1 /*- 2 * Copyright (c) 2007 Robert N. M. Watson 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27 /*- 28 * Kernel text-dump support: write a series of text files to the dump 29 * partition for later recovery, including captured DDB output, kernel 30 * configuration, message buffer, and panic message. This allows for a more 31 * compact representation of critical debugging information than traditional 32 * binary dumps, as well as allowing dump information to be used without 33 * access to kernel symbols, source code, etc. 34 * 35 * Storage Layout 36 * -------------- 37 * 38 * Crash dumps are aligned to the end of the dump or swap partition in order 39 * to minimize the chances of swap duing fsck eating into the dump. However, 40 * unlike a memory dump, we don't know the size of the textdump a priori, so 41 * can't just write it out sequentially in order from a known starting point 42 * calculated with respect to the end of the partition. In order to address 43 * this, we actually write out the textdump in reverse block order, allowing 44 * us to directly align it to the end of the partition and then write out the 45 * dump header and trailer before and after it once done. savecore(8) must 46 * know to reverse the order of the blocks in order to produce a readable 47 * file. 48 * 49 * Data is written out in the ustar file format so that we can write data 50 * incrementally as a stream without reference to previous files. 51 * 52 * TODO 53 * ---- 54 * 55 * - Allow subsytems to register to submit files for inclusion in the text 56 * dump in a generic way. 57 */ 58 59 #include <sys/cdefs.h> 60 __FBSDID("$FreeBSD$"); 61 62 #include "opt_config.h" 63 64 #include <sys/param.h> 65 #include <sys/conf.h> 66 #include <sys/kernel.h> 67 #include <sys/kerneldump.h> 68 #include <sys/msgbuf.h> 69 #include <sys/sysctl.h> 70 #include <sys/systm.h> 71 72 #include <ddb/ddb.h> 73 #include <ddb/db_lex.h> 74 75 static SYSCTL_NODE(_debug_ddb, OID_AUTO, textdump, CTLFLAG_RW, 0, 76 "DDB textdump options"); 77 78 /* 79 * Don't touch the first SIZEOF_METADATA bytes on the dump device. This is 80 * to protect us from metadata and metadata from us. 81 */ 82 #define SIZEOF_METADATA (64*1024) 83 84 /* 85 * Data is written out as a series of files in the ustar tar format. ustar 86 * is a simple streamed format consiting of a series of files prefixed with 87 * headers, and all padded to 512-byte block boundaries, which maps 88 * conveniently to our requirements. 89 */ 90 struct ustar_header { 91 char uh_filename[100]; 92 char uh_mode[8]; 93 char uh_tar_owner[8]; 94 char uh_tar_group[8]; 95 char uh_size[12]; 96 char uh_mtime[12]; 97 char uh_sum[8]; 98 char uh_type; 99 char uh_linkfile[100]; 100 char uh_ustar[6]; 101 char uh_version[2]; 102 char uh_owner[32]; 103 char uh_group[32]; 104 char uh_major[8]; 105 char uh_minor[8]; 106 char uh_filenameprefix[155]; 107 char uh_zeropad[12]; 108 } __packed; 109 110 /* 111 * Various size assertions -- pretty much everything must be one block in 112 * size. 113 */ 114 CTASSERT(sizeof(struct kerneldumpheader) == TEXTDUMP_BLOCKSIZE); 115 CTASSERT(sizeof(struct ustar_header) == TEXTDUMP_BLOCKSIZE); 116 117 /* 118 * Is a textdump scheduled? If so, the shutdown code will invoke our dumpsys 119 * routine instead of the machine-dependent kernel dump routine. 120 */ 121 int textdump_pending; 122 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, pending, CTLFLAG_RW, 123 &textdump_pending, 0, 124 "Perform textdump instead of regular kernel dump."); 125 126 /* 127 * Various constants for tar headers and contents. 128 */ 129 #define TAR_USER "root" 130 #define TAR_GROUP "wheel" 131 #define TAR_UID "0" 132 #define TAR_GID "0" 133 #define TAR_MODE "0600" 134 #define TAR_USTAR "ustar" 135 136 #define TAR_CONFIG_FILENAME "config.txt" /* Kernel configuration. */ 137 #define TAR_MSGBUF_FILENAME "msgbuf.txt" /* Kernel messsage buffer. */ 138 #define TAR_PANIC_FILENAME "panic.txt" /* Panic message. */ 139 #define TAR_VERSION_FILENAME "version.txt" /* Kernel version. */ 140 141 /* 142 * Configure which files will be dumped. 143 */ 144 #ifdef INCLUDE_CONFIG_FILE 145 static int textdump_do_config = 1; 146 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_config, CTLFLAG_RW, 147 &textdump_do_config, 0, "Dump kernel configuration in textdump"); 148 #endif 149 150 static int textdump_do_ddb = 1; 151 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_ddb, CTLFLAG_RW, 152 &textdump_do_ddb, 0, "Dump DDB captured output in textdump"); 153 154 static int textdump_do_msgbuf = 1; 155 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_msgbuf, CTLFLAG_RW, 156 &textdump_do_msgbuf, 0, "Dump kernel message buffer in textdump"); 157 158 static int textdump_do_panic = 1; 159 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_panic, CTLFLAG_RW, 160 &textdump_do_panic, 0, "Dump kernel panic message in textdump"); 161 162 static int textdump_do_version = 1; 163 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_version, CTLFLAG_RW, 164 &textdump_do_version, 0, "Dump kernel version string in textdump"); 165 166 /* 167 * State related to incremental writing of blocks to disk. 168 */ 169 static off_t textdump_offset; /* Offset of next sequential write. */ 170 static int textdump_error; /* Carried write error, if any. */ 171 172 /* 173 * Statically allocate space to prepare block-sized headers and data. 174 */ 175 char textdump_block_buffer[TEXTDUMP_BLOCKSIZE]; 176 static struct kerneldumpheader kdh; 177 178 /* 179 * Text dumps are prefixed with a normal kernel dump header but with a 180 * different magic number to allow them to be uniquely identified. 181 */ 182 static void 183 mkdumpheader(struct kerneldumpheader *kdh, uint32_t archver, 184 uint64_t dumplen, uint32_t blksz) 185 { 186 187 bzero(kdh, sizeof(*kdh)); 188 strncpy(kdh->magic, TEXTDUMPMAGIC, sizeof(kdh->magic)); 189 strncpy(kdh->architecture, MACHINE_ARCH, sizeof(kdh->architecture)); 190 kdh->version = htod32(KERNELDUMPVERSION); 191 kdh->architectureversion = htod32(archver); 192 kdh->dumplength = htod64(dumplen); 193 kdh->dumptime = htod64(time_second); 194 kdh->blocksize = htod32(blksz); 195 strncpy(kdh->hostname, hostname, sizeof(kdh->hostname)); 196 strncpy(kdh->versionstring, version, sizeof(kdh->versionstring)); 197 if (panicstr != NULL) 198 strncpy(kdh->panicstring, panicstr, sizeof(kdh->panicstring)); 199 kdh->parity = kerneldump_parity(kdh); 200 } 201 202 /* 203 * Calculate and fill in the checksum for a ustar header. 204 */ 205 static void 206 ustar_checksum(struct ustar_header *uhp) 207 { 208 u_int sum; 209 int i; 210 211 for (i = 0; i < sizeof(uhp->uh_sum); i++) 212 uhp->uh_sum[i] = ' '; 213 sum = 0; 214 for (i = 0; i < sizeof(*uhp); i++) 215 sum += ((u_char *)uhp)[i]; 216 snprintf(uhp->uh_sum, sizeof(uhp->uh_sum), "%6o", sum); 217 } 218 219 /* 220 * Each file in the tarball has a block-sized header with its name and other, 221 * largely hard-coded, properties. 222 */ 223 void 224 textdump_mkustar(char *block_buffer, const char *filename, u_int size) 225 { 226 struct ustar_header *uhp; 227 228 uhp = (struct ustar_header *)block_buffer; 229 bzero(uhp, sizeof(*uhp)); 230 strlcpy(uhp->uh_filename, filename, sizeof(uhp->uh_filename)); 231 strlcpy(uhp->uh_mode, TAR_MODE, sizeof(uhp->uh_mode)); 232 snprintf(uhp->uh_size, sizeof(uhp->uh_size), "%o", size); 233 strlcpy(uhp->uh_tar_owner, TAR_UID, sizeof(uhp->uh_tar_owner)); 234 strlcpy(uhp->uh_tar_group, TAR_GID, sizeof(uhp->uh_tar_group)); 235 strlcpy(uhp->uh_owner, TAR_USER, sizeof(uhp->uh_owner)); 236 strlcpy(uhp->uh_group, TAR_GROUP, sizeof(uhp->uh_group)); 237 snprintf(uhp->uh_mtime, sizeof(uhp->uh_mtime), "%lo", 238 (unsigned long)time_second); 239 uhp->uh_type = 0; 240 strlcpy(uhp->uh_ustar, TAR_USTAR, sizeof(uhp->uh_ustar)); 241 ustar_checksum(uhp); 242 } 243 244 /* 245 * textdump_writeblock() writes TEXTDUMP_BLOCKSIZE-sized blocks of data to 246 * the space between di->mediaoffset and di->mediaoffset + di->mediasize. It 247 * accepts an offset relative to di->mediaoffset. If we're carrying any 248 * error from previous I/O, return that error and don't continue to try to 249 * write. Most writers ignore the error and forge ahead on the basis that 250 * there's not much you can do. 251 */ 252 static int 253 textdump_writeblock(struct dumperinfo *di, off_t offset, char *buffer) 254 { 255 256 if (textdump_error) 257 return (textdump_error); 258 if (offset + TEXTDUMP_BLOCKSIZE > di->mediasize) 259 return (EIO); 260 if (offset < SIZEOF_METADATA) 261 return (ENOSPC); 262 textdump_error = dump_write(di, buffer, 0, offset + di->mediaoffset, 263 TEXTDUMP_BLOCKSIZE); 264 return (textdump_error); 265 } 266 267 /* 268 * Interfaces to save and restore the dump offset, so that printers can go 269 * back to rewrite a header if required, while avoiding their knowing about 270 * the global layout of the blocks. 271 * 272 * If we ever want to support writing textdumps to tape or other 273 * stream-oriented target, we'll need to remove this. 274 */ 275 void 276 textdump_saveoff(off_t *offsetp) 277 { 278 279 *offsetp = textdump_offset; 280 } 281 282 void 283 textdump_restoreoff(off_t offset) 284 { 285 286 textdump_offset = offset; 287 } 288 289 /* 290 * Interface to write the "next block" relative to the current offset; since 291 * we write backwards from the end of the partition, we subtract, but there's 292 * no reason for the caller to know this. 293 */ 294 int 295 textdump_writenextblock(struct dumperinfo *di, char *buffer) 296 { 297 int error; 298 299 error = textdump_writeblock(di, textdump_offset, buffer); 300 textdump_offset -= TEXTDUMP_BLOCKSIZE; 301 return (error); 302 } 303 304 #ifdef INCLUDE_CONFIG_FILE 305 extern char kernconfstring[]; 306 307 /* 308 * Dump kernel configuration. 309 */ 310 static void 311 textdump_dump_config(struct dumperinfo *di) 312 { 313 u_int count, fullblocks, len; 314 315 len = strlen(kernconfstring); 316 textdump_mkustar(textdump_block_buffer, TAR_CONFIG_FILENAME, len); 317 (void)textdump_writenextblock(di, textdump_block_buffer); 318 319 /* 320 * Write out all full blocks directly from the string, and handle any 321 * left-over bits by copying it to out to the local buffer and 322 * zero-padding it. 323 */ 324 fullblocks = len / TEXTDUMP_BLOCKSIZE; 325 for (count = 0; count < fullblocks; count++) 326 (void)textdump_writenextblock(di, kernconfstring + count * 327 TEXTDUMP_BLOCKSIZE); 328 if (len % TEXTDUMP_BLOCKSIZE != 0) { 329 bzero(textdump_block_buffer, TEXTDUMP_BLOCKSIZE); 330 bcopy(kernconfstring + count * TEXTDUMP_BLOCKSIZE, 331 textdump_block_buffer, len % TEXTDUMP_BLOCKSIZE); 332 (void)textdump_writenextblock(di, textdump_block_buffer); 333 } 334 } 335 #endif /* INCLUDE_CONFIG_FILE */ 336 337 /* 338 * Dump kernel message buffer. 339 */ 340 static void 341 textdump_dump_msgbuf(struct dumperinfo *di) 342 { 343 off_t end_offset, tarhdr_offset; 344 u_int i, len, offset, seq, total_len; 345 char buf[16]; 346 347 /* 348 * Write out a dummy tar header to advance the offset; we'll rewrite 349 * it later once we know the true size. 350 */ 351 textdump_saveoff(&tarhdr_offset); 352 textdump_mkustar(textdump_block_buffer, TAR_MSGBUF_FILENAME, 0); 353 (void)textdump_writenextblock(di, textdump_block_buffer); 354 355 /* 356 * Copy out the data in small chunks, but don't copy nuls that may be 357 * present if the message buffer has not yet completely filled at 358 * least once. 359 */ 360 total_len = 0; 361 offset = 0; 362 msgbuf_peekbytes(msgbufp, NULL, 0, &seq); 363 while ((len = msgbuf_peekbytes(msgbufp, buf, sizeof(buf), &seq)) > 0) { 364 for (i = 0; i < len; i++) { 365 if (buf[i] == '\0') 366 continue; 367 textdump_block_buffer[offset] = buf[i]; 368 offset++; 369 if (offset != sizeof(textdump_block_buffer)) 370 continue; 371 (void)textdump_writenextblock(di, 372 textdump_block_buffer); 373 total_len += offset; 374 offset = 0; 375 } 376 } 377 total_len += offset; /* Without the zero-padding. */ 378 if (offset != 0) { 379 bzero(textdump_block_buffer + offset, 380 sizeof(textdump_block_buffer) - offset); 381 (void)textdump_writenextblock(di, textdump_block_buffer); 382 } 383 384 /* 385 * Rewrite tar header to reflect how much was actually written. 386 */ 387 textdump_saveoff(&end_offset); 388 textdump_restoreoff(tarhdr_offset); 389 textdump_mkustar(textdump_block_buffer, TAR_MSGBUF_FILENAME, 390 total_len); 391 (void)textdump_writenextblock(di, textdump_block_buffer); 392 textdump_restoreoff(end_offset); 393 } 394 395 static void 396 textdump_dump_panic(struct dumperinfo *di) 397 { 398 u_int len; 399 400 /* 401 * Write out tar header -- we store up to one block of panic message. 402 */ 403 len = min(strlen(panicstr), TEXTDUMP_BLOCKSIZE); 404 textdump_mkustar(textdump_block_buffer, TAR_PANIC_FILENAME, len); 405 (void)textdump_writenextblock(di, textdump_block_buffer); 406 407 /* 408 * Zero-pad the panic string and write out block. 409 */ 410 bzero(textdump_block_buffer, sizeof(textdump_block_buffer)); 411 bcopy(panicstr, textdump_block_buffer, len); 412 (void)textdump_writenextblock(di, textdump_block_buffer); 413 } 414 415 static void 416 textdump_dump_version(struct dumperinfo *di) 417 { 418 u_int len; 419 420 /* 421 * Write out tar header -- at most one block of version information. 422 */ 423 len = min(strlen(version), TEXTDUMP_BLOCKSIZE); 424 textdump_mkustar(textdump_block_buffer, TAR_VERSION_FILENAME, len); 425 (void)textdump_writenextblock(di, textdump_block_buffer); 426 427 /* 428 * Zero pad the version string and write out block. 429 */ 430 bzero(textdump_block_buffer, sizeof(textdump_block_buffer)); 431 bcopy(version, textdump_block_buffer, len); 432 (void)textdump_writenextblock(di, textdump_block_buffer); 433 } 434 435 /* 436 * Commit text dump to disk. 437 */ 438 void 439 textdump_dumpsys(struct dumperinfo *di) 440 { 441 off_t dumplen, trailer_offset; 442 443 if (di->blocksize != TEXTDUMP_BLOCKSIZE) { 444 printf("Dump partition block size (%ju) not textdump " 445 "block size (%ju)", (uintmax_t)di->blocksize, 446 (uintmax_t)TEXTDUMP_BLOCKSIZE); 447 return; 448 } 449 450 /* 451 * We don't know a priori how large the dump will be, but we do know 452 * that we need to reserve space for metadata and that we need two 453 * dump headers. Also leave room for one ustar header and one block 454 * of data. 455 */ 456 if (di->mediasize < SIZEOF_METADATA + 2 * sizeof(kdh)) { 457 printf("Insufficient space on dump partition.\n"); 458 return; 459 } 460 textdump_error = 0; 461 462 /* 463 * Position the start of the dump so that we'll write the kernel dump 464 * trailer immediately before the end of the partition, and then work 465 * our way back. We will rewrite this header later to reflect the 466 * true size if things go well. 467 */ 468 textdump_offset = di->mediasize - sizeof(kdh); 469 textdump_saveoff(&trailer_offset); 470 mkdumpheader(&kdh, KERNELDUMP_TEXT_VERSION, 0, TEXTDUMP_BLOCKSIZE); 471 (void)textdump_writenextblock(di, (char *)&kdh); 472 473 /* 474 * Write a series of files in ustar format. 475 */ 476 if (textdump_do_ddb) 477 db_capture_dump(di); 478 #ifdef INCLUDE_CONFIG_FILE 479 if (textdump_do_config) 480 textdump_dump_config(di); 481 #endif 482 if (textdump_do_msgbuf) 483 textdump_dump_msgbuf(di); 484 if (textdump_do_panic && panicstr != NULL) 485 textdump_dump_panic(di); 486 if (textdump_do_version) 487 textdump_dump_version(di); 488 489 /* 490 * Now that we know the true size, we can write out the header, then 491 * seek back to the end and rewrite the trailer with the correct 492 * size. 493 */ 494 dumplen = trailer_offset - (textdump_offset + TEXTDUMP_BLOCKSIZE); 495 mkdumpheader(&kdh, KERNELDUMP_TEXT_VERSION, dumplen, 496 TEXTDUMP_BLOCKSIZE); 497 (void)textdump_writenextblock(di, (char *)&kdh); 498 textdump_restoreoff(trailer_offset); 499 (void)textdump_writenextblock(di, (char *)&kdh); 500 501 /* 502 * Terminate the dump, report any errors, and clear the pending flag. 503 */ 504 if (textdump_error == 0) 505 (void)dump_write(di, NULL, 0, 0, 0); 506 if (textdump_error == ENOSPC) 507 printf("Insufficient space on dump partition\n"); 508 else if (textdump_error != 0) 509 printf("Error %d writing dump\n", textdump_error); 510 else 511 printf("Textdump complete.\n"); 512 textdump_pending = 0; 513 } 514 515 /*- 516 * DDB(4) command to manage textdumps: 517 * 518 * textdump set - request a textdump 519 * textdump status - print DDB output textdump status 520 * textdump unset - clear textdump request 521 */ 522 static void 523 db_textdump_usage(void) 524 { 525 526 db_printf("textdump [unset|set|status]\n"); 527 } 528 529 void 530 db_textdump_cmd(db_expr_t addr, boolean_t have_addr, db_expr_t count, 531 char *modif) 532 { 533 int t; 534 535 t = db_read_token(); 536 if (t != tIDENT) { 537 db_textdump_usage(); 538 return; 539 } 540 if (db_read_token() != tEOL) { 541 db_textdump_usage(); 542 return; 543 } 544 if (strcmp(db_tok_string, "set") == 0) { 545 textdump_pending = 1; 546 db_printf("textdump set\n"); 547 } else if (strcmp(db_tok_string, "status") == 0) { 548 if (textdump_pending) 549 db_printf("textdump is set\n"); 550 else 551 db_printf("textdump is not set\n"); 552 } else if (strcmp(db_tok_string, "unset") == 0) { 553 textdump_pending = 0; 554 db_printf("textdump unset\n"); 555 } else 556 db_textdump_usage(); 557 } 558