zig

fork of https://codeberg.org/ziglang/zig
Log | Files | Refs | README | LICENSE

cn_proc.h (4159B) - Raw

      1 /* SPDX-License-Identifier: LGPL-2.1 WITH Linux-syscall-note */
      2 /*
      3  * cn_proc.h - process events connector
      4  *
      5  * Copyright (C) Matt Helsley, IBM Corp. 2005
      6  * Based on cn_fork.h by Nguyen Anh Quynh and Guillaume Thouvenin
      7  * Copyright (C) 2005 Nguyen Anh Quynh <aquynh@gmail.com>
      8  * Copyright (C) 2005 Guillaume Thouvenin <guillaume.thouvenin@bull.net>
      9  *
     10  * This program is free software; you can redistribute it and/or modify it
     11  * under the terms of version 2.1 of the GNU Lesser General Public License
     12  * as published by the Free Software Foundation.
     13  *
     14  * This program is distributed in the hope that it would be useful, but
     15  * WITHOUT ANY WARRANTY; without even the implied warranty of
     16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
     17  */
     18 
     19 #ifndef CN_PROC_H
     20 #define CN_PROC_H
     21 
     22 #include <linux/types.h>
     23 
     24 /*
     25  * Userspace sends this enum to register with the kernel that it is listening
     26  * for events on the connector.
     27  */
     28 enum proc_cn_mcast_op {
     29 	PROC_CN_MCAST_LISTEN = 1,
     30 	PROC_CN_MCAST_IGNORE = 2
     31 };
     32 
     33 #define PROC_EVENT_ALL (PROC_EVENT_FORK | PROC_EVENT_EXEC | PROC_EVENT_UID |  \
     34 			PROC_EVENT_GID | PROC_EVENT_SID | PROC_EVENT_PTRACE | \
     35 			PROC_EVENT_COMM | PROC_EVENT_NONZERO_EXIT |           \
     36 			PROC_EVENT_COREDUMP | PROC_EVENT_EXIT)
     37 
     38 /*
     39  * If you add an entry in proc_cn_event, make sure you add it in
     40  * PROC_EVENT_ALL above as well.
     41  */
     42 enum proc_cn_event {
     43 	/* Use successive bits so the enums can be used to record
     44 	 * sets of events as well
     45 	 */
     46 	PROC_EVENT_NONE = 0x00000000,
     47 	PROC_EVENT_FORK = 0x00000001,
     48 	PROC_EVENT_EXEC = 0x00000002,
     49 	PROC_EVENT_UID  = 0x00000004,
     50 	PROC_EVENT_GID  = 0x00000040,
     51 	PROC_EVENT_SID  = 0x00000080,
     52 	PROC_EVENT_PTRACE = 0x00000100,
     53 	PROC_EVENT_COMM = 0x00000200,
     54 	/* "next" should be 0x00000400 */
     55 	/* "last" is the last process event: exit,
     56 	 * while "next to last" is coredumping event
     57 	 * before that is report only if process dies
     58 	 * with non-zero exit status
     59 	 */
     60 	PROC_EVENT_NONZERO_EXIT = 0x20000000,
     61 	PROC_EVENT_COREDUMP = 0x40000000,
     62 	PROC_EVENT_EXIT = 0x80000000
     63 };
     64 
     65 struct proc_input {
     66 	enum proc_cn_mcast_op mcast_op;
     67 	enum proc_cn_event event_type;
     68 };
     69 
     70 static __inline__ enum proc_cn_event valid_event(enum proc_cn_event ev_type)
     71 {
     72 	return (enum proc_cn_event)(ev_type & PROC_EVENT_ALL);
     73 }
     74 
     75 /*
     76  * From the user's point of view, the process
     77  * ID is the thread group ID and thread ID is the internal
     78  * kernel "pid". So, fields are assigned as follow:
     79  *
     80  *  In user space     -  In  kernel space
     81  *
     82  * parent process ID  =  parent->tgid
     83  * parent thread  ID  =  parent->pid
     84  * child  process ID  =  child->tgid
     85  * child  thread  ID  =  child->pid
     86  */
     87 
     88 struct proc_event {
     89 	enum proc_cn_event what;
     90 	__u32 cpu;
     91 	__u64 __attribute__((aligned(8))) timestamp_ns;
     92 		/* Number of nano seconds since system boot */
     93 	union { /* must be last field of proc_event struct */
     94 		struct {
     95 			__u32 err;
     96 		} ack;
     97 
     98 		struct fork_proc_event {
     99 			__kernel_pid_t parent_pid;
    100 			__kernel_pid_t parent_tgid;
    101 			__kernel_pid_t child_pid;
    102 			__kernel_pid_t child_tgid;
    103 		} fork;
    104 
    105 		struct exec_proc_event {
    106 			__kernel_pid_t process_pid;
    107 			__kernel_pid_t process_tgid;
    108 		} exec;
    109 
    110 		struct id_proc_event {
    111 			__kernel_pid_t process_pid;
    112 			__kernel_pid_t process_tgid;
    113 			union {
    114 				__u32 ruid; /* task uid */
    115 				__u32 rgid; /* task gid */
    116 			} r;
    117 			union {
    118 				__u32 euid;
    119 				__u32 egid;
    120 			} e;
    121 		} id;
    122 
    123 		struct sid_proc_event {
    124 			__kernel_pid_t process_pid;
    125 			__kernel_pid_t process_tgid;
    126 		} sid;
    127 
    128 		struct ptrace_proc_event {
    129 			__kernel_pid_t process_pid;
    130 			__kernel_pid_t process_tgid;
    131 			__kernel_pid_t tracer_pid;
    132 			__kernel_pid_t tracer_tgid;
    133 		} ptrace;
    134 
    135 		struct comm_proc_event {
    136 			__kernel_pid_t process_pid;
    137 			__kernel_pid_t process_tgid;
    138 			char           comm[16];
    139 		} comm;
    140 
    141 		struct coredump_proc_event {
    142 			__kernel_pid_t process_pid;
    143 			__kernel_pid_t process_tgid;
    144 			__kernel_pid_t parent_pid;
    145 			__kernel_pid_t parent_tgid;
    146 		} coredump;
    147 
    148 		struct exit_proc_event {
    149 			__kernel_pid_t process_pid;
    150 			__kernel_pid_t process_tgid;
    151 			__u32 exit_code, exit_signal;
    152 			__kernel_pid_t parent_pid;
    153 			__kernel_pid_t parent_tgid;
    154 		} exit;
    155 
    156 	} event_data;
    157 };
    158 
    159 #endif /* CN_PROC_H */