diff options
author | rwatson <rwatson@FreeBSD.org> | 2002-10-24 00:00:57 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2002-10-24 00:00:57 +0000 |
commit | c1f79de8c7e95092759b8bf882668ce50bc83a7c (patch) | |
tree | affb696135e5bafb9ef35aa4bddc59b5f810ab27 /bin/ps | |
parent | f39fb18da2b62bda9a9ba207ddb60f83ec48c7e9 (diff) | |
download | FreeBSD-src-c1f79de8c7e95092759b8bf882668ce50bc83a7c.zip FreeBSD-src-c1f79de8c7e95092759b8bf882668ce50bc83a7c.tar.gz |
Use the MAC interface to list process MAC labels rather than using
the LOMAC-specific interface (which is being deprecated). The
revised LOMAC using the MAC framework will export levels listable
using this mechanism.
Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Diffstat (limited to 'bin/ps')
-rw-r--r-- | bin/ps/Makefile | 2 | ||||
-rw-r--r-- | bin/ps/extern.h | 3 | ||||
-rw-r--r-- | bin/ps/keyword.c | 3 | ||||
-rw-r--r-- | bin/ps/lomac.c | 118 | ||||
-rw-r--r-- | bin/ps/lomac.h | 39 | ||||
-rw-r--r-- | bin/ps/print.c | 49 | ||||
-rw-r--r-- | bin/ps/ps.1 | 10 | ||||
-rw-r--r-- | bin/ps/ps.c | 6 |
8 files changed, 58 insertions, 172 deletions
diff --git a/bin/ps/Makefile b/bin/ps/Makefile index b90e8a5..0bebcb4 100644 --- a/bin/ps/Makefile +++ b/bin/ps/Makefile @@ -2,7 +2,7 @@ # @(#)Makefile 8.1 (Berkeley) 6/2/93 PROG= ps -SRCS= fmt.c keyword.c nlist.c print.c ps.c lomac.c +SRCS= fmt.c keyword.c nlist.c print.c ps.c # # To support "lazy" ps for non root/wheel users # add -DLAZY_PS to the cflags. This helps diff --git a/bin/ps/extern.h b/bin/ps/extern.h index c113462..76c4cfb 100644 --- a/bin/ps/extern.h +++ b/bin/ps/extern.h @@ -54,7 +54,7 @@ void elapsed(KINFO *, VARENT *); const char *fmt_argv(char **, char *, size_t); double getpcpu(const KINFO *); void kvar(KINFO *, VARENT *); -void lattr(KINFO *, VARENT *); +void label(KINFO *, VARENT *); void logname(KINFO *, VARENT *); void longtname(KINFO *, VARENT *); void lstarted(KINFO *, VARENT *); @@ -71,6 +71,7 @@ void priorityr(KINFO *, VARENT *); void rgroupname(KINFO *, VARENT *); void runame(KINFO *, VARENT *); void rvar(KINFO *, VARENT *); +int s_label(KINFO *); int s_rgroupname(KINFO *); int s_runame(KINFO *); int s_uname(KINFO *); diff --git a/bin/ps/keyword.c b/bin/ps/keyword.c index b0a1917..82a3674 100644 --- a/bin/ps/keyword.c +++ b/bin/ps/keyword.c @@ -95,13 +95,14 @@ static VAR var[] = { 0}, {"ktrace", "KTRACE", NULL, 0, kvar, NULL, 8, KOFF(ki_traceflag), INT, "x", 0}, + {"label", "LABEL", NULL, LJUST|DSIZ, label, s_label, SHRT_MAX, 0, CHAR, + NULL, 0}, {"lim", "LIM", NULL, 0, maxrss, NULL, 5, 0, CHAR, NULL, 0}, {"login", "LOGIN", NULL, LJUST, logname, NULL, MAXLOGNAME-1, 0, CHAR, NULL, 0}, {"logname", "", "login", 0, NULL, NULL, 0, 0, CHAR, NULL, 0}, {"lstart", "STARTED", NULL, LJUST|USER, lstarted, NULL, 28, 0, CHAR, NULL, 0}, - {"lvl", "LVL", NULL, LJUST, lattr, NULL, 3, 0, CHAR, NULL, 0}, {"majflt", "MAJFLT", NULL, USER, rvar, NULL, 4, ROFF(ru_majflt), LONG, "ld", 0}, {"minflt", "MINFLT", NULL, USER, rvar, NULL, 4, ROFF(ru_minflt), diff --git a/bin/ps/lomac.c b/bin/ps/lomac.c deleted file mode 100644 index ec05d1a..0000000 --- a/bin/ps/lomac.c +++ /dev/null @@ -1,118 +0,0 @@ -/*- - * Copyright (c) 2001 Networks Associates Technology, Inc. - * All rights reserved. - * - * This software was developed for the FreeBSD Project by NAI Labs, the - * Security Research Division of Network Associates, Inc. under - * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA - * CHATS research program. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $Id: lomac.c,v 1.3 2001/11/26 21:04:04 bfeldman Exp $ - */ - -/* - * This file encapsulates ls's use of LOMAC's ioctl interface. ls uses - * this interface to determine the LOMAC attributes of files. - */ - -#include <sys/cdefs.h> -__FBSDID("$FreeBSD$"); - -#include <sys/types.h> -#include <security/lomac/lomacio.h> - -#include <err.h> -#include <fts.h> -#include <fcntl.h> -#include <stdlib.h> -#include <string.h> -#include <stdio.h> -#include <unistd.h> - -#include "lomac.h" - -#define LOMAC_DEVICE "/dev/lomac" - -static int devlomac = -1; /* file descriptor for LOMAC_DEVICE */ - -/* lomac_start() - * - * in: nothing - * out: nothing - * return: nothing - * - * Makes `devlomac' a fd to LOMAC_DEVICE - */ - -static void -lomac_start(void) -{ - if ((devlomac = open(LOMAC_DEVICE, O_RDWR)) == -1) - err(1, "cannot open %s", LOMAC_DEVICE); -} - -/* lomac_stop() - * - * in: nothing - * out: nothing - * return: nothing - * - * Closes `devlomac', the fd to LOMAC_DEVICE. - */ - -void -lomac_stop(void) -{ - - if (devlomac != -1 && close(devlomac) == -1) - err(1, "cannot close %s", LOMAC_DEVICE); -} - -/* get_lattr() - * - * in: pid - pid of process whose level we want to know - * out: nothing - * return: level of proces `pid' - * - * This function uses LOMAC's ioctl interface to determine the LOMAC - * attributes of the process with pid `pid'. - * - * This function presently reports only levels. When LOMAC's ioctl - * interface is expanded to report levels and flags, this function - * will also need expansion. - */ - -int -get_lattr(int pid) -{ - - if (devlomac == -1) - lomac_start(); - if (ioctl(devlomac, LIOGETPLEVEL, &pid) == -1) - err(1, "ioctl"); - return (pid); -} diff --git a/bin/ps/lomac.h b/bin/ps/lomac.h deleted file mode 100644 index d5ea706..0000000 --- a/bin/ps/lomac.h +++ /dev/null @@ -1,39 +0,0 @@ -/*- - * Copyright (c) 2001 Networks Associates Technology, Inc. - * All rights reserved. - * - * This software was developed for the FreeBSD Project by NAI Labs, the - * Security Research Division of Network Associates, Inc. under - * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA - * CHATS research program. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $Id: lomac.h,v 1.2 2001/11/26 19:27:23 bfeldman Exp $ - * $FreeBSD$ - */ - -void lomac_stop(void); -int get_lattr(int); diff --git a/bin/ps/print.c b/bin/ps/print.c index 3fd367a..31a857b 100644 --- a/bin/ps/print.c +++ b/bin/ps/print.c @@ -45,6 +45,7 @@ __FBSDID("$FreeBSD$"); #include <sys/proc.h> #include <sys/stat.h> +#include <sys/mac.h> #include <sys/user.h> #include <sys/sysctl.h> @@ -62,7 +63,6 @@ __FBSDID("$FreeBSD$"); #include <unistd.h> #include <vis.h> -#include "lomac.h" #include "ps.h" #define ps_pgtok(a) (((a) * getpagesize()) / 1024) @@ -726,10 +726,53 @@ rvar(KINFO *k, VARENT *ve) } void -lattr(KINFO *k, VARENT *ve) +label(KINFO *k, VARENT *ve) { + char *string; + mac_t label; + int error; VAR *v; v = ve->var; - (void)printf("%-*d", v->width, get_lattr(k->ki_p->ki_pid)); + string = NULL; + + if (mac_prepare_process_label(&label) == -1) { + perror("mac_prepare_process_label"); + goto out; + } + + error = mac_get_pid(k->ki_p->ki_pid, label); + if (error == 0) { + if (mac_to_text(label, &string) == -1) + string = NULL; + } + mac_free(label); + +out: + if (string != NULL) { + (void)printf("%-*s", v->width, string); + free(string); + } else + (void)printf("%-*s", v->width, ""); + return; +} + +int +s_label(KINFO *k) +{ + char *string = NULL; + mac_t label; + int error, size = 0; + + if (mac_prepare_process_label(&label) == -1) { + perror("mac_prepare_process_label"); + return (0); + } + error = mac_get_pid(k->ki_p->ki_pid, label); + if (error == 0 && mac_to_text(label, &string) == 0) { + size = strlen(string); + free(string); + } + mac_free(label); + return (size); } diff --git a/bin/ps/ps.1 b/bin/ps/ps.1 index be4960c..93c14b5 100644 --- a/bin/ps/ps.1 +++ b/bin/ps/ps.1 @@ -184,7 +184,7 @@ will use as many columns as necessary without regard for your window size. .It Fl x Display information about processes without controlling terminals. .It Fl Z -Add lvl to the list of keywords for which +Add label to the list of keywords for which .Nm will display information. .El @@ -224,14 +224,14 @@ the include file .It Dv "P_OWEUPC" Ta No "0x20000 Owe process an addupc() call at next ast" .It Dv "P_SWAPPING" Ta No "0x40000 Process is being swapped" .El +.It label +The MAC label of the process. .It lim The soft limit on memory used, specified via a call to .Xr setrlimit 2 . .It lstart The exact time the command started, using the ``%c'' format described in .Xr strftime 3 . -.It lvl -The LOMAC level of the process. .It lockname The name of the lock that the process is currently blocked on. If the name is invalid or unknown, then @@ -390,14 +390,14 @@ total blocks read (alias inblock) job control count .It ktrace tracing flags +.It label +MAC label .It lim memoryuse limit .It logname login name of user who started the process .It lstart time started -.It lvl -LOMAC level .It majflt total page faults .It minflt diff --git a/bin/ps/ps.c b/bin/ps/ps.c index 98fec49..acdade0 100644 --- a/bin/ps/ps.c +++ b/bin/ps/ps.c @@ -64,7 +64,6 @@ __FBSDID("$FreeBSD$"); #include <string.h> #include <unistd.h> -#include "lomac.h" #include "ps.h" #define SEP ", \t" /* username separators */ @@ -108,7 +107,7 @@ static char o1[] = "pid"; static char o2[] = "tt,state,time,command"; static char ufmt[] = "user,pid,%cpu,%mem,vsz,rss,tt,state,start,time,command"; static char vfmt[] = "pid,state,time,sl,re,pagein,vsz,rss,lim,tsiz,%cpu,%mem,command"; -static char Zfmt[] = "lvl"; +static char Zfmt[] = "label"; static kvm_t *kd; @@ -410,7 +409,6 @@ main(int argc, char *argv[]) } } free(uids); - lomac_stop(); exit(eval); } @@ -653,7 +651,7 @@ usage(void) { (void)fprintf(stderr, "%s\n%s\n%s\n", - "usage: ps [-aChjlmrSTuvwx] [-O|o fmt] [-p pid] [-t tty] [-U user]", + "usage: ps [-aChjlmrSTuvwxZ] [-O|o fmt] [-p pid] [-t tty] [-U user]", " [-M core] [-N system]", " ps [-L]"); exit(1); |