701 static unsigned long buflen; 702 static char *buf, *p; 703 static char **bufp; 704 static int argc; 705 706 if (!ISALIVE(kd)) { 707 _kvm_err(kd, kd->program, 708 "cannot read user space from dead kernel"); 709 return (0); 710 } 711 712 if (!buflen) { 713 bufsz = sizeof(buflen); 714 i = sysctlbyname("kern.ps_arg_cache_limit", 715 &buflen, &bufsz, NULL, 0); 716 if (i == -1) { 717 buflen = 0; 718 } else { 719 buf = malloc(buflen); 720 if (buf == NULL) 721 buflen = 0; 722 argc = 32; 723 bufp = malloc(sizeof(char *) * argc); 724 } 725 } 726 if (buf != NULL) { 727 oid[0] = CTL_KERN; 728 oid[1] = KERN_PROC; 729 oid[2] = KERN_PROC_ARGS; 730 oid[3] = kp->kp_pid; 731 bufsz = buflen; 732 i = sysctl(oid, 4, buf, &bufsz, 0, 0); 733 if (i == 0 && bufsz > 0) { 734 i = 0; 735 p = buf; 736 do { 737 bufp[i++] = p; 738 p += strlen(p) + 1; 739 if (i >= argc) { 740 argc += argc; 741 bufp = realloc(bufp, 742 sizeof(char *) * argc); 743 } 744 } while (p < buf + bufsz); 745 bufp[i++] = 0; 746 return (bufp); 747 } 748 } 749 if (kp->kp_flags & P_SYSTEM) 750 return (NULL); 751 return (kvm_doargv(kd, kp, nchr, ps_str_a)); 752 } 753 754 char ** 755 kvm_getenvv(kvm_t *kd, const struct kinfo_proc *kp, int nchr) 756 { 757 return (kvm_doargv(kd, kp, nchr, ps_str_e)); 758 } 759 760 /* 761 * Read from user space. The user context is given by pid. 762 */ 763 ssize_t 764 kvm_uread(kvm_t *kd, pid_t pid, u_long uva, char *buf, size_t len) 765 { 766 char *cp; 767 char procfile[MAXPATHLEN]; 768 ssize_t amount; 769 int fd; 770 771 if (!ISALIVE(kd)) { 772 _kvm_err(kd, kd->program, 773 "cannot read user space from dead kernel"); 774 return (0); 775 } 776 777 sprintf(procfile, "/proc/%d/mem", pid); 778 fd = open(procfile, O_RDONLY, 0); 779 if (fd < 0) { 780 _kvm_err(kd, kd->program, "cannot open %s", procfile); 781 close(fd); 782 return (0); 783 } 784 785 cp = buf; 786 while (len > 0) { 787 errno = 0; 788 if (lseek(fd, (off_t)uva, 0) == -1 && errno != 0) { 789 _kvm_err(kd, kd->program, "invalid address (%x) in %s", 790 uva, procfile); 791 break; 792 } 793 amount = read(fd, cp, len); 794 if (amount < 0) { 795 _kvm_syserr(kd, kd->program, "error reading %s", 796 procfile); 797 break; 798 } 799 if (amount == 0) { 800 _kvm_err(kd, kd->program, "EOF reading %s", procfile); 801 break; 802 } 803 cp += amount; 804 uva += amount; 805 len -= amount; 806 } 807 808 close(fd); 809 return ((ssize_t)(cp - buf)); 810 } 811