diff options
| author |  netblue30 <netblue30@protonmail.com> | 2022-04-29 09:31:04 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@protonmail.com> | 2022-04-29 09:31:04 -0400 |
| commit | 54baf62b58d71b79a5c2c103cf729ffb56a6a1cf (patch) | |
| tree | a28caaeae5a47952c1b1c0b5e78dc58fb56571c0 | |
| parent | remove inode warning from fcopy - long list of warnings for /etc/alternatives... (diff) | |
| download | firejail-54baf62b58d71b79a5c2c103cf729ffb56a6a1cf.tar.gz firejail-54baf62b58d71b79a5c2c103cf729ffb56a6a1cf.tar.zst firejail-54baf62b58d71b79a5c2c103cf729ffb56a6a1cf.zip | |
fix firemon, speed-up
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | src/firemon/netstats.c | 4 | ||||
| -rw-r--r-- | src/firemon/top.c | 4 | ||||
| -rw-r--r-- | src/lib/pid.c | 28 |
4 files changed, 23 insertions, 14 deletions
diff --git a/.gitignore b/.gitignore index e172d1af3..756918943 100644 --- a/.gitignore +++ b/.gitignore | |||
| @@ -46,6 +46,7 @@ src/bash_completion/firejail.bash_completion | |||
| 46 | src/zsh_completion/_firejail | 46 | src/zsh_completion/_firejail |
| 47 | src/jailcheck/jailcheck | 47 | src/jailcheck/jailcheck |
| 48 | src/fnettrace/fnettrace | 48 | src/fnettrace/fnettrace |
| 49 | src/fzenity/fzenity | ||
| 49 | uids.h | 50 | uids.h |
| 50 | seccomp | 51 | seccomp |
| 51 | seccomp.debug | 52 | seccomp.debug |
diff --git a/src/firemon/netstats.c b/src/firemon/netstats.c index 0a1b7e0c4..7d86ca45e 100644 --- a/src/firemon/netstats.c +++ b/src/firemon/netstats.c | |||
| @@ -47,7 +47,7 @@ static char *get_user_name(uid_t uid) { | |||
| 47 | 47 | ||
| 48 | static char *get_header(void) { | 48 | static char *get_header(void) { |
| 49 | char *rv; | 49 | char *rv; |
| 50 | if (asprintf(&rv, "%-5.5s %-9.9s %-10.10s %-10.10s %s", | 50 | if (asprintf(&rv, "%-7.7s %-9.9s %-10.10s %-10.10s %s", |
| 51 | "PID", "User", "RX(KB/s)", "TX(KB/s)", "Command") == -1) | 51 | "PID", "User", "RX(KB/s)", "TX(KB/s)", "Command") == -1) |
| 52 | errExit("asprintf"); | 52 | errExit("asprintf"); |
| 53 | 53 | ||
| @@ -183,7 +183,7 @@ static void print_proc(int index, int itv, int col) { | |||
| 183 | sprintf(ptrtx, "%.03f", tx_kbps); | 183 | sprintf(ptrtx, "%.03f", tx_kbps); |
| 184 | 184 | ||
| 185 | char buf[1024 + 1]; | 185 | char buf[1024 + 1]; |
| 186 | snprintf(buf, 1024, "%-5.5s %-9.9s %-10.10s %-10.10s %s", | 186 | snprintf(buf, 1024, "%-7.7s %-9.9s %-10.10s %-10.10s %s", |
| 187 | pidstr, ptruser, ptrrx, ptrtx, ptrcmd); | 187 | pidstr, ptruser, ptrrx, ptrtx, ptrcmd); |
| 188 | if (col < 1024) | 188 | if (col < 1024) |
| 189 | buf[col] = '\0'; | 189 | buf[col] = '\0'; |
diff --git a/src/firemon/top.c b/src/firemon/top.c index 2bfa63380..0633370ac 100644 --- a/src/firemon/top.c +++ b/src/firemon/top.c | |||
| @@ -47,7 +47,7 @@ static char *get_user_name(uid_t uid) { | |||
| 47 | 47 | ||
| 48 | static char *get_header(void) { | 48 | static char *get_header(void) { |
| 49 | char *rv; | 49 | char *rv; |
| 50 | if (asprintf(&rv, "%-5.5s %-9.9s %-8.8s %-8.8s %-5.5s %-4.4s %-9.9s %s", | 50 | if (asprintf(&rv, "%-7.7s %-9.9s %-8.8s %-8.8s %-5.5s %-4.4s %-9.9s %s", |
| 51 | "PID", "User", "RES(KiB)", "SHR(KiB)", "CPU%", "Prcs", "Uptime", "Command") == -1) | 51 | "PID", "User", "RES(KiB)", "SHR(KiB)", "CPU%", "Prcs", "Uptime", "Command") == -1) |
| 52 | errExit("asprintf"); | 52 | errExit("asprintf"); |
| 53 | 53 | ||
| @@ -165,7 +165,7 @@ static char *print_top(unsigned index, unsigned parent, unsigned *utime, unsigne | |||
| 165 | char prcs_str[10]; | 165 | char prcs_str[10]; |
| 166 | snprintf(prcs_str, 10, "%d", *cnt); | 166 | snprintf(prcs_str, 10, "%d", *cnt); |
| 167 | 167 | ||
| 168 | if (asprintf(&rv, "%-5.5s %-9.9s %-8.8s %-8.8s %-5.5s %-4.4s %-9.9s %s", | 168 | if (asprintf(&rv, "%-7.7s %-9.9s %-8.8s %-8.8s %-5.5s %-4.4s %-9.9s %s", |
| 169 | pidstr, ptruser, rss, shared, cpu_str, prcs_str, uptime_str, ptrcmd) == -1) | 169 | pidstr, ptruser, rss, shared, cpu_str, prcs_str, uptime_str, ptrcmd) == -1) |
| 170 | errExit("asprintf"); | 170 | errExit("asprintf"); |
| 171 | 171 | ||
diff --git a/src/lib/pid.c b/src/lib/pid.c index ad6403f65..3cf0df909 100644 --- a/src/lib/pid.c +++ b/src/lib/pid.c | |||
| @@ -30,7 +30,7 @@ | |||
| 30 | #define PIDS_BUFLEN 4096 | 30 | #define PIDS_BUFLEN 4096 |
| 31 | //Process pids[max_pids]; | 31 | //Process pids[max_pids]; |
| 32 | Process *pids = NULL; | 32 | Process *pids = NULL; |
| 33 | int max_pids=32769; | 33 | int max_pids=32769; // recalculated for every read_pid() call |
| 34 | 34 | ||
| 35 | // get the memory associated with this pid | 35 | // get the memory associated with this pid |
| 36 | void pid_getmem(unsigned pid, unsigned *rss, unsigned *shared) { | 36 | void pid_getmem(unsigned pid, unsigned *rss, unsigned *shared) { |
| @@ -303,20 +303,22 @@ void pid_store_cpu(unsigned index, unsigned parent, unsigned *utime, unsigned *s | |||
| 303 | 303 | ||
| 304 | // mon_pid: pid of sandbox to be monitored, 0 if all sandboxes are included | 304 | // mon_pid: pid of sandbox to be monitored, 0 if all sandboxes are included |
| 305 | void pid_read(pid_t mon_pid) { | 305 | void pid_read(pid_t mon_pid) { |
| 306 | if (pids == NULL) { | 306 | FILE *fp = fopen("/proc/sys/kernel/pid_max", "r"); |
| 307 | FILE *fp = fopen("/proc/sys/kernel/pid_max", "r"); | 307 | if (fp) { |
| 308 | if (fp) { | 308 | int val; |
| 309 | int val; | 309 | if (fscanf(fp, "%d", &val) == 1) { |
| 310 | if (fscanf(fp, "%d", &val) == 1) { | 310 | if (val >= max_pids) |
| 311 | if (val >= max_pids) | 311 | max_pids = val + 1; |
| 312 | max_pids = val + 1; | ||
| 313 | } | ||
| 314 | fclose(fp); | ||
| 315 | } | 312 | } |
| 313 | fclose(fp); | ||
| 314 | } | ||
| 315 | |||
| 316 | if (pids == NULL) { | ||
| 316 | pids = malloc(sizeof(Process) * max_pids); | 317 | pids = malloc(sizeof(Process) * max_pids); |
| 317 | if (pids == NULL) | 318 | if (pids == NULL) |
| 318 | errExit("malloc"); | 319 | errExit("malloc"); |
| 319 | } | 320 | } |
| 321 | |||
| 320 | memset(pids, 0, sizeof(Process) * max_pids); | 322 | memset(pids, 0, sizeof(Process) * max_pids); |
| 321 | pid_t mypid = getpid(); | 323 | pid_t mypid = getpid(); |
| 322 | 324 | ||
| @@ -332,9 +334,12 @@ void pid_read(pid_t mon_pid) { | |||
| 332 | 334 | ||
| 333 | struct dirent *entry; | 335 | struct dirent *entry; |
| 334 | char *end; | 336 | char *end; |
| 337 | pid_t new_max_pids = 0; | ||
| 335 | while ((entry = readdir(dir))) { | 338 | while ((entry = readdir(dir))) { |
| 336 | pid_t pid = strtol(entry->d_name, &end, 10); | 339 | pid_t pid = strtol(entry->d_name, &end, 10); |
| 337 | pid %= max_pids; | 340 | pid %= max_pids; |
| 341 | if (pid > new_max_pids) | ||
| 342 | new_max_pids = pid; | ||
| 338 | if (end == entry->d_name || *end) | 343 | if (end == entry->d_name || *end) |
| 339 | continue; | 344 | continue; |
| 340 | if (pid == mypid) | 345 | if (pid == mypid) |
| @@ -418,6 +423,9 @@ void pid_read(pid_t mon_pid) { | |||
| 418 | } | 423 | } |
| 419 | closedir(dir); | 424 | closedir(dir); |
| 420 | 425 | ||
| 426 | // update max_pid | ||
| 427 | max_pids = new_max_pids; | ||
| 428 | |||
| 421 | pid_t pid; | 429 | pid_t pid; |
| 422 | for (pid = 0; pid < max_pids; pid++) { | 430 | for (pid = 0; pid < max_pids; pid++) { |
| 423 | int parent = pids[pid].parent; | 431 | int parent = pids[pid].parent; |