1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/capability.h> 50 #include <sys/errno.h> 51 #define _KERNEL 52 #include <sys/time.h> 53 #undef _KERNEL 54 #include <sys/uio.h> 55 #include <sys/ktrace.h> 56 #include <sys/ioctl.h> 57 #include <sys/socket.h> 58 #include <sys/stat.h> 59 #include <sys/sysent.h> 60 #include <sys/un.h> 61 #include <sys/queue.h> 62 #include <sys/wait.h> 63 #include <arpa/inet.h> 64 #include <netinet/in.h> 65 #include <ctype.h> 66 #include <dlfcn.h> 67 #include <err.h> 68 #include <grp.h> 69 #include <inttypes.h> 70 #ifdef HAVE_LIBCAPSICUM 71 #include <libcapsicum.h> 72 #include <libcapsicum_grp.h> 73 #include <libcapsicum_pwd.h> 74 #include <libcapsicum_service.h> 75 #endif 76 #include <locale.h> 77 #include <netdb.h> 78 #include <nl_types.h> 79 #ifdef HAVE_LIBCAPSICUM 80 #include <nv.h> 81 #endif 82 #include <pwd.h> 83 #include <stdio.h> 84 #include <stdlib.h> 85 #include <string.h> 86 #include <termios.h> 87 #include <time.h> 88 #include <unistd.h> 89 #include <vis.h> 90 #include "ktrace.h" 91 #include "kdump_subr.h" 92 93 u_int abidump(struct ktr_header *); 94 int fetchprocinfo(struct ktr_header *, u_int *); 95 int fread_tail(void *, int, int); 96 void dumpheader(struct ktr_header *); 97 void ktrsyscall(struct ktr_syscall *, u_int); 98 void ktrsysret(struct ktr_sysret *, u_int); 99 void ktrnamei(char *, int); 100 void hexdump(char *, int, int); 101 void visdump(char *, int, int); 102 void ktrgenio(struct ktr_genio *, int); 103 void ktrpsig(struct ktr_psig *); 104 void ktrcsw(struct ktr_csw *); 105 void ktrcsw_old(struct ktr_csw_old *); 106 void ktruser_malloc(unsigned char *); 107 void ktruser_rtld(int, unsigned char *); 108 void ktruser(int, unsigned char *); 109 void ktrcaprights(cap_rights_t *); 110 void ktrsockaddr(struct sockaddr *); 111 void ktrstat(struct stat *); 112 void ktrstruct(char *, size_t); 113 void ktrcapfail(struct ktr_cap_fail *); 114 void ktrfault(struct ktr_fault *); 115 void ktrfaultend(struct ktr_faultend *); 116 void limitfd(int fd); 117 void usage(void); 118 void ioctlname(unsigned long, int); 119 120 int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 121 resolv = 0, abiflag = 0; 122 const char *tracefile = DEF_TRACEFILE; 123 struct ktr_header ktr_header; 124 125 #define TIME_FORMAT "%b %e %T %Y" 126 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 127 128 #define print_number(i,n,c) do { \ 129 if (decimal) \ 130 printf("%c%jd", c, (intmax_t)*i); \ 131 else \ 132 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 133 i++; \ 134 n--; \ 135 c = ','; \ 136 } while (0) 137 138 #if defined(__amd64__) || defined(__i386__) 139 140 void linux_ktrsyscall(struct ktr_syscall *); 141 void linux_ktrsysret(struct ktr_sysret *); 142 extern char *linux_syscallnames[]; 143 extern int nlinux_syscalls; 144 145 /* 146 * from linux.h 147 * Linux syscalls return negative errno's, we do positive and map them 148 */ 149 static int bsd_to_linux_errno[ELAST + 1] = { 150 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 151 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 152 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 153 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 154 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 155 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 156 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 157 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 158 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 159 -72, -67, -71 160 }; 161 #endif 162 163 struct proc_info 164 { 165 TAILQ_ENTRY(proc_info) info; 166 u_int sv_flags; 167 pid_t pid; 168 }; 169 170 TAILQ_HEAD(trace_procs, proc_info) trace_procs; 171 172 #ifdef HAVE_LIBCAPSICUM 173 static cap_channel_t *cappwd, *capgrp; 174 #endif 175 176 static void 177 strerror_init(void) 178 { 179 180 /* 181 * Cache NLS data before entering capability mode. 182 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 183 */ 184 (void)catopen("libc", NL_CAT_LOCALE); 185 } 186 187 static void 188 localtime_init(void) 189 { 190 time_t ltime; 191 192 /* 193 * Allow localtime(3) to cache /etc/localtime content before entering 194 * capability mode. 195 * XXXPJD: There should be localtime_init() in libc. 196 */ 197 (void)time(<ime); 198 (void)localtime(<ime); 199 } 200 201 #ifdef HAVE_LIBCAPSICUM 202 static int 203 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp) 204 { 205 cap_channel_t *capcas, *cappwdloc, *capgrploc; 206 const char *cmds[1], *fields[1]; 207 208 capcas = cap_init(); 209 if (capcas == NULL) { 210 warn("unable to contact casperd"); 211 return (-1); 212 } 213 cappwdloc = cap_service_open(capcas, "system.pwd"); 214 capgrploc = cap_service_open(capcas, "system.grp"); 215 /* Casper capability no longer needed. */ 216 cap_close(capcas); 217 if (cappwdloc == NULL || capgrploc == NULL) { 218 if (cappwdloc == NULL) 219 warn("unable to open system.pwd service"); 220 if (capgrploc == NULL) 221 warn("unable to open system.grp service"); 222 exit(1); 223 } 224 /* Limit system.pwd to only getpwuid() function and pw_name field. */ 225 cmds[0] = "getpwuid"; 226 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0) 227 err(1, "unable to limit system.pwd service"); 228 fields[0] = "pw_name"; 229 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0) 230 err(1, "unable to limit system.pwd service"); 231 /* Limit system.grp to only getgrgid() function and gr_name field. */ 232 cmds[0] = "getgrgid"; 233 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0) 234 err(1, "unable to limit system.grp service"); 235 fields[0] = "gr_name"; 236 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0) 237 err(1, "unable to limit system.grp service"); 238 239 *cappwdp = cappwdloc; 240 *capgrpp = capgrploc; 241 return (0); 242 } 243 #endif /* HAVE_LIBCAPSICUM */ 244 245 int 246 main(int argc, char *argv[]) 247 { 248 int ch, ktrlen, size; 249 void *m; 250 int trpoints = ALL_POINTS; 251 int drop_logged; 252 pid_t pid = 0; 253 u_int sv_flags; 254 255 setlocale(LC_CTYPE, ""); 256 257 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrsTt:")) != -1) 258 switch (ch) { 259 case 'A': 260 abiflag = 1; 261 break; 262 case 'f': 263 tracefile = optarg; 264 break; 265 case 'd': 266 decimal = 1; 267 break; 268 case 'l': 269 tail = 1; 270 break; 271 case 'm': 272 maxdata = atoi(optarg); 273 break; 274 case 'n': 275 fancy = 0; 276 break; 277 case 'p': 278 pid = atoi(optarg); 279 break; 280 case 'r': 281 resolv = 1; 282 break; 283 case 's': 284 suppressdata = 1; 285 break; 286 case 'E': 287 timestamp = 3; /* elapsed timestamp */ 288 break; 289 case 'H': 290 threads = 1; 291 break; 292 case 'R': 293 timestamp = 2; /* relative timestamp */ 294 break; 295 case 'T': 296 timestamp = 1; 297 break; 298 case 't': 299 trpoints = getpoints(optarg); 300 if (trpoints < 0) 301 errx(1, "unknown trace point in %s", optarg); 302 break; 303 default: 304 usage(); 305 } 306 307 if (argc > optind) 308 usage(); 309 310 m = malloc(size = 1025); 311 if (m == NULL) 312 errx(1, "%s", strerror(ENOMEM)); 313 if (!freopen(tracefile, "r", stdin)) 314 err(1, "%s", tracefile); 315 316 strerror_init(); 317 localtime_init(); 318 #ifdef HAVE_LIBCAPSICUM 319 if (resolv != 0) { 320 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) { 321 cappwd = NULL; 322 capgrp = NULL; 323 } 324 } 325 if (resolv == 0 || (cappwd != NULL && capgrp != NULL)) { 326 if (cap_enter() < 0 && errno != ENOSYS) 327 err(1, "unable to enter capability mode"); 328 } 329 #else 330 if (resolv == 0) { 331 if (cap_enter() < 0 && errno != ENOSYS) 332 err(1, "unable to enter capability mode"); 333 } 334 #endif 335 limitfd(STDIN_FILENO); 336 limitfd(STDOUT_FILENO); 337 limitfd(STDERR_FILENO); 338 if (cap_sandboxed()) 339 fprintf(stderr, "capability mode sandbox enabled\n"); 340 341 TAILQ_INIT(&trace_procs); 342 drop_logged = 0; 343 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 344 if (ktr_header.ktr_type & KTR_DROP) { 345 ktr_header.ktr_type &= ~KTR_DROP; 346 if (!drop_logged && threads) { 347 printf( 348 "%6jd %6jd %-8.*s Events dropped.\n", 349 (intmax_t)ktr_header.ktr_pid, 350 ktr_header.ktr_tid > 0 ? 351 (intmax_t)ktr_header.ktr_tid : 0, 352 MAXCOMLEN, ktr_header.ktr_comm); 353 drop_logged = 1; 354 } else if (!drop_logged) { 355 printf("%6jd %-8.*s Events dropped.\n", 356 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 357 ktr_header.ktr_comm); 358 drop_logged = 1; 359 } 360 } 361 if (trpoints & (1<<ktr_header.ktr_type)) 362 if (pid == 0 || ktr_header.ktr_pid == pid || 363 ktr_header.ktr_tid == pid) 364 dumpheader(&ktr_header); 365 if ((ktrlen = ktr_header.ktr_len) < 0) 366 errx(1, "bogus length 0x%x", ktrlen); 367 if (ktrlen > size) { 368 m = realloc(m, ktrlen+1); 369 if (m == NULL) 370 errx(1, "%s", strerror(ENOMEM)); 371 size = ktrlen; 372 } 373 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 374 errx(1, "data too short"); 375 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 376 continue; 377 sv_flags = abidump(&ktr_header); 378 if (pid && ktr_header.ktr_pid != pid && 379 ktr_header.ktr_tid != pid) 380 continue; 381 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 382 continue; 383 drop_logged = 0; 384 switch (ktr_header.ktr_type) { 385 case KTR_SYSCALL: 386 #if defined(__amd64__) || defined(__i386__) 387 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 388 linux_ktrsyscall((struct ktr_syscall *)m); 389 else 390 #endif 391 ktrsyscall((struct ktr_syscall *)m, sv_flags); 392 break; 393 case KTR_SYSRET: 394 #if defined(__amd64__) || defined(__i386__) 395 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 396 linux_ktrsysret((struct ktr_sysret *)m); 397 else 398 #endif 399 ktrsysret((struct ktr_sysret *)m, sv_flags); 400 break; 401 case KTR_NAMEI: 402 case KTR_SYSCTL: 403 ktrnamei(m, ktrlen); 404 break; 405 case KTR_GENIO: 406 ktrgenio((struct ktr_genio *)m, ktrlen); 407 break; 408 case KTR_PSIG: 409 ktrpsig((struct ktr_psig *)m); 410 break; 411 case KTR_CSW: 412 if (ktrlen == sizeof(struct ktr_csw_old)) 413 ktrcsw_old((struct ktr_csw_old *)m); 414 else 415 ktrcsw((struct ktr_csw *)m); 416 break; 417 case KTR_USER: 418 ktruser(ktrlen, m); 419 break; 420 case KTR_STRUCT: 421 ktrstruct(m, ktrlen); 422 break; 423 case KTR_CAPFAIL: 424 ktrcapfail((struct ktr_cap_fail *)m); 425 break; 426 case KTR_FAULT: 427 ktrfault((struct ktr_fault *)m); 428 break; 429 case KTR_FAULTEND: 430 ktrfaultend((struct ktr_faultend *)m); 431 break; 432 default: 433 printf("\n"); 434 break; 435 } 436 if (tail) 437 fflush(stdout); 438 } 439 return 0; 440 } 441 442 void 443 limitfd(int fd) 444 { 445 cap_rights_t rights; 446 unsigned long cmd; 447 448 cap_rights_init(&rights, CAP_FSTAT); 449 cmd = -1; 450 451 switch (fd) { 452 case STDIN_FILENO: 453 cap_rights_set(&rights, CAP_READ); 454 break; 455 case STDOUT_FILENO: 456 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE); 457 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 458 break; 459 case STDERR_FILENO: 460 cap_rights_set(&rights, CAP_WRITE); 461 if (!suppressdata) { 462 cap_rights_set(&rights, CAP_IOCTL); 463 cmd = TIOCGWINSZ; 464 } 465 break; 466 default: 467 abort(); 468 } 469 470 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) 471 err(1, "unable to limit rights for descriptor %d", fd); 472 if (cmd != -1 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 473 err(1, "unable to limit ioctls for descriptor %d", fd); 474 } 475 476 int 477 fread_tail(void *buf, int size, int num) 478 { 479 int i; 480 481 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 482 sleep(1); 483 clearerr(stdin); 484 } 485 return (i); 486 } 487 488 int 489 fetchprocinfo(struct ktr_header *kth, u_int *flags) 490 { 491 struct proc_info *pi; 492 493 switch (kth->ktr_type) { 494 case KTR_PROCCTOR: 495 TAILQ_FOREACH(pi, &trace_procs, info) { 496 if (pi->pid == kth->ktr_pid) { 497 TAILQ_REMOVE(&trace_procs, pi, info); 498 break; 499 } 500 } 501 pi = malloc(sizeof(struct proc_info)); 502 if (pi == NULL) 503 errx(1, "%s", strerror(ENOMEM)); 504 pi->sv_flags = *flags; 505 pi->pid = kth->ktr_pid; 506 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 507 return (1); 508 509 case KTR_PROCDTOR: 510 TAILQ_FOREACH(pi, &trace_procs, info) { 511 if (pi->pid == kth->ktr_pid) { 512 TAILQ_REMOVE(&trace_procs, pi, info); 513 free(pi); 514 break; 515 } 516 } 517 return (1); 518 } 519 520 return (0); 521 } 522 523 u_int 524 abidump(struct ktr_header *kth) 525 { 526 struct proc_info *pi; 527 const char *abi; 528 const char *arch; 529 u_int flags = 0; 530 531 TAILQ_FOREACH(pi, &trace_procs, info) { 532 if (pi->pid == kth->ktr_pid) { 533 flags = pi->sv_flags; 534 break; 535 } 536 } 537 538 if (abiflag == 0) 539 return (flags); 540 541 switch (flags & SV_ABI_MASK) { 542 case SV_ABI_LINUX: 543 abi = "L"; 544 break; 545 case SV_ABI_FREEBSD: 546 abi = "F"; 547 break; 548 default: 549 abi = "U"; 550 break; 551 } 552 553 if (flags != 0) { 554 if (flags & SV_LP64) 555 arch = "64"; 556 else 557 arch = "32"; 558 } else 559 arch = "00"; 560 561 printf("%s%s ", abi, arch); 562 563 return (flags); 564 } 565 566 void 567 dumpheader(struct ktr_header *kth) 568 { 569 static char unknown[64]; 570 static struct timeval prevtime, temp; 571 const char *type; 572 573 switch (kth->ktr_type) { 574 case KTR_SYSCALL: 575 type = "CALL"; 576 break; 577 case KTR_SYSRET: 578 type = "RET "; 579 break; 580 case KTR_NAMEI: 581 type = "NAMI"; 582 break; 583 case KTR_GENIO: 584 type = "GIO "; 585 break; 586 case KTR_PSIG: 587 type = "PSIG"; 588 break; 589 case KTR_CSW: 590 type = "CSW "; 591 break; 592 case KTR_USER: 593 type = "USER"; 594 break; 595 case KTR_STRUCT: 596 type = "STRU"; 597 break; 598 case KTR_SYSCTL: 599 type = "SCTL"; 600 break; 601 case KTR_PROCCTOR: 602 /* FALLTHROUGH */ 603 case KTR_PROCDTOR: 604 return; 605 case KTR_CAPFAIL: 606 type = "CAP "; 607 break; 608 case KTR_FAULT: 609 type = "PFLT"; 610 break; 611 case KTR_FAULTEND: 612 type = "PRET"; 613 break; 614 default: 615 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 616 type = unknown; 617 } 618 619 /* 620 * The ktr_tid field was previously the ktr_buffer field, which held 621 * the kernel pointer value for the buffer associated with data 622 * following the record header. It now holds a threadid, but only 623 * for trace files after the change. Older trace files still contain 624 * kernel pointers. Detect this and suppress the results by printing 625 * negative tid's as 0. 626 */ 627 if (threads) 628 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 629 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 630 MAXCOMLEN, kth->ktr_comm); 631 else 632 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 633 kth->ktr_comm); 634 if (timestamp) { 635 if (timestamp == 3) { 636 if (prevtime.tv_sec == 0) 637 prevtime = kth->ktr_time; 638 timevalsub(&kth->ktr_time, &prevtime); 639 } 640 if (timestamp == 2) { 641 temp = kth->ktr_time; 642 timevalsub(&kth->ktr_time, &prevtime); 643 prevtime = temp; 644 } 645 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 646 kth->ktr_time.tv_usec); 647 } 648 printf("%s ", type); 649 } 650 651 #include <sys/syscall.h> 652 #define KTRACE 653 #include <sys/kern/syscalls.c> 654 #undef KTRACE 655 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 656 657 void 658 ktrsyscall(struct ktr_syscall *ktr, u_int flags) 659 { 660 int narg = ktr->ktr_narg; 661 register_t *ip; 662 intmax_t arg; 663 664 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 665 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 666 printf("[%d]", ktr->ktr_code); 667 else 668 printf("%s", syscallnames[ktr->ktr_code]); 669 ip = &ktr->ktr_args[0]; 670 if (narg) { 671 char c = '('; 672 if (fancy && 673 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 674 switch (ktr->ktr_code) { 675 case SYS_bindat: 676 case SYS_connectat: 677 case SYS_faccessat: 678 case SYS_fchmodat: 679 case SYS_fchownat: 680 case SYS_fstatat: 681 case SYS_futimesat: 682 case SYS_linkat: 683 case SYS_mkdirat: 684 case SYS_mkfifoat: 685 case SYS_mknodat: 686 case SYS_openat: 687 case SYS_readlinkat: 688 case SYS_renameat: 689 case SYS_unlinkat: 690 putchar('('); 691 atfdname(*ip, decimal); 692 c = ','; 693 ip++; 694 narg--; 695 break; 696 } 697 switch (ktr->ktr_code) { 698 case SYS_ioctl: { 699 print_number(ip, narg, c); 700 putchar(c); 701 ioctlname(*ip, decimal); 702 c = ','; 703 ip++; 704 narg--; 705 break; 706 } 707 case SYS_ptrace: 708 putchar('('); 709 ptraceopname(*ip); 710 c = ','; 711 ip++; 712 narg--; 713 break; 714 case SYS_access: 715 case SYS_eaccess: 716 case SYS_faccessat: 717 print_number(ip, narg, c); 718 putchar(','); 719 accessmodename(*ip); 720 ip++; 721 narg--; 722 break; 723 case SYS_open: 724 case SYS_openat: 725 print_number(ip, narg, c); 726 putchar(','); 727 flagsandmodename(ip[0], ip[1], decimal); 728 ip += 2; 729 narg -= 2; 730 break; 731 case SYS_wait4: 732 print_number(ip, narg, c); 733 print_number(ip, narg, c); 734 /* 735 * A flags value of zero is valid for 736 * wait4() but not for wait6(), so 737 * handle zero special here. 738 */ 739 if (*ip == 0) { 740 print_number(ip, narg, c); 741 } else { 742 putchar(','); 743 wait6optname(*ip); 744 ip++; 745 narg--; 746 } 747 break; 748 case SYS_wait6: 749 putchar('('); 750 idtypename(*ip, decimal); 751 c = ','; 752 ip++; 753 narg--; 754 print_number(ip, narg, c); 755 print_number(ip, narg, c); 756 putchar(','); 757 wait6optname(*ip); 758 ip++; 759 narg--; 760 break; 761 case SYS_chmod: 762 case SYS_fchmod: 763 case SYS_lchmod: 764 print_number(ip, narg, c); 765 putchar(','); 766 modename(*ip); 767 ip++; 768 narg--; 769 break; 770 case SYS_mknod: 771 case SYS_mknodat: 772 print_number(ip, narg, c); 773 putchar(','); 774 modename(*ip); 775 ip++; 776 narg--; 777 break; 778 case SYS_getfsstat: 779 print_number(ip, narg, c); 780 print_number(ip, narg, c); 781 putchar(','); 782 getfsstatflagsname(*ip); 783 ip++; 784 narg--; 785 break; 786 case SYS_mount: 787 print_number(ip, narg, c); 788 print_number(ip, narg, c); 789 putchar(','); 790 mountflagsname(*ip); 791 ip++; 792 narg--; 793 break; 794 case SYS_unmount: 795 print_number(ip, narg, c); 796 putchar(','); 797 mountflagsname(*ip); 798 ip++; 799 narg--; 800 break; 801 case SYS_recvmsg: 802 case SYS_sendmsg: 803 print_number(ip, narg, c); 804 print_number(ip, narg, c); 805 putchar(','); 806 sendrecvflagsname(*ip); 807 ip++; 808 narg--; 809 break; 810 case SYS_recvfrom: 811 case SYS_sendto: 812 print_number(ip, narg, c); 813 print_number(ip, narg, c); 814 print_number(ip, narg, c); 815 putchar(','); 816 sendrecvflagsname(*ip); 817 ip++; 818 narg--; 819 break; 820 case SYS_chflags: 821 case SYS_fchflags: 822 case SYS_lchflags: 823 print_number(ip, narg, c); 824 putchar(','); 825 modename(*ip); 826 ip++; 827 narg--; 828 break; 829 case SYS_kill: 830 print_number(ip, narg, c); 831 putchar(','); 832 signame(*ip); 833 ip++; 834 narg--; 835 break; 836 case SYS_reboot: 837 putchar('('); 838 rebootoptname(*ip); 839 ip++; 840 narg--; 841 break; 842 case SYS_umask: 843 putchar('('); 844 modename(*ip); 845 ip++; 846 narg--; 847 break; 848 case SYS_msync: 849 print_number(ip, narg, c); 850 print_number(ip, narg, c); 851 putchar(','); 852 msyncflagsname(*ip); 853 ip++; 854 narg--; 855 break; 856 #ifdef SYS_freebsd6_mmap 857 case SYS_freebsd6_mmap: 858 print_number(ip, narg, c); 859 print_number(ip, narg, c); 860 putchar(','); 861 mmapprotname(*ip); 862 putchar(','); 863 ip++; 864 narg--; 865 mmapflagsname(*ip); 866 ip++; 867 narg--; 868 break; 869 #endif 870 case SYS_mmap: 871 print_number(ip, narg, c); 872 print_number(ip, narg, c); 873 putchar(','); 874 mmapprotname(*ip); 875 putchar(','); 876 ip++; 877 narg--; 878 mmapflagsname(*ip); 879 ip++; 880 narg--; 881 break; 882 case SYS_mprotect: 883 print_number(ip, narg, c); 884 print_number(ip, narg, c); 885 putchar(','); 886 mmapprotname(*ip); 887 ip++; 888 narg--; 889 break; 890 case SYS_madvise: 891 print_number(ip, narg, c); 892 print_number(ip, narg, c); 893 putchar(','); 894 madvisebehavname(*ip); 895 ip++; 896 narg--; 897 break; 898 case SYS_setpriority: 899 print_number(ip, narg, c); 900 print_number(ip, narg, c); 901 putchar(','); 902 prioname(*ip); 903 ip++; 904 narg--; 905 break; 906 case SYS_fcntl: 907 print_number(ip, narg, c); 908 putchar(','); 909 fcntlcmdname(ip[0], ip[1], decimal); 910 ip += 2; 911 narg -= 2; 912 break; 913 case SYS_socket: { 914 int sockdomain; 915 putchar('('); 916 sockdomain = *ip; 917 sockdomainname(sockdomain); 918 ip++; 919 narg--; 920 putchar(','); 921 socktypenamewithflags(*ip); 922 ip++; 923 narg--; 924 if (sockdomain == PF_INET || 925 sockdomain == PF_INET6) { 926 putchar(','); 927 sockipprotoname(*ip); 928 ip++; 929 narg--; 930 } 931 c = ','; 932 break; 933 } 934 case SYS_setsockopt: 935 case SYS_getsockopt: 936 print_number(ip, narg, c); 937 putchar(','); 938 sockoptlevelname(*ip, decimal); 939 if (*ip == SOL_SOCKET) { 940 ip++; 941 narg--; 942 putchar(','); 943 sockoptname(*ip); 944 } 945 ip++; 946 narg--; 947 break; 948 #ifdef SYS_freebsd6_lseek 949 case SYS_freebsd6_lseek: 950 print_number(ip, narg, c); 951 /* Hidden 'pad' argument, not in lseek(2) */ 952 print_number(ip, narg, c); 953 print_number(ip, narg, c); 954 putchar(','); 955 whencename(*ip); 956 ip++; 957 narg--; 958 break; 959 #endif 960 case SYS_lseek: 961 print_number(ip, narg, c); 962 /* Hidden 'pad' argument, not in lseek(2) */ 963 print_number(ip, narg, c); 964 putchar(','); 965 whencename(*ip); 966 ip++; 967 narg--; 968 break; 969 case SYS_flock: 970 print_number(ip, narg, c); 971 putchar(','); 972 flockname(*ip); 973 ip++; 974 narg--; 975 break; 976 case SYS_mkfifo: 977 case SYS_mkfifoat: 978 case SYS_mkdir: 979 case SYS_mkdirat: 980 print_number(ip, narg, c); 981 putchar(','); 982 modename(*ip); 983 ip++; 984 narg--; 985 break; 986 case SYS_shutdown: 987 print_number(ip, narg, c); 988 putchar(','); 989 shutdownhowname(*ip); 990 ip++; 991 narg--; 992 break; 993 case SYS_socketpair: 994 putchar('('); 995 sockdomainname(*ip); 996 ip++; 997 narg--; 998 putchar(','); 999 socktypenamewithflags(*ip); 1000 ip++; 1001 narg--; 1002 c = ','; 1003 break; 1004 case SYS_getrlimit: 1005 case SYS_setrlimit: 1006 putchar('('); 1007 rlimitname(*ip); 1008 ip++; 1009 narg--; 1010 c = ','; 1011 break; 1012 case SYS_quotactl: 1013 print_number(ip, narg, c); 1014 putchar(','); 1015 quotactlname(*ip); 1016 ip++; 1017 narg--; 1018 c = ','; 1019 break; 1020 case SYS_nfssvc: 1021 putchar('('); 1022 nfssvcname(*ip); 1023 ip++; 1024 narg--; 1025 c = ','; 1026 break; 1027 case SYS_rtprio: 1028 putchar('('); 1029 rtprioname(*ip); 1030 ip++; 1031 narg--; 1032 c = ','; 1033 break; 1034 case SYS___semctl: 1035 print_number(ip, narg, c); 1036 print_number(ip, narg, c); 1037 putchar(','); 1038 semctlname(*ip); 1039 ip++; 1040 narg--; 1041 break; 1042 case SYS_semget: 1043 print_number(ip, narg, c); 1044 print_number(ip, narg, c); 1045 putchar(','); 1046 semgetname(*ip); 1047 ip++; 1048 narg--; 1049 break; 1050 case SYS_msgctl: 1051 print_number(ip, narg, c); 1052 putchar(','); 1053 shmctlname(*ip); 1054 ip++; 1055 narg--; 1056 break; 1057 case SYS_shmat: 1058 print_number(ip, narg, c); 1059 print_number(ip, narg, c); 1060 putchar(','); 1061 shmatname(*ip); 1062 ip++; 1063 narg--; 1064 break; 1065 case SYS_shmctl: 1066 print_number(ip, narg, c); 1067 putchar(','); 1068 shmctlname(*ip); 1069 ip++; 1070 narg--; 1071 break; 1072 case SYS_minherit: 1073 print_number(ip, narg, c); 1074 print_number(ip, narg, c); 1075 putchar(','); 1076 minheritname(*ip); 1077 ip++; 1078 narg--; 1079 break; 1080 case SYS_rfork: 1081 putchar('('); 1082 rforkname(*ip); 1083 ip++; 1084 narg--; 1085 c = ','; 1086 break; 1087 case SYS_lio_listio: 1088 putchar('('); 1089 lio_listioname(*ip); 1090 ip++; 1091 narg--; 1092 c = ','; 1093 break; 1094 case SYS_mlockall: 1095 putchar('('); 1096 mlockallname(*ip); 1097 ip++; 1098 narg--; 1099 break; 1100 case SYS_sched_setscheduler: 1101 print_number(ip, narg, c); 1102 putchar(','); 1103 schedpolicyname(*ip); 1104 ip++; 1105 narg--; 1106 break; 1107 case SYS_sched_get_priority_max: 1108 case SYS_sched_get_priority_min: 1109 putchar('('); 1110 schedpolicyname(*ip); 1111 ip++; 1112 narg--; 1113 break; 1114 case SYS_sendfile: 1115 print_number(ip, narg, c); 1116 print_number(ip, narg, c); 1117 print_number(ip, narg, c); 1118 print_number(ip, narg, c); 1119 print_number(ip, narg, c); 1120 print_number(ip, narg, c); 1121 putchar(','); 1122 sendfileflagsname(*ip); 1123 ip++; 1124 narg--; 1125 break; 1126 case SYS_kldsym: 1127 print_number(ip, narg, c); 1128 putchar(','); 1129 kldsymcmdname(*ip); 1130 ip++; 1131 narg--; 1132 break; 1133 case SYS_sigprocmask: 1134 putchar('('); 1135 sigprocmaskhowname(*ip); 1136 ip++; 1137 narg--; 1138 c = ','; 1139 break; 1140 case SYS___acl_get_file: 1141 case SYS___acl_set_file: 1142 case SYS___acl_get_fd: 1143 case SYS___acl_set_fd: 1144 case SYS___acl_delete_file: 1145 case SYS___acl_delete_fd: 1146 case SYS___acl_aclcheck_file: 1147 case SYS___acl_aclcheck_fd: 1148 case SYS___acl_get_link: 1149 case SYS___acl_set_link: 1150 case SYS___acl_delete_link: 1151 case SYS___acl_aclcheck_link: 1152 print_number(ip, narg, c); 1153 putchar(','); 1154 acltypename(*ip); 1155 ip++; 1156 narg--; 1157 break; 1158 case SYS_sigaction: 1159 putchar('('); 1160 signame(*ip); 1161 ip++; 1162 narg--; 1163 c = ','; 1164 break; 1165 case SYS_extattrctl: 1166 print_number(ip, narg, c); 1167 putchar(','); 1168 extattrctlname(*ip); 1169 ip++; 1170 narg--; 1171 break; 1172 case SYS_nmount: 1173 print_number(ip, narg, c); 1174 print_number(ip, narg, c); 1175 putchar(','); 1176 mountflagsname(*ip); 1177 ip++; 1178 narg--; 1179 break; 1180 case SYS_thr_create: 1181 print_number(ip, narg, c); 1182 print_number(ip, narg, c); 1183 putchar(','); 1184 thrcreateflagsname(*ip); 1185 ip++; 1186 narg--; 1187 break; 1188 case SYS_thr_kill: 1189 print_number(ip, narg, c); 1190 putchar(','); 1191 signame(*ip); 1192 ip++; 1193 narg--; 1194 break; 1195 case SYS_kldunloadf: 1196 print_number(ip, narg, c); 1197 putchar(','); 1198 kldunloadfflagsname(*ip); 1199 ip++; 1200 narg--; 1201 break; 1202 case SYS_linkat: 1203 case SYS_renameat: 1204 case SYS_symlinkat: 1205 print_number(ip, narg, c); 1206 putchar(','); 1207 atfdname(*ip, decimal); 1208 ip++; 1209 narg--; 1210 break; 1211 case SYS_cap_fcntls_limit: 1212 print_number(ip, narg, c); 1213 putchar(','); 1214 arg = *ip; 1215 ip++; 1216 narg--; 1217 capfcntlname(arg); 1218 break; 1219 case SYS_posix_fadvise: 1220 print_number(ip, narg, c); 1221 print_number(ip, narg, c); 1222 print_number(ip, narg, c); 1223 (void)putchar(','); 1224 fadvisebehavname((int)*ip); 1225 ip++; 1226 narg--; 1227 break; 1228 case SYS_procctl: 1229 putchar('('); 1230 idtypename(*ip, decimal); 1231 c = ','; 1232 ip++; 1233 narg--; 1234 print_number(ip, narg, c); 1235 putchar(','); 1236 procctlcmdname(*ip); 1237 ip++; 1238 narg--; 1239 break; 1240 } 1241 } 1242 while (narg > 0) { 1243 print_number(ip, narg, c); 1244 } 1245 putchar(')'); 1246 } 1247 putchar('\n'); 1248 } 1249 1250 void 1251 ktrsysret(struct ktr_sysret *ktr, u_int flags) 1252 { 1253 register_t ret = ktr->ktr_retval; 1254 int error = ktr->ktr_error; 1255 int code = ktr->ktr_code; 1256 1257 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1258 (code >= nsyscalls || code < 0)) 1259 printf("[%d] ", code); 1260 else 1261 printf("%s ", syscallnames[code]); 1262 1263 if (error == 0) { 1264 if (fancy) { 1265 printf("%ld", (long)ret); 1266 if (ret < 0 || ret > 9) 1267 printf("/%#lx", (unsigned long)ret); 1268 } else { 1269 if (decimal) 1270 printf("%ld", (long)ret); 1271 else 1272 printf("%#lx", (unsigned long)ret); 1273 } 1274 } else if (error == ERESTART) 1275 printf("RESTART"); 1276 else if (error == EJUSTRETURN) 1277 printf("JUSTRETURN"); 1278 else { 1279 printf("-1 errno %d", ktr->ktr_error); 1280 if (fancy) 1281 printf(" %s", strerror(ktr->ktr_error)); 1282 } 1283 putchar('\n'); 1284 } 1285 1286 void 1287 ktrnamei(char *cp, int len) 1288 { 1289 printf("\"%.*s\"\n", len, cp); 1290 } 1291 1292 void 1293 hexdump(char *p, int len, int screenwidth) 1294 { 1295 int n, i; 1296 int width; 1297 1298 width = 0; 1299 do { 1300 width += 2; 1301 i = 13; /* base offset */ 1302 i += (width / 2) + 1; /* spaces every second byte */ 1303 i += (width * 2); /* width of bytes */ 1304 i += 3; /* " |" */ 1305 i += width; /* each byte */ 1306 i += 1; /* "|" */ 1307 } while (i < screenwidth); 1308 width -= 2; 1309 1310 for (n = 0; n < len; n += width) { 1311 for (i = n; i < n + width; i++) { 1312 if ((i % width) == 0) { /* beginning of line */ 1313 printf(" 0x%04x", i); 1314 } 1315 if ((i % 2) == 0) { 1316 printf(" "); 1317 } 1318 if (i < len) 1319 printf("%02x", p[i] & 0xff); 1320 else 1321 printf(" "); 1322 } 1323 printf(" |"); 1324 for (i = n; i < n + width; i++) { 1325 if (i >= len) 1326 break; 1327 if (p[i] >= ' ' && p[i] <= '~') 1328 printf("%c", p[i]); 1329 else 1330 printf("."); 1331 } 1332 printf("|\n"); 1333 } 1334 if ((i % width) != 0) 1335 printf("\n"); 1336 } 1337 1338 void 1339 visdump(char *dp, int datalen, int screenwidth) 1340 { 1341 int col = 0; 1342 char *cp; 1343 int width; 1344 char visbuf[5]; 1345 1346 printf(" \""); 1347 col = 8; 1348 for (;datalen > 0; datalen--, dp++) { 1349 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1350 cp = visbuf; 1351 /* 1352 * Keep track of printables and 1353 * space chars (like fold(1)). 1354 */ 1355 if (col == 0) { 1356 putchar('\t'); 1357 col = 8; 1358 } 1359 switch(*cp) { 1360 case '\n': 1361 col = 0; 1362 putchar('\n'); 1363 continue; 1364 case '\t': 1365 width = 8 - (col&07); 1366 break; 1367 default: 1368 width = strlen(cp); 1369 } 1370 if (col + width > (screenwidth-2)) { 1371 printf("\\\n\t"); 1372 col = 8; 1373 } 1374 col += width; 1375 do { 1376 putchar(*cp++); 1377 } while (*cp); 1378 } 1379 if (col == 0) 1380 printf(" "); 1381 printf("\"\n"); 1382 } 1383 1384 void 1385 ktrgenio(struct ktr_genio *ktr, int len) 1386 { 1387 int datalen = len - sizeof (struct ktr_genio); 1388 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1389 static int screenwidth = 0; 1390 int i, binary; 1391 1392 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1393 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1394 datalen == 1 ? "" : "s"); 1395 if (suppressdata) 1396 return; 1397 if (screenwidth == 0) { 1398 struct winsize ws; 1399 1400 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1401 ws.ws_col > 8) 1402 screenwidth = ws.ws_col; 1403 else 1404 screenwidth = 80; 1405 } 1406 if (maxdata && datalen > maxdata) 1407 datalen = maxdata; 1408 1409 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1410 if (dp[i] >= 32 && dp[i] < 127) 1411 continue; 1412 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1413 continue; 1414 binary = 1; 1415 } 1416 if (binary) 1417 hexdump(dp, datalen, screenwidth); 1418 else 1419 visdump(dp, datalen, screenwidth); 1420 } 1421 1422 const char *signames[] = { 1423 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1424 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1425 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1426 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1427 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1428 "USR2", NULL, /* 31 - 32 */ 1429 }; 1430 1431 void 1432 ktrpsig(struct ktr_psig *psig) 1433 { 1434 if (psig->signo > 0 && psig->signo < NSIG) 1435 printf("SIG%s ", signames[psig->signo]); 1436 else 1437 printf("SIG %d ", psig->signo); 1438 if (psig->action == SIG_DFL) { 1439 printf("SIG_DFL code="); 1440 sigcodename(psig->signo, psig->code); 1441 putchar('\n'); 1442 } else { 1443 printf("caught handler=0x%lx mask=0x%x code=", 1444 (u_long)psig->action, psig->mask.__bits[0]); 1445 sigcodename(psig->signo, psig->code); 1446 putchar('\n'); 1447 } 1448 } 1449 1450 void 1451 ktrcsw_old(struct ktr_csw_old *cs) 1452 { 1453 printf("%s %s\n", cs->out ? "stop" : "resume", 1454 cs->user ? "user" : "kernel"); 1455 } 1456 1457 void 1458 ktrcsw(struct ktr_csw *cs) 1459 { 1460 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1461 cs->user ? "user" : "kernel", cs->wmesg); 1462 } 1463 1464 #define UTRACE_DLOPEN_START 1 1465 #define UTRACE_DLOPEN_STOP 2 1466 #define UTRACE_DLCLOSE_START 3 1467 #define UTRACE_DLCLOSE_STOP 4 1468 #define UTRACE_LOAD_OBJECT 5 1469 #define UTRACE_UNLOAD_OBJECT 6 1470 #define UTRACE_ADD_RUNDEP 7 1471 #define UTRACE_PRELOAD_FINISHED 8 1472 #define UTRACE_INIT_CALL 9 1473 #define UTRACE_FINI_CALL 10 1474 1475 struct utrace_rtld { 1476 char sig[4]; /* 'RTLD' */ 1477 int event; 1478 void *handle; 1479 void *mapbase; 1480 size_t mapsize; 1481 int refcnt; 1482 char name[MAXPATHLEN]; 1483 }; 1484 1485 void 1486 ktruser_rtld(int len, unsigned char *p) 1487 { 1488 struct utrace_rtld *ut = (struct utrace_rtld *)p; 1489 void *parent; 1490 int mode; 1491 1492 switch (ut->event) { 1493 case UTRACE_DLOPEN_START: 1494 mode = ut->refcnt; 1495 printf("dlopen(%s, ", ut->name); 1496 switch (mode & RTLD_MODEMASK) { 1497 case RTLD_NOW: 1498 printf("RTLD_NOW"); 1499 break; 1500 case RTLD_LAZY: 1501 printf("RTLD_LAZY"); 1502 break; 1503 default: 1504 printf("%#x", mode & RTLD_MODEMASK); 1505 } 1506 if (mode & RTLD_GLOBAL) 1507 printf(" | RTLD_GLOBAL"); 1508 if (mode & RTLD_TRACE) 1509 printf(" | RTLD_TRACE"); 1510 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1511 printf(" | %#x", mode & 1512 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1513 printf(")\n"); 1514 break; 1515 case UTRACE_DLOPEN_STOP: 1516 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1517 ut->refcnt); 1518 break; 1519 case UTRACE_DLCLOSE_START: 1520 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1521 ut->refcnt); 1522 break; 1523 case UTRACE_DLCLOSE_STOP: 1524 printf("dlclose(%p) finished\n", ut->handle); 1525 break; 1526 case UTRACE_LOAD_OBJECT: 1527 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1528 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1529 ut->name); 1530 break; 1531 case UTRACE_UNLOAD_OBJECT: 1532 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1533 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1534 ut->name); 1535 break; 1536 case UTRACE_ADD_RUNDEP: 1537 parent = ut->mapbase; 1538 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1539 ut->handle, ut->name, ut->refcnt); 1540 break; 1541 case UTRACE_PRELOAD_FINISHED: 1542 printf("RTLD: LD_PRELOAD finished\n"); 1543 break; 1544 case UTRACE_INIT_CALL: 1545 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1546 ut->name); 1547 break; 1548 case UTRACE_FINI_CALL: 1549 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1550 ut->name); 1551 break; 1552 default: 1553 p += 4; 1554 len -= 4; 1555 printf("RTLD: %d ", len); 1556 while (len--) 1557 if (decimal) 1558 printf(" %d", *p++); 1559 else 1560 printf(" %02x", *p++); 1561 printf("\n"); 1562 } 1563 } 1564 1565 struct utrace_malloc { 1566 void *p; 1567 size_t s; 1568 void *r; 1569 }; 1570 1571 void 1572 ktruser_malloc(unsigned char *p) 1573 { 1574 struct utrace_malloc *ut = (struct utrace_malloc *)p; 1575 1576 if (ut->p == (void *)(intptr_t)(-1)) 1577 printf("malloc_init()\n"); 1578 else if (ut->s == 0) 1579 printf("free(%p)\n", ut->p); 1580 else if (ut->p == NULL) 1581 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1582 else 1583 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1584 } 1585 1586 void 1587 ktruser(int len, unsigned char *p) 1588 { 1589 1590 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1591 ktruser_rtld(len, p); 1592 return; 1593 } 1594 1595 if (len == sizeof(struct utrace_malloc)) { 1596 ktruser_malloc(p); 1597 return; 1598 } 1599 1600 printf("%d ", len); 1601 while (len--) 1602 if (decimal) 1603 printf(" %d", *p++); 1604 else 1605 printf(" %02x", *p++); 1606 printf("\n"); 1607 } 1608 1609 void 1610 ktrcaprights(cap_rights_t *rightsp) 1611 { 1612 1613 printf("cap_rights_t "); 1614 capname(rightsp); 1615 printf("\n"); 1616 } 1617 1618 void 1619 ktrsockaddr(struct sockaddr *sa) 1620 { 1621 /* 1622 TODO: Support additional address families 1623 #include <netnatm/natm.h> 1624 struct sockaddr_natm *natm; 1625 #include <netsmb/netbios.h> 1626 struct sockaddr_nb *nb; 1627 */ 1628 char addr[64]; 1629 1630 /* 1631 * note: ktrstruct() has already verified that sa points to a 1632 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1633 * sa->sa_len bytes long. 1634 */ 1635 printf("struct sockaddr { "); 1636 sockfamilyname(sa->sa_family); 1637 printf(", "); 1638 1639 #define check_sockaddr_len(n) \ 1640 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1641 printf("invalid"); \ 1642 break; \ 1643 } 1644 1645 switch(sa->sa_family) { 1646 case AF_INET: { 1647 struct sockaddr_in sa_in; 1648 1649 memset(&sa_in, 0, sizeof(sa_in)); 1650 memcpy(&sa_in, sa, sa->sa_len); 1651 check_sockaddr_len(in); 1652 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1653 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1654 break; 1655 } 1656 case AF_INET6: { 1657 struct sockaddr_in6 sa_in6; 1658 1659 memset(&sa_in6, 0, sizeof(sa_in6)); 1660 memcpy(&sa_in6, sa, sa->sa_len); 1661 check_sockaddr_len(in6); 1662 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1663 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1664 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1665 break; 1666 } 1667 case AF_UNIX: { 1668 struct sockaddr_un sa_un; 1669 1670 memset(&sa_un, 0, sizeof(sa_un)); 1671 memcpy(&sa_un, sa, sa->sa_len); 1672 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1673 break; 1674 } 1675 default: 1676 printf("unknown address family"); 1677 } 1678 printf(" }\n"); 1679 } 1680 1681 void 1682 ktrstat(struct stat *statp) 1683 { 1684 char mode[12], timestr[PATH_MAX + 4]; 1685 struct passwd *pwd; 1686 struct group *grp; 1687 struct tm *tm; 1688 1689 /* 1690 * note: ktrstruct() has already verified that statp points to a 1691 * buffer exactly sizeof(struct stat) bytes long. 1692 */ 1693 printf("struct stat {"); 1694 printf("dev=%ju, ino=%ju, ", 1695 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); 1696 if (resolv == 0) 1697 printf("mode=0%jo, ", (uintmax_t)statp->st_mode); 1698 else { 1699 strmode(statp->st_mode, mode); 1700 printf("mode=%s, ", mode); 1701 } 1702 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); 1703 if (resolv == 0) { 1704 pwd = NULL; 1705 } else { 1706 #ifdef HAVE_LIBCAPSICUM 1707 if (cappwd != NULL) 1708 pwd = cap_getpwuid(cappwd, statp->st_uid); 1709 else 1710 #endif 1711 pwd = getpwuid(statp->st_uid); 1712 } 1713 if (pwd == NULL) 1714 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1715 else 1716 printf("uid=\"%s\", ", pwd->pw_name); 1717 if (resolv == 0) { 1718 grp = NULL; 1719 } else { 1720 #ifdef HAVE_LIBCAPSICUM 1721 if (capgrp != NULL) 1722 grp = cap_getgrgid(capgrp, statp->st_gid); 1723 else 1724 #endif 1725 grp = getgrgid(statp->st_gid); 1726 } 1727 if (grp == NULL) 1728 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1729 else 1730 printf("gid=\"%s\", ", grp->gr_name); 1731 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1732 printf("atime="); 1733 if (resolv == 0) 1734 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1735 else { 1736 tm = localtime(&statp->st_atim.tv_sec); 1737 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1738 printf("\"%s\"", timestr); 1739 } 1740 if (statp->st_atim.tv_nsec != 0) 1741 printf(".%09ld, ", statp->st_atim.tv_nsec); 1742 else 1743 printf(", "); 1744 printf("stime="); 1745 if (resolv == 0) 1746 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1747 else { 1748 tm = localtime(&statp->st_mtim.tv_sec); 1749 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1750 printf("\"%s\"", timestr); 1751 } 1752 if (statp->st_mtim.tv_nsec != 0) 1753 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1754 else 1755 printf(", "); 1756 printf("ctime="); 1757 if (resolv == 0) 1758 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1759 else { 1760 tm = localtime(&statp->st_ctim.tv_sec); 1761 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1762 printf("\"%s\"", timestr); 1763 } 1764 if (statp->st_ctim.tv_nsec != 0) 1765 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1766 else 1767 printf(", "); 1768 printf("birthtime="); 1769 if (resolv == 0) 1770 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1771 else { 1772 tm = localtime(&statp->st_birthtim.tv_sec); 1773 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1774 printf("\"%s\"", timestr); 1775 } 1776 if (statp->st_birthtim.tv_nsec != 0) 1777 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1778 else 1779 printf(", "); 1780 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1781 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1782 (intmax_t)statp->st_blocks, statp->st_flags); 1783 printf(" }\n"); 1784 } 1785 1786 void 1787 ktrstruct(char *buf, size_t buflen) 1788 { 1789 char *name, *data; 1790 size_t namelen, datalen; 1791 int i; 1792 cap_rights_t rights; 1793 struct stat sb; 1794 struct sockaddr_storage ss; 1795 1796 for (name = buf, namelen = 0; 1797 namelen < buflen && name[namelen] != '\0'; 1798 ++namelen) 1799 /* nothing */; 1800 if (namelen == buflen) 1801 goto invalid; 1802 if (name[namelen] != '\0') 1803 goto invalid; 1804 data = buf + namelen + 1; 1805 datalen = buflen - namelen - 1; 1806 if (datalen == 0) 1807 goto invalid; 1808 /* sanity check */ 1809 for (i = 0; i < (int)namelen; ++i) 1810 if (!isalpha(name[i])) 1811 goto invalid; 1812 if (strcmp(name, "caprights") == 0) { 1813 if (datalen != sizeof(cap_rights_t)) 1814 goto invalid; 1815 memcpy(&rights, data, datalen); 1816 ktrcaprights(&rights); 1817 } else if (strcmp(name, "stat") == 0) { 1818 if (datalen != sizeof(struct stat)) 1819 goto invalid; 1820 memcpy(&sb, data, datalen); 1821 ktrstat(&sb); 1822 } else if (strcmp(name, "sockaddr") == 0) { 1823 if (datalen > sizeof(ss)) 1824 goto invalid; 1825 memcpy(&ss, data, datalen); 1826 if (datalen != ss.ss_len) 1827 goto invalid; 1828 ktrsockaddr((struct sockaddr *)&ss); 1829 } else { 1830 printf("unknown structure\n"); 1831 } 1832 return; 1833 invalid: 1834 printf("invalid record\n"); 1835 } 1836 1837 void 1838 ktrcapfail(struct ktr_cap_fail *ktr) 1839 { 1840 switch (ktr->cap_type) { 1841 case CAPFAIL_NOTCAPABLE: 1842 /* operation on fd with insufficient capabilities */ 1843 printf("operation requires "); 1844 capname(&ktr->cap_needed); 1845 printf(", descriptor holds "); 1846 capname(&ktr->cap_held); 1847 break; 1848 case CAPFAIL_INCREASE: 1849 /* requested more capabilities than fd already has */ 1850 printf("attempt to increase capabilities from "); 1851 capname(&ktr->cap_held); 1852 printf(" to "); 1853 capname(&ktr->cap_needed); 1854 break; 1855 case CAPFAIL_SYSCALL: 1856 /* called restricted syscall */ 1857 printf("disallowed system call"); 1858 break; 1859 case CAPFAIL_LOOKUP: 1860 /* used ".." in strict-relative mode */ 1861 printf("restricted VFS lookup"); 1862 break; 1863 default: 1864 printf("unknown capability failure: "); 1865 capname(&ktr->cap_needed); 1866 printf(" "); 1867 capname(&ktr->cap_held); 1868 break; 1869 } 1870 printf("\n"); 1871 } 1872 1873 void 1874 ktrfault(struct ktr_fault *ktr) 1875 { 1876 1877 printf("0x%jx ", ktr->vaddr); 1878 vmprotname(ktr->type); 1879 printf("\n"); 1880 } 1881 1882 void 1883 ktrfaultend(struct ktr_faultend *ktr) 1884 { 1885 1886 vmresultname(ktr->result); 1887 printf("\n"); 1888 } 1889 1890 #if defined(__amd64__) || defined(__i386__) 1891 void 1892 linux_ktrsyscall(struct ktr_syscall *ktr) 1893 { 1894 int narg = ktr->ktr_narg; 1895 register_t *ip; 1896 1897 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0) 1898 printf("[%d]", ktr->ktr_code); 1899 else 1900 printf("%s", linux_syscallnames[ktr->ktr_code]); 1901 ip = &ktr->ktr_args[0]; 1902 if (narg) { 1903 char c = '('; 1904 while (narg > 0) 1905 print_number(ip, narg, c); 1906 putchar(')'); 1907 } 1908 putchar('\n'); 1909 } 1910 1911 void 1912 linux_ktrsysret(struct ktr_sysret *ktr) 1913 { 1914 register_t ret = ktr->ktr_retval; 1915 int error = ktr->ktr_error; 1916 int code = ktr->ktr_code; 1917 1918 if (code >= nlinux_syscalls || code < 0) 1919 printf("[%d] ", code); 1920 else 1921 printf("%s ", linux_syscallnames[code]); 1922 1923 if (error == 0) { 1924 if (fancy) { 1925 printf("%ld", (long)ret); 1926 if (ret < 0 || ret > 9) 1927 printf("/%#lx", (unsigned long)ret); 1928 } else { 1929 if (decimal) 1930 printf("%ld", (long)ret); 1931 else 1932 printf("%#lx", (unsigned long)ret); 1933 } 1934 } else if (error == ERESTART) 1935 printf("RESTART"); 1936 else if (error == EJUSTRETURN) 1937 printf("JUSTRETURN"); 1938 else { 1939 if (ktr->ktr_error <= ELAST + 1) 1940 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 1941 else 1942 error = 999; 1943 printf("-1 errno %d", error); 1944 if (fancy) 1945 printf(" %s", strerror(ktr->ktr_error)); 1946 } 1947 putchar('\n'); 1948 } 1949 #endif 1950 1951 void 1952 usage(void) 1953 { 1954 fprintf(stderr, "usage: kdump [-dEnlHRrsTA] [-f trfile] " 1955 "[-m maxdata] [-p pid] [-t trstr]\n"); 1956 exit(1); 1957 } 1958