1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/capsicum.h> 50 #include <sys/errno.h> 51 #define _KERNEL 52 #include <sys/time.h> 53 #undef _KERNEL 54 #include <sys/uio.h> 55 #include <sys/ktrace.h> 56 #include <sys/ioctl.h> 57 #include <sys/socket.h> 58 #include <sys/stat.h> 59 #include <sys/sysent.h> 60 #include <sys/umtx.h> 61 #include <sys/un.h> 62 #include <sys/queue.h> 63 #include <sys/wait.h> 64 #include <arpa/inet.h> 65 #include <netinet/in.h> 66 #include <ctype.h> 67 #include <dlfcn.h> 68 #include <err.h> 69 #include <grp.h> 70 #include <inttypes.h> 71 #ifdef HAVE_LIBCAPSICUM 72 #include <libcapsicum.h> 73 #include <libcapsicum_grp.h> 74 #include <libcapsicum_pwd.h> 75 #include <libcapsicum_service.h> 76 #endif 77 #include <locale.h> 78 #include <netdb.h> 79 #include <nl_types.h> 80 #ifdef HAVE_LIBCAPSICUM 81 #include <nv.h> 82 #endif 83 #include <pwd.h> 84 #include <stdio.h> 85 #include <stdlib.h> 86 #include <string.h> 87 #include <termios.h> 88 #include <time.h> 89 #include <unistd.h> 90 #include <vis.h> 91 #include "ktrace.h" 92 #include "kdump_subr.h" 93 94 u_int abidump(struct ktr_header *); 95 int fetchprocinfo(struct ktr_header *, u_int *); 96 int fread_tail(void *, int, int); 97 void dumpheader(struct ktr_header *); 98 void ktrsyscall(struct ktr_syscall *, u_int); 99 void ktrsysret(struct ktr_sysret *, u_int); 100 void ktrnamei(char *, int); 101 void hexdump(char *, int, int); 102 void visdump(char *, int, int); 103 void ktrgenio(struct ktr_genio *, int); 104 void ktrpsig(struct ktr_psig *); 105 void ktrcsw(struct ktr_csw *); 106 void ktrcsw_old(struct ktr_csw_old *); 107 void ktruser_malloc(void *); 108 void ktruser_rtld(int, void *); 109 void ktruser(int, void *); 110 void ktrcaprights(cap_rights_t *); 111 void ktrsockaddr(struct sockaddr *); 112 void ktrstat(struct stat *); 113 void ktrstruct(char *, size_t); 114 void ktrcapfail(struct ktr_cap_fail *); 115 void ktrfault(struct ktr_fault *); 116 void ktrfaultend(struct ktr_faultend *); 117 void limitfd(int fd); 118 void usage(void); 119 void ioctlname(unsigned long, int); 120 121 #define TIMESTAMP_NONE 0x0 122 #define TIMESTAMP_ABSOLUTE 0x1 123 #define TIMESTAMP_ELAPSED 0x2 124 #define TIMESTAMP_RELATIVE 0x4 125 126 extern const char *signames[], *syscallnames[]; 127 extern int nsyscalls; 128 129 static int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 130 resolv = 0, abiflag = 0, syscallno = 0; 131 static const char *tracefile = DEF_TRACEFILE; 132 static struct ktr_header ktr_header; 133 134 #define TIME_FORMAT "%b %e %T %Y" 135 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 136 137 #define print_number(i,n,c) do { \ 138 if (decimal) \ 139 printf("%c%jd", c, (intmax_t)*i); \ 140 else \ 141 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 142 i++; \ 143 n--; \ 144 c = ','; \ 145 } while (0) 146 147 #if defined(__amd64__) || defined(__i386__) 148 149 void linux_ktrsyscall(struct ktr_syscall *); 150 void linux_ktrsysret(struct ktr_sysret *); 151 extern const char *linux_syscallnames[]; 152 153 #include <linux_syscalls.c> 154 static int nlinux_syscalls = sizeof(linux_syscallnames) / \ 155 sizeof(linux_syscallnames[0]); 156 157 /* 158 * from linux.h 159 * Linux syscalls return negative errno's, we do positive and map them 160 */ 161 static int bsd_to_linux_errno[ELAST + 1] = { 162 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 163 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 164 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 165 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 166 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 167 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 168 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 169 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 170 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 171 -72, -67, -71 172 }; 173 #endif 174 175 struct proc_info 176 { 177 TAILQ_ENTRY(proc_info) info; 178 u_int sv_flags; 179 pid_t pid; 180 }; 181 182 static TAILQ_HEAD(trace_procs, proc_info) trace_procs; 183 184 #ifdef HAVE_LIBCAPSICUM 185 static cap_channel_t *cappwd, *capgrp; 186 #endif 187 188 static void 189 strerror_init(void) 190 { 191 192 /* 193 * Cache NLS data before entering capability mode. 194 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 195 */ 196 (void)catopen("libc", NL_CAT_LOCALE); 197 } 198 199 static void 200 localtime_init(void) 201 { 202 time_t ltime; 203 204 /* 205 * Allow localtime(3) to cache /etc/localtime content before entering 206 * capability mode. 207 * XXXPJD: There should be localtime_init() in libc. 208 */ 209 (void)time(<ime); 210 (void)localtime(<ime); 211 } 212 213 #ifdef HAVE_LIBCAPSICUM 214 static int 215 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp) 216 { 217 cap_channel_t *capcas, *cappwdloc, *capgrploc; 218 const char *cmds[1], *fields[1]; 219 220 capcas = cap_init(); 221 if (capcas == NULL) { 222 warn("unable to contact casperd"); 223 return (-1); 224 } 225 cappwdloc = cap_service_open(capcas, "system.pwd"); 226 capgrploc = cap_service_open(capcas, "system.grp"); 227 /* Casper capability no longer needed. */ 228 cap_close(capcas); 229 if (cappwdloc == NULL || capgrploc == NULL) { 230 if (cappwdloc == NULL) 231 warn("unable to open system.pwd service"); 232 if (capgrploc == NULL) 233 warn("unable to open system.grp service"); 234 exit(1); 235 } 236 /* Limit system.pwd to only getpwuid() function and pw_name field. */ 237 cmds[0] = "getpwuid"; 238 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0) 239 err(1, "unable to limit system.pwd service"); 240 fields[0] = "pw_name"; 241 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0) 242 err(1, "unable to limit system.pwd service"); 243 /* Limit system.grp to only getgrgid() function and gr_name field. */ 244 cmds[0] = "getgrgid"; 245 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0) 246 err(1, "unable to limit system.grp service"); 247 fields[0] = "gr_name"; 248 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0) 249 err(1, "unable to limit system.grp service"); 250 251 *cappwdp = cappwdloc; 252 *capgrpp = capgrploc; 253 return (0); 254 } 255 #endif /* HAVE_LIBCAPSICUM */ 256 257 int 258 main(int argc, char *argv[]) 259 { 260 int ch, ktrlen, size; 261 void *m; 262 int trpoints = ALL_POINTS; 263 int drop_logged; 264 pid_t pid = 0; 265 u_int sv_flags; 266 267 setlocale(LC_CTYPE, ""); 268 269 timestamp = TIMESTAMP_NONE; 270 271 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1) 272 switch (ch) { 273 case 'A': 274 abiflag = 1; 275 break; 276 case 'f': 277 tracefile = optarg; 278 break; 279 case 'd': 280 decimal = 1; 281 break; 282 case 'l': 283 tail = 1; 284 break; 285 case 'm': 286 maxdata = atoi(optarg); 287 break; 288 case 'n': 289 fancy = 0; 290 break; 291 case 'p': 292 pid = atoi(optarg); 293 break; 294 case 'r': 295 resolv = 1; 296 break; 297 case 'S': 298 syscallno = 1; 299 break; 300 case 's': 301 suppressdata = 1; 302 break; 303 case 'E': 304 timestamp |= TIMESTAMP_ELAPSED; 305 break; 306 case 'H': 307 threads = 1; 308 break; 309 case 'R': 310 timestamp |= TIMESTAMP_RELATIVE; 311 break; 312 case 'T': 313 timestamp |= TIMESTAMP_ABSOLUTE; 314 break; 315 case 't': 316 trpoints = getpoints(optarg); 317 if (trpoints < 0) 318 errx(1, "unknown trace point in %s", optarg); 319 break; 320 default: 321 usage(); 322 } 323 324 if (argc > optind) 325 usage(); 326 327 m = malloc(size = 1025); 328 if (m == NULL) 329 errx(1, "%s", strerror(ENOMEM)); 330 if (!freopen(tracefile, "r", stdin)) 331 err(1, "%s", tracefile); 332 333 strerror_init(); 334 localtime_init(); 335 #ifdef HAVE_LIBCAPSICUM 336 if (resolv != 0) { 337 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) { 338 cappwd = NULL; 339 capgrp = NULL; 340 } 341 } 342 if (resolv == 0 || (cappwd != NULL && capgrp != NULL)) { 343 if (cap_enter() < 0 && errno != ENOSYS) 344 err(1, "unable to enter capability mode"); 345 } 346 #else 347 if (resolv == 0) { 348 if (cap_enter() < 0 && errno != ENOSYS) 349 err(1, "unable to enter capability mode"); 350 } 351 #endif 352 limitfd(STDIN_FILENO); 353 limitfd(STDOUT_FILENO); 354 limitfd(STDERR_FILENO); 355 if (cap_sandboxed()) 356 fprintf(stderr, "capability mode sandbox enabled\n"); 357 358 TAILQ_INIT(&trace_procs); 359 drop_logged = 0; 360 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 361 if (ktr_header.ktr_type & KTR_DROP) { 362 ktr_header.ktr_type &= ~KTR_DROP; 363 if (!drop_logged && threads) { 364 printf( 365 "%6jd %6jd %-8.*s Events dropped.\n", 366 (intmax_t)ktr_header.ktr_pid, 367 ktr_header.ktr_tid > 0 ? 368 (intmax_t)ktr_header.ktr_tid : 0, 369 MAXCOMLEN, ktr_header.ktr_comm); 370 drop_logged = 1; 371 } else if (!drop_logged) { 372 printf("%6jd %-8.*s Events dropped.\n", 373 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 374 ktr_header.ktr_comm); 375 drop_logged = 1; 376 } 377 } 378 if (trpoints & (1<<ktr_header.ktr_type)) 379 if (pid == 0 || ktr_header.ktr_pid == pid || 380 ktr_header.ktr_tid == pid) 381 dumpheader(&ktr_header); 382 if ((ktrlen = ktr_header.ktr_len) < 0) 383 errx(1, "bogus length 0x%x", ktrlen); 384 if (ktrlen > size) { 385 m = realloc(m, ktrlen+1); 386 if (m == NULL) 387 errx(1, "%s", strerror(ENOMEM)); 388 size = ktrlen; 389 } 390 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 391 errx(1, "data too short"); 392 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 393 continue; 394 sv_flags = abidump(&ktr_header); 395 if (pid && ktr_header.ktr_pid != pid && 396 ktr_header.ktr_tid != pid) 397 continue; 398 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 399 continue; 400 drop_logged = 0; 401 switch (ktr_header.ktr_type) { 402 case KTR_SYSCALL: 403 #if defined(__amd64__) || defined(__i386__) 404 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 405 linux_ktrsyscall((struct ktr_syscall *)m); 406 else 407 #endif 408 ktrsyscall((struct ktr_syscall *)m, sv_flags); 409 break; 410 case KTR_SYSRET: 411 #if defined(__amd64__) || defined(__i386__) 412 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 413 linux_ktrsysret((struct ktr_sysret *)m); 414 else 415 #endif 416 ktrsysret((struct ktr_sysret *)m, sv_flags); 417 break; 418 case KTR_NAMEI: 419 case KTR_SYSCTL: 420 ktrnamei(m, ktrlen); 421 break; 422 case KTR_GENIO: 423 ktrgenio((struct ktr_genio *)m, ktrlen); 424 break; 425 case KTR_PSIG: 426 ktrpsig((struct ktr_psig *)m); 427 break; 428 case KTR_CSW: 429 if (ktrlen == sizeof(struct ktr_csw_old)) 430 ktrcsw_old((struct ktr_csw_old *)m); 431 else 432 ktrcsw((struct ktr_csw *)m); 433 break; 434 case KTR_USER: 435 ktruser(ktrlen, m); 436 break; 437 case KTR_STRUCT: 438 ktrstruct(m, ktrlen); 439 break; 440 case KTR_CAPFAIL: 441 ktrcapfail((struct ktr_cap_fail *)m); 442 break; 443 case KTR_FAULT: 444 ktrfault((struct ktr_fault *)m); 445 break; 446 case KTR_FAULTEND: 447 ktrfaultend((struct ktr_faultend *)m); 448 break; 449 default: 450 printf("\n"); 451 break; 452 } 453 if (tail) 454 fflush(stdout); 455 } 456 return 0; 457 } 458 459 void 460 limitfd(int fd) 461 { 462 cap_rights_t rights; 463 unsigned long cmd; 464 465 cap_rights_init(&rights, CAP_FSTAT); 466 cmd = 0; 467 468 switch (fd) { 469 case STDIN_FILENO: 470 cap_rights_set(&rights, CAP_READ); 471 break; 472 case STDOUT_FILENO: 473 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE); 474 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 475 break; 476 case STDERR_FILENO: 477 cap_rights_set(&rights, CAP_WRITE); 478 if (!suppressdata) { 479 cap_rights_set(&rights, CAP_IOCTL); 480 cmd = TIOCGWINSZ; 481 } 482 break; 483 default: 484 abort(); 485 } 486 487 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) 488 err(1, "unable to limit rights for descriptor %d", fd); 489 if (cmd != 0 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 490 err(1, "unable to limit ioctls for descriptor %d", fd); 491 } 492 493 int 494 fread_tail(void *buf, int size, int num) 495 { 496 int i; 497 498 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 499 sleep(1); 500 clearerr(stdin); 501 } 502 return (i); 503 } 504 505 int 506 fetchprocinfo(struct ktr_header *kth, u_int *flags) 507 { 508 struct proc_info *pi; 509 510 switch (kth->ktr_type) { 511 case KTR_PROCCTOR: 512 TAILQ_FOREACH(pi, &trace_procs, info) { 513 if (pi->pid == kth->ktr_pid) { 514 TAILQ_REMOVE(&trace_procs, pi, info); 515 break; 516 } 517 } 518 pi = malloc(sizeof(struct proc_info)); 519 if (pi == NULL) 520 errx(1, "%s", strerror(ENOMEM)); 521 pi->sv_flags = *flags; 522 pi->pid = kth->ktr_pid; 523 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 524 return (1); 525 526 case KTR_PROCDTOR: 527 TAILQ_FOREACH(pi, &trace_procs, info) { 528 if (pi->pid == kth->ktr_pid) { 529 TAILQ_REMOVE(&trace_procs, pi, info); 530 free(pi); 531 break; 532 } 533 } 534 return (1); 535 } 536 537 return (0); 538 } 539 540 u_int 541 abidump(struct ktr_header *kth) 542 { 543 struct proc_info *pi; 544 const char *abi; 545 const char *arch; 546 u_int flags = 0; 547 548 TAILQ_FOREACH(pi, &trace_procs, info) { 549 if (pi->pid == kth->ktr_pid) { 550 flags = pi->sv_flags; 551 break; 552 } 553 } 554 555 if (abiflag == 0) 556 return (flags); 557 558 switch (flags & SV_ABI_MASK) { 559 case SV_ABI_LINUX: 560 abi = "L"; 561 break; 562 case SV_ABI_FREEBSD: 563 abi = "F"; 564 break; 565 default: 566 abi = "U"; 567 break; 568 } 569 570 if (flags != 0) { 571 if (flags & SV_LP64) 572 arch = "64"; 573 else 574 arch = "32"; 575 } else 576 arch = "00"; 577 578 printf("%s%s ", abi, arch); 579 580 return (flags); 581 } 582 583 void 584 dumpheader(struct ktr_header *kth) 585 { 586 static char unknown[64]; 587 static struct timeval prevtime, prevtime_e, temp; 588 const char *type; 589 590 switch (kth->ktr_type) { 591 case KTR_SYSCALL: 592 type = "CALL"; 593 break; 594 case KTR_SYSRET: 595 type = "RET "; 596 break; 597 case KTR_NAMEI: 598 type = "NAMI"; 599 break; 600 case KTR_GENIO: 601 type = "GIO "; 602 break; 603 case KTR_PSIG: 604 type = "PSIG"; 605 break; 606 case KTR_CSW: 607 type = "CSW "; 608 break; 609 case KTR_USER: 610 type = "USER"; 611 break; 612 case KTR_STRUCT: 613 type = "STRU"; 614 break; 615 case KTR_SYSCTL: 616 type = "SCTL"; 617 break; 618 case KTR_PROCCTOR: 619 /* FALLTHROUGH */ 620 case KTR_PROCDTOR: 621 return; 622 case KTR_CAPFAIL: 623 type = "CAP "; 624 break; 625 case KTR_FAULT: 626 type = "PFLT"; 627 break; 628 case KTR_FAULTEND: 629 type = "PRET"; 630 break; 631 default: 632 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 633 type = unknown; 634 } 635 636 /* 637 * The ktr_tid field was previously the ktr_buffer field, which held 638 * the kernel pointer value for the buffer associated with data 639 * following the record header. It now holds a threadid, but only 640 * for trace files after the change. Older trace files still contain 641 * kernel pointers. Detect this and suppress the results by printing 642 * negative tid's as 0. 643 */ 644 if (threads) 645 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 646 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 647 MAXCOMLEN, kth->ktr_comm); 648 else 649 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 650 kth->ktr_comm); 651 if (timestamp) { 652 if (timestamp & TIMESTAMP_ABSOLUTE) { 653 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 654 kth->ktr_time.tv_usec); 655 } 656 if (timestamp & TIMESTAMP_ELAPSED) { 657 if (prevtime_e.tv_sec == 0) 658 prevtime_e = kth->ktr_time; 659 timevalsub(&kth->ktr_time, &prevtime_e); 660 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 661 kth->ktr_time.tv_usec); 662 timevaladd(&kth->ktr_time, &prevtime_e); 663 } 664 if (timestamp & TIMESTAMP_RELATIVE) { 665 temp = kth->ktr_time; 666 timevalsub(&kth->ktr_time, &prevtime); 667 prevtime = temp; 668 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 669 kth->ktr_time.tv_usec); 670 } 671 } 672 printf("%s ", type); 673 } 674 675 #include <sys/syscall.h> 676 #define KTRACE 677 #include <sys/kern/syscalls.c> 678 #undef KTRACE 679 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 680 681 void 682 ktrsyscall(struct ktr_syscall *ktr, u_int flags) 683 { 684 int narg = ktr->ktr_narg; 685 register_t *ip; 686 intmax_t arg; 687 688 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 689 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 690 printf("[%d]", ktr->ktr_code); 691 else { 692 printf("%s", syscallnames[ktr->ktr_code]); 693 if (syscallno) 694 printf("[%d]", ktr->ktr_code); 695 } 696 ip = &ktr->ktr_args[0]; 697 if (narg) { 698 char c = '('; 699 if (fancy && 700 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 701 switch (ktr->ktr_code) { 702 case SYS_bindat: 703 case SYS_connectat: 704 case SYS_faccessat: 705 case SYS_fchmodat: 706 case SYS_fchownat: 707 case SYS_fstatat: 708 case SYS_futimesat: 709 case SYS_linkat: 710 case SYS_mkdirat: 711 case SYS_mkfifoat: 712 case SYS_mknodat: 713 case SYS_openat: 714 case SYS_readlinkat: 715 case SYS_renameat: 716 case SYS_unlinkat: 717 putchar('('); 718 atfdname(*ip, decimal); 719 c = ','; 720 ip++; 721 narg--; 722 break; 723 } 724 switch (ktr->ktr_code) { 725 case SYS_ioctl: { 726 print_number(ip, narg, c); 727 putchar(c); 728 ioctlname(*ip, decimal); 729 c = ','; 730 ip++; 731 narg--; 732 break; 733 } 734 case SYS_ptrace: 735 putchar('('); 736 ptraceopname(*ip); 737 c = ','; 738 ip++; 739 narg--; 740 break; 741 case SYS_access: 742 case SYS_eaccess: 743 case SYS_faccessat: 744 print_number(ip, narg, c); 745 putchar(','); 746 accessmodename(*ip); 747 ip++; 748 narg--; 749 break; 750 case SYS_open: 751 case SYS_openat: 752 print_number(ip, narg, c); 753 putchar(','); 754 flagsandmodename(ip[0], ip[1], decimal); 755 ip += 2; 756 narg -= 2; 757 break; 758 case SYS_wait4: 759 print_number(ip, narg, c); 760 print_number(ip, narg, c); 761 /* 762 * A flags value of zero is valid for 763 * wait4() but not for wait6(), so 764 * handle zero special here. 765 */ 766 if (*ip == 0) { 767 print_number(ip, narg, c); 768 } else { 769 putchar(','); 770 wait6optname(*ip); 771 ip++; 772 narg--; 773 } 774 break; 775 case SYS_wait6: 776 putchar('('); 777 idtypename(*ip, decimal); 778 c = ','; 779 ip++; 780 narg--; 781 print_number(ip, narg, c); 782 print_number(ip, narg, c); 783 putchar(','); 784 wait6optname(*ip); 785 ip++; 786 narg--; 787 break; 788 case SYS_chmod: 789 case SYS_fchmod: 790 case SYS_lchmod: 791 print_number(ip, narg, c); 792 putchar(','); 793 modename(*ip); 794 ip++; 795 narg--; 796 break; 797 case SYS_mknod: 798 case SYS_mknodat: 799 print_number(ip, narg, c); 800 putchar(','); 801 modename(*ip); 802 ip++; 803 narg--; 804 break; 805 case SYS_getfsstat: 806 print_number(ip, narg, c); 807 print_number(ip, narg, c); 808 putchar(','); 809 getfsstatflagsname(*ip); 810 ip++; 811 narg--; 812 break; 813 case SYS_mount: 814 print_number(ip, narg, c); 815 print_number(ip, narg, c); 816 putchar(','); 817 mountflagsname(*ip); 818 ip++; 819 narg--; 820 break; 821 case SYS_unmount: 822 print_number(ip, narg, c); 823 putchar(','); 824 mountflagsname(*ip); 825 ip++; 826 narg--; 827 break; 828 case SYS_recvmsg: 829 case SYS_sendmsg: 830 print_number(ip, narg, c); 831 print_number(ip, narg, c); 832 putchar(','); 833 sendrecvflagsname(*ip); 834 ip++; 835 narg--; 836 break; 837 case SYS_recvfrom: 838 case SYS_sendto: 839 print_number(ip, narg, c); 840 print_number(ip, narg, c); 841 print_number(ip, narg, c); 842 putchar(','); 843 sendrecvflagsname(*ip); 844 ip++; 845 narg--; 846 break; 847 case SYS_chflags: 848 case SYS_fchflags: 849 case SYS_lchflags: 850 print_number(ip, narg, c); 851 putchar(','); 852 modename(*ip); 853 ip++; 854 narg--; 855 break; 856 case SYS_kill: 857 print_number(ip, narg, c); 858 putchar(','); 859 signame(*ip); 860 ip++; 861 narg--; 862 break; 863 case SYS_reboot: 864 putchar('('); 865 rebootoptname(*ip); 866 ip++; 867 narg--; 868 break; 869 case SYS_umask: 870 putchar('('); 871 modename(*ip); 872 ip++; 873 narg--; 874 break; 875 case SYS_msync: 876 print_number(ip, narg, c); 877 print_number(ip, narg, c); 878 putchar(','); 879 msyncflagsname(*ip); 880 ip++; 881 narg--; 882 break; 883 #ifdef SYS_freebsd6_mmap 884 case SYS_freebsd6_mmap: 885 print_number(ip, narg, c); 886 print_number(ip, narg, c); 887 putchar(','); 888 mmapprotname(*ip); 889 putchar(','); 890 ip++; 891 narg--; 892 mmapflagsname(*ip); 893 ip++; 894 narg--; 895 break; 896 #endif 897 case SYS_mmap: 898 print_number(ip, narg, c); 899 print_number(ip, narg, c); 900 putchar(','); 901 mmapprotname(*ip); 902 putchar(','); 903 ip++; 904 narg--; 905 mmapflagsname(*ip); 906 ip++; 907 narg--; 908 break; 909 case SYS_mprotect: 910 print_number(ip, narg, c); 911 print_number(ip, narg, c); 912 putchar(','); 913 mmapprotname(*ip); 914 ip++; 915 narg--; 916 break; 917 case SYS_madvise: 918 print_number(ip, narg, c); 919 print_number(ip, narg, c); 920 putchar(','); 921 madvisebehavname(*ip); 922 ip++; 923 narg--; 924 break; 925 case SYS_setpriority: 926 print_number(ip, narg, c); 927 print_number(ip, narg, c); 928 putchar(','); 929 prioname(*ip); 930 ip++; 931 narg--; 932 break; 933 case SYS_fcntl: 934 print_number(ip, narg, c); 935 putchar(','); 936 fcntlcmdname(ip[0], ip[1], decimal); 937 ip += 2; 938 narg -= 2; 939 break; 940 case SYS_socket: { 941 int sockdomain; 942 putchar('('); 943 sockdomain = *ip; 944 sockdomainname(sockdomain); 945 ip++; 946 narg--; 947 putchar(','); 948 socktypenamewithflags(*ip); 949 ip++; 950 narg--; 951 if (sockdomain == PF_INET || 952 sockdomain == PF_INET6) { 953 putchar(','); 954 sockipprotoname(*ip); 955 ip++; 956 narg--; 957 } 958 c = ','; 959 break; 960 } 961 case SYS_setsockopt: 962 case SYS_getsockopt: 963 print_number(ip, narg, c); 964 putchar(','); 965 sockoptlevelname(*ip, decimal); 966 if (*ip == SOL_SOCKET) { 967 ip++; 968 narg--; 969 putchar(','); 970 sockoptname(*ip); 971 } 972 ip++; 973 narg--; 974 break; 975 #ifdef SYS_freebsd6_lseek 976 case SYS_freebsd6_lseek: 977 print_number(ip, narg, c); 978 /* Hidden 'pad' argument, not in lseek(2) */ 979 print_number(ip, narg, c); 980 print_number(ip, narg, c); 981 putchar(','); 982 whencename(*ip); 983 ip++; 984 narg--; 985 break; 986 #endif 987 case SYS_lseek: 988 print_number(ip, narg, c); 989 /* Hidden 'pad' argument, not in lseek(2) */ 990 print_number(ip, narg, c); 991 putchar(','); 992 whencename(*ip); 993 ip++; 994 narg--; 995 break; 996 case SYS_flock: 997 print_number(ip, narg, c); 998 putchar(','); 999 flockname(*ip); 1000 ip++; 1001 narg--; 1002 break; 1003 case SYS_mkfifo: 1004 case SYS_mkfifoat: 1005 case SYS_mkdir: 1006 case SYS_mkdirat: 1007 print_number(ip, narg, c); 1008 putchar(','); 1009 modename(*ip); 1010 ip++; 1011 narg--; 1012 break; 1013 case SYS_shutdown: 1014 print_number(ip, narg, c); 1015 putchar(','); 1016 shutdownhowname(*ip); 1017 ip++; 1018 narg--; 1019 break; 1020 case SYS_socketpair: 1021 putchar('('); 1022 sockdomainname(*ip); 1023 ip++; 1024 narg--; 1025 putchar(','); 1026 socktypenamewithflags(*ip); 1027 ip++; 1028 narg--; 1029 c = ','; 1030 break; 1031 case SYS_getrlimit: 1032 case SYS_setrlimit: 1033 putchar('('); 1034 rlimitname(*ip); 1035 ip++; 1036 narg--; 1037 c = ','; 1038 break; 1039 case SYS_quotactl: 1040 print_number(ip, narg, c); 1041 putchar(','); 1042 quotactlname(*ip); 1043 ip++; 1044 narg--; 1045 c = ','; 1046 break; 1047 case SYS_nfssvc: 1048 putchar('('); 1049 nfssvcname(*ip); 1050 ip++; 1051 narg--; 1052 c = ','; 1053 break; 1054 case SYS_rtprio: 1055 putchar('('); 1056 rtprioname(*ip); 1057 ip++; 1058 narg--; 1059 c = ','; 1060 break; 1061 case SYS___semctl: 1062 print_number(ip, narg, c); 1063 print_number(ip, narg, c); 1064 putchar(','); 1065 semctlname(*ip); 1066 ip++; 1067 narg--; 1068 break; 1069 case SYS_semget: 1070 print_number(ip, narg, c); 1071 print_number(ip, narg, c); 1072 putchar(','); 1073 semgetname(*ip); 1074 ip++; 1075 narg--; 1076 break; 1077 case SYS_msgctl: 1078 print_number(ip, narg, c); 1079 putchar(','); 1080 shmctlname(*ip); 1081 ip++; 1082 narg--; 1083 break; 1084 case SYS_shmat: 1085 print_number(ip, narg, c); 1086 print_number(ip, narg, c); 1087 putchar(','); 1088 shmatname(*ip); 1089 ip++; 1090 narg--; 1091 break; 1092 case SYS_shmctl: 1093 print_number(ip, narg, c); 1094 putchar(','); 1095 shmctlname(*ip); 1096 ip++; 1097 narg--; 1098 break; 1099 case SYS_shm_open: 1100 print_number(ip, narg, c); 1101 putchar(','); 1102 flagsname(ip[0]); 1103 printf(",0%o", (unsigned int)ip[1]); 1104 ip += 3; 1105 narg -= 3; 1106 break; 1107 case SYS_minherit: 1108 print_number(ip, narg, c); 1109 print_number(ip, narg, c); 1110 putchar(','); 1111 minheritname(*ip); 1112 ip++; 1113 narg--; 1114 break; 1115 case SYS_rfork: 1116 putchar('('); 1117 rforkname(*ip); 1118 ip++; 1119 narg--; 1120 c = ','; 1121 break; 1122 case SYS_lio_listio: 1123 putchar('('); 1124 lio_listioname(*ip); 1125 ip++; 1126 narg--; 1127 c = ','; 1128 break; 1129 case SYS_mlockall: 1130 putchar('('); 1131 mlockallname(*ip); 1132 ip++; 1133 narg--; 1134 break; 1135 case SYS_sched_setscheduler: 1136 print_number(ip, narg, c); 1137 putchar(','); 1138 schedpolicyname(*ip); 1139 ip++; 1140 narg--; 1141 break; 1142 case SYS_sched_get_priority_max: 1143 case SYS_sched_get_priority_min: 1144 putchar('('); 1145 schedpolicyname(*ip); 1146 ip++; 1147 narg--; 1148 break; 1149 case SYS_sendfile: 1150 print_number(ip, narg, c); 1151 print_number(ip, narg, c); 1152 print_number(ip, narg, c); 1153 print_number(ip, narg, c); 1154 print_number(ip, narg, c); 1155 print_number(ip, narg, c); 1156 putchar(','); 1157 sendfileflagsname(*ip); 1158 ip++; 1159 narg--; 1160 break; 1161 case SYS_kldsym: 1162 print_number(ip, narg, c); 1163 putchar(','); 1164 kldsymcmdname(*ip); 1165 ip++; 1166 narg--; 1167 break; 1168 case SYS_sigprocmask: 1169 putchar('('); 1170 sigprocmaskhowname(*ip); 1171 ip++; 1172 narg--; 1173 c = ','; 1174 break; 1175 case SYS___acl_get_file: 1176 case SYS___acl_set_file: 1177 case SYS___acl_get_fd: 1178 case SYS___acl_set_fd: 1179 case SYS___acl_delete_file: 1180 case SYS___acl_delete_fd: 1181 case SYS___acl_aclcheck_file: 1182 case SYS___acl_aclcheck_fd: 1183 case SYS___acl_get_link: 1184 case SYS___acl_set_link: 1185 case SYS___acl_delete_link: 1186 case SYS___acl_aclcheck_link: 1187 print_number(ip, narg, c); 1188 putchar(','); 1189 acltypename(*ip); 1190 ip++; 1191 narg--; 1192 break; 1193 case SYS_sigaction: 1194 putchar('('); 1195 signame(*ip); 1196 ip++; 1197 narg--; 1198 c = ','; 1199 break; 1200 case SYS_extattrctl: 1201 print_number(ip, narg, c); 1202 putchar(','); 1203 extattrctlname(*ip); 1204 ip++; 1205 narg--; 1206 break; 1207 case SYS_nmount: 1208 print_number(ip, narg, c); 1209 print_number(ip, narg, c); 1210 putchar(','); 1211 mountflagsname(*ip); 1212 ip++; 1213 narg--; 1214 break; 1215 case SYS_thr_create: 1216 print_number(ip, narg, c); 1217 print_number(ip, narg, c); 1218 putchar(','); 1219 thrcreateflagsname(*ip); 1220 ip++; 1221 narg--; 1222 break; 1223 case SYS_thr_kill: 1224 print_number(ip, narg, c); 1225 putchar(','); 1226 signame(*ip); 1227 ip++; 1228 narg--; 1229 break; 1230 case SYS_kldunloadf: 1231 print_number(ip, narg, c); 1232 putchar(','); 1233 kldunloadfflagsname(*ip); 1234 ip++; 1235 narg--; 1236 break; 1237 case SYS_linkat: 1238 case SYS_renameat: 1239 case SYS_symlinkat: 1240 print_number(ip, narg, c); 1241 putchar(','); 1242 atfdname(*ip, decimal); 1243 ip++; 1244 narg--; 1245 break; 1246 case SYS_cap_fcntls_limit: 1247 print_number(ip, narg, c); 1248 putchar(','); 1249 arg = *ip; 1250 ip++; 1251 narg--; 1252 capfcntlname(arg); 1253 break; 1254 case SYS_posix_fadvise: 1255 print_number(ip, narg, c); 1256 print_number(ip, narg, c); 1257 print_number(ip, narg, c); 1258 (void)putchar(','); 1259 fadvisebehavname((int)*ip); 1260 ip++; 1261 narg--; 1262 break; 1263 case SYS_procctl: 1264 putchar('('); 1265 idtypename(*ip, decimal); 1266 c = ','; 1267 ip++; 1268 narg--; 1269 print_number(ip, narg, c); 1270 putchar(','); 1271 procctlcmdname(*ip); 1272 ip++; 1273 narg--; 1274 break; 1275 case SYS__umtx_op: 1276 print_number(ip, narg, c); 1277 putchar(','); 1278 umtxopname(*ip); 1279 switch (*ip) { 1280 case UMTX_OP_CV_WAIT: 1281 ip++; 1282 narg--; 1283 putchar(','); 1284 umtxcvwaitflags(*ip); 1285 break; 1286 case UMTX_OP_RW_RDLOCK: 1287 ip++; 1288 narg--; 1289 putchar(','); 1290 umtxrwlockflags(*ip); 1291 break; 1292 } 1293 ip++; 1294 narg--; 1295 } 1296 } 1297 while (narg > 0) { 1298 print_number(ip, narg, c); 1299 } 1300 putchar(')'); 1301 } 1302 putchar('\n'); 1303 } 1304 1305 void 1306 ktrsysret(struct ktr_sysret *ktr, u_int flags) 1307 { 1308 register_t ret = ktr->ktr_retval; 1309 int error = ktr->ktr_error; 1310 int code = ktr->ktr_code; 1311 1312 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1313 (code >= nsyscalls || code < 0)) 1314 printf("[%d] ", code); 1315 else { 1316 printf("%s", syscallnames[code]); 1317 if (syscallno) 1318 printf("[%d]", code); 1319 printf(" "); 1320 } 1321 1322 if (error == 0) { 1323 if (fancy) { 1324 printf("%ld", (long)ret); 1325 if (ret < 0 || ret > 9) 1326 printf("/%#lx", (unsigned long)ret); 1327 } else { 1328 if (decimal) 1329 printf("%ld", (long)ret); 1330 else 1331 printf("%#lx", (unsigned long)ret); 1332 } 1333 } else if (error == ERESTART) 1334 printf("RESTART"); 1335 else if (error == EJUSTRETURN) 1336 printf("JUSTRETURN"); 1337 else { 1338 printf("-1 errno %d", ktr->ktr_error); 1339 if (fancy) 1340 printf(" %s", strerror(ktr->ktr_error)); 1341 } 1342 putchar('\n'); 1343 } 1344 1345 void 1346 ktrnamei(char *cp, int len) 1347 { 1348 printf("\"%.*s\"\n", len, cp); 1349 } 1350 1351 void 1352 hexdump(char *p, int len, int screenwidth) 1353 { 1354 int n, i; 1355 int width; 1356 1357 width = 0; 1358 do { 1359 width += 2; 1360 i = 13; /* base offset */ 1361 i += (width / 2) + 1; /* spaces every second byte */ 1362 i += (width * 2); /* width of bytes */ 1363 i += 3; /* " |" */ 1364 i += width; /* each byte */ 1365 i += 1; /* "|" */ 1366 } while (i < screenwidth); 1367 width -= 2; 1368 1369 for (n = 0; n < len; n += width) { 1370 for (i = n; i < n + width; i++) { 1371 if ((i % width) == 0) { /* beginning of line */ 1372 printf(" 0x%04x", i); 1373 } 1374 if ((i % 2) == 0) { 1375 printf(" "); 1376 } 1377 if (i < len) 1378 printf("%02x", p[i] & 0xff); 1379 else 1380 printf(" "); 1381 } 1382 printf(" |"); 1383 for (i = n; i < n + width; i++) { 1384 if (i >= len) 1385 break; 1386 if (p[i] >= ' ' && p[i] <= '~') 1387 printf("%c", p[i]); 1388 else 1389 printf("."); 1390 } 1391 printf("|\n"); 1392 } 1393 if ((i % width) != 0) 1394 printf("\n"); 1395 } 1396 1397 void 1398 visdump(char *dp, int datalen, int screenwidth) 1399 { 1400 int col = 0; 1401 char *cp; 1402 int width; 1403 char visbuf[5]; 1404 1405 printf(" \""); 1406 col = 8; 1407 for (;datalen > 0; datalen--, dp++) { 1408 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1409 cp = visbuf; 1410 /* 1411 * Keep track of printables and 1412 * space chars (like fold(1)). 1413 */ 1414 if (col == 0) { 1415 putchar('\t'); 1416 col = 8; 1417 } 1418 switch(*cp) { 1419 case '\n': 1420 col = 0; 1421 putchar('\n'); 1422 continue; 1423 case '\t': 1424 width = 8 - (col&07); 1425 break; 1426 default: 1427 width = strlen(cp); 1428 } 1429 if (col + width > (screenwidth-2)) { 1430 printf("\\\n\t"); 1431 col = 8; 1432 } 1433 col += width; 1434 do { 1435 putchar(*cp++); 1436 } while (*cp); 1437 } 1438 if (col == 0) 1439 printf(" "); 1440 printf("\"\n"); 1441 } 1442 1443 void 1444 ktrgenio(struct ktr_genio *ktr, int len) 1445 { 1446 int datalen = len - sizeof (struct ktr_genio); 1447 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1448 static int screenwidth = 0; 1449 int i, binary; 1450 1451 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1452 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1453 datalen == 1 ? "" : "s"); 1454 if (suppressdata) 1455 return; 1456 if (screenwidth == 0) { 1457 struct winsize ws; 1458 1459 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1460 ws.ws_col > 8) 1461 screenwidth = ws.ws_col; 1462 else 1463 screenwidth = 80; 1464 } 1465 if (maxdata && datalen > maxdata) 1466 datalen = maxdata; 1467 1468 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1469 if (dp[i] >= 32 && dp[i] < 127) 1470 continue; 1471 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1472 continue; 1473 binary = 1; 1474 } 1475 if (binary) 1476 hexdump(dp, datalen, screenwidth); 1477 else 1478 visdump(dp, datalen, screenwidth); 1479 } 1480 1481 const char *signames[] = { 1482 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1483 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1484 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1485 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1486 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1487 "USR2", NULL, /* 31 - 32 */ 1488 }; 1489 1490 void 1491 ktrpsig(struct ktr_psig *psig) 1492 { 1493 if (psig->signo > 0 && psig->signo < NSIG) 1494 printf("SIG%s ", signames[psig->signo]); 1495 else 1496 printf("SIG %d ", psig->signo); 1497 if (psig->action == SIG_DFL) { 1498 printf("SIG_DFL code="); 1499 sigcodename(psig->signo, psig->code); 1500 putchar('\n'); 1501 } else { 1502 printf("caught handler=0x%lx mask=0x%x code=", 1503 (u_long)psig->action, psig->mask.__bits[0]); 1504 sigcodename(psig->signo, psig->code); 1505 putchar('\n'); 1506 } 1507 } 1508 1509 void 1510 ktrcsw_old(struct ktr_csw_old *cs) 1511 { 1512 printf("%s %s\n", cs->out ? "stop" : "resume", 1513 cs->user ? "user" : "kernel"); 1514 } 1515 1516 void 1517 ktrcsw(struct ktr_csw *cs) 1518 { 1519 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1520 cs->user ? "user" : "kernel", cs->wmesg); 1521 } 1522 1523 #define UTRACE_DLOPEN_START 1 1524 #define UTRACE_DLOPEN_STOP 2 1525 #define UTRACE_DLCLOSE_START 3 1526 #define UTRACE_DLCLOSE_STOP 4 1527 #define UTRACE_LOAD_OBJECT 5 1528 #define UTRACE_UNLOAD_OBJECT 6 1529 #define UTRACE_ADD_RUNDEP 7 1530 #define UTRACE_PRELOAD_FINISHED 8 1531 #define UTRACE_INIT_CALL 9 1532 #define UTRACE_FINI_CALL 10 1533 1534 struct utrace_rtld { 1535 char sig[4]; /* 'RTLD' */ 1536 int event; 1537 void *handle; 1538 void *mapbase; 1539 size_t mapsize; 1540 int refcnt; 1541 char name[MAXPATHLEN]; 1542 }; 1543 1544 void 1545 ktruser_rtld(int len, void *p) 1546 { 1547 struct utrace_rtld *ut = p; 1548 unsigned char *cp; 1549 void *parent; 1550 int mode; 1551 1552 switch (ut->event) { 1553 case UTRACE_DLOPEN_START: 1554 mode = ut->refcnt; 1555 printf("dlopen(%s, ", ut->name); 1556 switch (mode & RTLD_MODEMASK) { 1557 case RTLD_NOW: 1558 printf("RTLD_NOW"); 1559 break; 1560 case RTLD_LAZY: 1561 printf("RTLD_LAZY"); 1562 break; 1563 default: 1564 printf("%#x", mode & RTLD_MODEMASK); 1565 } 1566 if (mode & RTLD_GLOBAL) 1567 printf(" | RTLD_GLOBAL"); 1568 if (mode & RTLD_TRACE) 1569 printf(" | RTLD_TRACE"); 1570 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1571 printf(" | %#x", mode & 1572 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1573 printf(")\n"); 1574 break; 1575 case UTRACE_DLOPEN_STOP: 1576 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1577 ut->refcnt); 1578 break; 1579 case UTRACE_DLCLOSE_START: 1580 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1581 ut->refcnt); 1582 break; 1583 case UTRACE_DLCLOSE_STOP: 1584 printf("dlclose(%p) finished\n", ut->handle); 1585 break; 1586 case UTRACE_LOAD_OBJECT: 1587 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1588 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1589 ut->name); 1590 break; 1591 case UTRACE_UNLOAD_OBJECT: 1592 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1593 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1594 ut->name); 1595 break; 1596 case UTRACE_ADD_RUNDEP: 1597 parent = ut->mapbase; 1598 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1599 ut->handle, ut->name, ut->refcnt); 1600 break; 1601 case UTRACE_PRELOAD_FINISHED: 1602 printf("RTLD: LD_PRELOAD finished\n"); 1603 break; 1604 case UTRACE_INIT_CALL: 1605 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1606 ut->name); 1607 break; 1608 case UTRACE_FINI_CALL: 1609 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1610 ut->name); 1611 break; 1612 default: 1613 cp = p; 1614 cp += 4; 1615 len -= 4; 1616 printf("RTLD: %d ", len); 1617 while (len--) 1618 if (decimal) 1619 printf(" %d", *cp++); 1620 else 1621 printf(" %02x", *cp++); 1622 printf("\n"); 1623 } 1624 } 1625 1626 struct utrace_malloc { 1627 void *p; 1628 size_t s; 1629 void *r; 1630 }; 1631 1632 void 1633 ktruser_malloc(void *p) 1634 { 1635 struct utrace_malloc *ut = p; 1636 1637 if (ut->p == (void *)(intptr_t)(-1)) 1638 printf("malloc_init()\n"); 1639 else if (ut->s == 0) 1640 printf("free(%p)\n", ut->p); 1641 else if (ut->p == NULL) 1642 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1643 else 1644 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1645 } 1646 1647 void 1648 ktruser(int len, void *p) 1649 { 1650 unsigned char *cp; 1651 1652 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1653 ktruser_rtld(len, p); 1654 return; 1655 } 1656 1657 if (len == sizeof(struct utrace_malloc)) { 1658 ktruser_malloc(p); 1659 return; 1660 } 1661 1662 printf("%d ", len); 1663 cp = p; 1664 while (len--) 1665 if (decimal) 1666 printf(" %d", *cp++); 1667 else 1668 printf(" %02x", *cp++); 1669 printf("\n"); 1670 } 1671 1672 void 1673 ktrcaprights(cap_rights_t *rightsp) 1674 { 1675 1676 printf("cap_rights_t "); 1677 capname(rightsp); 1678 printf("\n"); 1679 } 1680 1681 void 1682 ktrsockaddr(struct sockaddr *sa) 1683 { 1684 /* 1685 TODO: Support additional address families 1686 #include <netnatm/natm.h> 1687 struct sockaddr_natm *natm; 1688 #include <netsmb/netbios.h> 1689 struct sockaddr_nb *nb; 1690 */ 1691 char addr[64]; 1692 1693 /* 1694 * note: ktrstruct() has already verified that sa points to a 1695 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1696 * sa->sa_len bytes long. 1697 */ 1698 printf("struct sockaddr { "); 1699 sockfamilyname(sa->sa_family); 1700 printf(", "); 1701 1702 #define check_sockaddr_len(n) \ 1703 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1704 printf("invalid"); \ 1705 break; \ 1706 } 1707 1708 switch(sa->sa_family) { 1709 case AF_INET: { 1710 struct sockaddr_in sa_in; 1711 1712 memset(&sa_in, 0, sizeof(sa_in)); 1713 memcpy(&sa_in, sa, sa->sa_len); 1714 check_sockaddr_len(in); 1715 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1716 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1717 break; 1718 } 1719 case AF_INET6: { 1720 struct sockaddr_in6 sa_in6; 1721 1722 memset(&sa_in6, 0, sizeof(sa_in6)); 1723 memcpy(&sa_in6, sa, sa->sa_len); 1724 check_sockaddr_len(in6); 1725 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1726 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1727 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1728 break; 1729 } 1730 case AF_UNIX: { 1731 struct sockaddr_un sa_un; 1732 1733 memset(&sa_un, 0, sizeof(sa_un)); 1734 memcpy(&sa_un, sa, sa->sa_len); 1735 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1736 break; 1737 } 1738 default: 1739 printf("unknown address family"); 1740 } 1741 printf(" }\n"); 1742 } 1743 1744 void 1745 ktrstat(struct stat *statp) 1746 { 1747 char mode[12], timestr[PATH_MAX + 4]; 1748 struct passwd *pwd; 1749 struct group *grp; 1750 struct tm *tm; 1751 1752 /* 1753 * note: ktrstruct() has already verified that statp points to a 1754 * buffer exactly sizeof(struct stat) bytes long. 1755 */ 1756 printf("struct stat {"); 1757 printf("dev=%ju, ino=%ju, ", 1758 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); 1759 if (resolv == 0) 1760 printf("mode=0%jo, ", (uintmax_t)statp->st_mode); 1761 else { 1762 strmode(statp->st_mode, mode); 1763 printf("mode=%s, ", mode); 1764 } 1765 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); 1766 if (resolv == 0) { 1767 pwd = NULL; 1768 } else { 1769 #ifdef HAVE_LIBCAPSICUM 1770 if (cappwd != NULL) 1771 pwd = cap_getpwuid(cappwd, statp->st_uid); 1772 else 1773 #endif 1774 pwd = getpwuid(statp->st_uid); 1775 } 1776 if (pwd == NULL) 1777 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1778 else 1779 printf("uid=\"%s\", ", pwd->pw_name); 1780 if (resolv == 0) { 1781 grp = NULL; 1782 } else { 1783 #ifdef HAVE_LIBCAPSICUM 1784 if (capgrp != NULL) 1785 grp = cap_getgrgid(capgrp, statp->st_gid); 1786 else 1787 #endif 1788 grp = getgrgid(statp->st_gid); 1789 } 1790 if (grp == NULL) 1791 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1792 else 1793 printf("gid=\"%s\", ", grp->gr_name); 1794 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1795 printf("atime="); 1796 if (resolv == 0) 1797 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1798 else { 1799 tm = localtime(&statp->st_atim.tv_sec); 1800 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1801 printf("\"%s\"", timestr); 1802 } 1803 if (statp->st_atim.tv_nsec != 0) 1804 printf(".%09ld, ", statp->st_atim.tv_nsec); 1805 else 1806 printf(", "); 1807 printf("stime="); 1808 if (resolv == 0) 1809 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1810 else { 1811 tm = localtime(&statp->st_mtim.tv_sec); 1812 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1813 printf("\"%s\"", timestr); 1814 } 1815 if (statp->st_mtim.tv_nsec != 0) 1816 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1817 else 1818 printf(", "); 1819 printf("ctime="); 1820 if (resolv == 0) 1821 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1822 else { 1823 tm = localtime(&statp->st_ctim.tv_sec); 1824 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1825 printf("\"%s\"", timestr); 1826 } 1827 if (statp->st_ctim.tv_nsec != 0) 1828 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1829 else 1830 printf(", "); 1831 printf("birthtime="); 1832 if (resolv == 0) 1833 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1834 else { 1835 tm = localtime(&statp->st_birthtim.tv_sec); 1836 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1837 printf("\"%s\"", timestr); 1838 } 1839 if (statp->st_birthtim.tv_nsec != 0) 1840 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1841 else 1842 printf(", "); 1843 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1844 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1845 (intmax_t)statp->st_blocks, statp->st_flags); 1846 printf(" }\n"); 1847 } 1848 1849 void 1850 ktrstruct(char *buf, size_t buflen) 1851 { 1852 char *name, *data; 1853 size_t namelen, datalen; 1854 int i; 1855 cap_rights_t rights; 1856 struct stat sb; 1857 struct sockaddr_storage ss; 1858 1859 for (name = buf, namelen = 0; 1860 namelen < buflen && name[namelen] != '\0'; 1861 ++namelen) 1862 /* nothing */; 1863 if (namelen == buflen) 1864 goto invalid; 1865 if (name[namelen] != '\0') 1866 goto invalid; 1867 data = buf + namelen + 1; 1868 datalen = buflen - namelen - 1; 1869 if (datalen == 0) 1870 goto invalid; 1871 /* sanity check */ 1872 for (i = 0; i < (int)namelen; ++i) 1873 if (!isalpha(name[i])) 1874 goto invalid; 1875 if (strcmp(name, "caprights") == 0) { 1876 if (datalen != sizeof(cap_rights_t)) 1877 goto invalid; 1878 memcpy(&rights, data, datalen); 1879 ktrcaprights(&rights); 1880 } else if (strcmp(name, "stat") == 0) { 1881 if (datalen != sizeof(struct stat)) 1882 goto invalid; 1883 memcpy(&sb, data, datalen); 1884 ktrstat(&sb); 1885 } else if (strcmp(name, "sockaddr") == 0) { 1886 if (datalen > sizeof(ss)) 1887 goto invalid; 1888 memcpy(&ss, data, datalen); 1889 if (datalen != ss.ss_len) 1890 goto invalid; 1891 ktrsockaddr((struct sockaddr *)&ss); 1892 } else { 1893 printf("unknown structure\n"); 1894 } 1895 return; 1896 invalid: 1897 printf("invalid record\n"); 1898 } 1899 1900 void 1901 ktrcapfail(struct ktr_cap_fail *ktr) 1902 { 1903 switch (ktr->cap_type) { 1904 case CAPFAIL_NOTCAPABLE: 1905 /* operation on fd with insufficient capabilities */ 1906 printf("operation requires "); 1907 capname(&ktr->cap_needed); 1908 printf(", descriptor holds "); 1909 capname(&ktr->cap_held); 1910 break; 1911 case CAPFAIL_INCREASE: 1912 /* requested more capabilities than fd already has */ 1913 printf("attempt to increase capabilities from "); 1914 capname(&ktr->cap_held); 1915 printf(" to "); 1916 capname(&ktr->cap_needed); 1917 break; 1918 case CAPFAIL_SYSCALL: 1919 /* called restricted syscall */ 1920 printf("disallowed system call"); 1921 break; 1922 case CAPFAIL_LOOKUP: 1923 /* used ".." in strict-relative mode */ 1924 printf("restricted VFS lookup"); 1925 break; 1926 default: 1927 printf("unknown capability failure: "); 1928 capname(&ktr->cap_needed); 1929 printf(" "); 1930 capname(&ktr->cap_held); 1931 break; 1932 } 1933 printf("\n"); 1934 } 1935 1936 void 1937 ktrfault(struct ktr_fault *ktr) 1938 { 1939 1940 printf("0x%jx ", (uintmax_t)ktr->vaddr); 1941 vmprotname(ktr->type); 1942 printf("\n"); 1943 } 1944 1945 void 1946 ktrfaultend(struct ktr_faultend *ktr) 1947 { 1948 1949 vmresultname(ktr->result); 1950 printf("\n"); 1951 } 1952 1953 #if defined(__amd64__) || defined(__i386__) 1954 void 1955 linux_ktrsyscall(struct ktr_syscall *ktr) 1956 { 1957 int narg = ktr->ktr_narg; 1958 register_t *ip; 1959 1960 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0) 1961 printf("[%d]", ktr->ktr_code); 1962 else { 1963 printf("%s", linux_syscallnames[ktr->ktr_code]); 1964 if (syscallno) 1965 printf("[%d]", ktr->ktr_code); 1966 } 1967 ip = &ktr->ktr_args[0]; 1968 if (narg) { 1969 char c = '('; 1970 while (narg > 0) 1971 print_number(ip, narg, c); 1972 putchar(')'); 1973 } 1974 putchar('\n'); 1975 } 1976 1977 void 1978 linux_ktrsysret(struct ktr_sysret *ktr) 1979 { 1980 register_t ret = ktr->ktr_retval; 1981 int error = ktr->ktr_error; 1982 int code = ktr->ktr_code; 1983 1984 if (code >= nlinux_syscalls || code < 0) 1985 printf("[%d] ", code); 1986 else { 1987 printf("%s", linux_syscallnames[code]); 1988 if (syscallno) 1989 printf("[%d]", code); 1990 printf(" "); 1991 } 1992 1993 if (error == 0) { 1994 if (fancy) { 1995 printf("%ld", (long)ret); 1996 if (ret < 0 || ret > 9) 1997 printf("/%#lx", (unsigned long)ret); 1998 } else { 1999 if (decimal) 2000 printf("%ld", (long)ret); 2001 else 2002 printf("%#lx", (unsigned long)ret); 2003 } 2004 } else if (error == ERESTART) 2005 printf("RESTART"); 2006 else if (error == EJUSTRETURN) 2007 printf("JUSTRETURN"); 2008 else { 2009 if (ktr->ktr_error <= ELAST + 1) 2010 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 2011 else 2012 error = 999; 2013 printf("-1 errno %d", error); 2014 if (fancy) 2015 printf(" %s", strerror(ktr->ktr_error)); 2016 } 2017 putchar('\n'); 2018 } 2019 #endif 2020 2021 void 2022 usage(void) 2023 { 2024 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] " 2025 "[-m maxdata] [-p pid] [-t trstr]\n"); 2026 exit(1); 2027 } 2028