src - OpenBSD base system

diff options


context:
space:
mode:

author	Theo de Raadt <deraadt@cvs.openbsd.org>	2001-06-12 21:41:33 +0000
committer	Theo de Raadt <deraadt@cvs.openbsd.org>	2001-06-12 21:41:33 +0000
commit	3eb773504ee9d05650b0578f1145cc355ae428b5 (patch)
tree	e3cebd96865433d78bafcd59181058330efe03f8
parent	2a728d2a465c56415454765ab7809178651ef260 (diff)

one less setuid program (use an ioctl like pppstats)

Diffstat

-rw-r--r--

sys/net/if_sl.c

-rw-r--r--

sys/net/if_slvar.h

-rw-r--r--

usr.sbin/slstats/Makefile

-rw-r--r--

usr.sbin/slstats/slstats.c

164

4 files changed, 136 insertions, 97 deletions

diff --git a/sys/net/if_sl.c b/sys/net/if_sl.c
index a0784101bfe..31e1f7e8e9b 100644
--- a/sys/net/if_sl.c
+++ b/sys/net/if_sl.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: if_sl.c,v 1.11 2001/05/17 18:41:46 provos Exp $ */

+/* $OpenBSD: if_sl.c,v 1.12 2001/06/12 21:41:32 deraadt Exp $ */

/* $NetBSD: if_sl.c,v 1.39.4.1 1996/06/02 16:26:31 thorpej Exp $ */

@@ -882,9 +882,11 @@ slioctl(ifp, cmd, data)

u_long cmd;

caddr_t data;

{

+ register struct sl_softc *sc = ifp->if_softc;

+ struct sl_stats *slsp;

switch (cmd) {

@@ -920,6 +922,26 @@ slioctl(ifp, cmd, data)

}

break;

+ case SIOCGSLSTATS:

+ slsp = &((struct ifslstatsreq *) data)->stats;

+ bzero(slsp, sizeof(*slsp));

+ /* slsp->sl = sc->sc_stats; */

+ slsp->sl.sl_ibytes = sc->sc_if.if_ibytes;

+ slsp->sl.sl_obytes = sc->sc_if.if_obytes;

+ slsp->sl.sl_ipackets = sc->sc_if.if_ipackets;

+ slsp->sl.sl_opackets = sc->sc_if.if_opackets;

+#ifdef INET

+ slsp->vj.vjs_packets = sc->sc_comp.sls_packets;

+ slsp->vj.vjs_compressed = sc->sc_comp.sls_compressed;

+ slsp->vj.vjs_searches = sc->sc_comp.sls_searches;

+ slsp->vj.vjs_misses = sc->sc_comp.sls_misses;

+ slsp->vj.vjs_uncompressedin = sc->sc_comp.sls_uncompressedin;

+ slsp->vj.vjs_compressedin = sc->sc_comp.sls_compressedin;

+ slsp->vj.vjs_errorin = sc->sc_comp.sls_errorin;

+ slsp->vj.vjs_tossed = sc->sc_comp.sls_tossed;

+#endif /* INET */

+ break;

default:

error = EINVAL;

}

diff --git a/sys/net/if_slvar.h b/sys/net/if_slvar.h
index efb4af4fb9a..ccffba9e1bf 100644
--- a/sys/net/if_slvar.h
+++ b/sys/net/if_slvar.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: if_slvar.h,v 1.7 2001/06/09 06:16:38 angelos Exp $ */

+/* $OpenBSD: if_slvar.h,v 1.8 2001/06/12 21:41:32 deraadt Exp $ */

/* $NetBSD: if_slvar.h,v 1.16 1996/05/07 02:40:46 thorpej Exp $ */

/*-

@@ -71,6 +71,37 @@ struct sl_softc {

caddr_t sc_bpf; /* BPF data */

};

+/*

+ * Statistics.

+ */

+struct slstat {

+ u_int sl_ibytes; /* bytes received */

+ u_int sl_ipackets; /* packets received */

+ u_int sl_obytes; /* bytes sent */

+ u_int sl_opackets; /* packets sent */

+};

+struct vjstat {

+ u_int vjs_packets; /* outbound packets */

+ u_int vjs_compressed; /* outbound compressed packets */

+ u_int vjs_searches; /* searches for connection state */

+ u_int vjs_misses; /* times couldn't find conn. state */

+ u_int vjs_uncompressedin; /* inbound uncompressed packets */

+ u_int vjs_compressedin; /* inbound compressed packets */

+ u_int vjs_errorin; /* inbound unknown type packets */

+ u_int vjs_tossed; /* inbound packets tossed because of error */

+};

+struct sl_stats {

+ struct slstat sl; /* basic PPP statistics */

+ struct vjstat vj; /* VJ header compression statistics */

+};

+struct ifslstatsreq {

+ char ifr_name[IFNAMSIZ];

+ struct sl_stats stats;

+};

/* internal flags */

#define SC_ERROR 0x0001 /* had an input error */

@@ -79,6 +110,12 @@ struct sl_softc {

#define SC_NOICMP IFF_LINK1 /* supress ICMP traffic */

#define SC_AUTOCOMP IFF_LINK2 /* auto-enable TCP compression */

+/*

+ * These two are interface ioctls so that pppstats can do them on

+ * a socket without having to open the serial device.

+ */

+#define SIOCGSLSTATS _IOWR('i', 123, struct ifslstatsreq)

#ifdef _KERNEL

void slattach __P((int));

void slclose __P((struct tty *));

diff --git a/usr.sbin/slstats/Makefile b/usr.sbin/slstats/Makefile
index 0c80810fec0..99ab6d1f6e8 100644
--- a/usr.sbin/slstats/Makefile
+++ b/usr.sbin/slstats/Makefile

@@ -1,11 +1,7 @@

-# $OpenBSD: Makefile,v 1.2 1997/09/21 11:44:25 deraadt Exp $

+# $OpenBSD: Makefile,v 1.3 2001/06/12 21:41:32 deraadt Exp $

PROG= slstats

SRCS= slstats.c

MAN= slstats.8

-DPADD= ${LIBKVM}

-LDADD= -lkvm

-BINGRP= kmem

-BINMODE=2555

.include <bsd.prog.mk>

diff --git a/usr.sbin/slstats/slstats.c b/usr.sbin/slstats/slstats.c
index e71609b31fb..11092c422d8 100644
--- a/usr.sbin/slstats/slstats.c
+++ b/usr.sbin/slstats/slstats.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: slstats.c,v 1.9 1998/07/08 22:13:30 deraadt Exp $ */

+/* $OpenBSD: slstats.c,v 1.10 2001/06/12 21:41:32 deraadt Exp $ */

/* $NetBSD: slstats.c,v 1.6.6.1 1996/06/07 01:42:30 thorpej Exp $ */

@@ -25,7 +25,7 @@

#ifndef lint

-static char rcsid[] = "$OpenBSD: slstats.c,v 1.9 1998/07/08 22:13:30 deraadt Exp $";

+static char rcsid[] = "$OpenBSD: slstats.c,v 1.10 2001/06/12 21:41:32 deraadt Exp $";

#endif

#define INET

@@ -34,6 +34,7 @@ static char rcsid[] = "$OpenBSD: slstats.c,v 1.9 1998/07/08 22:13:30 deraadt Exp

#include <sys/mbuf.h>

#include <sys/types.h>

#include <sys/socket.h>

+#include <sys/ioctl.h>

#include <sys/file.h>

#include <net/if.h>

@@ -49,7 +50,6 @@ static char rcsid[] = "$OpenBSD: slstats.c,v 1.9 1998/07/08 22:13:30 deraadt Exp

#include <err.h>

#include <errno.h>

#include <fcntl.h>

-#include <kvm.h>

#include <limits.h>

#include <signal.h>

#include <stdio.h>

@@ -59,19 +59,8 @@ static char rcsid[] = "$OpenBSD: slstats.c,v 1.9 1998/07/08 22:13:30 deraadt Exp

#include <string.h>

#include <unistd.h>

-struct nlist nl[] = {

-#define N_SOFTC 0

- { "_sl_softc" },

- "",

-};

extern char *__progname; /* from crt0.o */

-char *kernel; /* kernel for namelist */

-char *kmemf; /* memory file */

-kvm_t *kd;

int vflag;

unsigned interval = 5;

int unit;

@@ -80,14 +69,19 @@ void catchalarm __P((void));

void intpr __P((void));

void usage __P((void));

+int s;

+char interface[IFNAMSIZ];

int

main(argc, argv)

int argc;

char *argv[];

{

- char errbuf[_POSIX2_LINE_MAX];

+ struct ifreq ifr;

int ch;

+ (void)strcpy(interface, "sl0");

while ((ch = getopt(argc, argv, "i:M:N:v")) != -1) {

switch (ch) {

case 'i':

@@ -96,14 +90,6 @@ main(argc, argv)

usage();

break;

- case 'M':

- kmemf = optarg;

- break;

- case 'N':

- kernel = optarg;

- break;

case 'v':

++vflag;

break;

@@ -118,55 +104,55 @@ main(argc, argv)

if (argc > 1)

usage();

- while (argc--) {

- if (isdigit(*argv[0])) {

- unit = atoi(*argv);

- if (unit < 0)

- usage();

- continue;

- }

- /* Fall to here, we have bogus arguments. */

- usage();

- }

- /*

- * Discard setgid privileges if not the running kernel so that bad

- * guys can't print interesting stuff from kernel memory.

- */

- if (kmemf != NULL || kernel != NULL) {

- setegid(getgid());

- setgid(getgid());

+ if (argc > 0) {

+ (void)strncpy(interface, argv[0], sizeof(interface) - 1);

+ interface[sizeof(interface) - 1] = '\0';

}

+ if (sscanf(interface, "sl%d", &unit) != 1)

+ errx(1, "invalid interface '%s' specified", interface);

- memset(errbuf, 0, sizeof(errbuf));

- if ((kd = kvm_openfiles(kernel, kmemf, NULL, O_RDONLY, errbuf)) == NULL)

- errx(1, "can't open kvm: %s", errbuf);

- setegid(getgid());

- setgid(getgid());

- if (kvm_nlist(kd, nl) < 0 || nl[0].n_type == 0)

- errx(1, "%s: SLIP symbols not in namelist",

- kernel == NULL ? _PATH_UNIX : kernel);

+ s = socket(AF_INET, SOCK_DGRAM, 0);

+ if (s < 0)

+ err(1, "couldn't create IP socket");

+ (void)strcpy(ifr.ifr_name, interface);

+ if (ioctl(s, SIOCGIFFLAGS, (caddr_t)&ifr) < 0)

+ errx(1, "nonexistent interface '%s' specified", interface);

intpr();

exit(0);

}

-#define V(offset) ((line % 20)? sc->offset - osc->offset : sc->offset)

-#define AMT (sizeof(*sc) - 2 * sizeof(sc->sc_comp.tstate))

+#define V(offset) ((line % 20)? cur.offset - old.offset : cur.offset)

void

usage()

{

- fprintf(stderr, "usage: %s [-M core] [-N system] [-i interval] %s",

+ fprintf(stderr, "usage: %s [-i interval] %s",

__progname, "[-v] [unit]\n");

exit(1);

}

-u_char signalled; /* set if alarm goes off "early" */

+sig_atomic_t signalled; /* set if alarm goes off "early" */

+static void

+get_sl_stats(curp)

+ struct sl_stats *curp;

+ struct ifslstatsreq req;

+ memset(&req, 0, sizeof(req));

+ (void)strncpy(req.ifr_name, interface, sizeof(req.ifr_name) - 1);

+ req.ifr_name[sizeof(req.ifr_name) - 1] = '\0';

+ if (ioctl(s, SIOCGSLSTATS, &req) < 0) {

+ if (errno == ENOTTY)

+ errx(1, "kernel support missing");

+ else

+ err(1, "couldn't get slip statistics");

+ }

+ *curp = req.stats;

* Print a running summary of interface statistics.

@@ -179,17 +165,21 @@ intpr()

{

int oldmask;

- struct sl_softc *sc, *osc;

- u_long addr;

- addr = nl[N_SOFTC].n_value + unit * sizeof(struct sl_softc);

- sc = (struct sl_softc *)malloc(AMT);

- osc = (struct sl_softc *)malloc(AMT);

- bzero((char *)osc, AMT);

+ struct sl_stats cur, old;

+#if 0

+ struct sl_comp_stats ccs, ocs;

+#endif

+ bzero(&old, sizeof(old));

+#if 0

+ bzero(&ocs, sizeof(ocs));

+#endif

while (1) {

- if (kvm_read(kd, addr, (char *)sc, AMT) != AMT)

- errx(1, "kvm_read: %s", kvm_geterr(kd));

+ get_sl_stats(&cur);

+#if 0

+ if (zflag || rflag)

+ get_sl_cstats(&ccs);

+#endif

(void)signal(SIGALRM, (void (*)())catchalarm);

signalled = 0;

@@ -197,50 +187,44 @@ intpr()

if ((line % 20) == 0) {

printf("%8.8s %6.6s %6.6s %6.6s %6.6s",

- "IN", "PACK", "COMP", "UNCOMP", "ERR");

+ "IN", "PACK", "COMP", "UNCOMP", "ERR");

if (vflag)

printf(" %6.6s %6.6s", "TOSS", "IP");

printf(" | %8.8s %6.6s %6.6s %6.6s %6.6s",

- "OUT", "PACK", "COMP", "UNCOMP", "IP");

+ "OUT", "PACK", "COMP", "UNCOMP", "IP");

if (vflag)

printf(" %6.6s %6.6s", "SEARCH", "MISS");

putchar('\n');

}

- printf("%8u %6d %6u %6u %6u",

- V(sc_if.if_ibytes),

- V(sc_if.if_ipackets),

- V(sc_comp.sls_compressedin),

- V(sc_comp.sls_uncompressedin),

- V(sc_comp.sls_errorin));

+ printf("%8u %6d %6u %6u %6u", V(sl.sl_ibytes),

+ V(sl.sl_ipackets), V(vj.vjs_compressedin),

+ V(vj.vjs_uncompressedin), V(vj.vjs_errorin));

if (vflag)

- printf(" %6u %6u",

- V(sc_comp.sls_tossed),

- V(sc_if.if_ipackets) -

- V(sc_comp.sls_compressedin) -

- V(sc_comp.sls_uncompressedin) -

- V(sc_comp.sls_errorin));

- printf(" | %8u %6d %6u %6u %6u",

- V(sc_if.if_obytes),

- V(sc_if.if_opackets),

- V(sc_comp.sls_compressed),

- V(sc_comp.sls_packets) - V(sc_comp.sls_compressed),

- V(sc_if.if_opackets) - V(sc_comp.sls_packets));

+ printf(" %6u %6u", V(vj.vjs_tossed),

+ V(sl.sl_ipackets) -

+ V(vj.vjs_compressedin) -

+ V(vj.vjs_uncompressedin) -

+ V(vj.vjs_errorin));

+ printf(" | %8u %6d %6u %6u %6u", V(sl.sl_obytes),

+ V(sl.sl_opackets),

+ V(vj.vjs_compressed),

+ V(vj.vjs_packets) - V(vj.vjs_compressed),

+ V(sl.sl_opackets) - V(vj.vjs_packets));

if (vflag)

- printf(" %6u %6u",

- V(sc_comp.sls_searches),

- V(sc_comp.sls_misses));

+ printf(" %6u %6u", V(vj.vjs_searches),

+ V(vj.vjs_misses));

putchar('\n');

fflush(stdout);

line++;

oldmask = sigblock(sigmask(SIGALRM));

- if (! signalled) {

+ if (!signalled) {

sigpause(0);

}

sigsetmask(oldmask);

signalled = 0;

(void)alarm(interval);

- bcopy((char *)sc, (char *)osc, AMT);

+ old = cur;

}