xref: /freebsd/sys/ddb/db_textdump.c (revision 9ff086544d5f85b58349e28ed36a9811b8fe5cf9)
1 /*-
2  * Copyright (c) 2007 Robert N. M. Watson
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24  * SUCH DAMAGE.
25  */
26 
27 /*-
28  * Kernel text-dump support: write a series of text files to the dump
29  * partition for later recovery, including captured DDB output, kernel
30  * configuration, message buffer, and panic message.  This allows for a more
31  * compact representation of critical debugging information than traditional
32  * binary dumps, as well as allowing dump information to be used without
33  * access to kernel symbols, source code, etc.
34  *
35  * Storage Layout
36  * --------------
37  *
38  * Crash dumps are aligned to the end of the dump or swap partition in order
39  * to minimize the chances of swap duing fsck eating into the dump.  However,
40  * unlike a memory dump, we don't know the size of the textdump a priori, so
41  * can't just write it out sequentially in order from a known starting point
42  * calculated with respect to the end of the partition.  In order to address
43  * this, we actually write out the textdump in reverse block order, allowing
44  * us to directly align it to the end of the partition and then write out the
45  * dump header and trailer before and after it once done.  savecore(8) must
46  * know to reverse the order of the blocks in order to produce a readable
47  * file.
48  *
49  * Data is written out in the ustar file format so that we can write data
50  * incrementally as a stream without reference to previous files.
51  *
52  * TODO
53  * ----
54  *
55  * - Allow subsystems to register to submit files for inclusion in the text
56  *   dump in a generic way.
57  */
58 
59 #include <sys/cdefs.h>
60 __FBSDID("$FreeBSD$");
61 
62 #include "opt_config.h"
63 
64 #include "opt_ddb.h"
65 
66 #include <sys/param.h>
67 #include <sys/conf.h>
68 #include <sys/kernel.h>
69 #include <sys/kerneldump.h>
70 #include <sys/msgbuf.h>
71 #include <sys/sysctl.h>
72 #include <sys/systm.h>
73 
74 #include <ddb/ddb.h>
75 #include <ddb/db_lex.h>
76 
77 static SYSCTL_NODE(_debug_ddb, OID_AUTO, textdump, CTLFLAG_RW, 0,
78     "DDB textdump options");
79 
80 /*
81  * Don't touch the first SIZEOF_METADATA bytes on the dump device.  This is
82  * to protect us from metadata and metadata from us.
83  */
84 #define	SIZEOF_METADATA		(64*1024)
85 
86 /*
87  * Data is written out as a series of files in the ustar tar format.  ustar
88  * is a simple streamed format consiting of a series of files prefixed with
89  * headers, and all padded to 512-byte block boundaries, which maps
90  * conveniently to our requirements.
91  */
92 struct ustar_header {
93 	char	uh_filename[100];
94 	char	uh_mode[8];
95 	char	uh_tar_owner[8];
96 	char	uh_tar_group[8];
97 	char	uh_size[12];
98 	char	uh_mtime[12];
99 	char	uh_sum[8];
100 	char	uh_type;
101 	char	uh_linkfile[100];
102 	char	uh_ustar[6];
103 	char	uh_version[2];
104 	char	uh_owner[32];
105 	char	uh_group[32];
106 	char	uh_major[8];
107 	char	uh_minor[8];
108 	char	uh_filenameprefix[155];
109 	char	uh_zeropad[12];
110 } __packed;
111 
112 /*
113  * Various size assertions -- pretty much everything must be one block in
114  * size.
115  */
116 CTASSERT(sizeof(struct kerneldumpheader) == TEXTDUMP_BLOCKSIZE);
117 CTASSERT(sizeof(struct ustar_header) == TEXTDUMP_BLOCKSIZE);
118 
119 /*
120  * Is a textdump scheduled?  If so, the shutdown code will invoke our dumpsys
121  * routine instead of the machine-dependent kernel dump routine.
122  */
123 #ifdef TEXTDUMP_PREFERRED
124 int	textdump_pending = 1;
125 #else
126 int	textdump_pending = 0;
127 #endif
128 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, pending, CTLFLAG_RW,
129     &textdump_pending, 0,
130     "Perform textdump instead of regular kernel dump.");
131 
132 /*
133  * Various constants for tar headers and contents.
134  */
135 #define	TAR_USER	"root"
136 #define	TAR_GROUP	"wheel"
137 #define	TAR_UID		"0"
138 #define	TAR_GID		"0"
139 #define	TAR_MODE	"0600"
140 #define	TAR_USTAR	"ustar"
141 
142 #define	TAR_CONFIG_FILENAME	"config.txt"	/* Kernel configuration. */
143 #define	TAR_MSGBUF_FILENAME	"msgbuf.txt"	/* Kernel messsage buffer. */
144 #define	TAR_PANIC_FILENAME	"panic.txt"	/* Panic message. */
145 #define	TAR_VERSION_FILENAME	"version.txt"	/* Kernel version. */
146 
147 /*
148  * Configure which files will be dumped.
149  */
150 #ifdef INCLUDE_CONFIG_FILE
151 static int textdump_do_config = 1;
152 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_config, CTLFLAG_RW,
153     &textdump_do_config, 0, "Dump kernel configuration in textdump");
154 #endif
155 
156 static int textdump_do_ddb = 1;
157 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_ddb, CTLFLAG_RW,
158     &textdump_do_ddb, 0, "Dump DDB captured output in textdump");
159 
160 static int textdump_do_msgbuf = 1;
161 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_msgbuf, CTLFLAG_RW,
162     &textdump_do_msgbuf, 0, "Dump kernel message buffer in textdump");
163 
164 static int textdump_do_panic = 1;
165 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_panic, CTLFLAG_RW,
166     &textdump_do_panic, 0, "Dump kernel panic message in textdump");
167 
168 static int textdump_do_version = 1;
169 SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_version, CTLFLAG_RW,
170     &textdump_do_version, 0, "Dump kernel version string in textdump");
171 
172 /*
173  * State related to incremental writing of blocks to disk.
174  */
175 static off_t textdump_offset;		/* Offset of next sequential write. */
176 static int textdump_error;		/* Carried write error, if any. */
177 
178 /*
179  * Statically allocate space to prepare block-sized headers and data.
180  */
181 char textdump_block_buffer[TEXTDUMP_BLOCKSIZE];
182 static struct kerneldumpheader kdh;
183 
184 /*
185  * Calculate and fill in the checksum for a ustar header.
186  */
187 static void
188 ustar_checksum(struct ustar_header *uhp)
189 {
190 	u_int sum;
191 	int i;
192 
193 	for (i = 0; i < sizeof(uhp->uh_sum); i++)
194 		uhp->uh_sum[i] = ' ';
195 	sum = 0;
196 	for (i = 0; i < sizeof(*uhp); i++)
197 		sum += ((u_char *)uhp)[i];
198 	snprintf(uhp->uh_sum, sizeof(uhp->uh_sum), "%6o", sum);
199 }
200 
201 /*
202  * Each file in the tarball has a block-sized header with its name and other,
203  * largely hard-coded, properties.
204  */
205 void
206 textdump_mkustar(char *block_buffer, const char *filename, u_int size)
207 {
208 	struct ustar_header *uhp;
209 
210 #ifdef TEXTDUMP_VERBOSE
211 	if (textdump_error == 0)
212 		printf("textdump: creating '%s'.\n", filename);
213 #endif
214 	uhp = (struct ustar_header *)block_buffer;
215 	bzero(uhp, sizeof(*uhp));
216 	strlcpy(uhp->uh_filename, filename, sizeof(uhp->uh_filename));
217 	strlcpy(uhp->uh_mode, TAR_MODE, sizeof(uhp->uh_mode));
218 	snprintf(uhp->uh_size, sizeof(uhp->uh_size), "%o", size);
219 	strlcpy(uhp->uh_tar_owner, TAR_UID, sizeof(uhp->uh_tar_owner));
220 	strlcpy(uhp->uh_tar_group, TAR_GID, sizeof(uhp->uh_tar_group));
221 	strlcpy(uhp->uh_owner, TAR_USER, sizeof(uhp->uh_owner));
222 	strlcpy(uhp->uh_group, TAR_GROUP, sizeof(uhp->uh_group));
223 	snprintf(uhp->uh_mtime, sizeof(uhp->uh_mtime), "%lo",
224 	    (unsigned long)time_second);
225 	uhp->uh_type = 0;
226 	strlcpy(uhp->uh_ustar, TAR_USTAR, sizeof(uhp->uh_ustar));
227 	ustar_checksum(uhp);
228 }
229 
230 /*
231  * textdump_writeblock() writes TEXTDUMP_BLOCKSIZE-sized blocks of data to
232  * the space between di->mediaoffset and di->mediaoffset + di->mediasize.  It
233  * accepts an offset relative to di->mediaoffset.  If we're carrying any
234  * error from previous I/O, return that error and don't continue to try to
235  * write.  Most writers ignore the error and forge ahead on the basis that
236  * there's not much you can do.
237  */
238 static int
239 textdump_writeblock(struct dumperinfo *di, off_t offset, char *buffer)
240 {
241 
242 	if (textdump_error)
243 		return (textdump_error);
244 	if (offset + TEXTDUMP_BLOCKSIZE > di->mediasize)
245 		return (EIO);
246 	if (offset < SIZEOF_METADATA)
247 		return (ENOSPC);
248 	textdump_error = dump_write(di, buffer, 0, offset + di->mediaoffset,
249 	    TEXTDUMP_BLOCKSIZE);
250 	if (textdump_error)
251 		printf("textdump_writeblock: offset %jd, error %d\n", (intmax_t)offset,
252 		    textdump_error);
253 	return (textdump_error);
254 }
255 
256 /*
257  * Interfaces to save and restore the dump offset, so that printers can go
258  * back to rewrite a header if required, while avoiding their knowing about
259  * the global layout of the blocks.
260  *
261  * If we ever want to support writing textdumps to tape or other
262  * stream-oriented target, we'll need to remove this.
263  */
264 void
265 textdump_saveoff(off_t *offsetp)
266 {
267 
268 	*offsetp = textdump_offset;
269 }
270 
271 void
272 textdump_restoreoff(off_t offset)
273 {
274 
275 	textdump_offset = offset;
276 }
277 
278 /*
279  * Interface to write the "next block" relative to the current offset; since
280  * we write backwards from the end of the partition, we subtract, but there's
281  * no reason for the caller to know this.
282  */
283 int
284 textdump_writenextblock(struct dumperinfo *di, char *buffer)
285 {
286 	int error;
287 
288 	error = textdump_writeblock(di, textdump_offset, buffer);
289 	textdump_offset -= TEXTDUMP_BLOCKSIZE;
290 	return (error);
291 }
292 
293 #ifdef INCLUDE_CONFIG_FILE
294 extern char kernconfstring[];
295 
296 /*
297  * Dump kernel configuration.
298  */
299 static void
300 textdump_dump_config(struct dumperinfo *di)
301 {
302 	u_int count, fullblocks, len;
303 
304 	len = strlen(kernconfstring);
305 	textdump_mkustar(textdump_block_buffer, TAR_CONFIG_FILENAME, len);
306 	(void)textdump_writenextblock(di, textdump_block_buffer);
307 
308 	/*
309 	 * Write out all full blocks directly from the string, and handle any
310 	 * left-over bits by copying it to out to the local buffer and
311 	 * zero-padding it.
312 	 */
313 	fullblocks = len / TEXTDUMP_BLOCKSIZE;
314 	for (count = 0; count < fullblocks; count++)
315 		(void)textdump_writenextblock(di, kernconfstring + count *
316 		    TEXTDUMP_BLOCKSIZE);
317 	if (len % TEXTDUMP_BLOCKSIZE != 0) {
318 		bzero(textdump_block_buffer, TEXTDUMP_BLOCKSIZE);
319 		bcopy(kernconfstring + count * TEXTDUMP_BLOCKSIZE,
320 		    textdump_block_buffer, len % TEXTDUMP_BLOCKSIZE);
321 		(void)textdump_writenextblock(di, textdump_block_buffer);
322 	}
323 }
324 #endif /* INCLUDE_CONFIG_FILE */
325 
326 /*
327  * Dump kernel message buffer.
328  */
329 static void
330 textdump_dump_msgbuf(struct dumperinfo *di)
331 {
332 	off_t end_offset, tarhdr_offset;
333 	u_int i, len, offset, seq, total_len;
334 	char buf[16];
335 
336 	/*
337 	 * Write out a dummy tar header to advance the offset; we'll rewrite
338 	 * it later once we know the true size.
339 	 */
340 	textdump_saveoff(&tarhdr_offset);
341 	textdump_mkustar(textdump_block_buffer, TAR_MSGBUF_FILENAME, 0);
342 	(void)textdump_writenextblock(di, textdump_block_buffer);
343 
344 	/*
345 	 * Copy out the data in small chunks, but don't copy nuls that may be
346 	 * present if the message buffer has not yet completely filled at
347 	 * least once.
348 	 */
349 	total_len = 0;
350 	offset = 0;
351 	msgbuf_peekbytes(msgbufp, NULL, 0, &seq);
352 	while ((len = msgbuf_peekbytes(msgbufp, buf, sizeof(buf), &seq)) > 0) {
353 		for (i = 0; i < len; i++) {
354 			if (buf[i] == '\0')
355 				continue;
356 			textdump_block_buffer[offset] = buf[i];
357 			offset++;
358 			if (offset != sizeof(textdump_block_buffer))
359 				continue;
360 			(void)textdump_writenextblock(di,
361 			    textdump_block_buffer);
362 			total_len += offset;
363 			offset = 0;
364 		}
365 	}
366 	total_len += offset;	/* Without the zero-padding. */
367 	if (offset != 0) {
368 		bzero(textdump_block_buffer + offset,
369 		    sizeof(textdump_block_buffer) - offset);
370 		(void)textdump_writenextblock(di, textdump_block_buffer);
371 	}
372 
373 	/*
374 	 * Rewrite tar header to reflect how much was actually written.
375 	 */
376 	textdump_saveoff(&end_offset);
377 	textdump_restoreoff(tarhdr_offset);
378 	textdump_mkustar(textdump_block_buffer, TAR_MSGBUF_FILENAME,
379 	    total_len);
380 	(void)textdump_writenextblock(di, textdump_block_buffer);
381 	textdump_restoreoff(end_offset);
382 }
383 
384 static void
385 textdump_dump_panic(struct dumperinfo *di)
386 {
387 	u_int len;
388 
389 	/*
390 	 * Write out tar header -- we store up to one block of panic message.
391 	 */
392 	len = min(strlen(panicstr), TEXTDUMP_BLOCKSIZE);
393 	textdump_mkustar(textdump_block_buffer, TAR_PANIC_FILENAME, len);
394 	(void)textdump_writenextblock(di, textdump_block_buffer);
395 
396 	/*
397 	 * Zero-pad the panic string and write out block.
398 	 */
399 	bzero(textdump_block_buffer, sizeof(textdump_block_buffer));
400 	bcopy(panicstr, textdump_block_buffer, len);
401 	(void)textdump_writenextblock(di, textdump_block_buffer);
402 }
403 
404 static void
405 textdump_dump_version(struct dumperinfo *di)
406 {
407 	u_int len;
408 
409 	/*
410 	 * Write out tar header -- at most one block of version information.
411 	 */
412 	len = min(strlen(version), TEXTDUMP_BLOCKSIZE);
413 	textdump_mkustar(textdump_block_buffer, TAR_VERSION_FILENAME, len);
414 	(void)textdump_writenextblock(di, textdump_block_buffer);
415 
416 	/*
417 	 * Zero pad the version string and write out block.
418 	 */
419 	bzero(textdump_block_buffer, sizeof(textdump_block_buffer));
420 	bcopy(version, textdump_block_buffer, len);
421 	(void)textdump_writenextblock(di, textdump_block_buffer);
422 }
423 
424 /*
425  * Commit text dump to disk.
426  */
427 void
428 textdump_dumpsys(struct dumperinfo *di)
429 {
430 	struct kerneldumpcrypto *kdc;
431 	off_t dumplen, trailer_offset;
432 
433 	if (di->blocksize != TEXTDUMP_BLOCKSIZE) {
434 		printf("Dump partition block size (%ju) not textdump "
435 		    "block size (%ju)", (uintmax_t)di->blocksize,
436 		    (uintmax_t)TEXTDUMP_BLOCKSIZE);
437 		return;
438 	}
439 
440 	/*
441 	 * We don't know a priori how large the dump will be, but we do know
442 	 * that we need to reserve space for metadata and that we need two
443 	 * dump headers.  Also leave room for one ustar header and one block
444 	 * of data.
445 	 */
446 	if (di->mediasize < SIZEOF_METADATA + 2 * sizeof(kdh)) {
447 		printf("Insufficient space on dump partition for minimal textdump.\n");
448 		return;
449 	}
450 	textdump_error = 0;
451 
452 	/*
453 	 * Disable EKCD because we don't provide encrypted textdumps.
454 	 */
455 	kdc = di->kdc;
456 	di->kdc = NULL;
457 
458 	/*
459 	 * Position the start of the dump so that we'll write the kernel dump
460 	 * trailer immediately before the end of the partition, and then work
461 	 * our way back.  We will rewrite this header later to reflect the
462 	 * true size if things go well.
463 	 */
464 	textdump_offset = di->mediasize - sizeof(kdh);
465 	textdump_saveoff(&trailer_offset);
466 	mkdumpheader(&kdh, TEXTDUMPMAGIC, KERNELDUMP_TEXT_VERSION, 0, 0,
467 	    TEXTDUMP_BLOCKSIZE);
468 	(void)textdump_writenextblock(di, (char *)&kdh);
469 
470 	/*
471 	 * Write a series of files in ustar format.
472 	 */
473 	if (textdump_do_ddb)
474 		db_capture_dump(di);
475 #ifdef INCLUDE_CONFIG_FILE
476 	if (textdump_do_config)
477 		textdump_dump_config(di);
478 #endif
479 	if (textdump_do_msgbuf)
480 		textdump_dump_msgbuf(di);
481 	if (textdump_do_panic && panicstr != NULL)
482 		textdump_dump_panic(di);
483 	if (textdump_do_version)
484 		textdump_dump_version(di);
485 
486 	/*
487 	 * Now that we know the true size, we can write out the header, then
488 	 * seek back to the end and rewrite the trailer with the correct
489 	 * size.
490 	 */
491 	dumplen = trailer_offset - (textdump_offset + TEXTDUMP_BLOCKSIZE);
492 	mkdumpheader(&kdh, TEXTDUMPMAGIC, KERNELDUMP_TEXT_VERSION, dumplen, 0,
493 	    TEXTDUMP_BLOCKSIZE);
494 	(void)textdump_writenextblock(di, (char *)&kdh);
495 	textdump_restoreoff(trailer_offset);
496 	(void)textdump_writenextblock(di, (char *)&kdh);
497 
498 	/*
499 	 * Terminate the dump, report any errors, and clear the pending flag.
500 	 */
501 	if (textdump_error == 0)
502 		(void)dump_write(di, NULL, 0, 0, 0);
503 	if (textdump_error == ENOSPC)
504 		printf("Textdump: Insufficient space on dump partition\n");
505 	else if (textdump_error != 0)
506 		printf("Textdump: Error %d writing dump\n", textdump_error);
507 	else
508 		printf("Textdump complete.\n");
509 	textdump_pending = 0;
510 
511 	/*
512 	 * Restore EKCD status.
513 	 */
514 	di->kdc = kdc;
515 }
516 
517 /*-
518  * DDB(4) command to manage textdumps:
519  *
520  * textdump set        - request a textdump
521  * textdump status     - print DDB output textdump status
522  * textdump unset      - clear textdump request
523  */
524 static void
525 db_textdump_usage(void)
526 {
527 
528 	db_printf("textdump [unset|set|status|dump]\n");
529 }
530 
531 void
532 db_textdump_cmd(db_expr_t addr, bool have_addr, db_expr_t count, char *modif)
533 {
534 	int t;
535 
536 	t = db_read_token();
537 	if (t != tIDENT) {
538 		db_textdump_usage();
539 		return;
540 	}
541 	if (db_read_token() != tEOL) {
542 		db_textdump_usage();
543 		return;
544 	}
545 	if (strcmp(db_tok_string, "set") == 0) {
546 		textdump_pending = 1;
547 		db_printf("textdump set\n");
548 	} else if (strcmp(db_tok_string, "status") == 0) {
549 		if (textdump_pending)
550 			db_printf("textdump is set\n");
551 		else
552 			db_printf("textdump is not set\n");
553 	} else if (strcmp(db_tok_string, "unset") == 0) {
554 		textdump_pending = 0;
555 		db_printf("textdump unset\n");
556 	} else if (strcmp(db_tok_string, "dump") == 0) {
557 		textdump_pending = 1;
558 		doadump(true);
559 	} else {
560 		db_textdump_usage();
561 	}
562 }
563