Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding lspci vtable for linux #307

Closed
wants to merge 5 commits into
base: master
from

Conversation

Projects
None yet
3 participants
@akshaydixi
Copy link
Contributor

akshaydixi commented Oct 31, 2014

This pull request attempts to partially resolve #221 . Also added libudev-dev & libudev-devel dependency for ubuntu and centos correspondingly in provisions.sh for it to work on a fresh installation attempt. A sample out is below:

osquery> select * from lspci;

+--------------+--------------------------+---------------------------------+-------------------------------------------------+
| slot         | device_class             | vendor                          | model                                           |
+--------------+--------------------------+---------------------------------+-------------------------------------------------+
| 0000:00:00.0 | Bridge                   | Intel Corporation               | Haswell DRAM Controller                         |
| 0000:00:01.0 | Bridge                   | Intel Corporation               | Haswell PCI Express x16 Controller              |
| 0000:01:00.0 | Display controller       | NVIDIA Corporation              | GK106M [GeForce GTX 770M]                       |
| 0000:00:02.0 | Display controller       | Intel Corporation               | Haswell Integrated Graphics Controller          |
| 0000:00:03.0 | Multimedia controller    | Intel Corporation               | Haswell HD Audio Controller                     |
| 0000:00:14.0 | Serial bus controller    | Intel Corporation               | Lynx Point USB xHCI Host Controller             |
| 0000:00:16.0 | Communication controller | Intel Corporation               | Lynx Point MEI Controller                       |
| 0000:00:1a.0 | Serial bus controller    | Intel Corporation               | Lynx Point USB Enhanced Host Controller         |
| 0000:00:1b.0 | Multimedia controller    | Intel Corporation               | Lynx Point High Definition Audio Controller     |
| 0000:00:1c.0 | Bridge                   | Intel Corporation               | Lynx Point PCI Express Root Port                |
| 0000:07:00.0 | Network controller       | Intel Corporation               | Dual Band Wireless-AC 7260                      |
| 0000:00:1c.3 | Bridge                   | Intel Corporation               | Lynx Point PCI Express Root Port                |
| 0000:0d:00.0 | Network controller       | Qualcomm Atheros                | AR8161 Gigabit Ethernet                         |
| 0000:00:1c.4 | Bridge                   | Intel Corporation               | Lynx Point PCI Express Root Port                |
| 0000:0e:00.0 | Unassigned class         | Realtek Semiconductor Co., Ltd. | RTS5229 PCI Express Card Reader                 |
| 0000:00:1d.0 | Serial bus controller    | Intel Corporation               | Lynx Point USB Enhanced Host Controller         |
| 0000:00:1f.0 | Bridge                   | Intel Corporation               | Lynx Point LPC Controller                       |
| 0000:00:1f.2 | Mass storage controller  | Intel Corporation               | Lynx Point 6-port SATA Controller 1 [AHCI mode] |
| 0000:00:1f.3 | Serial bus controller    | Intel Corporation               | Lynx Point SMBus Controller                     |
+--------------+--------------------------+---------------------------------+-------------------------------------------------+
osquery> 
@theopolis

This comment has been minimized.

Copy link

theopolis commented on osquery/tables/specs/x/lspci.table in 09d966d Oct 31, 2014

This wont build on OSX unless there is a symbol genLspci, as the spec will still generate the corresponding C++ code. You can either move the table spec into osquery/tables/specs/linux or add a osquery/tables/system/darwin/lspci.cpp with the symbol that does nothing.

@theopolis

This comment has been minimized.

Copy link
Contributor

theopolis commented Oct 31, 2014

What do you think about renaming the table to just "pci", or "pci_devices". So

SELECT * from pci_devices;

Reads a little cleaner?

@akshaydixi

This comment has been minimized.

Copy link
Contributor Author

akshaydixi commented Oct 31, 2014

Yeah. I agree. Renamed the vtable to pci_devices and moved the spec into osquery/tables/specs/linux

#include "osquery/database.h"

namespace osquery {
namespace tables {

This comment has been minimized.

@marpaia

marpaia Oct 31, 2014

Contributor

can you run clang-format on these files?

This comment has been minimized.

@akshaydixi

akshaydixi Nov 1, 2014

Author Contributor

Done. Ran clang-format-3.4

namespace osquery {
namespace tables {

const char *kSlot = "PCI_SLOT_NAME";

This comment has been minimized.

@marpaia

marpaia Oct 31, 2014

Contributor

can you make these std::string instead of char*?

This comment has been minimized.

@akshaydixi

akshaydixi Nov 1, 2014

Author Contributor

Done

QueryData genLspci() {
QueryData results;

/* Create the udev object */

This comment has been minimized.

@marpaia

marpaia Oct 31, 2014

Contributor

can you change these to C++ comments (// foobar) instead of C comments (/* foobar */)

return results;
}

/* Enumerate the list of all PCI devices */

This comment has been minimized.

@marpaia

marpaia Oct 31, 2014

Contributor

prefer C++ comments please

udev_enumerate_scan_devices(enumerate);
devices = udev_enumerate_get_list_entry(enumerate);

/* udev_list_entry_foreach is a macro which expands to

This comment has been minimized.

@marpaia

marpaia Oct 31, 2014

Contributor

prefer C++ comments please

@theopolis

This comment has been minimized.

Copy link
Contributor

theopolis commented Nov 3, 2014

See #337, to preserve commit log.

@theopolis theopolis closed this Nov 3, 2014

theopolis added a commit that referenced this pull request Nov 3, 2014

Merge pull request #337 from theopolis/feature-pci_devices_vtable
Fixes merge conflict for #307. pci_devices virtual table for Linux

@akshaydixi akshaydixi deleted the akshaydixi:lspci_vtable branch Nov 3, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.