| 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
 | /*	pst3.c
 *
 *  Third version to get process arg info; this time by using
 *  a combination of reading the /proc/<pid>/psinfo structures
 *  and reading the complete arg vector from kernel memory structures.
 *
 *  Developed and tested under Solaris 5.8 (both 32 and 64 bit modes).
 *
 *  NOTE:  This program must be setuid-root (or run by root) to work!
 *
 *	Written: 2005-04-28	R.W.Ingraham
 */
#define _KMEMUSER	1
#include <kvm.h>
#include <sys/param.h>
#include <sys/user.h>
#include <sys/time.h>
#include <sys/proc.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <procfs.h>
#include <fcntl.h>
#include <dirent.h>
#include <errno.h>
/*
 *	Constants
 */
#define PROC_DIR	"/proc"
#define MAX_PATH	1024
/*
 *	Structures
 */
/*
 *	Globals
 */
static char *        szProg;
static kvm_t *       kd;
static struct proc * pProc;
static struct user * pUser;
static char **       myArgv;
/*
 *	Prototypes
 */
static int HandleFile (struct dirent *pDent);
static int HandlePsInfo (char *szPath, psinfo_t *pPsInfo);
static int GetArgVectors (pid_t pid);
static void ShowArgVectors (void);
static void ReleaseArgVectors();
/*----------------------------------------------------------------------------*/
int main (int argc, char **argv)
{
	DIR *pDir;
	struct dirent *pDent;
	int retcode = 0;
	/* Set our program name global */
	if ((szProg = strrchr(argv[0], '/')) != NULL)
		szProg++;
	else
		szProg = argv[0];
	/* Make sure that our euid is root */
	if (geteuid() != 0)
	{
		fprintf(stderr, "%s: This program can only be run by the root user!\n", szProg);
		exit(1);
	}
	/* Get a handle to the running kernel image */
	if ((kd = kvm_open(NULL, NULL, NULL, O_RDONLY, argv[0])) == NULL)
	{
		fprintf(stderr, "%s: Failed to open kernel memory: %s\n", szProg, strerror(errno));
		exit(2);
	}
	/* Open the /proc directory */
	if ((pDir = opendir(PROC_DIR)) != NULL)
	{
		/* Display column headings */
		printf("S   UID  PPID    VSZ    RSS %%CPU COMMAND ARGS\n");
		/* Zip through all of the process entries */
		while ((pDent = readdir(pDir)) != NULL)
		{
			/* Handle each pid sub-directory */
			HandleFile(pDent);
		}
		/* Close the directory */
		closedir(pDir);
	}
	else	/* ERROR: Failure to open PROC_DIR */
	{
		fprintf(stderr, "%s: Failed to open \"%s\": %s\n", szProg, PROC_DIR, strerror(errno));
		retcode = 3;
	}
	/* Close the handle to the running kernel image */
	kvm_close(kd);
	return retcode;
}
/*----------------------------------------------------------------------------*/
static int HandleFile (struct dirent *pDent)
{
	char szPath[MAX_PATH];
	psinfo_t sPsInfo;
	int fd, len;
	int rc = 0;
	/* Skip files beginning with a "." */
	if (pDent->d_name[0] == '.')
		return 0;
	/* Cosntruct the path to the psinfo file */
	len = sprintf(szPath, "%s/%s/psinfo", PROC_DIR, pDent->d_name);
	/* Open the psinfo file for this pid and print out its arg vectors */
	if ((fd = open(szPath, O_RDONLY)) >= 0)
	{
		/* Read the psinfo struct */
		if ((len = read(fd, &sPsInfo, sizeof(sPsInfo))) != sizeof(sPsInfo))
		{
			rc = errno;
			fprintf(stderr, "%s: Read error of psinfo structure (%d)\n", szPath, len);
			return rc;
		}
		/* Close the psinfo file */
		close(fd);
		/* Pass psinfo struct to reporting function */
		HandlePsInfo(szPath, &sPsInfo);
	}
	else if (errno != ENOENT)
	{
		rc = errno;
		fprintf(stderr, "%s: %s\n", szPath, strerror(errno));
	}
	return 0;
}
/*----------------------------------------------------------------------------*/
static int HandlePsInfo (char *szPath, psinfo_t *pPsInfo)
{
	int retcode;
	char *thisProg;
	/* Make sure that the process is still there */
	if ((retcode = GetArgVectors(pPsInfo->pr_pid)) == 0)
	{
		/* We use the program name from the kvm argv[0] instead
		 * of pr_fname from the psinfo struct because pr_fname
		 * may be truncated.
		 *
		 * Also, strip-off leading path information.
		 */
		if ((thisProg = strrchr(myArgv[0], '/')) != NULL)
			thisProg++;
		else
			thisProg = myArgv[0];
 
		/* Display the ps columns (except for argv) */
		printf("%c %5d %5d %6lu %6lu %4.1f %s ",
			pPsInfo->pr_lwp.pr_sname,
			(int)(pPsInfo->pr_euid),
			(int)(pPsInfo->pr_ppid),
			(unsigned long)(pPsInfo->pr_size),
			(unsigned long)(pPsInfo->pr_rssize),
			((float)(pPsInfo->pr_pctcpu) / 0x8000 * 100.0),
			thisProg);
		/* Display the arg vectors associated with this pid */
		ShowArgVectors();
		/* Release the arg vector buffer memory */
		ReleaseArgVectors();
	}
	return retcode;
}
/*----------------------------------------------------------------------------*/
static int GetArgVectors (pid_t pid)
{
	int retcode = 1;
	/* Get the proc structure for the specified PID */
	if ((pProc = kvm_getproc(kd, pid)) != NULL)
	{
		/* Save a copy of the process' u-area */
		if ((pUser = kvm_getu(kd, pProc)) != NULL)
		{
			/* Reconstruct the process' argv vector array */
			if (kvm_getcmd(kd, pProc, pUser, &myArgv, NULL) == 0)
			{
				retcode = 0;
			}
		}
	}
	return retcode;
}
/*----------------------------------------------------------------------------*/
static void ShowArgVectors (void)
{
	int i;
	for (i=0; myArgv[i]; i++)
	{
		printf(" %s", myArgv[i]);
	}
	printf("\n");
}
/*----------------------------------------------------------------------------*/
static void ReleaseArgVectors()
{
	/* NOOP */
}
/*----------------------------------------------------------------------------*/
 |