3 files changed, 336 insertions, 0 deletions
diff --git a/src/include/common.h b/src/include/common.h
new file mode 100644
index 000000000..7ce1e9290
--- /dev/null
+++ b/src/include/common.h
@@ -0,0 +1,115 @@
+/*
+ * Copyright (C) 2014, 2015 netblue30 (netblue30@yahoo.com)
+ *
+ * This file is part of firejail project
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+#ifndef COMMON_H
+#define COMMON_H
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <stddef.h>
+#include <string.h>
+#include <ctype.h>
+#include <assert.h>
+#define errExit(msg)    do { char msgout[500]; sprintf(msgout, "Error %s:%s(%d)", msg, __FUNCTION__, __LINE__); perror(msgout); exit(1);} while (0)
+// macro to print ip addresses in a printf statement
+#define PRINT_IP(A) \
+((int) (((A) >> 24) & 0xFF)),  ((int) (((A) >> 16) & 0xFF)), ((int) (((A) >> 8) & 0xFF)), ((int) ( (A) & 0xFF))
+// macro to print a mac addresses in a printf statement
+#define PRINT_MAC(A) \
+((unsigned) (*(A)) & 0xff), ((unsigned) (*((A) + 1) & 0xff)), ((unsigned) (*((A) + 2) & 0xff)), \
+((unsigned) (*((A) + 3)) & 0xff), ((unsigned) (*((A) + 4) & 0xff)), ((unsigned) (*((A) + 5)) & 0xff)
+// the number of bits in a network mask
+static inline uint8_t mask2bits(uint32_t mask) {
+        uint32_t tmp = 0x80000000;
+        int i;
+        uint8_t rv = 0;
+        for (i = 0; i < 32; i++, tmp >>= 1) {
+                if (tmp & mask)
+                        rv++;
+                else
+                        break;
+        }
+        return rv;
+}
+// read an IPv4 address and convert it to uint32_t
+static inline int atoip(const char *str, uint32_t *ip) {
+        unsigned a, b, c, d;
+        if (sscanf(str, "%u.%u.%u.%u", &a, &b, &c, &d) != 4 || a > 255 || b > 255 || c > 255 || d > 255)
+                return 1;
+                
+        *ip = a * 0x1000000 + b * 0x10000 + c * 0x100 + d;
+        return 0;
+}
+// verify an ip address is in the network range given by ifip and mask
+static inline char *in_netrange(uint32_t ip, uint32_t ifip, uint32_t ifmask) {
+        if ((ip & ifmask) != (ifip & ifmask))
+                return "Error: the IP address is not in the interface range\n";
+        else if ((ip & ifmask) == ip)
+                return "Error: the IP address is a network address\n";
+        else if ((ip | ~ifmask) == ip)
+                return "Error: the IP address is a network address\n";
+        return NULL;
+}
+// read a mac address
+static inline int atomac(char *str, unsigned char macAddr[6]) {
+        unsigned mac[6];
+        if (sscanf(str, "%2x:%2x:%2x:%2x:%2x:%2x", &mac[0], &mac[1], &mac[2], &mac[3], &mac[4], &mac[5]) != 6)
+                return 1;
+        int i;
+        for (i = 0; i < 6; i++) {
+                if (mac[i] > 0xff)
+                        return 1;
+                        
+                macAddr[i] = (unsigned char) mac[i];
+        }
+        return 0;
+}
+// check a mac address is configured
+static inline int mac_not_zero(const unsigned char mac[6]) {
+        int i;
+        for (i = 0; i < 6; i++) {
+                if (mac[i] != 0)
+                        return 1;
+        }
+        
+        return 0;
+}
+int join_namespace(pid_t pid, char *type);
+int name2pid(const char *name, pid_t *pid);
+char *pid_proc_comm(const pid_t pid);
+char *pid_proc_cmdline(const pid_t pid);
+#endif
diff --git a/src/include/libnetlink.h b/src/include/libnetlink.h
new file mode 100644
index 000000000..e9cd6b186
--- /dev/null
+++ b/src/include/libnetlink.h
@@ -0,0 +1,163 @@
+/* file extracted from iproute2 software package
+ *
+ * Original source code:
+ * 
+ * Information:
+ *     http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2
+ * 
+ * Download:
+ *     http://www.kernel.org/pub/linux/utils/net/iproute2/
+ * 
+ * Repository:
+ *     git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/iproute2.git
+ * 
+ * License: GPL v2
+ */
+#ifndef __LIBNETLINK_H__
+#define __LIBNETLINK_H__ 1
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <string.h>
+#include <asm/types.h>
+#include <linux/netlink.h>
+#include <linux/rtnetlink.h>
+#include <linux/if_link.h>
+#include <linux/if_addr.h>
+#include <linux/neighbour.h>
+struct rtnl_handle
+{
+        int                     fd;
+        struct sockaddr_nl      local;
+        struct sockaddr_nl      peer;
+        __u32                   seq;
+        __u32                   dump;
+};
+extern int rcvbuf;
+extern int rtnl_open(struct rtnl_handle *rth, unsigned subscriptions);
+extern int rtnl_open_byproto(struct rtnl_handle *rth, unsigned subscriptions, int protocol);
+extern void rtnl_close(struct rtnl_handle *rth);
+extern int rtnl_wilddump_request(struct rtnl_handle *rth, int fam, int type);
+extern int rtnl_wilddump_req_filter(struct rtnl_handle *rth, int fam, int type,
+                                    __u32 filt_mask);
+extern int rtnl_dump_request(struct rtnl_handle *rth, int type, void *req, int len);
+typedef int (*rtnl_filter_t)(const struct sockaddr_nl *,
+                             struct nlmsghdr *n, void *);
+struct rtnl_dump_filter_arg
+{
+        rtnl_filter_t filter;
+        void *arg1;
+};
+extern int rtnl_dump_filter_l(struct rtnl_handle *rth,
+                              const struct rtnl_dump_filter_arg *arg);
+extern int rtnl_dump_filter(struct rtnl_handle *rth, rtnl_filter_t filter,
+                            void *arg);
+extern int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n, pid_t peer,
+                     unsigned groups, struct nlmsghdr *answer);
+extern int rtnl_send(struct rtnl_handle *rth, const void *buf, int);
+extern int rtnl_send_check(struct rtnl_handle *rth, const void *buf, int);
+extern int addattr(struct nlmsghdr *n, int maxlen, int type);
+extern int addattr8(struct nlmsghdr *n, int maxlen, int type, __u8 data);
+extern int addattr16(struct nlmsghdr *n, int maxlen, int type, __u16 data);
+extern int addattr32(struct nlmsghdr *n, int maxlen, int type, __u32 data);
+extern int addattr64(struct nlmsghdr *n, int maxlen, int type, __u64 data);
+extern int addattrstrz(struct nlmsghdr *n, int maxlen, int type, const char *data);
+extern int addattr_l(struct nlmsghdr *n, int maxlen, int type, const void *data, int alen);
+extern int addraw_l(struct nlmsghdr *n, int maxlen, const void *data, int len);
+extern struct rtattr *addattr_nest(struct nlmsghdr *n, int maxlen, int type);
+extern int addattr_nest_end(struct nlmsghdr *n, struct rtattr *nest);
+extern struct rtattr *addattr_nest_compat(struct nlmsghdr *n, int maxlen, int type, const void *data, int len);
+extern int addattr_nest_compat_end(struct nlmsghdr *n, struct rtattr *nest);
+extern int rta_addattr32(struct rtattr *rta, int maxlen, int type, __u32 data);
+extern int rta_addattr_l(struct rtattr *rta, int maxlen, int type, const void *data, int alen);
+extern int parse_rtattr(struct rtattr *tb[], int max, struct rtattr *rta, int len);
+extern int parse_rtattr_flags(struct rtattr *tb[], int max, struct rtattr *rta,
+                              int len, unsigned short flags);
+extern int parse_rtattr_byindex(struct rtattr *tb[], int max, struct rtattr *rta, int len);
+extern int __parse_rtattr_nested_compat(struct rtattr *tb[], int max, struct rtattr *rta, int len);
+#define parse_rtattr_nested(tb, max, rta) \
+        (parse_rtattr((tb), (max), RTA_DATA(rta), RTA_PAYLOAD(rta)))
+#define parse_rtattr_nested_compat(tb, max, rta, data, len) \
+        ({ data = RTA_PAYLOAD(rta) >= len ? RTA_DATA(rta) : NULL;       \
+                __parse_rtattr_nested_compat(tb, max, rta, len); })
+static inline __u8 rta_getattr_u8(const struct rtattr *rta)
+{
+        return *(__u8 *)RTA_DATA(rta);
+}
+static inline __u16 rta_getattr_u16(const struct rtattr *rta)
+{
+        return *(__u16 *)RTA_DATA(rta);
+}
+static inline __u32 rta_getattr_u32(const struct rtattr *rta)
+{
+        return *(__u32 *)RTA_DATA(rta);
+}
+static inline __u64 rta_getattr_u64(const struct rtattr *rta)
+{
+        __u64 tmp;
+        memcpy(&tmp, RTA_DATA(rta), sizeof(__u64));
+        return tmp;
+}
+static inline const char *rta_getattr_str(const struct rtattr *rta)
+{
+        return (const char *)RTA_DATA(rta);
+}
+extern int rtnl_listen(struct rtnl_handle *, rtnl_filter_t handler,
+                       void *jarg);
+extern int rtnl_from_file(FILE *, rtnl_filter_t handler,
+                       void *jarg);
+#define NLMSG_TAIL(nmsg) \
+        ((struct rtattr *) (((void *) (nmsg)) + NLMSG_ALIGN((nmsg)->nlmsg_len)))
+#ifndef IFA_RTA
+#define IFA_RTA(r) \
+        ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ifaddrmsg))))
+#endif
+#ifndef IFA_PAYLOAD
+#define IFA_PAYLOAD(n)  NLMSG_PAYLOAD(n,sizeof(struct ifaddrmsg))
+#endif
+#ifndef IFLA_RTA
+#define IFLA_RTA(r) \
+        ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ifinfomsg))))
+#endif
+#ifndef IFLA_PAYLOAD
+#define IFLA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct ifinfomsg))
+#endif
+#ifndef NDA_RTA
+#define NDA_RTA(r) \
+        ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ndmsg))))
+#endif
+#ifndef NDA_PAYLOAD
+#define NDA_PAYLOAD(n)  NLMSG_PAYLOAD(n,sizeof(struct ndmsg))
+#endif
+#ifndef NDTA_RTA
+#define NDTA_RTA(r) \
+        ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ndtmsg))))
+#endif
+#ifndef NDTA_PAYLOAD
+#define NDTA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct ndtmsg))
+#endif
+#endif /* __LIBNETLINK_H__ */
diff --git a/src/include/pid.h b/src/include/pid.h
new file mode 100644
index 000000000..aaadaa542
--- /dev/null
+++ b/src/include/pid.h
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) 2014, 2015 netblue30 (netblue30@yahoo.com)
+ *
+ * This file is part of firejail project
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+#ifndef PID_H
+#define PID_H
+extern int max_pids;
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <sys/types.h>
+#include <unistd.h>
+typedef struct {
+        short level;  // -1 not a firejail process, 0 not investigated yet, 1 firejail process, > 1 firejail child
+        unsigned char zombie;
+        pid_t parent;
+        uid_t uid;
+        char *user;
+        char *cmd;
+        unsigned utime;
+        unsigned stime;
+        unsigned long long rx;  // network rx, bytes
+        unsigned long long tx;  // networking tx, bytes
+        unsigned rx_delta;
+        unsigned tx_delta;
+} Process;
+//extern Process pids[max_pids];
+extern Process *pids;
+// pid functions
+void pid_getmem(unsigned pid, unsigned *rss, unsigned *shared);
+void pid_get_cpu_time(unsigned pid, unsigned *utime, unsigned *stime);
+unsigned long long pid_get_start_time(unsigned pid);
+uid_t pid_get_uid(pid_t pid);
+char *pid_get_user_name(uid_t uid);
+// print functions
+void pid_print_tree(unsigned index, unsigned parent, int nowrap);
+void pid_print_list(unsigned index, int nowrap);
+void pid_store_cpu(unsigned index, unsigned parent, unsigned *utime, unsigned *stime);
+void pid_read(pid_t mon_pid);
+#endif

diff --git a/src/include/common.h b/src/include/common.h new file mode 100644 index 000000000..7ce1e9290 --- /dev/null +++ b/src/include/common.h
@@ -0,0 +1,115 @@
	1	/*
	2	* Copyright (C) 2014, 2015 netblue30 (netblue30@yahoo.com)
	3	*
	4	* This file is part of firejail project
	5	*
	6	* This program is free software; you can redistribute it and/or modify
	7	* it under the terms of the GNU General Public License as published by
	8	* the Free Software Foundation; either version 2 of the License, or
	9	* (at your option) any later version.
	10	*
	11	* This program is distributed in the hope that it will be useful,
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	14	* GNU General Public License for more details.
	15	*
	16	* You should have received a copy of the GNU General Public License along
	17	* with this program; if not, write to the Free Software Foundation, Inc.,
	18	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	19	*/
	20
	21	#ifndef COMMON_H
	22	#define COMMON_H
	23	#define _GNU_SOURCE
	24	#include <stdio.h>
	25	#include <sys/types.h>
	26	#include <unistd.h>
	27	#include <stdlib.h>
	28	#include <stdint.h>
	29	#include <stddef.h>
	30	#include <string.h>
	31	#include <ctype.h>
	32	#include <assert.h>
	33
	34	#define errExit(msg) do { char msgout[500]; sprintf(msgout, "Error %s:%s(%d)", msg, __FUNCTION__, __LINE__); perror(msgout); exit(1);} while (0)
	35
	36	// macro to print ip addresses in a printf statement
	37	#define PRINT_IP(A) \
	38	((int) (((A) >> 24) & 0xFF)), ((int) (((A) >> 16) & 0xFF)), ((int) (((A) >> 8) & 0xFF)), ((int) ( (A) & 0xFF))
	39
	40	// macro to print a mac addresses in a printf statement
	41	#define PRINT_MAC(A) \
	42	((unsigned) ((A)) & 0xff), ((unsigned) (((A) + 1) & 0xff)), ((unsigned) (*((A) + 2) & 0xff)), \
	43	((unsigned) (((A) + 3)) & 0xff), ((unsigned) (((A) + 4) & 0xff)), ((unsigned) (*((A) + 5)) & 0xff)
	44
	45	// the number of bits in a network mask
	46	static inline uint8_t mask2bits(uint32_t mask) {
	47	uint32_t tmp = 0x80000000;
	48	int i;
	49	uint8_t rv = 0;
	50
	51	for (i = 0; i < 32; i++, tmp >>= 1) {
	52	if (tmp & mask)
	53	rv++;
	54	else
	55	break;
	56	}
	57	return rv;
	58	}
	59
	60	// read an IPv4 address and convert it to uint32_t
	61	static inline int atoip(const char str, uint32_t ip) {
	62	unsigned a, b, c, d;
	63
	64	if (sscanf(str, "%u.%u.%u.%u", &a, &b, &c, &d) != 4 \|\| a > 255 \|\| b > 255 \|\| c > 255 \|\| d > 255)
	65	return 1;
	66
	67	ip = a 0x1000000 + b * 0x10000 + c * 0x100 + d;
	68	return 0;
	69	}
	70
	71	// verify an ip address is in the network range given by ifip and mask
	72	static inline char *in_netrange(uint32_t ip, uint32_t ifip, uint32_t ifmask) {
	73	if ((ip & ifmask) != (ifip & ifmask))
	74	return "Error: the IP address is not in the interface range\n";
	75	else if ((ip & ifmask) == ip)
	76	return "Error: the IP address is a network address\n";
	77	else if ((ip \| ~ifmask) == ip)
	78	return "Error: the IP address is a network address\n";
	79	return NULL;
	80	}
	81
	82	// read a mac address
	83	static inline int atomac(char *str, unsigned char macAddr[6]) {
	84	unsigned mac[6];
	85
	86	if (sscanf(str, "%2x:%2x:%2x:%2x:%2x:%2x", &mac[0], &mac[1], &mac[2], &mac[3], &mac[4], &mac[5]) != 6)
	87	return 1;
	88
	89	int i;
	90	for (i = 0; i < 6; i++) {
	91	if (mac[i] > 0xff)
	92	return 1;
	93
	94	macAddr[i] = (unsigned char) mac[i];
	95	}
	96
	97	return 0;
	98	}
	99
	100	// check a mac address is configured
	101	static inline int mac_not_zero(const unsigned char mac[6]) {
	102	int i;
	103	for (i = 0; i < 6; i++) {
	104	if (mac[i] != 0)
	105	return 1;
	106	}
	107
	108	return 0;
	109	}
	110
	111	int join_namespace(pid_t pid, char *type);
	112	int name2pid(const char name, pid_t pid);
	113	char *pid_proc_comm(const pid_t pid);
	114	char *pid_proc_cmdline(const pid_t pid);
	115	#endif


diff --git a/src/include/libnetlink.h b/src/include/libnetlink.h new file mode 100644 index 000000000..e9cd6b186 --- /dev/null +++ b/src/include/libnetlink.h
@@ -0,0 +1,163 @@
	1	/* file extracted from iproute2 software package
	2	*
	3	* Original source code:
	4	*
	5	* Information:
	6	* http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2
	7	*
	8	* Download:
	9	* http://www.kernel.org/pub/linux/utils/net/iproute2/
	10	*
	11	* Repository:
	12	* git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/iproute2.git
	13	*
	14	* License: GPL v2
	15	*/
	16
	17
	18	#ifndef __LIBNETLINK_H__
	19	#define __LIBNETLINK_H__ 1
	20
	21	#define _GNU_SOURCE
	22	#include <stdio.h>
	23	#include <stdlib.h>
	24	#include <stdint.h>
	25	#include <string.h>
	26	#include <asm/types.h>
	27	#include <linux/netlink.h>
	28	#include <linux/rtnetlink.h>
	29	#include <linux/if_link.h>
	30	#include <linux/if_addr.h>
	31	#include <linux/neighbour.h>
	32
	33	struct rtnl_handle
	34	{
	35	int fd;
	36	struct sockaddr_nl local;
	37	struct sockaddr_nl peer;
	38	__u32 seq;
	39	__u32 dump;
	40	};
	41
	42	extern int rcvbuf;
	43
	44	extern int rtnl_open(struct rtnl_handle *rth, unsigned subscriptions);
	45	extern int rtnl_open_byproto(struct rtnl_handle *rth, unsigned subscriptions, int protocol);
	46	extern void rtnl_close(struct rtnl_handle *rth);
	47	extern int rtnl_wilddump_request(struct rtnl_handle *rth, int fam, int type);
	48	extern int rtnl_wilddump_req_filter(struct rtnl_handle *rth, int fam, int type,
	49	__u32 filt_mask);
	50	extern int rtnl_dump_request(struct rtnl_handle rth, int type, void req, int len);
	51
	52	typedef int (rtnl_filter_t)(const struct sockaddr_nl ,
	53	struct nlmsghdr n, void );
	54
	55	struct rtnl_dump_filter_arg
	56	{
	57	rtnl_filter_t filter;
	58	void *arg1;
	59	};
	60
	61	extern int rtnl_dump_filter_l(struct rtnl_handle *rth,
	62	const struct rtnl_dump_filter_arg *arg);
	63	extern int rtnl_dump_filter(struct rtnl_handle *rth, rtnl_filter_t filter,
	64	void *arg);
	65	extern int rtnl_talk(struct rtnl_handle rtnl, struct nlmsghdr n, pid_t peer,
	66	unsigned groups, struct nlmsghdr *answer);
	67	extern int rtnl_send(struct rtnl_handle rth, const void buf, int);
	68	extern int rtnl_send_check(struct rtnl_handle rth, const void buf, int);
	69
	70	extern int addattr(struct nlmsghdr *n, int maxlen, int type);
	71	extern int addattr8(struct nlmsghdr *n, int maxlen, int type, __u8 data);
	72	extern int addattr16(struct nlmsghdr *n, int maxlen, int type, __u16 data);
	73	extern int addattr32(struct nlmsghdr *n, int maxlen, int type, __u32 data);
	74	extern int addattr64(struct nlmsghdr *n, int maxlen, int type, __u64 data);
	75	extern int addattrstrz(struct nlmsghdr n, int maxlen, int type, const char data);
	76
	77	extern int addattr_l(struct nlmsghdr n, int maxlen, int type, const void data, int alen);
	78	extern int addraw_l(struct nlmsghdr n, int maxlen, const void data, int len);
	79	extern struct rtattr addattr_nest(struct nlmsghdr n, int maxlen, int type);
	80	extern int addattr_nest_end(struct nlmsghdr n, struct rtattr nest);
	81	extern struct rtattr addattr_nest_compat(struct nlmsghdr n, int maxlen, int type, const void *data, int len);
	82	extern int addattr_nest_compat_end(struct nlmsghdr n, struct rtattr nest);
	83	extern int rta_addattr32(struct rtattr *rta, int maxlen, int type, __u32 data);
	84	extern int rta_addattr_l(struct rtattr rta, int maxlen, int type, const void data, int alen);
	85
	86	extern int parse_rtattr(struct rtattr tb[], int max, struct rtattr rta, int len);
	87	extern int parse_rtattr_flags(struct rtattr tb[], int max, struct rtattr rta,
	88	int len, unsigned short flags);
	89	extern int parse_rtattr_byindex(struct rtattr tb[], int max, struct rtattr rta, int len);
	90	extern int __parse_rtattr_nested_compat(struct rtattr tb[], int max, struct rtattr rta, int len);
	91
	92	#define parse_rtattr_nested(tb, max, rta) \
	93	(parse_rtattr((tb), (max), RTA_DATA(rta), RTA_PAYLOAD(rta)))
	94
	95	#define parse_rtattr_nested_compat(tb, max, rta, data, len) \
	96	({ data = RTA_PAYLOAD(rta) >= len ? RTA_DATA(rta) : NULL; \
	97	__parse_rtattr_nested_compat(tb, max, rta, len); })
	98
	99	static inline __u8 rta_getattr_u8(const struct rtattr *rta)
	100	{
	101	return (__u8 )RTA_DATA(rta);
	102	}
	103	static inline __u16 rta_getattr_u16(const struct rtattr *rta)
	104	{
	105	return (__u16 )RTA_DATA(rta);
	106	}
	107	static inline __u32 rta_getattr_u32(const struct rtattr *rta)
	108	{
	109	return (__u32 )RTA_DATA(rta);
	110	}
	111	static inline __u64 rta_getattr_u64(const struct rtattr *rta)
	112	{
	113	__u64 tmp;
	114	memcpy(&tmp, RTA_DATA(rta), sizeof(__u64));
	115	return tmp;
	116	}
	117	static inline const char rta_getattr_str(const struct rtattr rta)
	118	{
	119	return (const char *)RTA_DATA(rta);
	120	}
	121
	122	extern int rtnl_listen(struct rtnl_handle *, rtnl_filter_t handler,
	123	void *jarg);
	124	extern int rtnl_from_file(FILE *, rtnl_filter_t handler,
	125	void *jarg);
	126
	127	#define NLMSG_TAIL(nmsg) \
	128	((struct rtattr ) (((void ) (nmsg)) + NLMSG_ALIGN((nmsg)->nlmsg_len)))
	129
	130	#ifndef IFA_RTA
	131	#define IFA_RTA(r) \
	132	((struct rtattr)(((char)(r)) + NLMSG_ALIGN(sizeof(struct ifaddrmsg))))
	133	#endif
	134	#ifndef IFA_PAYLOAD
	135	#define IFA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct ifaddrmsg))
	136	#endif
	137
	138	#ifndef IFLA_RTA
	139	#define IFLA_RTA(r) \
	140	((struct rtattr)(((char)(r)) + NLMSG_ALIGN(sizeof(struct ifinfomsg))))
	141	#endif
	142	#ifndef IFLA_PAYLOAD
	143	#define IFLA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct ifinfomsg))
	144	#endif
	145
	146	#ifndef NDA_RTA
	147	#define NDA_RTA(r) \
	148	((struct rtattr)(((char)(r)) + NLMSG_ALIGN(sizeof(struct ndmsg))))
	149	#endif
	150	#ifndef NDA_PAYLOAD
	151	#define NDA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct ndmsg))
	152	#endif
	153
	154	#ifndef NDTA_RTA
	155	#define NDTA_RTA(r) \
	156	((struct rtattr)(((char)(r)) + NLMSG_ALIGN(sizeof(struct ndtmsg))))
	157	#endif
	158	#ifndef NDTA_PAYLOAD
	159	#define NDTA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct ndtmsg))
	160	#endif
	161
	162	#endif /* __LIBNETLINK_H__ */
	163


diff --git a/src/include/pid.h b/src/include/pid.h new file mode 100644 index 000000000..aaadaa542 --- /dev/null +++ b/src/include/pid.h
@@ -0,0 +1,58 @@
	1	/*
	2	* Copyright (C) 2014, 2015 netblue30 (netblue30@yahoo.com)
	3	*
	4	* This file is part of firejail project
	5	*
	6	* This program is free software; you can redistribute it and/or modify
	7	* it under the terms of the GNU General Public License as published by
	8	* the Free Software Foundation; either version 2 of the License, or
	9	* (at your option) any later version.
	10	*
	11	* This program is distributed in the hope that it will be useful,
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	14	* GNU General Public License for more details.
	15	*
	16	* You should have received a copy of the GNU General Public License along
	17	* with this program; if not, write to the Free Software Foundation, Inc.,
	18	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	19	*/
	20	#ifndef PID_H
	21	#define PID_H
	22	extern int max_pids;
	23
	24
	25	#define _GNU_SOURCE
	26	#include <stdio.h>
	27	#include <sys/types.h>
	28	#include <unistd.h>
	29	typedef struct {
	30	short level; // -1 not a firejail process, 0 not investigated yet, 1 firejail process, > 1 firejail child
	31	unsigned char zombie;
	32	pid_t parent;
	33	uid_t uid;
	34	char *user;
	35	char *cmd;
	36	unsigned utime;
	37	unsigned stime;
	38	unsigned long long rx; // network rx, bytes
	39	unsigned long long tx; // networking tx, bytes
	40	unsigned rx_delta;
	41	unsigned tx_delta;
	42	} Process;
	43	//extern Process pids[max_pids];
	44	extern Process *pids;
	45
	46	// pid functions
	47	void pid_getmem(unsigned pid, unsigned rss, unsigned shared);
	48	void pid_get_cpu_time(unsigned pid, unsigned utime, unsigned stime);
	49	unsigned long long pid_get_start_time(unsigned pid);
	50	uid_t pid_get_uid(pid_t pid);
	51	char *pid_get_user_name(uid_t uid);
	52	// print functions
	53	void pid_print_tree(unsigned index, unsigned parent, int nowrap);
	54	void pid_print_list(unsigned index, int nowrap);
	55	void pid_store_cpu(unsigned index, unsigned parent, unsigned utime, unsigned stime);
	56	void pid_read(pid_t mon_pid);
	57
	58	#endif