kvm_getprocs() returns a (sub-)set of active processes in the kernel indicated by
kd. The
op and
arg arguments constitute a predicate which limits the set of processes returned. The value of
op describes the filtering predicate as follows:
KERN_PROC_ALL
all processes
KERN_PROC_PID
processes with process id arg
KERN_PROC_PGRP
processes with process group arg
KERN_PROC_SESSION
processes with session id arg
KERN_PROC_TTY
processes with tty device arg
KERN_PROC_UID
processes with effective user id arg
KERN_PROC_RUID
processes with real user id arg
KERN_PROC_GID
processes with effective group id arg
KERN_PROC_RGID
processes with real group id arg
The number of processes found is returned in the reference parameter
cnt. The processes are returned as a contiguous array of
kinfo_proc structures. This memory is locally allocated, and subsequent calls to
kvm_getprocs() and
kvm_close() will overwrite this storage.
If the
op argument for
kvm_getprocs() is
KERN_PROC_TTY,
arg can also be
KERN_PROC_TTY_NODEV to select processes with no controlling tty and
KERN_PROC_TTY_REVOKE to select processes which have had their controlling tty revoked.
kvm_getargv() returns a null-terminated argument vector that corresponds to the command line arguments passed to process indicated by
p. Most likely, these arguments correspond to the values passed to
exec(3) on process creation. This information is, however, deliberately under control of the process itself. Note that the original command name can be found, unaltered, in the p_comm field of the process structure returned by
kvm_getprocs().
The
nchr argument indicates the maximum number of characters, including null bytes, to use in building the strings. If this amount is exceeded, the string causing the overflow is truncated and the partial result is returned. This is handy for programs like
ps(1) and
w(1) that print only a one line summary of a command and should not copy out large amounts of text only to ignore it. If
nchr is zero, no limit is imposed and all argument strings are returned in their entirety.
The memory allocated to the argv pointers and string storage is owned by the kvm library. Subsequent
kvm_getprocs() and
kvm_close(3) calls will clobber this storage.
The
kvm_getenvv() function is similar to
kvm_getargv() but returns the vector of environment strings. This data is also alterable by the process.
kvm_getproc2() is similar to
kvm_getprocs() but returns an array of
kinfo_proc2 structures. Additionally, only the first
elemsize bytes of each array entry are returned. If the size of the
kinfo_proc2 structure increases in size in a future release of
NetBSD the kernel will only return the requested amount of data for each array entry and programs that use
kvm_getproc2() will continue to function without the need for recompilation.
The
kvm_getargv2() and
kvm_getenvv2() are equivalents to the
kvm_getargv() and
kvm_getenvv() functions but use a
kinfo_proc2 structure to specify the process.
If called against an active kernel, the
kvm_getproc2(),
kvm_getargv2(), and
kvm_getenvv2() functions will use the
sysctl(3) interface and do not require access to the kernel memory device file or swap device.