1 /*- 2 * Copyright (c) 1989, 1992, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software developed by the Computer Systems 6 * Engineering group at Lawrence Berkeley Laboratory under DARPA contract 7 * BG 91-66 and contributed to Berkeley. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed by the University of 20 * California, Berkeley and its contributors. 21 * 4. Neither the name of the University nor the names of its contributors 22 * may be used to endorse or promote products derived from this software 23 * without specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 * 37 * $FreeBSD: src/lib/libkvm/kvm_proc.c,v 1.25.2.3 2002/08/24 07:27:46 kris Exp $ 38 * $DragonFly: src/lib/libkvm/kvm_proc.c,v 1.7 2004/10/25 19:38:45 drhodus Exp $ 39 * 40 * @(#)kvm_proc.c 8.3 (Berkeley) 9/23/93 41 */ 42 43 /* 44 * Proc traversal interface for kvm. ps and w are (probably) the exclusive 45 * users of this code, so we've factored it out into a separate module. 46 * Thus, we keep this grunge out of the other kvm applications (i.e., 47 * most other applications are interested only in open/close/read/nlist). 48 */ 49 50 #include <sys/param.h> 51 #include <sys/user.h> 52 #include <sys/proc.h> 53 #include <sys/exec.h> 54 #include <sys/stat.h> 55 #include <sys/ioctl.h> 56 #include <sys/tty.h> 57 #include <sys/file.h> 58 #include <stdio.h> 59 #include <stdlib.h> 60 #include <unistd.h> 61 #include <nlist.h> 62 #include <kvm.h> 63 64 #include <vm/vm.h> 65 #include <vm/vm_param.h> 66 #include <vm/swap_pager.h> 67 68 #include <sys/sysctl.h> 69 70 #include <limits.h> 71 #include <memory.h> 72 #include <paths.h> 73 74 #include "kvm_private.h" 75 76 #if used 77 static char * 78 kvm_readswap(kvm_t *kd, const struct proc *p, u_long va, u_long *cnt) 79 { 80 #if defined(__FreeBSD__) || defined(__DragonFly__) 81 /* XXX Stubbed out, our vm system is differnet */ 82 _kvm_err(kd, kd->program, "kvm_readswap not implemented"); 83 return(0); 84 #endif 85 } 86 #endif 87 88 #define KREAD(kd, addr, obj) \ 89 (kvm_read(kd, addr, (char *)(obj), sizeof(*obj)) != sizeof(*obj)) 90 91 /* 92 * Read proc's from memory file into buffer bp, which has space to hold 93 * at most maxcnt procs. 94 */ 95 static int 96 kvm_proclist(kvm_t *kd, int what, int arg, struct proc *p, 97 struct kinfo_proc *bp, int maxcnt) 98 { 99 int cnt = 0; 100 struct eproc eproc; 101 struct pgrp pgrp; 102 struct session sess; 103 struct tty tty; 104 struct proc proc; 105 struct thread thread; 106 struct proc pproc; 107 108 for (; cnt < maxcnt && p != NULL; p = proc.p_list.le_next) { 109 if (KREAD(kd, (u_long)p, &proc)) { 110 _kvm_err(kd, kd->program, "can't read proc at %x", p); 111 return (-1); 112 } 113 if (KREAD(kd, (u_long)proc.p_thread, &thread)) { 114 _kvm_err(kd, kd->program, "can't read thread at %x", 115 proc.p_thread); 116 return (-1); 117 } 118 KREAD(kd, (u_long)proc.p_ucred, &eproc.e_ucred); 119 120 switch(what) { 121 122 case KERN_PROC_PID: 123 if (proc.p_pid != (pid_t)arg) 124 continue; 125 break; 126 127 case KERN_PROC_UID: 128 if (eproc.e_ucred.cr_uid != (uid_t)arg) 129 continue; 130 break; 131 132 case KERN_PROC_RUID: 133 if (eproc.e_ucred.cr_ruid != (uid_t)arg) 134 continue; 135 break; 136 } 137 /* 138 * We're going to add another proc to the set. If this 139 * will overflow the buffer, assume the reason is because 140 * nprocs (or the proc list) is corrupt and declare an error. 141 */ 142 if (cnt >= maxcnt) { 143 _kvm_err(kd, kd->program, "nprocs corrupt"); 144 return (-1); 145 } 146 /* 147 * gather eproc 148 */ 149 eproc.e_paddr = p; 150 if (KREAD(kd, (u_long)proc.p_pgrp, &pgrp)) { 151 _kvm_err(kd, kd->program, "can't read pgrp at %x", 152 proc.p_pgrp); 153 return (-1); 154 } 155 if (proc.p_oppid) 156 eproc.e_ppid = proc.p_oppid; 157 else if (proc.p_pptr) { 158 if (KREAD(kd, (u_long)proc.p_pptr, &pproc)) { 159 _kvm_err(kd, kd->program, "can't read pproc at %x", 160 proc.p_pptr); 161 return (-1); 162 } 163 eproc.e_ppid = pproc.p_pid; 164 } else 165 eproc.e_ppid = 0; 166 eproc.e_sess = pgrp.pg_session; 167 eproc.e_pgid = pgrp.pg_id; 168 eproc.e_jobc = pgrp.pg_jobc; 169 if (KREAD(kd, (u_long)pgrp.pg_session, &sess)) { 170 _kvm_err(kd, kd->program, "can't read session at %x", 171 pgrp.pg_session); 172 return (-1); 173 } 174 (void)memcpy(eproc.e_login, sess.s_login, 175 sizeof(eproc.e_login)); 176 if ((proc.p_flag & P_CONTROLT) && sess.s_ttyp != NULL) { 177 if (KREAD(kd, (u_long)sess.s_ttyp, &tty)) { 178 _kvm_err(kd, kd->program, 179 "can't read tty at %x", sess.s_ttyp); 180 return (-1); 181 } 182 eproc.e_tdev = tty.t_dev; 183 eproc.e_tsess = tty.t_session; 184 if (tty.t_pgrp != NULL) { 185 if (KREAD(kd, (u_long)tty.t_pgrp, &pgrp)) { 186 _kvm_err(kd, kd->program, 187 "can't read tpgrp at %x", 188 tty.t_pgrp); 189 return (-1); 190 } 191 eproc.e_tpgid = pgrp.pg_id; 192 } else 193 eproc.e_tpgid = -1; 194 } else 195 eproc.e_tdev = NODEV; 196 eproc.e_flag = sess.s_ttyvp ? EPROC_CTTY : 0; 197 if (sess.s_leader == p) 198 eproc.e_flag |= EPROC_SLEADER; 199 if (thread.td_wmesg) 200 (void)kvm_read(kd, (u_long)thread.td_wmesg, 201 eproc.e_wmesg, WMESGLEN); 202 203 #ifdef sparc 204 (void)kvm_read(kd, (u_long)&proc.p_vmspace->vm_rssize, 205 (char *)&eproc.e_vm.vm_rssize, 206 sizeof(eproc.e_vm.vm_rssize)); 207 (void)kvm_read(kd, (u_long)&proc.p_vmspace->vm_tsize, 208 (char *)&eproc.e_vm.vm_tsize, 209 3 * sizeof(eproc.e_vm.vm_rssize)); /* XXX */ 210 #else 211 (void)kvm_read(kd, (u_long)proc.p_vmspace, 212 (char *)&eproc.e_vm, sizeof(eproc.e_vm)); 213 #endif 214 eproc.e_xsize = eproc.e_xrssize = 0; 215 eproc.e_xccount = eproc.e_xswrss = 0; 216 217 switch (what) { 218 219 case KERN_PROC_PGRP: 220 if (eproc.e_pgid != (pid_t)arg) 221 continue; 222 break; 223 224 case KERN_PROC_TTY: 225 if ((proc.p_flag & P_CONTROLT) == 0 || 226 eproc.e_tdev != (dev_t)arg) 227 continue; 228 break; 229 } 230 bcopy(&proc, &bp->kp_proc, sizeof(proc)); 231 bcopy(&eproc, &bp->kp_eproc, sizeof(eproc)); 232 ++bp; 233 ++cnt; 234 } 235 return (cnt); 236 } 237 238 /* 239 * Build proc info array by reading in proc list from a crash dump. 240 * Return number of procs read. maxcnt is the max we will read. 241 */ 242 static int 243 kvm_deadprocs(kvm_t *kd, int what, int arg, u_long a_allproc, 244 u_long a_zombproc, int maxcnt) 245 { 246 struct kinfo_proc *bp = kd->procbase; 247 int acnt, zcnt; 248 struct proc *p; 249 250 if (KREAD(kd, a_allproc, &p)) { 251 _kvm_err(kd, kd->program, "cannot read allproc"); 252 return (-1); 253 } 254 acnt = kvm_proclist(kd, what, arg, p, bp, maxcnt); 255 if (acnt < 0) 256 return (acnt); 257 258 if (KREAD(kd, a_zombproc, &p)) { 259 _kvm_err(kd, kd->program, "cannot read zombproc"); 260 return (-1); 261 } 262 zcnt = kvm_proclist(kd, what, arg, p, bp + acnt, maxcnt - acnt); 263 if (zcnt < 0) 264 zcnt = 0; 265 266 return (acnt + zcnt); 267 } 268 269 struct kinfo_proc * 270 kvm_getprocs(kvm_t *kd, int op, int arg, int *cnt) 271 { 272 int mib[4], st, nprocs; 273 size_t size; 274 275 if (kd->procbase != 0) { 276 free((void *)kd->procbase); 277 /* 278 * Clear this pointer in case this call fails. Otherwise, 279 * kvm_close() will free it again. 280 */ 281 kd->procbase = 0; 282 } 283 if (ISALIVE(kd)) { 284 size = 0; 285 mib[0] = CTL_KERN; 286 mib[1] = KERN_PROC; 287 mib[2] = op; 288 mib[3] = arg; 289 st = sysctl(mib, op == KERN_PROC_ALL ? 3 : 4, NULL, &size, NULL, 0); 290 if (st == -1) { 291 _kvm_syserr(kd, kd->program, "kvm_getprocs"); 292 return (0); 293 } 294 do { 295 size += size / 10; 296 kd->procbase = (struct kinfo_proc *) 297 _kvm_realloc(kd, kd->procbase, size); 298 if (kd->procbase == 0) 299 return (0); 300 st = sysctl(mib, op == KERN_PROC_ALL ? 3 : 4, 301 kd->procbase, &size, NULL, 0); 302 } while (st == -1 && errno == ENOMEM); 303 if (st == -1) { 304 _kvm_syserr(kd, kd->program, "kvm_getprocs"); 305 return (0); 306 } 307 if (size % sizeof(struct kinfo_proc) != 0) { 308 _kvm_err(kd, kd->program, 309 "proc size mismatch (%d total, %d chunks)", 310 size, sizeof(struct kinfo_proc)); 311 return (0); 312 } 313 nprocs = size / sizeof(struct kinfo_proc); 314 } else { 315 struct nlist nl[4], *p; 316 317 nl[0].n_name = "_nprocs"; 318 nl[1].n_name = "_allproc"; 319 nl[2].n_name = "_zombproc"; 320 nl[3].n_name = 0; 321 322 if (kvm_nlist(kd, nl) != 0) { 323 for (p = nl; p->n_type != 0; ++p) 324 ; 325 _kvm_err(kd, kd->program, 326 "%s: no such symbol", p->n_name); 327 return (0); 328 } 329 if (KREAD(kd, nl[0].n_value, &nprocs)) { 330 _kvm_err(kd, kd->program, "can't read nprocs"); 331 return (0); 332 } 333 size = nprocs * sizeof(struct kinfo_proc); 334 kd->procbase = (struct kinfo_proc *)_kvm_malloc(kd, size); 335 if (kd->procbase == 0) 336 return (0); 337 338 nprocs = kvm_deadprocs(kd, op, arg, nl[1].n_value, 339 nl[2].n_value, nprocs); 340 #ifdef notdef 341 size = nprocs * sizeof(struct kinfo_proc); 342 (void)realloc(kd->procbase, size); 343 #endif 344 } 345 *cnt = nprocs; 346 return (kd->procbase); 347 } 348 349 void 350 _kvm_freeprocs(kvm_t *kd) 351 { 352 if (kd->procbase) { 353 free(kd->procbase); 354 kd->procbase = 0; 355 } 356 } 357 358 void * 359 _kvm_realloc(kvm_t *kd, void *p, size_t n) 360 { 361 void *np = (void *)realloc(p, n); 362 363 if (np == 0) { 364 free(p); 365 _kvm_err(kd, kd->program, "out of memory"); 366 } 367 return (np); 368 } 369 370 #ifndef MAX 371 #define MAX(a, b) ((a) > (b) ? (a) : (b)) 372 #endif 373 374 /* 375 * Read in an argument vector from the user address space of process p. 376 * addr if the user-space base address of narg null-terminated contiguous 377 * strings. This is used to read in both the command arguments and 378 * environment strings. Read at most maxcnt characters of strings. 379 */ 380 static char ** 381 kvm_argv(kvm_t *kd, const struct proc *p, u_long addr, int narg, int maxcnt) 382 { 383 char *np, *cp, *ep, *ap; 384 u_long oaddr = -1; 385 int len, cc; 386 char **argv; 387 388 /* 389 * Check that there aren't an unreasonable number of agruments, 390 * and that the address is in user space. 391 */ 392 if (narg > 512 || addr < VM_MIN_ADDRESS || addr >= VM_MAXUSER_ADDRESS) 393 return (0); 394 395 /* 396 * kd->argv : work space for fetching the strings from the target 397 * process's space, and is converted for returning to caller 398 */ 399 if (kd->argv == 0) { 400 /* 401 * Try to avoid reallocs. 402 */ 403 kd->argc = MAX(narg + 1, 32); 404 kd->argv = (char **)_kvm_malloc(kd, kd->argc * 405 sizeof(*kd->argv)); 406 if (kd->argv == 0) 407 return (0); 408 } else if (narg + 1 > kd->argc) { 409 kd->argc = MAX(2 * kd->argc, narg + 1); 410 kd->argv = (char **)_kvm_realloc(kd, kd->argv, kd->argc * 411 sizeof(*kd->argv)); 412 if (kd->argv == 0) 413 return (0); 414 } 415 /* 416 * kd->argspc : returned to user, this is where the kd->argv 417 * arrays are left pointing to the collected strings. 418 */ 419 if (kd->argspc == 0) { 420 kd->argspc = (char *)_kvm_malloc(kd, PAGE_SIZE); 421 if (kd->argspc == 0) 422 return (0); 423 kd->arglen = PAGE_SIZE; 424 } 425 /* 426 * kd->argbuf : used to pull in pages from the target process. 427 * the strings are copied out of here. 428 */ 429 if (kd->argbuf == 0) { 430 kd->argbuf = (char *)_kvm_malloc(kd, PAGE_SIZE); 431 if (kd->argbuf == 0) 432 return (0); 433 } 434 435 /* Pull in the target process'es argv vector */ 436 cc = sizeof(char *) * narg; 437 if (kvm_uread(kd, p, addr, (char *)kd->argv, cc) != cc) 438 return (0); 439 /* 440 * ap : saved start address of string we're working on in kd->argspc 441 * np : pointer to next place to write in kd->argspc 442 * len: length of data in kd->argspc 443 * argv: pointer to the argv vector that we are hunting around the 444 * target process space for, and converting to addresses in 445 * our address space (kd->argspc). 446 */ 447 ap = np = kd->argspc; 448 argv = kd->argv; 449 len = 0; 450 /* 451 * Loop over pages, filling in the argument vector. 452 * Note that the argv strings could be pointing *anywhere* in 453 * the user address space and are no longer contiguous. 454 * Note that *argv is modified when we are going to fetch a string 455 * that crosses a page boundary. We copy the next part of the string 456 * into to "np" and eventually convert the pointer. 457 */ 458 while (argv < kd->argv + narg && *argv != 0) { 459 460 /* get the address that the current argv string is on */ 461 addr = (u_long)*argv & ~(PAGE_SIZE - 1); 462 463 /* is it the same page as the last one? */ 464 if (addr != oaddr) { 465 if (kvm_uread(kd, p, addr, kd->argbuf, PAGE_SIZE) != 466 PAGE_SIZE) 467 return (0); 468 oaddr = addr; 469 } 470 471 /* offset within the page... kd->argbuf */ 472 addr = (u_long)*argv & (PAGE_SIZE - 1); 473 474 /* cp = start of string, cc = count of chars in this chunk */ 475 cp = kd->argbuf + addr; 476 cc = PAGE_SIZE - addr; 477 478 /* dont get more than asked for by user process */ 479 if (maxcnt > 0 && cc > maxcnt - len) 480 cc = maxcnt - len; 481 482 /* pointer to end of string if we found it in this page */ 483 ep = memchr(cp, '\0', cc); 484 if (ep != 0) 485 cc = ep - cp + 1; 486 /* 487 * at this point, cc is the count of the chars that we are 488 * going to retrieve this time. we may or may not have found 489 * the end of it. (ep points to the null if the end is known) 490 */ 491 492 /* will we exceed the malloc/realloced buffer? */ 493 if (len + cc > kd->arglen) { 494 int off; 495 char **pp; 496 char *op = kd->argspc; 497 498 kd->arglen *= 2; 499 kd->argspc = (char *)_kvm_realloc(kd, kd->argspc, 500 kd->arglen); 501 if (kd->argspc == 0) 502 return (0); 503 /* 504 * Adjust argv pointers in case realloc moved 505 * the string space. 506 */ 507 off = kd->argspc - op; 508 for (pp = kd->argv; pp < argv; pp++) 509 *pp += off; 510 ap += off; 511 np += off; 512 } 513 /* np = where to put the next part of the string in kd->argspc*/ 514 /* np is kinda redundant.. could use "kd->argspc + len" */ 515 memcpy(np, cp, cc); 516 np += cc; /* inc counters */ 517 len += cc; 518 519 /* 520 * if end of string found, set the *argv pointer to the 521 * saved beginning of string, and advance. argv points to 522 * somewhere in kd->argv.. This is initially relative 523 * to the target process, but when we close it off, we set 524 * it to point in our address space. 525 */ 526 if (ep != 0) { 527 *argv++ = ap; 528 ap = np; 529 } else { 530 /* update the address relative to the target process */ 531 *argv += cc; 532 } 533 534 if (maxcnt > 0 && len >= maxcnt) { 535 /* 536 * We're stopping prematurely. Terminate the 537 * current string. 538 */ 539 if (ep == 0) { 540 *np = '\0'; 541 *argv++ = ap; 542 } 543 break; 544 } 545 } 546 /* Make sure argv is terminated. */ 547 *argv = 0; 548 return (kd->argv); 549 } 550 551 static void 552 ps_str_a(struct ps_strings *p, u_long *addr, int *n) 553 { 554 *addr = (u_long)p->ps_argvstr; 555 *n = p->ps_nargvstr; 556 } 557 558 static void 559 ps_str_e(struct ps_strings *p, u_long *addr, int *n) 560 { 561 *addr = (u_long)p->ps_envstr; 562 *n = p->ps_nenvstr; 563 } 564 565 /* 566 * Determine if the proc indicated by p is still active. 567 * This test is not 100% foolproof in theory, but chances of 568 * being wrong are very low. 569 */ 570 static int 571 proc_verify(kvm_t *kd, u_long kernp, const struct proc *p) 572 { 573 struct kinfo_proc kp; 574 int mib[4]; 575 size_t len; 576 577 mib[0] = CTL_KERN; 578 mib[1] = KERN_PROC; 579 mib[2] = KERN_PROC_PID; 580 mib[3] = p->p_pid; 581 len = sizeof(kp); 582 if (sysctl(mib, 4, &kp, &len, NULL, 0) == -1) 583 return (0); 584 return (p->p_pid == kp.kp_proc.p_pid && 585 (kp.kp_proc.p_stat != SZOMB || p->p_stat == SZOMB)); 586 } 587 588 static char ** 589 kvm_doargv(kvm_t *kd, const struct kinfo_proc *kp, int nchr, 590 void (*info)(struct ps_strings *, u_long *, int *)) 591 { 592 const struct proc *p = &kp->kp_proc; 593 char **ap; 594 u_long addr; 595 int cnt; 596 static struct ps_strings arginfo; 597 static u_long ps_strings; 598 size_t len; 599 600 if (ps_strings == NULL) { 601 len = sizeof(ps_strings); 602 if (sysctlbyname("kern.ps_strings", &ps_strings, &len, NULL, 603 0) == -1) 604 ps_strings = PS_STRINGS; 605 } 606 607 /* 608 * Pointers are stored at the top of the user stack. 609 */ 610 if (p->p_stat == SZOMB || 611 kvm_uread(kd, p, ps_strings, (char *)&arginfo, 612 sizeof(arginfo)) != sizeof(arginfo)) 613 return (0); 614 615 (*info)(&arginfo, &addr, &cnt); 616 if (cnt == 0) 617 return (0); 618 ap = kvm_argv(kd, p, addr, cnt, nchr); 619 /* 620 * For live kernels, make sure this process didn't go away. 621 */ 622 if (ap != 0 && ISALIVE(kd) && 623 !proc_verify(kd, (u_long)kp->kp_eproc.e_paddr, p)) 624 ap = 0; 625 return (ap); 626 } 627 628 /* 629 * Get the command args. This code is now machine independent. 630 */ 631 char ** 632 kvm_getargv(kvm_t *kd, const struct kinfo_proc *kp, int nchr) 633 { 634 int oid[4]; 635 int i; 636 size_t bufsz; 637 static unsigned long buflen; 638 static char *buf, *p; 639 static char **bufp; 640 static int argc; 641 642 if (!ISALIVE(kd)) { 643 _kvm_err(kd, kd->program, 644 "cannot read user space from dead kernel"); 645 return (0); 646 } 647 648 if (!buflen) { 649 bufsz = sizeof(buflen); 650 i = sysctlbyname("kern.ps_arg_cache_limit", 651 &buflen, &bufsz, NULL, 0); 652 if (i == -1) { 653 buflen = 0; 654 } else { 655 buf = malloc(buflen); 656 if (buf == NULL) 657 buflen = 0; 658 argc = 32; 659 bufp = malloc(sizeof(char *) * argc); 660 } 661 } 662 if (buf != NULL) { 663 oid[0] = CTL_KERN; 664 oid[1] = KERN_PROC; 665 oid[2] = KERN_PROC_ARGS; 666 oid[3] = kp->kp_proc.p_pid; 667 bufsz = buflen; 668 i = sysctl(oid, 4, buf, &bufsz, 0, 0); 669 if (i == 0 && bufsz > 0) { 670 i = 0; 671 p = buf; 672 do { 673 bufp[i++] = p; 674 p += strlen(p) + 1; 675 if (i >= argc) { 676 argc += argc; 677 bufp = realloc(bufp, 678 sizeof(char *) * argc); 679 } 680 } while (p < buf + bufsz); 681 bufp[i++] = 0; 682 return (bufp); 683 } 684 } 685 if (kp->kp_proc.p_flag & P_SYSTEM) 686 return (NULL); 687 return (kvm_doargv(kd, kp, nchr, ps_str_a)); 688 } 689 690 char ** 691 kvm_getenvv(kvm_t *kd, const struct kinfo_proc *kp, int nchr) 692 { 693 return (kvm_doargv(kd, kp, nchr, ps_str_e)); 694 } 695 696 /* 697 * Read from user space. The user context is given by p. 698 */ 699 ssize_t 700 kvm_uread(kvm_t *kd, const struct proc *p, u_long uva, char *buf, size_t len) 701 { 702 char *cp; 703 char procfile[MAXPATHLEN]; 704 ssize_t amount; 705 int fd; 706 707 if (!ISALIVE(kd)) { 708 _kvm_err(kd, kd->program, 709 "cannot read user space from dead kernel"); 710 return (0); 711 } 712 713 sprintf(procfile, "/proc/%d/mem", p->p_pid); 714 fd = open(procfile, O_RDONLY, 0); 715 if (fd < 0) { 716 _kvm_err(kd, kd->program, "cannot open %s", procfile); 717 close(fd); 718 return (0); 719 } 720 721 cp = buf; 722 while (len > 0) { 723 errno = 0; 724 if (lseek(fd, (off_t)uva, 0) == -1 && errno != 0) { 725 _kvm_err(kd, kd->program, "invalid address (%x) in %s", 726 uva, procfile); 727 break; 728 } 729 amount = read(fd, cp, len); 730 if (amount < 0) { 731 _kvm_syserr(kd, kd->program, "error reading %s", 732 procfile); 733 break; 734 } 735 if (amount == 0) { 736 _kvm_err(kd, kd->program, "EOF reading %s", procfile); 737 break; 738 } 739 cp += amount; 740 uva += amount; 741 len -= amount; 742 } 743 744 close(fd); 745 return ((ssize_t)(cp - buf)); 746 } 747