1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/capsicum.h> 50 #include <sys/errno.h> 51 #define _KERNEL 52 #include <sys/time.h> 53 #undef _KERNEL 54 #include <sys/uio.h> 55 #include <sys/ktrace.h> 56 #include <sys/ioctl.h> 57 #include <sys/socket.h> 58 #include <sys/stat.h> 59 #include <sys/sysent.h> 60 #include <sys/umtx.h> 61 #include <sys/un.h> 62 #include <sys/queue.h> 63 #include <sys/wait.h> 64 #ifdef HAVE_LIBCAPSICUM 65 #include <sys/nv.h> 66 #endif 67 #include <arpa/inet.h> 68 #include <netinet/in.h> 69 #include <ctype.h> 70 #include <err.h> 71 #include <grp.h> 72 #include <inttypes.h> 73 #ifdef HAVE_LIBCAPSICUM 74 #include <libcapsicum.h> 75 #include <libcapsicum_grp.h> 76 #include <libcapsicum_pwd.h> 77 #include <libcapsicum_service.h> 78 #endif 79 #include <locale.h> 80 #include <netdb.h> 81 #include <nl_types.h> 82 #include <pwd.h> 83 #include <stdio.h> 84 #include <stdlib.h> 85 #include <string.h> 86 #include <sysdecode.h> 87 #include <termios.h> 88 #include <time.h> 89 #include <unistd.h> 90 #include <vis.h> 91 #include "ktrace.h" 92 #include "kdump_subr.h" 93 94 u_int abidump(struct ktr_header *); 95 int fetchprocinfo(struct ktr_header *, u_int *); 96 int fread_tail(void *, int, int); 97 void dumpheader(struct ktr_header *); 98 void ktrsyscall(struct ktr_syscall *, u_int); 99 void ktrsysret(struct ktr_sysret *, u_int); 100 void ktrnamei(char *, int); 101 void hexdump(char *, int, int); 102 void visdump(char *, int, int); 103 void ktrgenio(struct ktr_genio *, int); 104 void ktrpsig(struct ktr_psig *); 105 void ktrcsw(struct ktr_csw *); 106 void ktrcsw_old(struct ktr_csw_old *); 107 void ktruser_malloc(void *); 108 void ktruser_rtld(int, void *); 109 void ktruser(int, void *); 110 void ktrcaprights(cap_rights_t *); 111 void ktrsockaddr(struct sockaddr *); 112 void ktrstat(struct stat *); 113 void ktrstruct(char *, size_t); 114 void ktrcapfail(struct ktr_cap_fail *); 115 void ktrfault(struct ktr_fault *); 116 void ktrfaultend(struct ktr_faultend *); 117 void limitfd(int fd); 118 void usage(void); 119 120 #define TIMESTAMP_NONE 0x0 121 #define TIMESTAMP_ABSOLUTE 0x1 122 #define TIMESTAMP_ELAPSED 0x2 123 #define TIMESTAMP_RELATIVE 0x4 124 125 extern const char *signames[]; 126 127 static int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 128 resolv = 0, abiflag = 0, syscallno = 0; 129 static const char *tracefile = DEF_TRACEFILE; 130 static struct ktr_header ktr_header; 131 132 #define TIME_FORMAT "%b %e %T %Y" 133 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 134 135 #define print_number(i,n,c) do { \ 136 if (decimal) \ 137 printf("%c%jd", c, (intmax_t)*i); \ 138 else \ 139 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 140 i++; \ 141 n--; \ 142 c = ','; \ 143 } while (0) 144 145 #if defined(__amd64__) || defined(__i386__) 146 147 void linux_ktrsysret(struct ktr_sysret *, u_int); 148 149 /* 150 * from linux.h 151 * Linux syscalls return negative errno's, we do positive and map them 152 */ 153 static int bsd_to_linux_errno[ELAST + 1] = { 154 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 155 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 156 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 157 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 158 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 159 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 160 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 161 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 162 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 163 -72, -67, -71 164 }; 165 #endif 166 167 struct proc_info 168 { 169 TAILQ_ENTRY(proc_info) info; 170 u_int sv_flags; 171 pid_t pid; 172 }; 173 174 static TAILQ_HEAD(trace_procs, proc_info) trace_procs; 175 176 #ifdef HAVE_LIBCAPSICUM 177 static cap_channel_t *cappwd, *capgrp; 178 #endif 179 180 static void 181 strerror_init(void) 182 { 183 184 /* 185 * Cache NLS data before entering capability mode. 186 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 187 */ 188 (void)catopen("libc", NL_CAT_LOCALE); 189 } 190 191 static void 192 localtime_init(void) 193 { 194 time_t ltime; 195 196 /* 197 * Allow localtime(3) to cache /etc/localtime content before entering 198 * capability mode. 199 * XXXPJD: There should be localtime_init() in libc. 200 */ 201 (void)time(<ime); 202 (void)localtime(<ime); 203 } 204 205 #ifdef HAVE_LIBCAPSICUM 206 static int 207 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp) 208 { 209 cap_channel_t *capcas, *cappwdloc, *capgrploc; 210 const char *cmds[1], *fields[1]; 211 212 capcas = cap_init(); 213 if (capcas == NULL) { 214 warn("unable to contact casperd"); 215 return (-1); 216 } 217 cappwdloc = cap_service_open(capcas, "system.pwd"); 218 capgrploc = cap_service_open(capcas, "system.grp"); 219 /* Casper capability no longer needed. */ 220 cap_close(capcas); 221 if (cappwdloc == NULL || capgrploc == NULL) { 222 if (cappwdloc == NULL) 223 warn("unable to open system.pwd service"); 224 if (capgrploc == NULL) 225 warn("unable to open system.grp service"); 226 exit(1); 227 } 228 /* Limit system.pwd to only getpwuid() function and pw_name field. */ 229 cmds[0] = "getpwuid"; 230 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0) 231 err(1, "unable to limit system.pwd service"); 232 fields[0] = "pw_name"; 233 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0) 234 err(1, "unable to limit system.pwd service"); 235 /* Limit system.grp to only getgrgid() function and gr_name field. */ 236 cmds[0] = "getgrgid"; 237 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0) 238 err(1, "unable to limit system.grp service"); 239 fields[0] = "gr_name"; 240 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0) 241 err(1, "unable to limit system.grp service"); 242 243 *cappwdp = cappwdloc; 244 *capgrpp = capgrploc; 245 return (0); 246 } 247 #endif /* HAVE_LIBCAPSICUM */ 248 249 int 250 main(int argc, char *argv[]) 251 { 252 int ch, ktrlen, size; 253 void *m; 254 int trpoints = ALL_POINTS; 255 int drop_logged; 256 pid_t pid = 0; 257 u_int sv_flags; 258 259 setlocale(LC_CTYPE, ""); 260 261 timestamp = TIMESTAMP_NONE; 262 263 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1) 264 switch (ch) { 265 case 'A': 266 abiflag = 1; 267 break; 268 case 'f': 269 tracefile = optarg; 270 break; 271 case 'd': 272 decimal = 1; 273 break; 274 case 'l': 275 tail = 1; 276 break; 277 case 'm': 278 maxdata = atoi(optarg); 279 break; 280 case 'n': 281 fancy = 0; 282 break; 283 case 'p': 284 pid = atoi(optarg); 285 break; 286 case 'r': 287 resolv = 1; 288 break; 289 case 'S': 290 syscallno = 1; 291 break; 292 case 's': 293 suppressdata = 1; 294 break; 295 case 'E': 296 timestamp |= TIMESTAMP_ELAPSED; 297 break; 298 case 'H': 299 threads = 1; 300 break; 301 case 'R': 302 timestamp |= TIMESTAMP_RELATIVE; 303 break; 304 case 'T': 305 timestamp |= TIMESTAMP_ABSOLUTE; 306 break; 307 case 't': 308 trpoints = getpoints(optarg); 309 if (trpoints < 0) 310 errx(1, "unknown trace point in %s", optarg); 311 break; 312 default: 313 usage(); 314 } 315 316 if (argc > optind) 317 usage(); 318 319 m = malloc(size = 1025); 320 if (m == NULL) 321 errx(1, "%s", strerror(ENOMEM)); 322 if (!freopen(tracefile, "r", stdin)) 323 err(1, "%s", tracefile); 324 325 strerror_init(); 326 localtime_init(); 327 #ifdef HAVE_LIBCAPSICUM 328 if (resolv != 0) { 329 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) { 330 cappwd = NULL; 331 capgrp = NULL; 332 } 333 } 334 if (resolv == 0 || (cappwd != NULL && capgrp != NULL)) { 335 if (cap_enter() < 0 && errno != ENOSYS) 336 err(1, "unable to enter capability mode"); 337 } 338 #else 339 if (resolv == 0) { 340 if (cap_enter() < 0 && errno != ENOSYS) 341 err(1, "unable to enter capability mode"); 342 } 343 #endif 344 limitfd(STDIN_FILENO); 345 limitfd(STDOUT_FILENO); 346 limitfd(STDERR_FILENO); 347 348 TAILQ_INIT(&trace_procs); 349 drop_logged = 0; 350 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 351 if (ktr_header.ktr_type & KTR_DROP) { 352 ktr_header.ktr_type &= ~KTR_DROP; 353 if (!drop_logged && threads) { 354 printf( 355 "%6jd %6jd %-8.*s Events dropped.\n", 356 (intmax_t)ktr_header.ktr_pid, 357 ktr_header.ktr_tid > 0 ? 358 (intmax_t)ktr_header.ktr_tid : 0, 359 MAXCOMLEN, ktr_header.ktr_comm); 360 drop_logged = 1; 361 } else if (!drop_logged) { 362 printf("%6jd %-8.*s Events dropped.\n", 363 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 364 ktr_header.ktr_comm); 365 drop_logged = 1; 366 } 367 } 368 if (trpoints & (1<<ktr_header.ktr_type)) 369 if (pid == 0 || ktr_header.ktr_pid == pid || 370 ktr_header.ktr_tid == pid) 371 dumpheader(&ktr_header); 372 if ((ktrlen = ktr_header.ktr_len) < 0) 373 errx(1, "bogus length 0x%x", ktrlen); 374 if (ktrlen > size) { 375 m = realloc(m, ktrlen+1); 376 if (m == NULL) 377 errx(1, "%s", strerror(ENOMEM)); 378 size = ktrlen; 379 } 380 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 381 errx(1, "data too short"); 382 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 383 continue; 384 sv_flags = abidump(&ktr_header); 385 if (pid && ktr_header.ktr_pid != pid && 386 ktr_header.ktr_tid != pid) 387 continue; 388 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 389 continue; 390 drop_logged = 0; 391 switch (ktr_header.ktr_type) { 392 case KTR_SYSCALL: 393 ktrsyscall((struct ktr_syscall *)m, sv_flags); 394 break; 395 case KTR_SYSRET: 396 #if defined(__amd64__) || defined(__i386__) 397 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 398 linux_ktrsysret((struct ktr_sysret *)m, 399 sv_flags); 400 else 401 #endif 402 ktrsysret((struct ktr_sysret *)m, sv_flags); 403 break; 404 case KTR_NAMEI: 405 case KTR_SYSCTL: 406 ktrnamei(m, ktrlen); 407 break; 408 case KTR_GENIO: 409 ktrgenio((struct ktr_genio *)m, ktrlen); 410 break; 411 case KTR_PSIG: 412 ktrpsig((struct ktr_psig *)m); 413 break; 414 case KTR_CSW: 415 if (ktrlen == sizeof(struct ktr_csw_old)) 416 ktrcsw_old((struct ktr_csw_old *)m); 417 else 418 ktrcsw((struct ktr_csw *)m); 419 break; 420 case KTR_USER: 421 ktruser(ktrlen, m); 422 break; 423 case KTR_STRUCT: 424 ktrstruct(m, ktrlen); 425 break; 426 case KTR_CAPFAIL: 427 ktrcapfail((struct ktr_cap_fail *)m); 428 break; 429 case KTR_FAULT: 430 ktrfault((struct ktr_fault *)m); 431 break; 432 case KTR_FAULTEND: 433 ktrfaultend((struct ktr_faultend *)m); 434 break; 435 default: 436 printf("\n"); 437 break; 438 } 439 if (tail) 440 fflush(stdout); 441 } 442 return 0; 443 } 444 445 void 446 limitfd(int fd) 447 { 448 cap_rights_t rights; 449 unsigned long cmd; 450 451 cap_rights_init(&rights, CAP_FSTAT); 452 cmd = 0; 453 454 switch (fd) { 455 case STDIN_FILENO: 456 cap_rights_set(&rights, CAP_READ); 457 break; 458 case STDOUT_FILENO: 459 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE); 460 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 461 break; 462 case STDERR_FILENO: 463 cap_rights_set(&rights, CAP_WRITE); 464 if (!suppressdata) { 465 cap_rights_set(&rights, CAP_IOCTL); 466 cmd = TIOCGWINSZ; 467 } 468 break; 469 default: 470 abort(); 471 } 472 473 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) 474 err(1, "unable to limit rights for descriptor %d", fd); 475 if (cmd != 0 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 476 err(1, "unable to limit ioctls for descriptor %d", fd); 477 } 478 479 int 480 fread_tail(void *buf, int size, int num) 481 { 482 int i; 483 484 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 485 sleep(1); 486 clearerr(stdin); 487 } 488 return (i); 489 } 490 491 int 492 fetchprocinfo(struct ktr_header *kth, u_int *flags) 493 { 494 struct proc_info *pi; 495 496 switch (kth->ktr_type) { 497 case KTR_PROCCTOR: 498 TAILQ_FOREACH(pi, &trace_procs, info) { 499 if (pi->pid == kth->ktr_pid) { 500 TAILQ_REMOVE(&trace_procs, pi, info); 501 break; 502 } 503 } 504 pi = malloc(sizeof(struct proc_info)); 505 if (pi == NULL) 506 errx(1, "%s", strerror(ENOMEM)); 507 pi->sv_flags = *flags; 508 pi->pid = kth->ktr_pid; 509 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 510 return (1); 511 512 case KTR_PROCDTOR: 513 TAILQ_FOREACH(pi, &trace_procs, info) { 514 if (pi->pid == kth->ktr_pid) { 515 TAILQ_REMOVE(&trace_procs, pi, info); 516 free(pi); 517 break; 518 } 519 } 520 return (1); 521 } 522 523 return (0); 524 } 525 526 u_int 527 abidump(struct ktr_header *kth) 528 { 529 struct proc_info *pi; 530 const char *abi; 531 const char *arch; 532 u_int flags = 0; 533 534 TAILQ_FOREACH(pi, &trace_procs, info) { 535 if (pi->pid == kth->ktr_pid) { 536 flags = pi->sv_flags; 537 break; 538 } 539 } 540 541 if (abiflag == 0) 542 return (flags); 543 544 switch (flags & SV_ABI_MASK) { 545 case SV_ABI_LINUX: 546 abi = "L"; 547 break; 548 case SV_ABI_FREEBSD: 549 abi = "F"; 550 break; 551 default: 552 abi = "U"; 553 break; 554 } 555 556 if (flags != 0) { 557 if (flags & SV_LP64) 558 arch = "64"; 559 else 560 arch = "32"; 561 } else 562 arch = "00"; 563 564 printf("%s%s ", abi, arch); 565 566 return (flags); 567 } 568 569 void 570 dumpheader(struct ktr_header *kth) 571 { 572 static char unknown[64]; 573 static struct timeval prevtime, prevtime_e, temp; 574 const char *type; 575 const char *sign; 576 577 switch (kth->ktr_type) { 578 case KTR_SYSCALL: 579 type = "CALL"; 580 break; 581 case KTR_SYSRET: 582 type = "RET "; 583 break; 584 case KTR_NAMEI: 585 type = "NAMI"; 586 break; 587 case KTR_GENIO: 588 type = "GIO "; 589 break; 590 case KTR_PSIG: 591 type = "PSIG"; 592 break; 593 case KTR_CSW: 594 type = "CSW "; 595 break; 596 case KTR_USER: 597 type = "USER"; 598 break; 599 case KTR_STRUCT: 600 type = "STRU"; 601 break; 602 case KTR_SYSCTL: 603 type = "SCTL"; 604 break; 605 case KTR_PROCCTOR: 606 /* FALLTHROUGH */ 607 case KTR_PROCDTOR: 608 return; 609 case KTR_CAPFAIL: 610 type = "CAP "; 611 break; 612 case KTR_FAULT: 613 type = "PFLT"; 614 break; 615 case KTR_FAULTEND: 616 type = "PRET"; 617 break; 618 default: 619 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 620 type = unknown; 621 } 622 623 /* 624 * The ktr_tid field was previously the ktr_buffer field, which held 625 * the kernel pointer value for the buffer associated with data 626 * following the record header. It now holds a threadid, but only 627 * for trace files after the change. Older trace files still contain 628 * kernel pointers. Detect this and suppress the results by printing 629 * negative tid's as 0. 630 */ 631 if (threads) 632 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 633 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 634 MAXCOMLEN, kth->ktr_comm); 635 else 636 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 637 kth->ktr_comm); 638 if (timestamp) { 639 if (timestamp & TIMESTAMP_ABSOLUTE) { 640 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 641 kth->ktr_time.tv_usec); 642 } 643 if (timestamp & TIMESTAMP_ELAPSED) { 644 if (prevtime_e.tv_sec == 0) 645 prevtime_e = kth->ktr_time; 646 timevalsub(&kth->ktr_time, &prevtime_e); 647 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 648 kth->ktr_time.tv_usec); 649 timevaladd(&kth->ktr_time, &prevtime_e); 650 } 651 if (timestamp & TIMESTAMP_RELATIVE) { 652 if (prevtime.tv_sec == 0) 653 prevtime = kth->ktr_time; 654 temp = kth->ktr_time; 655 timevalsub(&kth->ktr_time, &prevtime); 656 if ((intmax_t)kth->ktr_time.tv_sec < 0) { 657 kth->ktr_time = prevtime; 658 prevtime = temp; 659 timevalsub(&kth->ktr_time, &prevtime); 660 sign = "-"; 661 } else { 662 prevtime = temp; 663 sign = ""; 664 } 665 printf("%s%jd.%06ld ", sign, (intmax_t)kth->ktr_time.tv_sec, 666 kth->ktr_time.tv_usec); 667 } 668 } 669 printf("%s ", type); 670 } 671 672 #include <sys/syscall.h> 673 674 static void 675 ioctlname(unsigned long val) 676 { 677 const char *str; 678 679 str = sysdecode_ioctlname(val); 680 if (str != NULL) 681 printf("%s", str); 682 else if (decimal) 683 printf("%lu", val); 684 else 685 printf("%#lx", val); 686 } 687 688 static enum sysdecode_abi 689 syscallabi(u_int sv_flags) 690 { 691 692 if (sv_flags == 0) 693 return (SYSDECODE_ABI_FREEBSD); 694 switch (sv_flags & SV_ABI_MASK) { 695 case SV_ABI_FREEBSD: 696 return (SYSDECODE_ABI_FREEBSD); 697 #if defined(__amd64__) || defined(__i386__) 698 case SV_ABI_LINUX: 699 #ifdef __amd64__ 700 if (sv_flags & SV_ILP32) 701 return (SYSDECODE_ABI_LINUX32); 702 #endif 703 return (SYSDECODE_ABI_LINUX); 704 #endif 705 default: 706 return (SYSDECODE_ABI_UNKNOWN); 707 } 708 } 709 710 static void 711 syscallname(u_int code, u_int sv_flags) 712 { 713 const char *name; 714 715 name = sysdecode_syscallname(syscallabi(sv_flags), code); 716 if (name == NULL) 717 printf("[%d]", code); 718 else { 719 printf("%s", name); 720 if (syscallno) 721 printf("[%d]", code); 722 } 723 } 724 725 void 726 ktrsyscall(struct ktr_syscall *ktr, u_int sv_flags) 727 { 728 int narg = ktr->ktr_narg; 729 register_t *ip; 730 intmax_t arg; 731 732 syscallname(ktr->ktr_code, sv_flags); 733 ip = &ktr->ktr_args[0]; 734 if (narg) { 735 char c = '('; 736 if (fancy && 737 (sv_flags == 0 || 738 (sv_flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 739 switch (ktr->ktr_code) { 740 case SYS_bindat: 741 case SYS_connectat: 742 case SYS_faccessat: 743 case SYS_fchmodat: 744 case SYS_fchownat: 745 case SYS_fstatat: 746 case SYS_futimesat: 747 case SYS_linkat: 748 case SYS_mkdirat: 749 case SYS_mkfifoat: 750 case SYS_mknodat: 751 case SYS_openat: 752 case SYS_readlinkat: 753 case SYS_renameat: 754 case SYS_unlinkat: 755 case SYS_utimensat: 756 putchar('('); 757 atfdname(*ip, decimal); 758 c = ','; 759 ip++; 760 narg--; 761 break; 762 } 763 switch (ktr->ktr_code) { 764 case SYS_ioctl: { 765 print_number(ip, narg, c); 766 putchar(c); 767 ioctlname(*ip); 768 c = ','; 769 ip++; 770 narg--; 771 break; 772 } 773 case SYS_ptrace: 774 putchar('('); 775 ptraceopname(*ip); 776 c = ','; 777 ip++; 778 narg--; 779 break; 780 case SYS_access: 781 case SYS_eaccess: 782 case SYS_faccessat: 783 print_number(ip, narg, c); 784 putchar(','); 785 accessmodename(*ip); 786 ip++; 787 narg--; 788 break; 789 case SYS_open: 790 case SYS_openat: 791 print_number(ip, narg, c); 792 putchar(','); 793 flagsandmodename(ip[0], ip[1], decimal); 794 ip += 2; 795 narg -= 2; 796 break; 797 case SYS_wait4: 798 print_number(ip, narg, c); 799 print_number(ip, narg, c); 800 /* 801 * A flags value of zero is valid for 802 * wait4() but not for wait6(), so 803 * handle zero special here. 804 */ 805 if (*ip == 0) { 806 print_number(ip, narg, c); 807 } else { 808 putchar(','); 809 wait6optname(*ip); 810 ip++; 811 narg--; 812 } 813 break; 814 case SYS_wait6: 815 putchar('('); 816 idtypename(*ip, decimal); 817 c = ','; 818 ip++; 819 narg--; 820 print_number(ip, narg, c); 821 print_number(ip, narg, c); 822 putchar(','); 823 wait6optname(*ip); 824 ip++; 825 narg--; 826 break; 827 case SYS_chmod: 828 case SYS_fchmod: 829 case SYS_lchmod: 830 print_number(ip, narg, c); 831 putchar(','); 832 modename(*ip); 833 ip++; 834 narg--; 835 break; 836 case SYS_mknod: 837 case SYS_mknodat: 838 print_number(ip, narg, c); 839 putchar(','); 840 modename(*ip); 841 ip++; 842 narg--; 843 break; 844 case SYS_getfsstat: 845 print_number(ip, narg, c); 846 print_number(ip, narg, c); 847 putchar(','); 848 getfsstatflagsname(*ip); 849 ip++; 850 narg--; 851 break; 852 case SYS_mount: 853 print_number(ip, narg, c); 854 print_number(ip, narg, c); 855 putchar(','); 856 mountflagsname(*ip); 857 ip++; 858 narg--; 859 break; 860 case SYS_unmount: 861 print_number(ip, narg, c); 862 putchar(','); 863 mountflagsname(*ip); 864 ip++; 865 narg--; 866 break; 867 case SYS_recvmsg: 868 case SYS_sendmsg: 869 print_number(ip, narg, c); 870 print_number(ip, narg, c); 871 putchar(','); 872 sendrecvflagsname(*ip); 873 ip++; 874 narg--; 875 break; 876 case SYS_recvfrom: 877 case SYS_sendto: 878 print_number(ip, narg, c); 879 print_number(ip, narg, c); 880 print_number(ip, narg, c); 881 putchar(','); 882 sendrecvflagsname(*ip); 883 ip++; 884 narg--; 885 break; 886 case SYS_chflags: 887 case SYS_fchflags: 888 case SYS_lchflags: 889 print_number(ip, narg, c); 890 putchar(','); 891 modename(*ip); 892 ip++; 893 narg--; 894 break; 895 case SYS_kill: 896 print_number(ip, narg, c); 897 putchar(','); 898 signame(*ip); 899 ip++; 900 narg--; 901 break; 902 case SYS_reboot: 903 putchar('('); 904 rebootoptname(*ip); 905 ip++; 906 narg--; 907 break; 908 case SYS_umask: 909 putchar('('); 910 modename(*ip); 911 ip++; 912 narg--; 913 break; 914 case SYS_msync: 915 print_number(ip, narg, c); 916 print_number(ip, narg, c); 917 putchar(','); 918 msyncflagsname(*ip); 919 ip++; 920 narg--; 921 break; 922 #ifdef SYS_freebsd6_mmap 923 case SYS_freebsd6_mmap: 924 print_number(ip, narg, c); 925 print_number(ip, narg, c); 926 putchar(','); 927 mmapprotname(*ip); 928 putchar(','); 929 ip++; 930 narg--; 931 mmapflagsname(*ip); 932 ip++; 933 narg--; 934 break; 935 #endif 936 case SYS_mmap: 937 print_number(ip, narg, c); 938 print_number(ip, narg, c); 939 putchar(','); 940 mmapprotname(*ip); 941 putchar(','); 942 ip++; 943 narg--; 944 mmapflagsname(*ip); 945 ip++; 946 narg--; 947 break; 948 case SYS_mprotect: 949 print_number(ip, narg, c); 950 print_number(ip, narg, c); 951 putchar(','); 952 mmapprotname(*ip); 953 ip++; 954 narg--; 955 break; 956 case SYS_madvise: 957 print_number(ip, narg, c); 958 print_number(ip, narg, c); 959 putchar(','); 960 madvisebehavname(*ip); 961 ip++; 962 narg--; 963 break; 964 case SYS_setpriority: 965 print_number(ip, narg, c); 966 print_number(ip, narg, c); 967 putchar(','); 968 prioname(*ip); 969 ip++; 970 narg--; 971 break; 972 case SYS_fcntl: 973 print_number(ip, narg, c); 974 putchar(','); 975 fcntlcmdname(ip[0], ip[1], decimal); 976 ip += 2; 977 narg -= 2; 978 break; 979 case SYS_socket: { 980 int sockdomain; 981 putchar('('); 982 sockdomain = *ip; 983 sockdomainname(sockdomain); 984 ip++; 985 narg--; 986 putchar(','); 987 socktypenamewithflags(*ip); 988 ip++; 989 narg--; 990 if (sockdomain == PF_INET || 991 sockdomain == PF_INET6) { 992 putchar(','); 993 sockipprotoname(*ip); 994 ip++; 995 narg--; 996 } 997 c = ','; 998 break; 999 } 1000 case SYS_setsockopt: 1001 case SYS_getsockopt: 1002 print_number(ip, narg, c); 1003 putchar(','); 1004 sockoptlevelname(*ip, decimal); 1005 if (*ip == SOL_SOCKET) { 1006 ip++; 1007 narg--; 1008 putchar(','); 1009 sockoptname(*ip); 1010 } 1011 ip++; 1012 narg--; 1013 break; 1014 #ifdef SYS_freebsd6_lseek 1015 case SYS_freebsd6_lseek: 1016 print_number(ip, narg, c); 1017 /* Hidden 'pad' argument, not in lseek(2) */ 1018 print_number(ip, narg, c); 1019 print_number(ip, narg, c); 1020 putchar(','); 1021 whencename(*ip); 1022 ip++; 1023 narg--; 1024 break; 1025 #endif 1026 case SYS_lseek: 1027 print_number(ip, narg, c); 1028 /* Hidden 'pad' argument, not in lseek(2) */ 1029 print_number(ip, narg, c); 1030 putchar(','); 1031 whencename(*ip); 1032 ip++; 1033 narg--; 1034 break; 1035 case SYS_flock: 1036 print_number(ip, narg, c); 1037 putchar(','); 1038 flockname(*ip); 1039 ip++; 1040 narg--; 1041 break; 1042 case SYS_mkfifo: 1043 case SYS_mkfifoat: 1044 case SYS_mkdir: 1045 case SYS_mkdirat: 1046 print_number(ip, narg, c); 1047 putchar(','); 1048 modename(*ip); 1049 ip++; 1050 narg--; 1051 break; 1052 case SYS_shutdown: 1053 print_number(ip, narg, c); 1054 putchar(','); 1055 shutdownhowname(*ip); 1056 ip++; 1057 narg--; 1058 break; 1059 case SYS_socketpair: 1060 putchar('('); 1061 sockdomainname(*ip); 1062 ip++; 1063 narg--; 1064 putchar(','); 1065 socktypenamewithflags(*ip); 1066 ip++; 1067 narg--; 1068 c = ','; 1069 break; 1070 case SYS_getrlimit: 1071 case SYS_setrlimit: 1072 putchar('('); 1073 rlimitname(*ip); 1074 ip++; 1075 narg--; 1076 c = ','; 1077 break; 1078 case SYS_quotactl: 1079 print_number(ip, narg, c); 1080 putchar(','); 1081 quotactlname(*ip); 1082 ip++; 1083 narg--; 1084 c = ','; 1085 break; 1086 case SYS_nfssvc: 1087 putchar('('); 1088 nfssvcname(*ip); 1089 ip++; 1090 narg--; 1091 c = ','; 1092 break; 1093 case SYS_rtprio: 1094 putchar('('); 1095 rtprioname(*ip); 1096 ip++; 1097 narg--; 1098 c = ','; 1099 break; 1100 case SYS___semctl: 1101 print_number(ip, narg, c); 1102 print_number(ip, narg, c); 1103 putchar(','); 1104 semctlname(*ip); 1105 ip++; 1106 narg--; 1107 break; 1108 case SYS_semget: 1109 print_number(ip, narg, c); 1110 print_number(ip, narg, c); 1111 putchar(','); 1112 semgetname(*ip); 1113 ip++; 1114 narg--; 1115 break; 1116 case SYS_msgctl: 1117 print_number(ip, narg, c); 1118 putchar(','); 1119 shmctlname(*ip); 1120 ip++; 1121 narg--; 1122 break; 1123 case SYS_shmat: 1124 print_number(ip, narg, c); 1125 print_number(ip, narg, c); 1126 putchar(','); 1127 shmatname(*ip); 1128 ip++; 1129 narg--; 1130 break; 1131 case SYS_shmctl: 1132 print_number(ip, narg, c); 1133 putchar(','); 1134 shmctlname(*ip); 1135 ip++; 1136 narg--; 1137 break; 1138 case SYS_shm_open: 1139 print_number(ip, narg, c); 1140 putchar(','); 1141 flagsname(ip[0]); 1142 printf(",0%o", (unsigned int)ip[1]); 1143 ip += 3; 1144 narg -= 3; 1145 break; 1146 case SYS_minherit: 1147 print_number(ip, narg, c); 1148 print_number(ip, narg, c); 1149 putchar(','); 1150 minheritname(*ip); 1151 ip++; 1152 narg--; 1153 break; 1154 case SYS_rfork: 1155 putchar('('); 1156 rforkname(*ip); 1157 ip++; 1158 narg--; 1159 c = ','; 1160 break; 1161 case SYS_lio_listio: 1162 putchar('('); 1163 lio_listioname(*ip); 1164 ip++; 1165 narg--; 1166 c = ','; 1167 break; 1168 case SYS_mlockall: 1169 putchar('('); 1170 mlockallname(*ip); 1171 ip++; 1172 narg--; 1173 break; 1174 case SYS_sched_setscheduler: 1175 print_number(ip, narg, c); 1176 putchar(','); 1177 schedpolicyname(*ip); 1178 ip++; 1179 narg--; 1180 break; 1181 case SYS_sched_get_priority_max: 1182 case SYS_sched_get_priority_min: 1183 putchar('('); 1184 schedpolicyname(*ip); 1185 ip++; 1186 narg--; 1187 break; 1188 case SYS_sendfile: 1189 print_number(ip, narg, c); 1190 print_number(ip, narg, c); 1191 print_number(ip, narg, c); 1192 print_number(ip, narg, c); 1193 print_number(ip, narg, c); 1194 print_number(ip, narg, c); 1195 putchar(','); 1196 sendfileflagsname(*(int *)ip); 1197 ip++; 1198 narg--; 1199 break; 1200 case SYS_kldsym: 1201 print_number(ip, narg, c); 1202 putchar(','); 1203 kldsymcmdname(*ip); 1204 ip++; 1205 narg--; 1206 break; 1207 case SYS_sigprocmask: 1208 putchar('('); 1209 sigprocmaskhowname(*ip); 1210 ip++; 1211 narg--; 1212 c = ','; 1213 break; 1214 case SYS___acl_get_file: 1215 case SYS___acl_set_file: 1216 case SYS___acl_get_fd: 1217 case SYS___acl_set_fd: 1218 case SYS___acl_delete_file: 1219 case SYS___acl_delete_fd: 1220 case SYS___acl_aclcheck_file: 1221 case SYS___acl_aclcheck_fd: 1222 case SYS___acl_get_link: 1223 case SYS___acl_set_link: 1224 case SYS___acl_delete_link: 1225 case SYS___acl_aclcheck_link: 1226 print_number(ip, narg, c); 1227 putchar(','); 1228 acltypename(*ip); 1229 ip++; 1230 narg--; 1231 break; 1232 case SYS_sigaction: 1233 putchar('('); 1234 signame(*ip); 1235 ip++; 1236 narg--; 1237 c = ','; 1238 break; 1239 case SYS_extattrctl: 1240 print_number(ip, narg, c); 1241 putchar(','); 1242 extattrctlname(*ip); 1243 ip++; 1244 narg--; 1245 break; 1246 case SYS_nmount: 1247 print_number(ip, narg, c); 1248 print_number(ip, narg, c); 1249 putchar(','); 1250 mountflagsname(*ip); 1251 ip++; 1252 narg--; 1253 break; 1254 case SYS_thr_create: 1255 print_number(ip, narg, c); 1256 print_number(ip, narg, c); 1257 putchar(','); 1258 thrcreateflagsname(*ip); 1259 ip++; 1260 narg--; 1261 break; 1262 case SYS_thr_kill: 1263 print_number(ip, narg, c); 1264 putchar(','); 1265 signame(*ip); 1266 ip++; 1267 narg--; 1268 break; 1269 case SYS_kldunloadf: 1270 print_number(ip, narg, c); 1271 putchar(','); 1272 kldunloadfflagsname(*ip); 1273 ip++; 1274 narg--; 1275 break; 1276 case SYS_linkat: 1277 case SYS_renameat: 1278 case SYS_symlinkat: 1279 print_number(ip, narg, c); 1280 putchar(','); 1281 atfdname(*ip, decimal); 1282 ip++; 1283 narg--; 1284 break; 1285 case SYS_cap_fcntls_limit: 1286 print_number(ip, narg, c); 1287 putchar(','); 1288 arg = *ip; 1289 ip++; 1290 narg--; 1291 capfcntlname(arg); 1292 break; 1293 case SYS_posix_fadvise: 1294 print_number(ip, narg, c); 1295 print_number(ip, narg, c); 1296 print_number(ip, narg, c); 1297 (void)putchar(','); 1298 fadvisebehavname((int)*ip); 1299 ip++; 1300 narg--; 1301 break; 1302 case SYS_procctl: 1303 putchar('('); 1304 idtypename(*ip, decimal); 1305 c = ','; 1306 ip++; 1307 narg--; 1308 print_number(ip, narg, c); 1309 putchar(','); 1310 procctlcmdname(*ip); 1311 ip++; 1312 narg--; 1313 break; 1314 case SYS__umtx_op: 1315 print_number(ip, narg, c); 1316 putchar(','); 1317 umtxopname(*ip); 1318 switch (*ip) { 1319 case UMTX_OP_CV_WAIT: 1320 ip++; 1321 narg--; 1322 putchar(','); 1323 umtxcvwaitflags(*ip); 1324 break; 1325 case UMTX_OP_RW_RDLOCK: 1326 ip++; 1327 narg--; 1328 putchar(','); 1329 umtxrwlockflags(*ip); 1330 break; 1331 } 1332 ip++; 1333 narg--; 1334 } 1335 } 1336 while (narg > 0) { 1337 print_number(ip, narg, c); 1338 } 1339 putchar(')'); 1340 } 1341 putchar('\n'); 1342 } 1343 1344 void 1345 ktrsysret(struct ktr_sysret *ktr, u_int sv_flags) 1346 { 1347 register_t ret = ktr->ktr_retval; 1348 int error = ktr->ktr_error; 1349 1350 syscallname(ktr->ktr_code, sv_flags); 1351 printf(" "); 1352 1353 if (error == 0) { 1354 if (fancy) { 1355 printf("%ld", (long)ret); 1356 if (ret < 0 || ret > 9) 1357 printf("/%#lx", (unsigned long)ret); 1358 } else { 1359 if (decimal) 1360 printf("%ld", (long)ret); 1361 else 1362 printf("%#lx", (unsigned long)ret); 1363 } 1364 } else if (error == ERESTART) 1365 printf("RESTART"); 1366 else if (error == EJUSTRETURN) 1367 printf("JUSTRETURN"); 1368 else { 1369 printf("-1 errno %d", ktr->ktr_error); 1370 if (fancy) 1371 printf(" %s", strerror(ktr->ktr_error)); 1372 } 1373 putchar('\n'); 1374 } 1375 1376 void 1377 ktrnamei(char *cp, int len) 1378 { 1379 printf("\"%.*s\"\n", len, cp); 1380 } 1381 1382 void 1383 hexdump(char *p, int len, int screenwidth) 1384 { 1385 int n, i; 1386 int width; 1387 1388 width = 0; 1389 do { 1390 width += 2; 1391 i = 13; /* base offset */ 1392 i += (width / 2) + 1; /* spaces every second byte */ 1393 i += (width * 2); /* width of bytes */ 1394 i += 3; /* " |" */ 1395 i += width; /* each byte */ 1396 i += 1; /* "|" */ 1397 } while (i < screenwidth); 1398 width -= 2; 1399 1400 for (n = 0; n < len; n += width) { 1401 for (i = n; i < n + width; i++) { 1402 if ((i % width) == 0) { /* beginning of line */ 1403 printf(" 0x%04x", i); 1404 } 1405 if ((i % 2) == 0) { 1406 printf(" "); 1407 } 1408 if (i < len) 1409 printf("%02x", p[i] & 0xff); 1410 else 1411 printf(" "); 1412 } 1413 printf(" |"); 1414 for (i = n; i < n + width; i++) { 1415 if (i >= len) 1416 break; 1417 if (p[i] >= ' ' && p[i] <= '~') 1418 printf("%c", p[i]); 1419 else 1420 printf("."); 1421 } 1422 printf("|\n"); 1423 } 1424 if ((i % width) != 0) 1425 printf("\n"); 1426 } 1427 1428 void 1429 visdump(char *dp, int datalen, int screenwidth) 1430 { 1431 int col = 0; 1432 char *cp; 1433 int width; 1434 char visbuf[5]; 1435 1436 printf(" \""); 1437 col = 8; 1438 for (;datalen > 0; datalen--, dp++) { 1439 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1440 cp = visbuf; 1441 /* 1442 * Keep track of printables and 1443 * space chars (like fold(1)). 1444 */ 1445 if (col == 0) { 1446 putchar('\t'); 1447 col = 8; 1448 } 1449 switch(*cp) { 1450 case '\n': 1451 col = 0; 1452 putchar('\n'); 1453 continue; 1454 case '\t': 1455 width = 8 - (col&07); 1456 break; 1457 default: 1458 width = strlen(cp); 1459 } 1460 if (col + width > (screenwidth-2)) { 1461 printf("\\\n\t"); 1462 col = 8; 1463 } 1464 col += width; 1465 do { 1466 putchar(*cp++); 1467 } while (*cp); 1468 } 1469 if (col == 0) 1470 printf(" "); 1471 printf("\"\n"); 1472 } 1473 1474 void 1475 ktrgenio(struct ktr_genio *ktr, int len) 1476 { 1477 int datalen = len - sizeof (struct ktr_genio); 1478 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1479 static int screenwidth = 0; 1480 int i, binary; 1481 1482 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1483 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1484 datalen == 1 ? "" : "s"); 1485 if (suppressdata) 1486 return; 1487 if (screenwidth == 0) { 1488 struct winsize ws; 1489 1490 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1491 ws.ws_col > 8) 1492 screenwidth = ws.ws_col; 1493 else 1494 screenwidth = 80; 1495 } 1496 if (maxdata && datalen > maxdata) 1497 datalen = maxdata; 1498 1499 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1500 if (dp[i] >= 32 && dp[i] < 127) 1501 continue; 1502 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1503 continue; 1504 binary = 1; 1505 } 1506 if (binary) 1507 hexdump(dp, datalen, screenwidth); 1508 else 1509 visdump(dp, datalen, screenwidth); 1510 } 1511 1512 const char *signames[] = { 1513 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1514 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1515 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1516 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1517 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1518 "USR2", NULL, /* 31 - 32 */ 1519 }; 1520 1521 void 1522 ktrpsig(struct ktr_psig *psig) 1523 { 1524 if (psig->signo > 0 && psig->signo < NSIG) 1525 printf("SIG%s ", signames[psig->signo]); 1526 else 1527 printf("SIG %d ", psig->signo); 1528 if (psig->action == SIG_DFL) { 1529 printf("SIG_DFL code="); 1530 sigcodename(psig->signo, psig->code); 1531 putchar('\n'); 1532 } else { 1533 printf("caught handler=0x%lx mask=0x%x code=", 1534 (u_long)psig->action, psig->mask.__bits[0]); 1535 sigcodename(psig->signo, psig->code); 1536 putchar('\n'); 1537 } 1538 } 1539 1540 void 1541 ktrcsw_old(struct ktr_csw_old *cs) 1542 { 1543 printf("%s %s\n", cs->out ? "stop" : "resume", 1544 cs->user ? "user" : "kernel"); 1545 } 1546 1547 void 1548 ktrcsw(struct ktr_csw *cs) 1549 { 1550 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1551 cs->user ? "user" : "kernel", cs->wmesg); 1552 } 1553 1554 void 1555 ktruser(int len, void *p) 1556 { 1557 unsigned char *cp; 1558 1559 if (sysdecode_utrace(stdout, p, len)) { 1560 printf("\n"); 1561 return; 1562 } 1563 1564 printf("%d ", len); 1565 cp = p; 1566 while (len--) 1567 if (decimal) 1568 printf(" %d", *cp++); 1569 else 1570 printf(" %02x", *cp++); 1571 printf("\n"); 1572 } 1573 1574 void 1575 ktrcaprights(cap_rights_t *rightsp) 1576 { 1577 1578 printf("cap_rights_t "); 1579 capname(rightsp); 1580 printf("\n"); 1581 } 1582 1583 void 1584 ktrsockaddr(struct sockaddr *sa) 1585 { 1586 /* 1587 TODO: Support additional address families 1588 #include <netnatm/natm.h> 1589 struct sockaddr_natm *natm; 1590 #include <netsmb/netbios.h> 1591 struct sockaddr_nb *nb; 1592 */ 1593 char addr[64]; 1594 1595 /* 1596 * note: ktrstruct() has already verified that sa points to a 1597 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1598 * sa->sa_len bytes long. 1599 */ 1600 printf("struct sockaddr { "); 1601 sockfamilyname(sa->sa_family); 1602 printf(", "); 1603 1604 #define check_sockaddr_len(n) \ 1605 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1606 printf("invalid"); \ 1607 break; \ 1608 } 1609 1610 switch(sa->sa_family) { 1611 case AF_INET: { 1612 struct sockaddr_in sa_in; 1613 1614 memset(&sa_in, 0, sizeof(sa_in)); 1615 memcpy(&sa_in, sa, sa->sa_len); 1616 check_sockaddr_len(in); 1617 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1618 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1619 break; 1620 } 1621 case AF_INET6: { 1622 struct sockaddr_in6 sa_in6; 1623 1624 memset(&sa_in6, 0, sizeof(sa_in6)); 1625 memcpy(&sa_in6, sa, sa->sa_len); 1626 check_sockaddr_len(in6); 1627 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1628 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1629 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1630 break; 1631 } 1632 case AF_UNIX: { 1633 struct sockaddr_un sa_un; 1634 1635 memset(&sa_un, 0, sizeof(sa_un)); 1636 memcpy(&sa_un, sa, sa->sa_len); 1637 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1638 break; 1639 } 1640 default: 1641 printf("unknown address family"); 1642 } 1643 printf(" }\n"); 1644 } 1645 1646 void 1647 ktrstat(struct stat *statp) 1648 { 1649 char mode[12], timestr[PATH_MAX + 4]; 1650 struct passwd *pwd; 1651 struct group *grp; 1652 struct tm *tm; 1653 1654 /* 1655 * note: ktrstruct() has already verified that statp points to a 1656 * buffer exactly sizeof(struct stat) bytes long. 1657 */ 1658 printf("struct stat {"); 1659 printf("dev=%ju, ino=%ju, ", 1660 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); 1661 if (resolv == 0) 1662 printf("mode=0%jo, ", (uintmax_t)statp->st_mode); 1663 else { 1664 strmode(statp->st_mode, mode); 1665 printf("mode=%s, ", mode); 1666 } 1667 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); 1668 if (resolv == 0) { 1669 pwd = NULL; 1670 } else { 1671 #ifdef HAVE_LIBCAPSICUM 1672 if (cappwd != NULL) 1673 pwd = cap_getpwuid(cappwd, statp->st_uid); 1674 else 1675 #endif 1676 pwd = getpwuid(statp->st_uid); 1677 } 1678 if (pwd == NULL) 1679 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1680 else 1681 printf("uid=\"%s\", ", pwd->pw_name); 1682 if (resolv == 0) { 1683 grp = NULL; 1684 } else { 1685 #ifdef HAVE_LIBCAPSICUM 1686 if (capgrp != NULL) 1687 grp = cap_getgrgid(capgrp, statp->st_gid); 1688 else 1689 #endif 1690 grp = getgrgid(statp->st_gid); 1691 } 1692 if (grp == NULL) 1693 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1694 else 1695 printf("gid=\"%s\", ", grp->gr_name); 1696 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1697 printf("atime="); 1698 if (resolv == 0) 1699 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1700 else { 1701 tm = localtime(&statp->st_atim.tv_sec); 1702 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1703 printf("\"%s\"", timestr); 1704 } 1705 if (statp->st_atim.tv_nsec != 0) 1706 printf(".%09ld, ", statp->st_atim.tv_nsec); 1707 else 1708 printf(", "); 1709 printf("stime="); 1710 if (resolv == 0) 1711 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1712 else { 1713 tm = localtime(&statp->st_mtim.tv_sec); 1714 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1715 printf("\"%s\"", timestr); 1716 } 1717 if (statp->st_mtim.tv_nsec != 0) 1718 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1719 else 1720 printf(", "); 1721 printf("ctime="); 1722 if (resolv == 0) 1723 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1724 else { 1725 tm = localtime(&statp->st_ctim.tv_sec); 1726 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1727 printf("\"%s\"", timestr); 1728 } 1729 if (statp->st_ctim.tv_nsec != 0) 1730 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1731 else 1732 printf(", "); 1733 printf("birthtime="); 1734 if (resolv == 0) 1735 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1736 else { 1737 tm = localtime(&statp->st_birthtim.tv_sec); 1738 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1739 printf("\"%s\"", timestr); 1740 } 1741 if (statp->st_birthtim.tv_nsec != 0) 1742 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1743 else 1744 printf(", "); 1745 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1746 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1747 (intmax_t)statp->st_blocks, statp->st_flags); 1748 printf(" }\n"); 1749 } 1750 1751 void 1752 ktrstruct(char *buf, size_t buflen) 1753 { 1754 char *name, *data; 1755 size_t namelen, datalen; 1756 int i; 1757 cap_rights_t rights; 1758 struct stat sb; 1759 struct sockaddr_storage ss; 1760 1761 for (name = buf, namelen = 0; 1762 namelen < buflen && name[namelen] != '\0'; 1763 ++namelen) 1764 /* nothing */; 1765 if (namelen == buflen) 1766 goto invalid; 1767 if (name[namelen] != '\0') 1768 goto invalid; 1769 data = buf + namelen + 1; 1770 datalen = buflen - namelen - 1; 1771 if (datalen == 0) 1772 goto invalid; 1773 /* sanity check */ 1774 for (i = 0; i < (int)namelen; ++i) 1775 if (!isalpha(name[i])) 1776 goto invalid; 1777 if (strcmp(name, "caprights") == 0) { 1778 if (datalen != sizeof(cap_rights_t)) 1779 goto invalid; 1780 memcpy(&rights, data, datalen); 1781 ktrcaprights(&rights); 1782 } else if (strcmp(name, "stat") == 0) { 1783 if (datalen != sizeof(struct stat)) 1784 goto invalid; 1785 memcpy(&sb, data, datalen); 1786 ktrstat(&sb); 1787 } else if (strcmp(name, "sockaddr") == 0) { 1788 if (datalen > sizeof(ss)) 1789 goto invalid; 1790 memcpy(&ss, data, datalen); 1791 if (datalen != ss.ss_len) 1792 goto invalid; 1793 ktrsockaddr((struct sockaddr *)&ss); 1794 } else { 1795 printf("unknown structure\n"); 1796 } 1797 return; 1798 invalid: 1799 printf("invalid record\n"); 1800 } 1801 1802 void 1803 ktrcapfail(struct ktr_cap_fail *ktr) 1804 { 1805 switch (ktr->cap_type) { 1806 case CAPFAIL_NOTCAPABLE: 1807 /* operation on fd with insufficient capabilities */ 1808 printf("operation requires "); 1809 capname(&ktr->cap_needed); 1810 printf(", descriptor holds "); 1811 capname(&ktr->cap_held); 1812 break; 1813 case CAPFAIL_INCREASE: 1814 /* requested more capabilities than fd already has */ 1815 printf("attempt to increase capabilities from "); 1816 capname(&ktr->cap_held); 1817 printf(" to "); 1818 capname(&ktr->cap_needed); 1819 break; 1820 case CAPFAIL_SYSCALL: 1821 /* called restricted syscall */ 1822 printf("disallowed system call"); 1823 break; 1824 case CAPFAIL_LOOKUP: 1825 /* used ".." in strict-relative mode */ 1826 printf("restricted VFS lookup"); 1827 break; 1828 default: 1829 printf("unknown capability failure: "); 1830 capname(&ktr->cap_needed); 1831 printf(" "); 1832 capname(&ktr->cap_held); 1833 break; 1834 } 1835 printf("\n"); 1836 } 1837 1838 void 1839 ktrfault(struct ktr_fault *ktr) 1840 { 1841 1842 printf("0x%jx ", (uintmax_t)ktr->vaddr); 1843 vmprotname(ktr->type); 1844 printf("\n"); 1845 } 1846 1847 void 1848 ktrfaultend(struct ktr_faultend *ktr) 1849 { 1850 1851 vmresultname(ktr->result); 1852 printf("\n"); 1853 } 1854 1855 #if defined(__amd64__) || defined(__i386__) 1856 void 1857 linux_ktrsysret(struct ktr_sysret *ktr, u_int sv_flags) 1858 { 1859 register_t ret = ktr->ktr_retval; 1860 int error = ktr->ktr_error; 1861 1862 syscallname(ktr->ktr_code, sv_flags); 1863 printf(" "); 1864 1865 if (error == 0) { 1866 if (fancy) { 1867 printf("%ld", (long)ret); 1868 if (ret < 0 || ret > 9) 1869 printf("/%#lx", (unsigned long)ret); 1870 } else { 1871 if (decimal) 1872 printf("%ld", (long)ret); 1873 else 1874 printf("%#lx", (unsigned long)ret); 1875 } 1876 } else if (error == ERESTART) 1877 printf("RESTART"); 1878 else if (error == EJUSTRETURN) 1879 printf("JUSTRETURN"); 1880 else { 1881 if (ktr->ktr_error <= ELAST + 1) 1882 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 1883 else 1884 error = 999; 1885 printf("-1 errno %d", error); 1886 if (fancy) 1887 printf(" %s", strerror(ktr->ktr_error)); 1888 } 1889 putchar('\n'); 1890 } 1891 #endif 1892 1893 void 1894 usage(void) 1895 { 1896 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] " 1897 "[-m maxdata] [-p pid] [-t trstr]\n"); 1898 exit(1); 1899 } 1900