📄 process.c

📁 linux进程跟踪的工具和源代码
💻 C
📖 第 1 页 / 共 4 页
字号:
		if (!followfork)			return 0;		if (nprocs == MAX_PROCS) {			tcp->flags &= ~TCB_FOLLOWFORK;			fprintf(stderr, "sys_fork: tcb table full\n");			return 0;		}		tcp->flags |= TCB_FOLLOWFORK;		if (setbpt(tcp) < 0)			return 0;	} else {		int bpt = tcp->flags & TCB_BPTSET;		if (!(tcp->flags & TCB_FOLLOWFORK))			return 0;		if (bpt)			clearbpt(tcp);		if (syserror(tcp))			return 0;		pid = tcp->u_rval;		if ((tcpchild = alloctcb(pid)) == NULL) {			fprintf(stderr, " [tcb table full]\n");			kill(pid, SIGKILL); /* XXX */			return 0;		}		/* Attach to the new child */		if (ptrace(PTRACE_ATTACH, pid, (char *) 1, 0) < 0) {			perror("PTRACE_ATTACH");			fprintf(stderr, "Too late?\n");			droptcb(tcpchild);			return 0;		}		tcpchild->flags |= TCB_ATTACHED;		if (bpt) {			tcpchild->flags |= TCB_BPTSET;			tcpchild->baddr = tcp->baddr;			memcpy(tcpchild->inst, tcp->inst,				sizeof tcpchild->inst);		}		newoutf(tcpchild);		tcp->nchildren++;		if (!qflag)			fprintf(stderr, "Process %d attached\n", pid);	}	return 0;}#endifintinternal_fork(tcp)struct tcb *tcp;{	struct tcb *tcpchild;	int pid;	int dont_follow = 0;#ifdef SYS_vfork	if (tcp->scno == SYS_vfork) {		/* Attempt to make vfork into fork, which we can follow. */		if (!followvfork || 		    change_syscall(tcp, SYS_fork) < 0)			dont_follow = 1;	}#endif	if (entering(tcp)) {		if (!followfork || dont_follow)			return 0;		if (nprocs == MAX_PROCS) {			tcp->flags &= ~TCB_FOLLOWFORK;			fprintf(stderr, "sys_fork: tcb table full\n");			return 0;		}		tcp->flags |= TCB_FOLLOWFORK;		if (setbpt(tcp) < 0)			return 0;  	}	else {		int bpt = tcp->flags & TCB_BPTSET;		if (!(tcp->flags & TCB_FOLLOWFORK))			return 0;		if (bpt)			clearbpt(tcp);		if (syserror(tcp))			return 0;		pid = tcp->u_rval;		if ((tcpchild = alloctcb(pid)) == NULL) {			fprintf(stderr, " [tcb table full]\n");			kill(pid, SIGKILL); /* XXX */			return 0;		}#ifdef LINUX#ifdef HPPA		/* The child must have run before it can be attached. */		/* This must be a bug in the parisc kernel, but I havn't		 * identified it yet.  Seems to be an issue associated		 * with attaching to a process (which sends it a signal)		 * before that process has ever been scheduled.  When		 * debugging, I started seeing crashes in		 * arch/parisc/kernel/signal.c:do_signal(), apparently		 * caused by r8 getting corrupt over the dequeue_signal()		 * call.  Didn't make much sense though...		 */		{			struct timeval tv;			tv.tv_sec = 0;			tv.tv_usec = 10000;			select(0, NULL, NULL, NULL, &tv);		}#endif		if (ptrace(PTRACE_ATTACH, pid, (char *) 1, 0) < 0) {			perror("PTRACE_ATTACH");			fprintf(stderr, "Too late?\n");			droptcb(tcpchild);			return 0;		}#endif /* LINUX */#ifdef SUNOS4#ifdef oldway		/* The child must have run before it can be attached. */		{			struct timeval tv;			tv.tv_sec = 0;			tv.tv_usec = 10000;			select(0, NULL, NULL, NULL, &tv);		}		if (ptrace(PTRACE_ATTACH, pid, (char *)1, 0) < 0) {			perror("PTRACE_ATTACH");			fprintf(stderr, "Too late?\n");			droptcb(tcpchild);			return 0;		}#else /* !oldway */		/* Try to catch the new process as soon as possible. */		{			int i;			for (i = 0; i < 1024; i++)				if (ptrace(PTRACE_ATTACH, pid, (char *) 1, 0) >= 0)					break;			if (i == 1024) {				perror("PTRACE_ATTACH");				fprintf(stderr, "Too late?\n");				droptcb(tcpchild);				return 0;			}		}#endif /* !oldway */#endif /* SUNOS4 */		tcpchild->flags |= TCB_ATTACHED;		/* Child has BPT too, must be removed on first occasion */		if (bpt) {			tcpchild->flags |= TCB_BPTSET;			tcpchild->baddr = tcp->baddr;			memcpy(tcpchild->inst, tcp->inst,				sizeof tcpchild->inst);		}		newoutf(tcpchild);		tcpchild->parent = tcp;		tcp->nchildren++;		if (!qflag)			fprintf(stderr, "Process %d attached\n", pid);	}	return 0;}#endif /* !USE_PROCFS */#if defined(SUNOS4) || defined(LINUX) || defined(FREEBSD)intsys_vfork(tcp)struct tcb *tcp;{	if (exiting(tcp))		return RVAL_UDECIMAL;	return 0;}#endif /* SUNOS4 || LINUX || FREEBSD */#ifndef LINUXstatic char idstr[16];intsys_getpid(tcp)struct tcb *tcp;{	if (exiting(tcp)) {		sprintf(idstr, "ppid %lu", getrval2(tcp));		tcp->auxstr = idstr;		return RVAL_STR;	}	return 0;}intsys_getuid(tcp)struct tcb *tcp;{	if (exiting(tcp)) {		sprintf(idstr, "euid %lu", getrval2(tcp));		tcp->auxstr = idstr;		return RVAL_STR;	}	return 0;}intsys_getgid(tcp)struct tcb *tcp;{	if (exiting(tcp)) {		sprintf(idstr, "egid %lu", getrval2(tcp));		tcp->auxstr = idstr;		return RVAL_STR;	}	return 0;}#endif /* !LINUX */#ifdef LINUXintsys_setuid(tcp)struct tcb *tcp;{	if (entering(tcp)) {		tprintf("%u", (uid_t) tcp->u_arg[0]);	}	return 0;}intsys_setgid(tcp)struct tcb *tcp;{	if (entering(tcp)) {		tprintf("%u", (gid_t) tcp->u_arg[0]);	}	return 0;}intsys_getresuid(tcp)    struct tcb *tcp;{	if (exiting(tcp)) {		__kernel_uid_t uid;		if (syserror(tcp))			tprintf("%#lx, %#lx, %#lx", tcp->u_arg[0],				tcp->u_arg[1], tcp->u_arg[2]);		else {			if (umove(tcp, tcp->u_arg[0], &uid) < 0)				tprintf("%#lx, ", tcp->u_arg[0]);			else				tprintf("ruid %lu, ", (unsigned long) uid);			if (umove(tcp, tcp->u_arg[0], &uid) < 0)				tprintf("%#lx, ", tcp->u_arg[0]);			else				tprintf("euid %lu, ", (unsigned long) uid);			if (umove(tcp, tcp->u_arg[0], &uid) < 0)				tprintf("%#lx", tcp->u_arg[0]);			else				tprintf("suid %lu", (unsigned long) uid);		}	}	return 0;}intsys_getresgid(tcp)struct tcb *tcp;{	if (exiting(tcp)) {		__kernel_gid_t gid;		if (syserror(tcp))			tprintf("%#lx, %#lx, %#lx", tcp->u_arg[0],				tcp->u_arg[1], tcp->u_arg[2]);		else {			if (umove(tcp, tcp->u_arg[0], &gid) < 0)				tprintf("%#lx, ", tcp->u_arg[0]);			else				tprintf("rgid %lu, ", (unsigned long) gid);			if (umove(tcp, tcp->u_arg[0], &gid) < 0)				tprintf("%#lx, ", tcp->u_arg[0]);			else				tprintf("egid %lu, ", (unsigned long) gid);			if (umove(tcp, tcp->u_arg[0], &gid) < 0)				tprintf("%#lx", tcp->u_arg[0]);			else				tprintf("sgid %lu", (unsigned long) gid);		}	}	return 0;}#endif /* LINUX */intsys_setreuid(tcp)struct tcb *tcp;{	if (entering(tcp)) {		tprintf("%lu, %lu",			(unsigned long) (uid_t) tcp->u_arg[0],			(unsigned long) (uid_t) tcp->u_arg[1]);	}	return 0;}intsys_setregid(tcp)struct tcb *tcp;{	if (entering(tcp)) {		tprintf("%lu, %lu",			(unsigned long) (gid_t) tcp->u_arg[0],			(unsigned long) (gid_t) tcp->u_arg[1]);	}	return 0;}#if defined(LINUX) || defined(FREEBSD)intsys_setresuid(tcp)     struct tcb *tcp;{	if (entering(tcp)) {		tprintf("ruid %u, euid %u, suid %u",				(uid_t) tcp->u_arg[0],				(uid_t) tcp->u_arg[1],				(uid_t) tcp->u_arg[2]);	}	return 0;}intsys_setresgid(tcp)     struct tcb *tcp;{	if (entering(tcp)) {		tprintf("rgid %u, egid %u, sgid %u",				(uid_t) tcp->u_arg[0],				(uid_t) tcp->u_arg[1],				(uid_t) tcp->u_arg[2]);	}	return 0;}#endif /* LINUX || FREEBSD */intsys_setgroups(tcp)struct tcb *tcp;{	int i, len;	GETGROUPS_T *gidset;	if (entering(tcp)) {		len = tcp->u_arg[0];		tprintf("%u, ", len);		if (len <= 0) {			tprintf("[]");			return 0;		}		gidset = (GETGROUPS_T *) malloc(len * sizeof(GETGROUPS_T));		if (gidset == NULL) {			fprintf(stderr, "sys_setgroups: out of memory\n");			return -1;		}		if (!verbose(tcp))			tprintf("%#lx", tcp->u_arg[1]);		else if (umoven(tcp, tcp->u_arg[1],		    len * sizeof(GETGROUPS_T), (char *) gidset) < 0)			tprintf("[?]");		else {			tprintf("[");			for (i = 0; i < len; i++)				tprintf("%s%lu", i ? ", " : "",					(unsigned long) gidset[i]);			tprintf("]");		}		free((char *) gidset);	}	return 0;}intsys_getgroups(tcp)struct tcb *tcp;{	int i, len;	GETGROUPS_T *gidset;	if (entering(tcp)) {		len = tcp->u_arg[0];		tprintf("%u, ", len);	} else {		len = tcp->u_rval;		if (len <= 0) {			tprintf("[]");			return 0;		}		gidset = (GETGROUPS_T *) malloc(len * sizeof(GETGROUPS_T));		if (gidset == NULL) {			fprintf(stderr, "sys_getgroups: out of memory\n");			return -1;		}		if (!tcp->u_arg[1])			tprintf("NULL");		else if (!verbose(tcp) || tcp->u_arg[0] == 0)			tprintf("%#lx", tcp->u_arg[1]);		else if (umoven(tcp, tcp->u_arg[1],		    len * sizeof(GETGROUPS_T), (char *) gidset) < 0)			tprintf("[?]");		else {			tprintf("[");			for (i = 0; i < len; i++)				tprintf("%s%lu", i ? ", " : "",					(unsigned long) gidset[i]);			tprintf("]");		}		free((char *)gidset);	}	return 0;}intsys_setpgrp(tcp)struct tcb *tcp;{	if (entering(tcp)) {#ifndef SVR4		tprintf("%lu, %lu", tcp->u_arg[0], tcp->u_arg[1]);#endif /* !SVR4 */	}	return 0;}intsys_getpgrp(tcp)struct tcb *tcp;{	if (entering(tcp)) {#ifndef SVR4		tprintf("%lu", tcp->u_arg[0]);#endif /* !SVR4 */	}	return 0;}intsys_getsid(tcp)struct tcb *tcp;{	if (entering(tcp)) {		tprintf("%lu", tcp->u_arg[0]);	}	return 0;}intsys_setsid(tcp)struct tcb *tcp;{	return 0;}intsys_getpgid(tcp)struct tcb *tcp;{	if (entering(tcp)) {		tprintf("%lu", tcp->u_arg[0]);	}	return 0;}intsys_setpgid(tcp)struct tcb *tcp;{	if (entering(tcp)) {		tprintf("%lu, %lu", tcp->u_arg[0], tcp->u_arg[1]);	}	return 0;}voidfake_execve(tcp, program, argv, envp)struct tcb *tcp;char *program;char *argv[];char *envp[];{	int i;#ifdef ARM	if (!(qual_flags[SYS_execve - __NR_SYSCALL_BASE] & QUAL_TRACE))		return;#else	if (!(qual_flags[SYS_execve] & QUAL_TRACE))		return;#endif /* !ARM */	printleader(tcp);	tprintf("execve(");	string_quote(program);	tprintf(", [");	for (i = 0; argv[i] != NULL; i++) {		if (i != 0)			tprintf(", ");		string_quote(argv[i]);	}	for (i = 0; envp[i] != NULL; i++)		;	tprintf("], [/* %d var%s */]) ", i, (i != 1) ? "s" : "");	tabto(acolumn);	tprintf("= 0");	printtrailer(tcp);}static voidprintargv(tcp, addr)struct tcb *tcp;long addr;{	char *cp;	char *sep;	int max = max_strlen / 2;	for (sep = ""; --max >= 0; sep = ", ") {		if (!abbrev(tcp))			max++;		if (umove(tcp, addr, &cp) < 0) {			tprintf("%#lx", addr);			return;		}		if (cp == 0)			break;		tprintf(sep);		printstr(tcp, (long) cp, -1);		addr += sizeof(char *);	}	if (cp)		tprintf(", ...");}static voidprintargc(fmt, tcp, addr)
💿 文件大小 384 K
👤 上传用户 autojacky
📂 所属分类 Linux/Unix编程
🏷️ 相关标签

#linux #进程 #源代码
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -