cleanup(userspace/libsinsp): drop user and group infos embedded in threadinfo

userspace/libsinsp/parsers.cpp

@@ -1311,7 +1311,7 @@ void sinsp_parser::parse_clone_exit_caller(sinsp_evt *evt, int64_t child_tid) {
 
 		child_tinfo->m_tty = caller_tinfo->m_tty;
 
-		child_tinfo->m_loginuser = caller_tinfo->m_loginuser;
+		child_tinfo->set_loginuid(caller_tinfo->m_loginuid);
 
 		child_tinfo->m_cap_permitted = caller_tinfo->m_cap_permitted;
 
@@ -1349,11 +1349,10 @@ void sinsp_parser::parse_clone_exit_caller(sinsp_evt *evt, int64_t child_tid) {
 		return;
 	}
 
-	/* Refresh user / loginuser / group */
+	/* Refresh user / group */
 	if(new_child->m_container_id.empty() == false) {
-		new_child->set_user(new_child->m_user.uid());
-		new_child->set_loginuser(new_child->m_loginuser.uid());
-		new_child->set_group(new_child->m_group.gid());
+		new_child->set_group(new_child->m_gid);
+		new_child->set_user(new_child->m_uid);
 	}
 
 	/* If there's a listener, invoke it */
@@ -1626,7 +1625,7 @@ void sinsp_parser::parse_clone_exit_child(sinsp_evt *evt) {
 
 		child_tinfo->m_tty = lookup_tinfo->m_tty;
 
-		child_tinfo->m_loginuser = lookup_tinfo->m_loginuser;
+		child_tinfo->set_loginuid(lookup_tinfo->m_loginuid);
 
 		child_tinfo->m_cap_permitted = lookup_tinfo->m_cap_permitted;
 
@@ -1840,11 +1839,10 @@ void sinsp_parser::parse_clone_exit_child(sinsp_evt *evt) {
 	 */
 	evt->set_tinfo(new_child.get());
 
-	/* Refresh user / loginuser / group */
+	/* Refresh user / group */
 	if(new_child->m_container_id.empty() == false) {
-		new_child->set_user(new_child->m_user.uid());
-		new_child->set_loginuser(new_child->m_loginuser.uid());
-		new_child->set_group(new_child->m_group.gid());
+		new_child->set_group(new_child->m_gid);
+		new_child->set_user(new_child->m_uid);
 	}
 
 	//
@@ -2227,7 +2225,7 @@ void sinsp_parser::parse_execve_exit(sinsp_evt *evt) {
 
 	// Get the loginuid
 	if(evt->get_num_params() > 18) {
-		evt->get_tinfo()->set_loginuser(evt->get_param(18)->as<uint32_t>());
+		evt->get_tinfo()->set_loginuid(evt->get_param(18)->as<uint32_t>());
 	}
 
 	// Get execve flags
@@ -2273,7 +2271,7 @@ void sinsp_parser::parse_execve_exit(sinsp_evt *evt) {
 
 	// Get uid
 	if(evt->get_num_params() > 26) {
-		evt->get_tinfo()->m_user.set_uid(evt->get_param(26)->as<uint32_t>());
+		evt->get_tinfo()->set_user(evt->get_param(26)->as<uint32_t>());
 	}
 
 	// Get pgid
@@ -2317,13 +2315,12 @@ void sinsp_parser::parse_execve_exit(sinsp_evt *evt) {
 	evt->get_tinfo()->compute_program_hash();
 
 	//
-	// Refresh user / loginuser / group
+	// Refresh user / group
 	// if we happen to change container id
 	//
 	if(container_id != evt->get_tinfo()->m_container_id) {
-		evt->get_tinfo()->set_user(evt->get_tinfo()->m_user.uid());
-		evt->get_tinfo()->set_loginuser(evt->get_tinfo()->m_loginuser.uid());
-		evt->get_tinfo()->set_group(evt->get_tinfo()->m_group.gid());
+		evt->get_tinfo()->set_group(evt->get_tinfo()->m_gid);
+		evt->get_tinfo()->set_user(evt->get_tinfo()->m_uid);
 	}
 
 	//
@@ -5071,13 +5068,12 @@ void sinsp_parser::parse_chroot_exit(sinsp_evt *evt) {
 		        evt->get_tinfo(),
 		        m_inspector->is_live() || m_inspector->is_syscall_plugin());
 		//
-		// Refresh user / loginuser / group
+		// Refresh user / group
 		// if we happen to change container id
 		//
 		if(container_id != evt->get_tinfo()->m_container_id) {
-			evt->get_tinfo()->set_user(evt->get_tinfo()->m_user.uid());
-			evt->get_tinfo()->set_loginuser(evt->get_tinfo()->m_loginuser.uid());
-			evt->get_tinfo()->set_group(evt->get_tinfo()->m_group.gid());
+			evt->get_tinfo()->set_group(evt->get_tinfo()->m_gid);
+			evt->get_tinfo()->set_user(evt->get_tinfo()->m_uid);
 		}
 	}
 }

userspace/libsinsp/sinsp_filtercheck_group.cpp

@@ -67,11 +67,13 @@
 
 	switch(m_field_id) {
 	case TYPE_GID:
-		m_gid = tinfo->m_group.gid();
+		m_gid = tinfo->m_gid;
 		RETURN_EXTRACT_VAR(m_gid);
-	case TYPE_NAME:
-		m_name = tinfo->m_group.name();
+	case TYPE_NAME: {
+		auto group = tinfo->get_group();
+		m_name = group->name;
 		RETURN_EXTRACT_STRING(m_name);
+	}
 	default:
 		ASSERT(false);
 		break;

userspace/libsinsp/sinsp_filtercheck_user.cpp

@@ -100,27 +100,29 @@
 		RETURN_EXTRACT_STRING(container_info->m_container_user);
 	}
 
+	auto user = tinfo->get_user();
+	auto loginuser = tinfo->get_loginuser();
 	switch(m_field_id) {
 	case TYPE_UID:
-		m_val.u32 = tinfo->m_user.uid();
+		m_val.u32 = tinfo->m_uid;
 		RETURN_EXTRACT_VAR(m_val.u32);
 	case TYPE_NAME:
-		m_strval = tinfo->m_user.name();
+		m_strval = user->name;
 		RETURN_EXTRACT_STRING(m_strval);
 	case TYPE_HOMEDIR:
-		m_strval = tinfo->m_user.homedir();
+		m_strval = user->homedir;
 		RETURN_EXTRACT_STRING(m_strval);
 	case TYPE_SHELL:
-		m_strval = tinfo->m_user.shell();
+		m_strval = user->shell;
 		RETURN_EXTRACT_STRING(m_strval);
 	case TYPE_LOGINUID:
 		m_val.s64 = (int64_t)-1;
-		if(tinfo->m_loginuser.uid() < UINT32_MAX) {
-			m_val.s64 = (int64_t)tinfo->m_loginuser.uid();
+		if(tinfo->m_loginuid < UINT32_MAX) {
+			m_val.s64 = (int64_t)tinfo->m_loginuid;
 		}
 		RETURN_EXTRACT_VAR(m_val.s64);
 	case TYPE_LOGINNAME:
-		m_strval = tinfo->m_loginuser.name();
+		m_strval = loginuser->name;
 		RETURN_EXTRACT_STRING(m_strval);
 	default:
 		ASSERT(false);

userspace/libsinsp/test/parsers/parse_setregid.cpp

@@ -33,7 +33,7 @@ TEST_F(sinsp_with_test_input, SETREGID_failure) {
 
 	sinsp_threadinfo* ti = m_inspector.get_thread_ref(p2_t2_tid, false).get();
 	ASSERT_TRUE(ti);
-	ASSERT_TRUE(ti->m_user.gid() == 0);
+	ASSERT_TRUE(ti->m_gid == 0);
 }
 
 TEST_F(sinsp_with_test_input, SETREGID_success) {
@@ -50,5 +50,5 @@ TEST_F(sinsp_with_test_input, SETREGID_success) {
 
 	sinsp_threadinfo* ti = m_inspector.get_thread_ref(p2_t2_tid, false).get();
 	ASSERT_TRUE(ti);
-	ASSERT_TRUE(ti->m_user.gid() == 1337);
+	ASSERT_TRUE(ti->m_gid == 1337);
 }

userspace/libsinsp/test/parsers/parse_setreuid.cpp

@@ -33,7 +33,7 @@ TEST_F(sinsp_with_test_input, SETREUID_failure) {
 
 	sinsp_threadinfo* ti = m_inspector.get_thread_ref(p2_t2_tid, false).get();
 	ASSERT_TRUE(ti);
-	ASSERT_TRUE(ti->m_user.uid() == 0);
+	ASSERT_TRUE(ti->m_uid == 0);
 }
 
 TEST_F(sinsp_with_test_input, SETREUID_success) {
@@ -50,5 +50,5 @@ TEST_F(sinsp_with_test_input, SETREUID_success) {
 
 	sinsp_threadinfo* ti = m_inspector.get_thread_ref(p2_t2_tid, false).get();
 	ASSERT_TRUE(ti);
-	ASSERT_TRUE(ti->m_user.uid() == 1337);
+	ASSERT_TRUE(ti->m_uid == 1337);
 }

userspace/libsinsp/threadinfo.cpp

@@ -118,6 +118,9 @@
 	m_ptid = (uint64_t)-1LL;
 	m_vpgid = (uint64_t)-1LL;
 	m_pgid = (uint64_t)-1LL;
+	m_uid = 0xffffffff;
+	m_gid = 0xffffffff;
+	m_loginuid = 0xffffffff;
 	set_lastevent_data_validity(false);
 	m_reaper_tid = -1;
 	m_not_expired_children = 0;
@@ -508,91 +511,79 @@
 
 	set_group(pi->gid);
 	set_user(pi->uid);
-	set_loginuser((uint32_t)pi->loginuid);
+	set_loginuid((uint32_t)pi->loginuid);
+}
+
+const sinsp_threadinfo::cgroups_t& sinsp_threadinfo::cgroups() const {
+	return m_cgroups;
+}
+
+std::string sinsp_threadinfo::get_comm() const {
+	return m_comm;
+}
+
+std::string sinsp_threadinfo::get_exe() const {
+	return m_exe;
+}
+
+std::string sinsp_threadinfo::get_exepath() const {
+	return m_exepath;
 }
 
 void sinsp_threadinfo::set_user(uint32_t uid) {
+	m_uid = uid;
 	scap_userinfo* user = m_inspector->m_usergroup_manager.get_user(m_container_id, uid);
 	if(!user) {
 		auto notify = m_inspector->is_live() || m_inspector->is_syscall_plugin();
-		user = m_inspector->m_usergroup_manager
-		               .add_user(m_container_id, m_pid, uid, m_group.gid(), {}, {}, {}, notify);
-	}
-
-	if(user) {
-		m_user.set_uid(user->uid);
-		m_user.set_gid(m_group.gid());
-
-		if(m_inspector->is_user_details_enabled()) {
-			m_user.set_name(user->name, strnlen(user->name, MAX_CREDENTIALS_STR_LEN));
-			m_user.set_homedir(user->homedir, strnlen(user->homedir, MAX_CREDENTIALS_STR_LEN));
-			m_user.set_shell(user->shell, strnlen(user->shell, MAX_CREDENTIALS_STR_LEN));
-		}
-	} else {
-		// No need to set name/homedir/shell, the default values from
-		// sinsp_userinfo are going to be used.
-		m_user.set_uid(uid);
-		m_user.set_gid(m_group.gid());
+		m_inspector->m_usergroup_manager
+		        .add_user(m_container_id, m_pid, uid, m_gid, {}, {}, {}, notify);
 	}
 }
 
 void sinsp_threadinfo::set_group(uint32_t gid) {
+	m_gid = gid;
 	scap_groupinfo* group = m_inspector->m_usergroup_manager.get_group(m_container_id, gid);
 	if(!group) {
 		auto notify = m_inspector->is_live() || m_inspector->is_syscall_plugin();
-		group = m_inspector->m_usergroup_manager.add_group(m_container_id, m_pid, gid, {}, notify);
-	}
-	if(group) {
-		m_group.set_gid(group->gid);
-
-		if(m_inspector->is_user_details_enabled()) {
-			m_group.set_name(group->name, strnlen(group->name, MAX_CREDENTIALS_STR_LEN));
-		}
-	} else {
-		// No need to set name/homedir/shell, the default values from
-		// sinsp_userinfo are going to be used.
-		m_group.set_gid(gid);
+		m_inspector->m_usergroup_manager.add_group(m_container_id, m_pid, gid, {}, notify);
 	}
-	m_user.set_gid(m_group.gid());
 }
 
-void sinsp_threadinfo::set_loginuser(uint32_t loginuid) {
-	scap_userinfo* login_user = m_inspector->m_usergroup_manager.get_user(m_container_id, loginuid);
-
-	if(login_user) {
-		m_loginuser.set_uid(login_user->uid);
-		m_loginuser.set_gid(m_group.gid());
-
-		if(m_inspector->is_user_details_enabled()) {
-			m_loginuser.set_name(login_user->name,
-			                     strnlen(login_user->name, MAX_CREDENTIALS_STR_LEN));
-			m_loginuser.set_homedir(login_user->homedir,
-			                        strnlen(login_user->homedir, MAX_CREDENTIALS_STR_LEN));
-			m_loginuser.set_shell(login_user->shell,
-			                      strnlen(login_user->shell, MAX_CREDENTIALS_STR_LEN));
-		}
-	} else {
-		// No need to set name/homedir/shell, the default values from
-		// sinsp_userinfo are going to be used.
-		m_loginuser.set_uid(loginuid);
-		m_loginuser.set_gid(m_group.gid());
-	}
+void sinsp_threadinfo::set_loginuid(uint32_t loginuid) {
+	m_loginuid = loginuid;
 }
 
-const sinsp_threadinfo::cgroups_t& sinsp_threadinfo::cgroups() const {
-	return m_cgroups;
+scap_userinfo* sinsp_threadinfo::get_user(uint32_t id) const {
+	auto user = m_inspector->m_usergroup_manager.get_user(m_container_id, id);
+	if(user != nullptr) {
+		return user;
+	}
+	static scap_userinfo usr{};
+	usr.uid = id;
+	usr.gid = m_gid;
+	strlcpy(usr.name, id == 0 ? "root" : "<NA>", sizeof(usr.name));
+	strlcpy(usr.homedir, id == 0 ? "/root" : "<NA>", sizeof(usr.homedir));
+	strlcpy(usr.shell, "<NA>", sizeof(usr.shell));
+	return &usr;
 }
 
-std::string sinsp_threadinfo::get_comm() const {
-	return m_comm;
+scap_userinfo* sinsp_threadinfo::get_user() const {
+	return get_user(m_uid);
 }
 
-std::string sinsp_threadinfo::get_exe() const {
-	return m_exe;
+scap_groupinfo* sinsp_threadinfo::get_group() const {
+	auto group = m_inspector->m_usergroup_manager.get_group(m_container_id, m_gid);
+	if(group != nullptr) {
+		return group;
+	}
+	static scap_groupinfo grp = {};
+	grp.gid = m_gid;
+	strlcpy(grp.name, m_gid == 0 ? "root" : "<NA>", sizeof(grp.name));
+	return &grp;
 }
 
-std::string sinsp_threadinfo::get_exepath() const {
-	return m_exepath;
+scap_userinfo* sinsp_threadinfo::get_loginuser() const {
+	return get_user(m_loginuid);
 }
 
 void sinsp_threadinfo::set_args(const char* args, size_t len) {
@@ -1778,8 +1769,8 @@
 
 	sctinfo->flags = tinfo.m_flags;
 	sctinfo->fdlimit = tinfo.m_fdlimit;
-	sctinfo->uid = tinfo.m_user.uid();
-	sctinfo->gid = tinfo.m_group.gid();
+	sctinfo->uid = tinfo.m_uid;
+	sctinfo->gid = tinfo.m_gid;
 	sctinfo->vmsize_kb = tinfo.m_vmsize_kb;
 	sctinfo->vmrss_kb = tinfo.m_vmrss_kb;
 	sctinfo->vmswap_kb = tinfo.m_vmswap_kb;
@@ -1788,7 +1779,7 @@
 	sctinfo->vtid = tinfo.m_vtid;
 	sctinfo->vpid = tinfo.m_vpid;
 	sctinfo->fdlist = NULL;
-	sctinfo->loginuid = tinfo.m_loginuser.uid();
+	sctinfo->loginuid = tinfo.m_loginuid;
 	sctinfo->filtered_out = tinfo.m_filtered_out;
 }
 
@@ -2010,9 +2001,9 @@
 			newti->m_not_expired_children = 0;
 			newti->m_comm = "<NA>";
 			newti->m_exe = "<NA>";
-			newti->m_user.set_uid(0xffffffff);
-			newti->m_group.set_gid(0xffffffff);
-			newti->m_loginuser.set_uid(0xffffffff);
+			newti->m_uid = 0xffffffff;
+			newti->m_gid = 0xffffffff;
+			newti->m_loginuid = 0xffffffff;
 		}
 
 		//