1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/capsicum.h> 50 #include <sys/errno.h> 51 #define _KERNEL 52 #include <sys/time.h> 53 #undef _KERNEL 54 #include <sys/uio.h> 55 #include <sys/ktrace.h> 56 #include <sys/ioctl.h> 57 #include <sys/socket.h> 58 #include <sys/stat.h> 59 #include <sys/sysent.h> 60 #include <sys/umtx.h> 61 #include <sys/un.h> 62 #include <sys/queue.h> 63 #include <sys/wait.h> 64 #include <arpa/inet.h> 65 #include <netinet/in.h> 66 #include <ctype.h> 67 #include <dlfcn.h> 68 #include <err.h> 69 #include <grp.h> 70 #include <inttypes.h> 71 #ifdef HAVE_LIBCAPSICUM 72 #include <libcapsicum.h> 73 #include <libcapsicum_grp.h> 74 #include <libcapsicum_pwd.h> 75 #include <libcapsicum_service.h> 76 #endif 77 #include <locale.h> 78 #include <netdb.h> 79 #include <nl_types.h> 80 #ifdef HAVE_LIBCAPSICUM 81 #include <nv.h> 82 #endif 83 #include <pwd.h> 84 #include <stdio.h> 85 #include <stdlib.h> 86 #include <string.h> 87 #include <termios.h> 88 #include <time.h> 89 #include <unistd.h> 90 #include <vis.h> 91 #include "ktrace.h" 92 #include "kdump_subr.h" 93 94 u_int abidump(struct ktr_header *); 95 int fetchprocinfo(struct ktr_header *, u_int *); 96 int fread_tail(void *, int, int); 97 void dumpheader(struct ktr_header *); 98 void ktrsyscall(struct ktr_syscall *, u_int); 99 void ktrsysret(struct ktr_sysret *, u_int); 100 void ktrnamei(char *, int); 101 void hexdump(char *, int, int); 102 void visdump(char *, int, int); 103 void ktrgenio(struct ktr_genio *, int); 104 void ktrpsig(struct ktr_psig *); 105 void ktrcsw(struct ktr_csw *); 106 void ktrcsw_old(struct ktr_csw_old *); 107 void ktruser_malloc(void *); 108 void ktruser_rtld(int, void *); 109 void ktruser(int, void *); 110 void ktrcaprights(cap_rights_t *); 111 void ktrsockaddr(struct sockaddr *); 112 void ktrstat(struct stat *); 113 void ktrstruct(char *, size_t); 114 void ktrcapfail(struct ktr_cap_fail *); 115 void ktrfault(struct ktr_fault *); 116 void ktrfaultend(struct ktr_faultend *); 117 void limitfd(int fd); 118 void usage(void); 119 void ioctlname(unsigned long, int); 120 121 #define TIMESTAMP_NONE 0x0 122 #define TIMESTAMP_ABSOLUTE 0x1 123 #define TIMESTAMP_ELAPSED 0x2 124 #define TIMESTAMP_RELATIVE 0x4 125 126 extern const char *signames[], *syscallnames[]; 127 extern int nsyscalls; 128 129 static int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 130 resolv = 0, abiflag = 0, syscallno = 0; 131 static const char *tracefile = DEF_TRACEFILE; 132 static struct ktr_header ktr_header; 133 134 #define TIME_FORMAT "%b %e %T %Y" 135 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 136 137 #define print_number(i,n,c) do { \ 138 if (decimal) \ 139 printf("%c%jd", c, (intmax_t)*i); \ 140 else \ 141 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 142 i++; \ 143 n--; \ 144 c = ','; \ 145 } while (0) 146 147 #if defined(__amd64__) || defined(__i386__) 148 149 void linux_ktrsyscall(struct ktr_syscall *); 150 void linux_ktrsysret(struct ktr_sysret *); 151 extern const char *linux_syscallnames[]; 152 153 #include <linux_syscalls.c> 154 static int nlinux_syscalls = sizeof(linux_syscallnames) / \ 155 sizeof(linux_syscallnames[0]); 156 157 /* 158 * from linux.h 159 * Linux syscalls return negative errno's, we do positive and map them 160 */ 161 static int bsd_to_linux_errno[ELAST + 1] = { 162 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 163 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 164 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 165 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 166 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 167 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 168 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 169 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 170 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 171 -72, -67, -71 172 }; 173 #endif 174 175 struct proc_info 176 { 177 TAILQ_ENTRY(proc_info) info; 178 u_int sv_flags; 179 pid_t pid; 180 }; 181 182 static TAILQ_HEAD(trace_procs, proc_info) trace_procs; 183 184 #ifdef HAVE_LIBCAPSICUM 185 static cap_channel_t *cappwd, *capgrp; 186 #endif 187 188 static void 189 strerror_init(void) 190 { 191 192 /* 193 * Cache NLS data before entering capability mode. 194 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 195 */ 196 (void)catopen("libc", NL_CAT_LOCALE); 197 } 198 199 static void 200 localtime_init(void) 201 { 202 time_t ltime; 203 204 /* 205 * Allow localtime(3) to cache /etc/localtime content before entering 206 * capability mode. 207 * XXXPJD: There should be localtime_init() in libc. 208 */ 209 (void)time(<ime); 210 (void)localtime(<ime); 211 } 212 213 #ifdef HAVE_LIBCAPSICUM 214 static int 215 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp) 216 { 217 cap_channel_t *capcas, *cappwdloc, *capgrploc; 218 const char *cmds[1], *fields[1]; 219 220 capcas = cap_init(); 221 if (capcas == NULL) { 222 warn("unable to contact casperd"); 223 return (-1); 224 } 225 cappwdloc = cap_service_open(capcas, "system.pwd"); 226 capgrploc = cap_service_open(capcas, "system.grp"); 227 /* Casper capability no longer needed. */ 228 cap_close(capcas); 229 if (cappwdloc == NULL || capgrploc == NULL) { 230 if (cappwdloc == NULL) 231 warn("unable to open system.pwd service"); 232 if (capgrploc == NULL) 233 warn("unable to open system.grp service"); 234 exit(1); 235 } 236 /* Limit system.pwd to only getpwuid() function and pw_name field. */ 237 cmds[0] = "getpwuid"; 238 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0) 239 err(1, "unable to limit system.pwd service"); 240 fields[0] = "pw_name"; 241 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0) 242 err(1, "unable to limit system.pwd service"); 243 /* Limit system.grp to only getgrgid() function and gr_name field. */ 244 cmds[0] = "getgrgid"; 245 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0) 246 err(1, "unable to limit system.grp service"); 247 fields[0] = "gr_name"; 248 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0) 249 err(1, "unable to limit system.grp service"); 250 251 *cappwdp = cappwdloc; 252 *capgrpp = capgrploc; 253 return (0); 254 } 255 #endif /* HAVE_LIBCAPSICUM */ 256 257 int 258 main(int argc, char *argv[]) 259 { 260 int ch, ktrlen, size; 261 void *m; 262 int trpoints = ALL_POINTS; 263 int drop_logged; 264 pid_t pid = 0; 265 u_int sv_flags; 266 267 setlocale(LC_CTYPE, ""); 268 269 timestamp = TIMESTAMP_NONE; 270 271 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1) 272 switch (ch) { 273 case 'A': 274 abiflag = 1; 275 break; 276 case 'f': 277 tracefile = optarg; 278 break; 279 case 'd': 280 decimal = 1; 281 break; 282 case 'l': 283 tail = 1; 284 break; 285 case 'm': 286 maxdata = atoi(optarg); 287 break; 288 case 'n': 289 fancy = 0; 290 break; 291 case 'p': 292 pid = atoi(optarg); 293 break; 294 case 'r': 295 resolv = 1; 296 break; 297 case 'S': 298 syscallno = 1; 299 break; 300 case 's': 301 suppressdata = 1; 302 break; 303 case 'E': 304 timestamp |= TIMESTAMP_ELAPSED; 305 break; 306 case 'H': 307 threads = 1; 308 break; 309 case 'R': 310 timestamp |= TIMESTAMP_RELATIVE; 311 break; 312 case 'T': 313 timestamp |= TIMESTAMP_ABSOLUTE; 314 break; 315 case 't': 316 trpoints = getpoints(optarg); 317 if (trpoints < 0) 318 errx(1, "unknown trace point in %s", optarg); 319 break; 320 default: 321 usage(); 322 } 323 324 if (argc > optind) 325 usage(); 326 327 m = malloc(size = 1025); 328 if (m == NULL) 329 errx(1, "%s", strerror(ENOMEM)); 330 if (!freopen(tracefile, "r", stdin)) 331 err(1, "%s", tracefile); 332 333 strerror_init(); 334 localtime_init(); 335 #ifdef HAVE_LIBCAPSICUM 336 if (resolv != 0) { 337 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) { 338 cappwd = NULL; 339 capgrp = NULL; 340 } 341 } 342 if (resolv == 0 || (cappwd != NULL && capgrp != NULL)) { 343 if (cap_enter() < 0 && errno != ENOSYS) 344 err(1, "unable to enter capability mode"); 345 } 346 #else 347 if (resolv == 0) { 348 if (cap_enter() < 0 && errno != ENOSYS) 349 err(1, "unable to enter capability mode"); 350 } 351 #endif 352 limitfd(STDIN_FILENO); 353 limitfd(STDOUT_FILENO); 354 limitfd(STDERR_FILENO); 355 356 TAILQ_INIT(&trace_procs); 357 drop_logged = 0; 358 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 359 if (ktr_header.ktr_type & KTR_DROP) { 360 ktr_header.ktr_type &= ~KTR_DROP; 361 if (!drop_logged && threads) { 362 printf( 363 "%6jd %6jd %-8.*s Events dropped.\n", 364 (intmax_t)ktr_header.ktr_pid, 365 ktr_header.ktr_tid > 0 ? 366 (intmax_t)ktr_header.ktr_tid : 0, 367 MAXCOMLEN, ktr_header.ktr_comm); 368 drop_logged = 1; 369 } else if (!drop_logged) { 370 printf("%6jd %-8.*s Events dropped.\n", 371 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 372 ktr_header.ktr_comm); 373 drop_logged = 1; 374 } 375 } 376 if (trpoints & (1<<ktr_header.ktr_type)) 377 if (pid == 0 || ktr_header.ktr_pid == pid || 378 ktr_header.ktr_tid == pid) 379 dumpheader(&ktr_header); 380 if ((ktrlen = ktr_header.ktr_len) < 0) 381 errx(1, "bogus length 0x%x", ktrlen); 382 if (ktrlen > size) { 383 m = realloc(m, ktrlen+1); 384 if (m == NULL) 385 errx(1, "%s", strerror(ENOMEM)); 386 size = ktrlen; 387 } 388 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 389 errx(1, "data too short"); 390 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 391 continue; 392 sv_flags = abidump(&ktr_header); 393 if (pid && ktr_header.ktr_pid != pid && 394 ktr_header.ktr_tid != pid) 395 continue; 396 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 397 continue; 398 drop_logged = 0; 399 switch (ktr_header.ktr_type) { 400 case KTR_SYSCALL: 401 #if defined(__amd64__) || defined(__i386__) 402 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 403 linux_ktrsyscall((struct ktr_syscall *)m); 404 else 405 #endif 406 ktrsyscall((struct ktr_syscall *)m, sv_flags); 407 break; 408 case KTR_SYSRET: 409 #if defined(__amd64__) || defined(__i386__) 410 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 411 linux_ktrsysret((struct ktr_sysret *)m); 412 else 413 #endif 414 ktrsysret((struct ktr_sysret *)m, sv_flags); 415 break; 416 case KTR_NAMEI: 417 case KTR_SYSCTL: 418 ktrnamei(m, ktrlen); 419 break; 420 case KTR_GENIO: 421 ktrgenio((struct ktr_genio *)m, ktrlen); 422 break; 423 case KTR_PSIG: 424 ktrpsig((struct ktr_psig *)m); 425 break; 426 case KTR_CSW: 427 if (ktrlen == sizeof(struct ktr_csw_old)) 428 ktrcsw_old((struct ktr_csw_old *)m); 429 else 430 ktrcsw((struct ktr_csw *)m); 431 break; 432 case KTR_USER: 433 ktruser(ktrlen, m); 434 break; 435 case KTR_STRUCT: 436 ktrstruct(m, ktrlen); 437 break; 438 case KTR_CAPFAIL: 439 ktrcapfail((struct ktr_cap_fail *)m); 440 break; 441 case KTR_FAULT: 442 ktrfault((struct ktr_fault *)m); 443 break; 444 case KTR_FAULTEND: 445 ktrfaultend((struct ktr_faultend *)m); 446 break; 447 default: 448 printf("\n"); 449 break; 450 } 451 if (tail) 452 fflush(stdout); 453 } 454 return 0; 455 } 456 457 void 458 limitfd(int fd) 459 { 460 cap_rights_t rights; 461 unsigned long cmd; 462 463 cap_rights_init(&rights, CAP_FSTAT); 464 cmd = 0; 465 466 switch (fd) { 467 case STDIN_FILENO: 468 cap_rights_set(&rights, CAP_READ); 469 break; 470 case STDOUT_FILENO: 471 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE); 472 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 473 break; 474 case STDERR_FILENO: 475 cap_rights_set(&rights, CAP_WRITE); 476 if (!suppressdata) { 477 cap_rights_set(&rights, CAP_IOCTL); 478 cmd = TIOCGWINSZ; 479 } 480 break; 481 default: 482 abort(); 483 } 484 485 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) 486 err(1, "unable to limit rights for descriptor %d", fd); 487 if (cmd != 0 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 488 err(1, "unable to limit ioctls for descriptor %d", fd); 489 } 490 491 int 492 fread_tail(void *buf, int size, int num) 493 { 494 int i; 495 496 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 497 sleep(1); 498 clearerr(stdin); 499 } 500 return (i); 501 } 502 503 int 504 fetchprocinfo(struct ktr_header *kth, u_int *flags) 505 { 506 struct proc_info *pi; 507 508 switch (kth->ktr_type) { 509 case KTR_PROCCTOR: 510 TAILQ_FOREACH(pi, &trace_procs, info) { 511 if (pi->pid == kth->ktr_pid) { 512 TAILQ_REMOVE(&trace_procs, pi, info); 513 break; 514 } 515 } 516 pi = malloc(sizeof(struct proc_info)); 517 if (pi == NULL) 518 errx(1, "%s", strerror(ENOMEM)); 519 pi->sv_flags = *flags; 520 pi->pid = kth->ktr_pid; 521 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 522 return (1); 523 524 case KTR_PROCDTOR: 525 TAILQ_FOREACH(pi, &trace_procs, info) { 526 if (pi->pid == kth->ktr_pid) { 527 TAILQ_REMOVE(&trace_procs, pi, info); 528 free(pi); 529 break; 530 } 531 } 532 return (1); 533 } 534 535 return (0); 536 } 537 538 u_int 539 abidump(struct ktr_header *kth) 540 { 541 struct proc_info *pi; 542 const char *abi; 543 const char *arch; 544 u_int flags = 0; 545 546 TAILQ_FOREACH(pi, &trace_procs, info) { 547 if (pi->pid == kth->ktr_pid) { 548 flags = pi->sv_flags; 549 break; 550 } 551 } 552 553 if (abiflag == 0) 554 return (flags); 555 556 switch (flags & SV_ABI_MASK) { 557 case SV_ABI_LINUX: 558 abi = "L"; 559 break; 560 case SV_ABI_FREEBSD: 561 abi = "F"; 562 break; 563 default: 564 abi = "U"; 565 break; 566 } 567 568 if (flags != 0) { 569 if (flags & SV_LP64) 570 arch = "64"; 571 else 572 arch = "32"; 573 } else 574 arch = "00"; 575 576 printf("%s%s ", abi, arch); 577 578 return (flags); 579 } 580 581 void 582 dumpheader(struct ktr_header *kth) 583 { 584 static char unknown[64]; 585 static struct timeval prevtime, prevtime_e, temp; 586 const char *type; 587 const char *sign; 588 589 switch (kth->ktr_type) { 590 case KTR_SYSCALL: 591 type = "CALL"; 592 break; 593 case KTR_SYSRET: 594 type = "RET "; 595 break; 596 case KTR_NAMEI: 597 type = "NAMI"; 598 break; 599 case KTR_GENIO: 600 type = "GIO "; 601 break; 602 case KTR_PSIG: 603 type = "PSIG"; 604 break; 605 case KTR_CSW: 606 type = "CSW "; 607 break; 608 case KTR_USER: 609 type = "USER"; 610 break; 611 case KTR_STRUCT: 612 type = "STRU"; 613 break; 614 case KTR_SYSCTL: 615 type = "SCTL"; 616 break; 617 case KTR_PROCCTOR: 618 /* FALLTHROUGH */ 619 case KTR_PROCDTOR: 620 return; 621 case KTR_CAPFAIL: 622 type = "CAP "; 623 break; 624 case KTR_FAULT: 625 type = "PFLT"; 626 break; 627 case KTR_FAULTEND: 628 type = "PRET"; 629 break; 630 default: 631 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 632 type = unknown; 633 } 634 635 /* 636 * The ktr_tid field was previously the ktr_buffer field, which held 637 * the kernel pointer value for the buffer associated with data 638 * following the record header. It now holds a threadid, but only 639 * for trace files after the change. Older trace files still contain 640 * kernel pointers. Detect this and suppress the results by printing 641 * negative tid's as 0. 642 */ 643 if (threads) 644 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 645 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 646 MAXCOMLEN, kth->ktr_comm); 647 else 648 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 649 kth->ktr_comm); 650 if (timestamp) { 651 if (timestamp & TIMESTAMP_ABSOLUTE) { 652 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 653 kth->ktr_time.tv_usec); 654 } 655 if (timestamp & TIMESTAMP_ELAPSED) { 656 if (prevtime_e.tv_sec == 0) 657 prevtime_e = kth->ktr_time; 658 timevalsub(&kth->ktr_time, &prevtime_e); 659 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 660 kth->ktr_time.tv_usec); 661 timevaladd(&kth->ktr_time, &prevtime_e); 662 } 663 if (timestamp & TIMESTAMP_RELATIVE) { 664 if (prevtime.tv_sec == 0) 665 prevtime = kth->ktr_time; 666 temp = kth->ktr_time; 667 timevalsub(&kth->ktr_time, &prevtime); 668 if ((intmax_t)kth->ktr_time.tv_sec < 0) { 669 kth->ktr_time = prevtime; 670 prevtime = temp; 671 timevalsub(&kth->ktr_time, &prevtime); 672 sign = "-"; 673 } else { 674 prevtime = temp; 675 sign = ""; 676 } 677 printf("%s%jd.%06ld ", sign, (intmax_t)kth->ktr_time.tv_sec, 678 kth->ktr_time.tv_usec); 679 } 680 } 681 printf("%s ", type); 682 } 683 684 #include <sys/syscall.h> 685 #define KTRACE 686 #include <sys/kern/syscalls.c> 687 #undef KTRACE 688 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 689 690 void 691 ktrsyscall(struct ktr_syscall *ktr, u_int flags) 692 { 693 int narg = ktr->ktr_narg; 694 register_t *ip; 695 intmax_t arg; 696 697 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 698 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 699 printf("[%d]", ktr->ktr_code); 700 else { 701 printf("%s", syscallnames[ktr->ktr_code]); 702 if (syscallno) 703 printf("[%d]", ktr->ktr_code); 704 } 705 ip = &ktr->ktr_args[0]; 706 if (narg) { 707 char c = '('; 708 if (fancy && 709 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 710 switch (ktr->ktr_code) { 711 case SYS_bindat: 712 case SYS_connectat: 713 case SYS_faccessat: 714 case SYS_fchmodat: 715 case SYS_fchownat: 716 case SYS_fstatat: 717 case SYS_futimesat: 718 case SYS_linkat: 719 case SYS_mkdirat: 720 case SYS_mkfifoat: 721 case SYS_mknodat: 722 case SYS_openat: 723 case SYS_readlinkat: 724 case SYS_renameat: 725 case SYS_unlinkat: 726 case SYS_utimensat: 727 putchar('('); 728 atfdname(*ip, decimal); 729 c = ','; 730 ip++; 731 narg--; 732 break; 733 } 734 switch (ktr->ktr_code) { 735 case SYS_ioctl: { 736 print_number(ip, narg, c); 737 putchar(c); 738 ioctlname(*ip, decimal); 739 c = ','; 740 ip++; 741 narg--; 742 break; 743 } 744 case SYS_ptrace: 745 putchar('('); 746 ptraceopname(*ip); 747 c = ','; 748 ip++; 749 narg--; 750 break; 751 case SYS_access: 752 case SYS_eaccess: 753 case SYS_faccessat: 754 print_number(ip, narg, c); 755 putchar(','); 756 accessmodename(*ip); 757 ip++; 758 narg--; 759 break; 760 case SYS_open: 761 case SYS_openat: 762 print_number(ip, narg, c); 763 putchar(','); 764 flagsandmodename(ip[0], ip[1], decimal); 765 ip += 2; 766 narg -= 2; 767 break; 768 case SYS_wait4: 769 print_number(ip, narg, c); 770 print_number(ip, narg, c); 771 /* 772 * A flags value of zero is valid for 773 * wait4() but not for wait6(), so 774 * handle zero special here. 775 */ 776 if (*ip == 0) { 777 print_number(ip, narg, c); 778 } else { 779 putchar(','); 780 wait6optname(*ip); 781 ip++; 782 narg--; 783 } 784 break; 785 case SYS_wait6: 786 putchar('('); 787 idtypename(*ip, decimal); 788 c = ','; 789 ip++; 790 narg--; 791 print_number(ip, narg, c); 792 print_number(ip, narg, c); 793 putchar(','); 794 wait6optname(*ip); 795 ip++; 796 narg--; 797 break; 798 case SYS_chmod: 799 case SYS_fchmod: 800 case SYS_lchmod: 801 print_number(ip, narg, c); 802 putchar(','); 803 modename(*ip); 804 ip++; 805 narg--; 806 break; 807 case SYS_mknod: 808 case SYS_mknodat: 809 print_number(ip, narg, c); 810 putchar(','); 811 modename(*ip); 812 ip++; 813 narg--; 814 break; 815 case SYS_getfsstat: 816 print_number(ip, narg, c); 817 print_number(ip, narg, c); 818 putchar(','); 819 getfsstatflagsname(*ip); 820 ip++; 821 narg--; 822 break; 823 case SYS_mount: 824 print_number(ip, narg, c); 825 print_number(ip, narg, c); 826 putchar(','); 827 mountflagsname(*ip); 828 ip++; 829 narg--; 830 break; 831 case SYS_unmount: 832 print_number(ip, narg, c); 833 putchar(','); 834 mountflagsname(*ip); 835 ip++; 836 narg--; 837 break; 838 case SYS_recvmsg: 839 case SYS_sendmsg: 840 print_number(ip, narg, c); 841 print_number(ip, narg, c); 842 putchar(','); 843 sendrecvflagsname(*ip); 844 ip++; 845 narg--; 846 break; 847 case SYS_recvfrom: 848 case SYS_sendto: 849 print_number(ip, narg, c); 850 print_number(ip, narg, c); 851 print_number(ip, narg, c); 852 putchar(','); 853 sendrecvflagsname(*ip); 854 ip++; 855 narg--; 856 break; 857 case SYS_chflags: 858 case SYS_fchflags: 859 case SYS_lchflags: 860 print_number(ip, narg, c); 861 putchar(','); 862 modename(*ip); 863 ip++; 864 narg--; 865 break; 866 case SYS_kill: 867 print_number(ip, narg, c); 868 putchar(','); 869 signame(*ip); 870 ip++; 871 narg--; 872 break; 873 case SYS_reboot: 874 putchar('('); 875 rebootoptname(*ip); 876 ip++; 877 narg--; 878 break; 879 case SYS_umask: 880 putchar('('); 881 modename(*ip); 882 ip++; 883 narg--; 884 break; 885 case SYS_msync: 886 print_number(ip, narg, c); 887 print_number(ip, narg, c); 888 putchar(','); 889 msyncflagsname(*ip); 890 ip++; 891 narg--; 892 break; 893 #ifdef SYS_freebsd6_mmap 894 case SYS_freebsd6_mmap: 895 print_number(ip, narg, c); 896 print_number(ip, narg, c); 897 putchar(','); 898 mmapprotname(*ip); 899 putchar(','); 900 ip++; 901 narg--; 902 mmapflagsname(*ip); 903 ip++; 904 narg--; 905 break; 906 #endif 907 case SYS_mmap: 908 print_number(ip, narg, c); 909 print_number(ip, narg, c); 910 putchar(','); 911 mmapprotname(*ip); 912 putchar(','); 913 ip++; 914 narg--; 915 mmapflagsname(*ip); 916 ip++; 917 narg--; 918 break; 919 case SYS_mprotect: 920 print_number(ip, narg, c); 921 print_number(ip, narg, c); 922 putchar(','); 923 mmapprotname(*ip); 924 ip++; 925 narg--; 926 break; 927 case SYS_madvise: 928 print_number(ip, narg, c); 929 print_number(ip, narg, c); 930 putchar(','); 931 madvisebehavname(*ip); 932 ip++; 933 narg--; 934 break; 935 case SYS_setpriority: 936 print_number(ip, narg, c); 937 print_number(ip, narg, c); 938 putchar(','); 939 prioname(*ip); 940 ip++; 941 narg--; 942 break; 943 case SYS_fcntl: 944 print_number(ip, narg, c); 945 putchar(','); 946 fcntlcmdname(ip[0], ip[1], decimal); 947 ip += 2; 948 narg -= 2; 949 break; 950 case SYS_socket: { 951 int sockdomain; 952 putchar('('); 953 sockdomain = *ip; 954 sockdomainname(sockdomain); 955 ip++; 956 narg--; 957 putchar(','); 958 socktypenamewithflags(*ip); 959 ip++; 960 narg--; 961 if (sockdomain == PF_INET || 962 sockdomain == PF_INET6) { 963 putchar(','); 964 sockipprotoname(*ip); 965 ip++; 966 narg--; 967 } 968 c = ','; 969 break; 970 } 971 case SYS_setsockopt: 972 case SYS_getsockopt: 973 print_number(ip, narg, c); 974 putchar(','); 975 sockoptlevelname(*ip, decimal); 976 if (*ip == SOL_SOCKET) { 977 ip++; 978 narg--; 979 putchar(','); 980 sockoptname(*ip); 981 } 982 ip++; 983 narg--; 984 break; 985 #ifdef SYS_freebsd6_lseek 986 case SYS_freebsd6_lseek: 987 print_number(ip, narg, c); 988 /* Hidden 'pad' argument, not in lseek(2) */ 989 print_number(ip, narg, c); 990 print_number(ip, narg, c); 991 putchar(','); 992 whencename(*ip); 993 ip++; 994 narg--; 995 break; 996 #endif 997 case SYS_lseek: 998 print_number(ip, narg, c); 999 /* Hidden 'pad' argument, not in lseek(2) */ 1000 print_number(ip, narg, c); 1001 putchar(','); 1002 whencename(*ip); 1003 ip++; 1004 narg--; 1005 break; 1006 case SYS_flock: 1007 print_number(ip, narg, c); 1008 putchar(','); 1009 flockname(*ip); 1010 ip++; 1011 narg--; 1012 break; 1013 case SYS_mkfifo: 1014 case SYS_mkfifoat: 1015 case SYS_mkdir: 1016 case SYS_mkdirat: 1017 print_number(ip, narg, c); 1018 putchar(','); 1019 modename(*ip); 1020 ip++; 1021 narg--; 1022 break; 1023 case SYS_shutdown: 1024 print_number(ip, narg, c); 1025 putchar(','); 1026 shutdownhowname(*ip); 1027 ip++; 1028 narg--; 1029 break; 1030 case SYS_socketpair: 1031 putchar('('); 1032 sockdomainname(*ip); 1033 ip++; 1034 narg--; 1035 putchar(','); 1036 socktypenamewithflags(*ip); 1037 ip++; 1038 narg--; 1039 c = ','; 1040 break; 1041 case SYS_getrlimit: 1042 case SYS_setrlimit: 1043 putchar('('); 1044 rlimitname(*ip); 1045 ip++; 1046 narg--; 1047 c = ','; 1048 break; 1049 case SYS_quotactl: 1050 print_number(ip, narg, c); 1051 putchar(','); 1052 quotactlname(*ip); 1053 ip++; 1054 narg--; 1055 c = ','; 1056 break; 1057 case SYS_nfssvc: 1058 putchar('('); 1059 nfssvcname(*ip); 1060 ip++; 1061 narg--; 1062 c = ','; 1063 break; 1064 case SYS_rtprio: 1065 putchar('('); 1066 rtprioname(*ip); 1067 ip++; 1068 narg--; 1069 c = ','; 1070 break; 1071 case SYS___semctl: 1072 print_number(ip, narg, c); 1073 print_number(ip, narg, c); 1074 putchar(','); 1075 semctlname(*ip); 1076 ip++; 1077 narg--; 1078 break; 1079 case SYS_semget: 1080 print_number(ip, narg, c); 1081 print_number(ip, narg, c); 1082 putchar(','); 1083 semgetname(*ip); 1084 ip++; 1085 narg--; 1086 break; 1087 case SYS_msgctl: 1088 print_number(ip, narg, c); 1089 putchar(','); 1090 shmctlname(*ip); 1091 ip++; 1092 narg--; 1093 break; 1094 case SYS_shmat: 1095 print_number(ip, narg, c); 1096 print_number(ip, narg, c); 1097 putchar(','); 1098 shmatname(*ip); 1099 ip++; 1100 narg--; 1101 break; 1102 case SYS_shmctl: 1103 print_number(ip, narg, c); 1104 putchar(','); 1105 shmctlname(*ip); 1106 ip++; 1107 narg--; 1108 break; 1109 case SYS_shm_open: 1110 print_number(ip, narg, c); 1111 putchar(','); 1112 flagsname(ip[0]); 1113 printf(",0%o", (unsigned int)ip[1]); 1114 ip += 3; 1115 narg -= 3; 1116 break; 1117 case SYS_minherit: 1118 print_number(ip, narg, c); 1119 print_number(ip, narg, c); 1120 putchar(','); 1121 minheritname(*ip); 1122 ip++; 1123 narg--; 1124 break; 1125 case SYS_rfork: 1126 putchar('('); 1127 rforkname(*ip); 1128 ip++; 1129 narg--; 1130 c = ','; 1131 break; 1132 case SYS_lio_listio: 1133 putchar('('); 1134 lio_listioname(*ip); 1135 ip++; 1136 narg--; 1137 c = ','; 1138 break; 1139 case SYS_mlockall: 1140 putchar('('); 1141 mlockallname(*ip); 1142 ip++; 1143 narg--; 1144 break; 1145 case SYS_sched_setscheduler: 1146 print_number(ip, narg, c); 1147 putchar(','); 1148 schedpolicyname(*ip); 1149 ip++; 1150 narg--; 1151 break; 1152 case SYS_sched_get_priority_max: 1153 case SYS_sched_get_priority_min: 1154 putchar('('); 1155 schedpolicyname(*ip); 1156 ip++; 1157 narg--; 1158 break; 1159 case SYS_sendfile: 1160 print_number(ip, narg, c); 1161 print_number(ip, narg, c); 1162 print_number(ip, narg, c); 1163 print_number(ip, narg, c); 1164 print_number(ip, narg, c); 1165 print_number(ip, narg, c); 1166 putchar(','); 1167 sendfileflagsname(*(int *)ip); 1168 ip++; 1169 narg--; 1170 break; 1171 case SYS_kldsym: 1172 print_number(ip, narg, c); 1173 putchar(','); 1174 kldsymcmdname(*ip); 1175 ip++; 1176 narg--; 1177 break; 1178 case SYS_sigprocmask: 1179 putchar('('); 1180 sigprocmaskhowname(*ip); 1181 ip++; 1182 narg--; 1183 c = ','; 1184 break; 1185 case SYS___acl_get_file: 1186 case SYS___acl_set_file: 1187 case SYS___acl_get_fd: 1188 case SYS___acl_set_fd: 1189 case SYS___acl_delete_file: 1190 case SYS___acl_delete_fd: 1191 case SYS___acl_aclcheck_file: 1192 case SYS___acl_aclcheck_fd: 1193 case SYS___acl_get_link: 1194 case SYS___acl_set_link: 1195 case SYS___acl_delete_link: 1196 case SYS___acl_aclcheck_link: 1197 print_number(ip, narg, c); 1198 putchar(','); 1199 acltypename(*ip); 1200 ip++; 1201 narg--; 1202 break; 1203 case SYS_sigaction: 1204 putchar('('); 1205 signame(*ip); 1206 ip++; 1207 narg--; 1208 c = ','; 1209 break; 1210 case SYS_extattrctl: 1211 print_number(ip, narg, c); 1212 putchar(','); 1213 extattrctlname(*ip); 1214 ip++; 1215 narg--; 1216 break; 1217 case SYS_nmount: 1218 print_number(ip, narg, c); 1219 print_number(ip, narg, c); 1220 putchar(','); 1221 mountflagsname(*ip); 1222 ip++; 1223 narg--; 1224 break; 1225 case SYS_thr_create: 1226 print_number(ip, narg, c); 1227 print_number(ip, narg, c); 1228 putchar(','); 1229 thrcreateflagsname(*ip); 1230 ip++; 1231 narg--; 1232 break; 1233 case SYS_thr_kill: 1234 print_number(ip, narg, c); 1235 putchar(','); 1236 signame(*ip); 1237 ip++; 1238 narg--; 1239 break; 1240 case SYS_kldunloadf: 1241 print_number(ip, narg, c); 1242 putchar(','); 1243 kldunloadfflagsname(*ip); 1244 ip++; 1245 narg--; 1246 break; 1247 case SYS_linkat: 1248 case SYS_renameat: 1249 case SYS_symlinkat: 1250 print_number(ip, narg, c); 1251 putchar(','); 1252 atfdname(*ip, decimal); 1253 ip++; 1254 narg--; 1255 break; 1256 case SYS_cap_fcntls_limit: 1257 print_number(ip, narg, c); 1258 putchar(','); 1259 arg = *ip; 1260 ip++; 1261 narg--; 1262 capfcntlname(arg); 1263 break; 1264 case SYS_posix_fadvise: 1265 print_number(ip, narg, c); 1266 print_number(ip, narg, c); 1267 print_number(ip, narg, c); 1268 (void)putchar(','); 1269 fadvisebehavname((int)*ip); 1270 ip++; 1271 narg--; 1272 break; 1273 case SYS_procctl: 1274 putchar('('); 1275 idtypename(*ip, decimal); 1276 c = ','; 1277 ip++; 1278 narg--; 1279 print_number(ip, narg, c); 1280 putchar(','); 1281 procctlcmdname(*ip); 1282 ip++; 1283 narg--; 1284 break; 1285 case SYS__umtx_op: 1286 print_number(ip, narg, c); 1287 putchar(','); 1288 umtxopname(*ip); 1289 switch (*ip) { 1290 case UMTX_OP_CV_WAIT: 1291 ip++; 1292 narg--; 1293 putchar(','); 1294 umtxcvwaitflags(*ip); 1295 break; 1296 case UMTX_OP_RW_RDLOCK: 1297 ip++; 1298 narg--; 1299 putchar(','); 1300 umtxrwlockflags(*ip); 1301 break; 1302 } 1303 ip++; 1304 narg--; 1305 } 1306 } 1307 while (narg > 0) { 1308 print_number(ip, narg, c); 1309 } 1310 putchar(')'); 1311 } 1312 putchar('\n'); 1313 } 1314 1315 void 1316 ktrsysret(struct ktr_sysret *ktr, u_int flags) 1317 { 1318 register_t ret = ktr->ktr_retval; 1319 int error = ktr->ktr_error; 1320 int code = ktr->ktr_code; 1321 1322 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1323 (code >= nsyscalls || code < 0)) 1324 printf("[%d] ", code); 1325 else { 1326 printf("%s", syscallnames[code]); 1327 if (syscallno) 1328 printf("[%d]", code); 1329 printf(" "); 1330 } 1331 1332 if (error == 0) { 1333 if (fancy) { 1334 printf("%ld", (long)ret); 1335 if (ret < 0 || ret > 9) 1336 printf("/%#lx", (unsigned long)ret); 1337 } else { 1338 if (decimal) 1339 printf("%ld", (long)ret); 1340 else 1341 printf("%#lx", (unsigned long)ret); 1342 } 1343 } else if (error == ERESTART) 1344 printf("RESTART"); 1345 else if (error == EJUSTRETURN) 1346 printf("JUSTRETURN"); 1347 else { 1348 printf("-1 errno %d", ktr->ktr_error); 1349 if (fancy) 1350 printf(" %s", strerror(ktr->ktr_error)); 1351 } 1352 putchar('\n'); 1353 } 1354 1355 void 1356 ktrnamei(char *cp, int len) 1357 { 1358 printf("\"%.*s\"\n", len, cp); 1359 } 1360 1361 void 1362 hexdump(char *p, int len, int screenwidth) 1363 { 1364 int n, i; 1365 int width; 1366 1367 width = 0; 1368 do { 1369 width += 2; 1370 i = 13; /* base offset */ 1371 i += (width / 2) + 1; /* spaces every second byte */ 1372 i += (width * 2); /* width of bytes */ 1373 i += 3; /* " |" */ 1374 i += width; /* each byte */ 1375 i += 1; /* "|" */ 1376 } while (i < screenwidth); 1377 width -= 2; 1378 1379 for (n = 0; n < len; n += width) { 1380 for (i = n; i < n + width; i++) { 1381 if ((i % width) == 0) { /* beginning of line */ 1382 printf(" 0x%04x", i); 1383 } 1384 if ((i % 2) == 0) { 1385 printf(" "); 1386 } 1387 if (i < len) 1388 printf("%02x", p[i] & 0xff); 1389 else 1390 printf(" "); 1391 } 1392 printf(" |"); 1393 for (i = n; i < n + width; i++) { 1394 if (i >= len) 1395 break; 1396 if (p[i] >= ' ' && p[i] <= '~') 1397 printf("%c", p[i]); 1398 else 1399 printf("."); 1400 } 1401 printf("|\n"); 1402 } 1403 if ((i % width) != 0) 1404 printf("\n"); 1405 } 1406 1407 void 1408 visdump(char *dp, int datalen, int screenwidth) 1409 { 1410 int col = 0; 1411 char *cp; 1412 int width; 1413 char visbuf[5]; 1414 1415 printf(" \""); 1416 col = 8; 1417 for (;datalen > 0; datalen--, dp++) { 1418 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1419 cp = visbuf; 1420 /* 1421 * Keep track of printables and 1422 * space chars (like fold(1)). 1423 */ 1424 if (col == 0) { 1425 putchar('\t'); 1426 col = 8; 1427 } 1428 switch(*cp) { 1429 case '\n': 1430 col = 0; 1431 putchar('\n'); 1432 continue; 1433 case '\t': 1434 width = 8 - (col&07); 1435 break; 1436 default: 1437 width = strlen(cp); 1438 } 1439 if (col + width > (screenwidth-2)) { 1440 printf("\\\n\t"); 1441 col = 8; 1442 } 1443 col += width; 1444 do { 1445 putchar(*cp++); 1446 } while (*cp); 1447 } 1448 if (col == 0) 1449 printf(" "); 1450 printf("\"\n"); 1451 } 1452 1453 void 1454 ktrgenio(struct ktr_genio *ktr, int len) 1455 { 1456 int datalen = len - sizeof (struct ktr_genio); 1457 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1458 static int screenwidth = 0; 1459 int i, binary; 1460 1461 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1462 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1463 datalen == 1 ? "" : "s"); 1464 if (suppressdata) 1465 return; 1466 if (screenwidth == 0) { 1467 struct winsize ws; 1468 1469 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1470 ws.ws_col > 8) 1471 screenwidth = ws.ws_col; 1472 else 1473 screenwidth = 80; 1474 } 1475 if (maxdata && datalen > maxdata) 1476 datalen = maxdata; 1477 1478 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1479 if (dp[i] >= 32 && dp[i] < 127) 1480 continue; 1481 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1482 continue; 1483 binary = 1; 1484 } 1485 if (binary) 1486 hexdump(dp, datalen, screenwidth); 1487 else 1488 visdump(dp, datalen, screenwidth); 1489 } 1490 1491 const char *signames[] = { 1492 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1493 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1494 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1495 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1496 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1497 "USR2", NULL, /* 31 - 32 */ 1498 }; 1499 1500 void 1501 ktrpsig(struct ktr_psig *psig) 1502 { 1503 if (psig->signo > 0 && psig->signo < NSIG) 1504 printf("SIG%s ", signames[psig->signo]); 1505 else 1506 printf("SIG %d ", psig->signo); 1507 if (psig->action == SIG_DFL) { 1508 printf("SIG_DFL code="); 1509 sigcodename(psig->signo, psig->code); 1510 putchar('\n'); 1511 } else { 1512 printf("caught handler=0x%lx mask=0x%x code=", 1513 (u_long)psig->action, psig->mask.__bits[0]); 1514 sigcodename(psig->signo, psig->code); 1515 putchar('\n'); 1516 } 1517 } 1518 1519 void 1520 ktrcsw_old(struct ktr_csw_old *cs) 1521 { 1522 printf("%s %s\n", cs->out ? "stop" : "resume", 1523 cs->user ? "user" : "kernel"); 1524 } 1525 1526 void 1527 ktrcsw(struct ktr_csw *cs) 1528 { 1529 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1530 cs->user ? "user" : "kernel", cs->wmesg); 1531 } 1532 1533 #define UTRACE_DLOPEN_START 1 1534 #define UTRACE_DLOPEN_STOP 2 1535 #define UTRACE_DLCLOSE_START 3 1536 #define UTRACE_DLCLOSE_STOP 4 1537 #define UTRACE_LOAD_OBJECT 5 1538 #define UTRACE_UNLOAD_OBJECT 6 1539 #define UTRACE_ADD_RUNDEP 7 1540 #define UTRACE_PRELOAD_FINISHED 8 1541 #define UTRACE_INIT_CALL 9 1542 #define UTRACE_FINI_CALL 10 1543 #define UTRACE_DLSYM_START 11 1544 #define UTRACE_DLSYM_STOP 12 1545 1546 struct utrace_rtld { 1547 char sig[4]; /* 'RTLD' */ 1548 int event; 1549 void *handle; 1550 void *mapbase; 1551 size_t mapsize; 1552 int refcnt; 1553 char name[MAXPATHLEN]; 1554 }; 1555 1556 void 1557 ktruser_rtld(int len, void *p) 1558 { 1559 struct utrace_rtld *ut = p; 1560 unsigned char *cp; 1561 void *parent; 1562 int mode; 1563 1564 switch (ut->event) { 1565 case UTRACE_DLOPEN_START: 1566 mode = ut->refcnt; 1567 printf("dlopen(%s, ", ut->name); 1568 switch (mode & RTLD_MODEMASK) { 1569 case RTLD_NOW: 1570 printf("RTLD_NOW"); 1571 break; 1572 case RTLD_LAZY: 1573 printf("RTLD_LAZY"); 1574 break; 1575 default: 1576 printf("%#x", mode & RTLD_MODEMASK); 1577 } 1578 if (mode & RTLD_GLOBAL) 1579 printf(" | RTLD_GLOBAL"); 1580 if (mode & RTLD_TRACE) 1581 printf(" | RTLD_TRACE"); 1582 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1583 printf(" | %#x", mode & 1584 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1585 printf(")\n"); 1586 break; 1587 case UTRACE_DLOPEN_STOP: 1588 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1589 ut->refcnt); 1590 break; 1591 case UTRACE_DLCLOSE_START: 1592 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1593 ut->refcnt); 1594 break; 1595 case UTRACE_DLCLOSE_STOP: 1596 printf("dlclose(%p) finished\n", ut->handle); 1597 break; 1598 case UTRACE_LOAD_OBJECT: 1599 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1600 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1601 ut->name); 1602 break; 1603 case UTRACE_UNLOAD_OBJECT: 1604 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1605 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1606 ut->name); 1607 break; 1608 case UTRACE_ADD_RUNDEP: 1609 parent = ut->mapbase; 1610 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1611 ut->handle, ut->name, ut->refcnt); 1612 break; 1613 case UTRACE_PRELOAD_FINISHED: 1614 printf("RTLD: LD_PRELOAD finished\n"); 1615 break; 1616 case UTRACE_INIT_CALL: 1617 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1618 ut->name); 1619 break; 1620 case UTRACE_FINI_CALL: 1621 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1622 ut->name); 1623 break; 1624 case UTRACE_DLSYM_START: 1625 printf("RTLD: dlsym(%p, %s)\n", ut->handle, ut->name); 1626 break; 1627 case UTRACE_DLSYM_STOP: 1628 printf("RTLD: %p = dlsym(%p, %s)\n", ut->mapbase, ut->handle, 1629 ut->name); 1630 break; 1631 default: 1632 cp = p; 1633 cp += 4; 1634 len -= 4; 1635 printf("RTLD: %d ", len); 1636 while (len--) 1637 if (decimal) 1638 printf(" %d", *cp++); 1639 else 1640 printf(" %02x", *cp++); 1641 printf("\n"); 1642 } 1643 } 1644 1645 struct utrace_malloc { 1646 void *p; 1647 size_t s; 1648 void *r; 1649 }; 1650 1651 void 1652 ktruser_malloc(void *p) 1653 { 1654 struct utrace_malloc *ut = p; 1655 1656 if (ut->p == (void *)(intptr_t)(-1)) 1657 printf("malloc_init()\n"); 1658 else if (ut->s == 0) 1659 printf("free(%p)\n", ut->p); 1660 else if (ut->p == NULL) 1661 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1662 else 1663 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1664 } 1665 1666 void 1667 ktruser(int len, void *p) 1668 { 1669 unsigned char *cp; 1670 1671 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1672 ktruser_rtld(len, p); 1673 return; 1674 } 1675 1676 if (len == sizeof(struct utrace_malloc)) { 1677 ktruser_malloc(p); 1678 return; 1679 } 1680 1681 printf("%d ", len); 1682 cp = p; 1683 while (len--) 1684 if (decimal) 1685 printf(" %d", *cp++); 1686 else 1687 printf(" %02x", *cp++); 1688 printf("\n"); 1689 } 1690 1691 void 1692 ktrcaprights(cap_rights_t *rightsp) 1693 { 1694 1695 printf("cap_rights_t "); 1696 capname(rightsp); 1697 printf("\n"); 1698 } 1699 1700 void 1701 ktrsockaddr(struct sockaddr *sa) 1702 { 1703 /* 1704 TODO: Support additional address families 1705 #include <netnatm/natm.h> 1706 struct sockaddr_natm *natm; 1707 #include <netsmb/netbios.h> 1708 struct sockaddr_nb *nb; 1709 */ 1710 char addr[64]; 1711 1712 /* 1713 * note: ktrstruct() has already verified that sa points to a 1714 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1715 * sa->sa_len bytes long. 1716 */ 1717 printf("struct sockaddr { "); 1718 sockfamilyname(sa->sa_family); 1719 printf(", "); 1720 1721 #define check_sockaddr_len(n) \ 1722 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1723 printf("invalid"); \ 1724 break; \ 1725 } 1726 1727 switch(sa->sa_family) { 1728 case AF_INET: { 1729 struct sockaddr_in sa_in; 1730 1731 memset(&sa_in, 0, sizeof(sa_in)); 1732 memcpy(&sa_in, sa, sa->sa_len); 1733 check_sockaddr_len(in); 1734 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1735 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1736 break; 1737 } 1738 case AF_INET6: { 1739 struct sockaddr_in6 sa_in6; 1740 1741 memset(&sa_in6, 0, sizeof(sa_in6)); 1742 memcpy(&sa_in6, sa, sa->sa_len); 1743 check_sockaddr_len(in6); 1744 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1745 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1746 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1747 break; 1748 } 1749 case AF_UNIX: { 1750 struct sockaddr_un sa_un; 1751 1752 memset(&sa_un, 0, sizeof(sa_un)); 1753 memcpy(&sa_un, sa, sa->sa_len); 1754 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1755 break; 1756 } 1757 default: 1758 printf("unknown address family"); 1759 } 1760 printf(" }\n"); 1761 } 1762 1763 void 1764 ktrstat(struct stat *statp) 1765 { 1766 char mode[12], timestr[PATH_MAX + 4]; 1767 struct passwd *pwd; 1768 struct group *grp; 1769 struct tm *tm; 1770 1771 /* 1772 * note: ktrstruct() has already verified that statp points to a 1773 * buffer exactly sizeof(struct stat) bytes long. 1774 */ 1775 printf("struct stat {"); 1776 printf("dev=%ju, ino=%ju, ", 1777 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); 1778 if (resolv == 0) 1779 printf("mode=0%jo, ", (uintmax_t)statp->st_mode); 1780 else { 1781 strmode(statp->st_mode, mode); 1782 printf("mode=%s, ", mode); 1783 } 1784 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); 1785 if (resolv == 0) { 1786 pwd = NULL; 1787 } else { 1788 #ifdef HAVE_LIBCAPSICUM 1789 if (cappwd != NULL) 1790 pwd = cap_getpwuid(cappwd, statp->st_uid); 1791 else 1792 #endif 1793 pwd = getpwuid(statp->st_uid); 1794 } 1795 if (pwd == NULL) 1796 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1797 else 1798 printf("uid=\"%s\", ", pwd->pw_name); 1799 if (resolv == 0) { 1800 grp = NULL; 1801 } else { 1802 #ifdef HAVE_LIBCAPSICUM 1803 if (capgrp != NULL) 1804 grp = cap_getgrgid(capgrp, statp->st_gid); 1805 else 1806 #endif 1807 grp = getgrgid(statp->st_gid); 1808 } 1809 if (grp == NULL) 1810 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1811 else 1812 printf("gid=\"%s\", ", grp->gr_name); 1813 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1814 printf("atime="); 1815 if (resolv == 0) 1816 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1817 else { 1818 tm = localtime(&statp->st_atim.tv_sec); 1819 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1820 printf("\"%s\"", timestr); 1821 } 1822 if (statp->st_atim.tv_nsec != 0) 1823 printf(".%09ld, ", statp->st_atim.tv_nsec); 1824 else 1825 printf(", "); 1826 printf("stime="); 1827 if (resolv == 0) 1828 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1829 else { 1830 tm = localtime(&statp->st_mtim.tv_sec); 1831 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1832 printf("\"%s\"", timestr); 1833 } 1834 if (statp->st_mtim.tv_nsec != 0) 1835 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1836 else 1837 printf(", "); 1838 printf("ctime="); 1839 if (resolv == 0) 1840 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1841 else { 1842 tm = localtime(&statp->st_ctim.tv_sec); 1843 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1844 printf("\"%s\"", timestr); 1845 } 1846 if (statp->st_ctim.tv_nsec != 0) 1847 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1848 else 1849 printf(", "); 1850 printf("birthtime="); 1851 if (resolv == 0) 1852 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1853 else { 1854 tm = localtime(&statp->st_birthtim.tv_sec); 1855 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1856 printf("\"%s\"", timestr); 1857 } 1858 if (statp->st_birthtim.tv_nsec != 0) 1859 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1860 else 1861 printf(", "); 1862 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1863 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1864 (intmax_t)statp->st_blocks, statp->st_flags); 1865 printf(" }\n"); 1866 } 1867 1868 void 1869 ktrstruct(char *buf, size_t buflen) 1870 { 1871 char *name, *data; 1872 size_t namelen, datalen; 1873 int i; 1874 cap_rights_t rights; 1875 struct stat sb; 1876 struct sockaddr_storage ss; 1877 1878 for (name = buf, namelen = 0; 1879 namelen < buflen && name[namelen] != '\0'; 1880 ++namelen) 1881 /* nothing */; 1882 if (namelen == buflen) 1883 goto invalid; 1884 if (name[namelen] != '\0') 1885 goto invalid; 1886 data = buf + namelen + 1; 1887 datalen = buflen - namelen - 1; 1888 if (datalen == 0) 1889 goto invalid; 1890 /* sanity check */ 1891 for (i = 0; i < (int)namelen; ++i) 1892 if (!isalpha(name[i])) 1893 goto invalid; 1894 if (strcmp(name, "caprights") == 0) { 1895 if (datalen != sizeof(cap_rights_t)) 1896 goto invalid; 1897 memcpy(&rights, data, datalen); 1898 ktrcaprights(&rights); 1899 } else if (strcmp(name, "stat") == 0) { 1900 if (datalen != sizeof(struct stat)) 1901 goto invalid; 1902 memcpy(&sb, data, datalen); 1903 ktrstat(&sb); 1904 } else if (strcmp(name, "sockaddr") == 0) { 1905 if (datalen > sizeof(ss)) 1906 goto invalid; 1907 memcpy(&ss, data, datalen); 1908 if (datalen != ss.ss_len) 1909 goto invalid; 1910 ktrsockaddr((struct sockaddr *)&ss); 1911 } else { 1912 printf("unknown structure\n"); 1913 } 1914 return; 1915 invalid: 1916 printf("invalid record\n"); 1917 } 1918 1919 void 1920 ktrcapfail(struct ktr_cap_fail *ktr) 1921 { 1922 switch (ktr->cap_type) { 1923 case CAPFAIL_NOTCAPABLE: 1924 /* operation on fd with insufficient capabilities */ 1925 printf("operation requires "); 1926 capname(&ktr->cap_needed); 1927 printf(", descriptor holds "); 1928 capname(&ktr->cap_held); 1929 break; 1930 case CAPFAIL_INCREASE: 1931 /* requested more capabilities than fd already has */ 1932 printf("attempt to increase capabilities from "); 1933 capname(&ktr->cap_held); 1934 printf(" to "); 1935 capname(&ktr->cap_needed); 1936 break; 1937 case CAPFAIL_SYSCALL: 1938 /* called restricted syscall */ 1939 printf("disallowed system call"); 1940 break; 1941 case CAPFAIL_LOOKUP: 1942 /* used ".." in strict-relative mode */ 1943 printf("restricted VFS lookup"); 1944 break; 1945 default: 1946 printf("unknown capability failure: "); 1947 capname(&ktr->cap_needed); 1948 printf(" "); 1949 capname(&ktr->cap_held); 1950 break; 1951 } 1952 printf("\n"); 1953 } 1954 1955 void 1956 ktrfault(struct ktr_fault *ktr) 1957 { 1958 1959 printf("0x%jx ", (uintmax_t)ktr->vaddr); 1960 vmprotname(ktr->type); 1961 printf("\n"); 1962 } 1963 1964 void 1965 ktrfaultend(struct ktr_faultend *ktr) 1966 { 1967 1968 vmresultname(ktr->result); 1969 printf("\n"); 1970 } 1971 1972 #if defined(__amd64__) || defined(__i386__) 1973 void 1974 linux_ktrsyscall(struct ktr_syscall *ktr) 1975 { 1976 int narg = ktr->ktr_narg; 1977 register_t *ip; 1978 1979 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0) 1980 printf("[%d]", ktr->ktr_code); 1981 else { 1982 printf("%s", linux_syscallnames[ktr->ktr_code]); 1983 if (syscallno) 1984 printf("[%d]", ktr->ktr_code); 1985 } 1986 ip = &ktr->ktr_args[0]; 1987 if (narg) { 1988 char c = '('; 1989 while (narg > 0) 1990 print_number(ip, narg, c); 1991 putchar(')'); 1992 } 1993 putchar('\n'); 1994 } 1995 1996 void 1997 linux_ktrsysret(struct ktr_sysret *ktr) 1998 { 1999 register_t ret = ktr->ktr_retval; 2000 int error = ktr->ktr_error; 2001 int code = ktr->ktr_code; 2002 2003 if (code >= nlinux_syscalls || code < 0) 2004 printf("[%d] ", code); 2005 else { 2006 printf("%s", linux_syscallnames[code]); 2007 if (syscallno) 2008 printf("[%d]", code); 2009 printf(" "); 2010 } 2011 2012 if (error == 0) { 2013 if (fancy) { 2014 printf("%ld", (long)ret); 2015 if (ret < 0 || ret > 9) 2016 printf("/%#lx", (unsigned long)ret); 2017 } else { 2018 if (decimal) 2019 printf("%ld", (long)ret); 2020 else 2021 printf("%#lx", (unsigned long)ret); 2022 } 2023 } else if (error == ERESTART) 2024 printf("RESTART"); 2025 else if (error == EJUSTRETURN) 2026 printf("JUSTRETURN"); 2027 else { 2028 if (ktr->ktr_error <= ELAST + 1) 2029 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 2030 else 2031 error = 999; 2032 printf("-1 errno %d", error); 2033 if (fancy) 2034 printf(" %s", strerror(ktr->ktr_error)); 2035 } 2036 putchar('\n'); 2037 } 2038 #endif 2039 2040 void 2041 usage(void) 2042 { 2043 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] " 2044 "[-m maxdata] [-p pid] [-t trstr]\n"); 2045 exit(1); 2046 } 2047