xref: /freebsd/sys/ddb/db_textdump.c (revision 1dfcff294e44d4b45813288ef4095c36abb22f0e)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (c) 2007 Robert N. M. Watson
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  *
16  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 
29 /*-
30  * Kernel text-dump support: write a series of text files to the dump
31  * partition for later recovery, including captured DDB output, kernel
32  * configuration, message buffer, and panic message.  This allows for a more
33  * compact representation of critical debugging information than traditional
34  * binary dumps, as well as allowing dump information to be used without
35  * access to kernel symbols, source code, etc.
36  *
37  * Storage Layout
38  * --------------
39  *
40  * Crash dumps are aligned to the end of the dump or swap partition in order
41  * to minimize the chances of swap duing fsck eating into the dump.  However,
42  * unlike a memory dump, we don't know the size of the textdump a priori, so
43  * can't just write it out sequentially in order from a known starting point
44  * calculated with respect to the end of the partition.  In order to address
45  * this, we actually write out the textdump in reverse block order, allowing
46  * us to directly align it to the end of the partition and then write out the
47  * dump header and trailer before and after it once done.  savecore(8) must
48  * know to reverse the order of the blocks in order to produce a readable
49  * file.
50  *
51  * Data is written out in the ustar file format so that we can write data
52  * incrementally as a stream without reference to previous files.
53  *
54  * TODO
55  * ----
56  *
57  * - Allow subsystems to register to submit files for inclusion in the text
58  *   dump in a generic way.
59  */
60 
61 #include <sys/cdefs.h>
62 __FBSDID("$FreeBSD$");
63 
64 #include "opt_config.h"
65 
66 #include "opt_ddb.h"
67 
68 #include <sys/param.h>
69 #include <sys/conf.h>
70 #include <sys/kernel.h>
71 #include <sys/kerneldump.h>
72 #include <sys/msgbuf.h>
73 #include <sys/sysctl.h>
74 #include <sys/systm.h>
75 
76 #include <ddb/ddb.h>
77 #include <ddb/db_lex.h>
78 
79 static SYSCTL_NODE(_debug_ddb, OID_AUTO, textdump,
80     CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
81     "DDB textdump options");
82 
83 /*
84  * Don't touch the first SIZEOF_METADATA bytes on the dump device.  This is
85  * to protect us from metadata and metadata from us.
86  */
87 #define	SIZEOF_METADATA		(64*1024)
88 
89 /*
90  * Data is written out as a series of files in the ustar tar format.  ustar
91  * is a simple streamed format consiting of a series of files prefixed with
92  * headers, and all padded to 512-byte block boundaries, which maps
93  * conveniently to our requirements.
94  */
95 struct ustar_header {
96 	char	uh_filename[100];
97 	char	uh_mode[8];
98 	char	uh_tar_owner[8];
99 	char	uh_tar_group[8];
100 	char	uh_size[12];
101 	char	uh_mtime[12];
102 	char	uh_sum[8];
103 	char	uh_type;
104 	char	uh_linkfile[100];
105 	char	uh_ustar[6];
106 	char	uh_version[2];
107 	char	uh_owner[32];
108 	char	uh_group[32];
109 	char	uh_major[8];
110 	char	uh_minor[8];
111 	char	uh_filenameprefix[155];
112 	char	uh_zeropad[12];
113 } __packed;
114 
115 /*
116  * Various size assertions -- pretty much everything must be one block in
117  * size.
118  */
119 CTASSERT(sizeof(struct kerneldumpheader) == TEXTDUMP_BLOCKSIZE);
120 CTASSERT(sizeof(struct ustar_header) == TEXTDUMP_BLOCKSIZE);
121 
122 /*
123  * Is a textdump scheduled?  If so, the shutdown code will invoke our dumpsys
124  * routine instead of the machine-dependent kernel dump routine.
125  */
126 #ifdef TEXTDUMP_PREFERRED
127 int	textdump_pending = 1;
128 #else
129 int	textdump_pending = 0;
130 #endif
131 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, pending, CTLFLAG_RW,
132     &textdump_pending, 0,
133     "Perform textdump instead of regular kernel dump.");
134 
135 /*
136  * Various constants for tar headers and contents.
137  */
138 #define	TAR_USER	"root"
139 #define	TAR_GROUP	"wheel"
140 #define	TAR_UID		"0"
141 #define	TAR_GID		"0"
142 #define	TAR_MODE	"0600"
143 #define	TAR_USTAR	"ustar"
144 
145 #define	TAR_CONFIG_FILENAME	"config.txt"	/* Kernel configuration. */
146 #define	TAR_MSGBUF_FILENAME	"msgbuf.txt"	/* Kernel messsage buffer. */
147 #define	TAR_PANIC_FILENAME	"panic.txt"	/* Panic message. */
148 #define	TAR_VERSION_FILENAME	"version.txt"	/* Kernel version. */
149 
150 /*
151  * Configure which files will be dumped.
152  */
153 #ifdef INCLUDE_CONFIG_FILE
154 static int textdump_do_config = 1;
155 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_config, CTLFLAG_RW,
156     &textdump_do_config, 0, "Dump kernel configuration in textdump");
157 #endif
158 
159 static int textdump_do_ddb = 1;
160 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_ddb, CTLFLAG_RW,
161     &textdump_do_ddb, 0, "Dump DDB captured output in textdump");
162 
163 static int textdump_do_msgbuf = 1;
164 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_msgbuf, CTLFLAG_RW,
165     &textdump_do_msgbuf, 0, "Dump kernel message buffer in textdump");
166 
167 static int textdump_do_panic = 1;
168 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_panic, CTLFLAG_RW,
169     &textdump_do_panic, 0, "Dump kernel panic message in textdump");
170 
171 static int textdump_do_version = 1;
172 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_version, CTLFLAG_RW,
173     &textdump_do_version, 0, "Dump kernel version string in textdump");
174 
175 /*
176  * State related to incremental writing of blocks to disk.
177  */
178 static off_t textdump_offset;		/* Offset of next sequential write. */
179 static int textdump_error;		/* Carried write error, if any. */
180 
181 /*
182  * Statically allocate space to prepare block-sized headers and data.
183  */
184 char textdump_block_buffer[TEXTDUMP_BLOCKSIZE];
185 static struct kerneldumpheader kdh;
186 
187 /*
188  * Calculate and fill in the checksum for a ustar header.
189  */
190 static void
191 ustar_checksum(struct ustar_header *uhp)
192 {
193 	u_int sum;
194 	int i;
195 
196 	for (i = 0; i < sizeof(uhp->uh_sum); i++)
197 		uhp->uh_sum[i] = ' ';
198 	sum = 0;
199 	for (i = 0; i < sizeof(*uhp); i++)
200 		sum += ((u_char *)uhp)[i];
201 	snprintf(uhp->uh_sum, sizeof(uhp->uh_sum), "%6o", sum);
202 }
203 
204 /*
205  * Each file in the tarball has a block-sized header with its name and other,
206  * largely hard-coded, properties.
207  */
208 void
209 textdump_mkustar(char *block_buffer, const char *filename, u_int size)
210 {
211 	struct ustar_header *uhp;
212 
213 #ifdef TEXTDUMP_VERBOSE
214 	if (textdump_error == 0)
215 		printf("textdump: creating '%s'.\n", filename);
216 #endif
217 	uhp = (struct ustar_header *)block_buffer;
218 	bzero(uhp, sizeof(*uhp));
219 	strlcpy(uhp->uh_filename, filename, sizeof(uhp->uh_filename));
220 	strlcpy(uhp->uh_mode, TAR_MODE, sizeof(uhp->uh_mode));
221 	snprintf(uhp->uh_size, sizeof(uhp->uh_size), "%o", size);
222 	strlcpy(uhp->uh_tar_owner, TAR_UID, sizeof(uhp->uh_tar_owner));
223 	strlcpy(uhp->uh_tar_group, TAR_GID, sizeof(uhp->uh_tar_group));
224 	strlcpy(uhp->uh_owner, TAR_USER, sizeof(uhp->uh_owner));
225 	strlcpy(uhp->uh_group, TAR_GROUP, sizeof(uhp->uh_group));
226 	snprintf(uhp->uh_mtime, sizeof(uhp->uh_mtime), "%lo",
227 	    (unsigned long)time_second);
228 	uhp->uh_type = 0;
229 	strlcpy(uhp->uh_ustar, TAR_USTAR, sizeof(uhp->uh_ustar));
230 	ustar_checksum(uhp);
231 }
232 
233 /*
234  * textdump_writeblock() writes TEXTDUMP_BLOCKSIZE-sized blocks of data to
235  * the space between di->mediaoffset and di->mediaoffset + di->mediasize.  It
236  * accepts an offset relative to di->mediaoffset.  If we're carrying any
237  * error from previous I/O, return that error and don't continue to try to
238  * write.  Most writers ignore the error and forge ahead on the basis that
239  * there's not much you can do.
240  */
241 static int
242 textdump_writeblock(struct dumperinfo *di, off_t offset, char *buffer)
243 {
244 
245 	if (textdump_error)
246 		return (textdump_error);
247 	if (offset + TEXTDUMP_BLOCKSIZE > di->mediasize)
248 		return (EIO);
249 	if (offset < SIZEOF_METADATA)
250 		return (ENOSPC);
251 	textdump_error = dump_write(di, buffer, offset + di->mediaoffset,
252 	    TEXTDUMP_BLOCKSIZE);
253 	if (textdump_error)
254 		printf("textdump_writeblock: offset %jd, error %d\n", (intmax_t)offset,
255 		    textdump_error);
256 	return (textdump_error);
257 }
258 
259 /*
260  * Interfaces to save and restore the dump offset, so that printers can go
261  * back to rewrite a header if required, while avoiding their knowing about
262  * the global layout of the blocks.
263  *
264  * If we ever want to support writing textdumps to tape or other
265  * stream-oriented target, we'll need to remove this.
266  */
267 void
268 textdump_saveoff(off_t *offsetp)
269 {
270 
271 	*offsetp = textdump_offset;
272 }
273 
274 void
275 textdump_restoreoff(off_t offset)
276 {
277 
278 	textdump_offset = offset;
279 }
280 
281 /*
282  * Interface to write the "next block" relative to the current offset; since
283  * we write backwards from the end of the partition, we subtract, but there's
284  * no reason for the caller to know this.
285  */
286 int
287 textdump_writenextblock(struct dumperinfo *di, char *buffer)
288 {
289 	int error;
290 
291 	error = textdump_writeblock(di, textdump_offset, buffer);
292 	textdump_offset -= TEXTDUMP_BLOCKSIZE;
293 	return (error);
294 }
295 
296 #ifdef INCLUDE_CONFIG_FILE
297 extern char kernconfstring[];
298 
299 /*
300  * Dump kernel configuration.
301  */
302 static void
303 textdump_dump_config(struct dumperinfo *di)
304 {
305 	u_int count, fullblocks, len;
306 
307 	len = strlen(kernconfstring);
308 	textdump_mkustar(textdump_block_buffer, TAR_CONFIG_FILENAME, len);
309 	(void)textdump_writenextblock(di, textdump_block_buffer);
310 
311 	/*
312 	 * Write out all full blocks directly from the string, and handle any
313 	 * left-over bits by copying it to out to the local buffer and
314 	 * zero-padding it.
315 	 */
316 	fullblocks = len / TEXTDUMP_BLOCKSIZE;
317 	for (count = 0; count < fullblocks; count++)
318 		(void)textdump_writenextblock(di, kernconfstring + count *
319 		    TEXTDUMP_BLOCKSIZE);
320 	if (len % TEXTDUMP_BLOCKSIZE != 0) {
321 		bzero(textdump_block_buffer, TEXTDUMP_BLOCKSIZE);
322 		bcopy(kernconfstring + count * TEXTDUMP_BLOCKSIZE,
323 		    textdump_block_buffer, len % TEXTDUMP_BLOCKSIZE);
324 		(void)textdump_writenextblock(di, textdump_block_buffer);
325 	}
326 }
327 #endif /* INCLUDE_CONFIG_FILE */
328 
329 /*
330  * Dump kernel message buffer.
331  */
332 static void
333 textdump_dump_msgbuf(struct dumperinfo *di)
334 {
335 	off_t end_offset, tarhdr_offset;
336 	u_int i, len, offset, seq, total_len;
337 	char buf[16];
338 
339 	/*
340 	 * Write out a dummy tar header to advance the offset; we'll rewrite
341 	 * it later once we know the true size.
342 	 */
343 	textdump_saveoff(&tarhdr_offset);
344 	textdump_mkustar(textdump_block_buffer, TAR_MSGBUF_FILENAME, 0);
345 	(void)textdump_writenextblock(di, textdump_block_buffer);
346 
347 	/*
348 	 * Copy out the data in small chunks, but don't copy nuls that may be
349 	 * present if the message buffer has not yet completely filled at
350 	 * least once.
351 	 */
352 	total_len = 0;
353 	offset = 0;
354 	msgbuf_peekbytes(msgbufp, NULL, 0, &seq);
355 	while ((len = msgbuf_peekbytes(msgbufp, buf, sizeof(buf), &seq)) > 0) {
356 		for (i = 0; i < len; i++) {
357 			if (buf[i] == '\0')
358 				continue;
359 			textdump_block_buffer[offset] = buf[i];
360 			offset++;
361 			if (offset != sizeof(textdump_block_buffer))
362 				continue;
363 			(void)textdump_writenextblock(di,
364 			    textdump_block_buffer);
365 			total_len += offset;
366 			offset = 0;
367 		}
368 	}
369 	total_len += offset;	/* Without the zero-padding. */
370 	if (offset != 0) {
371 		bzero(textdump_block_buffer + offset,
372 		    sizeof(textdump_block_buffer) - offset);
373 		(void)textdump_writenextblock(di, textdump_block_buffer);
374 	}
375 
376 	/*
377 	 * Rewrite tar header to reflect how much was actually written.
378 	 */
379 	textdump_saveoff(&end_offset);
380 	textdump_restoreoff(tarhdr_offset);
381 	textdump_mkustar(textdump_block_buffer, TAR_MSGBUF_FILENAME,
382 	    total_len);
383 	(void)textdump_writenextblock(di, textdump_block_buffer);
384 	textdump_restoreoff(end_offset);
385 }
386 
387 static void
388 textdump_dump_panic(struct dumperinfo *di)
389 {
390 	u_int len;
391 
392 	/*
393 	 * Write out tar header -- we store up to one block of panic message.
394 	 */
395 	len = min(strlen(panicstr), TEXTDUMP_BLOCKSIZE);
396 	textdump_mkustar(textdump_block_buffer, TAR_PANIC_FILENAME, len);
397 	(void)textdump_writenextblock(di, textdump_block_buffer);
398 
399 	/*
400 	 * Zero-pad the panic string and write out block.
401 	 */
402 	bzero(textdump_block_buffer, sizeof(textdump_block_buffer));
403 	bcopy(panicstr, textdump_block_buffer, len);
404 	(void)textdump_writenextblock(di, textdump_block_buffer);
405 }
406 
407 static void
408 textdump_dump_version(struct dumperinfo *di)
409 {
410 	u_int len;
411 
412 	/*
413 	 * Write out tar header -- at most one block of version information.
414 	 */
415 	len = min(strlen(version), TEXTDUMP_BLOCKSIZE);
416 	textdump_mkustar(textdump_block_buffer, TAR_VERSION_FILENAME, len);
417 	(void)textdump_writenextblock(di, textdump_block_buffer);
418 
419 	/*
420 	 * Zero pad the version string and write out block.
421 	 */
422 	bzero(textdump_block_buffer, sizeof(textdump_block_buffer));
423 	bcopy(version, textdump_block_buffer, len);
424 	(void)textdump_writenextblock(di, textdump_block_buffer);
425 }
426 
427 /*
428  * Commit text dump to disk.
429  */
430 void
431 textdump_dumpsys(struct dumperinfo *di)
432 {
433 	struct kerneldumpcrypto *kdc;
434 	off_t dumplen, trailer_offset;
435 
436 	if (di->blocksize != TEXTDUMP_BLOCKSIZE) {
437 		printf("Dump partition block size (%ju) not textdump "
438 		    "block size (%ju)", (uintmax_t)di->blocksize,
439 		    (uintmax_t)TEXTDUMP_BLOCKSIZE);
440 		return;
441 	}
442 
443 	/*
444 	 * We don't know a priori how large the dump will be, but we do know
445 	 * that we need to reserve space for metadata and that we need two
446 	 * dump headers.  Also leave room for one ustar header and one block
447 	 * of data.
448 	 */
449 	if (di->mediasize < SIZEOF_METADATA + 2 * sizeof(kdh)) {
450 		printf("Insufficient space on dump partition for minimal textdump.\n");
451 		return;
452 	}
453 	textdump_error = 0;
454 
455 	/*
456 	 * Disable EKCD because we don't provide encrypted textdumps.
457 	 */
458 	kdc = di->kdcrypto;
459 	di->kdcrypto = NULL;
460 
461 	/*
462 	 * Position the start of the dump so that we'll write the kernel dump
463 	 * trailer immediately before the end of the partition, and then work
464 	 * our way back.  We will rewrite this header later to reflect the
465 	 * true size if things go well.
466 	 */
467 	textdump_offset = di->mediasize - sizeof(kdh);
468 	textdump_saveoff(&trailer_offset);
469 	dump_init_header(di, &kdh, TEXTDUMPMAGIC, KERNELDUMP_TEXT_VERSION, 0);
470 	(void)textdump_writenextblock(di, (char *)&kdh);
471 
472 	/*
473 	 * Write a series of files in ustar format.
474 	 */
475 	if (textdump_do_ddb)
476 		db_capture_dump(di);
477 #ifdef INCLUDE_CONFIG_FILE
478 	if (textdump_do_config)
479 		textdump_dump_config(di);
480 #endif
481 	if (textdump_do_msgbuf)
482 		textdump_dump_msgbuf(di);
483 	if (textdump_do_panic && KERNEL_PANICKED())
484 		textdump_dump_panic(di);
485 	if (textdump_do_version)
486 		textdump_dump_version(di);
487 
488 	/*
489 	 * Now that we know the true size, we can write out the header, then
490 	 * seek back to the end and rewrite the trailer with the correct
491 	 * size.
492 	 */
493 	dumplen = trailer_offset - (textdump_offset + TEXTDUMP_BLOCKSIZE);
494 	dump_init_header(di, &kdh, TEXTDUMPMAGIC, KERNELDUMP_TEXT_VERSION,
495 	    dumplen);
496 	(void)textdump_writenextblock(di, (char *)&kdh);
497 	textdump_restoreoff(trailer_offset);
498 	(void)textdump_writenextblock(di, (char *)&kdh);
499 
500 	/*
501 	 * Terminate the dump, report any errors, and clear the pending flag.
502 	 */
503 	if (textdump_error == 0)
504 		(void)dump_write(di, NULL, 0, 0);
505 	if (textdump_error == ENOSPC)
506 		printf("Textdump: Insufficient space on dump partition\n");
507 	else if (textdump_error != 0)
508 		printf("Textdump: Error %d writing dump\n", textdump_error);
509 	else
510 		printf("Textdump complete.\n");
511 	textdump_pending = 0;
512 
513 	/*
514 	 * Restore EKCD status.
515 	 */
516 	di->kdcrypto = kdc;
517 }
518 
519 /*-
520  * DDB(4) command to manage textdumps:
521  *
522  * textdump set        - request a textdump
523  * textdump status     - print DDB output textdump status
524  * textdump unset      - clear textdump request
525  */
526 static void
527 db_textdump_usage(void)
528 {
529 
530 	db_printf("textdump [unset|set|status|dump]\n");
531 }
532 
533 void
534 db_textdump_cmd(db_expr_t addr, bool have_addr, db_expr_t count, char *modif)
535 {
536 	int t;
537 
538 	t = db_read_token();
539 	if (t != tIDENT) {
540 		db_textdump_usage();
541 		return;
542 	}
543 	if (db_read_token() != tEOL) {
544 		db_textdump_usage();
545 		return;
546 	}
547 	if (strcmp(db_tok_string, "set") == 0) {
548 		textdump_pending = 1;
549 		db_printf("textdump set\n");
550 	} else if (strcmp(db_tok_string, "status") == 0) {
551 		if (textdump_pending)
552 			db_printf("textdump is set\n");
553 		else
554 			db_printf("textdump is not set\n");
555 	} else if (strcmp(db_tok_string, "unset") == 0) {
556 		textdump_pending = 0;
557 		db_printf("textdump unset\n");
558 	} else if (strcmp(db_tok_string, "dump") == 0) {
559 		textdump_pending = 1;
560 		doadump(true);
561 	} else {
562 		db_textdump_usage();
563 	}
564 }
565