summaryrefslogtreecommitdiffstats
path: root/usr.bin/procstat
Commit message (Collapse)AuthorAgeFilesLines
...
* | | | | | Use libprocstat(3) when retrieving binary information for a process.trociny2013-04-203-29/+8
| | | | | | | | | | | | | | | | | | | | | | | | MFC after: 1 month
* | | | | | Use procstat_getrlimit(3) for retrieving rlimit information instead oftrociny2013-04-203-18/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | direct sysctl calls. MFC after: 1 month
* | | | | | Use procstat_getumask(3) for retrieving umaks information instead oftrociny2013-04-201-13/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | direct sysctl. MFC after: 1 month
* | | | | | Use procstat_getgroups(3) for retrieving groups information instead oftrociny2013-04-203-30/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | direct sysctl. MFC after: 1 month
* | | | | | Use more generic procstat_getvmmap(3) for retrieving VM layout of a process.trociny2013-04-203-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | MFC after: 1 month
* | | | | | Use procstat_getprocs(3) for retrieving thread information instead oftrociny2013-04-204-66/+17
| |_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | direct sysctl calls. MFC after: 1 month
* | | | | - Implement two new system calls:pjd2013-03-021-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | int bindat(int fd, int s, const struct sockaddr *addr, socklen_t addrlen); int connectat(int fd, int s, const struct sockaddr *name, socklen_t namelen); which allow to bind and connect respectively to a UNIX domain socket with a path relative to the directory associated with the given file descriptor 'fd'. - Add manual pages for the new syscalls. - Make the new syscalls available for processes in capability mode sandbox. - Add capability rights CAP_BINDAT and CAP_CONNECTAT that has to be present on the directory descriptor for the syscalls to work. - Update audit(4) to support those two new syscalls and to handle path in sockaddr_un structure relative to the given directory descriptor. - Update procstat(1) to recognize the new capability rights. - Document the new capability rights in cap_rights_limit(2). Sponsored by: The FreeBSD Foundation Discussed with: rwatson, jilles, kib, des
* | | | | Merge Capsicum overhaul:pjd2013-03-021-17/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Capability is no longer separate descriptor type. Now every descriptor has set of its own capability rights. - The cap_new(2) system call is left, but it is no longer documented and should not be used in new code. - The new syscall cap_rights_limit(2) should be used instead of cap_new(2), which limits capability rights of the given descriptor without creating a new one. - The cap_getrights(2) syscall is renamed to cap_rights_get(2). - If CAP_IOCTL capability right is present we can further reduce allowed ioctls list with the new cap_ioctls_limit(2) syscall. List of allowed ioctls can be retrived with cap_ioctls_get(2) syscall. - If CAP_FCNTL capability right is present we can further reduce fcntls that can be used with the new cap_fcntls_limit(2) syscall and retrive them with cap_fcntls_get(2). - To support ioctl and fcntl white-listing the filedesc structure was heavly modified. - The audit subsystem, kdump and procstat tools were updated to recognize new syscalls. - Capability rights were revised and eventhough I tried hard to provide backward API and ABI compatibility there are some incompatible changes that are described in detail below: CAP_CREATE old behaviour: - Allow for openat(2)+O_CREAT. - Allow for linkat(2). - Allow for symlinkat(2). CAP_CREATE new behaviour: - Allow for openat(2)+O_CREAT. Added CAP_LINKAT: - Allow for linkat(2). ABI: Reuses CAP_RMDIR bit. - Allow to be target for renameat(2). Added CAP_SYMLINKAT: - Allow for symlinkat(2). Removed CAP_DELETE. Old behaviour: - Allow for unlinkat(2) when removing non-directory object. - Allow to be source for renameat(2). Removed CAP_RMDIR. Old behaviour: - Allow for unlinkat(2) when removing directory. Added CAP_RENAMEAT: - Required for source directory for the renameat(2) syscall. Added CAP_UNLINKAT (effectively it replaces CAP_DELETE and CAP_RMDIR): - Allow for unlinkat(2) on any object. - Required if target of renameat(2) exists and will be removed by this call. Removed CAP_MAPEXEC. CAP_MMAP old behaviour: - Allow for mmap(2) with any combination of PROT_NONE, PROT_READ and PROT_WRITE. CAP_MMAP new behaviour: - Allow for mmap(2)+PROT_NONE. Added CAP_MMAP_R: - Allow for mmap(PROT_READ). Added CAP_MMAP_W: - Allow for mmap(PROT_WRITE). Added CAP_MMAP_X: - Allow for mmap(PROT_EXEC). Added CAP_MMAP_RW: - Allow for mmap(PROT_READ | PROT_WRITE). Added CAP_MMAP_RX: - Allow for mmap(PROT_READ | PROT_EXEC). Added CAP_MMAP_WX: - Allow for mmap(PROT_WRITE | PROT_EXEC). Added CAP_MMAP_RWX: - Allow for mmap(PROT_READ | PROT_WRITE | PROT_EXEC). Renamed CAP_MKDIR to CAP_MKDIRAT. Renamed CAP_MKFIFO to CAP_MKFIFOAT. Renamed CAP_MKNODE to CAP_MKNODEAT. CAP_READ old behaviour: - Allow pread(2). - Disallow read(2), readv(2) (if there is no CAP_SEEK). CAP_READ new behaviour: - Allow read(2), readv(2). - Disallow pread(2) (CAP_SEEK was also required). CAP_WRITE old behaviour: - Allow pwrite(2). - Disallow write(2), writev(2) (if there is no CAP_SEEK). CAP_WRITE new behaviour: - Allow write(2), writev(2). - Disallow pwrite(2) (CAP_SEEK was also required). Added convinient defines: #define CAP_PREAD (CAP_SEEK | CAP_READ) #define CAP_PWRITE (CAP_SEEK | CAP_WRITE) #define CAP_MMAP_R (CAP_MMAP | CAP_SEEK | CAP_READ) #define CAP_MMAP_W (CAP_MMAP | CAP_SEEK | CAP_WRITE) #define CAP_MMAP_X (CAP_MMAP | CAP_SEEK | 0x0000000000000008ULL) #define CAP_MMAP_RW (CAP_MMAP_R | CAP_MMAP_W) #define CAP_MMAP_RX (CAP_MMAP_R | CAP_MMAP_X) #define CAP_MMAP_WX (CAP_MMAP_W | CAP_MMAP_X) #define CAP_MMAP_RWX (CAP_MMAP_R | CAP_MMAP_W | CAP_MMAP_X) #define CAP_RECV CAP_READ #define CAP_SEND CAP_WRITE #define CAP_SOCK_CLIENT \ (CAP_CONNECT | CAP_GETPEERNAME | CAP_GETSOCKNAME | CAP_GETSOCKOPT | \ CAP_PEELOFF | CAP_RECV | CAP_SEND | CAP_SETSOCKOPT | CAP_SHUTDOWN) #define CAP_SOCK_SERVER \ (CAP_ACCEPT | CAP_BIND | CAP_GETPEERNAME | CAP_GETSOCKNAME | \ CAP_GETSOCKOPT | CAP_LISTEN | CAP_PEELOFF | CAP_RECV | CAP_SEND | \ CAP_SETSOCKOPT | CAP_SHUTDOWN) Added defines for backward API compatibility: #define CAP_MAPEXEC CAP_MMAP_X #define CAP_DELETE CAP_UNLINKAT #define CAP_MKDIR CAP_MKDIRAT #define CAP_RMDIR CAP_UNLINKAT #define CAP_MKFIFO CAP_MKFIFOAT #define CAP_MKNOD CAP_MKNODAT #define CAP_SOCK_ALL (CAP_SOCK_CLIENT | CAP_SOCK_SERVER) Sponsored by: The FreeBSD Foundation Reviewed by: Christoph Mallon <christoph.mallon@gmx.de> Many aspects discussed with: rwatson, benl, jonathan ABI compatibility discussed with: kib
* | | | | Capability rights for process management via process descriptors do existpjd2013-02-111-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | already, so uncomment them. Sponsored by: The FreeBSD Foundation
* | | | | Add CAP_MKNOD right.pjd2013-02-101-0/+1
| |_|_|/ |/| | | | | | | | | | | Sponsored by: The FreeBSD Foundation
* | | | procstat: only one mode flag can be specified, but required check for 'i'mjg2013-01-121-2/+2
| |/ / |/| | | | | | | | | | | | | | and 'j' modes was missing. Fix that. MFC after: 3 days
* | | add SG state typeeadler2012-10-021-0/+2
| | | | | | | | | | | | | | | | | | | | | PR: bin/171664 Submitted by: Jan Beich jbeich@tormail.org Approved by: cperciva MFC after: 1 week
* | | Handle AT_TIMEKEEP in procstat(1) -x [1]. Remove the AT_COUNT switchkib2012-09-161-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | case, since AT_COUNT is not an aux vector, it is the counter of total number of defined vectors. PR: bin/171662 [1] MFC after: 1 week
* | | Free memory allocated by procstat_getfiles(), which may make differencetrociny2012-09-041-0/+1
| | | | | | | | | | | | | | | | | | | | | when procstat(1) is run with -a option. Submitted by: Daniel Dettlaff <dmilith gmail com> MFC after: 1 week
* | | Align the header with output.trociny2012-07-241-1/+1
| | | | | | | | | | | | MFC after: 3 days
* | | - Add support for displaying process stack memory regions.pgj2012-07-162-2/+8
| |/ |/| | | | | | | Approved by: rwatson MFC after: 3 days
* | Fix style.trociny2012-07-031-2/+2
|/ | | | MFC after: 3 days
* Bring DPADD in sync with LDADD.marcel2012-05-191-1/+1
|
* Export some more useful info about shared memory objects to userlandjhb2012-04-011-8/+2
| | | | | | | | | | | | | | | | | | | via procstat(1) and fstat(1): - Change shm file descriptors to track the pathname they are associated with and add a shm_path() method to copy the path out to a caller-supplied buffer. - Use the fo_stat() method of shared memory objects and shm_path() to export the path, mode, and size of a shared memory object via struct kinfo_file. - Add a struct shmstat to the libprocstat(3) interface along with a procstat_get_shm_info() to export the mode and size of a shared memory object. - Change procstat to always print out the path for a given object if it is valid. - Teach fstat about shared memory objects and to display their path, mode, and size. MFC after: 2 weeks
* Remove trailing whitespace per mdoc lint warningeadler2012-03-291-1/+1
| | | | | | | Disussed with: gavin No objection from: doc Approved by: joel MFC after: 3 days
* When displaying binary information show also osreldate.trociny2012-03-232-3/+17
| | | | | Suggested by: kib MFC after: 2 weeks
* Update the description for -s flag after r232182.pluknet2012-02-291-1/+3
| | | | | | When displaying security credential information show also process umask. X-MFC-with: r232182
* When displaying security credential information show also process umask.trociny2012-02-261-3/+29
| | | | | | Submitted by: Dmitry Banschikov <me ubique spb ru> Discussed with: rwatson MFC after: 2 weeks
* Always return 0 if the sysctl failed.trociny2012-01-291-8/+8
| | | | | | This fixes the bug: when procstat -xa was run and the sysctl for a process returned ESRCH or EPERM, for this process procstat output the result collected for the previous successful process.
* After the recent changes there is no need in rlimit array any more.trociny2012-01-251-6/+5
| | | | | Submitted by: Andrey Zonov <andrey at zonov.org> MFC after: 1 week
* Make procstat -l to work with the new version of kern.proc.rlimit.trociny2012-01-221-10/+11
| | | | | Submitted by: Andrey Zonov <andrey at zonov.org> MFC after: 2 weeks
* Make 64-bit procstat output ELF auxiliary vectors for 32-bit processes.trociny2011-12-121-16/+87
| | | | | Reviewed by: kib MFC after: 1 week
* Make procstat -l output similar to the output of limits(1).trociny2011-12-121-10/+51
| | | | | Suggested by: jhb MFC after: 1 week
* Don't output a warning if kern.proc.auxv sysctl has returned EPERM.trociny2011-12-051-1/+1
| | | | | | After r228288 this is rather a normal situation. MFC after: 1 week
* Update SYNOPSIS to include the flags added recently.trociny2011-11-281-2/+2
| | | | Spotted by: jhb
* Cast a_val on printing. This fixes build on mips.trociny2011-11-281-14/+14
|
* Make proctstat -x output more readable.trociny2011-11-271-55/+39
| | | | | | | | This also fixes the issue, spotted by mdf, with values that were printed as decimal and had hex prefixes. Discussed with: kib, rwatson MFC after: 2 weeks
* usr.bin/procstattrociny2011-11-245-7/+95
| | | | | | | | Add -l flag to display resource limits. PR: bin/161257 Reviewed by: kib MFC after: 2 weeks
* Fix build, hopefully.trociny2011-11-231-33/+42
| | | | Reviewed by: kib
* Add new options, -e and -x, to display process environment variablestrociny2011-11-226-12/+228
| | | | | | and ELF auxiliary vectors. MFC after: 2 weeks
* Bumb date after r227317.trociny2011-11-081-1/+1
| | | | Reminded by: pluknet
* When displaying process virtual memory mappings print superpagetrociny2011-11-072-2/+5
| | | | | | | mapping flag. Submitted by: Mel Flynn <mel.flynn+fbsd.hackers@mailing.thruhere.net> Reviewed by: alc, rwatson
* Updates to libprocstat(3) and procstat(1) to allow monitoring Capsicumrwatson2011-08-145-70/+270
| | | | | | | | | | capability mode and capabilities. Right now no attempt is made to unwrap capabilities when operating on a crashdump, so further refinement is required. Approved by: re (bz) Sponsored by: Google Inc
* Rename ki_ocomm to ki_tdname and OCOMMLEN to TDNAMLEN.bz2011-07-182-6/+6
| | | | | | | | | Provide backward compatibility defines under BURN_BRIDGES. Suggested by: jhb Reviewed by: emaste Sponsored by: Sandvine Incorporated Approved by: re (kib)
* - Commit work from libprocstat project. These patches add support for runtimestas2011-05-1212-187/+182
| | | | | | | | | | | | | | | | | | | | | | | file and processes information retrieval from the running kernel via sysctl in the form of new library, libprocstat. The library also supports KVM backend for analyzing memory crash dumps. Both procstat(1) and fstat(1) utilities have been modified to take advantage of the library (as the bonus point the fstat(1) utility no longer need superuser privileges to operate), and the procstat(1) utility is now able to display information from memory dumps as well. The newly introduced fuser(1) utility also uses this library and able to operate via sysctl and kvm backends. The library is by no means complete (e.g. KVM backend is missing vnode name resolution routines, and there're no manpages for the library itself) so I plan to improve it further. I'm commiting it so it will get wider exposure and review. We won't be able to MFC this work as it relies on changes in HEAD, which was introduced some time ago, that break kernel ABI. OTOH we may be able to merge the library with KVM backend if we really need it there. Discussed with: rwatson
* Add file forgotten in r204879.kib2010-03-081-0/+139
|
* Teach procstat(1) to display some information about signal dispositionkib2010-03-084-8/+84
| | | | | | | and pending/blocked status for signals. Reviewed by: rwatson MFC after: 2 weeks
* Document one more file descriptor type and two more vnode types.antoine2010-02-061-0/+6
| | | | MFC after: 2 weeks
* Build usr.bin/ with WARNS=6 by default.ed2010-01-021-1/+0
| | | | Also add some missing $FreeBSD$ to keep svn happy.
* Revert most part of 200420 as requested, as more review and polish isdelphij2009-12-134-0/+4
| | | | needed.
* Remove unneeded header includes from usr.bin/ except contributed code.delphij2009-12-114-4/+0
| | | | Tested with: make universe
* Update procstat(1) for the fact that devfs paths are no longer unsupported.rwatson2009-08-121-4/+2
| | | | Approved by: re (kib)
* Introduce a new sysctl process mib, kern.proc.groups which adds thebrooks2009-07-241-2/+40
| | | | | | | | | | | | ability to retrieve the group list of each process. Modify procstat's -s option to query this mib when the kinfo_proc reports that the field has been truncated. If the mib does not exist, fall back to the truncated list. Reviewed by: rwatson Approved by: re (kib) MFC after: 2 weeks
* Add a new type of VM object: OBJT_SG. An OBJT_SG object is very similar tojhb2009-07-241-0/+3
| | | | | | | | | | | a device pager (OBJT_DEVICE) object in that it uses fictitious pages to provide aliases to other memory addresses. The primary difference is that it uses an sglist(9) to determine the physical addresses for a given offset into the object instead of invoking the d_mmap() method in a device driver. Reviewed by: alc Approved by: re (kensmith) MFC after: 2 weeks
* Include param.h instead of types.h before user.h so that the nestedrwatson2008-12-299-9/+9
| | | | | | include of param.h can be removed from audit.h. MFC after: 3 weeks
OpenPOWER on IntegriCloud