Add security attribute process column

This commit is contained in:
Christian Göttsche 2020-09-28 12:06:13 +02:00 committed by cgzones
parent 4b14ab9789
commit 6f387008cb
3 changed files with 38 additions and 1 deletions

View File

@ -109,6 +109,7 @@ ProcessFieldData Process_fields[] = {
[M_SWAP] = { .name = "M_SWAP", .title = " SWAP ", .description = "Size of the process's swapped pages", .flags = PROCESS_FLAG_LINUX_SMAPS, },
[M_PSSWP] = { .name = "M_PSSWP", .title = " PSSWP ", .description = "shows proportional swap share of this mapping, Unlike \"Swap\", this does not take into account swapped out page of underlying shmem objects.", .flags = PROCESS_FLAG_LINUX_SMAPS, },
[CTXT] = { .name = "CTXT", .title = " CTXT ", .description = "Context switches (incremental sum of voluntary_ctxt_switches and nonvoluntary_ctxt_switches)", .flags = PROCESS_FLAG_LINUX_CTXT, },
[SECATTR] = { .name = "SECATTR", .title = " Security Attribute ", .description = "Security attribute of the process (e.g. SELinux or AppArmor)", .flags = PROCESS_FLAG_LINUX_SECATTR, },
[LAST_PROCESSFIELD] = { .name = "*** report bug! ***", .title = NULL, .description = NULL, .flags = 0, },
};
@ -148,6 +149,7 @@ void Process_delete(Object* cast) {
#ifdef HAVE_CGROUP
free(this->cgroup);
#endif
free(this->secattr);
free(this->ttyDevice);
free(this);
}
@ -289,6 +291,7 @@ void LinuxProcess_writeField(Process* this, RichString* str, ProcessField field)
attr |= A_BOLD;
xSnprintf(buffer, n, "%5lu ", lp->ctxt_diff);
break;
case SECATTR: snprintf(buffer, n, "%-30s ", lp->secattr ? lp->secattr : "?"); break;
default:
Process_writeField(this, str, field);
return;
@ -374,6 +377,8 @@ long LinuxProcess_compare(const void* v1, const void* v2) {
return LinuxProcess_effectiveIOPriority(p1) - LinuxProcess_effectiveIOPriority(p2);
case CTXT:
return ((long)p2->ctxt_diff - (long)p1->ctxt_diff);
case SECATTR:
return strcmp(p1->secattr ? p1->secattr : "", p2->secattr ? p2->secattr : "");
default:
return Process_compare(v1, v2);
}

View File

@ -15,6 +15,7 @@ in the source distribution for its full text.
#define PROCESS_FLAG_LINUX_OOM 0x1000
#define PROCESS_FLAG_LINUX_SMAPS 0x2000
#define PROCESS_FLAG_LINUX_CTXT 0x4000
#define PROCESS_FLAG_LINUX_SECATTR 0x8000
typedef enum UnsupportedProcessFields {
FLAGS = 9,
@ -82,7 +83,8 @@ typedef enum LinuxProcessFields {
M_SWAP = 120,
M_PSSWP = 121,
CTXT = 122,
LAST_PROCESSFIELD = 123,
SECATTR = 123,
LAST_PROCESSFIELD = 124,
} LinuxProcessField;
#include "IOPriority.h"
@ -142,6 +144,7 @@ typedef struct LinuxProcess_ {
#endif
unsigned long ctxt_total;
unsigned long ctxt_diff;
char *secattr;
} LinuxProcess;
#define Process_isKernelThread(_process) (((LinuxProcess*)(_process))->isKernelThread)

View File

@ -625,6 +625,32 @@ static void LinuxProcessList_readCtxtData(LinuxProcess* process, const char* dir
process->ctxt_total = ctxt;
}
static void LinuxProcessList_readSecattrData(LinuxProcess* process, const char* dirname, const char* name) {
char filename[MAX_NAME+1];
xSnprintf(filename, sizeof(filename), "%s/%s/attr/current", dirname, name);
FILE* file = fopen(filename, "r");
if (!file) {
free(process->secattr);
process->secattr = NULL;
return;
}
char buffer[PROC_LINE_LENGTH + 1];
char *res = fgets(buffer, sizeof(buffer), file);
fclose(file);
if (!res) {
free(process->secattr);
process->secattr = NULL;
return;
}
char *newline = strchr(buffer, '\n');
if (newline)
*newline = '\0';
if (process->secattr && 0 == strcmp(process->secattr, buffer))
return;
free(process->secattr);
process->secattr = xStrdup(buffer);
}
#ifdef HAVE_DELAYACCT
static int handleNetlinkMsg(struct nl_msg *nlmsg, void *linuxProcess) {
@ -925,6 +951,9 @@ static bool LinuxProcessList_recurseProcTree(LinuxProcessList* this, const char*
if (settings->flags & PROCESS_FLAG_LINUX_CTXT)
LinuxProcessList_readCtxtData(lp, dirname, name);
if (settings->flags & PROCESS_FLAG_LINUX_SECATTR)
LinuxProcessList_readSecattrData(lp, dirname, name);
if (proc->state == 'Z' && (proc->basenameOffset == 0)) {
proc->basenameOffset = -1;
setCommand(proc, command, commLen);