http://perforce.freebsd.org/chv.cgi?CH=72916

Change 72916 by pjd@pjd_anger on 2005/03/11 18:38:09

	Add ki_jid field which contains process' jail ID.
	If asking process is closed in jail, put 0 into this field for all
	processes.
	
	Teach kvm(3) how to handle prison structure.
	
	Size of kinfo_proc structure verified on: i386, amd64, ia64, sparc64, alpha

Affected files ...

.. //depot/user/pjd/pkill/lib/libkvm/kvm_proc.c#2 edit
.. //depot/user/pjd/pkill/sys/kern/kern_proc.c#2 edit
.. //depot/user/pjd/pkill/sys/sys/user.h#2 edit

Differences ...

==== //depot/user/pjd/pkill/lib/libkvm/kvm_proc.c#2 (text+ko) ====

@@ -54,6 +54,12 @@
 #include <sys/param.h>
 #define _WANT_UCRED	/* make ucred.h give us 'struct ucred' */
 #include <sys/ucred.h>
+#include <sys/queue.h>
+#include <sys/_lock.h>
+#include <sys/_mutex.h>
+#include <sys/_task.h>
+#define _WANT_PRISON	/* make jail.h give us 'struct prison' */
+#include <sys/jail.h>
 #include <sys/user.h>
 #include <sys/proc.h>
 #include <sys/exec.h>
@@ -105,6 +111,7 @@
 	struct sigacts sigacts;
 	struct pstats pstats;
 	struct ucred ucred;
+	struct prison pr;
 	struct thread mtd;
 	/*struct kse mke;*/
 	struct ksegrp mkg;
@@ -159,6 +166,15 @@
 			bcopy(ucred.cr_groups, kp->ki_groups,
 			    NGROUPS * sizeof(gid_t));
 			kp->ki_uid = ucred.cr_uid;
+			if (ucred.cr_prison != NULL) {
+				if (KREAD(kd, (u_long)ucred.cr_prison, &pr)) {
+					_kvm_err(kd, kd->program,
+					    "can't read prison at %x",
+					    ucred.cr_prison);
+					return (-1);
+				}
+				kp->ki_jid = pr.pr_id;
+			}
 		}
 
 		switch(what & ~KERN_PROC_INC_THREAD) {

==== //depot/user/pjd/pkill/sys/kern/kern_proc.c#2 (text+ko) ====

@@ -612,6 +612,7 @@
 	struct tty *tp;
 	struct session *sp;
 	struct timeval tv;
+	struct ucred *cred;
 	struct sigacts *ps;
 
 	p = td->td_proc;
@@ -632,19 +633,28 @@
 #endif
 	kp->ki_fd = p->p_fd;
 	kp->ki_vmspace = p->p_vmspace;
-	if (p->p_ucred) {
-		kp->ki_uid = p->p_ucred->cr_uid;
-		kp->ki_ruid = p->p_ucred->cr_ruid;
-		kp->ki_svuid = p->p_ucred->cr_svuid;
+	kp->ki_flag = p->p_flag;
+	cred = p->p_ucred;
+	if (cred) {
+		kp->ki_uid = cred->cr_uid;
+		kp->ki_ruid = cred->cr_ruid;
+		kp->ki_svuid = cred->cr_svuid;
 		/* XXX bde doesn't like KI_NGROUPS */
-		kp->ki_ngroups = min(p->p_ucred->cr_ngroups, KI_NGROUPS);
-		bcopy(p->p_ucred->cr_groups, kp->ki_groups,
+		kp->ki_ngroups = min(cred->cr_ngroups, KI_NGROUPS);
+		bcopy(cred->cr_groups, kp->ki_groups,
 		    kp->ki_ngroups * sizeof(gid_t));
-		kp->ki_rgid = p->p_ucred->cr_rgid;
-		kp->ki_svgid = p->p_ucred->cr_svgid;
+		kp->ki_rgid = cred->cr_rgid;
+		kp->ki_svgid = cred->cr_svgid;
+		/* If jailed(cred), emulate the old P_JAILED flag. */
+		if (jailed(cred)) {
+			kp->ki_flag |= P_JAILED;
+			/* If inside a jail, use 0 as a jail ID. */
+			if (!jailed(td->td_ucred))
+				kp->ki_jid = cred->cr_prison->pr_id;
+		}
 	}
-	if (p->p_sigacts) {
-		ps = p->p_sigacts;
+	ps = p->p_sigacts;
+	if (ps) {
 		mtx_lock(&ps->ps_mtx);
 		kp->ki_sigignore = ps->ps_sigignore;
 		kp->ki_sigcatch = ps->ps_sigcatch;
@@ -752,7 +762,6 @@
 		kp->ki_childtime = kp->ki_childstime;
 		timevaladd(&kp->ki_childtime, &kp->ki_childutime);
 	}
-	sp = NULL;
 	tp = NULL;
 	if (p->p_pgrp) {
 		kp->ki_pgid = p->p_pgrp->pg_id;
@@ -791,10 +800,6 @@
 	kp->ki_sigmask = td->td_sigmask;
 	kp->ki_xstat = p->p_xstat;
 	kp->ki_acflag = p->p_acflag;
-	kp->ki_flag = p->p_flag;
-	/* If jailed(p->p_ucred), emulate the old P_JAILED flag. */
-	if (jailed(p->p_ucred))
-		kp->ki_flag |= P_JAILED;
 	kp->ki_lock = p->p_lock;
 	if (p->p_pptr)
 		kp->ki_ppid = p->p_pptr->p_pid;

==== //depot/user/pjd/pkill/sys/sys/user.h#2 (text+ko) ====

@@ -74,7 +74,7 @@
  * end of kinfo_proc.  It may need to be overridden on a platform-specific
  * basis as new fields are added.
  */
-#define	KI_NSPARE	16
+#define	KI_NSPARE	15
 
 #ifdef __alpha__
 #define	KINFO_PROC_SIZE	912
@@ -84,7 +84,7 @@
 #endif
 #ifdef __arm__
 #undef KI_NSPARE			/* Fewer spare longs on this arch */
-#define	KI_NSPARE	15
+#define	KI_NSPARE	14
 #define	KINFO_PROC_SIZE	648
 #endif
 #ifdef __ia64__
@@ -92,7 +92,7 @@
 #endif
 #ifdef __i386__
 #undef KI_NSPARE			/* Fewer spare longs on this arch */
-#define	KI_NSPARE	15
+#define	KI_NSPARE	14
 #define	KINFO_PROC_SIZE	648
 #endif
 #ifdef __powerpc__
@@ -187,6 +187,7 @@
 	lwpid_t	ki_tid;			/* XXXKSE thread id */
 	int	ki_numthreads;		/* XXXKSE number of threads in total */
 	void	*ki_udata;		/* User convenience pointer */
+	int	ki_jid;			/* Process jail ID */
 	long	ki_spare[KI_NSPARE];	/* spare room for later growth */
 };
 void fill_kinfo_proc(struct proc *, struct kinfo_proc *);