diff options
Diffstat (limited to 'include/proc_ledger.h')
| -rw-r--r-- | include/proc_ledger.h | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/include/proc_ledger.h b/include/proc_ledger.h new file mode 100644 index 0000000..d715384 --- /dev/null +++ b/include/proc_ledger.h @@ -0,0 +1,61 @@ +#pragma once + +#include <stddef.h> +#include <stdbool.h> +#include <sys/types.h> +#include <time.h> +#include <limits.h> +//#include <pthread.h> // for the future..maybe... + +#include "json.h" + +struct agent_context; +typedef struct agent_context agent_context_t; + +struct proc_ledger_entry { + pid_t pid; + pid_t tgid; + pid_t ppid; + char exe[PATH_MAX]; + char comm[17]; + char cmdline[4096]; + char cwd[PATH_MAX]; + uid_t uid; + uid_t euid; + gid_t gid; + gid_t egid; + time_t start_time; + unsigned long cpu_user_ticks; + unsigned long cpu_kernel_ticks; + long rss; + unsigned long vsize; + bool daemonized; + bool is_traced; + pid_t tracer_pid; + char state; + int seccomp; + unsigned long cap_eff; + unsigned int threads; + bool has_tty; + struct proc_ledger_entry *next; // for hash collisions +}; + +struct proc_ledger { + size_t num_buckets; + struct proc_ledger_entry **buckets; + //pthread_mutex_t lock; // for the future..maybe... +}; + +struct proc_ledger *proc_ledger_init(size_t num_buckets); +void proc_ledger_destroy(struct proc_ledger *ledger); + +struct proc_ledger_entry *proc_ledger_find(struct proc_ledger *ledger, pid_t pid); +struct proc_ledger_entry *proc_ledger_entry_create(pid_t pid, agent_context_t *ctx); +bool proc_ledger_add(struct proc_ledger *ledger, struct proc_ledger_entry *entry); +bool proc_ledger_remove(struct proc_ledger *ledger, pid_t pid); +bool proc_ledger_replace(struct proc_ledger *ledger, struct proc_ledger_entry *new_entry); +json_t proc_ledger_entry_to_json(struct proc_ledger_entry *entry, + const char *event_type, + struct agent_context *ctx); +void proc_ledger_hydrate(agent_context_t *ctx); +size_t proc_ledger_bucket(struct proc_ledger *ledger, pid_t pid); |