1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 *
26 * Portions Copyright 2007 Chad Mynhier
27 * Copyright 2012 DEY Storage Systems, Inc. All rights reserved.
28 * Copyright (c) 2013 by Delphix. All rights reserved.
29 */
30
31 #include <assert.h>
32 #include <stdio.h>
33 #include <stdlib.h>
34 #include <unistd.h>
35 #include <ctype.h>
36 #include <fcntl.h>
37 #include <string.h>
38 #include <strings.h>
39 #include <memory.h>
40 #include <errno.h>
41 #include <dirent.h>
42 #include <limits.h>
43 #include <signal.h>
44 #include <atomic.h>
45 #include <zone.h>
46 #include <sys/types.h>
47 #include <sys/uio.h>
48 #include <sys/stat.h>
49 #include <sys/resource.h>
50 #include <sys/param.h>
51 #include <sys/stack.h>
52 #include <sys/fault.h>
53 #include <sys/syscall.h>
54 #include <sys/sysmacros.h>
55 #include <sys/systeminfo.h>
56
57 #include "libproc.h"
58 #include "Pcontrol.h"
59 #include "Putil.h"
60 #include "P32ton.h"
61
62 int _libproc_debug; /* set non-zero to enable debugging printfs */
63 int _libproc_no_qsort; /* set non-zero to inhibit sorting */
64 /* of symbol tables */
65 int _libproc_incore_elf; /* only use in-core elf data */
66
67 sigset_t blockable_sigs; /* signals to block when we need to be safe */
68 static int minfd; /* minimum file descriptor returned by dupfd(fd, 0) */
69 char procfs_path[PATH_MAX] = "/proc";
70
71 /*
72 * Function prototypes for static routines in this module.
73 */
74 static void deadcheck(struct ps_prochandle *);
75 static void restore_tracing_flags(struct ps_prochandle *);
76 static void Lfree_internal(struct ps_prochandle *, struct ps_lwphandle *);
77 static prheader_t *read_lfile(struct ps_prochandle *, const char *);
78
79 /*
80 * Ops vector functions for live processes.
81 */
82
83 /*ARGSUSED*/
84 static ssize_t
Pread_live(struct ps_prochandle * P,void * buf,size_t n,uintptr_t addr,void * data)85 Pread_live(struct ps_prochandle *P, void *buf, size_t n, uintptr_t addr,
86 void *data)
87 {
88 return (pread(P->asfd, buf, n, (off_t)addr));
89 }
90
91 /*ARGSUSED*/
92 static ssize_t
Pwrite_live(struct ps_prochandle * P,const void * buf,size_t n,uintptr_t addr,void * data)93 Pwrite_live(struct ps_prochandle *P, const void *buf, size_t n, uintptr_t addr,
94 void *data)
95 {
96 return (pwrite(P->asfd, buf, n, (off_t)addr));
97 }
98
99 /*ARGSUSED*/
100 static int
Pread_maps_live(struct ps_prochandle * P,prmap_t ** Pmapp,ssize_t * nmapp,void * data)101 Pread_maps_live(struct ps_prochandle *P, prmap_t **Pmapp, ssize_t *nmapp,
102 void *data)
103 {
104 char mapfile[PATH_MAX];
105 int mapfd;
106 struct stat statb;
107 ssize_t nmap;
108 prmap_t *Pmap = NULL;
109
110 (void) snprintf(mapfile, sizeof (mapfile), "%s/%d/map",
111 procfs_path, (int)P->pid);
112 if ((mapfd = open(mapfile, O_RDONLY)) < 0 ||
113 fstat(mapfd, &statb) != 0 ||
114 statb.st_size < sizeof (prmap_t) ||
115 (Pmap = malloc(statb.st_size)) == NULL ||
116 (nmap = pread(mapfd, Pmap, statb.st_size, 0L)) <= 0 ||
117 (nmap /= sizeof (prmap_t)) == 0) {
118 if (Pmap != NULL)
119 free(Pmap);
120 if (mapfd >= 0)
121 (void) close(mapfd);
122 Preset_maps(P); /* utter failure; destroy tables */
123 return (-1);
124 }
125 (void) close(mapfd);
126
127 *Pmapp = Pmap;
128 *nmapp = nmap;
129
130 return (0);
131 }
132
133 /*ARGSUSED*/
134 static void
Pread_aux_live(struct ps_prochandle * P,auxv_t ** auxvp,int * nauxp,void * data)135 Pread_aux_live(struct ps_prochandle *P, auxv_t **auxvp, int *nauxp, void *data)
136 {
137 char auxfile[64];
138 int fd;
139 struct stat statb;
140 auxv_t *auxv;
141 ssize_t naux;
142
143 (void) snprintf(auxfile, sizeof (auxfile), "%s/%d/auxv",
144 procfs_path, (int)P->pid);
145 if ((fd = open(auxfile, O_RDONLY)) < 0) {
146 dprintf("%s: failed to open %s: %s\n",
147 __func__, auxfile, strerror(errno));
148 return;
149 }
150
151 if (fstat(fd, &statb) == 0 &&
152 statb.st_size >= sizeof (auxv_t) &&
153 (auxv = malloc(statb.st_size + sizeof (auxv_t))) != NULL) {
154 if ((naux = read(fd, auxv, statb.st_size)) < 0 ||
155 (naux /= sizeof (auxv_t)) < 1) {
156 dprintf("%s: read failed: %s\n",
157 __func__, strerror(errno));
158 free(auxv);
159 } else {
160 auxv[naux].a_type = AT_NULL;
161 auxv[naux].a_un.a_val = 0L;
162
163 *auxvp = auxv;
164 *nauxp = (int)naux;
165 }
166 }
167
168 (void) close(fd);
169 }
170
171 /*ARGSUSED*/
172 static int
Pcred_live(struct ps_prochandle * P,prcred_t * pcrp,int ngroups,void * data)173 Pcred_live(struct ps_prochandle *P, prcred_t *pcrp, int ngroups, void *data)
174 {
175 return (proc_get_cred(P->pid, pcrp, ngroups));
176 }
177
178 /*ARGSUSED*/
179 static int
Ppriv_live(struct ps_prochandle * P,prpriv_t ** pprv,void * data)180 Ppriv_live(struct ps_prochandle *P, prpriv_t **pprv, void *data)
181 {
182 prpriv_t *pp;
183
184 pp = proc_get_priv(P->pid);
185 if (pp == NULL) {
186 return (-1);
187 }
188
189 *pprv = pp;
190 return (0);
191 }
192
193 /*ARGSUSED*/
194 static const psinfo_t *
Ppsinfo_live(struct ps_prochandle * P,psinfo_t * psinfo,void * data)195 Ppsinfo_live(struct ps_prochandle *P, psinfo_t *psinfo, void *data)
196 {
197 if (proc_get_psinfo(P->pid, psinfo) == -1)
198 return (NULL);
199
200 return (psinfo);
201 }
202
203 /*ARGSUSED*/
204 static prheader_t *
Plstatus_live(struct ps_prochandle * P,void * data)205 Plstatus_live(struct ps_prochandle *P, void *data)
206 {
207 return (read_lfile(P, "lstatus"));
208 }
209
210 /*ARGSUSED*/
211 static prheader_t *
Plpsinfo_live(struct ps_prochandle * P,void * data)212 Plpsinfo_live(struct ps_prochandle *P, void *data)
213 {
214 return (read_lfile(P, "lpsinfo"));
215 }
216
217 /*ARGSUSED*/
218 static char *
Pplatform_live(struct ps_prochandle * P,char * s,size_t n,void * data)219 Pplatform_live(struct ps_prochandle *P, char *s, size_t n, void *data)
220 {
221 if (sysinfo(SI_PLATFORM, s, n) == -1)
222 return (NULL);
223 return (s);
224 }
225
226 /*ARGSUSED*/
227 static int
Puname_live(struct ps_prochandle * P,struct utsname * u,void * data)228 Puname_live(struct ps_prochandle *P, struct utsname *u, void *data)
229 {
230 return (uname(u));
231 }
232
233 /*ARGSUSED*/
234 static char *
Pzonename_live(struct ps_prochandle * P,char * s,size_t n,void * data)235 Pzonename_live(struct ps_prochandle *P, char *s, size_t n, void *data)
236 {
237 if (getzonenamebyid(P->status.pr_zoneid, s, n) < 0)
238 return (NULL);
239 s[n - 1] = '\0';
240 return (s);
241 }
242
243 /*
244 * Callback function for Pfindexec(). We return a match if we can stat the
245 * suggested pathname and confirm its device and inode number match our
246 * previous information about the /proc/<pid>/object/a.out file.
247 */
248 static int
stat_exec(const char * path,void * arg)249 stat_exec(const char *path, void *arg)
250 {
251 struct stat64 *stp = arg;
252 struct stat64 st;
253
254 return (stat64(path, &st) == 0 && S_ISREG(st.st_mode) &&
255 stp->st_dev == st.st_dev && stp->st_ino == st.st_ino);
256 }
257
258 /*ARGSUSED*/
259 static char *
Pexecname_live(struct ps_prochandle * P,char * buf,size_t buflen,void * data)260 Pexecname_live(struct ps_prochandle *P, char *buf, size_t buflen, void *data)
261 {
262 char exec_name[PATH_MAX];
263 char cwd[PATH_MAX];
264 char proc_cwd[64];
265 struct stat64 st;
266 int ret;
267
268 /*
269 * Try to get the path information first.
270 */
271 (void) snprintf(exec_name, sizeof (exec_name),
272 "%s/%d/path/a.out", procfs_path, (int)P->pid);
273 if ((ret = readlink(exec_name, buf, buflen - 1)) > 0) {
274 buf[ret] = '\0';
275 (void) Pfindobj(P, buf, buf, buflen);
276 return (buf);
277 }
278
279 /*
280 * Stat the executable file so we can compare Pfindexec's
281 * suggestions to the actual device and inode number.
282 */
283 (void) snprintf(exec_name, sizeof (exec_name),
284 "%s/%d/object/a.out", procfs_path, (int)P->pid);
285
286 if (stat64(exec_name, &st) != 0 || !S_ISREG(st.st_mode))
287 return (NULL);
288
289 /*
290 * Attempt to figure out the current working directory of the
291 * target process. This only works if the target process has
292 * not changed its current directory since it was exec'd.
293 */
294 (void) snprintf(proc_cwd, sizeof (proc_cwd),
295 "%s/%d/path/cwd", procfs_path, (int)P->pid);
296
297 if ((ret = readlink(proc_cwd, cwd, PATH_MAX - 1)) > 0)
298 cwd[ret] = '\0';
299
300 (void) Pfindexec(P, ret > 0 ? cwd : NULL, stat_exec, &st);
301
302 return (NULL);
303 }
304
305 #if defined(__i386) || defined(__amd64)
306 /*ARGSUSED*/
307 static int
Pldt_live(struct ps_prochandle * P,struct ssd * pldt,int nldt,void * data)308 Pldt_live(struct ps_prochandle *P, struct ssd *pldt, int nldt, void *data)
309 {
310 return (proc_get_ldt(P->pid, pldt, nldt));
311 }
312 #endif
313
314 static const ps_ops_t P_live_ops = {
315 .pop_pread = Pread_live,
316 .pop_pwrite = Pwrite_live,
317 .pop_read_maps = Pread_maps_live,
318 .pop_read_aux = Pread_aux_live,
319 .pop_cred = Pcred_live,
320 .pop_priv = Ppriv_live,
321 .pop_psinfo = Ppsinfo_live,
322 .pop_lstatus = Plstatus_live,
323 .pop_lpsinfo = Plpsinfo_live,
324 .pop_platform = Pplatform_live,
325 .pop_uname = Puname_live,
326 .pop_zonename = Pzonename_live,
327 .pop_execname = Pexecname_live,
328 #if defined(__i386) || defined(__amd64)
329 .pop_ldt = Pldt_live
330 #endif
331 };
332
333 /*
334 * This is the library's .init handler.
335 */
336 #pragma init(_libproc_init)
337 void
_libproc_init(void)338 _libproc_init(void)
339 {
340 _libproc_debug = getenv("LIBPROC_DEBUG") != NULL;
341 _libproc_no_qsort = getenv("LIBPROC_NO_QSORT") != NULL;
342 _libproc_incore_elf = getenv("LIBPROC_INCORE_ELF") != NULL;
343
344 (void) sigfillset(&blockable_sigs);
345 (void) sigdelset(&blockable_sigs, SIGKILL);
346 (void) sigdelset(&blockable_sigs, SIGSTOP);
347 }
348
349 void
Pset_procfs_path(const char * path)350 Pset_procfs_path(const char *path)
351 {
352 (void) snprintf(procfs_path, sizeof (procfs_path), "%s", path);
353 }
354
355 /*
356 * Call set_minfd() once before calling dupfd() several times.
357 * We assume that the application will not reduce its current file
358 * descriptor limit lower than 512 once it has set at least that value.
359 */
360 int
set_minfd(void)361 set_minfd(void)
362 {
363 static mutex_t minfd_lock = DEFAULTMUTEX;
364 struct rlimit rlim;
365 int fd;
366
367 if ((fd = minfd) < 256) {
368 (void) mutex_lock(&minfd_lock);
369 if ((fd = minfd) < 256) {
370 if (getrlimit(RLIMIT_NOFILE, &rlim) != 0)
371 rlim.rlim_cur = rlim.rlim_max = 0;
372 if (rlim.rlim_cur >= 512)
373 fd = 256;
374 else if ((fd = rlim.rlim_cur / 2) < 3)
375 fd = 3;
376 membar_producer();
377 minfd = fd;
378 }
379 (void) mutex_unlock(&minfd_lock);
380 }
381 return (fd);
382 }
383
384 int
dupfd(int fd,int dfd)385 dupfd(int fd, int dfd)
386 {
387 int mfd;
388
389 /*
390 * Make fd be greater than 255 (the 32-bit stdio limit),
391 * or at least make it greater than 2 so that the
392 * program will work when spawned by init(1m).
393 * Also, if dfd is non-zero, dup the fd to be dfd.
394 */
395 if ((mfd = minfd) == 0)
396 mfd = set_minfd();
397 if (dfd > 0 || (0 <= fd && fd < mfd)) {
398 if (dfd <= 0)
399 dfd = mfd;
400 dfd = fcntl(fd, F_DUPFD, dfd);
401 (void) close(fd);
402 fd = dfd;
403 }
404 /*
405 * Mark it close-on-exec so any created process doesn't inherit it.
406 */
407 if (fd >= 0)
408 (void) fcntl(fd, F_SETFD, FD_CLOEXEC);
409 return (fd);
410 }
411
412 /*
413 * Create a new controlled process.
414 * Leave it stopped on successful exit from exec() or execve().
415 * Return an opaque pointer to its process control structure.
416 * Return NULL if process cannot be created (fork()/exec() not successful).
417 */
418 struct ps_prochandle *
Pxcreate(const char * file,char * const * argv,char * const * envp,int * perr,char * path,size_t len)419 Pxcreate(const char *file, /* executable file name */
420 char *const *argv, /* argument vector */
421 char *const *envp, /* environment */
422 int *perr, /* pointer to error return code */
423 char *path, /* if non-null, holds exec path name on return */
424 size_t len) /* size of the path buffer */
425 {
426 char execpath[PATH_MAX];
427 char procname[PATH_MAX];
428 struct ps_prochandle *P;
429 pid_t pid;
430 int fd;
431 char *fname;
432 int rc;
433 int lasterrno = 0;
434
435 if (len == 0) /* zero length, no path */
436 path = NULL;
437 if (path != NULL)
438 *path = '\0';
439
440 if ((P = malloc(sizeof (struct ps_prochandle))) == NULL) {
441 *perr = C_STRANGE;
442 return (NULL);
443 }
444
445 if ((pid = fork1()) == -1) {
446 free(P);
447 *perr = C_FORK;
448 return (NULL);
449 }
450
451 if (pid == 0) { /* child process */
452 id_t id;
453 extern char **environ;
454
455 /*
456 * If running setuid or setgid, reset credentials to normal.
457 */
458 if ((id = getgid()) != getegid())
459 (void) setgid(id);
460 if ((id = getuid()) != geteuid())
461 (void) setuid(id);
462
463 Pcreate_callback(P); /* execute callback (see below) */
464 (void) pause(); /* wait for PRSABORT from parent */
465
466 /*
467 * This is ugly. There is no execvep() function that takes a
468 * path and an environment. We cheat here by replacing the
469 * global 'environ' variable right before we call this.
470 */
471 if (envp)
472 environ = (char **)envp;
473
474 (void) execvp(file, argv); /* execute the program */
475 _exit(127);
476 }
477
478 /*
479 * Initialize the process structure.
480 */
481 (void) memset(P, 0, sizeof (*P));
482 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL);
483 P->flags |= CREATED;
484 P->state = PS_RUN;
485 P->pid = pid;
486 P->asfd = -1;
487 P->ctlfd = -1;
488 P->statfd = -1;
489 P->agentctlfd = -1;
490 P->agentstatfd = -1;
491 Pinit_ops(&P->ops, &P_live_ops);
492 Pinitsym(P);
493
494 /*
495 * Open the /proc/pid files.
496 */
497 (void) snprintf(procname, sizeof (procname), "%s/%d/",
498 procfs_path, (int)pid);
499 fname = procname + strlen(procname);
500 (void) set_minfd();
501
502 /*
503 * Exclusive write open advises others not to interfere.
504 * There is no reason for any of these open()s to fail.
505 */
506 (void) strcpy(fname, "as");
507 if ((fd = open(procname, (O_RDWR|O_EXCL))) < 0 ||
508 (fd = dupfd(fd, 0)) < 0) {
509 dprintf("Pcreate: failed to open %s: %s\n",
510 procname, strerror(errno));
511 rc = C_STRANGE;
512 goto bad;
513 }
514 P->asfd = fd;
515
516 (void) strcpy(fname, "status");
517 if ((fd = open(procname, O_RDONLY)) < 0 ||
518 (fd = dupfd(fd, 0)) < 0) {
519 dprintf("Pcreate: failed to open %s: %s\n",
520 procname, strerror(errno));
521 rc = C_STRANGE;
522 goto bad;
523 }
524 P->statfd = fd;
525
526 (void) strcpy(fname, "ctl");
527 if ((fd = open(procname, O_WRONLY)) < 0 ||
528 (fd = dupfd(fd, 0)) < 0) {
529 dprintf("Pcreate: failed to open %s: %s\n",
530 procname, strerror(errno));
531 rc = C_STRANGE;
532 goto bad;
533 }
534 P->ctlfd = fd;
535
536 (void) Pstop(P, 0); /* stop the controlled process */
537
538 /*
539 * Wait for process to sleep in pause().
540 * If the process has already called pause(), then it should be
541 * stopped (PR_REQUESTED) while asleep in pause and we are done.
542 * Else we set up to catch entry/exit to pause() and set the process
543 * running again, expecting it to stop when it reaches pause().
544 * There is no reason for this to fail other than an interrupt.
545 */
546 (void) Psysentry(P, SYS_pause, 1);
547 (void) Psysexit(P, SYS_pause, 1);
548 for (;;) {
549 if (P->state == PS_STOP &&
550 P->status.pr_lwp.pr_syscall == SYS_pause &&
551 (P->status.pr_lwp.pr_why == PR_REQUESTED ||
552 P->status.pr_lwp.pr_why == PR_SYSENTRY ||
553 P->status.pr_lwp.pr_why == PR_SYSEXIT))
554 break;
555
556 if (P->state != PS_STOP || /* interrupt or process died */
557 Psetrun(P, 0, 0) != 0) { /* can't restart */
558 if (errno == EINTR || errno == ERESTART)
559 rc = C_INTR;
560 else {
561 dprintf("Pcreate: Psetrun failed: %s\n",
562 strerror(errno));
563 rc = C_STRANGE;
564 }
565 goto bad;
566 }
567
568 (void) Pwait(P, 0);
569 }
570 (void) Psysentry(P, SYS_pause, 0);
571 (void) Psysexit(P, SYS_pause, 0);
572
573 /*
574 * Kick the process off the pause() and catch
575 * it again on entry to exec() or exit().
576 */
577 (void) Psysentry(P, SYS_exit, 1);
578 (void) Psysentry(P, SYS_execve, 1);
579 if (Psetrun(P, 0, PRSABORT) == -1) {
580 dprintf("Pcreate: Psetrun failed: %s\n", strerror(errno));
581 rc = C_STRANGE;
582 goto bad;
583 }
584 (void) Pwait(P, 0);
585 if (P->state != PS_STOP) {
586 dprintf("Pcreate: Pwait failed: %s\n", strerror(errno));
587 rc = C_STRANGE;
588 goto bad;
589 }
590
591 /*
592 * Move the process through instances of failed exec()s
593 * to reach the point of stopped on successful exec().
594 */
595 (void) Psysexit(P, SYS_execve, TRUE);
596
597 while (P->state == PS_STOP &&
598 P->status.pr_lwp.pr_why == PR_SYSENTRY &&
599 P->status.pr_lwp.pr_what == SYS_execve) {
600 /*
601 * Fetch the exec path name now, before we complete
602 * the exec(). We may lose the process and be unable
603 * to get the information later.
604 */
605 (void) Pread_string(P, execpath, sizeof (execpath),
606 (off_t)P->status.pr_lwp.pr_sysarg[0]);
607 if (path != NULL)
608 (void) strncpy(path, execpath, len);
609 /*
610 * Set the process running and wait for
611 * it to stop on exit from the exec().
612 */
613 (void) Psetrun(P, 0, 0);
614 (void) Pwait(P, 0);
615
616 if (P->state == PS_LOST && /* we lost control */
617 Preopen(P) != 0) { /* and we can't get it back */
618 rc = C_PERM;
619 goto bad;
620 }
621
622 /*
623 * If the exec() failed, continue the loop, expecting
624 * there to be more attempts to exec(), based on PATH.
625 */
626 if (P->state == PS_STOP &&
627 P->status.pr_lwp.pr_why == PR_SYSEXIT &&
628 P->status.pr_lwp.pr_what == SYS_execve &&
629 (lasterrno = P->status.pr_lwp.pr_errno) != 0) {
630 /*
631 * The exec() failed. Set the process running and
632 * wait for it to stop on entry to the next exec().
633 */
634 (void) Psetrun(P, 0, 0);
635 (void) Pwait(P, 0);
636
637 continue;
638 }
639 break;
640 }
641
642 if (P->state == PS_STOP &&
643 P->status.pr_lwp.pr_why == PR_SYSEXIT &&
644 P->status.pr_lwp.pr_what == SYS_execve &&
645 P->status.pr_lwp.pr_errno == 0) {
646 /*
647 * The process is stopped on successful exec() or execve().
648 * Turn off all tracing flags and return success.
649 */
650 restore_tracing_flags(P);
651 #ifndef _LP64
652 /* We must be a 64-bit process to deal with a 64-bit process */
653 if (P->status.pr_dmodel == PR_MODEL_LP64) {
654 rc = C_LP64;
655 goto bad;
656 }
657 #endif
658 /*
659 * Set run-on-last-close so the controlled process
660 * runs even if we die on a signal.
661 */
662 (void) Psetflags(P, PR_RLC);
663 *perr = 0;
664 return (P);
665 }
666
667 rc = lasterrno == ENOENT ? C_NOENT : C_NOEXEC;
668
669 bad:
670 (void) kill(pid, SIGKILL);
671 if (path != NULL && rc != C_PERM && rc != C_LP64)
672 *path = '\0';
673 Pfree(P);
674 *perr = rc;
675 return (NULL);
676 }
677
678 struct ps_prochandle *
Pcreate(const char * file,char * const * argv,int * perr,char * path,size_t len)679 Pcreate(
680 const char *file, /* executable file name */
681 char *const *argv, /* argument vector */
682 int *perr, /* pointer to error return code */
683 char *path, /* if non-null, holds exec path name on return */
684 size_t len) /* size of the path buffer */
685 {
686 return (Pxcreate(file, argv, NULL, perr, path, len));
687 }
688
689 /*
690 * Return a printable string corresponding to a Pcreate() error return.
691 */
692 const char *
Pcreate_error(int error)693 Pcreate_error(int error)
694 {
695 const char *str;
696
697 switch (error) {
698 case C_FORK:
699 str = "cannot fork";
700 break;
701 case C_PERM:
702 str = "file is set-id or unreadable";
703 break;
704 case C_NOEXEC:
705 str = "cannot execute file";
706 break;
707 case C_INTR:
708 str = "operation interrupted";
709 break;
710 case C_LP64:
711 str = "program is _LP64, self is not";
712 break;
713 case C_STRANGE:
714 str = "unanticipated system error";
715 break;
716 case C_NOENT:
717 str = "cannot find executable file";
718 break;
719 default:
720 str = "unknown error";
721 break;
722 }
723
724 return (str);
725 }
726
727 /*
728 * Callback to execute in each child process created with Pcreate() after fork
729 * but before it execs the new process image. By default, we do nothing, but
730 * by calling this function we allow the client program to define its own
731 * version of the function which will interpose on our empty default. This
732 * may be useful for clients that need to modify signal dispositions, terminal
733 * attributes, or process group and session properties for each new victim.
734 */
735 /*ARGSUSED*/
736 void
Pcreate_callback(struct ps_prochandle * P)737 Pcreate_callback(struct ps_prochandle *P)
738 {
739 /* nothing to do here */
740 }
741
742 /*
743 * Grab an existing process.
744 * Return an opaque pointer to its process control structure.
745 *
746 * pid: UNIX process ID.
747 * flags:
748 * PGRAB_RETAIN Retain tracing flags (default clears all tracing flags).
749 * PGRAB_FORCE Grab regardless of whether process is already traced.
750 * PGRAB_RDONLY Open the address space file O_RDONLY instead of O_RDWR,
751 * and do not open the process control file.
752 * PGRAB_NOSTOP Open the process but do not force it to stop.
753 * perr: pointer to error return code.
754 */
755 struct ps_prochandle *
Pgrab(pid_t pid,int flags,int * perr)756 Pgrab(pid_t pid, int flags, int *perr)
757 {
758 struct ps_prochandle *P;
759 int fd, omode;
760 char procname[PATH_MAX];
761 char *fname;
762 int rc = 0;
763
764 /*
765 * PGRAB_RDONLY means that we do not open the /proc/<pid>/control file,
766 * and so it implies RETAIN and NOSTOP since both require control.
767 */
768 if (flags & PGRAB_RDONLY)
769 flags |= PGRAB_RETAIN | PGRAB_NOSTOP;
770
771 if ((P = malloc(sizeof (struct ps_prochandle))) == NULL) {
772 *perr = G_STRANGE;
773 return (NULL);
774 }
775
776 P->asfd = -1;
777 P->ctlfd = -1;
778 P->statfd = -1;
779
780 again: /* Come back here if we lose it in the Window of Vulnerability */
781 if (P->ctlfd >= 0)
782 (void) close(P->ctlfd);
783 if (P->asfd >= 0)
784 (void) close(P->asfd);
785 if (P->statfd >= 0)
786 (void) close(P->statfd);
787 (void) memset(P, 0, sizeof (*P));
788 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL);
789 P->ctlfd = -1;
790 P->asfd = -1;
791 P->statfd = -1;
792 P->agentctlfd = -1;
793 P->agentstatfd = -1;
794 Pinit_ops(&P->ops, &P_live_ops);
795 Pinitsym(P);
796
797 /*
798 * Open the /proc/pid files
799 */
800 (void) snprintf(procname, sizeof (procname), "%s/%d/",
801 procfs_path, (int)pid);
802 fname = procname + strlen(procname);
803 (void) set_minfd();
804
805 /*
806 * Request exclusive open to avoid grabbing someone else's
807 * process and to prevent others from interfering afterwards.
808 * If this fails and the 'PGRAB_FORCE' flag is set, attempt to
809 * open non-exclusively.
810 */
811 (void) strcpy(fname, "as");
812 omode = (flags & PGRAB_RDONLY) ? O_RDONLY : O_RDWR;
813
814 if (((fd = open(procname, omode | O_EXCL)) < 0 &&
815 (fd = ((flags & PGRAB_FORCE)? open(procname, omode) : -1)) < 0) ||
816 (fd = dupfd(fd, 0)) < 0) {
817 switch (errno) {
818 case ENOENT:
819 rc = G_NOPROC;
820 break;
821 case EACCES:
822 case EPERM:
823 rc = G_PERM;
824 break;
825 case EMFILE:
826 rc = G_NOFD;
827 break;
828 case EBUSY:
829 if (!(flags & PGRAB_FORCE) || geteuid() != 0) {
830 rc = G_BUSY;
831 break;
832 }
833 /* FALLTHROUGH */
834 default:
835 dprintf("Pgrab: failed to open %s: %s\n",
836 procname, strerror(errno));
837 rc = G_STRANGE;
838 break;
839 }
840 goto err;
841 }
842 P->asfd = fd;
843
844 (void) strcpy(fname, "status");
845 if ((fd = open(procname, O_RDONLY)) < 0 ||
846 (fd = dupfd(fd, 0)) < 0) {
847 switch (errno) {
848 case ENOENT:
849 rc = G_NOPROC;
850 break;
851 case EMFILE:
852 rc = G_NOFD;
853 break;
854 default:
855 dprintf("Pgrab: failed to open %s: %s\n",
856 procname, strerror(errno));
857 rc = G_STRANGE;
858 break;
859 }
860 goto err;
861 }
862 P->statfd = fd;
863
864 if (!(flags & PGRAB_RDONLY)) {
865 (void) strcpy(fname, "ctl");
866 if ((fd = open(procname, O_WRONLY)) < 0 ||
867 (fd = dupfd(fd, 0)) < 0) {
868 switch (errno) {
869 case ENOENT:
870 rc = G_NOPROC;
871 break;
872 case EMFILE:
873 rc = G_NOFD;
874 break;
875 default:
876 dprintf("Pgrab: failed to open %s: %s\n",
877 procname, strerror(errno));
878 rc = G_STRANGE;
879 break;
880 }
881 goto err;
882 }
883 P->ctlfd = fd;
884 }
885
886 P->state = PS_RUN;
887 P->pid = pid;
888
889 /*
890 * We are now in the Window of Vulnerability (WoV). The process may
891 * exec() a setuid/setgid or unreadable object file between the open()
892 * and the PCSTOP. We will get EAGAIN in this case and must start over.
893 * As Pstopstatus will trigger the first read() from a /proc file,
894 * we also need to handle EOVERFLOW here when 32-bit as an indicator
895 * that this process is 64-bit. Finally, if the process has become
896 * a zombie (PS_UNDEAD) while we were trying to grab it, just remain
897 * silent about this and pretend there was no process.
898 */
899 if (Pstopstatus(P, PCNULL, 0) != 0) {
900 #ifndef _LP64
901 if (errno == EOVERFLOW) {
902 rc = G_LP64;
903 goto err;
904 }
905 #endif
906 if (P->state == PS_LOST) { /* WoV */
907 (void) mutex_destroy(&P->proc_lock);
908 goto again;
909 }
910
911 if (P->state == PS_UNDEAD)
912 rc = G_NOPROC;
913 else
914 rc = G_STRANGE;
915
916 goto err;
917 }
918
919 /*
920 * If the process is a system process, we can't control it even as root
921 */
922 if (P->status.pr_flags & PR_ISSYS) {
923 rc = G_SYS;
924 goto err;
925 }
926 #ifndef _LP64
927 /*
928 * We must be a 64-bit process to deal with a 64-bit process
929 */
930 if (P->status.pr_dmodel == PR_MODEL_LP64) {
931 rc = G_LP64;
932 goto err;
933 }
934 #endif
935
936 /*
937 * Remember the status for use by Prelease().
938 */
939 P->orig_status = P->status; /* structure copy */
940
941 /*
942 * Before stopping the process, make sure we are not grabbing ourselves.
943 * If we are, make sure we are doing it PGRAB_RDONLY.
944 */
945 if (pid == getpid()) {
946 /*
947 * Verify that the process is really ourself:
948 * Set a magic number, read it through the
949 * /proc file and see if the results match.
950 */
951 uint32_t magic1 = 0;
952 uint32_t magic2 = 2;
953
954 errno = 0;
955
956 if (Pread(P, &magic2, sizeof (magic2), (uintptr_t)&magic1)
957 == sizeof (magic2) &&
958 magic2 == 0 &&
959 (magic1 = 0xfeedbeef) &&
960 Pread(P, &magic2, sizeof (magic2), (uintptr_t)&magic1)
961 == sizeof (magic2) &&
962 magic2 == 0xfeedbeef &&
963 !(flags & PGRAB_RDONLY)) {
964 rc = G_SELF;
965 goto err;
966 }
967 }
968
969 /*
970 * If the process is already stopped or has been directed
971 * to stop via /proc, do not set run-on-last-close.
972 */
973 if (!(P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) &&
974 !(flags & PGRAB_RDONLY)) {
975 /*
976 * Mark the process run-on-last-close so
977 * it runs even if we die from SIGKILL.
978 */
979 if (Psetflags(P, PR_RLC) != 0) {
980 if (errno == EAGAIN) { /* WoV */
981 (void) mutex_destroy(&P->proc_lock);
982 goto again;
983 }
984 if (errno == ENOENT) /* No complaint about zombies */
985 rc = G_ZOMB;
986 else {
987 dprintf("Pgrab: failed to set RLC\n");
988 rc = G_STRANGE;
989 }
990 goto err;
991 }
992 }
993
994 /*
995 * If a stop directive is pending and the process has not yet stopped,
996 * then synchronously wait for the stop directive to take effect.
997 * Limit the time spent waiting for the process to stop by iterating
998 * at most 10 times. The time-out of 20 ms corresponds to the time
999 * between sending the stop directive and the process actually stopped
1000 * as measured by DTrace on a slow, busy system. If the process doesn't
1001 * stop voluntarily, clear the PR_DSTOP flag so that the code below
1002 * forces the process to stop.
1003 */
1004 if (!(flags & PGRAB_RDONLY)) {
1005 int niter = 0;
1006 while ((P->status.pr_lwp.pr_flags & (PR_STOPPED|PR_DSTOP)) ==
1007 PR_DSTOP && niter < 10 &&
1008 Pstopstatus(P, PCTWSTOP, 20) != 0) {
1009 niter++;
1010 if (flags & PGRAB_NOSTOP)
1011 break;
1012 }
1013 if (niter == 10 && !(flags & PGRAB_NOSTOP)) {
1014 /* Try it harder down below */
1015 P->status.pr_lwp.pr_flags &= ~PR_DSTOP;
1016 }
1017 }
1018
1019 /*
1020 * If the process is not already stopped or directed to stop
1021 * and PGRAB_NOSTOP was not specified, stop the process now.
1022 */
1023 if (!(P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) &&
1024 !(flags & PGRAB_NOSTOP)) {
1025 /*
1026 * Stop the process, get its status and signal/syscall masks.
1027 */
1028 if (((P->status.pr_lwp.pr_flags & PR_STOPPED) &&
1029 Pstopstatus(P, PCDSTOP, 0) != 0) ||
1030 Pstopstatus(P, PCSTOP, 2000) != 0) {
1031 #ifndef _LP64
1032 if (errno == EOVERFLOW) {
1033 rc = G_LP64;
1034 goto err;
1035 }
1036 #endif
1037 if (P->state == PS_LOST) { /* WoV */
1038 (void) mutex_destroy(&P->proc_lock);
1039 goto again;
1040 }
1041 if ((errno != EINTR && errno != ERESTART) ||
1042 (P->state != PS_STOP &&
1043 !(P->status.pr_flags & PR_DSTOP))) {
1044 if (P->state != PS_RUN && errno != ENOENT) {
1045 dprintf("Pgrab: failed to PCSTOP\n");
1046 rc = G_STRANGE;
1047 } else {
1048 rc = G_ZOMB;
1049 }
1050 goto err;
1051 }
1052 }
1053
1054 /*
1055 * Process should now either be stopped via /proc or there
1056 * should be an outstanding stop directive.
1057 */
1058 if (!(P->status.pr_flags & (PR_ISTOP|PR_DSTOP))) {
1059 dprintf("Pgrab: process is not stopped\n");
1060 rc = G_STRANGE;
1061 goto err;
1062 }
1063 #ifndef _LP64
1064 /*
1065 * Test this again now because the 32-bit victim process may
1066 * have exec'd a 64-bit process in the meantime.
1067 */
1068 if (P->status.pr_dmodel == PR_MODEL_LP64) {
1069 rc = G_LP64;
1070 goto err;
1071 }
1072 #endif
1073 }
1074
1075 /*
1076 * Cancel all tracing flags unless the PGRAB_RETAIN flag is set.
1077 */
1078 if (!(flags & PGRAB_RETAIN)) {
1079 (void) Psysentry(P, 0, FALSE);
1080 (void) Psysexit(P, 0, FALSE);
1081 (void) Psignal(P, 0, FALSE);
1082 (void) Pfault(P, 0, FALSE);
1083 Psync(P);
1084 }
1085
1086 *perr = 0;
1087 return (P);
1088
1089 err:
1090 Pfree(P);
1091 *perr = rc;
1092 return (NULL);
1093 }
1094
1095 /*
1096 * Return a printable string corresponding to a Pgrab() error return.
1097 */
1098 const char *
Pgrab_error(int error)1099 Pgrab_error(int error)
1100 {
1101 const char *str;
1102
1103 switch (error) {
1104 case G_NOPROC:
1105 str = "no such process";
1106 break;
1107 case G_NOCORE:
1108 str = "no such core file";
1109 break;
1110 case G_NOPROCORCORE:
1111 str = "no such process or core file";
1112 break;
1113 case G_NOEXEC:
1114 str = "cannot find executable file";
1115 break;
1116 case G_ZOMB:
1117 str = "zombie process";
1118 break;
1119 case G_PERM:
1120 str = "permission denied";
1121 break;
1122 case G_BUSY:
1123 str = "process is traced";
1124 break;
1125 case G_SYS:
1126 str = "system process";
1127 break;
1128 case G_SELF:
1129 str = "attempt to grab self";
1130 break;
1131 case G_INTR:
1132 str = "operation interrupted";
1133 break;
1134 case G_LP64:
1135 str = "program is _LP64, self is not";
1136 break;
1137 case G_FORMAT:
1138 str = "file is not an ELF core file";
1139 break;
1140 case G_ELF:
1141 str = "libelf error";
1142 break;
1143 case G_NOTE:
1144 str = "core file is corrupt or missing required data";
1145 break;
1146 case G_STRANGE:
1147 str = "unanticipated system error";
1148 break;
1149 case G_ISAINVAL:
1150 str = "wrong ELF machine type";
1151 break;
1152 case G_BADLWPS:
1153 str = "bad lwp specification";
1154 break;
1155 case G_NOFD:
1156 str = "too many open files";
1157 break;
1158 default:
1159 str = "unknown error";
1160 break;
1161 }
1162
1163 return (str);
1164 }
1165
1166 /*
1167 * Free a process control structure.
1168 * Close the file descriptors but don't do the Prelease logic.
1169 */
1170 void
Pfree(struct ps_prochandle * P)1171 Pfree(struct ps_prochandle *P)
1172 {
1173 uint_t i;
1174
1175 if (P->ucaddrs != NULL) {
1176 free(P->ucaddrs);
1177 P->ucaddrs = NULL;
1178 P->ucnelems = 0;
1179 }
1180
1181 (void) mutex_lock(&P->proc_lock);
1182 if (P->hashtab != NULL) {
1183 struct ps_lwphandle *L;
1184 for (i = 0; i < HASHSIZE; i++) {
1185 while ((L = P->hashtab[i]) != NULL)
1186 Lfree_internal(P, L);
1187 }
1188 free(P->hashtab);
1189 }
1190
1191 while (P->num_fd > 0) {
1192 fd_info_t *fip = list_next(&P->fd_head);
1193 list_unlink(fip);
1194 free(fip);
1195 P->num_fd--;
1196 }
1197 (void) mutex_unlock(&P->proc_lock);
1198 (void) mutex_destroy(&P->proc_lock);
1199
1200 if (P->agentctlfd >= 0)
1201 (void) close(P->agentctlfd);
1202 if (P->agentstatfd >= 0)
1203 (void) close(P->agentstatfd);
1204 if (P->ctlfd >= 0)
1205 (void) close(P->ctlfd);
1206 if (P->asfd >= 0)
1207 (void) close(P->asfd);
1208 if (P->statfd >= 0)
1209 (void) close(P->statfd);
1210 Preset_maps(P);
1211 P->ops.pop_fini(P, P->data);
1212
1213 /* clear out the structure as a precaution against reuse */
1214 (void) memset(P, 0, sizeof (*P));
1215 P->ctlfd = -1;
1216 P->asfd = -1;
1217 P->statfd = -1;
1218 P->agentctlfd = -1;
1219 P->agentstatfd = -1;
1220
1221 free(P);
1222 }
1223
1224 /*
1225 * Return the state of the process, one of the PS_* values.
1226 */
1227 int
Pstate(struct ps_prochandle * P)1228 Pstate(struct ps_prochandle *P)
1229 {
1230 return (P->state);
1231 }
1232
1233 /*
1234 * Return the open address space file descriptor for the process.
1235 * Clients must not close this file descriptor, not use it
1236 * after the process is freed.
1237 */
1238 int
Pasfd(struct ps_prochandle * P)1239 Pasfd(struct ps_prochandle *P)
1240 {
1241 return (P->asfd);
1242 }
1243
1244 /*
1245 * Return the open control file descriptor for the process.
1246 * Clients must not close this file descriptor, not use it
1247 * after the process is freed.
1248 */
1249 int
Pctlfd(struct ps_prochandle * P)1250 Pctlfd(struct ps_prochandle *P)
1251 {
1252 return (P->ctlfd);
1253 }
1254
1255 /*
1256 * Return a pointer to the process psinfo structure.
1257 * Clients should not hold on to this pointer indefinitely.
1258 * It will become invalid on Prelease().
1259 */
1260 const psinfo_t *
Ppsinfo(struct ps_prochandle * P)1261 Ppsinfo(struct ps_prochandle *P)
1262 {
1263 return (P->ops.pop_psinfo(P, &P->psinfo, P->data));
1264 }
1265
1266 /*
1267 * Return a pointer to the process status structure.
1268 * Clients should not hold on to this pointer indefinitely.
1269 * It will become invalid on Prelease().
1270 */
1271 const pstatus_t *
Pstatus(struct ps_prochandle * P)1272 Pstatus(struct ps_prochandle *P)
1273 {
1274 return (&P->status);
1275 }
1276
1277 static void
Pread_status(struct ps_prochandle * P)1278 Pread_status(struct ps_prochandle *P)
1279 {
1280 P->ops.pop_status(P, &P->status, P->data);
1281 }
1282
1283 /*
1284 * Fill in a pointer to a process credentials structure. The ngroups parameter
1285 * is the number of supplementary group entries allocated in the caller's cred
1286 * structure. It should equal zero or one unless extra space has been
1287 * allocated for the group list by the caller.
1288 */
1289 int
Pcred(struct ps_prochandle * P,prcred_t * pcrp,int ngroups)1290 Pcred(struct ps_prochandle *P, prcred_t *pcrp, int ngroups)
1291 {
1292 return (P->ops.pop_cred(P, pcrp, ngroups, P->data));
1293 }
1294
1295 static prheader_t *
Plstatus(struct ps_prochandle * P)1296 Plstatus(struct ps_prochandle *P)
1297 {
1298 return (P->ops.pop_lstatus(P, P->data));
1299 }
1300
1301 static prheader_t *
Plpsinfo(struct ps_prochandle * P)1302 Plpsinfo(struct ps_prochandle *P)
1303 {
1304 return (P->ops.pop_lpsinfo(P, P->data));
1305 }
1306
1307
1308 #if defined(__i386) || defined(__amd64)
1309 /*
1310 * Fill in a pointer to a process LDT structure.
1311 * The caller provides a buffer of size 'nldt * sizeof (struct ssd)';
1312 * If pldt == NULL or nldt == 0, we return the number of existing LDT entries.
1313 * Otherwise we return the actual number of LDT entries fetched (<= nldt).
1314 */
1315 int
Pldt(struct ps_prochandle * P,struct ssd * pldt,int nldt)1316 Pldt(struct ps_prochandle *P, struct ssd *pldt, int nldt)
1317 {
1318 return (P->ops.pop_ldt(P, pldt, nldt, P->data));
1319
1320 }
1321 #endif /* __i386 */
1322
1323 /*
1324 * Return a malloced process privilege structure in *pprv.
1325 */
1326 int
Ppriv(struct ps_prochandle * P,prpriv_t ** pprv)1327 Ppriv(struct ps_prochandle *P, prpriv_t **pprv)
1328 {
1329 return (P->ops.pop_priv(P, pprv, P->data));
1330 }
1331
1332 int
Psetpriv(struct ps_prochandle * P,prpriv_t * pprv)1333 Psetpriv(struct ps_prochandle *P, prpriv_t *pprv)
1334 {
1335 int rc;
1336 long *ctl;
1337 size_t sz;
1338
1339 if (P->state == PS_DEAD) {
1340 errno = EBADF;
1341 return (-1);
1342 }
1343
1344 sz = PRIV_PRPRIV_SIZE(pprv) + sizeof (long);
1345
1346 sz = ((sz - 1) / sizeof (long) + 1) * sizeof (long);
1347
1348 ctl = malloc(sz);
1349 if (ctl == NULL)
1350 return (-1);
1351
1352 ctl[0] = PCSPRIV;
1353
1354 (void) memcpy(&ctl[1], pprv, PRIV_PRPRIV_SIZE(pprv));
1355
1356 if (write(P->ctlfd, ctl, sz) != sz)
1357 rc = -1;
1358 else
1359 rc = 0;
1360
1361 free(ctl);
1362
1363 return (rc);
1364 }
1365
1366 void *
Pprivinfo(struct ps_prochandle * P)1367 Pprivinfo(struct ps_prochandle *P)
1368 {
1369 core_info_t *core = P->data;
1370
1371 /* Use default from libc */
1372 if (P->state != PS_DEAD)
1373 return (NULL);
1374
1375 return (core->core_privinfo);
1376 }
1377
1378 /*
1379 * Ensure that all cached state is written to the process.
1380 * The cached state is the LWP's signal mask and registers
1381 * and the process's tracing flags.
1382 */
1383 void
Psync(struct ps_prochandle * P)1384 Psync(struct ps_prochandle *P)
1385 {
1386 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
1387 long cmd[6];
1388 iovec_t iov[12];
1389 int n = 0;
1390
1391 if (P->flags & SETHOLD) {
1392 cmd[0] = PCSHOLD;
1393 iov[n].iov_base = (caddr_t)&cmd[0];
1394 iov[n++].iov_len = sizeof (long);
1395 iov[n].iov_base = (caddr_t)&P->status.pr_lwp.pr_lwphold;
1396 iov[n++].iov_len = sizeof (P->status.pr_lwp.pr_lwphold);
1397 }
1398 if (P->flags & SETREGS) {
1399 cmd[1] = PCSREG;
1400 #ifdef __i386
1401 /* XX64 we should probably restore REG_GS after this */
1402 if (ctlfd == P->agentctlfd)
1403 P->status.pr_lwp.pr_reg[GS] = 0;
1404 #elif defined(__amd64)
1405 /* XX64 */
1406 #endif
1407 iov[n].iov_base = (caddr_t)&cmd[1];
1408 iov[n++].iov_len = sizeof (long);
1409 iov[n].iov_base = (caddr_t)&P->status.pr_lwp.pr_reg[0];
1410 iov[n++].iov_len = sizeof (P->status.pr_lwp.pr_reg);
1411 }
1412 if (P->flags & SETSIG) {
1413 cmd[2] = PCSTRACE;
1414 iov[n].iov_base = (caddr_t)&cmd[2];
1415 iov[n++].iov_len = sizeof (long);
1416 iov[n].iov_base = (caddr_t)&P->status.pr_sigtrace;
1417 iov[n++].iov_len = sizeof (P->status.pr_sigtrace);
1418 }
1419 if (P->flags & SETFAULT) {
1420 cmd[3] = PCSFAULT;
1421 iov[n].iov_base = (caddr_t)&cmd[3];
1422 iov[n++].iov_len = sizeof (long);
1423 iov[n].iov_base = (caddr_t)&P->status.pr_flttrace;
1424 iov[n++].iov_len = sizeof (P->status.pr_flttrace);
1425 }
1426 if (P->flags & SETENTRY) {
1427 cmd[4] = PCSENTRY;
1428 iov[n].iov_base = (caddr_t)&cmd[4];
1429 iov[n++].iov_len = sizeof (long);
1430 iov[n].iov_base = (caddr_t)&P->status.pr_sysentry;
1431 iov[n++].iov_len = sizeof (P->status.pr_sysentry);
1432 }
1433 if (P->flags & SETEXIT) {
1434 cmd[5] = PCSEXIT;
1435 iov[n].iov_base = (caddr_t)&cmd[5];
1436 iov[n++].iov_len = sizeof (long);
1437 iov[n].iov_base = (caddr_t)&P->status.pr_sysexit;
1438 iov[n++].iov_len = sizeof (P->status.pr_sysexit);
1439 }
1440
1441 if (n == 0 || writev(ctlfd, iov, n) < 0)
1442 return; /* nothing to do or write failed */
1443
1444 P->flags &= ~(SETSIG|SETFAULT|SETENTRY|SETEXIT|SETHOLD|SETREGS);
1445 }
1446
1447 /*
1448 * Reopen the /proc file (after PS_LOST).
1449 */
1450 int
Preopen(struct ps_prochandle * P)1451 Preopen(struct ps_prochandle *P)
1452 {
1453 int fd;
1454 char procname[PATH_MAX];
1455 char *fname;
1456
1457 if (P->state == PS_DEAD || P->state == PS_IDLE)
1458 return (0);
1459
1460 if (P->agentcnt > 0) {
1461 P->agentcnt = 1;
1462 Pdestroy_agent(P);
1463 }
1464
1465 (void) snprintf(procname, sizeof (procname), "%s/%d/",
1466 procfs_path, (int)P->pid);
1467 fname = procname + strlen(procname);
1468
1469 (void) strcpy(fname, "as");
1470 if ((fd = open(procname, O_RDWR)) < 0 ||
1471 close(P->asfd) < 0 ||
1472 (fd = dupfd(fd, P->asfd)) != P->asfd) {
1473 dprintf("Preopen: failed to open %s: %s\n",
1474 procname, strerror(errno));
1475 if (fd >= 0)
1476 (void) close(fd);
1477 return (-1);
1478 }
1479 P->asfd = fd;
1480
1481 (void) strcpy(fname, "status");
1482 if ((fd = open(procname, O_RDONLY)) < 0 ||
1483 close(P->statfd) < 0 ||
1484 (fd = dupfd(fd, P->statfd)) != P->statfd) {
1485 dprintf("Preopen: failed to open %s: %s\n",
1486 procname, strerror(errno));
1487 if (fd >= 0)
1488 (void) close(fd);
1489 return (-1);
1490 }
1491 P->statfd = fd;
1492
1493 (void) strcpy(fname, "ctl");
1494 if ((fd = open(procname, O_WRONLY)) < 0 ||
1495 close(P->ctlfd) < 0 ||
1496 (fd = dupfd(fd, P->ctlfd)) != P->ctlfd) {
1497 dprintf("Preopen: failed to open %s: %s\n",
1498 procname, strerror(errno));
1499 if (fd >= 0)
1500 (void) close(fd);
1501 return (-1);
1502 }
1503 P->ctlfd = fd;
1504
1505 /*
1506 * Set the state to PS_RUN and wait for the process to stop so that
1507 * we re-read the status from the new P->statfd. If this fails, Pwait
1508 * will reset the state to PS_LOST and we fail the reopen. Before
1509 * returning, we also forge a bit of P->status to allow the debugger to
1510 * see that we are PS_LOST following a successful exec.
1511 */
1512 P->state = PS_RUN;
1513 if (Pwait(P, 0) == -1) {
1514 #ifdef _ILP32
1515 if (errno == EOVERFLOW)
1516 P->status.pr_dmodel = PR_MODEL_LP64;
1517 #endif
1518 P->status.pr_lwp.pr_why = PR_SYSEXIT;
1519 P->status.pr_lwp.pr_what = SYS_execve;
1520 P->status.pr_lwp.pr_errno = 0;
1521 return (-1);
1522 }
1523
1524 /*
1525 * The process should be stopped on exec (REQUESTED)
1526 * or else should be stopped on exit from exec() (SYSEXIT)
1527 */
1528 if (P->state == PS_STOP &&
1529 (P->status.pr_lwp.pr_why == PR_REQUESTED ||
1530 (P->status.pr_lwp.pr_why == PR_SYSEXIT &&
1531 P->status.pr_lwp.pr_what == SYS_execve))) {
1532 /* fake up stop-on-exit-from-execve */
1533 if (P->status.pr_lwp.pr_why == PR_REQUESTED) {
1534 P->status.pr_lwp.pr_why = PR_SYSEXIT;
1535 P->status.pr_lwp.pr_what = SYS_execve;
1536 P->status.pr_lwp.pr_errno = 0;
1537 }
1538 } else {
1539 dprintf("Preopen: expected REQUESTED or "
1540 "SYSEXIT(SYS_execve) stop\n");
1541 }
1542
1543 return (0);
1544 }
1545
1546 /*
1547 * Define all settable flags other than the microstate accounting flags.
1548 */
1549 #define ALL_SETTABLE_FLAGS (PR_FORK|PR_RLC|PR_KLC|PR_ASYNC|PR_BPTADJ|PR_PTRACE)
1550
1551 /*
1552 * Restore /proc tracing flags to their original values
1553 * in preparation for releasing the process.
1554 * Also called by Pcreate() to clear all tracing flags.
1555 */
1556 static void
restore_tracing_flags(struct ps_prochandle * P)1557 restore_tracing_flags(struct ps_prochandle *P)
1558 {
1559 long flags;
1560 long cmd[4];
1561 iovec_t iov[8];
1562
1563 if (P->flags & CREATED) {
1564 /* we created this process; clear all tracing flags */
1565 premptyset(&P->status.pr_sigtrace);
1566 premptyset(&P->status.pr_flttrace);
1567 premptyset(&P->status.pr_sysentry);
1568 premptyset(&P->status.pr_sysexit);
1569 if ((P->status.pr_flags & ALL_SETTABLE_FLAGS) != 0)
1570 (void) Punsetflags(P, ALL_SETTABLE_FLAGS);
1571 } else {
1572 /* we grabbed the process; restore its tracing flags */
1573 P->status.pr_sigtrace = P->orig_status.pr_sigtrace;
1574 P->status.pr_flttrace = P->orig_status.pr_flttrace;
1575 P->status.pr_sysentry = P->orig_status.pr_sysentry;
1576 P->status.pr_sysexit = P->orig_status.pr_sysexit;
1577 if ((P->status.pr_flags & ALL_SETTABLE_FLAGS) !=
1578 (flags = (P->orig_status.pr_flags & ALL_SETTABLE_FLAGS))) {
1579 (void) Punsetflags(P, ALL_SETTABLE_FLAGS);
1580 if (flags)
1581 (void) Psetflags(P, flags);
1582 }
1583 }
1584
1585 cmd[0] = PCSTRACE;
1586 iov[0].iov_base = (caddr_t)&cmd[0];
1587 iov[0].iov_len = sizeof (long);
1588 iov[1].iov_base = (caddr_t)&P->status.pr_sigtrace;
1589 iov[1].iov_len = sizeof (P->status.pr_sigtrace);
1590
1591 cmd[1] = PCSFAULT;
1592 iov[2].iov_base = (caddr_t)&cmd[1];
1593 iov[2].iov_len = sizeof (long);
1594 iov[3].iov_base = (caddr_t)&P->status.pr_flttrace;
1595 iov[3].iov_len = sizeof (P->status.pr_flttrace);
1596
1597 cmd[2] = PCSENTRY;
1598 iov[4].iov_base = (caddr_t)&cmd[2];
1599 iov[4].iov_len = sizeof (long);
1600 iov[5].iov_base = (caddr_t)&P->status.pr_sysentry;
1601 iov[5].iov_len = sizeof (P->status.pr_sysentry);
1602
1603 cmd[3] = PCSEXIT;
1604 iov[6].iov_base = (caddr_t)&cmd[3];
1605 iov[6].iov_len = sizeof (long);
1606 iov[7].iov_base = (caddr_t)&P->status.pr_sysexit;
1607 iov[7].iov_len = sizeof (P->status.pr_sysexit);
1608
1609 (void) writev(P->ctlfd, iov, 8);
1610
1611 P->flags &= ~(SETSIG|SETFAULT|SETENTRY|SETEXIT);
1612 }
1613
1614 /*
1615 * Release the process. Frees the process control structure.
1616 * flags:
1617 * PRELEASE_CLEAR Clear all tracing flags.
1618 * PRELEASE_RETAIN Retain current tracing flags.
1619 * PRELEASE_HANG Leave the process stopped and abandoned.
1620 * PRELEASE_KILL Terminate the process with SIGKILL.
1621 */
1622 void
Prelease(struct ps_prochandle * P,int flags)1623 Prelease(struct ps_prochandle *P, int flags)
1624 {
1625 if (P->state == PS_DEAD) {
1626 dprintf("Prelease: releasing handle %p PS_DEAD of pid %d\n",
1627 (void *)P, (int)P->pid);
1628 Pfree(P);
1629 return;
1630 }
1631
1632 if (P->state == PS_IDLE) {
1633 file_info_t *fptr = list_next(&P->file_head);
1634 dprintf("Prelease: releasing handle %p PS_IDLE of file %s\n",
1635 (void *)P, fptr->file_pname);
1636 Pfree(P);
1637 return;
1638 }
1639
1640 dprintf("Prelease: releasing handle %p pid %d\n",
1641 (void *)P, (int)P->pid);
1642
1643 if (P->ctlfd == -1) {
1644 Pfree(P);
1645 return;
1646 }
1647
1648 if (P->agentcnt > 0) {
1649 P->agentcnt = 1;
1650 Pdestroy_agent(P);
1651 }
1652
1653 /*
1654 * Attempt to stop the process.
1655 */
1656 P->state = PS_RUN;
1657 (void) Pstop(P, 1000);
1658
1659 if (flags & PRELEASE_KILL) {
1660 if (P->state == PS_STOP)
1661 (void) Psetrun(P, SIGKILL, 0);
1662 (void) kill(P->pid, SIGKILL);
1663 Pfree(P);
1664 return;
1665 }
1666
1667 /*
1668 * If we lost control, all we can do now is close the files.
1669 * In this case, the last close sets the process running.
1670 */
1671 if (P->state != PS_STOP &&
1672 (P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) == 0) {
1673 Pfree(P);
1674 return;
1675 }
1676
1677 /*
1678 * We didn't lose control; we do more.
1679 */
1680 Psync(P);
1681
1682 if (flags & PRELEASE_CLEAR)
1683 P->flags |= CREATED;
1684
1685 if (!(flags & PRELEASE_RETAIN))
1686 restore_tracing_flags(P);
1687
1688 if (flags & PRELEASE_HANG) {
1689 /* Leave the process stopped and abandoned */
1690 (void) Punsetflags(P, PR_RLC|PR_KLC);
1691 Pfree(P);
1692 return;
1693 }
1694
1695 /*
1696 * Set the process running if we created it or if it was
1697 * not originally stopped or directed to stop via /proc
1698 * or if we were given the PRELEASE_CLEAR flag.
1699 */
1700 if ((P->flags & CREATED) ||
1701 (P->orig_status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) == 0) {
1702 (void) Psetflags(P, PR_RLC);
1703 /*
1704 * We do this repeatedly because the process may have
1705 * more than one LWP stopped on an event of interest.
1706 * This makes sure all of them are set running.
1707 */
1708 do {
1709 if (Psetrun(P, 0, 0) == -1 && errno == EBUSY)
1710 break; /* Agent LWP may be stuck */
1711 } while (Pstopstatus(P, PCNULL, 0) == 0 &&
1712 P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP));
1713
1714 if (P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP))
1715 dprintf("Prelease: failed to set process running\n");
1716 }
1717
1718 Pfree(P);
1719 }
1720
1721 /* debugging */
1722 void
prldump(const char * caller,lwpstatus_t * lsp)1723 prldump(const char *caller, lwpstatus_t *lsp)
1724 {
1725 char name[32];
1726 uint32_t bits;
1727
1728 switch (lsp->pr_why) {
1729 case PR_REQUESTED:
1730 dprintf("%s: REQUESTED\n", caller);
1731 break;
1732 case PR_SIGNALLED:
1733 dprintf("%s: SIGNALLED %s\n", caller,
1734 proc_signame(lsp->pr_what, name, sizeof (name)));
1735 break;
1736 case PR_FAULTED:
1737 dprintf("%s: FAULTED %s\n", caller,
1738 proc_fltname(lsp->pr_what, name, sizeof (name)));
1739 break;
1740 case PR_SYSENTRY:
1741 dprintf("%s: SYSENTRY %s\n", caller,
1742 proc_sysname(lsp->pr_what, name, sizeof (name)));
1743 break;
1744 case PR_SYSEXIT:
1745 dprintf("%s: SYSEXIT %s\n", caller,
1746 proc_sysname(lsp->pr_what, name, sizeof (name)));
1747 break;
1748 case PR_JOBCONTROL:
1749 dprintf("%s: JOBCONTROL %s\n", caller,
1750 proc_signame(lsp->pr_what, name, sizeof (name)));
1751 break;
1752 case PR_SUSPENDED:
1753 dprintf("%s: SUSPENDED\n", caller);
1754 break;
1755 default:
1756 dprintf("%s: Unknown\n", caller);
1757 break;
1758 }
1759
1760 if (lsp->pr_cursig)
1761 dprintf("%s: p_cursig = %d\n", caller, lsp->pr_cursig);
1762
1763 bits = *((uint32_t *)&lsp->pr_lwppend);
1764 if (bits)
1765 dprintf("%s: pr_lwppend = 0x%.8X\n", caller, bits);
1766 }
1767
1768 /* debugging */
1769 static void
prdump(struct ps_prochandle * P)1770 prdump(struct ps_prochandle *P)
1771 {
1772 uint32_t bits;
1773
1774 prldump("Pstopstatus", &P->status.pr_lwp);
1775
1776 bits = *((uint32_t *)&P->status.pr_sigpend);
1777 if (bits)
1778 dprintf("Pstopstatus: pr_sigpend = 0x%.8X\n", bits);
1779 }
1780
1781 /*
1782 * Wait for the specified process to stop or terminate.
1783 * Or, just get the current status (PCNULL).
1784 * Or, direct it to stop and get the current status (PCDSTOP).
1785 * If the agent LWP exists, do these things to the agent,
1786 * else do these things to the process as a whole.
1787 */
1788 int
Pstopstatus(struct ps_prochandle * P,long request,uint_t msec)1789 Pstopstatus(struct ps_prochandle *P,
1790 long request, /* PCNULL, PCDSTOP, PCSTOP, PCWSTOP */
1791 uint_t msec) /* if non-zero, timeout in milliseconds */
1792 {
1793 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
1794 long ctl[3];
1795 ssize_t rc;
1796 int err;
1797 int old_state = P->state;
1798
1799 switch (P->state) {
1800 case PS_RUN:
1801 break;
1802 case PS_STOP:
1803 if (request != PCNULL && request != PCDSTOP)
1804 return (0);
1805 break;
1806 case PS_LOST:
1807 if (request != PCNULL) {
1808 errno = EAGAIN;
1809 return (-1);
1810 }
1811 break;
1812 case PS_UNDEAD:
1813 case PS_DEAD:
1814 case PS_IDLE:
1815 if (request != PCNULL) {
1816 errno = ENOENT;
1817 return (-1);
1818 }
1819 break;
1820 default: /* corrupted state */
1821 dprintf("Pstopstatus: corrupted state: %d\n", P->state);
1822 errno = EINVAL;
1823 return (-1);
1824 }
1825
1826 ctl[0] = PCDSTOP;
1827 ctl[1] = PCTWSTOP;
1828 ctl[2] = (long)msec;
1829 rc = 0;
1830 switch (request) {
1831 case PCSTOP:
1832 rc = write(ctlfd, &ctl[0], 3*sizeof (long));
1833 break;
1834 case PCWSTOP:
1835 rc = write(ctlfd, &ctl[1], 2*sizeof (long));
1836 break;
1837 case PCDSTOP:
1838 rc = write(ctlfd, &ctl[0], 1*sizeof (long));
1839 break;
1840 case PCNULL:
1841 if (P->state == PS_DEAD || P->state == PS_IDLE)
1842 return (0);
1843 break;
1844 default: /* programming error */
1845 errno = EINVAL;
1846 return (-1);
1847 }
1848 err = (rc < 0)? errno : 0;
1849 Psync(P);
1850
1851 if (P->agentstatfd < 0) {
1852 if (pread(P->statfd, &P->status,
1853 sizeof (P->status), (off_t)0) < 0)
1854 err = errno;
1855 } else {
1856 if (pread(P->agentstatfd, &P->status.pr_lwp,
1857 sizeof (P->status.pr_lwp), (off_t)0) < 0)
1858 err = errno;
1859 P->status.pr_flags = P->status.pr_lwp.pr_flags;
1860 }
1861
1862 if (err) {
1863 switch (err) {
1864 case EINTR: /* user typed ctl-C */
1865 case ERESTART:
1866 dprintf("Pstopstatus: EINTR\n");
1867 break;
1868 case EAGAIN: /* we lost control of the the process */
1869 case EOVERFLOW:
1870 dprintf("Pstopstatus: PS_LOST, errno=%d\n", err);
1871 P->state = PS_LOST;
1872 break;
1873 default: /* check for dead process */
1874 if (_libproc_debug) {
1875 const char *errstr;
1876
1877 switch (request) {
1878 case PCNULL:
1879 errstr = "Pstopstatus PCNULL"; break;
1880 case PCSTOP:
1881 errstr = "Pstopstatus PCSTOP"; break;
1882 case PCDSTOP:
1883 errstr = "Pstopstatus PCDSTOP"; break;
1884 case PCWSTOP:
1885 errstr = "Pstopstatus PCWSTOP"; break;
1886 default:
1887 errstr = "Pstopstatus PC???"; break;
1888 }
1889 dprintf("%s: %s\n", errstr, strerror(err));
1890 }
1891 deadcheck(P);
1892 break;
1893 }
1894 if (err != EINTR && err != ERESTART) {
1895 errno = err;
1896 return (-1);
1897 }
1898 }
1899
1900 if (!(P->status.pr_flags & PR_STOPPED)) {
1901 P->state = PS_RUN;
1902 if (request == PCNULL || request == PCDSTOP || msec != 0)
1903 return (0);
1904 dprintf("Pstopstatus: process is not stopped\n");
1905 errno = EPROTO;
1906 return (-1);
1907 }
1908
1909 P->state = PS_STOP;
1910
1911 if (_libproc_debug) /* debugging */
1912 prdump(P);
1913
1914 /*
1915 * If the process was already stopped coming into Pstopstatus(),
1916 * then don't use its PC to set P->sysaddr since it may have been
1917 * changed since the time the process originally stopped.
1918 */
1919 if (old_state == PS_STOP)
1920 return (0);
1921
1922 switch (P->status.pr_lwp.pr_why) {
1923 case PR_SYSENTRY:
1924 case PR_SYSEXIT:
1925 if (Pissyscall_prev(P, P->status.pr_lwp.pr_reg[R_PC],
1926 &P->sysaddr) == 0)
1927 P->sysaddr = P->status.pr_lwp.pr_reg[R_PC];
1928 break;
1929 case PR_REQUESTED:
1930 case PR_SIGNALLED:
1931 case PR_FAULTED:
1932 case PR_JOBCONTROL:
1933 case PR_SUSPENDED:
1934 break;
1935 default:
1936 errno = EPROTO;
1937 return (-1);
1938 }
1939
1940 return (0);
1941 }
1942
1943 /*
1944 * Wait for the process to stop for any reason.
1945 */
1946 int
Pwait(struct ps_prochandle * P,uint_t msec)1947 Pwait(struct ps_prochandle *P, uint_t msec)
1948 {
1949 return (Pstopstatus(P, PCWSTOP, msec));
1950 }
1951
1952 /*
1953 * Direct the process to stop; wait for it to stop.
1954 */
1955 int
Pstop(struct ps_prochandle * P,uint_t msec)1956 Pstop(struct ps_prochandle *P, uint_t msec)
1957 {
1958 return (Pstopstatus(P, PCSTOP, msec));
1959 }
1960
1961 /*
1962 * Direct the process to stop; don't wait.
1963 */
1964 int
Pdstop(struct ps_prochandle * P)1965 Pdstop(struct ps_prochandle *P)
1966 {
1967 return (Pstopstatus(P, PCDSTOP, 0));
1968 }
1969
1970 static void
deadcheck(struct ps_prochandle * P)1971 deadcheck(struct ps_prochandle *P)
1972 {
1973 int fd;
1974 void *buf;
1975 size_t size;
1976
1977 if (P->statfd < 0)
1978 P->state = PS_UNDEAD;
1979 else {
1980 if (P->agentstatfd < 0) {
1981 fd = P->statfd;
1982 buf = &P->status;
1983 size = sizeof (P->status);
1984 } else {
1985 fd = P->agentstatfd;
1986 buf = &P->status.pr_lwp;
1987 size = sizeof (P->status.pr_lwp);
1988 }
1989 while (pread(fd, buf, size, (off_t)0) != size) {
1990 switch (errno) {
1991 default:
1992 P->state = PS_UNDEAD;
1993 break;
1994 case EINTR:
1995 case ERESTART:
1996 continue;
1997 case EAGAIN:
1998 P->state = PS_LOST;
1999 break;
2000 }
2001 break;
2002 }
2003 P->status.pr_flags = P->status.pr_lwp.pr_flags;
2004 }
2005 }
2006
2007 /*
2008 * Get the value of one register from stopped process.
2009 */
2010 int
Pgetareg(struct ps_prochandle * P,int regno,prgreg_t * preg)2011 Pgetareg(struct ps_prochandle *P, int regno, prgreg_t *preg)
2012 {
2013 if (regno < 0 || regno >= NPRGREG) {
2014 errno = EINVAL;
2015 return (-1);
2016 }
2017
2018 if (P->state == PS_IDLE) {
2019 errno = ENODATA;
2020 return (-1);
2021 }
2022
2023 if (P->state != PS_STOP && P->state != PS_DEAD) {
2024 errno = EBUSY;
2025 return (-1);
2026 }
2027
2028 *preg = P->status.pr_lwp.pr_reg[regno];
2029 return (0);
2030 }
2031
2032 /*
2033 * Put value of one register into stopped process.
2034 */
2035 int
Pputareg(struct ps_prochandle * P,int regno,prgreg_t reg)2036 Pputareg(struct ps_prochandle *P, int regno, prgreg_t reg)
2037 {
2038 if (regno < 0 || regno >= NPRGREG) {
2039 errno = EINVAL;
2040 return (-1);
2041 }
2042
2043 if (P->state != PS_STOP) {
2044 errno = EBUSY;
2045 return (-1);
2046 }
2047
2048 P->status.pr_lwp.pr_reg[regno] = reg;
2049 P->flags |= SETREGS; /* set registers before continuing */
2050 return (0);
2051 }
2052
2053 int
Psetrun(struct ps_prochandle * P,int sig,int flags)2054 Psetrun(struct ps_prochandle *P,
2055 int sig, /* signal to pass to process */
2056 int flags) /* PRSTEP|PRSABORT|PRSTOP|PRCSIG|PRCFAULT */
2057 {
2058 int ctlfd = (P->agentctlfd >= 0) ? P->agentctlfd : P->ctlfd;
2059 int sbits = (PR_DSTOP | PR_ISTOP | PR_ASLEEP);
2060
2061 long ctl[1 + /* PCCFAULT */
2062 1 + sizeof (siginfo_t)/sizeof (long) + /* PCSSIG/PCCSIG */
2063 2 ]; /* PCRUN */
2064
2065 long *ctlp = ctl;
2066 size_t size;
2067
2068 if (P->state != PS_STOP && (P->status.pr_lwp.pr_flags & sbits) == 0) {
2069 errno = EBUSY;
2070 return (-1);
2071 }
2072
2073 Psync(P); /* flush tracing flags and registers */
2074
2075 if (flags & PRCFAULT) { /* clear current fault */
2076 *ctlp++ = PCCFAULT;
2077 flags &= ~PRCFAULT;
2078 }
2079
2080 if (flags & PRCSIG) { /* clear current signal */
2081 *ctlp++ = PCCSIG;
2082 flags &= ~PRCSIG;
2083 } else if (sig && sig != P->status.pr_lwp.pr_cursig) {
2084 /* make current signal */
2085 siginfo_t *infop;
2086
2087 *ctlp++ = PCSSIG;
2088 infop = (siginfo_t *)ctlp;
2089 (void) memset(infop, 0, sizeof (*infop));
2090 infop->si_signo = sig;
2091 ctlp += sizeof (siginfo_t) / sizeof (long);
2092 }
2093
2094 *ctlp++ = PCRUN;
2095 *ctlp++ = flags;
2096 size = (char *)ctlp - (char *)ctl;
2097
2098 P->info_valid = 0; /* will need to update map and file info */
2099
2100 /*
2101 * If we've cached ucontext-list information while we were stopped,
2102 * free it now.
2103 */
2104 if (P->ucaddrs != NULL) {
2105 free(P->ucaddrs);
2106 P->ucaddrs = NULL;
2107 P->ucnelems = 0;
2108 }
2109
2110 if (write(ctlfd, ctl, size) != size) {
2111 /* If it is dead or lost, return the real status, not PS_RUN */
2112 if (errno == ENOENT || errno == EAGAIN) {
2113 (void) Pstopstatus(P, PCNULL, 0);
2114 return (0);
2115 }
2116 /* If it is not in a jobcontrol stop, issue an error message */
2117 if (errno != EBUSY ||
2118 P->status.pr_lwp.pr_why != PR_JOBCONTROL) {
2119 dprintf("Psetrun: %s\n", strerror(errno));
2120 return (-1);
2121 }
2122 /* Otherwise pretend that the job-stopped process is running */
2123 }
2124
2125 P->state = PS_RUN;
2126 return (0);
2127 }
2128
2129 ssize_t
Pread(struct ps_prochandle * P,void * buf,size_t nbyte,uintptr_t address)2130 Pread(struct ps_prochandle *P,
2131 void *buf, /* caller's buffer */
2132 size_t nbyte, /* number of bytes to read */
2133 uintptr_t address) /* address in process */
2134 {
2135 return (P->ops.pop_pread(P, buf, nbyte, address, P->data));
2136 }
2137
2138 ssize_t
Pread_string(struct ps_prochandle * P,char * buf,size_t size,uintptr_t addr)2139 Pread_string(struct ps_prochandle *P,
2140 char *buf, /* caller's buffer */
2141 size_t size, /* upper limit on bytes to read */
2142 uintptr_t addr) /* address in process */
2143 {
2144 enum { STRSZ = 40 };
2145 char string[STRSZ + 1];
2146 ssize_t leng = 0;
2147 int nbyte;
2148
2149 if (size < 2) {
2150 errno = EINVAL;
2151 return (-1);
2152 }
2153
2154 size--; /* ensure trailing null fits in buffer */
2155
2156 *buf = '\0';
2157 string[STRSZ] = '\0';
2158
2159 for (nbyte = STRSZ; nbyte == STRSZ && leng < size; addr += STRSZ) {
2160 if ((nbyte = P->ops.pop_pread(P, string, STRSZ, addr,
2161 P->data)) <= 0) {
2162 buf[leng] = '\0';
2163 return (leng ? leng : -1);
2164 }
2165 if ((nbyte = strlen(string)) > 0) {
2166 if (leng + nbyte > size)
2167 nbyte = size - leng;
2168 (void) strncpy(buf + leng, string, nbyte);
2169 leng += nbyte;
2170 }
2171 }
2172 buf[leng] = '\0';
2173 return (leng);
2174 }
2175
2176 ssize_t
Pwrite(struct ps_prochandle * P,const void * buf,size_t nbyte,uintptr_t address)2177 Pwrite(struct ps_prochandle *P,
2178 const void *buf, /* caller's buffer */
2179 size_t nbyte, /* number of bytes to write */
2180 uintptr_t address) /* address in process */
2181 {
2182 return (P->ops.pop_pwrite(P, buf, nbyte, address, P->data));
2183 }
2184
2185 int
Pclearsig(struct ps_prochandle * P)2186 Pclearsig(struct ps_prochandle *P)
2187 {
2188 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2189 long ctl = PCCSIG;
2190
2191 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
2192 return (-1);
2193 P->status.pr_lwp.pr_cursig = 0;
2194 return (0);
2195 }
2196
2197 int
Pclearfault(struct ps_prochandle * P)2198 Pclearfault(struct ps_prochandle *P)
2199 {
2200 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2201 long ctl = PCCFAULT;
2202
2203 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
2204 return (-1);
2205 return (0);
2206 }
2207
2208 /*
2209 * Set a breakpoint trap, return original instruction.
2210 */
2211 int
Psetbkpt(struct ps_prochandle * P,uintptr_t address,ulong_t * saved)2212 Psetbkpt(struct ps_prochandle *P, uintptr_t address, ulong_t *saved)
2213 {
2214 long ctl[1 + sizeof (priovec_t) / sizeof (long) + /* PCREAD */
2215 1 + sizeof (priovec_t) / sizeof (long)]; /* PCWRITE */
2216 long *ctlp = ctl;
2217 size_t size;
2218 priovec_t *iovp;
2219 instr_t bpt = BPT;
2220 instr_t old;
2221
2222 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2223 P->state == PS_IDLE) {
2224 errno = ENOENT;
2225 return (-1);
2226 }
2227
2228 /* fetch the old instruction */
2229 *ctlp++ = PCREAD;
2230 iovp = (priovec_t *)ctlp;
2231 iovp->pio_base = &old;
2232 iovp->pio_len = sizeof (old);
2233 iovp->pio_offset = address;
2234 ctlp += sizeof (priovec_t) / sizeof (long);
2235
2236 /* write the BPT instruction */
2237 *ctlp++ = PCWRITE;
2238 iovp = (priovec_t *)ctlp;
2239 iovp->pio_base = &bpt;
2240 iovp->pio_len = sizeof (bpt);
2241 iovp->pio_offset = address;
2242 ctlp += sizeof (priovec_t) / sizeof (long);
2243
2244 size = (char *)ctlp - (char *)ctl;
2245 if (write(P->ctlfd, ctl, size) != size)
2246 return (-1);
2247
2248 /*
2249 * Fail if there was already a breakpoint there from another debugger
2250 * or DTrace's user-level tracing on x86.
2251 */
2252 if (old == BPT) {
2253 errno = EBUSY;
2254 return (-1);
2255 }
2256
2257 *saved = (ulong_t)old;
2258 return (0);
2259 }
2260
2261 /*
2262 * Restore original instruction where a breakpoint was set.
2263 */
2264 int
Pdelbkpt(struct ps_prochandle * P,uintptr_t address,ulong_t saved)2265 Pdelbkpt(struct ps_prochandle *P, uintptr_t address, ulong_t saved)
2266 {
2267 instr_t old = (instr_t)saved;
2268 instr_t cur;
2269
2270 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2271 P->state == PS_IDLE) {
2272 errno = ENOENT;
2273 return (-1);
2274 }
2275
2276 /*
2277 * If the breakpoint instruction we had placed has been overwritten
2278 * with a new instruction, then don't try to replace it with the
2279 * old instruction. Doing do can cause problems with self-modifying
2280 * code -- PLTs for example. If the Pread() fails, we assume that we
2281 * should proceed though most likely the Pwrite() will also fail.
2282 */
2283 if (Pread(P, &cur, sizeof (cur), address) == sizeof (cur) &&
2284 cur != BPT)
2285 return (0);
2286
2287 if (Pwrite(P, &old, sizeof (old), address) != sizeof (old))
2288 return (-1);
2289
2290 return (0);
2291 }
2292
2293 /*
2294 * Common code for Pxecbkpt() and Lxecbkpt().
2295 * Develop the array of requests that will do the job, then
2296 * write them to the specified control file descriptor.
2297 * Return the non-zero errno if the write fails.
2298 */
2299 static int
execute_bkpt(int ctlfd,const fltset_t * faultset,const sigset_t * sigmask,uintptr_t address,ulong_t saved)2300 execute_bkpt(
2301 int ctlfd, /* process or LWP control file descriptor */
2302 const fltset_t *faultset, /* current set of traced faults */
2303 const sigset_t *sigmask, /* current signal mask */
2304 uintptr_t address, /* address of breakpint */
2305 ulong_t saved) /* the saved instruction */
2306 {
2307 long ctl[
2308 1 + sizeof (sigset_t) / sizeof (long) + /* PCSHOLD */
2309 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2310 1 + sizeof (priovec_t) / sizeof (long) + /* PCWRITE */
2311 2 + /* PCRUN */
2312 1 + /* PCWSTOP */
2313 1 + /* PCCFAULT */
2314 1 + sizeof (priovec_t) / sizeof (long) + /* PCWRITE */
2315 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2316 1 + sizeof (sigset_t) / sizeof (long)]; /* PCSHOLD */
2317 long *ctlp = ctl;
2318 sigset_t unblock;
2319 size_t size;
2320 ssize_t ssize;
2321 priovec_t *iovp;
2322 sigset_t *holdp;
2323 fltset_t *faultp;
2324 instr_t old = (instr_t)saved;
2325 instr_t bpt = BPT;
2326 int error = 0;
2327
2328 /* block our signals for the duration */
2329 (void) sigprocmask(SIG_BLOCK, &blockable_sigs, &unblock);
2330
2331 /* hold posted signals */
2332 *ctlp++ = PCSHOLD;
2333 holdp = (sigset_t *)ctlp;
2334 prfillset(holdp);
2335 prdelset(holdp, SIGKILL);
2336 prdelset(holdp, SIGSTOP);
2337 ctlp += sizeof (sigset_t) / sizeof (long);
2338
2339 /* force tracing of FLTTRACE */
2340 if (!(prismember(faultset, FLTTRACE))) {
2341 *ctlp++ = PCSFAULT;
2342 faultp = (fltset_t *)ctlp;
2343 *faultp = *faultset;
2344 praddset(faultp, FLTTRACE);
2345 ctlp += sizeof (fltset_t) / sizeof (long);
2346 }
2347
2348 /* restore the old instruction */
2349 *ctlp++ = PCWRITE;
2350 iovp = (priovec_t *)ctlp;
2351 iovp->pio_base = &old;
2352 iovp->pio_len = sizeof (old);
2353 iovp->pio_offset = address;
2354 ctlp += sizeof (priovec_t) / sizeof (long);
2355
2356 /* clear current signal and fault; set running w/ single-step */
2357 *ctlp++ = PCRUN;
2358 *ctlp++ = PRCSIG | PRCFAULT | PRSTEP;
2359
2360 /* wait for stop, cancel the fault */
2361 *ctlp++ = PCWSTOP;
2362 *ctlp++ = PCCFAULT;
2363
2364 /* restore the breakpoint trap */
2365 *ctlp++ = PCWRITE;
2366 iovp = (priovec_t *)ctlp;
2367 iovp->pio_base = &bpt;
2368 iovp->pio_len = sizeof (bpt);
2369 iovp->pio_offset = address;
2370 ctlp += sizeof (priovec_t) / sizeof (long);
2371
2372 /* restore fault tracing set */
2373 if (!(prismember(faultset, FLTTRACE))) {
2374 *ctlp++ = PCSFAULT;
2375 *(fltset_t *)ctlp = *faultset;
2376 ctlp += sizeof (fltset_t) / sizeof (long);
2377 }
2378
2379 /* restore the hold mask */
2380 *ctlp++ = PCSHOLD;
2381 *(sigset_t *)ctlp = *sigmask;
2382 ctlp += sizeof (sigset_t) / sizeof (long);
2383
2384 size = (char *)ctlp - (char *)ctl;
2385 if ((ssize = write(ctlfd, ctl, size)) != size)
2386 error = (ssize == -1)? errno : EINTR;
2387 (void) sigprocmask(SIG_SETMASK, &unblock, NULL);
2388 return (error);
2389 }
2390
2391 /*
2392 * Step over a breakpoint, i.e., execute the instruction that
2393 * really belongs at the breakpoint location (the current %pc)
2394 * and leave the process stopped at the next instruction.
2395 */
2396 int
Pxecbkpt(struct ps_prochandle * P,ulong_t saved)2397 Pxecbkpt(struct ps_prochandle *P, ulong_t saved)
2398 {
2399 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2400 int rv, error;
2401
2402 if (P->state != PS_STOP) {
2403 errno = EBUSY;
2404 return (-1);
2405 }
2406
2407 Psync(P);
2408
2409 error = execute_bkpt(ctlfd,
2410 &P->status.pr_flttrace, &P->status.pr_lwp.pr_lwphold,
2411 P->status.pr_lwp.pr_reg[R_PC], saved);
2412 rv = Pstopstatus(P, PCNULL, 0);
2413
2414 if (error != 0) {
2415 if (P->status.pr_lwp.pr_why == PR_JOBCONTROL &&
2416 error == EBUSY) { /* jobcontrol stop -- back off */
2417 P->state = PS_RUN;
2418 return (0);
2419 }
2420 if (error == ENOENT)
2421 return (0);
2422 errno = error;
2423 return (-1);
2424 }
2425
2426 return (rv);
2427 }
2428
2429 /*
2430 * Install the watchpoint described by wp.
2431 */
2432 int
Psetwapt(struct ps_prochandle * P,const prwatch_t * wp)2433 Psetwapt(struct ps_prochandle *P, const prwatch_t *wp)
2434 {
2435 long ctl[1 + sizeof (prwatch_t) / sizeof (long)];
2436 prwatch_t *cwp = (prwatch_t *)&ctl[1];
2437
2438 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2439 P->state == PS_IDLE) {
2440 errno = ENOENT;
2441 return (-1);
2442 }
2443
2444 ctl[0] = PCWATCH;
2445 cwp->pr_vaddr = wp->pr_vaddr;
2446 cwp->pr_size = wp->pr_size;
2447 cwp->pr_wflags = wp->pr_wflags;
2448
2449 if (write(P->ctlfd, ctl, sizeof (ctl)) != sizeof (ctl))
2450 return (-1);
2451
2452 return (0);
2453 }
2454
2455 /*
2456 * Remove the watchpoint described by wp.
2457 */
2458 int
Pdelwapt(struct ps_prochandle * P,const prwatch_t * wp)2459 Pdelwapt(struct ps_prochandle *P, const prwatch_t *wp)
2460 {
2461 long ctl[1 + sizeof (prwatch_t) / sizeof (long)];
2462 prwatch_t *cwp = (prwatch_t *)&ctl[1];
2463
2464 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2465 P->state == PS_IDLE) {
2466 errno = ENOENT;
2467 return (-1);
2468 }
2469
2470 ctl[0] = PCWATCH;
2471 cwp->pr_vaddr = wp->pr_vaddr;
2472 cwp->pr_size = wp->pr_size;
2473 cwp->pr_wflags = 0;
2474
2475 if (write(P->ctlfd, ctl, sizeof (ctl)) != sizeof (ctl))
2476 return (-1);
2477
2478 return (0);
2479 }
2480
2481 /*
2482 * Common code for Pxecwapt() and Lxecwapt(). Develop the array of requests
2483 * that will do the job, then write them to the specified control file
2484 * descriptor. Return the non-zero errno if the write fails.
2485 */
2486 static int
execute_wapt(int ctlfd,const fltset_t * faultset,const sigset_t * sigmask,const prwatch_t * wp)2487 execute_wapt(
2488 int ctlfd, /* process or LWP control file descriptor */
2489 const fltset_t *faultset, /* current set of traced faults */
2490 const sigset_t *sigmask, /* current signal mask */
2491 const prwatch_t *wp) /* watchpoint descriptor */
2492 {
2493 long ctl[
2494 1 + sizeof (sigset_t) / sizeof (long) + /* PCSHOLD */
2495 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2496 1 + sizeof (prwatch_t) / sizeof (long) + /* PCWATCH */
2497 2 + /* PCRUN */
2498 1 + /* PCWSTOP */
2499 1 + /* PCCFAULT */
2500 1 + sizeof (prwatch_t) / sizeof (long) + /* PCWATCH */
2501 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2502 1 + sizeof (sigset_t) / sizeof (long)]; /* PCSHOLD */
2503
2504 long *ctlp = ctl;
2505 int error = 0;
2506
2507 sigset_t unblock;
2508 sigset_t *holdp;
2509 fltset_t *faultp;
2510 prwatch_t *prw;
2511 ssize_t ssize;
2512 size_t size;
2513
2514 (void) sigprocmask(SIG_BLOCK, &blockable_sigs, &unblock);
2515
2516 /*
2517 * Hold all posted signals in the victim process prior to stepping.
2518 */
2519 *ctlp++ = PCSHOLD;
2520 holdp = (sigset_t *)ctlp;
2521 prfillset(holdp);
2522 prdelset(holdp, SIGKILL);
2523 prdelset(holdp, SIGSTOP);
2524 ctlp += sizeof (sigset_t) / sizeof (long);
2525
2526 /*
2527 * Force tracing of FLTTRACE since we need to single step.
2528 */
2529 if (!(prismember(faultset, FLTTRACE))) {
2530 *ctlp++ = PCSFAULT;
2531 faultp = (fltset_t *)ctlp;
2532 *faultp = *faultset;
2533 praddset(faultp, FLTTRACE);
2534 ctlp += sizeof (fltset_t) / sizeof (long);
2535 }
2536
2537 /*
2538 * Clear only the current watchpoint by setting pr_wflags to zero.
2539 */
2540 *ctlp++ = PCWATCH;
2541 prw = (prwatch_t *)ctlp;
2542 prw->pr_vaddr = wp->pr_vaddr;
2543 prw->pr_size = wp->pr_size;
2544 prw->pr_wflags = 0;
2545 ctlp += sizeof (prwatch_t) / sizeof (long);
2546
2547 /*
2548 * Clear the current signal and fault; set running with single-step.
2549 * Then wait for the victim to stop and cancel the FLTTRACE.
2550 */
2551 *ctlp++ = PCRUN;
2552 *ctlp++ = PRCSIG | PRCFAULT | PRSTEP;
2553 *ctlp++ = PCWSTOP;
2554 *ctlp++ = PCCFAULT;
2555
2556 /*
2557 * Restore the current watchpoint.
2558 */
2559 *ctlp++ = PCWATCH;
2560 (void) memcpy(ctlp, wp, sizeof (prwatch_t));
2561 ctlp += sizeof (prwatch_t) / sizeof (long);
2562
2563 /*
2564 * Restore fault tracing set if we modified it.
2565 */
2566 if (!(prismember(faultset, FLTTRACE))) {
2567 *ctlp++ = PCSFAULT;
2568 *(fltset_t *)ctlp = *faultset;
2569 ctlp += sizeof (fltset_t) / sizeof (long);
2570 }
2571
2572 /*
2573 * Restore the hold mask to the current hold mask (i.e. the one
2574 * before we executed any of the previous operations).
2575 */
2576 *ctlp++ = PCSHOLD;
2577 *(sigset_t *)ctlp = *sigmask;
2578 ctlp += sizeof (sigset_t) / sizeof (long);
2579
2580 size = (char *)ctlp - (char *)ctl;
2581 if ((ssize = write(ctlfd, ctl, size)) != size)
2582 error = (ssize == -1)? errno : EINTR;
2583 (void) sigprocmask(SIG_SETMASK, &unblock, NULL);
2584 return (error);
2585 }
2586
2587 /*
2588 * Step over a watchpoint, i.e., execute the instruction that was stopped by
2589 * the watchpoint, and then leave the LWP stopped at the next instruction.
2590 */
2591 int
Pxecwapt(struct ps_prochandle * P,const prwatch_t * wp)2592 Pxecwapt(struct ps_prochandle *P, const prwatch_t *wp)
2593 {
2594 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2595 int rv, error;
2596
2597 if (P->state != PS_STOP) {
2598 errno = EBUSY;
2599 return (-1);
2600 }
2601
2602 Psync(P);
2603 error = execute_wapt(ctlfd,
2604 &P->status.pr_flttrace, &P->status.pr_lwp.pr_lwphold, wp);
2605 rv = Pstopstatus(P, PCNULL, 0);
2606
2607 if (error != 0) {
2608 if (P->status.pr_lwp.pr_why == PR_JOBCONTROL &&
2609 error == EBUSY) { /* jobcontrol stop -- back off */
2610 P->state = PS_RUN;
2611 return (0);
2612 }
2613 if (error == ENOENT)
2614 return (0);
2615 errno = error;
2616 return (-1);
2617 }
2618
2619 return (rv);
2620 }
2621
2622 int
Psetflags(struct ps_prochandle * P,long flags)2623 Psetflags(struct ps_prochandle *P, long flags)
2624 {
2625 int rc;
2626 long ctl[2];
2627
2628 ctl[0] = PCSET;
2629 ctl[1] = flags;
2630
2631 if (write(P->ctlfd, ctl, 2*sizeof (long)) != 2*sizeof (long)) {
2632 rc = -1;
2633 } else {
2634 P->status.pr_flags |= flags;
2635 P->status.pr_lwp.pr_flags |= flags;
2636 rc = 0;
2637 }
2638
2639 return (rc);
2640 }
2641
2642 int
Punsetflags(struct ps_prochandle * P,long flags)2643 Punsetflags(struct ps_prochandle *P, long flags)
2644 {
2645 int rc;
2646 long ctl[2];
2647
2648 ctl[0] = PCUNSET;
2649 ctl[1] = flags;
2650
2651 if (write(P->ctlfd, ctl, 2*sizeof (long)) != 2*sizeof (long)) {
2652 rc = -1;
2653 } else {
2654 P->status.pr_flags &= ~flags;
2655 P->status.pr_lwp.pr_flags &= ~flags;
2656 rc = 0;
2657 }
2658
2659 return (rc);
2660 }
2661
2662 /*
2663 * Common function to allow clients to manipulate the action to be taken
2664 * on receipt of a signal, receipt of machine fault, entry to a system call,
2665 * or exit from a system call. We make use of our private prset_* functions
2666 * in order to make this code be common. The 'which' parameter identifies
2667 * the code for the event of interest (0 means change the entire set), and
2668 * the 'stop' parameter is a boolean indicating whether the process should
2669 * stop when the event of interest occurs. The previous value is returned
2670 * to the caller; -1 is returned if an error occurred.
2671 */
2672 static int
Psetaction(struct ps_prochandle * P,void * sp,size_t size,uint_t flag,int max,int which,int stop)2673 Psetaction(struct ps_prochandle *P, void *sp, size_t size,
2674 uint_t flag, int max, int which, int stop)
2675 {
2676 int oldval;
2677
2678 if (which < 0 || which > max) {
2679 errno = EINVAL;
2680 return (-1);
2681 }
2682
2683 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2684 P->state == PS_IDLE) {
2685 errno = ENOENT;
2686 return (-1);
2687 }
2688
2689 oldval = prset_ismember(sp, size, which) ? TRUE : FALSE;
2690
2691 if (stop) {
2692 if (which == 0) {
2693 prset_fill(sp, size);
2694 P->flags |= flag;
2695 } else if (!oldval) {
2696 prset_add(sp, size, which);
2697 P->flags |= flag;
2698 }
2699 } else {
2700 if (which == 0) {
2701 prset_empty(sp, size);
2702 P->flags |= flag;
2703 } else if (oldval) {
2704 prset_del(sp, size, which);
2705 P->flags |= flag;
2706 }
2707 }
2708
2709 if (P->state == PS_RUN)
2710 Psync(P);
2711
2712 return (oldval);
2713 }
2714
2715 /*
2716 * Set action on specified signal.
2717 */
2718 int
Psignal(struct ps_prochandle * P,int which,int stop)2719 Psignal(struct ps_prochandle *P, int which, int stop)
2720 {
2721 int oldval;
2722
2723 if (which == SIGKILL && stop != 0) {
2724 errno = EINVAL;
2725 return (-1);
2726 }
2727
2728 oldval = Psetaction(P, &P->status.pr_sigtrace, sizeof (sigset_t),
2729 SETSIG, PRMAXSIG, which, stop);
2730
2731 if (oldval != -1 && which == 0 && stop != 0)
2732 prdelset(&P->status.pr_sigtrace, SIGKILL);
2733
2734 return (oldval);
2735 }
2736
2737 /*
2738 * Set all signal tracing flags.
2739 */
2740 void
Psetsignal(struct ps_prochandle * P,const sigset_t * set)2741 Psetsignal(struct ps_prochandle *P, const sigset_t *set)
2742 {
2743 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2744 P->state == PS_IDLE)
2745 return;
2746
2747 P->status.pr_sigtrace = *set;
2748 P->flags |= SETSIG;
2749
2750 if (P->state == PS_RUN)
2751 Psync(P);
2752 }
2753
2754 /*
2755 * Set action on specified fault.
2756 */
2757 int
Pfault(struct ps_prochandle * P,int which,int stop)2758 Pfault(struct ps_prochandle *P, int which, int stop)
2759 {
2760 return (Psetaction(P, &P->status.pr_flttrace, sizeof (fltset_t),
2761 SETFAULT, PRMAXFAULT, which, stop));
2762 }
2763
2764 /*
2765 * Set all machine fault tracing flags.
2766 */
2767 void
Psetfault(struct ps_prochandle * P,const fltset_t * set)2768 Psetfault(struct ps_prochandle *P, const fltset_t *set)
2769 {
2770 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2771 P->state == PS_IDLE)
2772 return;
2773
2774 P->status.pr_flttrace = *set;
2775 P->flags |= SETFAULT;
2776
2777 if (P->state == PS_RUN)
2778 Psync(P);
2779 }
2780
2781 /*
2782 * Set action on specified system call entry.
2783 */
2784 int
Psysentry(struct ps_prochandle * P,int which,int stop)2785 Psysentry(struct ps_prochandle *P, int which, int stop)
2786 {
2787 return (Psetaction(P, &P->status.pr_sysentry, sizeof (sysset_t),
2788 SETENTRY, PRMAXSYS, which, stop));
2789 }
2790
2791 /*
2792 * Set all system call entry tracing flags.
2793 */
2794 void
Psetsysentry(struct ps_prochandle * P,const sysset_t * set)2795 Psetsysentry(struct ps_prochandle *P, const sysset_t *set)
2796 {
2797 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2798 P->state == PS_IDLE)
2799 return;
2800
2801 P->status.pr_sysentry = *set;
2802 P->flags |= SETENTRY;
2803
2804 if (P->state == PS_RUN)
2805 Psync(P);
2806 }
2807
2808 /*
2809 * Set action on specified system call exit.
2810 */
2811 int
Psysexit(struct ps_prochandle * P,int which,int stop)2812 Psysexit(struct ps_prochandle *P, int which, int stop)
2813 {
2814 return (Psetaction(P, &P->status.pr_sysexit, sizeof (sysset_t),
2815 SETEXIT, PRMAXSYS, which, stop));
2816 }
2817
2818 /*
2819 * Set all system call exit tracing flags.
2820 */
2821 void
Psetsysexit(struct ps_prochandle * P,const sysset_t * set)2822 Psetsysexit(struct ps_prochandle *P, const sysset_t *set)
2823 {
2824 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2825 P->state == PS_IDLE)
2826 return;
2827
2828 P->status.pr_sysexit = *set;
2829 P->flags |= SETEXIT;
2830
2831 if (P->state == PS_RUN)
2832 Psync(P);
2833 }
2834
2835 /*
2836 * Utility function to read the contents of a file that contains a
2837 * prheader_t at the start (/proc/pid/lstatus or /proc/pid/lpsinfo).
2838 * Returns a malloc()d buffer or NULL on failure.
2839 */
2840 static prheader_t *
read_lfile(struct ps_prochandle * P,const char * lname)2841 read_lfile(struct ps_prochandle *P, const char *lname)
2842 {
2843 prheader_t *Lhp;
2844 char lpath[PATH_MAX];
2845 struct stat64 statb;
2846 int fd;
2847 size_t size;
2848 ssize_t rval;
2849
2850 (void) snprintf(lpath, sizeof (lpath), "%s/%d/%s", procfs_path,
2851 (int)P->status.pr_pid, lname);
2852 if ((fd = open(lpath, O_RDONLY)) < 0 || fstat64(fd, &statb) != 0) {
2853 if (fd >= 0)
2854 (void) close(fd);
2855 return (NULL);
2856 }
2857
2858 /*
2859 * 'size' is just the initial guess at the buffer size.
2860 * It will have to grow if the number of lwps increases
2861 * while we are looking at the process.
2862 * 'size' must be larger than the actual file size.
2863 */
2864 size = statb.st_size + 32;
2865
2866 for (;;) {
2867 if ((Lhp = malloc(size)) == NULL)
2868 break;
2869 if ((rval = pread(fd, Lhp, size, 0)) < 0 ||
2870 rval <= sizeof (prheader_t)) {
2871 free(Lhp);
2872 Lhp = NULL;
2873 break;
2874 }
2875 if (rval < size)
2876 break;
2877 /* need a bigger buffer */
2878 free(Lhp);
2879 size *= 2;
2880 }
2881
2882 (void) close(fd);
2883 return (Lhp);
2884 }
2885
2886 /*
2887 * LWP iteration interface.
2888 */
2889 int
Plwp_iter(struct ps_prochandle * P,proc_lwp_f * func,void * cd)2890 Plwp_iter(struct ps_prochandle *P, proc_lwp_f *func, void *cd)
2891 {
2892 prheader_t *Lhp;
2893 lwpstatus_t *Lsp;
2894 long nlwp;
2895 int rv;
2896
2897 switch (P->state) {
2898 case PS_RUN:
2899 (void) Pstopstatus(P, PCNULL, 0);
2900 break;
2901
2902 case PS_STOP:
2903 Psync(P);
2904 break;
2905
2906 case PS_IDLE:
2907 errno = ENODATA;
2908 return (-1);
2909 }
2910
2911 /*
2912 * For either live processes or cores, the single LWP case is easy:
2913 * the pstatus_t contains the lwpstatus_t for the only LWP.
2914 */
2915 if (P->status.pr_nlwp <= 1)
2916 return (func(cd, &P->status.pr_lwp));
2917
2918 /*
2919 * For the core file multi-LWP case, we just iterate through the
2920 * list of LWP structs we read in from the core file.
2921 */
2922 if (P->state == PS_DEAD) {
2923 core_info_t *core = P->data;
2924 lwp_info_t *lwp = list_prev(&core->core_lwp_head);
2925 uint_t i;
2926
2927 for (i = 0; i < core->core_nlwp; i++, lwp = list_prev(lwp)) {
2928 if (lwp->lwp_psinfo.pr_sname != 'Z' &&
2929 (rv = func(cd, &lwp->lwp_status)) != 0)
2930 break;
2931 }
2932
2933 return (rv);
2934 }
2935
2936 /*
2937 * For the live process multi-LWP case, we have to work a little
2938 * harder: the /proc/pid/lstatus file has the array of LWP structs.
2939 */
2940 if ((Lhp = Plstatus(P)) == NULL)
2941 return (-1);
2942
2943 for (nlwp = Lhp->pr_nent, Lsp = (lwpstatus_t *)(uintptr_t)(Lhp + 1);
2944 nlwp > 0;
2945 nlwp--, Lsp = (lwpstatus_t *)((uintptr_t)Lsp + Lhp->pr_entsize)) {
2946 if ((rv = func(cd, Lsp)) != 0)
2947 break;
2948 }
2949
2950 free(Lhp);
2951 return (rv);
2952 }
2953
2954 /*
2955 * Extended LWP iteration interface.
2956 * Iterate over all LWPs, active and zombie.
2957 */
2958 int
Plwp_iter_all(struct ps_prochandle * P,proc_lwp_all_f * func,void * cd)2959 Plwp_iter_all(struct ps_prochandle *P, proc_lwp_all_f *func, void *cd)
2960 {
2961 prheader_t *Lhp = NULL;
2962 lwpstatus_t *Lsp;
2963 lwpstatus_t *sp;
2964 prheader_t *Lphp = NULL;
2965 lwpsinfo_t *Lpsp;
2966 long nstat;
2967 long ninfo;
2968 int rv;
2969
2970 retry:
2971 if (Lhp != NULL)
2972 free(Lhp);
2973 if (Lphp != NULL)
2974 free(Lphp);
2975 if (P->state == PS_RUN)
2976 (void) Pstopstatus(P, PCNULL, 0);
2977 (void) Ppsinfo(P);
2978
2979 if (P->state == PS_STOP)
2980 Psync(P);
2981
2982 /*
2983 * For either live processes or cores, the single LWP case is easy:
2984 * the pstatus_t contains the lwpstatus_t for the only LWP and
2985 * the psinfo_t contains the lwpsinfo_t for the only LWP.
2986 */
2987 if (P->status.pr_nlwp + P->status.pr_nzomb <= 1)
2988 return (func(cd, &P->status.pr_lwp, &P->psinfo.pr_lwp));
2989
2990 /*
2991 * For the core file multi-LWP case, we just iterate through the
2992 * list of LWP structs we read in from the core file.
2993 */
2994 if (P->state == PS_DEAD) {
2995 core_info_t *core = P->data;
2996 lwp_info_t *lwp = list_prev(&core->core_lwp_head);
2997 uint_t i;
2998
2999 for (i = 0; i < core->core_nlwp; i++, lwp = list_prev(lwp)) {
3000 sp = (lwp->lwp_psinfo.pr_sname == 'Z')? NULL :
3001 &lwp->lwp_status;
3002 if ((rv = func(cd, sp, &lwp->lwp_psinfo)) != 0)
3003 break;
3004 }
3005
3006 return (rv);
3007 }
3008
3009 /*
3010 * For all other cases retrieve the array of lwpstatus_t's and
3011 * lwpsinfo_t's.
3012 */
3013 if ((Lhp = Plstatus(P)) == NULL)
3014 return (-1);
3015 if ((Lphp = Plpsinfo(P)) == NULL) {
3016 free(Lhp);
3017 return (-1);
3018 }
3019
3020 /*
3021 * If we are looking at a running process, or one we do not control,
3022 * the active and zombie lwps in the process may have changed since
3023 * we read the process status structure. If so, just start over.
3024 */
3025 if (Lhp->pr_nent != P->status.pr_nlwp ||
3026 Lphp->pr_nent != P->status.pr_nlwp + P->status.pr_nzomb)
3027 goto retry;
3028
3029 /*
3030 * To be perfectly safe, prescan the two arrays, checking consistency.
3031 * We rely on /proc giving us lwpstatus_t's and lwpsinfo_t's in the
3032 * same order (the lwp directory order) in their respective files.
3033 * We also rely on there being (possibly) more lwpsinfo_t's than
3034 * lwpstatus_t's (the extra lwpsinfo_t's are for zombie lwps).
3035 */
3036 Lsp = (lwpstatus_t *)(uintptr_t)(Lhp + 1);
3037 Lpsp = (lwpsinfo_t *)(uintptr_t)(Lphp + 1);
3038 nstat = Lhp->pr_nent;
3039 for (ninfo = Lphp->pr_nent; ninfo != 0; ninfo--) {
3040 if (Lpsp->pr_sname != 'Z') {
3041 /*
3042 * Not a zombie lwp; check for matching lwpids.
3043 */
3044 if (nstat == 0 || Lsp->pr_lwpid != Lpsp->pr_lwpid)
3045 goto retry;
3046 Lsp = (lwpstatus_t *)((uintptr_t)Lsp + Lhp->pr_entsize);
3047 nstat--;
3048 }
3049 Lpsp = (lwpsinfo_t *)((uintptr_t)Lpsp + Lphp->pr_entsize);
3050 }
3051 if (nstat != 0)
3052 goto retry;
3053
3054 /*
3055 * Rescan, this time for real.
3056 */
3057 Lsp = (lwpstatus_t *)(uintptr_t)(Lhp + 1);
3058 Lpsp = (lwpsinfo_t *)(uintptr_t)(Lphp + 1);
3059 for (ninfo = Lphp->pr_nent; ninfo != 0; ninfo--) {
3060 if (Lpsp->pr_sname != 'Z') {
3061 sp = Lsp;
3062 Lsp = (lwpstatus_t *)((uintptr_t)Lsp + Lhp->pr_entsize);
3063 } else {
3064 sp = NULL;
3065 }
3066 if ((rv = func(cd, sp, Lpsp)) != 0)
3067 break;
3068 Lpsp = (lwpsinfo_t *)((uintptr_t)Lpsp + Lphp->pr_entsize);
3069 }
3070
3071 free(Lhp);
3072 free(Lphp);
3073 return (rv);
3074 }
3075
3076 core_content_t
Pcontent(struct ps_prochandle * P)3077 Pcontent(struct ps_prochandle *P)
3078 {
3079 core_info_t *core = P->data;
3080
3081 if (P->state == PS_DEAD)
3082 return (core->core_content);
3083 if (P->state == PS_IDLE)
3084 return (CC_CONTENT_TEXT | CC_CONTENT_DATA | CC_CONTENT_CTF);
3085
3086 return (CC_CONTENT_ALL);
3087 }
3088
3089 /*
3090 * =================================================================
3091 * The remainder of the functions in this file are for the
3092 * control of individual LWPs in the controlled process.
3093 * =================================================================
3094 */
3095
3096 /*
3097 * Find an entry in the process hash table for the specified lwpid.
3098 * The entry will either point to an existing struct ps_lwphandle
3099 * or it will point to an empty slot for a new struct ps_lwphandle.
3100 */
3101 static struct ps_lwphandle **
Lfind(struct ps_prochandle * P,lwpid_t lwpid)3102 Lfind(struct ps_prochandle *P, lwpid_t lwpid)
3103 {
3104 struct ps_lwphandle **Lp;
3105 struct ps_lwphandle *L;
3106
3107 for (Lp = &P->hashtab[lwpid % (HASHSIZE - 1)];
3108 (L = *Lp) != NULL; Lp = &L->lwp_hash)
3109 if (L->lwp_id == lwpid)
3110 break;
3111 return (Lp);
3112 }
3113
3114 /*
3115 * Grab an LWP contained within the controlled process.
3116 * Return an opaque pointer to its LWP control structure.
3117 * perr: pointer to error return code.
3118 */
3119 struct ps_lwphandle *
Lgrab(struct ps_prochandle * P,lwpid_t lwpid,int * perr)3120 Lgrab(struct ps_prochandle *P, lwpid_t lwpid, int *perr)
3121 {
3122 struct ps_lwphandle **Lp;
3123 struct ps_lwphandle *L;
3124 int fd;
3125 char procname[PATH_MAX];
3126 char *fname;
3127 int rc = 0;
3128
3129 (void) mutex_lock(&P->proc_lock);
3130
3131 if (P->state == PS_UNDEAD || P->state == PS_IDLE)
3132 rc = G_NOPROC;
3133 else if (P->hashtab == NULL &&
3134 (P->hashtab = calloc(HASHSIZE, sizeof (struct ps_lwphandle *)))
3135 == NULL)
3136 rc = G_STRANGE;
3137 else if (*(Lp = Lfind(P, lwpid)) != NULL)
3138 rc = G_BUSY;
3139 else if ((L = malloc(sizeof (struct ps_lwphandle))) == NULL)
3140 rc = G_STRANGE;
3141 if (rc) {
3142 *perr = rc;
3143 (void) mutex_unlock(&P->proc_lock);
3144 return (NULL);
3145 }
3146
3147 (void) memset(L, 0, sizeof (*L));
3148 L->lwp_ctlfd = -1;
3149 L->lwp_statfd = -1;
3150 L->lwp_proc = P;
3151 L->lwp_id = lwpid;
3152 *Lp = L; /* insert into the hash table */
3153
3154 if (P->state == PS_DEAD) { /* core file */
3155 if (getlwpstatus(P, lwpid, &L->lwp_status) == -1) {
3156 rc = G_NOPROC;
3157 goto err;
3158 }
3159 L->lwp_state = PS_DEAD;
3160 *perr = 0;
3161 (void) mutex_unlock(&P->proc_lock);
3162 return (L);
3163 }
3164
3165 /*
3166 * Open the /proc/<pid>/lwp/<lwpid> files
3167 */
3168 (void) snprintf(procname, sizeof (procname), "%s/%d/lwp/%d/",
3169 procfs_path, (int)P->pid, (int)lwpid);
3170 fname = procname + strlen(procname);
3171 (void) set_minfd();
3172
3173 (void) strcpy(fname, "lwpstatus");
3174 if ((fd = open(procname, O_RDONLY)) < 0 ||
3175 (fd = dupfd(fd, 0)) < 0) {
3176 switch (errno) {
3177 case ENOENT:
3178 rc = G_NOPROC;
3179 break;
3180 default:
3181 dprintf("Lgrab: failed to open %s: %s\n",
3182 procname, strerror(errno));
3183 rc = G_STRANGE;
3184 break;
3185 }
3186 goto err;
3187 }
3188 L->lwp_statfd = fd;
3189
3190 if (pread(fd, &L->lwp_status, sizeof (L->lwp_status), (off_t)0) < 0) {
3191 switch (errno) {
3192 case ENOENT:
3193 rc = G_NOPROC;
3194 break;
3195 default:
3196 dprintf("Lgrab: failed to read %s: %s\n",
3197 procname, strerror(errno));
3198 rc = G_STRANGE;
3199 break;
3200 }
3201 goto err;
3202 }
3203
3204 (void) strcpy(fname, "lwpctl");
3205 if ((fd = open(procname, O_WRONLY)) < 0 ||
3206 (fd = dupfd(fd, 0)) < 0) {
3207 switch (errno) {
3208 case ENOENT:
3209 rc = G_NOPROC;
3210 break;
3211 default:
3212 dprintf("Lgrab: failed to open %s: %s\n",
3213 procname, strerror(errno));
3214 rc = G_STRANGE;
3215 break;
3216 }
3217 goto err;
3218 }
3219 L->lwp_ctlfd = fd;
3220
3221 L->lwp_state =
3222 ((L->lwp_status.pr_flags & (PR_STOPPED|PR_ISTOP))
3223 == (PR_STOPPED|PR_ISTOP))?
3224 PS_STOP : PS_RUN;
3225
3226 *perr = 0;
3227 (void) mutex_unlock(&P->proc_lock);
3228 return (L);
3229
3230 err:
3231 Lfree_internal(P, L);
3232 *perr = rc;
3233 (void) mutex_unlock(&P->proc_lock);
3234 return (NULL);
3235 }
3236
3237 /*
3238 * Return a printable string corresponding to an Lgrab() error return.
3239 */
3240 const char *
Lgrab_error(int error)3241 Lgrab_error(int error)
3242 {
3243 const char *str;
3244
3245 switch (error) {
3246 case G_NOPROC:
3247 str = "no such LWP";
3248 break;
3249 case G_BUSY:
3250 str = "LWP already grabbed";
3251 break;
3252 case G_STRANGE:
3253 str = "unanticipated system error";
3254 break;
3255 default:
3256 str = "unknown error";
3257 break;
3258 }
3259
3260 return (str);
3261 }
3262
3263 /*
3264 * Free an LWP control structure.
3265 */
3266 void
Lfree(struct ps_lwphandle * L)3267 Lfree(struct ps_lwphandle *L)
3268 {
3269 struct ps_prochandle *P = L->lwp_proc;
3270
3271 (void) mutex_lock(&P->proc_lock);
3272 Lfree_internal(P, L);
3273 (void) mutex_unlock(&P->proc_lock);
3274 }
3275
3276 static void
Lfree_internal(struct ps_prochandle * P,struct ps_lwphandle * L)3277 Lfree_internal(struct ps_prochandle *P, struct ps_lwphandle *L)
3278 {
3279 *Lfind(P, L->lwp_id) = L->lwp_hash; /* delete from hash table */
3280 if (L->lwp_ctlfd >= 0)
3281 (void) close(L->lwp_ctlfd);
3282 if (L->lwp_statfd >= 0)
3283 (void) close(L->lwp_statfd);
3284
3285 /* clear out the structure as a precaution against reuse */
3286 (void) memset(L, 0, sizeof (*L));
3287 L->lwp_ctlfd = -1;
3288 L->lwp_statfd = -1;
3289
3290 free(L);
3291 }
3292
3293 /*
3294 * Return the state of the process, one of the PS_* values.
3295 */
3296 int
Lstate(struct ps_lwphandle * L)3297 Lstate(struct ps_lwphandle *L)
3298 {
3299 return (L->lwp_state);
3300 }
3301
3302 /*
3303 * Return the open control file descriptor for the LWP.
3304 * Clients must not close this file descriptor, nor use it
3305 * after the LWP is freed.
3306 */
3307 int
Lctlfd(struct ps_lwphandle * L)3308 Lctlfd(struct ps_lwphandle *L)
3309 {
3310 return (L->lwp_ctlfd);
3311 }
3312
3313 /*
3314 * Return a pointer to the LWP lwpsinfo structure.
3315 * Clients should not hold on to this pointer indefinitely.
3316 * It will become invalid on Lfree().
3317 */
3318 const lwpsinfo_t *
Lpsinfo(struct ps_lwphandle * L)3319 Lpsinfo(struct ps_lwphandle *L)
3320 {
3321 if (Plwp_getpsinfo(L->lwp_proc, L->lwp_id, &L->lwp_psinfo) == -1)
3322 return (NULL);
3323
3324 return (&L->lwp_psinfo);
3325 }
3326
3327 /*
3328 * Return a pointer to the LWP status structure.
3329 * Clients should not hold on to this pointer indefinitely.
3330 * It will become invalid on Lfree().
3331 */
3332 const lwpstatus_t *
Lstatus(struct ps_lwphandle * L)3333 Lstatus(struct ps_lwphandle *L)
3334 {
3335 return (&L->lwp_status);
3336 }
3337
3338 /*
3339 * Given an LWP handle, return the process handle.
3340 */
3341 struct ps_prochandle *
Lprochandle(struct ps_lwphandle * L)3342 Lprochandle(struct ps_lwphandle *L)
3343 {
3344 return (L->lwp_proc);
3345 }
3346
3347 /*
3348 * Ensure that all cached state is written to the LWP.
3349 * The cached state is the LWP's signal mask and registers.
3350 */
3351 void
Lsync(struct ps_lwphandle * L)3352 Lsync(struct ps_lwphandle *L)
3353 {
3354 int ctlfd = L->lwp_ctlfd;
3355 long cmd[2];
3356 iovec_t iov[4];
3357 int n = 0;
3358
3359 if (L->lwp_flags & SETHOLD) {
3360 cmd[0] = PCSHOLD;
3361 iov[n].iov_base = (caddr_t)&cmd[0];
3362 iov[n++].iov_len = sizeof (long);
3363 iov[n].iov_base = (caddr_t)&L->lwp_status.pr_lwphold;
3364 iov[n++].iov_len = sizeof (L->lwp_status.pr_lwphold);
3365 }
3366 if (L->lwp_flags & SETREGS) {
3367 cmd[1] = PCSREG;
3368 iov[n].iov_base = (caddr_t)&cmd[1];
3369 iov[n++].iov_len = sizeof (long);
3370 iov[n].iov_base = (caddr_t)&L->lwp_status.pr_reg[0];
3371 iov[n++].iov_len = sizeof (L->lwp_status.pr_reg);
3372 }
3373
3374 if (n == 0 || writev(ctlfd, iov, n) < 0)
3375 return; /* nothing to do or write failed */
3376
3377 L->lwp_flags &= ~(SETHOLD|SETREGS);
3378 }
3379
3380 /*
3381 * Wait for the specified LWP to stop or terminate.
3382 * Or, just get the current status (PCNULL).
3383 * Or, direct it to stop and get the current status (PCDSTOP).
3384 */
3385 static int
Lstopstatus(struct ps_lwphandle * L,long request,uint_t msec)3386 Lstopstatus(struct ps_lwphandle *L,
3387 long request, /* PCNULL, PCDSTOP, PCSTOP, PCWSTOP */
3388 uint_t msec) /* if non-zero, timeout in milliseconds */
3389 {
3390 int ctlfd = L->lwp_ctlfd;
3391 long ctl[3];
3392 ssize_t rc;
3393 int err;
3394
3395 switch (L->lwp_state) {
3396 case PS_RUN:
3397 break;
3398 case PS_STOP:
3399 if (request != PCNULL && request != PCDSTOP)
3400 return (0);
3401 break;
3402 case PS_LOST:
3403 if (request != PCNULL) {
3404 errno = EAGAIN;
3405 return (-1);
3406 }
3407 break;
3408 case PS_UNDEAD:
3409 case PS_DEAD:
3410 if (request != PCNULL) {
3411 errno = ENOENT;
3412 return (-1);
3413 }
3414 break;
3415 default: /* corrupted state */
3416 dprintf("Lstopstatus: corrupted state: %d\n", L->lwp_state);
3417 errno = EINVAL;
3418 return (-1);
3419 }
3420
3421 ctl[0] = PCDSTOP;
3422 ctl[1] = PCTWSTOP;
3423 ctl[2] = (long)msec;
3424 rc = 0;
3425 switch (request) {
3426 case PCSTOP:
3427 rc = write(ctlfd, &ctl[0], 3*sizeof (long));
3428 break;
3429 case PCWSTOP:
3430 rc = write(ctlfd, &ctl[1], 2*sizeof (long));
3431 break;
3432 case PCDSTOP:
3433 rc = write(ctlfd, &ctl[0], 1*sizeof (long));
3434 break;
3435 case PCNULL:
3436 if (L->lwp_state == PS_DEAD)
3437 return (0); /* Nothing else to do for cores */
3438 break;
3439 default: /* programming error */
3440 errno = EINVAL;
3441 return (-1);
3442 }
3443 err = (rc < 0)? errno : 0;
3444 Lsync(L);
3445
3446 if (pread(L->lwp_statfd, &L->lwp_status,
3447 sizeof (L->lwp_status), (off_t)0) < 0)
3448 err = errno;
3449
3450 if (err) {
3451 switch (err) {
3452 case EINTR: /* user typed ctl-C */
3453 case ERESTART:
3454 dprintf("Lstopstatus: EINTR\n");
3455 break;
3456 case EAGAIN: /* we lost control of the the process */
3457 dprintf("Lstopstatus: EAGAIN\n");
3458 L->lwp_state = PS_LOST;
3459 errno = err;
3460 return (-1);
3461 default:
3462 if (_libproc_debug) {
3463 const char *errstr;
3464
3465 switch (request) {
3466 case PCNULL:
3467 errstr = "Lstopstatus PCNULL"; break;
3468 case PCSTOP:
3469 errstr = "Lstopstatus PCSTOP"; break;
3470 case PCDSTOP:
3471 errstr = "Lstopstatus PCDSTOP"; break;
3472 case PCWSTOP:
3473 errstr = "Lstopstatus PCWSTOP"; break;
3474 default:
3475 errstr = "Lstopstatus PC???"; break;
3476 }
3477 dprintf("%s: %s\n", errstr, strerror(err));
3478 }
3479 L->lwp_state = PS_UNDEAD;
3480 errno = err;
3481 return (-1);
3482 }
3483 }
3484
3485 if ((L->lwp_status.pr_flags & (PR_STOPPED|PR_ISTOP))
3486 != (PR_STOPPED|PR_ISTOP)) {
3487 L->lwp_state = PS_RUN;
3488 if (request == PCNULL || request == PCDSTOP || msec != 0)
3489 return (0);
3490 dprintf("Lstopstatus: LWP is not stopped\n");
3491 errno = EPROTO;
3492 return (-1);
3493 }
3494
3495 L->lwp_state = PS_STOP;
3496
3497 if (_libproc_debug) /* debugging */
3498 prldump("Lstopstatus", &L->lwp_status);
3499
3500 switch (L->lwp_status.pr_why) {
3501 case PR_SYSENTRY:
3502 case PR_SYSEXIT:
3503 case PR_REQUESTED:
3504 case PR_SIGNALLED:
3505 case PR_FAULTED:
3506 case PR_JOBCONTROL:
3507 case PR_SUSPENDED:
3508 break;
3509 default:
3510 errno = EPROTO;
3511 return (-1);
3512 }
3513
3514 return (0);
3515 }
3516
3517 /*
3518 * Wait for the LWP to stop for any reason.
3519 */
3520 int
Lwait(struct ps_lwphandle * L,uint_t msec)3521 Lwait(struct ps_lwphandle *L, uint_t msec)
3522 {
3523 return (Lstopstatus(L, PCWSTOP, msec));
3524 }
3525
3526 /*
3527 * Direct the LWP to stop; wait for it to stop.
3528 */
3529 int
Lstop(struct ps_lwphandle * L,uint_t msec)3530 Lstop(struct ps_lwphandle *L, uint_t msec)
3531 {
3532 return (Lstopstatus(L, PCSTOP, msec));
3533 }
3534
3535 /*
3536 * Direct the LWP to stop; don't wait.
3537 */
3538 int
Ldstop(struct ps_lwphandle * L)3539 Ldstop(struct ps_lwphandle *L)
3540 {
3541 return (Lstopstatus(L, PCDSTOP, 0));
3542 }
3543
3544 /*
3545 * Get the value of one register from stopped LWP.
3546 */
3547 int
Lgetareg(struct ps_lwphandle * L,int regno,prgreg_t * preg)3548 Lgetareg(struct ps_lwphandle *L, int regno, prgreg_t *preg)
3549 {
3550 if (regno < 0 || regno >= NPRGREG) {
3551 errno = EINVAL;
3552 return (-1);
3553 }
3554
3555 if (L->lwp_state != PS_STOP) {
3556 errno = EBUSY;
3557 return (-1);
3558 }
3559
3560 *preg = L->lwp_status.pr_reg[regno];
3561 return (0);
3562 }
3563
3564 /*
3565 * Put value of one register into stopped LWP.
3566 */
3567 int
Lputareg(struct ps_lwphandle * L,int regno,prgreg_t reg)3568 Lputareg(struct ps_lwphandle *L, int regno, prgreg_t reg)
3569 {
3570 if (regno < 0 || regno >= NPRGREG) {
3571 errno = EINVAL;
3572 return (-1);
3573 }
3574
3575 if (L->lwp_state != PS_STOP) {
3576 errno = EBUSY;
3577 return (-1);
3578 }
3579
3580 L->lwp_status.pr_reg[regno] = reg;
3581 L->lwp_flags |= SETREGS; /* set registers before continuing */
3582 return (0);
3583 }
3584
3585 int
Lsetrun(struct ps_lwphandle * L,int sig,int flags)3586 Lsetrun(struct ps_lwphandle *L,
3587 int sig, /* signal to pass to LWP */
3588 int flags) /* PRSTEP|PRSABORT|PRSTOP|PRCSIG|PRCFAULT */
3589 {
3590 int ctlfd = L->lwp_ctlfd;
3591 int sbits = (PR_DSTOP | PR_ISTOP | PR_ASLEEP);
3592
3593 long ctl[1 + /* PCCFAULT */
3594 1 + sizeof (siginfo_t)/sizeof (long) + /* PCSSIG/PCCSIG */
3595 2 ]; /* PCRUN */
3596
3597 long *ctlp = ctl;
3598 size_t size;
3599
3600 if (L->lwp_state != PS_STOP &&
3601 (L->lwp_status.pr_flags & sbits) == 0) {
3602 errno = EBUSY;
3603 return (-1);
3604 }
3605
3606 Lsync(L); /* flush registers */
3607
3608 if (flags & PRCFAULT) { /* clear current fault */
3609 *ctlp++ = PCCFAULT;
3610 flags &= ~PRCFAULT;
3611 }
3612
3613 if (flags & PRCSIG) { /* clear current signal */
3614 *ctlp++ = PCCSIG;
3615 flags &= ~PRCSIG;
3616 } else if (sig && sig != L->lwp_status.pr_cursig) {
3617 /* make current signal */
3618 siginfo_t *infop;
3619
3620 *ctlp++ = PCSSIG;
3621 infop = (siginfo_t *)ctlp;
3622 (void) memset(infop, 0, sizeof (*infop));
3623 infop->si_signo = sig;
3624 ctlp += sizeof (siginfo_t) / sizeof (long);
3625 }
3626
3627 *ctlp++ = PCRUN;
3628 *ctlp++ = flags;
3629 size = (char *)ctlp - (char *)ctl;
3630
3631 L->lwp_proc->info_valid = 0; /* will need to update map and file info */
3632 L->lwp_proc->state = PS_RUN;
3633 L->lwp_state = PS_RUN;
3634
3635 if (write(ctlfd, ctl, size) != size) {
3636 /* Pretend that a job-stopped LWP is running */
3637 if (errno != EBUSY || L->lwp_status.pr_why != PR_JOBCONTROL)
3638 return (Lstopstatus(L, PCNULL, 0));
3639 }
3640
3641 return (0);
3642 }
3643
3644 int
Lclearsig(struct ps_lwphandle * L)3645 Lclearsig(struct ps_lwphandle *L)
3646 {
3647 int ctlfd = L->lwp_ctlfd;
3648 long ctl = PCCSIG;
3649
3650 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
3651 return (-1);
3652 L->lwp_status.pr_cursig = 0;
3653 return (0);
3654 }
3655
3656 int
Lclearfault(struct ps_lwphandle * L)3657 Lclearfault(struct ps_lwphandle *L)
3658 {
3659 int ctlfd = L->lwp_ctlfd;
3660 long ctl = PCCFAULT;
3661
3662 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
3663 return (-1);
3664 return (0);
3665 }
3666
3667 /*
3668 * Step over a breakpoint, i.e., execute the instruction that
3669 * really belongs at the breakpoint location (the current %pc)
3670 * and leave the LWP stopped at the next instruction.
3671 */
3672 int
Lxecbkpt(struct ps_lwphandle * L,ulong_t saved)3673 Lxecbkpt(struct ps_lwphandle *L, ulong_t saved)
3674 {
3675 struct ps_prochandle *P = L->lwp_proc;
3676 int rv, error;
3677
3678 if (L->lwp_state != PS_STOP) {
3679 errno = EBUSY;
3680 return (-1);
3681 }
3682
3683 Lsync(L);
3684 error = execute_bkpt(L->lwp_ctlfd,
3685 &P->status.pr_flttrace, &L->lwp_status.pr_lwphold,
3686 L->lwp_status.pr_reg[R_PC], saved);
3687 rv = Lstopstatus(L, PCNULL, 0);
3688
3689 if (error != 0) {
3690 if (L->lwp_status.pr_why == PR_JOBCONTROL &&
3691 error == EBUSY) { /* jobcontrol stop -- back off */
3692 L->lwp_state = PS_RUN;
3693 return (0);
3694 }
3695 if (error == ENOENT)
3696 return (0);
3697 errno = error;
3698 return (-1);
3699 }
3700
3701 return (rv);
3702 }
3703
3704 /*
3705 * Step over a watchpoint, i.e., execute the instruction that was stopped by
3706 * the watchpoint, and then leave the LWP stopped at the next instruction.
3707 */
3708 int
Lxecwapt(struct ps_lwphandle * L,const prwatch_t * wp)3709 Lxecwapt(struct ps_lwphandle *L, const prwatch_t *wp)
3710 {
3711 struct ps_prochandle *P = L->lwp_proc;
3712 int rv, error;
3713
3714 if (L->lwp_state != PS_STOP) {
3715 errno = EBUSY;
3716 return (-1);
3717 }
3718
3719 Lsync(L);
3720 error = execute_wapt(L->lwp_ctlfd,
3721 &P->status.pr_flttrace, &L->lwp_status.pr_lwphold, wp);
3722 rv = Lstopstatus(L, PCNULL, 0);
3723
3724 if (error != 0) {
3725 if (L->lwp_status.pr_why == PR_JOBCONTROL &&
3726 error == EBUSY) { /* jobcontrol stop -- back off */
3727 L->lwp_state = PS_RUN;
3728 return (0);
3729 }
3730 if (error == ENOENT)
3731 return (0);
3732 errno = error;
3733 return (-1);
3734 }
3735
3736 return (rv);
3737 }
3738
3739 int
Lstack(struct ps_lwphandle * L,stack_t * stkp)3740 Lstack(struct ps_lwphandle *L, stack_t *stkp)
3741 {
3742 struct ps_prochandle *P = L->lwp_proc;
3743 uintptr_t addr = L->lwp_status.pr_ustack;
3744
3745 if (P->status.pr_dmodel == PR_MODEL_NATIVE) {
3746 if (Pread(P, stkp, sizeof (*stkp), addr) != sizeof (*stkp))
3747 return (-1);
3748 #ifdef _LP64
3749 } else {
3750 stack32_t stk32;
3751
3752 if (Pread(P, &stk32, sizeof (stk32), addr) != sizeof (stk32))
3753 return (-1);
3754
3755 stack_32_to_n(&stk32, stkp);
3756 #endif
3757 }
3758
3759 return (0);
3760 }
3761
3762 int
Lmain_stack(struct ps_lwphandle * L,stack_t * stkp)3763 Lmain_stack(struct ps_lwphandle *L, stack_t *stkp)
3764 {
3765 struct ps_prochandle *P = L->lwp_proc;
3766
3767 if (Lstack(L, stkp) != 0)
3768 return (-1);
3769
3770 /*
3771 * If the SS_ONSTACK flag is set then this LWP is operating on the
3772 * alternate signal stack. We can recover the original stack from
3773 * pr_oldcontext.
3774 */
3775 if (!(stkp->ss_flags & SS_ONSTACK))
3776 return (0);
3777
3778 if (P->status.pr_dmodel == PR_MODEL_NATIVE) {
3779 ucontext_t *ctxp = (void *)L->lwp_status.pr_oldcontext;
3780
3781 if (Pread(P, stkp, sizeof (*stkp),
3782 (uintptr_t)&ctxp->uc_stack) != sizeof (*stkp))
3783 return (-1);
3784 #ifdef _LP64
3785 } else {
3786 ucontext32_t *ctxp = (void *)L->lwp_status.pr_oldcontext;
3787 stack32_t stk32;
3788
3789 if (Pread(P, &stk32, sizeof (stk32),
3790 (uintptr_t)&ctxp->uc_stack) != sizeof (stk32))
3791 return (-1);
3792
3793 stack_32_to_n(&stk32, stkp);
3794 #endif
3795 }
3796
3797 return (0);
3798 }
3799
3800 int
Lalt_stack(struct ps_lwphandle * L,stack_t * stkp)3801 Lalt_stack(struct ps_lwphandle *L, stack_t *stkp)
3802 {
3803 if (L->lwp_status.pr_altstack.ss_flags & SS_DISABLE) {
3804 errno = ENODATA;
3805 return (-1);
3806 }
3807
3808 *stkp = L->lwp_status.pr_altstack;
3809
3810 return (0);
3811 }
3812
3813 /*
3814 * Add a mapping to the given proc handle. Resizes the array as appropriate and
3815 * manages reference counts on the given file_info_t.
3816 *
3817 * The 'map_relocate' member is used to tell Psort_mappings() that the
3818 * associated file_map pointer needs to be relocated after the mappings have
3819 * been sorted. It is only set for the first mapping, and has no meaning
3820 * outside these two functions.
3821 */
3822 int
Padd_mapping(struct ps_prochandle * P,off64_t off,file_info_t * fp,prmap_t * pmap)3823 Padd_mapping(struct ps_prochandle *P, off64_t off, file_info_t *fp,
3824 prmap_t *pmap)
3825 {
3826 map_info_t *mp;
3827
3828 if (P->map_count == P->map_alloc) {
3829 size_t next = P->map_alloc ? P->map_alloc * 2 : 16;
3830
3831 if ((P->mappings = realloc(P->mappings,
3832 next * sizeof (map_info_t))) == NULL)
3833 return (-1);
3834
3835 P->map_alloc = next;
3836 }
3837
3838 mp = &P->mappings[P->map_count++];
3839
3840 mp->map_offset = off;
3841 mp->map_pmap = *pmap;
3842 mp->map_relocate = 0;
3843 if ((mp->map_file = fp) != NULL) {
3844 if (fp->file_map == NULL) {
3845 fp->file_map = mp;
3846 mp->map_relocate = 1;
3847 }
3848 fp->file_ref++;
3849 }
3850
3851 return (0);
3852 }
3853
3854 static int
map_sort(const void * a,const void * b)3855 map_sort(const void *a, const void *b)
3856 {
3857 const map_info_t *ap = a, *bp = b;
3858
3859 if (ap->map_pmap.pr_vaddr < bp->map_pmap.pr_vaddr)
3860 return (-1);
3861 else if (ap->map_pmap.pr_vaddr > bp->map_pmap.pr_vaddr)
3862 return (1);
3863 else
3864 return (0);
3865 }
3866
3867 /*
3868 * Sort the current set of mappings. Should be called during target
3869 * initialization after all calls to Padd_mapping() have been made.
3870 */
3871 void
Psort_mappings(struct ps_prochandle * P)3872 Psort_mappings(struct ps_prochandle *P)
3873 {
3874 int i;
3875 map_info_t *mp;
3876
3877 qsort(P->mappings, P->map_count, sizeof (map_info_t), map_sort);
3878
3879 /*
3880 * Update all the file_map pointers to refer to the new locations.
3881 */
3882 for (i = 0; i < P->map_count; i++) {
3883 mp = &P->mappings[i];
3884 if (mp->map_relocate)
3885 mp->map_file->file_map = mp;
3886 mp->map_relocate = 0;
3887 }
3888 }
3889
3890 struct ps_prochandle *
Pgrab_ops(pid_t pid,void * data,const ps_ops_t * ops,int flags)3891 Pgrab_ops(pid_t pid, void *data, const ps_ops_t *ops, int flags)
3892 {
3893 struct ps_prochandle *P;
3894
3895 if ((P = calloc(1, sizeof (*P))) == NULL) {
3896 return (NULL);
3897 }
3898
3899 Pinit_ops(&P->ops, ops);
3900 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL);
3901 P->pid = pid;
3902 P->state = PS_STOP;
3903 P->asfd = -1;
3904 P->ctlfd = -1;
3905 P->statfd = -1;
3906 P->agentctlfd = -1;
3907 P->agentstatfd = -1;
3908 Pinitsym(P);
3909 P->data = data;
3910 Pread_status(P);
3911
3912 if (flags & PGRAB_INCORE) {
3913 P->flags |= INCORE;
3914 }
3915
3916 return (P);
3917 }
3918