1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1988, 1993
5 * The Regents of the University of California. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #define _WANT_KERNEL_ERRNO
33 #ifdef __LP64__
34 #define _WANT_KEVENT32
35 #endif
36 #define _WANT_FREEBSD11_KEVENT
37 #define _WANT_FREEBSD_BITSET
38 #include <sys/param.h>
39 #include <sys/capsicum.h>
40 #include <sys/_bitset.h>
41 #include <sys/bitset.h>
42 #include <sys/errno.h>
43 #include <sys/time.h>
44 #include <sys/uio.h>
45 #include <sys/event.h>
46 #include <sys/ktrace.h>
47 #include <sys/mman.h>
48 #include <sys/ioctl.h>
49 #include <sys/inotify.h>
50 #include <sys/poll.h>
51 #include <sys/socket.h>
52 #include <sys/stat.h>
53 #include <sys/sysent.h>
54 #include <sys/thr.h>
55 #include <sys/umtx.h>
56 #include <sys/un.h>
57 #include <sys/queue.h>
58 #include <sys/wait.h>
59 #ifdef WITH_CASPER
60 #include <sys/nv.h>
61 #endif
62 #include <arpa/inet.h>
63 #include <netinet/in.h>
64 #include <netlink/netlink.h>
65 #include <ctype.h>
66 #include <capsicum_helpers.h>
67 #include <err.h>
68 #include <grp.h>
69 #include <inttypes.h>
70 #include <locale.h>
71 #include <netdb.h>
72 #include <nl_types.h>
73 #include <pwd.h>
74 #include <stddef.h>
75 #include <stdio.h>
76 #include <stdlib.h>
77 #include <string.h>
78 #include <sysdecode.h>
79 #include <time.h>
80 #include <unistd.h>
81 #include <vis.h>
82 #include "ktrace.h"
83 #include "kdump.h"
84
85 #ifdef WITH_CASPER
86 #include <libcasper.h>
87
88 #include <casper/cap_grp.h>
89 #include <casper/cap_pwd.h>
90 #endif
91
92 static int fetchprocinfo(struct ktr_header *, u_int *);
93 static u_int findabi(struct ktr_header *);
94 static int fread_tail(void *, int, int);
95 static void dumpheader(struct ktr_header *, u_int);
96 static void dumptimeval(struct ktr_header_v0 *kth);
97 static void dumptimespec(struct ktr_header *kth);
98 static void ktrsyscall(struct ktr_syscall *, u_int);
99 static void ktrsysret(struct ktr_sysret *, u_int);
100 static void ktrnamei(char *, int);
101 static void hexdump(char *, int, int);
102 static void visdump(char *, int, int);
103 static void ktrgenio(struct ktr_genio *, int);
104 static void ktrpsig(struct ktr_psig *);
105 static void ktrcsw(struct ktr_csw *);
106 static void ktrcsw_old(struct ktr_csw_old *);
107 static void ktruser(int, void *);
108 static void ktrcaprights(cap_rights_t *);
109 static void ktrinotify(struct inotify_event *);
110 static void ktritimerval(struct itimerval *it);
111 static void ktrsockaddr(struct sockaddr *);
112 static void ktrsplice(struct splice *);
113 static void ktrstat(struct stat *);
114 static void ktrstruct(char *, size_t);
115 static void ktrthrparam(struct thr_param *);
116 static void ktrcapfail(struct ktr_cap_fail *);
117 static void ktrfault(struct ktr_fault *);
118 static void ktrfaultend(struct ktr_faultend *);
119 static void ktrkevent(struct kevent *);
120 static void ktrpollfd(struct pollfd *);
121 static void ktrstructarray(struct ktr_struct_array *, size_t);
122 static void ktrbitset(char *, struct bitset *, size_t);
123 static void ktrsyscall_freebsd(struct ktr_syscall *ktr, register_t **resip,
124 int *resnarg, char *resc, u_int sv_flags);
125 static void ktrexecve(char *, int);
126 static void ktrexterr(struct ktr_exterr *);
127 static void usage(void);
128
129 #define TIMESTAMP_NONE 0x0
130 #define TIMESTAMP_ABSOLUTE 0x1
131 #define TIMESTAMP_ELAPSED 0x2
132 #define TIMESTAMP_RELATIVE 0x4
133
134 bool decimal, fancy = true, resolv;
135 static bool abiflag, suppressdata, syscallno, tail, threads, cpuflag;
136 static int timestamp, maxdata;
137 static const char *tracefile = DEF_TRACEFILE;
138 static struct ktr_header ktr_header;
139 static short version;
140
141 #define TIME_FORMAT "%b %e %T %Y"
142 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0)
143
144 struct proc_info
145 {
146 TAILQ_ENTRY(proc_info) info;
147 u_int sv_flags;
148 pid_t pid;
149 };
150
151 static TAILQ_HEAD(trace_procs, proc_info) trace_procs;
152
153 #ifdef WITH_CASPER
154 static cap_channel_t *cappwd, *capgrp;
155
156 static int
cappwdgrp_setup(cap_channel_t ** cappwdp,cap_channel_t ** capgrpp)157 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp)
158 {
159 cap_channel_t *capcas, *cappwdloc, *capgrploc;
160 const char *cmds[1], *fields[1];
161
162 capcas = cap_init();
163 if (capcas == NULL) {
164 err(1, "unable to create casper process");
165 exit(1);
166 }
167 cappwdloc = cap_service_open(capcas, "system.pwd");
168 capgrploc = cap_service_open(capcas, "system.grp");
169 /* Casper capability no longer needed. */
170 cap_close(capcas);
171 if (cappwdloc == NULL || capgrploc == NULL) {
172 if (cappwdloc == NULL)
173 warn("unable to open system.pwd service");
174 if (capgrploc == NULL)
175 warn("unable to open system.grp service");
176 exit(1);
177 }
178 /* Limit system.pwd to only getpwuid() function and pw_name field. */
179 cmds[0] = "getpwuid";
180 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0)
181 err(1, "unable to limit system.pwd service");
182 fields[0] = "pw_name";
183 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0)
184 err(1, "unable to limit system.pwd service");
185 /* Limit system.grp to only getgrgid() function and gr_name field. */
186 cmds[0] = "getgrgid";
187 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0)
188 err(1, "unable to limit system.grp service");
189 fields[0] = "gr_name";
190 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0)
191 err(1, "unable to limit system.grp service");
192
193 *cappwdp = cappwdloc;
194 *capgrpp = capgrploc;
195 return (0);
196 }
197 #endif /* WITH_CASPER */
198
199 void
print_integer_arg(const char * (* decoder)(int),int value)200 print_integer_arg(const char *(*decoder)(int), int value)
201 {
202 const char *str;
203
204 str = decoder(value);
205 if (str != NULL)
206 printf("%s", str);
207 else {
208 if (decimal)
209 printf("<invalid=%d>", value);
210 else
211 printf("<invalid=%#x>", value);
212 }
213 }
214
215 /* Like print_integer_arg but unknown values are treated as valid. */
216 void
print_integer_arg_valid(const char * (* decoder)(int),int value)217 print_integer_arg_valid(const char *(*decoder)(int), int value)
218 {
219 const char *str;
220
221 str = decoder(value);
222 if (str != NULL)
223 printf("%s", str);
224 else {
225 if (decimal)
226 printf("%d", value);
227 else
228 printf("%#x", value);
229 }
230 }
231
232 bool
print_mask_arg_part(bool (* decoder)(FILE *,int,int *),int value,int * rem)233 print_mask_arg_part(bool (*decoder)(FILE *, int, int *), int value, int *rem)
234 {
235
236 printf("%#x<", value);
237 return (decoder(stdout, value, rem));
238 }
239
240 void
print_mask_arg(bool (* decoder)(FILE *,int,int *),int value)241 print_mask_arg(bool (*decoder)(FILE *, int, int *), int value)
242 {
243 bool invalid;
244 int rem;
245
246 invalid = !print_mask_arg_part(decoder, value, &rem);
247 printf(">");
248 if (invalid)
249 printf("<invalid>%u", rem);
250 }
251
252 void
print_mask_arg0(bool (* decoder)(FILE *,int,int *),int value)253 print_mask_arg0(bool (*decoder)(FILE *, int, int *), int value)
254 {
255 bool invalid;
256 int rem;
257
258 if (value == 0) {
259 printf("0");
260 return;
261 }
262 printf("%#x<", value);
263 invalid = !decoder(stdout, value, &rem);
264 printf(">");
265 if (invalid)
266 printf("<invalid>%u", rem);
267 }
268
269 static void
decode_fileflags(fflags_t value)270 decode_fileflags(fflags_t value)
271 {
272 bool invalid;
273 fflags_t rem;
274
275 if (value == 0) {
276 printf("0");
277 return;
278 }
279 printf("%#x<", value);
280 invalid = !sysdecode_fileflags(stdout, value, &rem);
281 printf(">");
282 if (invalid)
283 printf("<invalid>%u", rem);
284 }
285
286 void
decode_filemode(int value)287 decode_filemode(int value)
288 {
289 bool invalid;
290 int rem;
291
292 if (value == 0) {
293 printf("0");
294 return;
295 }
296 printf("%#o<", value);
297 invalid = !sysdecode_filemode(stdout, value, &rem);
298 printf(">");
299 if (invalid)
300 printf("<invalid>%u", rem);
301 }
302
303 void
print_mask_arg32(bool (* decoder)(FILE *,uint32_t,uint32_t *),uint32_t value)304 print_mask_arg32(bool (*decoder)(FILE *, uint32_t, uint32_t *), uint32_t value)
305 {
306 bool invalid;
307 uint32_t rem;
308
309 printf("%#x<", value);
310 invalid = !decoder(stdout, value, &rem);
311 printf(">");
312 if (invalid)
313 printf("<invalid>%u", rem);
314 }
315
316 void
print_mask_argul(bool (* decoder)(FILE *,u_long,u_long *),u_long value)317 print_mask_argul(bool (*decoder)(FILE *, u_long, u_long *), u_long value)
318 {
319 bool invalid;
320 u_long rem;
321
322 if (value == 0) {
323 printf("0");
324 return;
325 }
326 printf("%#lx<", value);
327 invalid = !decoder(stdout, value, &rem);
328 printf(">");
329 if (invalid)
330 printf("<invalid>%lu", rem);
331 }
332
333 int
main(int argc,char * argv[])334 main(int argc, char *argv[])
335 {
336 int ch, ktrlen, size;
337 void *m;
338 int trpoints = ALL_POINTS;
339 int drop_logged;
340 pid_t pid = 0;
341 u_int sv_flags;
342
343 setlocale(LC_CTYPE, "");
344
345 timestamp = TIMESTAMP_NONE;
346
347 while ((ch = getopt(argc,argv,"f:cdElm:np:AHRrSsTt:")) != -1)
348 switch (ch) {
349 case 'A':
350 abiflag = true;
351 break;
352 case 'f':
353 tracefile = optarg;
354 break;
355 case 'c':
356 cpuflag = true;
357 break;
358 case 'd':
359 decimal = true;
360 break;
361 case 'l':
362 tail = true;
363 break;
364 case 'm':
365 maxdata = atoi(optarg);
366 break;
367 case 'n':
368 fancy = false;
369 break;
370 case 'p':
371 pid = atoi(optarg);
372 break;
373 case 'r':
374 resolv = true;
375 break;
376 case 'S':
377 syscallno = true;
378 break;
379 case 's':
380 suppressdata = true;
381 break;
382 case 'E':
383 timestamp |= TIMESTAMP_ELAPSED;
384 break;
385 case 'H':
386 threads = true;
387 break;
388 case 'R':
389 timestamp |= TIMESTAMP_RELATIVE;
390 break;
391 case 'T':
392 timestamp |= TIMESTAMP_ABSOLUTE;
393 break;
394 case 't':
395 trpoints = getpoints(optarg);
396 if (trpoints < 0)
397 errx(1, "unknown trace point in %s", optarg);
398 break;
399 default:
400 usage();
401 }
402
403 if (argc > optind)
404 usage();
405
406 m = malloc(size = 1025);
407 if (m == NULL)
408 errx(1, "%s", strerror(ENOMEM));
409 if (strcmp(tracefile, "-") != 0)
410 if (!freopen(tracefile, "r", stdin))
411 err(1, "%s", tracefile);
412
413 caph_cache_catpages();
414 caph_cache_tzdata();
415
416 #ifdef WITH_CASPER
417 if (resolv) {
418 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) {
419 cappwd = NULL;
420 capgrp = NULL;
421 }
422 }
423 if (!resolv || (cappwd != NULL && capgrp != NULL)) {
424 if (caph_enter() < 0)
425 err(1, "unable to enter capability mode");
426 }
427 #else
428 if (!resolv) {
429 if (caph_enter() < 0)
430 err(1, "unable to enter capability mode");
431 }
432 #endif
433 if (caph_limit_stdio() == -1)
434 err(1, "unable to limit stdio");
435
436 TAILQ_INIT(&trace_procs);
437 drop_logged = 0;
438 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) {
439 if (ktr_header.ktr_type & KTR_VERSIONED) {
440 ktr_header.ktr_type &= ~KTR_VERSIONED;
441 version = ktr_header.ktr_version;
442 } else
443 version = KTR_VERSION0;
444 if (ktr_header.ktr_type & KTR_DROP) {
445 ktr_header.ktr_type &= ~KTR_DROP;
446 if (!drop_logged && threads) {
447 printf(
448 "%6d %6d %-8.*s Events dropped.\n",
449 ktr_header.ktr_pid,
450 ktr_header.ktr_tid > 0 ?
451 (lwpid_t)ktr_header.ktr_tid : 0,
452 MAXCOMLEN, ktr_header.ktr_comm);
453 drop_logged = 1;
454 } else if (!drop_logged) {
455 printf("%6d %-8.*s Events dropped.\n",
456 ktr_header.ktr_pid, MAXCOMLEN,
457 ktr_header.ktr_comm);
458 drop_logged = 1;
459 }
460 }
461 if ((ktrlen = ktr_header.ktr_len) < 0)
462 errx(1, "bogus length 0x%x", ktrlen);
463 if (ktrlen > size) {
464 m = realloc(m, ktrlen+1);
465 if (m == NULL)
466 errx(1, "%s", strerror(ENOMEM));
467 size = ktrlen;
468 }
469 if (version == KTR_VERSION0 &&
470 fseek(stdin, KTR_OFFSET_V0, SEEK_CUR) < 0)
471 errx(1, "%s", strerror(errno));
472 if (ktrlen && fread_tail(m, ktrlen, 1) == 0)
473 errx(1, "data too short");
474 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0)
475 continue;
476 if (pid && ktr_header.ktr_pid != pid &&
477 ktr_header.ktr_tid != pid)
478 continue;
479 if ((trpoints & (1<<ktr_header.ktr_type)) == 0)
480 continue;
481 sv_flags = findabi(&ktr_header);
482 dumpheader(&ktr_header, sv_flags);
483 drop_logged = 0;
484 switch (ktr_header.ktr_type) {
485 case KTR_SYSCALL:
486 ktrsyscall((struct ktr_syscall *)m, sv_flags);
487 break;
488 case KTR_SYSRET:
489 ktrsysret((struct ktr_sysret *)m, sv_flags);
490 break;
491 case KTR_NAMEI:
492 case KTR_SYSCTL:
493 ktrnamei(m, ktrlen);
494 break;
495 case KTR_GENIO:
496 ktrgenio((struct ktr_genio *)m, ktrlen);
497 break;
498 case KTR_PSIG:
499 ktrpsig((struct ktr_psig *)m);
500 break;
501 case KTR_CSW:
502 if (ktrlen == sizeof(struct ktr_csw_old))
503 ktrcsw_old((struct ktr_csw_old *)m);
504 else
505 ktrcsw((struct ktr_csw *)m);
506 break;
507 case KTR_USER:
508 ktruser(ktrlen, m);
509 break;
510 case KTR_STRUCT:
511 ktrstruct(m, ktrlen);
512 break;
513 case KTR_CAPFAIL:
514 ktrcapfail((struct ktr_cap_fail *)m);
515 break;
516 case KTR_FAULT:
517 ktrfault((struct ktr_fault *)m);
518 break;
519 case KTR_FAULTEND:
520 ktrfaultend((struct ktr_faultend *)m);
521 break;
522 case KTR_STRUCT_ARRAY:
523 ktrstructarray((struct ktr_struct_array *)m, ktrlen);
524 break;
525 case KTR_ARGS:
526 case KTR_ENVS:
527 ktrexecve(m, ktrlen);
528 break;
529 case KTR_EXTERR:
530 ktrexterr((struct ktr_exterr *)m);
531 break;
532 default:
533 printf("\n");
534 break;
535 }
536 if (tail)
537 fflush(stdout);
538 }
539 return 0;
540 }
541
542 static int
fread_tail(void * buf,int size,int num)543 fread_tail(void *buf, int size, int num)
544 {
545 int i;
546
547 while ((i = fread(buf, size, num, stdin)) == 0 && tail) {
548 sleep(1);
549 clearerr(stdin);
550 }
551 return (i);
552 }
553
554 static int
fetchprocinfo(struct ktr_header * kth,u_int * flags)555 fetchprocinfo(struct ktr_header *kth, u_int *flags)
556 {
557 struct proc_info *pi;
558
559 switch (kth->ktr_type) {
560 case KTR_PROCCTOR:
561 TAILQ_FOREACH(pi, &trace_procs, info) {
562 if (pi->pid == kth->ktr_pid) {
563 TAILQ_REMOVE(&trace_procs, pi, info);
564 break;
565 }
566 }
567 pi = malloc(sizeof(struct proc_info));
568 if (pi == NULL)
569 errx(1, "%s", strerror(ENOMEM));
570 pi->sv_flags = *flags;
571 pi->pid = kth->ktr_pid;
572 TAILQ_INSERT_TAIL(&trace_procs, pi, info);
573 return (1);
574
575 case KTR_PROCDTOR:
576 TAILQ_FOREACH(pi, &trace_procs, info) {
577 if (pi->pid == kth->ktr_pid) {
578 TAILQ_REMOVE(&trace_procs, pi, info);
579 free(pi);
580 break;
581 }
582 }
583 return (1);
584 }
585
586 return (0);
587 }
588
589 static u_int
findabi(struct ktr_header * kth)590 findabi(struct ktr_header *kth)
591 {
592 struct proc_info *pi;
593
594 TAILQ_FOREACH(pi, &trace_procs, info) {
595 if (pi->pid == kth->ktr_pid) {
596 return (pi->sv_flags);
597 }
598 }
599 return (0);
600 }
601
602 static void
dumptimeval(struct ktr_header_v0 * kth)603 dumptimeval(struct ktr_header_v0 *kth)
604 {
605 static struct timeval prevtime, prevtime_e;
606 struct timeval temp;
607 const char *sign;
608
609 if (timestamp & TIMESTAMP_ABSOLUTE) {
610 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec,
611 kth->ktr_time.tv_usec);
612 }
613 if (timestamp & TIMESTAMP_ELAPSED) {
614 if (prevtime_e.tv_sec == 0)
615 prevtime_e = kth->ktr_time;
616 timersub(&kth->ktr_time, &prevtime_e, &temp);
617 printf("%jd.%06ld ", (intmax_t)temp.tv_sec,
618 temp.tv_usec);
619 }
620 if (timestamp & TIMESTAMP_RELATIVE) {
621 if (prevtime.tv_sec == 0)
622 prevtime = kth->ktr_time;
623 if (timercmp(&kth->ktr_time, &prevtime, <)) {
624 timersub(&prevtime, &kth->ktr_time, &temp);
625 sign = "-";
626 } else {
627 timersub(&kth->ktr_time, &prevtime, &temp);
628 sign = "";
629 }
630 prevtime = kth->ktr_time;
631 printf("%s%jd.%06ld ", sign, (intmax_t)temp.tv_sec,
632 temp.tv_usec);
633 }
634 }
635
636 static void
dumptimespec(struct ktr_header * kth)637 dumptimespec(struct ktr_header *kth)
638 {
639 static struct timespec prevtime, prevtime_e;
640 struct timespec temp;
641 const char *sign;
642
643 if (timestamp & TIMESTAMP_ABSOLUTE) {
644 printf("%jd.%09ld ", (intmax_t)kth->ktr_time.tv_sec,
645 kth->ktr_time.tv_nsec);
646 }
647 if (timestamp & TIMESTAMP_ELAPSED) {
648 if (prevtime_e.tv_sec == 0)
649 prevtime_e = kth->ktr_time;
650 timespecsub(&kth->ktr_time, &prevtime_e, &temp);
651 printf("%jd.%09ld ", (intmax_t)temp.tv_sec,
652 temp.tv_nsec);
653 }
654 if (timestamp & TIMESTAMP_RELATIVE) {
655 if (prevtime.tv_sec == 0)
656 prevtime = kth->ktr_time;
657 if (timespeccmp(&kth->ktr_time, &prevtime, <)) {
658 timespecsub(&prevtime, &kth->ktr_time, &temp);
659 sign = "-";
660 } else {
661 timespecsub(&kth->ktr_time, &prevtime, &temp);
662 sign = "";
663 }
664 prevtime = kth->ktr_time;
665 printf("%s%jd.%09ld ", sign, (intmax_t)temp.tv_sec,
666 temp.tv_nsec);
667 }
668 }
669
670 static const char * const hdr_names[] = {
671 [KTR_SYSCALL] = "CALL",
672 [KTR_SYSRET] = "RET ",
673 [KTR_NAMEI] = "NAMI",
674 [KTR_GENIO] = "GIO ",
675 [KTR_PSIG] = "PSIG",
676 [KTR_CSW] = "CSW ",
677 [KTR_USER] = "USER",
678 [KTR_STRUCT] = "STRU",
679 [KTR_STRUCT_ARRAY] = "STRU",
680 [KTR_SYSCTL] = "SCTL",
681 [KTR_CAPFAIL] = "CAP ",
682 [KTR_FAULT] = "PFLT",
683 [KTR_FAULTEND] = "PRET",
684 [KTR_ARGS] = "ARGS",
685 [KTR_ENVS] = "ENVS",
686 [KTR_EXTERR] = "EERR",
687 };
688
689 static void
dumpheader(struct ktr_header * kth,u_int sv_flags)690 dumpheader(struct ktr_header *kth, u_int sv_flags)
691 {
692 static char unknown[64];
693 const char *abi;
694 const char *arch;
695 const char *type;
696
697 if (kth->ktr_type < 0 || (size_t)kth->ktr_type >= nitems(hdr_names)) {
698 snprintf(unknown, sizeof(unknown), "UNKNOWN(%d)",
699 kth->ktr_type);
700 type = unknown;
701 } else {
702 type = hdr_names[kth->ktr_type];
703 }
704
705 /*
706 * The ktr_tid field was previously the ktr_buffer field, which held
707 * the kernel pointer value for the buffer associated with data
708 * following the record header. It now holds a threadid, but only
709 * for trace files after the change. Older trace files still contain
710 * kernel pointers. Detect this and suppress the results by printing
711 * negative tid's as 0.
712 */
713 if (threads)
714 printf("%6d %6d %-8.*s ", kth->ktr_pid,
715 kth->ktr_tid > 0 ? (lwpid_t)kth->ktr_tid : 0,
716 MAXCOMLEN, kth->ktr_comm);
717 else
718 printf("%6d %-8.*s ", kth->ktr_pid, MAXCOMLEN, kth->ktr_comm);
719 if (timestamp) {
720 if (version == KTR_VERSION0)
721 dumptimeval((struct ktr_header_v0 *)kth);
722 else
723 dumptimespec(kth);
724 }
725 if (cpuflag && version > KTR_VERSION0)
726 printf("%3d ", kth->ktr_cpu);
727 printf("%s ", type);
728 if (abiflag != 0) {
729 switch (sv_flags & SV_ABI_MASK) {
730 case SV_ABI_LINUX:
731 abi = "L";
732 break;
733 case SV_ABI_FREEBSD:
734 abi = "F";
735 break;
736 default:
737 abi = "U";
738 break;
739 }
740
741 if ((sv_flags & SV_LP64) != 0)
742 arch = "64";
743 else if ((sv_flags & SV_ILP32) != 0)
744 arch = "32";
745 else
746 arch = "00";
747
748 printf("%s%s ", abi, arch);
749 }
750 }
751
752 #include <sys/syscall.h>
753
754 static void
ioctlname(unsigned long val)755 ioctlname(unsigned long val)
756 {
757 const char *str;
758
759 str = sysdecode_ioctlname(val);
760 if (str != NULL)
761 printf("%s", str);
762 else if (decimal)
763 printf("%lu", val);
764 else
765 printf("%#lx", val);
766 }
767
768 static enum sysdecode_abi
syscallabi(u_int sv_flags)769 syscallabi(u_int sv_flags)
770 {
771
772 if (sv_flags == 0)
773 return (SYSDECODE_ABI_FREEBSD);
774 switch (sv_flags & SV_ABI_MASK) {
775 case SV_ABI_FREEBSD:
776 return (SYSDECODE_ABI_FREEBSD);
777 case SV_ABI_LINUX:
778 #ifdef __LP64__
779 if (sv_flags & SV_ILP32)
780 return (SYSDECODE_ABI_LINUX32);
781 #endif
782 return (SYSDECODE_ABI_LINUX);
783 default:
784 return (SYSDECODE_ABI_UNKNOWN);
785 }
786 }
787
788 static void
syscallname(u_int code,u_int sv_flags)789 syscallname(u_int code, u_int sv_flags)
790 {
791 const char *name;
792
793 name = sysdecode_syscallname(syscallabi(sv_flags), code);
794 if (name == NULL)
795 printf("[%d]", code);
796 else {
797 printf("%s", name);
798 if (syscallno)
799 printf("[%d]", code);
800 }
801 }
802
803 static void
print_signal(int signo)804 print_signal(int signo)
805 {
806 const char *signame;
807
808 signame = sysdecode_signal(signo);
809 if (signame != NULL)
810 printf("%s", signame);
811 else
812 printf("SIG %d", signo);
813 }
814
815 static void
ktrsyscall(struct ktr_syscall * ktr,u_int sv_flags)816 ktrsyscall(struct ktr_syscall *ktr, u_int sv_flags)
817 {
818 int narg = ktr->ktr_narg;
819 register_t *ip;
820
821 syscallname(ktr->ktr_code, sv_flags);
822 ip = &ktr->ktr_args[0];
823 if (narg) {
824 char c = '(';
825 if (fancy) {
826 switch (sv_flags & SV_ABI_MASK) {
827 case SV_ABI_FREEBSD:
828 ktrsyscall_freebsd(ktr, &ip, &narg, &c,
829 sv_flags);
830 break;
831 #ifdef SYSDECODE_HAVE_LINUX
832 case SV_ABI_LINUX:
833 #ifdef __amd64__
834 if (sv_flags & SV_ILP32)
835 ktrsyscall_linux32(ktr, &ip,
836 &narg, &c);
837 else
838 #endif
839 ktrsyscall_linux(ktr, &ip, &narg, &c);
840 break;
841 #endif /* SYSDECODE_HAVE_LINUX */
842 }
843 }
844 while (narg > 0)
845 print_number(ip, narg, c);
846 putchar(')');
847 }
848 putchar('\n');
849 }
850
851 static void
ktrsyscall_freebsd(struct ktr_syscall * ktr,register_t ** resip,int * resnarg,char * resc,u_int sv_flags)852 ktrsyscall_freebsd(struct ktr_syscall *ktr, register_t **resip,
853 int *resnarg, char *resc, u_int sv_flags)
854 {
855 int narg = ktr->ktr_narg;
856 register_t *ip, *first;
857 intmax_t arg;
858 int quad_align, quad_slots;
859
860 ip = first = &ktr->ktr_args[0];
861 char c = *resc;
862
863 quad_align = 0;
864 if (sv_flags & SV_ILP32) {
865 #ifdef __powerpc__
866 quad_align = 1;
867 #endif
868 quad_slots = 2;
869 } else
870 quad_slots = 1;
871 switch (ktr->ktr_code) {
872 case SYS_bindat:
873 case SYS_chflagsat:
874 case SYS_connectat:
875 case SYS_faccessat:
876 case SYS_fchmodat:
877 case SYS_fchownat:
878 case SYS_fstatat:
879 case SYS_futimesat:
880 case SYS_linkat:
881 case SYS_mkdirat:
882 case SYS_mkfifoat:
883 case SYS_mknodat:
884 case SYS_openat:
885 case SYS_readlinkat:
886 case SYS_renameat:
887 case SYS_unlinkat:
888 case SYS_utimensat:
889 putchar('(');
890 print_integer_arg_valid(sysdecode_atfd, *ip);
891 c = ',';
892 ip++;
893 narg--;
894 break;
895 }
896 switch (ktr->ktr_code) {
897 case SYS_ioctl: {
898 print_number(ip, narg, c);
899 putchar(c);
900 ioctlname(*ip);
901 c = ',';
902 ip++;
903 narg--;
904 break;
905 }
906 case SYS_ptrace:
907 putchar('(');
908 print_integer_arg(sysdecode_ptrace_request, *ip);
909 c = ',';
910 ip++;
911 narg--;
912 break;
913 case SYS_access:
914 case SYS_eaccess:
915 case SYS_faccessat:
916 print_number(ip, narg, c);
917 putchar(',');
918 print_mask_arg(sysdecode_access_mode, *ip);
919 ip++;
920 narg--;
921 break;
922 case SYS_close_range:
923 print_number(ip, narg, c);
924 print_number(ip, narg, c);
925 putchar(',');
926 print_mask_arg0(sysdecode_close_range_flags,
927 *ip);
928 ip += 3;
929 narg -= 3;
930 break;
931 case SYS_open:
932 case SYS_openat:
933 print_number(ip, narg, c);
934 putchar(',');
935 print_mask_arg(sysdecode_open_flags, ip[0]);
936 if ((ip[0] & O_CREAT) == O_CREAT) {
937 putchar(',');
938 decode_filemode(ip[1]);
939 }
940 ip += 2;
941 narg -= 2;
942 break;
943 case SYS_wait4:
944 *ip = (pid_t)*ip;
945 print_decimal_number(ip, narg, c);
946 print_number(ip, narg, c);
947 putchar(',');
948 print_mask_arg0(sysdecode_wait4_options, *ip);
949 ip++;
950 narg--;
951 break;
952 case SYS_wait6:
953 putchar('(');
954 print_integer_arg(sysdecode_idtype, *ip);
955 c = ',';
956 ip++;
957 narg--;
958 print_decimal_number64(first, ip, narg, c);
959 print_number(ip, narg, c);
960 putchar(',');
961 print_mask_arg(sysdecode_wait6_options, *ip);
962 ip++;
963 narg--;
964 break;
965 case SYS_chmod:
966 case SYS_fchmod:
967 case SYS_lchmod:
968 case SYS_fchmodat:
969 print_number(ip, narg, c);
970 putchar(',');
971 decode_filemode(*ip);
972 ip++;
973 narg--;
974 break;
975 case SYS_mknodat:
976 print_number(ip, narg, c);
977 putchar(',');
978 decode_filemode(*ip);
979 ip++;
980 narg--;
981 break;
982 case SYS_getfsstat:
983 print_number(ip, narg, c);
984 print_number(ip, narg, c);
985 putchar(',');
986 print_integer_arg(sysdecode_getfsstat_mode, *ip);
987 ip++;
988 narg--;
989 break;
990 case SYS_mount:
991 print_number(ip, narg, c);
992 print_number(ip, narg, c);
993 putchar(',');
994 print_mask_arg0(sysdecode_mount_flags, *ip);
995 ip++;
996 narg--;
997 break;
998 case SYS_unmount:
999 print_number(ip, narg, c);
1000 putchar(',');
1001 print_mask_arg0(sysdecode_mount_flags, *ip);
1002 ip++;
1003 narg--;
1004 break;
1005 case SYS_recvmsg:
1006 case SYS_sendmsg:
1007 print_number(ip, narg, c);
1008 print_number(ip, narg, c);
1009 putchar(',');
1010 print_mask_arg0(sysdecode_msg_flags, *ip);
1011 ip++;
1012 narg--;
1013 break;
1014 case SYS_recvfrom:
1015 case SYS_sendto:
1016 print_number(ip, narg, c);
1017 print_number(ip, narg, c);
1018 print_number(ip, narg, c);
1019 putchar(',');
1020 print_mask_arg0(sysdecode_msg_flags, *ip);
1021 ip++;
1022 narg--;
1023 break;
1024 case SYS_chflags:
1025 case SYS_chflagsat:
1026 case SYS_fchflags:
1027 case SYS_lchflags:
1028 print_number(ip, narg, c);
1029 putchar(',');
1030 decode_fileflags(*ip);
1031 ip++;
1032 narg--;
1033 break;
1034 case SYS_kill:
1035 *ip = (pid_t)*ip;
1036 print_decimal_number(ip, narg, c);
1037 putchar(',');
1038 print_signal(*ip);
1039 ip++;
1040 narg--;
1041 break;
1042 case SYS_reboot:
1043 putchar('(');
1044 print_mask_arg(sysdecode_reboot_howto, *ip);
1045 ip++;
1046 narg--;
1047 break;
1048 case SYS_umask:
1049 putchar('(');
1050 decode_filemode(*ip);
1051 ip++;
1052 narg--;
1053 break;
1054 case SYS_msync:
1055 print_number(ip, narg, c);
1056 print_number(ip, narg, c);
1057 putchar(',');
1058 print_mask_arg(sysdecode_msync_flags, *ip);
1059 ip++;
1060 narg--;
1061 break;
1062 #ifdef SYS_freebsd6_mmap
1063 case SYS_freebsd6_mmap:
1064 print_number(ip, narg, c);
1065 print_number(ip, narg, c);
1066 putchar(',');
1067 print_mask_arg(sysdecode_mmap_prot, *ip);
1068 putchar(',');
1069 ip++;
1070 narg--;
1071 print_mask_arg(sysdecode_mmap_flags, *ip);
1072 ip++;
1073 narg--;
1074 break;
1075 #endif
1076 case SYS_mmap:
1077 print_number(ip, narg, c);
1078 print_number(ip, narg, c);
1079 putchar(',');
1080 print_mask_arg(sysdecode_mmap_prot, *ip);
1081 putchar(',');
1082 ip++;
1083 narg--;
1084 print_mask_arg(sysdecode_mmap_flags, *ip);
1085 ip++;
1086 narg--;
1087 break;
1088 case SYS_mprotect:
1089 print_number(ip, narg, c);
1090 print_number(ip, narg, c);
1091 putchar(',');
1092 print_mask_arg(sysdecode_mmap_prot, *ip);
1093 ip++;
1094 narg--;
1095 break;
1096 case SYS_madvise:
1097 print_number(ip, narg, c);
1098 print_number(ip, narg, c);
1099 putchar(',');
1100 print_integer_arg(sysdecode_madvice, *ip);
1101 ip++;
1102 narg--;
1103 break;
1104 case SYS_pathconf:
1105 case SYS_lpathconf:
1106 case SYS_fpathconf:
1107 print_number(ip, narg, c);
1108 putchar(',');
1109 print_integer_arg(sysdecode_pathconf_name, *ip);
1110 ip++;
1111 narg--;
1112 break;
1113 case SYS_getpriority:
1114 case SYS_setpriority:
1115 putchar('(');
1116 print_integer_arg(sysdecode_prio_which, *ip);
1117 c = ',';
1118 ip++;
1119 narg--;
1120 break;
1121 case SYS_fcntl:
1122 print_number(ip, narg, c);
1123 putchar(',');
1124 print_integer_arg(sysdecode_fcntl_cmd, ip[0]);
1125 if (sysdecode_fcntl_arg_p(ip[0])) {
1126 putchar(',');
1127 if (ip[0] == F_SETFL)
1128 print_mask_arg(
1129 sysdecode_fcntl_fileflags,
1130 ip[1]);
1131 else
1132 sysdecode_fcntl_arg(stdout,
1133 ip[0], ip[1],
1134 decimal ? 10 : 16);
1135 }
1136 ip += 2;
1137 narg -= 2;
1138 break;
1139 case SYS_socket: {
1140 int sockdomain;
1141 putchar('(');
1142 sockdomain = *ip;
1143 print_integer_arg(sysdecode_socketdomain,
1144 sockdomain);
1145 ip++;
1146 narg--;
1147 putchar(',');
1148 print_mask_arg(sysdecode_socket_type, *ip);
1149 ip++;
1150 narg--;
1151 if (sockdomain == PF_INET ||
1152 sockdomain == PF_INET6) {
1153 putchar(',');
1154 print_integer_arg(sysdecode_ipproto,
1155 *ip);
1156 ip++;
1157 narg--;
1158 }
1159 c = ',';
1160 break;
1161 }
1162 case SYS_setsockopt:
1163 case SYS_getsockopt: {
1164 const char *str;
1165
1166 print_number(ip, narg, c);
1167 putchar(',');
1168 print_integer_arg_valid(sysdecode_sockopt_level,
1169 *ip);
1170 str = sysdecode_sockopt_name(ip[0], ip[1]);
1171 if (str != NULL) {
1172 printf(",%s", str);
1173 ip++;
1174 narg--;
1175 }
1176 ip++;
1177 narg--;
1178 break;
1179 }
1180 #ifdef SYS_freebsd6_lseek
1181 case SYS_freebsd6_lseek:
1182 print_number(ip, narg, c);
1183 /* Hidden 'pad' argument, not in lseek(2) */
1184 print_number(ip, narg, c);
1185 print_number64(first, ip, narg, c);
1186 putchar(',');
1187 print_integer_arg(sysdecode_whence, *ip);
1188 ip++;
1189 narg--;
1190 break;
1191 #endif
1192 case SYS_lseek:
1193 print_number(ip, narg, c);
1194 print_number64(first, ip, narg, c);
1195 putchar(',');
1196 print_integer_arg(sysdecode_whence, *ip);
1197 ip++;
1198 narg--;
1199 break;
1200 case SYS_flock:
1201 print_number(ip, narg, c);
1202 putchar(',');
1203 print_mask_arg(sysdecode_flock_operation, *ip);
1204 ip++;
1205 narg--;
1206 break;
1207 case SYS_mkfifo:
1208 case SYS_mkfifoat:
1209 case SYS_mkdir:
1210 case SYS_mkdirat:
1211 print_number(ip, narg, c);
1212 putchar(',');
1213 decode_filemode(*ip);
1214 ip++;
1215 narg--;
1216 break;
1217 case SYS_shutdown:
1218 print_number(ip, narg, c);
1219 putchar(',');
1220 print_integer_arg(sysdecode_shutdown_how, *ip);
1221 ip++;
1222 narg--;
1223 break;
1224 case SYS_socketpair:
1225 putchar('(');
1226 print_integer_arg(sysdecode_socketdomain, *ip);
1227 ip++;
1228 narg--;
1229 putchar(',');
1230 print_mask_arg(sysdecode_socket_type, *ip);
1231 ip++;
1232 narg--;
1233 c = ',';
1234 break;
1235 case SYS_getrlimit:
1236 case SYS_setrlimit:
1237 putchar('(');
1238 print_integer_arg(sysdecode_rlimit, *ip);
1239 ip++;
1240 narg--;
1241 c = ',';
1242 break;
1243 case SYS_getrusage:
1244 putchar('(');
1245 print_integer_arg(sysdecode_getrusage_who, *ip);
1246 ip++;
1247 narg--;
1248 c = ',';
1249 break;
1250 case SYS_quotactl:
1251 print_number(ip, narg, c);
1252 putchar(',');
1253 if (!sysdecode_quotactl_cmd(stdout, *ip)) {
1254 if (decimal)
1255 printf("<invalid=%d>", (int)*ip);
1256 else
1257 printf("<invalid=%#x>",
1258 (int)*ip);
1259 }
1260 ip++;
1261 narg--;
1262 c = ',';
1263 break;
1264 case SYS_nfssvc:
1265 putchar('(');
1266 print_integer_arg(sysdecode_nfssvc_flags, *ip);
1267 ip++;
1268 narg--;
1269 c = ',';
1270 break;
1271 case SYS_rtprio:
1272 case SYS_rtprio_thread:
1273 putchar('(');
1274 print_integer_arg(sysdecode_rtprio_function,
1275 *ip);
1276 ip++;
1277 narg--;
1278 c = ',';
1279 break;
1280 case SYS___semctl:
1281 print_number(ip, narg, c);
1282 print_number(ip, narg, c);
1283 putchar(',');
1284 print_integer_arg(sysdecode_semctl_cmd, *ip);
1285 ip++;
1286 narg--;
1287 break;
1288 case SYS_semget:
1289 print_number(ip, narg, c);
1290 print_number(ip, narg, c);
1291 putchar(',');
1292 print_mask_arg(sysdecode_semget_flags, *ip);
1293 ip++;
1294 narg--;
1295 break;
1296 case SYS_msgctl:
1297 print_number(ip, narg, c);
1298 putchar(',');
1299 print_integer_arg(sysdecode_msgctl_cmd, *ip);
1300 ip++;
1301 narg--;
1302 break;
1303 case SYS_shmat:
1304 print_number(ip, narg, c);
1305 print_number(ip, narg, c);
1306 putchar(',');
1307 print_mask_arg(sysdecode_shmat_flags, *ip);
1308 ip++;
1309 narg--;
1310 break;
1311 case SYS_shmctl:
1312 print_number(ip, narg, c);
1313 putchar(',');
1314 print_integer_arg(sysdecode_shmctl_cmd, *ip);
1315 ip++;
1316 narg--;
1317 break;
1318 #ifdef SYS_freebsd12_shm_open
1319 case SYS_freebsd12_shm_open:
1320 if (ip[0] == (uintptr_t)SHM_ANON) {
1321 printf("(SHM_ANON");
1322 ip++;
1323 } else {
1324 print_number(ip, narg, c);
1325 }
1326 putchar(',');
1327 print_mask_arg(sysdecode_open_flags, ip[0]);
1328 putchar(',');
1329 decode_filemode(ip[1]);
1330 ip += 2;
1331 narg -= 2;
1332 break;
1333 #endif
1334 case SYS_shm_open2:
1335 if (ip[0] == (uintptr_t)SHM_ANON) {
1336 printf("(SHM_ANON");
1337 ip++;
1338 } else {
1339 print_number(ip, narg, c);
1340 }
1341 putchar(',');
1342 print_mask_arg(sysdecode_open_flags, ip[0]);
1343 putchar(',');
1344 decode_filemode(ip[1]);
1345 putchar(',');
1346 print_mask_arg(sysdecode_shmflags, ip[2]);
1347 ip += 3;
1348 narg -= 3;
1349 break;
1350 case SYS_minherit:
1351 print_number(ip, narg, c);
1352 print_number(ip, narg, c);
1353 putchar(',');
1354 print_integer_arg(sysdecode_minherit_inherit,
1355 *ip);
1356 ip++;
1357 narg--;
1358 break;
1359 case SYS_rfork:
1360 putchar('(');
1361 print_mask_arg(sysdecode_rfork_flags, *ip);
1362 ip++;
1363 narg--;
1364 c = ',';
1365 break;
1366 case SYS_lio_listio:
1367 putchar('(');
1368 print_integer_arg(sysdecode_lio_listio_mode,
1369 *ip);
1370 ip++;
1371 narg--;
1372 c = ',';
1373 break;
1374 case SYS_mlockall:
1375 putchar('(');
1376 print_mask_arg(sysdecode_mlockall_flags, *ip);
1377 ip++;
1378 narg--;
1379 break;
1380 case SYS_sched_setscheduler:
1381 print_number(ip, narg, c);
1382 putchar(',');
1383 print_integer_arg(sysdecode_scheduler_policy,
1384 *ip);
1385 ip++;
1386 narg--;
1387 break;
1388 case SYS_sched_get_priority_max:
1389 case SYS_sched_get_priority_min:
1390 putchar('(');
1391 print_integer_arg(sysdecode_scheduler_policy,
1392 *ip);
1393 ip++;
1394 narg--;
1395 break;
1396 case SYS_sendfile:
1397 print_number(ip, narg, c);
1398 print_number(ip, narg, c);
1399 print_number(ip, narg, c);
1400 print_number(ip, narg, c);
1401 print_number(ip, narg, c);
1402 print_number(ip, narg, c);
1403 putchar(',');
1404 print_mask_arg(sysdecode_sendfile_flags, *ip);
1405 ip++;
1406 narg--;
1407 break;
1408 case SYS_kldsym:
1409 print_number(ip, narg, c);
1410 putchar(',');
1411 print_integer_arg(sysdecode_kldsym_cmd, *ip);
1412 ip++;
1413 narg--;
1414 break;
1415 case SYS_sigprocmask:
1416 putchar('(');
1417 print_integer_arg(sysdecode_sigprocmask_how,
1418 *ip);
1419 ip++;
1420 narg--;
1421 c = ',';
1422 break;
1423 case SYS___acl_get_file:
1424 case SYS___acl_set_file:
1425 case SYS___acl_get_fd:
1426 case SYS___acl_set_fd:
1427 case SYS___acl_delete_file:
1428 case SYS___acl_delete_fd:
1429 case SYS___acl_aclcheck_file:
1430 case SYS___acl_aclcheck_fd:
1431 case SYS___acl_get_link:
1432 case SYS___acl_set_link:
1433 case SYS___acl_delete_link:
1434 case SYS___acl_aclcheck_link:
1435 print_number(ip, narg, c);
1436 putchar(',');
1437 print_integer_arg(sysdecode_acltype, *ip);
1438 ip++;
1439 narg--;
1440 break;
1441 case SYS_sigaction:
1442 putchar('(');
1443 print_signal(*ip);
1444 ip++;
1445 narg--;
1446 c = ',';
1447 break;
1448 case SYS_extattrctl:
1449 print_number(ip, narg, c);
1450 putchar(',');
1451 print_integer_arg(sysdecode_extattrnamespace,
1452 *ip);
1453 ip++;
1454 narg--;
1455 break;
1456 case SYS_nmount:
1457 print_number(ip, narg, c);
1458 print_number(ip, narg, c);
1459 putchar(',');
1460 print_mask_arg0(sysdecode_mount_flags, *ip);
1461 ip++;
1462 narg--;
1463 break;
1464 case SYS_thr_create:
1465 print_number(ip, narg, c);
1466 print_number(ip, narg, c);
1467 putchar(',');
1468 print_mask_arg(sysdecode_thr_create_flags, *ip);
1469 ip++;
1470 narg--;
1471 break;
1472 case SYS_thr_kill:
1473 print_number(ip, narg, c);
1474 putchar(',');
1475 print_signal(*ip);
1476 ip++;
1477 narg--;
1478 break;
1479 case SYS_kldunloadf:
1480 print_number(ip, narg, c);
1481 putchar(',');
1482 print_integer_arg(sysdecode_kldunload_flags,
1483 *ip);
1484 ip++;
1485 narg--;
1486 break;
1487 case SYS_linkat:
1488 case SYS_renameat:
1489 case SYS_symlinkat:
1490 print_number(ip, narg, c);
1491 putchar(',');
1492 print_integer_arg_valid(sysdecode_atfd, *ip);
1493 ip++;
1494 narg--;
1495 print_number(ip, narg, c);
1496 break;
1497 case SYS_cap_fcntls_limit:
1498 print_number(ip, narg, c);
1499 putchar(',');
1500 arg = *ip;
1501 ip++;
1502 narg--;
1503 print_mask_arg32(sysdecode_cap_fcntlrights, arg);
1504 break;
1505 case SYS_posix_fadvise:
1506 print_number(ip, narg, c);
1507 print_number(ip, narg, c);
1508 print_number(ip, narg, c);
1509 (void)putchar(',');
1510 print_integer_arg(sysdecode_fadvice, *ip);
1511 ip++;
1512 narg--;
1513 break;
1514 case SYS_procctl:
1515 putchar('(');
1516 print_integer_arg(sysdecode_idtype, *ip);
1517 c = ',';
1518 ip++;
1519 narg--;
1520 print_number64(first, ip, narg, c);
1521 putchar(',');
1522 print_integer_arg(sysdecode_procctl_cmd, *ip);
1523 ip++;
1524 narg--;
1525 break;
1526 case SYS__umtx_op: {
1527 int op;
1528
1529 print_number(ip, narg, c);
1530 putchar(',');
1531 if (print_mask_arg_part(sysdecode_umtx_op_flags,
1532 *ip, &op))
1533 putchar('|');
1534 print_integer_arg(sysdecode_umtx_op, op);
1535 putchar('>');
1536 switch (*ip) {
1537 case UMTX_OP_CV_WAIT:
1538 ip++;
1539 narg--;
1540 putchar(',');
1541 print_mask_argul(
1542 sysdecode_umtx_cvwait_flags, *ip);
1543 break;
1544 case UMTX_OP_RW_RDLOCK:
1545 ip++;
1546 narg--;
1547 putchar(',');
1548 print_mask_argul(
1549 sysdecode_umtx_rwlock_flags, *ip);
1550 break;
1551 }
1552 ip++;
1553 narg--;
1554 break;
1555 }
1556 case SYS_ftruncate:
1557 case SYS_truncate:
1558 print_number(ip, narg, c);
1559 print_number64(first, ip, narg, c);
1560 break;
1561 case SYS_fchownat:
1562 print_number(ip, narg, c);
1563 print_number(ip, narg, c);
1564 print_number(ip, narg, c);
1565 break;
1566 case SYS_fstatat:
1567 case SYS_utimensat:
1568 print_number(ip, narg, c);
1569 print_number(ip, narg, c);
1570 break;
1571 case SYS_unlinkat:
1572 print_number(ip, narg, c);
1573 break;
1574 case SYS_sysarch:
1575 putchar('(');
1576 print_integer_arg(sysdecode_sysarch_number, *ip);
1577 ip++;
1578 narg--;
1579 c = ',';
1580 break;
1581 case SYS_getitimer:
1582 case SYS_setitimer:
1583 putchar('(');
1584 print_integer_arg(sysdecode_itimer, *ip);
1585 ip++;
1586 narg--;
1587 c = ',';
1588 break;
1589 }
1590 switch (ktr->ktr_code) {
1591 case SYS_chflagsat:
1592 case SYS_fchownat:
1593 case SYS_faccessat:
1594 case SYS_fchmodat:
1595 case SYS_fstatat:
1596 case SYS_linkat:
1597 case SYS_unlinkat:
1598 case SYS_utimensat:
1599 putchar(',');
1600 print_mask_arg0(sysdecode_atflags, *ip);
1601 ip++;
1602 narg--;
1603 break;
1604 }
1605 *resc = c;
1606 *resip = ip;
1607 *resnarg = narg;
1608 }
1609
1610 static void
ktrsysret(struct ktr_sysret * ktr,u_int sv_flags)1611 ktrsysret(struct ktr_sysret *ktr, u_int sv_flags)
1612 {
1613 register_t ret = ktr->ktr_retval;
1614 int error = ktr->ktr_error;
1615
1616 syscallname(ktr->ktr_code, sv_flags);
1617 printf(" ");
1618
1619 if (error == 0) {
1620 if (fancy) {
1621 printf("%ld", (long)ret);
1622 if (ret < 0 || ret > 9)
1623 printf("/%#lx", (unsigned long)ret);
1624 } else {
1625 if (decimal)
1626 printf("%ld", (long)ret);
1627 else
1628 printf("%#lx", (unsigned long)ret);
1629 }
1630 } else if (error == ERESTART)
1631 printf("RESTART");
1632 else if (error == EJUSTRETURN)
1633 printf("JUSTRETURN");
1634 else {
1635 printf("-1 errno %d", sysdecode_freebsd_to_abi_errno(
1636 syscallabi(sv_flags), error));
1637 if (fancy)
1638 printf(" %s", strerror(ktr->ktr_error));
1639 }
1640 putchar('\n');
1641 }
1642
1643 static void
ktrnamei(char * cp,int len)1644 ktrnamei(char *cp, int len)
1645 {
1646 printf("\"%.*s\"\n", len, cp);
1647 }
1648
1649 static void
ktrexecve(char * m,int len)1650 ktrexecve(char *m, int len)
1651 {
1652 int i = 0;
1653
1654 while (i < len) {
1655 printf("\"%s\"", m + i);
1656 i += strlen(m + i) + 1;
1657 if (i != len) {
1658 printf(", ");
1659 }
1660 }
1661 printf("\n");
1662 }
1663
1664 static void
hexdump(char * p,int len,int screenwidth)1665 hexdump(char *p, int len, int screenwidth)
1666 {
1667 int n, i;
1668 int width;
1669
1670 width = 0;
1671 do {
1672 width += 2;
1673 i = 13; /* base offset */
1674 i += (width / 2) + 1; /* spaces every second byte */
1675 i += (width * 2); /* width of bytes */
1676 i += 3; /* " |" */
1677 i += width; /* each byte */
1678 i += 1; /* "|" */
1679 } while (i < screenwidth);
1680 width -= 2;
1681
1682 for (n = 0; n < len; n += width) {
1683 for (i = n; i < n + width; i++) {
1684 if ((i % width) == 0) { /* beginning of line */
1685 printf(" 0x%04x", i);
1686 }
1687 if ((i % 2) == 0) {
1688 printf(" ");
1689 }
1690 if (i < len)
1691 printf("%02x", p[i] & 0xff);
1692 else
1693 printf(" ");
1694 }
1695 printf(" |");
1696 for (i = n; i < n + width; i++) {
1697 if (i >= len)
1698 break;
1699 if (p[i] >= ' ' && p[i] <= '~')
1700 printf("%c", p[i]);
1701 else
1702 printf(".");
1703 }
1704 printf("|\n");
1705 }
1706 if ((i % width) != 0)
1707 printf("\n");
1708 }
1709
1710 static void
visdump(char * dp,int datalen,int screenwidth)1711 visdump(char *dp, int datalen, int screenwidth)
1712 {
1713 int col = 0;
1714 char *cp;
1715 int width;
1716 char visbuf[5];
1717
1718 printf(" \"");
1719 col = 8;
1720 for (;datalen > 0; datalen--, dp++) {
1721 vis(visbuf, *dp, VIS_CSTYLE | VIS_NOLOCALE, *(dp+1));
1722 cp = visbuf;
1723 /*
1724 * Keep track of printables and
1725 * space chars (like fold(1)).
1726 */
1727 if (col == 0) {
1728 putchar('\t');
1729 col = 8;
1730 }
1731 switch(*cp) {
1732 case '\n':
1733 col = 0;
1734 putchar('\n');
1735 continue;
1736 case '\t':
1737 width = 8 - (col&07);
1738 break;
1739 default:
1740 width = strlen(cp);
1741 }
1742 if (col + width > (screenwidth-2)) {
1743 printf("\\\n\t");
1744 col = 8;
1745 }
1746 col += width;
1747 do {
1748 putchar(*cp++);
1749 } while (*cp);
1750 }
1751 if (col == 0)
1752 printf(" ");
1753 printf("\"\n");
1754 }
1755
1756 static void
ktrgenio(struct ktr_genio * ktr,int len)1757 ktrgenio(struct ktr_genio *ktr, int len)
1758 {
1759 int datalen = len - sizeof (struct ktr_genio);
1760 char *dp = (char *)ktr + sizeof (struct ktr_genio);
1761 static int screenwidth = 0;
1762 int i, binary;
1763
1764 printf("fd %d %s %d byte%s\n", ktr->ktr_fd,
1765 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen,
1766 datalen == 1 ? "" : "s");
1767 if (suppressdata)
1768 return;
1769 if (screenwidth == 0) {
1770 struct winsize ws;
1771
1772 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 &&
1773 ws.ws_col > 8)
1774 screenwidth = ws.ws_col;
1775 else
1776 screenwidth = 80;
1777 }
1778 if (maxdata && datalen > maxdata)
1779 datalen = maxdata;
1780
1781 for (i = 0, binary = 0; i < datalen && binary == 0; i++) {
1782 if (dp[i] >= 32 && dp[i] < 127)
1783 continue;
1784 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9)
1785 continue;
1786 binary = 1;
1787 }
1788 if (binary)
1789 hexdump(dp, datalen, screenwidth);
1790 else
1791 visdump(dp, datalen, screenwidth);
1792 }
1793
1794 static void
ktrpsig(struct ktr_psig * psig)1795 ktrpsig(struct ktr_psig *psig)
1796 {
1797 const char *str;
1798
1799 print_signal(psig->signo);
1800 if (psig->action == SIG_DFL) {
1801 printf(" SIG_DFL");
1802 } else {
1803 printf(" caught handler=0x%lx mask=0x%x",
1804 (u_long)psig->action, psig->mask.__bits[0]);
1805 }
1806 printf(" code=");
1807 str = sysdecode_sigcode(psig->signo, psig->code);
1808 if (str != NULL)
1809 printf("%s", str);
1810 else
1811 printf("<invalid=%#x>", psig->code);
1812 putchar('\n');
1813 }
1814
1815 static void
ktrcsw_old(struct ktr_csw_old * cs)1816 ktrcsw_old(struct ktr_csw_old *cs)
1817 {
1818 printf("%s %s\n", cs->out ? "stop" : "resume",
1819 cs->user ? "user" : "kernel");
1820 }
1821
1822 static void
ktrcsw(struct ktr_csw * cs)1823 ktrcsw(struct ktr_csw *cs)
1824 {
1825 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume",
1826 cs->user ? "user" : "kernel", cs->wmesg);
1827 }
1828
1829 static void
ktruser(int len,void * p)1830 ktruser(int len, void *p)
1831 {
1832 unsigned char *cp;
1833
1834 if (sysdecode_utrace(stdout, p, len)) {
1835 printf("\n");
1836 return;
1837 }
1838
1839 printf("%d ", len);
1840 cp = p;
1841 while (len--)
1842 if (decimal)
1843 printf(" %d", *cp++);
1844 else
1845 printf(" %02x", *cp++);
1846 printf("\n");
1847 }
1848
1849 static void
ktrcaprights(cap_rights_t * rightsp)1850 ktrcaprights(cap_rights_t *rightsp)
1851 {
1852
1853 printf("cap_rights_t ");
1854 sysdecode_cap_rights(stdout, rightsp);
1855 printf("\n");
1856 }
1857
1858 static void
ktrtimeval(struct timeval * tv)1859 ktrtimeval(struct timeval *tv)
1860 {
1861
1862 printf("{%ld, %ld}", (long)tv->tv_sec, tv->tv_usec);
1863 }
1864
1865 static void
ktrinotify(struct inotify_event * ev)1866 ktrinotify(struct inotify_event *ev)
1867 {
1868 printf(
1869 "inotify { .wd = %d, .mask = %#x, .cookie = %u, .len = %u, .name = %s }\n",
1870 ev->wd, ev->mask, ev->cookie, ev->len, ev->name);
1871 }
1872
1873 static void
ktritimerval(struct itimerval * it)1874 ktritimerval(struct itimerval *it)
1875 {
1876
1877 printf("itimerval { .interval = ");
1878 ktrtimeval(&it->it_interval);
1879 printf(", .value = ");
1880 ktrtimeval(&it->it_value);
1881 printf(" }\n");
1882 }
1883
1884 static void
ktrsockaddr(struct sockaddr * sa)1885 ktrsockaddr(struct sockaddr *sa)
1886 {
1887 /*
1888 TODO: Support additional address families
1889 #include <netsmb/netbios.h>
1890 struct sockaddr_nb *nb;
1891 */
1892 const char *str;
1893 char addr[64];
1894
1895 /*
1896 * note: ktrstruct() has already verified that sa points to a
1897 * buffer at least sizeof(struct sockaddr) bytes long and exactly
1898 * sa->sa_len bytes long.
1899 */
1900 printf("struct sockaddr { ");
1901 str = sysdecode_sockaddr_family(sa->sa_family);
1902 if (str != NULL)
1903 printf("%s", str);
1904 else
1905 printf("<invalid=%d>", sa->sa_family);
1906 printf(", ");
1907
1908 #define check_sockaddr_len(n) \
1909 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \
1910 printf("invalid"); \
1911 break; \
1912 }
1913
1914 switch(sa->sa_family) {
1915 case AF_INET: {
1916 struct sockaddr_in sa_in;
1917
1918 memset(&sa_in, 0, sizeof(sa_in));
1919 memcpy(&sa_in, sa, sa->sa_len);
1920 check_sockaddr_len(in);
1921 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr);
1922 printf("%s:%u", addr, ntohs(sa_in.sin_port));
1923 break;
1924 }
1925 case AF_INET6: {
1926 struct sockaddr_in6 sa_in6;
1927
1928 memset(&sa_in6, 0, sizeof(sa_in6));
1929 memcpy(&sa_in6, sa, sa->sa_len);
1930 check_sockaddr_len(in6);
1931 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6),
1932 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST);
1933 printf("[%s]:%u", addr, htons(sa_in6.sin6_port));
1934 break;
1935 }
1936 case AF_UNIX: {
1937 struct sockaddr_un sa_un;
1938
1939 memset(&sa_un, 0, sizeof(sa_un));
1940 memcpy(&sa_un, sa, sa->sa_len);
1941 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path);
1942 break;
1943 }
1944 case AF_NETLINK: {
1945 struct sockaddr_nl sa_nl;
1946
1947 memset(&sa_nl, 0, sizeof(sa_nl));
1948 memcpy(&sa_nl, sa, sa->sa_len);
1949 printf("netlink[pid=%u, groups=0x%x]",
1950 sa_nl.nl_pid, sa_nl.nl_groups);
1951 break;
1952 }
1953 default:
1954 printf("unknown address family");
1955 }
1956 printf(" }\n");
1957 }
1958
1959 static void
ktrsplice(struct splice * sp)1960 ktrsplice(struct splice *sp)
1961 {
1962 printf("struct splice { fd=%d, max=%#jx, idle=%jd.%06jd }\n",
1963 sp->sp_fd, (uintmax_t)sp->sp_max, (intmax_t)sp->sp_idle.tv_sec,
1964 (intmax_t)sp->sp_idle.tv_usec);
1965 }
1966
1967 static void
ktrthrparam(struct thr_param * tp)1968 ktrthrparam(struct thr_param *tp)
1969 {
1970 printf("thr param { start=%p arg=%p stack_base=%p "
1971 "stack_size=%#zx tls_base=%p tls_size=%#zx child_tidp=%p "
1972 "parent_tidp=%p flags=",
1973 tp->start_func, tp->arg, tp->stack_base, tp->stack_size,
1974 tp->tls_base, tp->tls_size, tp->child_tid, tp->parent_tid);
1975 print_mask_arg(sysdecode_thr_create_flags, tp->flags);
1976 printf(" rtp=%p }\n", tp->rtp);
1977 }
1978
1979 static void
ktrstat(struct stat * statp)1980 ktrstat(struct stat *statp)
1981 {
1982 char mode[12], timestr[PATH_MAX + 4];
1983 struct passwd *pwd;
1984 struct group *grp;
1985 struct tm *tm;
1986
1987 /*
1988 * note: ktrstruct() has already verified that statp points to a
1989 * buffer exactly sizeof(struct stat) bytes long.
1990 */
1991 printf("struct stat {");
1992 printf("dev=%ju, ino=%ju, ",
1993 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino);
1994 if (!resolv)
1995 printf("mode=0%jo, ", (uintmax_t)statp->st_mode);
1996 else {
1997 strmode(statp->st_mode, mode);
1998 printf("mode=%s, ", mode);
1999 }
2000 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink);
2001 if (!resolv) {
2002 pwd = NULL;
2003 } else {
2004 #ifdef WITH_CASPER
2005 if (cappwd != NULL)
2006 pwd = cap_getpwuid(cappwd, statp->st_uid);
2007 else
2008 #endif
2009 pwd = getpwuid(statp->st_uid);
2010 }
2011 if (pwd == NULL)
2012 printf("uid=%ju, ", (uintmax_t)statp->st_uid);
2013 else
2014 printf("uid=\"%s\", ", pwd->pw_name);
2015 if (!resolv) {
2016 grp = NULL;
2017 } else {
2018 #ifdef WITH_CASPER
2019 if (capgrp != NULL)
2020 grp = cap_getgrgid(capgrp, statp->st_gid);
2021 else
2022 #endif
2023 grp = getgrgid(statp->st_gid);
2024 }
2025 if (grp == NULL)
2026 printf("gid=%ju, ", (uintmax_t)statp->st_gid);
2027 else
2028 printf("gid=\"%s\", ", grp->gr_name);
2029 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev);
2030 printf("atime=");
2031 if (!resolv)
2032 printf("%jd", (intmax_t)statp->st_atim.tv_sec);
2033 else {
2034 tm = localtime(&statp->st_atim.tv_sec);
2035 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
2036 printf("\"%s\"", timestr);
2037 }
2038 if (statp->st_atim.tv_nsec != 0)
2039 printf(".%09ld, ", statp->st_atim.tv_nsec);
2040 else
2041 printf(", ");
2042 printf("mtime=");
2043 if (!resolv)
2044 printf("%jd", (intmax_t)statp->st_mtim.tv_sec);
2045 else {
2046 tm = localtime(&statp->st_mtim.tv_sec);
2047 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
2048 printf("\"%s\"", timestr);
2049 }
2050 if (statp->st_mtim.tv_nsec != 0)
2051 printf(".%09ld, ", statp->st_mtim.tv_nsec);
2052 else
2053 printf(", ");
2054 printf("ctime=");
2055 if (!resolv)
2056 printf("%jd", (intmax_t)statp->st_ctim.tv_sec);
2057 else {
2058 tm = localtime(&statp->st_ctim.tv_sec);
2059 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
2060 printf("\"%s\"", timestr);
2061 }
2062 if (statp->st_ctim.tv_nsec != 0)
2063 printf(".%09ld, ", statp->st_ctim.tv_nsec);
2064 else
2065 printf(", ");
2066 printf("birthtime=");
2067 if (!resolv)
2068 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec);
2069 else {
2070 tm = localtime(&statp->st_birthtim.tv_sec);
2071 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
2072 printf("\"%s\"", timestr);
2073 }
2074 if (statp->st_birthtim.tv_nsec != 0)
2075 printf(".%09ld, ", statp->st_birthtim.tv_nsec);
2076 else
2077 printf(", ");
2078 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x",
2079 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize,
2080 (intmax_t)statp->st_blocks, statp->st_flags);
2081 printf(" }\n");
2082 }
2083
2084 static void
ktrbitset(char * name,struct bitset * set,size_t setlen)2085 ktrbitset(char *name, struct bitset *set, size_t setlen)
2086 {
2087 int i, maxi, c = 0;
2088
2089 if (setlen > INT32_MAX)
2090 setlen = INT32_MAX;
2091 maxi = setlen * CHAR_BIT;
2092 printf("%s [ ", name);
2093 for (i = 0; i < maxi; i++) {
2094 if (!BIT_ISSET(setlen, i, set))
2095 continue;
2096 if (c == 0)
2097 printf("%d", i);
2098 else
2099 printf(", %d", i);
2100 c++;
2101 }
2102 if (c == 0)
2103 printf(" empty ]\n");
2104 else
2105 printf(" ]\n");
2106 }
2107
2108 static void
ktrstruct(char * buf,size_t buflen)2109 ktrstruct(char *buf, size_t buflen)
2110 {
2111 char *name, *data;
2112 size_t namelen, datalen;
2113 int i;
2114 cap_rights_t rights;
2115 struct itimerval it;
2116 struct stat sb;
2117 struct sockaddr_storage ss;
2118 struct bitset *set;
2119
2120 for (name = buf, namelen = 0;
2121 namelen < buflen && name[namelen] != '\0';
2122 ++namelen)
2123 /* nothing */;
2124 if (namelen == buflen)
2125 goto invalid;
2126 if (name[namelen] != '\0')
2127 goto invalid;
2128 data = buf + namelen + 1;
2129 datalen = buflen - namelen - 1;
2130 if (datalen == 0)
2131 goto invalid;
2132 /* sanity check */
2133 for (i = 0; i < (int)namelen; ++i)
2134 if (!isalpha(name[i]) && name[i] != '_')
2135 goto invalid;
2136 if (strcmp(name, "caprights") == 0) {
2137 if (datalen != sizeof(cap_rights_t))
2138 goto invalid;
2139 memcpy(&rights, data, datalen);
2140 ktrcaprights(&rights);
2141 } else if (strcmp(name, "inotify") == 0) {
2142 struct inotify_event *ev;
2143
2144 if (datalen < sizeof(struct inotify_event) ||
2145 datalen > sizeof(struct inotify_event) + NAME_MAX + 1)
2146 goto invalid;
2147 ev = malloc(datalen);
2148 if (ev == NULL)
2149 err(1, "malloc");
2150 memcpy(ev, data, datalen);
2151 ktrinotify(ev);
2152 } else if (strcmp(name, "itimerval") == 0) {
2153 if (datalen != sizeof(struct itimerval))
2154 goto invalid;
2155 memcpy(&it, data, datalen);
2156 ktritimerval(&it);
2157 } else if (strcmp(name, "stat") == 0) {
2158 if (datalen != sizeof(struct stat))
2159 goto invalid;
2160 memcpy(&sb, data, datalen);
2161 ktrstat(&sb);
2162 } else if (strcmp(name, "sockaddr") == 0) {
2163 if (datalen > sizeof(ss))
2164 goto invalid;
2165 memcpy(&ss, data, datalen);
2166 if (datalen != ss.ss_len)
2167 goto invalid;
2168 ktrsockaddr((struct sockaddr *)&ss);
2169 } else if (strcmp(name, "cpuset_t") == 0) {
2170 if (datalen < 1)
2171 goto invalid;
2172 set = malloc(datalen);
2173 if (set == NULL)
2174 errx(1, "%s", strerror(ENOMEM));
2175 memcpy(set, data, datalen);
2176 ktrbitset(name, set, datalen);
2177 free(set);
2178 } else if (strcmp(name, "splice") == 0) {
2179 struct splice sp;
2180
2181 if (datalen != sizeof(sp))
2182 goto invalid;
2183 memcpy(&sp, data, datalen);
2184 ktrsplice(&sp);
2185 } else if (strcmp(name, "thrparam") == 0) {
2186 struct thr_param tp;
2187
2188 if (datalen != sizeof(tp))
2189 goto invalid;
2190 memcpy(&tp, data, datalen);
2191 ktrthrparam(&tp);
2192 } else {
2193 #ifdef SYSDECODE_HAVE_LINUX
2194 if (ktrstruct_linux(name, data, datalen) == false)
2195 #endif
2196 printf("unknown structure\n");
2197 }
2198 return;
2199 invalid:
2200 printf("invalid record\n");
2201 }
2202
2203 static void
ktrcapfail(struct ktr_cap_fail * ktr)2204 ktrcapfail(struct ktr_cap_fail *ktr)
2205 {
2206 union ktr_cap_data *kcd = &ktr->cap_data;
2207
2208 switch (ktr->cap_type) {
2209 case CAPFAIL_NOTCAPABLE:
2210 /* operation on fd with insufficient capabilities */
2211 printf("operation requires ");
2212 sysdecode_cap_rights(stdout, &kcd->cap_needed);
2213 printf(", descriptor holds ");
2214 sysdecode_cap_rights(stdout, &kcd->cap_held);
2215 break;
2216 case CAPFAIL_INCREASE:
2217 /* requested more capabilities than fd already has */
2218 printf("attempt to increase capabilities from ");
2219 sysdecode_cap_rights(stdout, &kcd->cap_held);
2220 printf(" to ");
2221 sysdecode_cap_rights(stdout, &kcd->cap_needed);
2222 break;
2223 case CAPFAIL_SYSCALL:
2224 /* called restricted syscall */
2225 printf("system call not allowed: ");
2226 syscallname(ktr->cap_code, ktr->cap_svflags);
2227 if (syscallabi(ktr->cap_svflags) == SYSDECODE_ABI_FREEBSD) {
2228 switch (ktr->cap_code) {
2229 case SYS_sysarch:
2230 printf(", op: ");
2231 print_integer_arg(sysdecode_sysarch_number,
2232 kcd->cap_int);
2233 break;
2234 case SYS_fcntl:
2235 printf(", cmd: ");
2236 print_integer_arg(sysdecode_fcntl_cmd,
2237 kcd->cap_int);
2238 break;
2239 }
2240 }
2241 break;
2242 case CAPFAIL_SIGNAL:
2243 /* sent signal to proc other than self */
2244 syscallname(ktr->cap_code, ktr->cap_svflags);
2245 printf(": signal delivery not allowed: ");
2246 print_integer_arg(sysdecode_signal, kcd->cap_int);
2247 break;
2248 case CAPFAIL_PROTO:
2249 /* created socket with restricted protocol */
2250 syscallname(ktr->cap_code, ktr->cap_svflags);
2251 printf(": protocol not allowed: ");
2252 print_integer_arg(sysdecode_ipproto, kcd->cap_int);
2253 break;
2254 case CAPFAIL_SOCKADDR:
2255 /* unable to look up address */
2256 syscallname(ktr->cap_code, ktr->cap_svflags);
2257 printf(": restricted address lookup: ");
2258 ktrsockaddr(&kcd->cap_sockaddr);
2259 return;
2260 case CAPFAIL_NAMEI:
2261 /* absolute or AT_FDCWD path, ".." path, etc. */
2262 syscallname(ktr->cap_code, ktr->cap_svflags);
2263 printf(": restricted VFS lookup: %s\n", kcd->cap_path);
2264 return;
2265 case CAPFAIL_CPUSET:
2266 /* modification of an external cpuset */
2267 syscallname(ktr->cap_code, ktr->cap_svflags);
2268 printf(": restricted cpuset operation\n");
2269 return;
2270 default:
2271 syscallname(ktr->cap_code, ktr->cap_svflags);
2272 printf(": unknown capability failure\n");
2273 return;
2274 }
2275 printf("\n");
2276 }
2277
2278 static void
ktrfault(struct ktr_fault * ktr)2279 ktrfault(struct ktr_fault *ktr)
2280 {
2281
2282 printf("0x%jx ", (uintmax_t)ktr->vaddr);
2283 print_mask_arg(sysdecode_vmprot, ktr->type);
2284 printf("\n");
2285 }
2286
2287 static void
ktrfaultend(struct ktr_faultend * ktr)2288 ktrfaultend(struct ktr_faultend *ktr)
2289 {
2290 const char *str;
2291
2292 str = sysdecode_vmresult(ktr->result);
2293 if (str != NULL)
2294 printf("%s", str);
2295 else
2296 printf("<invalid=%d>", ktr->result);
2297 printf("\n");
2298 }
2299
2300 static void
ktrkevent(struct kevent * kev)2301 ktrkevent(struct kevent *kev)
2302 {
2303
2304 printf("{ ident=");
2305 switch (kev->filter) {
2306 case EVFILT_READ:
2307 case EVFILT_WRITE:
2308 case EVFILT_VNODE:
2309 case EVFILT_PROC:
2310 case EVFILT_TIMER:
2311 case EVFILT_PROCDESC:
2312 case EVFILT_EMPTY:
2313 printf("%ju", (uintmax_t)kev->ident);
2314 break;
2315 case EVFILT_SIGNAL:
2316 print_signal(kev->ident);
2317 break;
2318 default:
2319 printf("%p", (void *)kev->ident);
2320 }
2321 printf(", filter=");
2322 print_integer_arg(sysdecode_kevent_filter, kev->filter);
2323 printf(", flags=");
2324 print_mask_arg0(sysdecode_kevent_flags, kev->flags);
2325 printf(", fflags=");
2326 sysdecode_kevent_fflags(stdout, kev->filter, kev->fflags,
2327 decimal ? 10 : 16);
2328 printf(", data=%#jx, udata=%p }", (uintmax_t)kev->data, kev->udata);
2329 }
2330
2331 static void
ktrpollfd(struct pollfd * pfd)2332 ktrpollfd(struct pollfd *pfd)
2333 {
2334
2335 printf("{ fd=%d", pfd->fd);
2336 printf(", events=");
2337 print_mask_arg0(sysdecode_pollfd_events, pfd->events);
2338 printf(", revents=");
2339 print_mask_arg0(sysdecode_pollfd_events, pfd->revents);
2340 printf("}");
2341 }
2342
2343 static void
ktrstructarray(struct ktr_struct_array * ksa,size_t buflen)2344 ktrstructarray(struct ktr_struct_array *ksa, size_t buflen)
2345 {
2346 struct kevent kev;
2347 struct pollfd pfd;
2348 char *name, *data;
2349 size_t namelen, datalen;
2350 int i;
2351 bool first;
2352
2353 buflen -= sizeof(*ksa);
2354 for (name = (char *)(ksa + 1), namelen = 0;
2355 namelen < buflen && name[namelen] != '\0';
2356 ++namelen)
2357 /* nothing */;
2358 if (namelen == buflen)
2359 goto invalid;
2360 if (name[namelen] != '\0')
2361 goto invalid;
2362 /* sanity check */
2363 for (i = 0; i < (int)namelen; ++i)
2364 if (!isalnum(name[i]) && name[i] != '_')
2365 goto invalid;
2366 data = name + namelen + 1;
2367 datalen = buflen - namelen - 1;
2368 printf("struct %s[] = { ", name);
2369 first = true;
2370 for (; datalen >= ksa->struct_size;
2371 data += ksa->struct_size, datalen -= ksa->struct_size) {
2372 if (!first)
2373 printf("\n ");
2374 else
2375 first = false;
2376 if (strcmp(name, "kevent") == 0) {
2377 if (ksa->struct_size != sizeof(kev))
2378 goto bad_size;
2379 memcpy(&kev, data, sizeof(kev));
2380 ktrkevent(&kev);
2381 } else if (strcmp(name, "freebsd11_kevent") == 0) {
2382 struct freebsd11_kevent kev11;
2383
2384 if (ksa->struct_size != sizeof(kev11))
2385 goto bad_size;
2386 memcpy(&kev11, data, sizeof(kev11));
2387 memset(&kev, 0, sizeof(kev));
2388 kev.ident = kev11.ident;
2389 kev.filter = kev11.filter;
2390 kev.flags = kev11.flags;
2391 kev.fflags = kev11.fflags;
2392 kev.data = kev11.data;
2393 kev.udata = kev11.udata;
2394 ktrkevent(&kev);
2395 #ifdef _WANT_KEVENT32
2396 } else if (strcmp(name, "kevent32") == 0) {
2397 struct kevent32 kev32;
2398
2399 if (ksa->struct_size != sizeof(kev32))
2400 goto bad_size;
2401 memcpy(&kev32, data, sizeof(kev32));
2402 memset(&kev, 0, sizeof(kev));
2403 kev.ident = kev32.ident;
2404 kev.filter = kev32.filter;
2405 kev.flags = kev32.flags;
2406 kev.fflags = kev32.fflags;
2407 #if BYTE_ORDER == BIG_ENDIAN
2408 kev.data = kev32.data2 | ((int64_t)kev32.data1 << 32);
2409 #else
2410 kev.data = kev32.data1 | ((int64_t)kev32.data2 << 32);
2411 #endif
2412 kev.udata = (void *)(uintptr_t)kev32.udata;
2413 ktrkevent(&kev);
2414 } else if (strcmp(name, "freebsd11_kevent32") == 0) {
2415 struct freebsd11_kevent32 kev32;
2416
2417 if (ksa->struct_size != sizeof(kev32))
2418 goto bad_size;
2419 memcpy(&kev32, data, sizeof(kev32));
2420 memset(&kev, 0, sizeof(kev));
2421 kev.ident = kev32.ident;
2422 kev.filter = kev32.filter;
2423 kev.flags = kev32.flags;
2424 kev.fflags = kev32.fflags;
2425 kev.data = kev32.data;
2426 kev.udata = (void *)(uintptr_t)kev32.udata;
2427 ktrkevent(&kev);
2428 #endif
2429 } else if (strcmp(name, "pollfd") == 0) {
2430 if (ksa->struct_size != sizeof(pfd))
2431 goto bad_size;
2432 memcpy(&pfd, data, sizeof(pfd));
2433 ktrpollfd(&pfd);
2434 } else {
2435 printf("<unknown structure> }\n");
2436 return;
2437 }
2438 }
2439 printf(" }\n");
2440 return;
2441 invalid:
2442 printf("invalid record\n");
2443 return;
2444 bad_size:
2445 printf("<bad size> }\n");
2446 return;
2447 }
2448
2449 static void
ktrexterr(struct ktr_exterr * ke)2450 ktrexterr(struct ktr_exterr *ke)
2451 {
2452 struct uexterror *ue;
2453
2454 ue = &ke->ue;
2455 printf("{ errno %d category %u (src line %u) p1 %#jx p2 %#jx %s }\n",
2456 ue->error, ue->cat, ue->src_line,
2457 (uintmax_t)ue->p1, (uintmax_t)ue->p2, ue->msg);
2458 }
2459
2460 static void
usage(void)2461 usage(void)
2462 {
2463 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] "
2464 "[-m maxdata] [-p pid] [-t trstr]\n");
2465 exit(1);
2466 }
2467