path: root/proc/readproc.h

#ifndef PROCPS_PROC_READPROC_H
#define PROCPS_PROC_READPROC_H
/*
 * New Interface to Process Table -- PROCTAB Stream (a la Directory streams)
 * Copyright (C) 1996 Charles L. Blake.
 * Copyright (C) 1998 Michael K. Johnson
 * May be distributed under the terms of the
 * GNU Library General Public License, a copy of which is provided
 * in the file COPYING
 */


#define SIGNAL_STRING

#ifdef FLASK_LINUX
#include <fs_secure.h>
#endif

/*
 ld	cutime, cstime, priority, nice, timeout, it_real_value, rss,
 c	state,
 d	ppid, pgrp, session, tty, tpgid,
 s	signal, blocked, sigignore, sigcatch,
 lu	flags, min_flt, cmin_flt, maj_flt, cmaj_flt, utime, stime,
 lu	rss_rlim, start_code, end_code, start_stack, kstk_esp, kstk_eip,
 lu	start_time, vsize, wchan, nswap, cnswap,
*/

/* Basic data structure which holds all information we can get about a process.
 * (unless otherwise specified, fields are read from /proc/#/stat)
 *
 * Most of it comes from task_struct in linux/sched.h
 */
typedef struct proc_t {
// 1st 16 bytes
    int
        pid,		/* process id */
    	ppid;		/* pid of parent process */
    unsigned
        pcpu;           /* %CPU usage (is not filled in by readproc!!!) */
    char
    	state,		/* single-char code for process state (S=sleeping) */
    	pad_1,		/* padding */
    	pad_2,		/* padding */
    	pad_3;		/* padding */
// 2nd 16 bytes
    unsigned long long
	utime,		/* user-mode CPU time accumulated by process */
	stime,		/* kernel-mode CPU time accumulated by process */
// and so on...
	cutime,		/* cumulative utime of process and reaped children */
	cstime,		/* cumulative stime of process and reaped children */
	start_time;	/* start time of process -- seconds since 1-1-70 */
#ifdef SIGNAL_STRING
    char
	/* Linux 2.1.7x and up have 64 signals. Allow 64, plus '\0' and padding. */
	signal[18],	/* mask of pending signals */
	blocked[18],	/* mask of blocked signals */
	sigignore[18],	/* mask of ignored signals */
	sigcatch[18];	/* mask of caught  signals */
#else
    long long
	/* Linux 2.1.7x and up have 64 signals. */
	signal,		/* mask of pending signals */
	blocked,	/* mask of blocked signals */
	sigignore,	/* mask of ignored signals */
	sigcatch;	/* mask of caught  signals */
#endif
    long
	priority,	/* kernel scheduling priority */
	timeout,	/* ? */
	nice,		/* standard unix nice level of process */
	rss,		/* resident set size from /proc/#/stat (pages) */
	it_real_value,	/* ? */
    /* the next 7 members come from /proc/#/statm */
	size,		/* total # of pages of memory */
	resident,	/* number of resident set (non-swapped) pages (4k) */
	share,		/* number of pages of shared (mmap'd) memory */
	trs,		/* text resident set size */
	lrs,		/* shared-lib resident set size */
	drs,		/* data resident set size */
	dt;		/* dirty pages */
    unsigned long
	vm_size,        /* same as vsize in kb */
	vm_lock,        /* locked pages in kb */
	vm_rss,         /* same as rss in kb */
	vm_data,        /* data size */
	vm_stack,       /* stack size */
	vm_exe,         /* executable size */
	vm_lib,         /* library size (all pages, not just used ones) */
	rtprio,		/* real-time priority */
	sched,		/* scheduling class */
	vsize,		/* number of pages of virtual memory ... */
	rss_rlim,	/* resident set size limit? */
	flags,		/* kernel flags for the process */
	min_flt,	/* number of minor page faults since process start */
	maj_flt,	/* number of major page faults since process start */
	cmin_flt,	/* cumulative min_flt of process and child processes */
	cmaj_flt,	/* cumulative maj_flt of process and child processes */
	nswap,		/* ? */
	cnswap,		/* cumulative nswap ? */
	start_code,	/* address of beginning of code segment */
	end_code,	/* address of end of code segment */
	start_stack,	/* address of the bottom of stack for the process */
	kstk_esp,	/* kernel stack pointer */
	kstk_eip,	/* kernel instruction pointer */
	wchan;		/* address of kernel wait channel proc is sleeping in */
    char
	**environ,	/* environment string vector (/proc/#/environ) */
	**cmdline;	/* command line string vector (/proc/#/cmdline) */
    char
	/* Be compatible: Digital allows 16 and NT allows 14 ??? */
    	ruser[16],	/* real user name */
    	euser[16],	/* effective user name */
    	suser[16],	/* saved user name */
    	fuser[16],	/* filesystem user name */
    	rgroup[16],	/* real group name */
    	egroup[16],	/* effective group name */
    	sgroup[16],	/* saved group name */
    	fgroup[16],	/* filesystem group name */
    	cmd[16];	/* basename of executable file in call to exec(2) */
    int
        ruid, rgid,     /* real      */
        euid, egid,     /* effective */
        suid, sgid,     /* saved     */
        fuid, fgid,     /* fs (used for file access only) */
	pgrp,		/* process group id */
	session,	/* session id */
	tty,		/* full device number of controlling terminal */
	tpgid,		/* terminal process group id */
	exit_signal,	/* might not be SIGCHLD */
	processor;      /* current (or most recent?) CPU */
#ifdef FLASK_LINUX
    security_id_t sid;
#endif
} proc_t;

/* PROCTAB: data structure holding the persistent information readproc needs
 * from openproc().  The setup is intentionally similar to the dirent interface
 * and other system table interfaces (utmp+wtmp come to mind).
 */
#include <sys/types.h>
#include <dirent.h>
#include <unistd.h>
typedef struct PROCTAB {
    DIR*	procfs;
    int		flags;
    pid_t*	pids;	/* pids of the procs */
    dev_t*	ttys;	/* devnos of the cttys */
    uid_t*	uids;	/* uids of procs */
    int		nuid;	/* cannot really sentinel-terminate unsigned short[] */
    char*	stats;	/* status chars (actually output into /proc//stat) */
#ifdef FLASK_LINUX
security_id_t* sids; /* SIDs of the procs */
#endif
} PROCTAB;

/* initialize a PROCTAB structure holding needed call-to-call persistent data
 */
extern PROCTAB* openproc(int flags, ... /* pid_t*|uid_t*|dev_t*|char* [, int n] */ );


/* Convenient wrapper around openproc and readproc to slurp in the whole process
 * table subset satisfying the constraints of flags and the optional PID list.
 * Free allocated memory with freeproctab().  Access via tab[N]->member.  The
 * pointer list is NULL terminated.
 */
extern proc_t** readproctab(int flags, ... /* same as openproc */ );

/* clean-up open files, etc from the openproc()
 */
extern void closeproc(PROCTAB* PT);

/* retrieve the next process matching the criteria set by the openproc()
 */
extern proc_t* readproc(PROCTAB* PT, proc_t* return_buf);
extern proc_t* ps_readproc(PROCTAB* PT, proc_t* return_buf);

extern void look_up_our_self(proc_t *p);

/* deallocate space allocated by readproc
 */
extern void freeproc(proc_t* p);

/* openproc/readproctab:
 *   
 * Return PROCTAB* / *proc_t[] or NULL on error ((probably) "/proc" cannot be
 * opened.)  By default readproc will consider all processes as valid to parse
 * and return, but not actually fill in the cmdline, environ, and /proc/#/statm
 * derived memory fields.
 *
 * `flags' (a bitwise-or of PROC_* below) modifies the default behavior.  The
 * "fill" options will cause more of the proc_t to be filled in.  The "filter"
 * options all use the second argument as the pointer to a list of objects:
 * process status', process id's, user id's, and tty device numbers.  The third
 * argument is the length of the list (currently only used for lists of user
 * id's since unsigned short[] supports no convenient termination sentinel.)
 */
#define PROC_FILLMEM    0x0001 /* read statm */
#define PROC_FILLCOM    0x0002 /* alloc and fill in `cmdline' */
#define PROC_FILLENV    0x0004 /* alloc and fill in `environ' */
#define PROC_FILLUSR    0x0008 /* resolve user id number -> user name */
#define PROC_FILLGRP    0x0010 /* resolve group id number -> group name */
#define PROC_FILLSTATUS 0x0020 /* read status -- currently unconditional */
#define PROC_FILLSTAT   0x0040 /* read stat -- currently unconditional */
#define PROC_FILLWCHAN  0x0080 /* look up WCHAN name */
#define PROC_FILLARG    0x1000 /* alloc and fill in `cmdline' */

#define PROC_FILLBUG    0xf0ff /* No idea what we need */
#define PROC_FILLANY    0x0000 /* either stat or status will do */

/* Obsolete, consider only processes with one of the passed: */
#define PROC_PID     0x0100  /* process id numbers ( 0   terminated) */
#define PROC_TTY     0x0200  /* ctty device nos.   ( 0   terminated) */
#define PROC_UID     0x0400  /* user id numbers    ( length needed ) */

#endif