1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/capsicum.h> 50 #include <sys/errno.h> 51 #define _KERNEL 52 #include <sys/time.h> 53 #undef _KERNEL 54 #include <sys/uio.h> 55 #include <sys/ktrace.h> 56 #include <sys/ioctl.h> 57 #include <sys/socket.h> 58 #include <sys/stat.h> 59 #include <sys/sysent.h> 60 #include <sys/un.h> 61 #include <sys/queue.h> 62 #include <sys/wait.h> 63 #include <arpa/inet.h> 64 #include <netinet/in.h> 65 #include <ctype.h> 66 #include <dlfcn.h> 67 #include <err.h> 68 #include <grp.h> 69 #include <inttypes.h> 70 #ifdef HAVE_LIBCAPSICUM 71 #include <libcapsicum.h> 72 #include <libcapsicum_grp.h> 73 #include <libcapsicum_pwd.h> 74 #include <libcapsicum_service.h> 75 #endif 76 #include <locale.h> 77 #include <netdb.h> 78 #include <nl_types.h> 79 #ifdef HAVE_LIBCAPSICUM 80 #include <nv.h> 81 #endif 82 #include <pwd.h> 83 #include <stdio.h> 84 #include <stdlib.h> 85 #include <string.h> 86 #include <termios.h> 87 #include <time.h> 88 #include <unistd.h> 89 #include <vis.h> 90 #include "ktrace.h" 91 #include "kdump_subr.h" 92 93 u_int abidump(struct ktr_header *); 94 int fetchprocinfo(struct ktr_header *, u_int *); 95 int fread_tail(void *, int, int); 96 void dumpheader(struct ktr_header *); 97 void ktrsyscall(struct ktr_syscall *, u_int); 98 void ktrsysret(struct ktr_sysret *, u_int); 99 void ktrnamei(char *, int); 100 void hexdump(char *, int, int); 101 void visdump(char *, int, int); 102 void ktrgenio(struct ktr_genio *, int); 103 void ktrpsig(struct ktr_psig *); 104 void ktrcsw(struct ktr_csw *); 105 void ktrcsw_old(struct ktr_csw_old *); 106 void ktruser_malloc(unsigned char *); 107 void ktruser_rtld(int, unsigned char *); 108 void ktruser(int, unsigned char *); 109 void ktrcaprights(cap_rights_t *); 110 void ktrsockaddr(struct sockaddr *); 111 void ktrstat(struct stat *); 112 void ktrstruct(char *, size_t); 113 void ktrcapfail(struct ktr_cap_fail *); 114 void ktrfault(struct ktr_fault *); 115 void ktrfaultend(struct ktr_faultend *); 116 void limitfd(int fd); 117 void usage(void); 118 void ioctlname(unsigned long, int); 119 120 #define TIMESTAMP_NONE 0x0 121 #define TIMESTAMP_ABSOLUTE 0x1 122 #define TIMESTAMP_ELAPSED 0x2 123 #define TIMESTAMP_RELATIVE 0x4 124 125 int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 126 resolv = 0, abiflag = 0, syscallno = 0; 127 const char *tracefile = DEF_TRACEFILE; 128 struct ktr_header ktr_header; 129 130 #define TIME_FORMAT "%b %e %T %Y" 131 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 132 133 #define print_number(i,n,c) do { \ 134 if (decimal) \ 135 printf("%c%jd", c, (intmax_t)*i); \ 136 else \ 137 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 138 i++; \ 139 n--; \ 140 c = ','; \ 141 } while (0) 142 143 #if defined(__amd64__) || defined(__i386__) 144 145 void linux_ktrsyscall(struct ktr_syscall *); 146 void linux_ktrsysret(struct ktr_sysret *); 147 extern char *linux_syscallnames[]; 148 extern int nlinux_syscalls; 149 150 /* 151 * from linux.h 152 * Linux syscalls return negative errno's, we do positive and map them 153 */ 154 static int bsd_to_linux_errno[ELAST + 1] = { 155 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 156 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 157 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 158 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 159 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 160 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 161 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 162 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 163 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 164 -72, -67, -71 165 }; 166 #endif 167 168 struct proc_info 169 { 170 TAILQ_ENTRY(proc_info) info; 171 u_int sv_flags; 172 pid_t pid; 173 }; 174 175 TAILQ_HEAD(trace_procs, proc_info) trace_procs; 176 177 #ifdef HAVE_LIBCAPSICUM 178 static cap_channel_t *cappwd, *capgrp; 179 #endif 180 181 static void 182 strerror_init(void) 183 { 184 185 /* 186 * Cache NLS data before entering capability mode. 187 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 188 */ 189 (void)catopen("libc", NL_CAT_LOCALE); 190 } 191 192 static void 193 localtime_init(void) 194 { 195 time_t ltime; 196 197 /* 198 * Allow localtime(3) to cache /etc/localtime content before entering 199 * capability mode. 200 * XXXPJD: There should be localtime_init() in libc. 201 */ 202 (void)time(<ime); 203 (void)localtime(<ime); 204 } 205 206 #ifdef HAVE_LIBCAPSICUM 207 static int 208 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp) 209 { 210 cap_channel_t *capcas, *cappwdloc, *capgrploc; 211 const char *cmds[1], *fields[1]; 212 213 capcas = cap_init(); 214 if (capcas == NULL) { 215 warn("unable to contact casperd"); 216 return (-1); 217 } 218 cappwdloc = cap_service_open(capcas, "system.pwd"); 219 capgrploc = cap_service_open(capcas, "system.grp"); 220 /* Casper capability no longer needed. */ 221 cap_close(capcas); 222 if (cappwdloc == NULL || capgrploc == NULL) { 223 if (cappwdloc == NULL) 224 warn("unable to open system.pwd service"); 225 if (capgrploc == NULL) 226 warn("unable to open system.grp service"); 227 exit(1); 228 } 229 /* Limit system.pwd to only getpwuid() function and pw_name field. */ 230 cmds[0] = "getpwuid"; 231 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0) 232 err(1, "unable to limit system.pwd service"); 233 fields[0] = "pw_name"; 234 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0) 235 err(1, "unable to limit system.pwd service"); 236 /* Limit system.grp to only getgrgid() function and gr_name field. */ 237 cmds[0] = "getgrgid"; 238 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0) 239 err(1, "unable to limit system.grp service"); 240 fields[0] = "gr_name"; 241 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0) 242 err(1, "unable to limit system.grp service"); 243 244 *cappwdp = cappwdloc; 245 *capgrpp = capgrploc; 246 return (0); 247 } 248 #endif /* HAVE_LIBCAPSICUM */ 249 250 int 251 main(int argc, char *argv[]) 252 { 253 int ch, ktrlen, size; 254 void *m; 255 int trpoints = ALL_POINTS; 256 int drop_logged; 257 pid_t pid = 0; 258 u_int sv_flags; 259 260 setlocale(LC_CTYPE, ""); 261 262 timestamp = TIMESTAMP_NONE; 263 264 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1) 265 switch (ch) { 266 case 'A': 267 abiflag = 1; 268 break; 269 case 'f': 270 tracefile = optarg; 271 break; 272 case 'd': 273 decimal = 1; 274 break; 275 case 'l': 276 tail = 1; 277 break; 278 case 'm': 279 maxdata = atoi(optarg); 280 break; 281 case 'n': 282 fancy = 0; 283 break; 284 case 'p': 285 pid = atoi(optarg); 286 break; 287 case 'r': 288 resolv = 1; 289 break; 290 case 'S': 291 syscallno = 1; 292 break; 293 case 's': 294 suppressdata = 1; 295 break; 296 case 'E': 297 timestamp |= TIMESTAMP_ELAPSED; 298 break; 299 case 'H': 300 threads = 1; 301 break; 302 case 'R': 303 timestamp |= TIMESTAMP_RELATIVE; 304 break; 305 case 'T': 306 timestamp |= TIMESTAMP_ABSOLUTE; 307 break; 308 case 't': 309 trpoints = getpoints(optarg); 310 if (trpoints < 0) 311 errx(1, "unknown trace point in %s", optarg); 312 break; 313 default: 314 usage(); 315 } 316 317 if (argc > optind) 318 usage(); 319 320 m = malloc(size = 1025); 321 if (m == NULL) 322 errx(1, "%s", strerror(ENOMEM)); 323 if (!freopen(tracefile, "r", stdin)) 324 err(1, "%s", tracefile); 325 326 strerror_init(); 327 localtime_init(); 328 #ifdef HAVE_LIBCAPSICUM 329 if (resolv != 0) { 330 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) { 331 cappwd = NULL; 332 capgrp = NULL; 333 } 334 } 335 if (resolv == 0 || (cappwd != NULL && capgrp != NULL)) { 336 if (cap_enter() < 0 && errno != ENOSYS) 337 err(1, "unable to enter capability mode"); 338 } 339 #else 340 if (resolv == 0) { 341 if (cap_enter() < 0 && errno != ENOSYS) 342 err(1, "unable to enter capability mode"); 343 } 344 #endif 345 limitfd(STDIN_FILENO); 346 limitfd(STDOUT_FILENO); 347 limitfd(STDERR_FILENO); 348 if (cap_sandboxed()) 349 fprintf(stderr, "capability mode sandbox enabled\n"); 350 351 TAILQ_INIT(&trace_procs); 352 drop_logged = 0; 353 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 354 if (ktr_header.ktr_type & KTR_DROP) { 355 ktr_header.ktr_type &= ~KTR_DROP; 356 if (!drop_logged && threads) { 357 printf( 358 "%6jd %6jd %-8.*s Events dropped.\n", 359 (intmax_t)ktr_header.ktr_pid, 360 ktr_header.ktr_tid > 0 ? 361 (intmax_t)ktr_header.ktr_tid : 0, 362 MAXCOMLEN, ktr_header.ktr_comm); 363 drop_logged = 1; 364 } else if (!drop_logged) { 365 printf("%6jd %-8.*s Events dropped.\n", 366 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 367 ktr_header.ktr_comm); 368 drop_logged = 1; 369 } 370 } 371 if (trpoints & (1<<ktr_header.ktr_type)) 372 if (pid == 0 || ktr_header.ktr_pid == pid || 373 ktr_header.ktr_tid == pid) 374 dumpheader(&ktr_header); 375 if ((ktrlen = ktr_header.ktr_len) < 0) 376 errx(1, "bogus length 0x%x", ktrlen); 377 if (ktrlen > size) { 378 m = realloc(m, ktrlen+1); 379 if (m == NULL) 380 errx(1, "%s", strerror(ENOMEM)); 381 size = ktrlen; 382 } 383 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 384 errx(1, "data too short"); 385 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 386 continue; 387 sv_flags = abidump(&ktr_header); 388 if (pid && ktr_header.ktr_pid != pid && 389 ktr_header.ktr_tid != pid) 390 continue; 391 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 392 continue; 393 drop_logged = 0; 394 switch (ktr_header.ktr_type) { 395 case KTR_SYSCALL: 396 #if defined(__amd64__) || defined(__i386__) 397 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 398 linux_ktrsyscall((struct ktr_syscall *)m); 399 else 400 #endif 401 ktrsyscall((struct ktr_syscall *)m, sv_flags); 402 break; 403 case KTR_SYSRET: 404 #if defined(__amd64__) || defined(__i386__) 405 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 406 linux_ktrsysret((struct ktr_sysret *)m); 407 else 408 #endif 409 ktrsysret((struct ktr_sysret *)m, sv_flags); 410 break; 411 case KTR_NAMEI: 412 case KTR_SYSCTL: 413 ktrnamei(m, ktrlen); 414 break; 415 case KTR_GENIO: 416 ktrgenio((struct ktr_genio *)m, ktrlen); 417 break; 418 case KTR_PSIG: 419 ktrpsig((struct ktr_psig *)m); 420 break; 421 case KTR_CSW: 422 if (ktrlen == sizeof(struct ktr_csw_old)) 423 ktrcsw_old((struct ktr_csw_old *)m); 424 else 425 ktrcsw((struct ktr_csw *)m); 426 break; 427 case KTR_USER: 428 ktruser(ktrlen, m); 429 break; 430 case KTR_STRUCT: 431 ktrstruct(m, ktrlen); 432 break; 433 case KTR_CAPFAIL: 434 ktrcapfail((struct ktr_cap_fail *)m); 435 break; 436 case KTR_FAULT: 437 ktrfault((struct ktr_fault *)m); 438 break; 439 case KTR_FAULTEND: 440 ktrfaultend((struct ktr_faultend *)m); 441 break; 442 default: 443 printf("\n"); 444 break; 445 } 446 if (tail) 447 fflush(stdout); 448 } 449 return 0; 450 } 451 452 void 453 limitfd(int fd) 454 { 455 cap_rights_t rights; 456 unsigned long cmd; 457 458 cap_rights_init(&rights, CAP_FSTAT); 459 cmd = -1; 460 461 switch (fd) { 462 case STDIN_FILENO: 463 cap_rights_set(&rights, CAP_READ); 464 break; 465 case STDOUT_FILENO: 466 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE); 467 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 468 break; 469 case STDERR_FILENO: 470 cap_rights_set(&rights, CAP_WRITE); 471 if (!suppressdata) { 472 cap_rights_set(&rights, CAP_IOCTL); 473 cmd = TIOCGWINSZ; 474 } 475 break; 476 default: 477 abort(); 478 } 479 480 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) 481 err(1, "unable to limit rights for descriptor %d", fd); 482 if (cmd != -1 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 483 err(1, "unable to limit ioctls for descriptor %d", fd); 484 } 485 486 int 487 fread_tail(void *buf, int size, int num) 488 { 489 int i; 490 491 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 492 sleep(1); 493 clearerr(stdin); 494 } 495 return (i); 496 } 497 498 int 499 fetchprocinfo(struct ktr_header *kth, u_int *flags) 500 { 501 struct proc_info *pi; 502 503 switch (kth->ktr_type) { 504 case KTR_PROCCTOR: 505 TAILQ_FOREACH(pi, &trace_procs, info) { 506 if (pi->pid == kth->ktr_pid) { 507 TAILQ_REMOVE(&trace_procs, pi, info); 508 break; 509 } 510 } 511 pi = malloc(sizeof(struct proc_info)); 512 if (pi == NULL) 513 errx(1, "%s", strerror(ENOMEM)); 514 pi->sv_flags = *flags; 515 pi->pid = kth->ktr_pid; 516 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 517 return (1); 518 519 case KTR_PROCDTOR: 520 TAILQ_FOREACH(pi, &trace_procs, info) { 521 if (pi->pid == kth->ktr_pid) { 522 TAILQ_REMOVE(&trace_procs, pi, info); 523 free(pi); 524 break; 525 } 526 } 527 return (1); 528 } 529 530 return (0); 531 } 532 533 u_int 534 abidump(struct ktr_header *kth) 535 { 536 struct proc_info *pi; 537 const char *abi; 538 const char *arch; 539 u_int flags = 0; 540 541 TAILQ_FOREACH(pi, &trace_procs, info) { 542 if (pi->pid == kth->ktr_pid) { 543 flags = pi->sv_flags; 544 break; 545 } 546 } 547 548 if (abiflag == 0) 549 return (flags); 550 551 switch (flags & SV_ABI_MASK) { 552 case SV_ABI_LINUX: 553 abi = "L"; 554 break; 555 case SV_ABI_FREEBSD: 556 abi = "F"; 557 break; 558 default: 559 abi = "U"; 560 break; 561 } 562 563 if (flags != 0) { 564 if (flags & SV_LP64) 565 arch = "64"; 566 else 567 arch = "32"; 568 } else 569 arch = "00"; 570 571 printf("%s%s ", abi, arch); 572 573 return (flags); 574 } 575 576 void 577 dumpheader(struct ktr_header *kth) 578 { 579 static char unknown[64]; 580 static struct timeval prevtime, prevtime_e, temp; 581 const char *type; 582 583 switch (kth->ktr_type) { 584 case KTR_SYSCALL: 585 type = "CALL"; 586 break; 587 case KTR_SYSRET: 588 type = "RET "; 589 break; 590 case KTR_NAMEI: 591 type = "NAMI"; 592 break; 593 case KTR_GENIO: 594 type = "GIO "; 595 break; 596 case KTR_PSIG: 597 type = "PSIG"; 598 break; 599 case KTR_CSW: 600 type = "CSW "; 601 break; 602 case KTR_USER: 603 type = "USER"; 604 break; 605 case KTR_STRUCT: 606 type = "STRU"; 607 break; 608 case KTR_SYSCTL: 609 type = "SCTL"; 610 break; 611 case KTR_PROCCTOR: 612 /* FALLTHROUGH */ 613 case KTR_PROCDTOR: 614 return; 615 case KTR_CAPFAIL: 616 type = "CAP "; 617 break; 618 case KTR_FAULT: 619 type = "PFLT"; 620 break; 621 case KTR_FAULTEND: 622 type = "PRET"; 623 break; 624 default: 625 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 626 type = unknown; 627 } 628 629 /* 630 * The ktr_tid field was previously the ktr_buffer field, which held 631 * the kernel pointer value for the buffer associated with data 632 * following the record header. It now holds a threadid, but only 633 * for trace files after the change. Older trace files still contain 634 * kernel pointers. Detect this and suppress the results by printing 635 * negative tid's as 0. 636 */ 637 if (threads) 638 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 639 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 640 MAXCOMLEN, kth->ktr_comm); 641 else 642 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 643 kth->ktr_comm); 644 if (timestamp) { 645 if (timestamp & TIMESTAMP_ABSOLUTE) { 646 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 647 kth->ktr_time.tv_usec); 648 } 649 if (timestamp & TIMESTAMP_ELAPSED) { 650 if (prevtime_e.tv_sec == 0) 651 prevtime_e = kth->ktr_time; 652 timevalsub(&kth->ktr_time, &prevtime_e); 653 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 654 kth->ktr_time.tv_usec); 655 timevaladd(&kth->ktr_time, &prevtime_e); 656 } 657 if (timestamp & TIMESTAMP_RELATIVE) { 658 temp = kth->ktr_time; 659 timevalsub(&kth->ktr_time, &prevtime); 660 prevtime = temp; 661 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 662 kth->ktr_time.tv_usec); 663 } 664 } 665 printf("%s ", type); 666 } 667 668 #include <sys/syscall.h> 669 #define KTRACE 670 #include <sys/kern/syscalls.c> 671 #undef KTRACE 672 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 673 674 void 675 ktrsyscall(struct ktr_syscall *ktr, u_int flags) 676 { 677 int narg = ktr->ktr_narg; 678 register_t *ip; 679 intmax_t arg; 680 681 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 682 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 683 printf("[%d]", ktr->ktr_code); 684 else { 685 printf("%s", syscallnames[ktr->ktr_code]); 686 if (syscallno) 687 printf("[%d]", ktr->ktr_code); 688 } 689 ip = &ktr->ktr_args[0]; 690 if (narg) { 691 char c = '('; 692 if (fancy && 693 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 694 switch (ktr->ktr_code) { 695 case SYS_bindat: 696 case SYS_connectat: 697 case SYS_faccessat: 698 case SYS_fchmodat: 699 case SYS_fchownat: 700 case SYS_fstatat: 701 case SYS_futimesat: 702 case SYS_linkat: 703 case SYS_mkdirat: 704 case SYS_mkfifoat: 705 case SYS_mknodat: 706 case SYS_openat: 707 case SYS_readlinkat: 708 case SYS_renameat: 709 case SYS_unlinkat: 710 putchar('('); 711 atfdname(*ip, decimal); 712 c = ','; 713 ip++; 714 narg--; 715 break; 716 } 717 switch (ktr->ktr_code) { 718 case SYS_ioctl: { 719 print_number(ip, narg, c); 720 putchar(c); 721 ioctlname(*ip, decimal); 722 c = ','; 723 ip++; 724 narg--; 725 break; 726 } 727 case SYS_ptrace: 728 putchar('('); 729 ptraceopname(*ip); 730 c = ','; 731 ip++; 732 narg--; 733 break; 734 case SYS_access: 735 case SYS_eaccess: 736 case SYS_faccessat: 737 print_number(ip, narg, c); 738 putchar(','); 739 accessmodename(*ip); 740 ip++; 741 narg--; 742 break; 743 case SYS_open: 744 case SYS_openat: 745 print_number(ip, narg, c); 746 putchar(','); 747 flagsandmodename(ip[0], ip[1], decimal); 748 ip += 2; 749 narg -= 2; 750 break; 751 case SYS_wait4: 752 print_number(ip, narg, c); 753 print_number(ip, narg, c); 754 /* 755 * A flags value of zero is valid for 756 * wait4() but not for wait6(), so 757 * handle zero special here. 758 */ 759 if (*ip == 0) { 760 print_number(ip, narg, c); 761 } else { 762 putchar(','); 763 wait6optname(*ip); 764 ip++; 765 narg--; 766 } 767 break; 768 case SYS_wait6: 769 putchar('('); 770 idtypename(*ip, decimal); 771 c = ','; 772 ip++; 773 narg--; 774 print_number(ip, narg, c); 775 print_number(ip, narg, c); 776 putchar(','); 777 wait6optname(*ip); 778 ip++; 779 narg--; 780 break; 781 case SYS_chmod: 782 case SYS_fchmod: 783 case SYS_lchmod: 784 print_number(ip, narg, c); 785 putchar(','); 786 modename(*ip); 787 ip++; 788 narg--; 789 break; 790 case SYS_mknod: 791 case SYS_mknodat: 792 print_number(ip, narg, c); 793 putchar(','); 794 modename(*ip); 795 ip++; 796 narg--; 797 break; 798 case SYS_getfsstat: 799 print_number(ip, narg, c); 800 print_number(ip, narg, c); 801 putchar(','); 802 getfsstatflagsname(*ip); 803 ip++; 804 narg--; 805 break; 806 case SYS_mount: 807 print_number(ip, narg, c); 808 print_number(ip, narg, c); 809 putchar(','); 810 mountflagsname(*ip); 811 ip++; 812 narg--; 813 break; 814 case SYS_unmount: 815 print_number(ip, narg, c); 816 putchar(','); 817 mountflagsname(*ip); 818 ip++; 819 narg--; 820 break; 821 case SYS_recvmsg: 822 case SYS_sendmsg: 823 print_number(ip, narg, c); 824 print_number(ip, narg, c); 825 putchar(','); 826 sendrecvflagsname(*ip); 827 ip++; 828 narg--; 829 break; 830 case SYS_recvfrom: 831 case SYS_sendto: 832 print_number(ip, narg, c); 833 print_number(ip, narg, c); 834 print_number(ip, narg, c); 835 putchar(','); 836 sendrecvflagsname(*ip); 837 ip++; 838 narg--; 839 break; 840 case SYS_chflags: 841 case SYS_fchflags: 842 case SYS_lchflags: 843 print_number(ip, narg, c); 844 putchar(','); 845 modename(*ip); 846 ip++; 847 narg--; 848 break; 849 case SYS_kill: 850 print_number(ip, narg, c); 851 putchar(','); 852 signame(*ip); 853 ip++; 854 narg--; 855 break; 856 case SYS_reboot: 857 putchar('('); 858 rebootoptname(*ip); 859 ip++; 860 narg--; 861 break; 862 case SYS_umask: 863 putchar('('); 864 modename(*ip); 865 ip++; 866 narg--; 867 break; 868 case SYS_msync: 869 print_number(ip, narg, c); 870 print_number(ip, narg, c); 871 putchar(','); 872 msyncflagsname(*ip); 873 ip++; 874 narg--; 875 break; 876 #ifdef SYS_freebsd6_mmap 877 case SYS_freebsd6_mmap: 878 print_number(ip, narg, c); 879 print_number(ip, narg, c); 880 putchar(','); 881 mmapprotname(*ip); 882 putchar(','); 883 ip++; 884 narg--; 885 mmapflagsname(*ip); 886 ip++; 887 narg--; 888 break; 889 #endif 890 case SYS_mmap: 891 print_number(ip, narg, c); 892 print_number(ip, narg, c); 893 putchar(','); 894 mmapprotname(*ip); 895 putchar(','); 896 ip++; 897 narg--; 898 mmapflagsname(*ip); 899 ip++; 900 narg--; 901 break; 902 case SYS_mprotect: 903 print_number(ip, narg, c); 904 print_number(ip, narg, c); 905 putchar(','); 906 mmapprotname(*ip); 907 ip++; 908 narg--; 909 break; 910 case SYS_madvise: 911 print_number(ip, narg, c); 912 print_number(ip, narg, c); 913 putchar(','); 914 madvisebehavname(*ip); 915 ip++; 916 narg--; 917 break; 918 case SYS_setpriority: 919 print_number(ip, narg, c); 920 print_number(ip, narg, c); 921 putchar(','); 922 prioname(*ip); 923 ip++; 924 narg--; 925 break; 926 case SYS_fcntl: 927 print_number(ip, narg, c); 928 putchar(','); 929 fcntlcmdname(ip[0], ip[1], decimal); 930 ip += 2; 931 narg -= 2; 932 break; 933 case SYS_socket: { 934 int sockdomain; 935 putchar('('); 936 sockdomain = *ip; 937 sockdomainname(sockdomain); 938 ip++; 939 narg--; 940 putchar(','); 941 socktypenamewithflags(*ip); 942 ip++; 943 narg--; 944 if (sockdomain == PF_INET || 945 sockdomain == PF_INET6) { 946 putchar(','); 947 sockipprotoname(*ip); 948 ip++; 949 narg--; 950 } 951 c = ','; 952 break; 953 } 954 case SYS_setsockopt: 955 case SYS_getsockopt: 956 print_number(ip, narg, c); 957 putchar(','); 958 sockoptlevelname(*ip, decimal); 959 if (*ip == SOL_SOCKET) { 960 ip++; 961 narg--; 962 putchar(','); 963 sockoptname(*ip); 964 } 965 ip++; 966 narg--; 967 break; 968 #ifdef SYS_freebsd6_lseek 969 case SYS_freebsd6_lseek: 970 print_number(ip, narg, c); 971 /* Hidden 'pad' argument, not in lseek(2) */ 972 print_number(ip, narg, c); 973 print_number(ip, narg, c); 974 putchar(','); 975 whencename(*ip); 976 ip++; 977 narg--; 978 break; 979 #endif 980 case SYS_lseek: 981 print_number(ip, narg, c); 982 /* Hidden 'pad' argument, not in lseek(2) */ 983 print_number(ip, narg, c); 984 putchar(','); 985 whencename(*ip); 986 ip++; 987 narg--; 988 break; 989 case SYS_flock: 990 print_number(ip, narg, c); 991 putchar(','); 992 flockname(*ip); 993 ip++; 994 narg--; 995 break; 996 case SYS_mkfifo: 997 case SYS_mkfifoat: 998 case SYS_mkdir: 999 case SYS_mkdirat: 1000 print_number(ip, narg, c); 1001 putchar(','); 1002 modename(*ip); 1003 ip++; 1004 narg--; 1005 break; 1006 case SYS_shutdown: 1007 print_number(ip, narg, c); 1008 putchar(','); 1009 shutdownhowname(*ip); 1010 ip++; 1011 narg--; 1012 break; 1013 case SYS_socketpair: 1014 putchar('('); 1015 sockdomainname(*ip); 1016 ip++; 1017 narg--; 1018 putchar(','); 1019 socktypenamewithflags(*ip); 1020 ip++; 1021 narg--; 1022 c = ','; 1023 break; 1024 case SYS_getrlimit: 1025 case SYS_setrlimit: 1026 putchar('('); 1027 rlimitname(*ip); 1028 ip++; 1029 narg--; 1030 c = ','; 1031 break; 1032 case SYS_quotactl: 1033 print_number(ip, narg, c); 1034 putchar(','); 1035 quotactlname(*ip); 1036 ip++; 1037 narg--; 1038 c = ','; 1039 break; 1040 case SYS_nfssvc: 1041 putchar('('); 1042 nfssvcname(*ip); 1043 ip++; 1044 narg--; 1045 c = ','; 1046 break; 1047 case SYS_rtprio: 1048 putchar('('); 1049 rtprioname(*ip); 1050 ip++; 1051 narg--; 1052 c = ','; 1053 break; 1054 case SYS___semctl: 1055 print_number(ip, narg, c); 1056 print_number(ip, narg, c); 1057 putchar(','); 1058 semctlname(*ip); 1059 ip++; 1060 narg--; 1061 break; 1062 case SYS_semget: 1063 print_number(ip, narg, c); 1064 print_number(ip, narg, c); 1065 putchar(','); 1066 semgetname(*ip); 1067 ip++; 1068 narg--; 1069 break; 1070 case SYS_msgctl: 1071 print_number(ip, narg, c); 1072 putchar(','); 1073 shmctlname(*ip); 1074 ip++; 1075 narg--; 1076 break; 1077 case SYS_shmat: 1078 print_number(ip, narg, c); 1079 print_number(ip, narg, c); 1080 putchar(','); 1081 shmatname(*ip); 1082 ip++; 1083 narg--; 1084 break; 1085 case SYS_shmctl: 1086 print_number(ip, narg, c); 1087 putchar(','); 1088 shmctlname(*ip); 1089 ip++; 1090 narg--; 1091 break; 1092 case SYS_minherit: 1093 print_number(ip, narg, c); 1094 print_number(ip, narg, c); 1095 putchar(','); 1096 minheritname(*ip); 1097 ip++; 1098 narg--; 1099 break; 1100 case SYS_rfork: 1101 putchar('('); 1102 rforkname(*ip); 1103 ip++; 1104 narg--; 1105 c = ','; 1106 break; 1107 case SYS_lio_listio: 1108 putchar('('); 1109 lio_listioname(*ip); 1110 ip++; 1111 narg--; 1112 c = ','; 1113 break; 1114 case SYS_mlockall: 1115 putchar('('); 1116 mlockallname(*ip); 1117 ip++; 1118 narg--; 1119 break; 1120 case SYS_sched_setscheduler: 1121 print_number(ip, narg, c); 1122 putchar(','); 1123 schedpolicyname(*ip); 1124 ip++; 1125 narg--; 1126 break; 1127 case SYS_sched_get_priority_max: 1128 case SYS_sched_get_priority_min: 1129 putchar('('); 1130 schedpolicyname(*ip); 1131 ip++; 1132 narg--; 1133 break; 1134 case SYS_sendfile: 1135 print_number(ip, narg, c); 1136 print_number(ip, narg, c); 1137 print_number(ip, narg, c); 1138 print_number(ip, narg, c); 1139 print_number(ip, narg, c); 1140 print_number(ip, narg, c); 1141 putchar(','); 1142 sendfileflagsname(*ip); 1143 ip++; 1144 narg--; 1145 break; 1146 case SYS_kldsym: 1147 print_number(ip, narg, c); 1148 putchar(','); 1149 kldsymcmdname(*ip); 1150 ip++; 1151 narg--; 1152 break; 1153 case SYS_sigprocmask: 1154 putchar('('); 1155 sigprocmaskhowname(*ip); 1156 ip++; 1157 narg--; 1158 c = ','; 1159 break; 1160 case SYS___acl_get_file: 1161 case SYS___acl_set_file: 1162 case SYS___acl_get_fd: 1163 case SYS___acl_set_fd: 1164 case SYS___acl_delete_file: 1165 case SYS___acl_delete_fd: 1166 case SYS___acl_aclcheck_file: 1167 case SYS___acl_aclcheck_fd: 1168 case SYS___acl_get_link: 1169 case SYS___acl_set_link: 1170 case SYS___acl_delete_link: 1171 case SYS___acl_aclcheck_link: 1172 print_number(ip, narg, c); 1173 putchar(','); 1174 acltypename(*ip); 1175 ip++; 1176 narg--; 1177 break; 1178 case SYS_sigaction: 1179 putchar('('); 1180 signame(*ip); 1181 ip++; 1182 narg--; 1183 c = ','; 1184 break; 1185 case SYS_extattrctl: 1186 print_number(ip, narg, c); 1187 putchar(','); 1188 extattrctlname(*ip); 1189 ip++; 1190 narg--; 1191 break; 1192 case SYS_nmount: 1193 print_number(ip, narg, c); 1194 print_number(ip, narg, c); 1195 putchar(','); 1196 mountflagsname(*ip); 1197 ip++; 1198 narg--; 1199 break; 1200 case SYS_thr_create: 1201 print_number(ip, narg, c); 1202 print_number(ip, narg, c); 1203 putchar(','); 1204 thrcreateflagsname(*ip); 1205 ip++; 1206 narg--; 1207 break; 1208 case SYS_thr_kill: 1209 print_number(ip, narg, c); 1210 putchar(','); 1211 signame(*ip); 1212 ip++; 1213 narg--; 1214 break; 1215 case SYS_kldunloadf: 1216 print_number(ip, narg, c); 1217 putchar(','); 1218 kldunloadfflagsname(*ip); 1219 ip++; 1220 narg--; 1221 break; 1222 case SYS_linkat: 1223 case SYS_renameat: 1224 case SYS_symlinkat: 1225 print_number(ip, narg, c); 1226 putchar(','); 1227 atfdname(*ip, decimal); 1228 ip++; 1229 narg--; 1230 break; 1231 case SYS_cap_fcntls_limit: 1232 print_number(ip, narg, c); 1233 putchar(','); 1234 arg = *ip; 1235 ip++; 1236 narg--; 1237 capfcntlname(arg); 1238 break; 1239 case SYS_posix_fadvise: 1240 print_number(ip, narg, c); 1241 print_number(ip, narg, c); 1242 print_number(ip, narg, c); 1243 (void)putchar(','); 1244 fadvisebehavname((int)*ip); 1245 ip++; 1246 narg--; 1247 break; 1248 case SYS_procctl: 1249 putchar('('); 1250 idtypename(*ip, decimal); 1251 c = ','; 1252 ip++; 1253 narg--; 1254 print_number(ip, narg, c); 1255 putchar(','); 1256 procctlcmdname(*ip); 1257 ip++; 1258 narg--; 1259 break; 1260 } 1261 } 1262 while (narg > 0) { 1263 print_number(ip, narg, c); 1264 } 1265 putchar(')'); 1266 } 1267 putchar('\n'); 1268 } 1269 1270 void 1271 ktrsysret(struct ktr_sysret *ktr, u_int flags) 1272 { 1273 register_t ret = ktr->ktr_retval; 1274 int error = ktr->ktr_error; 1275 int code = ktr->ktr_code; 1276 1277 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1278 (code >= nsyscalls || code < 0)) 1279 printf("[%d] ", code); 1280 else { 1281 printf("%s", syscallnames[code]); 1282 if (syscallno) 1283 printf("[%d]", code); 1284 printf(" "); 1285 } 1286 1287 if (error == 0) { 1288 if (fancy) { 1289 printf("%ld", (long)ret); 1290 if (ret < 0 || ret > 9) 1291 printf("/%#lx", (unsigned long)ret); 1292 } else { 1293 if (decimal) 1294 printf("%ld", (long)ret); 1295 else 1296 printf("%#lx", (unsigned long)ret); 1297 } 1298 } else if (error == ERESTART) 1299 printf("RESTART"); 1300 else if (error == EJUSTRETURN) 1301 printf("JUSTRETURN"); 1302 else { 1303 printf("-1 errno %d", ktr->ktr_error); 1304 if (fancy) 1305 printf(" %s", strerror(ktr->ktr_error)); 1306 } 1307 putchar('\n'); 1308 } 1309 1310 void 1311 ktrnamei(char *cp, int len) 1312 { 1313 printf("\"%.*s\"\n", len, cp); 1314 } 1315 1316 void 1317 hexdump(char *p, int len, int screenwidth) 1318 { 1319 int n, i; 1320 int width; 1321 1322 width = 0; 1323 do { 1324 width += 2; 1325 i = 13; /* base offset */ 1326 i += (width / 2) + 1; /* spaces every second byte */ 1327 i += (width * 2); /* width of bytes */ 1328 i += 3; /* " |" */ 1329 i += width; /* each byte */ 1330 i += 1; /* "|" */ 1331 } while (i < screenwidth); 1332 width -= 2; 1333 1334 for (n = 0; n < len; n += width) { 1335 for (i = n; i < n + width; i++) { 1336 if ((i % width) == 0) { /* beginning of line */ 1337 printf(" 0x%04x", i); 1338 } 1339 if ((i % 2) == 0) { 1340 printf(" "); 1341 } 1342 if (i < len) 1343 printf("%02x", p[i] & 0xff); 1344 else 1345 printf(" "); 1346 } 1347 printf(" |"); 1348 for (i = n; i < n + width; i++) { 1349 if (i >= len) 1350 break; 1351 if (p[i] >= ' ' && p[i] <= '~') 1352 printf("%c", p[i]); 1353 else 1354 printf("."); 1355 } 1356 printf("|\n"); 1357 } 1358 if ((i % width) != 0) 1359 printf("\n"); 1360 } 1361 1362 void 1363 visdump(char *dp, int datalen, int screenwidth) 1364 { 1365 int col = 0; 1366 char *cp; 1367 int width; 1368 char visbuf[5]; 1369 1370 printf(" \""); 1371 col = 8; 1372 for (;datalen > 0; datalen--, dp++) { 1373 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1374 cp = visbuf; 1375 /* 1376 * Keep track of printables and 1377 * space chars (like fold(1)). 1378 */ 1379 if (col == 0) { 1380 putchar('\t'); 1381 col = 8; 1382 } 1383 switch(*cp) { 1384 case '\n': 1385 col = 0; 1386 putchar('\n'); 1387 continue; 1388 case '\t': 1389 width = 8 - (col&07); 1390 break; 1391 default: 1392 width = strlen(cp); 1393 } 1394 if (col + width > (screenwidth-2)) { 1395 printf("\\\n\t"); 1396 col = 8; 1397 } 1398 col += width; 1399 do { 1400 putchar(*cp++); 1401 } while (*cp); 1402 } 1403 if (col == 0) 1404 printf(" "); 1405 printf("\"\n"); 1406 } 1407 1408 void 1409 ktrgenio(struct ktr_genio *ktr, int len) 1410 { 1411 int datalen = len - sizeof (struct ktr_genio); 1412 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1413 static int screenwidth = 0; 1414 int i, binary; 1415 1416 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1417 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1418 datalen == 1 ? "" : "s"); 1419 if (suppressdata) 1420 return; 1421 if (screenwidth == 0) { 1422 struct winsize ws; 1423 1424 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1425 ws.ws_col > 8) 1426 screenwidth = ws.ws_col; 1427 else 1428 screenwidth = 80; 1429 } 1430 if (maxdata && datalen > maxdata) 1431 datalen = maxdata; 1432 1433 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1434 if (dp[i] >= 32 && dp[i] < 127) 1435 continue; 1436 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1437 continue; 1438 binary = 1; 1439 } 1440 if (binary) 1441 hexdump(dp, datalen, screenwidth); 1442 else 1443 visdump(dp, datalen, screenwidth); 1444 } 1445 1446 const char *signames[] = { 1447 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1448 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1449 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1450 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1451 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1452 "USR2", NULL, /* 31 - 32 */ 1453 }; 1454 1455 void 1456 ktrpsig(struct ktr_psig *psig) 1457 { 1458 if (psig->signo > 0 && psig->signo < NSIG) 1459 printf("SIG%s ", signames[psig->signo]); 1460 else 1461 printf("SIG %d ", psig->signo); 1462 if (psig->action == SIG_DFL) { 1463 printf("SIG_DFL code="); 1464 sigcodename(psig->signo, psig->code); 1465 putchar('\n'); 1466 } else { 1467 printf("caught handler=0x%lx mask=0x%x code=", 1468 (u_long)psig->action, psig->mask.__bits[0]); 1469 sigcodename(psig->signo, psig->code); 1470 putchar('\n'); 1471 } 1472 } 1473 1474 void 1475 ktrcsw_old(struct ktr_csw_old *cs) 1476 { 1477 printf("%s %s\n", cs->out ? "stop" : "resume", 1478 cs->user ? "user" : "kernel"); 1479 } 1480 1481 void 1482 ktrcsw(struct ktr_csw *cs) 1483 { 1484 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1485 cs->user ? "user" : "kernel", cs->wmesg); 1486 } 1487 1488 #define UTRACE_DLOPEN_START 1 1489 #define UTRACE_DLOPEN_STOP 2 1490 #define UTRACE_DLCLOSE_START 3 1491 #define UTRACE_DLCLOSE_STOP 4 1492 #define UTRACE_LOAD_OBJECT 5 1493 #define UTRACE_UNLOAD_OBJECT 6 1494 #define UTRACE_ADD_RUNDEP 7 1495 #define UTRACE_PRELOAD_FINISHED 8 1496 #define UTRACE_INIT_CALL 9 1497 #define UTRACE_FINI_CALL 10 1498 1499 struct utrace_rtld { 1500 char sig[4]; /* 'RTLD' */ 1501 int event; 1502 void *handle; 1503 void *mapbase; 1504 size_t mapsize; 1505 int refcnt; 1506 char name[MAXPATHLEN]; 1507 }; 1508 1509 void 1510 ktruser_rtld(int len, unsigned char *p) 1511 { 1512 struct utrace_rtld *ut = (struct utrace_rtld *)p; 1513 void *parent; 1514 int mode; 1515 1516 switch (ut->event) { 1517 case UTRACE_DLOPEN_START: 1518 mode = ut->refcnt; 1519 printf("dlopen(%s, ", ut->name); 1520 switch (mode & RTLD_MODEMASK) { 1521 case RTLD_NOW: 1522 printf("RTLD_NOW"); 1523 break; 1524 case RTLD_LAZY: 1525 printf("RTLD_LAZY"); 1526 break; 1527 default: 1528 printf("%#x", mode & RTLD_MODEMASK); 1529 } 1530 if (mode & RTLD_GLOBAL) 1531 printf(" | RTLD_GLOBAL"); 1532 if (mode & RTLD_TRACE) 1533 printf(" | RTLD_TRACE"); 1534 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1535 printf(" | %#x", mode & 1536 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1537 printf(")\n"); 1538 break; 1539 case UTRACE_DLOPEN_STOP: 1540 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1541 ut->refcnt); 1542 break; 1543 case UTRACE_DLCLOSE_START: 1544 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1545 ut->refcnt); 1546 break; 1547 case UTRACE_DLCLOSE_STOP: 1548 printf("dlclose(%p) finished\n", ut->handle); 1549 break; 1550 case UTRACE_LOAD_OBJECT: 1551 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1552 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1553 ut->name); 1554 break; 1555 case UTRACE_UNLOAD_OBJECT: 1556 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1557 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1558 ut->name); 1559 break; 1560 case UTRACE_ADD_RUNDEP: 1561 parent = ut->mapbase; 1562 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1563 ut->handle, ut->name, ut->refcnt); 1564 break; 1565 case UTRACE_PRELOAD_FINISHED: 1566 printf("RTLD: LD_PRELOAD finished\n"); 1567 break; 1568 case UTRACE_INIT_CALL: 1569 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1570 ut->name); 1571 break; 1572 case UTRACE_FINI_CALL: 1573 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1574 ut->name); 1575 break; 1576 default: 1577 p += 4; 1578 len -= 4; 1579 printf("RTLD: %d ", len); 1580 while (len--) 1581 if (decimal) 1582 printf(" %d", *p++); 1583 else 1584 printf(" %02x", *p++); 1585 printf("\n"); 1586 } 1587 } 1588 1589 struct utrace_malloc { 1590 void *p; 1591 size_t s; 1592 void *r; 1593 }; 1594 1595 void 1596 ktruser_malloc(unsigned char *p) 1597 { 1598 struct utrace_malloc *ut = (struct utrace_malloc *)p; 1599 1600 if (ut->p == (void *)(intptr_t)(-1)) 1601 printf("malloc_init()\n"); 1602 else if (ut->s == 0) 1603 printf("free(%p)\n", ut->p); 1604 else if (ut->p == NULL) 1605 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1606 else 1607 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1608 } 1609 1610 void 1611 ktruser(int len, unsigned char *p) 1612 { 1613 1614 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1615 ktruser_rtld(len, p); 1616 return; 1617 } 1618 1619 if (len == sizeof(struct utrace_malloc)) { 1620 ktruser_malloc(p); 1621 return; 1622 } 1623 1624 printf("%d ", len); 1625 while (len--) 1626 if (decimal) 1627 printf(" %d", *p++); 1628 else 1629 printf(" %02x", *p++); 1630 printf("\n"); 1631 } 1632 1633 void 1634 ktrcaprights(cap_rights_t *rightsp) 1635 { 1636 1637 printf("cap_rights_t "); 1638 capname(rightsp); 1639 printf("\n"); 1640 } 1641 1642 void 1643 ktrsockaddr(struct sockaddr *sa) 1644 { 1645 /* 1646 TODO: Support additional address families 1647 #include <netnatm/natm.h> 1648 struct sockaddr_natm *natm; 1649 #include <netsmb/netbios.h> 1650 struct sockaddr_nb *nb; 1651 */ 1652 char addr[64]; 1653 1654 /* 1655 * note: ktrstruct() has already verified that sa points to a 1656 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1657 * sa->sa_len bytes long. 1658 */ 1659 printf("struct sockaddr { "); 1660 sockfamilyname(sa->sa_family); 1661 printf(", "); 1662 1663 #define check_sockaddr_len(n) \ 1664 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1665 printf("invalid"); \ 1666 break; \ 1667 } 1668 1669 switch(sa->sa_family) { 1670 case AF_INET: { 1671 struct sockaddr_in sa_in; 1672 1673 memset(&sa_in, 0, sizeof(sa_in)); 1674 memcpy(&sa_in, sa, sa->sa_len); 1675 check_sockaddr_len(in); 1676 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1677 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1678 break; 1679 } 1680 case AF_INET6: { 1681 struct sockaddr_in6 sa_in6; 1682 1683 memset(&sa_in6, 0, sizeof(sa_in6)); 1684 memcpy(&sa_in6, sa, sa->sa_len); 1685 check_sockaddr_len(in6); 1686 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1687 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1688 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1689 break; 1690 } 1691 case AF_UNIX: { 1692 struct sockaddr_un sa_un; 1693 1694 memset(&sa_un, 0, sizeof(sa_un)); 1695 memcpy(&sa_un, sa, sa->sa_len); 1696 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1697 break; 1698 } 1699 default: 1700 printf("unknown address family"); 1701 } 1702 printf(" }\n"); 1703 } 1704 1705 void 1706 ktrstat(struct stat *statp) 1707 { 1708 char mode[12], timestr[PATH_MAX + 4]; 1709 struct passwd *pwd; 1710 struct group *grp; 1711 struct tm *tm; 1712 1713 /* 1714 * note: ktrstruct() has already verified that statp points to a 1715 * buffer exactly sizeof(struct stat) bytes long. 1716 */ 1717 printf("struct stat {"); 1718 printf("dev=%ju, ino=%ju, ", 1719 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); 1720 if (resolv == 0) 1721 printf("mode=0%jo, ", (uintmax_t)statp->st_mode); 1722 else { 1723 strmode(statp->st_mode, mode); 1724 printf("mode=%s, ", mode); 1725 } 1726 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); 1727 if (resolv == 0) { 1728 pwd = NULL; 1729 } else { 1730 #ifdef HAVE_LIBCAPSICUM 1731 if (cappwd != NULL) 1732 pwd = cap_getpwuid(cappwd, statp->st_uid); 1733 else 1734 #endif 1735 pwd = getpwuid(statp->st_uid); 1736 } 1737 if (pwd == NULL) 1738 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1739 else 1740 printf("uid=\"%s\", ", pwd->pw_name); 1741 if (resolv == 0) { 1742 grp = NULL; 1743 } else { 1744 #ifdef HAVE_LIBCAPSICUM 1745 if (capgrp != NULL) 1746 grp = cap_getgrgid(capgrp, statp->st_gid); 1747 else 1748 #endif 1749 grp = getgrgid(statp->st_gid); 1750 } 1751 if (grp == NULL) 1752 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1753 else 1754 printf("gid=\"%s\", ", grp->gr_name); 1755 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1756 printf("atime="); 1757 if (resolv == 0) 1758 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1759 else { 1760 tm = localtime(&statp->st_atim.tv_sec); 1761 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1762 printf("\"%s\"", timestr); 1763 } 1764 if (statp->st_atim.tv_nsec != 0) 1765 printf(".%09ld, ", statp->st_atim.tv_nsec); 1766 else 1767 printf(", "); 1768 printf("stime="); 1769 if (resolv == 0) 1770 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1771 else { 1772 tm = localtime(&statp->st_mtim.tv_sec); 1773 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1774 printf("\"%s\"", timestr); 1775 } 1776 if (statp->st_mtim.tv_nsec != 0) 1777 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1778 else 1779 printf(", "); 1780 printf("ctime="); 1781 if (resolv == 0) 1782 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1783 else { 1784 tm = localtime(&statp->st_ctim.tv_sec); 1785 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1786 printf("\"%s\"", timestr); 1787 } 1788 if (statp->st_ctim.tv_nsec != 0) 1789 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1790 else 1791 printf(", "); 1792 printf("birthtime="); 1793 if (resolv == 0) 1794 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1795 else { 1796 tm = localtime(&statp->st_birthtim.tv_sec); 1797 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1798 printf("\"%s\"", timestr); 1799 } 1800 if (statp->st_birthtim.tv_nsec != 0) 1801 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1802 else 1803 printf(", "); 1804 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1805 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1806 (intmax_t)statp->st_blocks, statp->st_flags); 1807 printf(" }\n"); 1808 } 1809 1810 void 1811 ktrstruct(char *buf, size_t buflen) 1812 { 1813 char *name, *data; 1814 size_t namelen, datalen; 1815 int i; 1816 cap_rights_t rights; 1817 struct stat sb; 1818 struct sockaddr_storage ss; 1819 1820 for (name = buf, namelen = 0; 1821 namelen < buflen && name[namelen] != '\0'; 1822 ++namelen) 1823 /* nothing */; 1824 if (namelen == buflen) 1825 goto invalid; 1826 if (name[namelen] != '\0') 1827 goto invalid; 1828 data = buf + namelen + 1; 1829 datalen = buflen - namelen - 1; 1830 if (datalen == 0) 1831 goto invalid; 1832 /* sanity check */ 1833 for (i = 0; i < (int)namelen; ++i) 1834 if (!isalpha(name[i])) 1835 goto invalid; 1836 if (strcmp(name, "caprights") == 0) { 1837 if (datalen != sizeof(cap_rights_t)) 1838 goto invalid; 1839 memcpy(&rights, data, datalen); 1840 ktrcaprights(&rights); 1841 } else if (strcmp(name, "stat") == 0) { 1842 if (datalen != sizeof(struct stat)) 1843 goto invalid; 1844 memcpy(&sb, data, datalen); 1845 ktrstat(&sb); 1846 } else if (strcmp(name, "sockaddr") == 0) { 1847 if (datalen > sizeof(ss)) 1848 goto invalid; 1849 memcpy(&ss, data, datalen); 1850 if (datalen != ss.ss_len) 1851 goto invalid; 1852 ktrsockaddr((struct sockaddr *)&ss); 1853 } else { 1854 printf("unknown structure\n"); 1855 } 1856 return; 1857 invalid: 1858 printf("invalid record\n"); 1859 } 1860 1861 void 1862 ktrcapfail(struct ktr_cap_fail *ktr) 1863 { 1864 switch (ktr->cap_type) { 1865 case CAPFAIL_NOTCAPABLE: 1866 /* operation on fd with insufficient capabilities */ 1867 printf("operation requires "); 1868 capname(&ktr->cap_needed); 1869 printf(", descriptor holds "); 1870 capname(&ktr->cap_held); 1871 break; 1872 case CAPFAIL_INCREASE: 1873 /* requested more capabilities than fd already has */ 1874 printf("attempt to increase capabilities from "); 1875 capname(&ktr->cap_held); 1876 printf(" to "); 1877 capname(&ktr->cap_needed); 1878 break; 1879 case CAPFAIL_SYSCALL: 1880 /* called restricted syscall */ 1881 printf("disallowed system call"); 1882 break; 1883 case CAPFAIL_LOOKUP: 1884 /* used ".." in strict-relative mode */ 1885 printf("restricted VFS lookup"); 1886 break; 1887 default: 1888 printf("unknown capability failure: "); 1889 capname(&ktr->cap_needed); 1890 printf(" "); 1891 capname(&ktr->cap_held); 1892 break; 1893 } 1894 printf("\n"); 1895 } 1896 1897 void 1898 ktrfault(struct ktr_fault *ktr) 1899 { 1900 1901 printf("0x%jx ", ktr->vaddr); 1902 vmprotname(ktr->type); 1903 printf("\n"); 1904 } 1905 1906 void 1907 ktrfaultend(struct ktr_faultend *ktr) 1908 { 1909 1910 vmresultname(ktr->result); 1911 printf("\n"); 1912 } 1913 1914 #if defined(__amd64__) || defined(__i386__) 1915 void 1916 linux_ktrsyscall(struct ktr_syscall *ktr) 1917 { 1918 int narg = ktr->ktr_narg; 1919 register_t *ip; 1920 1921 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0) 1922 printf("[%d]", ktr->ktr_code); 1923 else { 1924 printf("%s", linux_syscallnames[ktr->ktr_code]); 1925 if (syscallno) 1926 printf("[%d]", ktr->ktr_code); 1927 } 1928 ip = &ktr->ktr_args[0]; 1929 if (narg) { 1930 char c = '('; 1931 while (narg > 0) 1932 print_number(ip, narg, c); 1933 putchar(')'); 1934 } 1935 putchar('\n'); 1936 } 1937 1938 void 1939 linux_ktrsysret(struct ktr_sysret *ktr) 1940 { 1941 register_t ret = ktr->ktr_retval; 1942 int error = ktr->ktr_error; 1943 int code = ktr->ktr_code; 1944 1945 if (code >= nlinux_syscalls || code < 0) 1946 printf("[%d] ", code); 1947 else { 1948 printf("%s", linux_syscallnames[code]); 1949 if (syscallno) 1950 printf("[%d]", code); 1951 printf(" "); 1952 } 1953 1954 if (error == 0) { 1955 if (fancy) { 1956 printf("%ld", (long)ret); 1957 if (ret < 0 || ret > 9) 1958 printf("/%#lx", (unsigned long)ret); 1959 } else { 1960 if (decimal) 1961 printf("%ld", (long)ret); 1962 else 1963 printf("%#lx", (unsigned long)ret); 1964 } 1965 } else if (error == ERESTART) 1966 printf("RESTART"); 1967 else if (error == EJUSTRETURN) 1968 printf("JUSTRETURN"); 1969 else { 1970 if (ktr->ktr_error <= ELAST + 1) 1971 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 1972 else 1973 error = 999; 1974 printf("-1 errno %d", error); 1975 if (fancy) 1976 printf(" %s", strerror(ktr->ktr_error)); 1977 } 1978 putchar('\n'); 1979 } 1980 #endif 1981 1982 void 1983 usage(void) 1984 { 1985 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] " 1986 "[-m maxdata] [-p pid] [-t trstr]\n"); 1987 exit(1); 1988 } 1989