/* open the kernel log - will be called inside the willRun() imklog
* entry point. -- rgerhards, 2008-04-09
*/
rsRetVal
klogWillRunPrePrivDrop(modConfData_t *pModConf)
{
char errmsg[2048];
int r;
DEFiRet;
fklog = open((char*)GetPath(pModConf), O_RDONLY, 0);
if (fklog < 0) {
imklogLogIntMsg(LOG_ERR, "imklog: cannot open kernel log (%s): %s.",
GetPath(pModConf), rs_strerror_r(errno, errmsg, sizeof(errmsg)));
ABORT_FINALIZE(RS_RET_ERR_OPEN_KLOG);
}
# ifdef OS_LINUX
/* Set level of kernel console messaging.. */
if(pModConf->console_log_level != -1) {
r = klogctl(8, NULL, pModConf->console_log_level);
if(r != 0) {
imklogLogIntMsg(LOG_WARNING, "imklog: cannot set console log level: %s",
rs_strerror_r(errno, errmsg, sizeof(errmsg)));
/* make sure we do not try to re-set! */
pModConf->console_log_level = -1;
}
}
# endif /* #ifdef OS_LINUX */
finalize_it:
RETiRet;
}
/* Read kernel log while data are available, split into lines.
*/
static void
readklog(modConfData_t *pModConf)
{
char *p, *q;
int len, i;
int iMaxLine;
uchar bufRcv[128*1024+1];
char errmsg[2048];
uchar *pRcv = NULL; /* receive buffer */
iMaxLine = klog_getMaxLine();
/* we optimize performance: if iMaxLine is below our fixed size buffer (which
* usually is sufficiently large), we use this buffer. if it is higher, heap memory
* is used. We could use alloca() to achive a similar aspect, but there are so
* many issues with alloca() that I do not want to take that route.
* rgerhards, 2008-09-02
*/
if((size_t) iMaxLine < sizeof(bufRcv) - 1) {
pRcv = bufRcv;
} else {
if((pRcv = (uchar*) MALLOC(sizeof(uchar) * (iMaxLine + 1))) == NULL)
iMaxLine = sizeof(bufRcv) - 1; /* better this than noting */
}
len = 0;
for (;;) {
dbgprintf("imklog(BSD/Linux) waiting for kernel log line\n");
i = read(fklog, pRcv + len, iMaxLine - len);
if (i > 0) {
pRcv[i + len] = '\0';
} else {
if (i < 0 && errno != EINTR && errno != EAGAIN) {
imklogLogIntMsg(LOG_ERR,
"imklog: error reading kernel log - shutting down: %s",
rs_strerror_r(errno, errmsg, sizeof(errmsg)));
fklog = -1;
}
break;
}
for (p = (char*)pRcv; (q = strchr(p, '\n')) != NULL; p = q + 1) {
*q = '\0';
submitSyslog(pModConf, LOG_INFO, (uchar*) p);
}
len = strlen(p);
if (len >= iMaxLine - 1) {
submitSyslog(pModConf, LOG_INFO, (uchar*)p);
len = 0;
}
if(len > 0)
memmove(pRcv, p, len + 1);
}
if (len > 0)
submitSyslog(pModConf, LOG_INFO, pRcv);
if(pRcv != NULL && (size_t) iMaxLine >= sizeof(bufRcv) - 1)
free(pRcv);
}
/* make sure the kernel log is readable after dropping privileges
*/
rsRetVal
klogWillRunPostPrivDrop(modConfData_t *pModConf)
{
char errmsg[2048];
int r;
DEFiRet;
/* this normally returns EINVAL */
/* on an OpenVZ VM, we get EPERM */
r = read(fklog, NULL, 0);
if (r < 0 && errno != EINVAL) {
imklogLogIntMsg(LOG_ERR, "imklog: cannot open kernel log (%s): %s.",
GetPath(pModConf), rs_strerror_r(errno, errmsg, sizeof(errmsg)));
fklog = -1;
ABORT_FINALIZE(RS_RET_ERR_OPEN_KLOG);
}
finalize_it:
RETiRet;
}
/**************************************************************************
* Function: InitMsyms
*
* Purpose: This function is responsible for building a symbol
* table which can be used to resolve addresses for
* loadable modules.
*
* Arguements: Void
*
* Return: A boolean return value is assumed.
*
* A false value indicates that something went wrong.
*
* True if loading is successful.
**************************************************************************/
extern int InitMsyms(void)
{
auto int rtn,
tmp;
FILE *ksyms;
char buf[128];
char *p;
/* Initialize the kernel module symbol table. */
FreeModules();
ksyms = fopen(KSYMS, "r");
if ( ksyms == NULL ) {
if ( errno == ENOENT )
imklogLogIntMsg(LOG_INFO, "No module symbols loaded - "
"kernel modules not enabled.\n");
else
imklogLogIntMsg(LOG_ERR, "Error loading kernel symbols " \
"- %s\n", strerror(errno));
return(0);
}
dbgprintf("Loading kernel module symbols - Source: %s\n", KSYMS);
while ( fgets(buf, sizeof(buf), ksyms) != NULL ) {
if (num_syms > 0 && index(buf, '[') == NULL)
continue;
p = index(buf, ' ');
if ( p == NULL )
continue;
if ( buf[strlen(buf)-1] == '\n' )
buf[strlen(buf)-1] = '\0';
/* overlong lines will be ignored above */
AddSymbol(buf);
}
if(ksyms != NULL)
fclose(ksyms);
have_modules = 1;
/* Sort the symbol tables in each module. */
for (rtn = tmp = 0; tmp < num_modules; ++tmp) {
rtn += sym_array_modules[tmp].num_syms;
if ( sym_array_modules[tmp].num_syms < 2 )
continue;
qsort(sym_array_modules[tmp].sym_array, \
sym_array_modules[tmp].num_syms, \
sizeof(struct sym_table), symsort);
}
if ( rtn == 0 )
imklogLogIntMsg(LOG_INFO, "No module symbols loaded.");
else
imklogLogIntMsg(LOG_INFO, "Loaded %d %s from %d module%s", rtn, \
(rtn == 1) ? "symbol" : "symbols", \
num_modules, (num_modules == 1) ? "." : "s.");
return(1);
}
