aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorMatt Helsley <matthltc@us.ibm.com>2005-11-07 03:59:16 -0500
committerLinus Torvalds <torvalds@g5.osdl.org>2005-11-07 10:53:35 -0500
commit9f46080c41d5f3f7c00b4e169ba4b0b2865258bf (patch)
treee2c029ef7f0cd5fb8ea9b78db3f7be5badaf59b1 /include
parent49364ce2534418462d681ad99e52e79a00b0f40b (diff)
[PATCH] Process Events Connector
This patch adds a connector that reports fork, exec, id change, and exit events for all processes to userspace. It replaces the fork_advisor patch that ELSA is currently using. Applications that may find these events useful include accounting/auditing (e.g. ELSA), system activity monitoring (e.g. top), security, and resource management (e.g. CKRM). Signed-off-by: Matt Helsley <matthltc@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'include')
-rw-r--r--include/linux/cn_proc.h127
-rw-r--r--include/linux/connector.h6
2 files changed, 133 insertions, 0 deletions
diff --git a/include/linux/cn_proc.h b/include/linux/cn_proc.h
new file mode 100644
index 000000000000..70ab56317380
--- /dev/null
+++ b/include/linux/cn_proc.h
@@ -0,0 +1,127 @@
1/*
2 * cn_proc.h - process events connector
3 *
4 * Copyright (C) Matt Helsley, IBM Corp. 2005
5 * Based on cn_fork.h by Nguyen Anh Quynh and Guillaume Thouvenin
6 * Original copyright notice follows:
7 * Copyright (C) 2005 Nguyen Anh Quynh <aquynh@gmail.com>
8 * Copyright (C) 2005 Guillaume Thouvenin <guillaume.thouvenin@bull.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
24
25#ifndef CN_PROC_H
26#define CN_PROC_H
27
28#include <linux/types.h>
29#include <linux/connector.h>
30
31/*
32 * Userspace sends this enum to register with the kernel that it is listening
33 * for events on the connector.
34 */
35enum proc_cn_mcast_op {
36 PROC_CN_MCAST_LISTEN = 1,
37 PROC_CN_MCAST_IGNORE = 2
38};
39
40/*
41 * From the user's point of view, the process
42 * ID is the thread group ID and thread ID is the internal
43 * kernel "pid". So, fields are assigned as follow:
44 *
45 * In user space - In kernel space
46 *
47 * parent process ID = parent->tgid
48 * parent thread ID = parent->pid
49 * child process ID = child->tgid
50 * child thread ID = child->pid
51 */
52
53struct proc_event {
54 enum what {
55 /* Use successive bits so the enums can be used to record
56 * sets of events as well
57 */
58 PROC_EVENT_NONE = 0x00000000,
59 PROC_EVENT_FORK = 0x00000001,
60 PROC_EVENT_EXEC = 0x00000002,
61 PROC_EVENT_UID = 0x00000004,
62 PROC_EVENT_GID = 0x00000040,
63 /* "next" should be 0x00000400 */
64 /* "last" is the last process event: exit */
65 PROC_EVENT_EXIT = 0x80000000
66 } what;
67 __u32 cpu;
68 union { /* must be last field of proc_event struct */
69 struct {
70 __u32 err;
71 } ack;
72
73 struct fork_proc_event {
74 pid_t parent_pid;
75 pid_t parent_tgid;
76 pid_t child_pid;
77 pid_t child_tgid;
78 } fork;
79
80 struct exec_proc_event {
81 pid_t process_pid;
82 pid_t process_tgid;
83 } exec;
84
85 struct id_proc_event {
86 pid_t process_pid;
87 pid_t process_tgid;
88 union {
89 uid_t ruid; /* current->uid */
90 gid_t rgid; /* current->gid */
91 } r;
92 union {
93 uid_t euid;
94 gid_t egid;
95 } e;
96 } id;
97
98 struct exit_proc_event {
99 pid_t process_pid;
100 pid_t process_tgid;
101 __u32 exit_code, exit_signal;
102 } exit;
103 } event_data;
104};
105
106#ifdef __KERNEL__
107#ifdef CONFIG_PROC_EVENTS
108void proc_fork_connector(struct task_struct *task);
109void proc_exec_connector(struct task_struct *task);
110void proc_id_connector(struct task_struct *task, int which_id);
111void proc_exit_connector(struct task_struct *task);
112#else
113static inline void proc_fork_connector(struct task_struct *task)
114{}
115
116static inline void proc_exec_connector(struct task_struct *task)
117{}
118
119static inline void proc_id_connector(struct task_struct *task,
120 int which_id)
121{}
122
123static inline void proc_exit_connector(struct task_struct *task)
124{}
125#endif /* CONFIG_PROC_EVENTS */
126#endif /* __KERNEL__ */
127#endif /* CN_PROC_H */
diff --git a/include/linux/connector.h b/include/linux/connector.h
index 95952cc1f525..c5769c6585f4 100644
--- a/include/linux/connector.h
+++ b/include/linux/connector.h
@@ -27,6 +27,12 @@
27#define CN_IDX_CONNECTOR 0xffffffff 27#define CN_IDX_CONNECTOR 0xffffffff
28#define CN_VAL_CONNECTOR 0xffffffff 28#define CN_VAL_CONNECTOR 0xffffffff
29 29
30/*
31 * Process Events connector unique ids -- used for message routing
32 */
33#define CN_IDX_PROC 0x1
34#define CN_VAL_PROC 0x1
35
30#define CN_NETLINK_USERS 1 36#define CN_NETLINK_USERS 1
31 37
32/* 38/*