zig/lib/libc/include/any-linux-any/linux/cn

  1/* SPDX-License-Identifier: LGPL-2.1 WITH Linux-syscall-note */
  2/*
  3 * cn_proc.h - process events connector
  4 *
  5 * Copyright (C) Matt Helsley, IBM Corp. 2005
  6 * Based on cn_fork.h by Nguyen Anh Quynh and Guillaume Thouvenin
  7 * Copyright (C) 2005 Nguyen Anh Quynh <aquynh@gmail.com>
  8 * Copyright (C) 2005 Guillaume Thouvenin <guillaume.thouvenin@bull.net>
  9 *
 10 * This program is free software; you can redistribute it and/or modify it
 11 * under the terms of version 2.1 of the GNU Lesser General Public License
 12 * as published by the Free Software Foundation.
 13 *
 14 * This program is distributed in the hope that it would be useful, but
 15 * WITHOUT ANY WARRANTY; without even the implied warranty of
 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 17 */
 18
 19#ifndef CN_PROC_H
 20#define CN_PROC_H
 21
 22#include <linux/types.h>
 23
 24/*
 25 * Userspace sends this enum to register with the kernel that it is listening
 26 * for events on the connector.
 27 */
 28enum proc_cn_mcast_op {
 29	PROC_CN_MCAST_LISTEN = 1,
 30	PROC_CN_MCAST_IGNORE = 2
 31};
 32
 33#define PROC_EVENT_ALL (PROC_EVENT_FORK | PROC_EVENT_EXEC | PROC_EVENT_UID |  \
 34			PROC_EVENT_GID | PROC_EVENT_SID | PROC_EVENT_PTRACE | \
 35			PROC_EVENT_COMM | PROC_EVENT_NONZERO_EXIT |           \
 36			PROC_EVENT_COREDUMP | PROC_EVENT_EXIT)
 37
 38/*
 39 * If you add an entry in proc_cn_event, make sure you add it in
 40 * PROC_EVENT_ALL above as well.
 41 */
 42enum proc_cn_event {
 43	/* Use successive bits so the enums can be used to record
 44	 * sets of events as well
 45	 */
 46	PROC_EVENT_NONE = 0x00000000,
 47	PROC_EVENT_FORK = 0x00000001,
 48	PROC_EVENT_EXEC = 0x00000002,
 49	PROC_EVENT_UID  = 0x00000004,
 50	PROC_EVENT_GID  = 0x00000040,
 51	PROC_EVENT_SID  = 0x00000080,
 52	PROC_EVENT_PTRACE = 0x00000100,
 53	PROC_EVENT_COMM = 0x00000200,
 54	/* "next" should be 0x00000400 */
 55	/* "last" is the last process event: exit,
 56	 * while "next to last" is coredumping event
 57	 * before that is report only if process dies
 58	 * with non-zero exit status
 59	 */
 60	PROC_EVENT_NONZERO_EXIT = 0x20000000,
 61	PROC_EVENT_COREDUMP = 0x40000000,
 62	PROC_EVENT_EXIT = 0x80000000
 63};
 64
 65struct proc_input {
 66	enum proc_cn_mcast_op mcast_op;
 67	enum proc_cn_event event_type;
 68};
 69
 70static __inline__ enum proc_cn_event valid_event(enum proc_cn_event ev_type)
 71{
 72	return (enum proc_cn_event)(ev_type & PROC_EVENT_ALL);
 73}
 74
 75/*
 76 * From the user's point of view, the process
 77 * ID is the thread group ID and thread ID is the internal
 78 * kernel "pid". So, fields are assigned as follow:
 79 *
 80 *  In user space     -  In  kernel space
 81 *
 82 * parent process ID  =  parent->tgid
 83 * parent thread  ID  =  parent->pid
 84 * child  process ID  =  child->tgid
 85 * child  thread  ID  =  child->pid
 86 */
 87
 88struct proc_event {
 89	enum proc_cn_event what;
 90	__u32 cpu;
 91	__u64 __attribute__((aligned(8))) timestamp_ns;
 92		/* Number of nano seconds since system boot */
 93	union { /* must be last field of proc_event struct */
 94		struct {
 95			__u32 err;
 96		} ack;
 97
 98		struct fork_proc_event {
 99			__kernel_pid_t parent_pid;
100			__kernel_pid_t parent_tgid;
101			__kernel_pid_t child_pid;
102			__kernel_pid_t child_tgid;
103		} fork;
104
105		struct exec_proc_event {
106			__kernel_pid_t process_pid;
107			__kernel_pid_t process_tgid;
108		} exec;
109
110		struct id_proc_event {
111			__kernel_pid_t process_pid;
112			__kernel_pid_t process_tgid;
113			union {
114				__u32 ruid; /* task uid */
115				__u32 rgid; /* task gid */
116			} r;
117			union {
118				__u32 euid;
119				__u32 egid;
120			} e;
121		} id;
122
123		struct sid_proc_event {
124			__kernel_pid_t process_pid;
125			__kernel_pid_t process_tgid;
126		} sid;
127
128		struct ptrace_proc_event {
129			__kernel_pid_t process_pid;
130			__kernel_pid_t process_tgid;
131			__kernel_pid_t tracer_pid;
132			__kernel_pid_t tracer_tgid;
133		} ptrace;
134
135		struct comm_proc_event {
136			__kernel_pid_t process_pid;
137			__kernel_pid_t process_tgid;
138			char           comm[16];
139		} comm;
140
141		struct coredump_proc_event {
142			__kernel_pid_t process_pid;
143			__kernel_pid_t process_tgid;
144			__kernel_pid_t parent_pid;
145			__kernel_pid_t parent_tgid;
146		} coredump;
147
148		struct exit_proc_event {
149			__kernel_pid_t process_pid;
150			__kernel_pid_t process_tgid;
151			__u32 exit_code, exit_signal;
152			__kernel_pid_t parent_pid;
153			__kernel_pid_t parent_tgid;
154		} exit;
155
156	} event_data;
157};
158
159#endif /* CN_PROC_H */