1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/capsicum.h> 50 #include <sys/errno.h> 51 #define _KERNEL 52 #include <sys/time.h> 53 #undef _KERNEL 54 #include <sys/uio.h> 55 #include <sys/ktrace.h> 56 #include <sys/ioctl.h> 57 #include <sys/socket.h> 58 #include <sys/stat.h> 59 #include <sys/sysent.h> 60 #include <sys/umtx.h> 61 #include <sys/un.h> 62 #include <sys/queue.h> 63 #include <sys/wait.h> 64 #include <arpa/inet.h> 65 #include <netinet/in.h> 66 #include <ctype.h> 67 #include <dlfcn.h> 68 #include <err.h> 69 #include <grp.h> 70 #include <inttypes.h> 71 #ifdef HAVE_LIBCAPSICUM 72 #include <libcapsicum.h> 73 #include <libcapsicum_grp.h> 74 #include <libcapsicum_pwd.h> 75 #include <libcapsicum_service.h> 76 #endif 77 #include <locale.h> 78 #include <netdb.h> 79 #include <nl_types.h> 80 #ifdef HAVE_LIBCAPSICUM 81 #include <nv.h> 82 #endif 83 #include <pwd.h> 84 #include <stdio.h> 85 #include <stdlib.h> 86 #include <string.h> 87 #include <termios.h> 88 #include <time.h> 89 #include <unistd.h> 90 #include <vis.h> 91 #include "ktrace.h" 92 #include "kdump_subr.h" 93 94 u_int abidump(struct ktr_header *); 95 int fetchprocinfo(struct ktr_header *, u_int *); 96 int fread_tail(void *, int, int); 97 void dumpheader(struct ktr_header *); 98 void ktrsyscall(struct ktr_syscall *, u_int); 99 void ktrsysret(struct ktr_sysret *, u_int); 100 void ktrnamei(char *, int); 101 void hexdump(char *, int, int); 102 void visdump(char *, int, int); 103 void ktrgenio(struct ktr_genio *, int); 104 void ktrpsig(struct ktr_psig *); 105 void ktrcsw(struct ktr_csw *); 106 void ktrcsw_old(struct ktr_csw_old *); 107 void ktruser_malloc(void *); 108 void ktruser_rtld(int, void *); 109 void ktruser(int, void *); 110 void ktrcaprights(cap_rights_t *); 111 void ktrsockaddr(struct sockaddr *); 112 void ktrstat(struct stat *); 113 void ktrstruct(char *, size_t); 114 void ktrcapfail(struct ktr_cap_fail *); 115 void ktrfault(struct ktr_fault *); 116 void ktrfaultend(struct ktr_faultend *); 117 void limitfd(int fd); 118 void usage(void); 119 void ioctlname(unsigned long, int); 120 121 #define TIMESTAMP_NONE 0x0 122 #define TIMESTAMP_ABSOLUTE 0x1 123 #define TIMESTAMP_ELAPSED 0x2 124 #define TIMESTAMP_RELATIVE 0x4 125 126 extern const char *signames[], *syscallnames[]; 127 extern int nsyscalls; 128 129 static int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 130 resolv = 0, abiflag = 0, syscallno = 0; 131 static const char *tracefile = DEF_TRACEFILE; 132 static struct ktr_header ktr_header; 133 134 #define TIME_FORMAT "%b %e %T %Y" 135 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 136 137 #define print_number(i,n,c) do { \ 138 if (decimal) \ 139 printf("%c%jd", c, (intmax_t)*i); \ 140 else \ 141 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 142 i++; \ 143 n--; \ 144 c = ','; \ 145 } while (0) 146 147 #if defined(__amd64__) || defined(__i386__) 148 149 void linux_ktrsyscall(struct ktr_syscall *); 150 void linux_ktrsysret(struct ktr_sysret *); 151 extern const char *linux_syscallnames[]; 152 153 #include <linux_syscalls.c> 154 static int nlinux_syscalls = sizeof(linux_syscallnames) / \ 155 sizeof(linux_syscallnames[0]); 156 157 /* 158 * from linux.h 159 * Linux syscalls return negative errno's, we do positive and map them 160 */ 161 static int bsd_to_linux_errno[ELAST + 1] = { 162 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 163 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 164 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 165 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 166 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 167 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 168 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 169 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 170 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 171 -72, -67, -71 172 }; 173 #endif 174 175 struct proc_info 176 { 177 TAILQ_ENTRY(proc_info) info; 178 u_int sv_flags; 179 pid_t pid; 180 }; 181 182 static TAILQ_HEAD(trace_procs, proc_info) trace_procs; 183 184 #ifdef HAVE_LIBCAPSICUM 185 static cap_channel_t *cappwd, *capgrp; 186 #endif 187 188 static void 189 strerror_init(void) 190 { 191 192 /* 193 * Cache NLS data before entering capability mode. 194 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 195 */ 196 (void)catopen("libc", NL_CAT_LOCALE); 197 } 198 199 static void 200 localtime_init(void) 201 { 202 time_t ltime; 203 204 /* 205 * Allow localtime(3) to cache /etc/localtime content before entering 206 * capability mode. 207 * XXXPJD: There should be localtime_init() in libc. 208 */ 209 (void)time(<ime); 210 (void)localtime(<ime); 211 } 212 213 #ifdef HAVE_LIBCAPSICUM 214 static int 215 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp) 216 { 217 cap_channel_t *capcas, *cappwdloc, *capgrploc; 218 const char *cmds[1], *fields[1]; 219 220 capcas = cap_init(); 221 if (capcas == NULL) { 222 warn("unable to contact casperd"); 223 return (-1); 224 } 225 cappwdloc = cap_service_open(capcas, "system.pwd"); 226 capgrploc = cap_service_open(capcas, "system.grp"); 227 /* Casper capability no longer needed. */ 228 cap_close(capcas); 229 if (cappwdloc == NULL || capgrploc == NULL) { 230 if (cappwdloc == NULL) 231 warn("unable to open system.pwd service"); 232 if (capgrploc == NULL) 233 warn("unable to open system.grp service"); 234 exit(1); 235 } 236 /* Limit system.pwd to only getpwuid() function and pw_name field. */ 237 cmds[0] = "getpwuid"; 238 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0) 239 err(1, "unable to limit system.pwd service"); 240 fields[0] = "pw_name"; 241 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0) 242 err(1, "unable to limit system.pwd service"); 243 /* Limit system.grp to only getgrgid() function and gr_name field. */ 244 cmds[0] = "getgrgid"; 245 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0) 246 err(1, "unable to limit system.grp service"); 247 fields[0] = "gr_name"; 248 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0) 249 err(1, "unable to limit system.grp service"); 250 251 *cappwdp = cappwdloc; 252 *capgrpp = capgrploc; 253 return (0); 254 } 255 #endif /* HAVE_LIBCAPSICUM */ 256 257 int 258 main(int argc, char *argv[]) 259 { 260 int ch, ktrlen, size; 261 void *m; 262 int trpoints = ALL_POINTS; 263 int drop_logged; 264 pid_t pid = 0; 265 u_int sv_flags; 266 267 setlocale(LC_CTYPE, ""); 268 269 timestamp = TIMESTAMP_NONE; 270 271 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1) 272 switch (ch) { 273 case 'A': 274 abiflag = 1; 275 break; 276 case 'f': 277 tracefile = optarg; 278 break; 279 case 'd': 280 decimal = 1; 281 break; 282 case 'l': 283 tail = 1; 284 break; 285 case 'm': 286 maxdata = atoi(optarg); 287 break; 288 case 'n': 289 fancy = 0; 290 break; 291 case 'p': 292 pid = atoi(optarg); 293 break; 294 case 'r': 295 resolv = 1; 296 break; 297 case 'S': 298 syscallno = 1; 299 break; 300 case 's': 301 suppressdata = 1; 302 break; 303 case 'E': 304 timestamp |= TIMESTAMP_ELAPSED; 305 break; 306 case 'H': 307 threads = 1; 308 break; 309 case 'R': 310 timestamp |= TIMESTAMP_RELATIVE; 311 break; 312 case 'T': 313 timestamp |= TIMESTAMP_ABSOLUTE; 314 break; 315 case 't': 316 trpoints = getpoints(optarg); 317 if (trpoints < 0) 318 errx(1, "unknown trace point in %s", optarg); 319 break; 320 default: 321 usage(); 322 } 323 324 if (argc > optind) 325 usage(); 326 327 m = malloc(size = 1025); 328 if (m == NULL) 329 errx(1, "%s", strerror(ENOMEM)); 330 if (!freopen(tracefile, "r", stdin)) 331 err(1, "%s", tracefile); 332 333 strerror_init(); 334 localtime_init(); 335 #ifdef HAVE_LIBCAPSICUM 336 if (resolv != 0) { 337 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) { 338 cappwd = NULL; 339 capgrp = NULL; 340 } 341 } 342 if (resolv == 0 || (cappwd != NULL && capgrp != NULL)) { 343 if (cap_enter() < 0 && errno != ENOSYS) 344 err(1, "unable to enter capability mode"); 345 } 346 #else 347 if (resolv == 0) { 348 if (cap_enter() < 0 && errno != ENOSYS) 349 err(1, "unable to enter capability mode"); 350 } 351 #endif 352 limitfd(STDIN_FILENO); 353 limitfd(STDOUT_FILENO); 354 limitfd(STDERR_FILENO); 355 if (cap_sandboxed()) 356 fprintf(stderr, "capability mode sandbox enabled\n"); 357 358 TAILQ_INIT(&trace_procs); 359 drop_logged = 0; 360 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 361 if (ktr_header.ktr_type & KTR_DROP) { 362 ktr_header.ktr_type &= ~KTR_DROP; 363 if (!drop_logged && threads) { 364 printf( 365 "%6jd %6jd %-8.*s Events dropped.\n", 366 (intmax_t)ktr_header.ktr_pid, 367 ktr_header.ktr_tid > 0 ? 368 (intmax_t)ktr_header.ktr_tid : 0, 369 MAXCOMLEN, ktr_header.ktr_comm); 370 drop_logged = 1; 371 } else if (!drop_logged) { 372 printf("%6jd %-8.*s Events dropped.\n", 373 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 374 ktr_header.ktr_comm); 375 drop_logged = 1; 376 } 377 } 378 if (trpoints & (1<<ktr_header.ktr_type)) 379 if (pid == 0 || ktr_header.ktr_pid == pid || 380 ktr_header.ktr_tid == pid) 381 dumpheader(&ktr_header); 382 if ((ktrlen = ktr_header.ktr_len) < 0) 383 errx(1, "bogus length 0x%x", ktrlen); 384 if (ktrlen > size) { 385 m = realloc(m, ktrlen+1); 386 if (m == NULL) 387 errx(1, "%s", strerror(ENOMEM)); 388 size = ktrlen; 389 } 390 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 391 errx(1, "data too short"); 392 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 393 continue; 394 sv_flags = abidump(&ktr_header); 395 if (pid && ktr_header.ktr_pid != pid && 396 ktr_header.ktr_tid != pid) 397 continue; 398 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 399 continue; 400 drop_logged = 0; 401 switch (ktr_header.ktr_type) { 402 case KTR_SYSCALL: 403 #if defined(__amd64__) || defined(__i386__) 404 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 405 linux_ktrsyscall((struct ktr_syscall *)m); 406 else 407 #endif 408 ktrsyscall((struct ktr_syscall *)m, sv_flags); 409 break; 410 case KTR_SYSRET: 411 #if defined(__amd64__) || defined(__i386__) 412 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 413 linux_ktrsysret((struct ktr_sysret *)m); 414 else 415 #endif 416 ktrsysret((struct ktr_sysret *)m, sv_flags); 417 break; 418 case KTR_NAMEI: 419 case KTR_SYSCTL: 420 ktrnamei(m, ktrlen); 421 break; 422 case KTR_GENIO: 423 ktrgenio((struct ktr_genio *)m, ktrlen); 424 break; 425 case KTR_PSIG: 426 ktrpsig((struct ktr_psig *)m); 427 break; 428 case KTR_CSW: 429 if (ktrlen == sizeof(struct ktr_csw_old)) 430 ktrcsw_old((struct ktr_csw_old *)m); 431 else 432 ktrcsw((struct ktr_csw *)m); 433 break; 434 case KTR_USER: 435 ktruser(ktrlen, m); 436 break; 437 case KTR_STRUCT: 438 ktrstruct(m, ktrlen); 439 break; 440 case KTR_CAPFAIL: 441 ktrcapfail((struct ktr_cap_fail *)m); 442 break; 443 case KTR_FAULT: 444 ktrfault((struct ktr_fault *)m); 445 break; 446 case KTR_FAULTEND: 447 ktrfaultend((struct ktr_faultend *)m); 448 break; 449 default: 450 printf("\n"); 451 break; 452 } 453 if (tail) 454 fflush(stdout); 455 } 456 return 0; 457 } 458 459 void 460 limitfd(int fd) 461 { 462 cap_rights_t rights; 463 unsigned long cmd; 464 465 cap_rights_init(&rights, CAP_FSTAT); 466 cmd = 0; 467 468 switch (fd) { 469 case STDIN_FILENO: 470 cap_rights_set(&rights, CAP_READ); 471 break; 472 case STDOUT_FILENO: 473 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE); 474 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 475 break; 476 case STDERR_FILENO: 477 cap_rights_set(&rights, CAP_WRITE); 478 if (!suppressdata) { 479 cap_rights_set(&rights, CAP_IOCTL); 480 cmd = TIOCGWINSZ; 481 } 482 break; 483 default: 484 abort(); 485 } 486 487 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) 488 err(1, "unable to limit rights for descriptor %d", fd); 489 if (cmd != 0 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 490 err(1, "unable to limit ioctls for descriptor %d", fd); 491 } 492 493 int 494 fread_tail(void *buf, int size, int num) 495 { 496 int i; 497 498 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 499 sleep(1); 500 clearerr(stdin); 501 } 502 return (i); 503 } 504 505 int 506 fetchprocinfo(struct ktr_header *kth, u_int *flags) 507 { 508 struct proc_info *pi; 509 510 switch (kth->ktr_type) { 511 case KTR_PROCCTOR: 512 TAILQ_FOREACH(pi, &trace_procs, info) { 513 if (pi->pid == kth->ktr_pid) { 514 TAILQ_REMOVE(&trace_procs, pi, info); 515 break; 516 } 517 } 518 pi = malloc(sizeof(struct proc_info)); 519 if (pi == NULL) 520 errx(1, "%s", strerror(ENOMEM)); 521 pi->sv_flags = *flags; 522 pi->pid = kth->ktr_pid; 523 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 524 return (1); 525 526 case KTR_PROCDTOR: 527 TAILQ_FOREACH(pi, &trace_procs, info) { 528 if (pi->pid == kth->ktr_pid) { 529 TAILQ_REMOVE(&trace_procs, pi, info); 530 free(pi); 531 break; 532 } 533 } 534 return (1); 535 } 536 537 return (0); 538 } 539 540 u_int 541 abidump(struct ktr_header *kth) 542 { 543 struct proc_info *pi; 544 const char *abi; 545 const char *arch; 546 u_int flags = 0; 547 548 TAILQ_FOREACH(pi, &trace_procs, info) { 549 if (pi->pid == kth->ktr_pid) { 550 flags = pi->sv_flags; 551 break; 552 } 553 } 554 555 if (abiflag == 0) 556 return (flags); 557 558 switch (flags & SV_ABI_MASK) { 559 case SV_ABI_LINUX: 560 abi = "L"; 561 break; 562 case SV_ABI_FREEBSD: 563 abi = "F"; 564 break; 565 default: 566 abi = "U"; 567 break; 568 } 569 570 if (flags != 0) { 571 if (flags & SV_LP64) 572 arch = "64"; 573 else 574 arch = "32"; 575 } else 576 arch = "00"; 577 578 printf("%s%s ", abi, arch); 579 580 return (flags); 581 } 582 583 void 584 dumpheader(struct ktr_header *kth) 585 { 586 static char unknown[64]; 587 static struct timeval prevtime, prevtime_e, temp; 588 const char *type; 589 590 switch (kth->ktr_type) { 591 case KTR_SYSCALL: 592 type = "CALL"; 593 break; 594 case KTR_SYSRET: 595 type = "RET "; 596 break; 597 case KTR_NAMEI: 598 type = "NAMI"; 599 break; 600 case KTR_GENIO: 601 type = "GIO "; 602 break; 603 case KTR_PSIG: 604 type = "PSIG"; 605 break; 606 case KTR_CSW: 607 type = "CSW "; 608 break; 609 case KTR_USER: 610 type = "USER"; 611 break; 612 case KTR_STRUCT: 613 type = "STRU"; 614 break; 615 case KTR_SYSCTL: 616 type = "SCTL"; 617 break; 618 case KTR_PROCCTOR: 619 /* FALLTHROUGH */ 620 case KTR_PROCDTOR: 621 return; 622 case KTR_CAPFAIL: 623 type = "CAP "; 624 break; 625 case KTR_FAULT: 626 type = "PFLT"; 627 break; 628 case KTR_FAULTEND: 629 type = "PRET"; 630 break; 631 default: 632 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 633 type = unknown; 634 } 635 636 /* 637 * The ktr_tid field was previously the ktr_buffer field, which held 638 * the kernel pointer value for the buffer associated with data 639 * following the record header. It now holds a threadid, but only 640 * for trace files after the change. Older trace files still contain 641 * kernel pointers. Detect this and suppress the results by printing 642 * negative tid's as 0. 643 */ 644 if (threads) 645 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 646 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 647 MAXCOMLEN, kth->ktr_comm); 648 else 649 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 650 kth->ktr_comm); 651 if (timestamp) { 652 if (timestamp & TIMESTAMP_ABSOLUTE) { 653 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 654 kth->ktr_time.tv_usec); 655 } 656 if (timestamp & TIMESTAMP_ELAPSED) { 657 if (prevtime_e.tv_sec == 0) 658 prevtime_e = kth->ktr_time; 659 timevalsub(&kth->ktr_time, &prevtime_e); 660 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 661 kth->ktr_time.tv_usec); 662 timevaladd(&kth->ktr_time, &prevtime_e); 663 } 664 if (timestamp & TIMESTAMP_RELATIVE) { 665 temp = kth->ktr_time; 666 timevalsub(&kth->ktr_time, &prevtime); 667 prevtime = temp; 668 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 669 kth->ktr_time.tv_usec); 670 } 671 } 672 printf("%s ", type); 673 } 674 675 #include <sys/syscall.h> 676 #define KTRACE 677 #include <sys/kern/syscalls.c> 678 #undef KTRACE 679 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 680 681 void 682 ktrsyscall(struct ktr_syscall *ktr, u_int flags) 683 { 684 int narg = ktr->ktr_narg; 685 register_t *ip; 686 intmax_t arg; 687 688 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 689 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 690 printf("[%d]", ktr->ktr_code); 691 else { 692 printf("%s", syscallnames[ktr->ktr_code]); 693 if (syscallno) 694 printf("[%d]", ktr->ktr_code); 695 } 696 ip = &ktr->ktr_args[0]; 697 if (narg) { 698 char c = '('; 699 if (fancy && 700 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 701 switch (ktr->ktr_code) { 702 case SYS_bindat: 703 case SYS_connectat: 704 case SYS_faccessat: 705 case SYS_fchmodat: 706 case SYS_fchownat: 707 case SYS_fstatat: 708 case SYS_futimesat: 709 case SYS_linkat: 710 case SYS_mkdirat: 711 case SYS_mkfifoat: 712 case SYS_mknodat: 713 case SYS_openat: 714 case SYS_readlinkat: 715 case SYS_renameat: 716 case SYS_unlinkat: 717 case SYS_utimensat: 718 putchar('('); 719 atfdname(*ip, decimal); 720 c = ','; 721 ip++; 722 narg--; 723 break; 724 } 725 switch (ktr->ktr_code) { 726 case SYS_ioctl: { 727 print_number(ip, narg, c); 728 putchar(c); 729 ioctlname(*ip, decimal); 730 c = ','; 731 ip++; 732 narg--; 733 break; 734 } 735 case SYS_ptrace: 736 putchar('('); 737 ptraceopname(*ip); 738 c = ','; 739 ip++; 740 narg--; 741 break; 742 case SYS_access: 743 case SYS_eaccess: 744 case SYS_faccessat: 745 print_number(ip, narg, c); 746 putchar(','); 747 accessmodename(*ip); 748 ip++; 749 narg--; 750 break; 751 case SYS_open: 752 case SYS_openat: 753 print_number(ip, narg, c); 754 putchar(','); 755 flagsandmodename(ip[0], ip[1], decimal); 756 ip += 2; 757 narg -= 2; 758 break; 759 case SYS_wait4: 760 print_number(ip, narg, c); 761 print_number(ip, narg, c); 762 /* 763 * A flags value of zero is valid for 764 * wait4() but not for wait6(), so 765 * handle zero special here. 766 */ 767 if (*ip == 0) { 768 print_number(ip, narg, c); 769 } else { 770 putchar(','); 771 wait6optname(*ip); 772 ip++; 773 narg--; 774 } 775 break; 776 case SYS_wait6: 777 putchar('('); 778 idtypename(*ip, decimal); 779 c = ','; 780 ip++; 781 narg--; 782 print_number(ip, narg, c); 783 print_number(ip, narg, c); 784 putchar(','); 785 wait6optname(*ip); 786 ip++; 787 narg--; 788 break; 789 case SYS_chmod: 790 case SYS_fchmod: 791 case SYS_lchmod: 792 print_number(ip, narg, c); 793 putchar(','); 794 modename(*ip); 795 ip++; 796 narg--; 797 break; 798 case SYS_mknod: 799 case SYS_mknodat: 800 print_number(ip, narg, c); 801 putchar(','); 802 modename(*ip); 803 ip++; 804 narg--; 805 break; 806 case SYS_getfsstat: 807 print_number(ip, narg, c); 808 print_number(ip, narg, c); 809 putchar(','); 810 getfsstatflagsname(*ip); 811 ip++; 812 narg--; 813 break; 814 case SYS_mount: 815 print_number(ip, narg, c); 816 print_number(ip, narg, c); 817 putchar(','); 818 mountflagsname(*ip); 819 ip++; 820 narg--; 821 break; 822 case SYS_unmount: 823 print_number(ip, narg, c); 824 putchar(','); 825 mountflagsname(*ip); 826 ip++; 827 narg--; 828 break; 829 case SYS_recvmsg: 830 case SYS_sendmsg: 831 print_number(ip, narg, c); 832 print_number(ip, narg, c); 833 putchar(','); 834 sendrecvflagsname(*ip); 835 ip++; 836 narg--; 837 break; 838 case SYS_recvfrom: 839 case SYS_sendto: 840 print_number(ip, narg, c); 841 print_number(ip, narg, c); 842 print_number(ip, narg, c); 843 putchar(','); 844 sendrecvflagsname(*ip); 845 ip++; 846 narg--; 847 break; 848 case SYS_chflags: 849 case SYS_fchflags: 850 case SYS_lchflags: 851 print_number(ip, narg, c); 852 putchar(','); 853 modename(*ip); 854 ip++; 855 narg--; 856 break; 857 case SYS_kill: 858 print_number(ip, narg, c); 859 putchar(','); 860 signame(*ip); 861 ip++; 862 narg--; 863 break; 864 case SYS_reboot: 865 putchar('('); 866 rebootoptname(*ip); 867 ip++; 868 narg--; 869 break; 870 case SYS_umask: 871 putchar('('); 872 modename(*ip); 873 ip++; 874 narg--; 875 break; 876 case SYS_msync: 877 print_number(ip, narg, c); 878 print_number(ip, narg, c); 879 putchar(','); 880 msyncflagsname(*ip); 881 ip++; 882 narg--; 883 break; 884 #ifdef SYS_freebsd6_mmap 885 case SYS_freebsd6_mmap: 886 print_number(ip, narg, c); 887 print_number(ip, narg, c); 888 putchar(','); 889 mmapprotname(*ip); 890 putchar(','); 891 ip++; 892 narg--; 893 mmapflagsname(*ip); 894 ip++; 895 narg--; 896 break; 897 #endif 898 case SYS_mmap: 899 print_number(ip, narg, c); 900 print_number(ip, narg, c); 901 putchar(','); 902 mmapprotname(*ip); 903 putchar(','); 904 ip++; 905 narg--; 906 mmapflagsname(*ip); 907 ip++; 908 narg--; 909 break; 910 case SYS_mprotect: 911 print_number(ip, narg, c); 912 print_number(ip, narg, c); 913 putchar(','); 914 mmapprotname(*ip); 915 ip++; 916 narg--; 917 break; 918 case SYS_madvise: 919 print_number(ip, narg, c); 920 print_number(ip, narg, c); 921 putchar(','); 922 madvisebehavname(*ip); 923 ip++; 924 narg--; 925 break; 926 case SYS_setpriority: 927 print_number(ip, narg, c); 928 print_number(ip, narg, c); 929 putchar(','); 930 prioname(*ip); 931 ip++; 932 narg--; 933 break; 934 case SYS_fcntl: 935 print_number(ip, narg, c); 936 putchar(','); 937 fcntlcmdname(ip[0], ip[1], decimal); 938 ip += 2; 939 narg -= 2; 940 break; 941 case SYS_socket: { 942 int sockdomain; 943 putchar('('); 944 sockdomain = *ip; 945 sockdomainname(sockdomain); 946 ip++; 947 narg--; 948 putchar(','); 949 socktypenamewithflags(*ip); 950 ip++; 951 narg--; 952 if (sockdomain == PF_INET || 953 sockdomain == PF_INET6) { 954 putchar(','); 955 sockipprotoname(*ip); 956 ip++; 957 narg--; 958 } 959 c = ','; 960 break; 961 } 962 case SYS_setsockopt: 963 case SYS_getsockopt: 964 print_number(ip, narg, c); 965 putchar(','); 966 sockoptlevelname(*ip, decimal); 967 if (*ip == SOL_SOCKET) { 968 ip++; 969 narg--; 970 putchar(','); 971 sockoptname(*ip); 972 } 973 ip++; 974 narg--; 975 break; 976 #ifdef SYS_freebsd6_lseek 977 case SYS_freebsd6_lseek: 978 print_number(ip, narg, c); 979 /* Hidden 'pad' argument, not in lseek(2) */ 980 print_number(ip, narg, c); 981 print_number(ip, narg, c); 982 putchar(','); 983 whencename(*ip); 984 ip++; 985 narg--; 986 break; 987 #endif 988 case SYS_lseek: 989 print_number(ip, narg, c); 990 /* Hidden 'pad' argument, not in lseek(2) */ 991 print_number(ip, narg, c); 992 putchar(','); 993 whencename(*ip); 994 ip++; 995 narg--; 996 break; 997 case SYS_flock: 998 print_number(ip, narg, c); 999 putchar(','); 1000 flockname(*ip); 1001 ip++; 1002 narg--; 1003 break; 1004 case SYS_mkfifo: 1005 case SYS_mkfifoat: 1006 case SYS_mkdir: 1007 case SYS_mkdirat: 1008 print_number(ip, narg, c); 1009 putchar(','); 1010 modename(*ip); 1011 ip++; 1012 narg--; 1013 break; 1014 case SYS_shutdown: 1015 print_number(ip, narg, c); 1016 putchar(','); 1017 shutdownhowname(*ip); 1018 ip++; 1019 narg--; 1020 break; 1021 case SYS_socketpair: 1022 putchar('('); 1023 sockdomainname(*ip); 1024 ip++; 1025 narg--; 1026 putchar(','); 1027 socktypenamewithflags(*ip); 1028 ip++; 1029 narg--; 1030 c = ','; 1031 break; 1032 case SYS_getrlimit: 1033 case SYS_setrlimit: 1034 putchar('('); 1035 rlimitname(*ip); 1036 ip++; 1037 narg--; 1038 c = ','; 1039 break; 1040 case SYS_quotactl: 1041 print_number(ip, narg, c); 1042 putchar(','); 1043 quotactlname(*ip); 1044 ip++; 1045 narg--; 1046 c = ','; 1047 break; 1048 case SYS_nfssvc: 1049 putchar('('); 1050 nfssvcname(*ip); 1051 ip++; 1052 narg--; 1053 c = ','; 1054 break; 1055 case SYS_rtprio: 1056 putchar('('); 1057 rtprioname(*ip); 1058 ip++; 1059 narg--; 1060 c = ','; 1061 break; 1062 case SYS___semctl: 1063 print_number(ip, narg, c); 1064 print_number(ip, narg, c); 1065 putchar(','); 1066 semctlname(*ip); 1067 ip++; 1068 narg--; 1069 break; 1070 case SYS_semget: 1071 print_number(ip, narg, c); 1072 print_number(ip, narg, c); 1073 putchar(','); 1074 semgetname(*ip); 1075 ip++; 1076 narg--; 1077 break; 1078 case SYS_msgctl: 1079 print_number(ip, narg, c); 1080 putchar(','); 1081 shmctlname(*ip); 1082 ip++; 1083 narg--; 1084 break; 1085 case SYS_shmat: 1086 print_number(ip, narg, c); 1087 print_number(ip, narg, c); 1088 putchar(','); 1089 shmatname(*ip); 1090 ip++; 1091 narg--; 1092 break; 1093 case SYS_shmctl: 1094 print_number(ip, narg, c); 1095 putchar(','); 1096 shmctlname(*ip); 1097 ip++; 1098 narg--; 1099 break; 1100 case SYS_shm_open: 1101 print_number(ip, narg, c); 1102 putchar(','); 1103 flagsname(ip[0]); 1104 printf(",0%o", (unsigned int)ip[1]); 1105 ip += 3; 1106 narg -= 3; 1107 break; 1108 case SYS_minherit: 1109 print_number(ip, narg, c); 1110 print_number(ip, narg, c); 1111 putchar(','); 1112 minheritname(*ip); 1113 ip++; 1114 narg--; 1115 break; 1116 case SYS_rfork: 1117 putchar('('); 1118 rforkname(*ip); 1119 ip++; 1120 narg--; 1121 c = ','; 1122 break; 1123 case SYS_lio_listio: 1124 putchar('('); 1125 lio_listioname(*ip); 1126 ip++; 1127 narg--; 1128 c = ','; 1129 break; 1130 case SYS_mlockall: 1131 putchar('('); 1132 mlockallname(*ip); 1133 ip++; 1134 narg--; 1135 break; 1136 case SYS_sched_setscheduler: 1137 print_number(ip, narg, c); 1138 putchar(','); 1139 schedpolicyname(*ip); 1140 ip++; 1141 narg--; 1142 break; 1143 case SYS_sched_get_priority_max: 1144 case SYS_sched_get_priority_min: 1145 putchar('('); 1146 schedpolicyname(*ip); 1147 ip++; 1148 narg--; 1149 break; 1150 case SYS_sendfile: 1151 print_number(ip, narg, c); 1152 print_number(ip, narg, c); 1153 print_number(ip, narg, c); 1154 print_number(ip, narg, c); 1155 print_number(ip, narg, c); 1156 print_number(ip, narg, c); 1157 putchar(','); 1158 sendfileflagsname(*(int *)ip); 1159 ip++; 1160 narg--; 1161 break; 1162 case SYS_kldsym: 1163 print_number(ip, narg, c); 1164 putchar(','); 1165 kldsymcmdname(*ip); 1166 ip++; 1167 narg--; 1168 break; 1169 case SYS_sigprocmask: 1170 putchar('('); 1171 sigprocmaskhowname(*ip); 1172 ip++; 1173 narg--; 1174 c = ','; 1175 break; 1176 case SYS___acl_get_file: 1177 case SYS___acl_set_file: 1178 case SYS___acl_get_fd: 1179 case SYS___acl_set_fd: 1180 case SYS___acl_delete_file: 1181 case SYS___acl_delete_fd: 1182 case SYS___acl_aclcheck_file: 1183 case SYS___acl_aclcheck_fd: 1184 case SYS___acl_get_link: 1185 case SYS___acl_set_link: 1186 case SYS___acl_delete_link: 1187 case SYS___acl_aclcheck_link: 1188 print_number(ip, narg, c); 1189 putchar(','); 1190 acltypename(*ip); 1191 ip++; 1192 narg--; 1193 break; 1194 case SYS_sigaction: 1195 putchar('('); 1196 signame(*ip); 1197 ip++; 1198 narg--; 1199 c = ','; 1200 break; 1201 case SYS_extattrctl: 1202 print_number(ip, narg, c); 1203 putchar(','); 1204 extattrctlname(*ip); 1205 ip++; 1206 narg--; 1207 break; 1208 case SYS_nmount: 1209 print_number(ip, narg, c); 1210 print_number(ip, narg, c); 1211 putchar(','); 1212 mountflagsname(*ip); 1213 ip++; 1214 narg--; 1215 break; 1216 case SYS_thr_create: 1217 print_number(ip, narg, c); 1218 print_number(ip, narg, c); 1219 putchar(','); 1220 thrcreateflagsname(*ip); 1221 ip++; 1222 narg--; 1223 break; 1224 case SYS_thr_kill: 1225 print_number(ip, narg, c); 1226 putchar(','); 1227 signame(*ip); 1228 ip++; 1229 narg--; 1230 break; 1231 case SYS_kldunloadf: 1232 print_number(ip, narg, c); 1233 putchar(','); 1234 kldunloadfflagsname(*ip); 1235 ip++; 1236 narg--; 1237 break; 1238 case SYS_linkat: 1239 case SYS_renameat: 1240 case SYS_symlinkat: 1241 print_number(ip, narg, c); 1242 putchar(','); 1243 atfdname(*ip, decimal); 1244 ip++; 1245 narg--; 1246 break; 1247 case SYS_cap_fcntls_limit: 1248 print_number(ip, narg, c); 1249 putchar(','); 1250 arg = *ip; 1251 ip++; 1252 narg--; 1253 capfcntlname(arg); 1254 break; 1255 case SYS_posix_fadvise: 1256 print_number(ip, narg, c); 1257 print_number(ip, narg, c); 1258 print_number(ip, narg, c); 1259 (void)putchar(','); 1260 fadvisebehavname((int)*ip); 1261 ip++; 1262 narg--; 1263 break; 1264 case SYS_procctl: 1265 putchar('('); 1266 idtypename(*ip, decimal); 1267 c = ','; 1268 ip++; 1269 narg--; 1270 print_number(ip, narg, c); 1271 putchar(','); 1272 procctlcmdname(*ip); 1273 ip++; 1274 narg--; 1275 break; 1276 case SYS__umtx_op: 1277 print_number(ip, narg, c); 1278 putchar(','); 1279 umtxopname(*ip); 1280 switch (*ip) { 1281 case UMTX_OP_CV_WAIT: 1282 ip++; 1283 narg--; 1284 putchar(','); 1285 umtxcvwaitflags(*ip); 1286 break; 1287 case UMTX_OP_RW_RDLOCK: 1288 ip++; 1289 narg--; 1290 putchar(','); 1291 umtxrwlockflags(*ip); 1292 break; 1293 } 1294 ip++; 1295 narg--; 1296 } 1297 } 1298 while (narg > 0) { 1299 print_number(ip, narg, c); 1300 } 1301 putchar(')'); 1302 } 1303 putchar('\n'); 1304 } 1305 1306 void 1307 ktrsysret(struct ktr_sysret *ktr, u_int flags) 1308 { 1309 register_t ret = ktr->ktr_retval; 1310 int error = ktr->ktr_error; 1311 int code = ktr->ktr_code; 1312 1313 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1314 (code >= nsyscalls || code < 0)) 1315 printf("[%d] ", code); 1316 else { 1317 printf("%s", syscallnames[code]); 1318 if (syscallno) 1319 printf("[%d]", code); 1320 printf(" "); 1321 } 1322 1323 if (error == 0) { 1324 if (fancy) { 1325 printf("%ld", (long)ret); 1326 if (ret < 0 || ret > 9) 1327 printf("/%#lx", (unsigned long)ret); 1328 } else { 1329 if (decimal) 1330 printf("%ld", (long)ret); 1331 else 1332 printf("%#lx", (unsigned long)ret); 1333 } 1334 } else if (error == ERESTART) 1335 printf("RESTART"); 1336 else if (error == EJUSTRETURN) 1337 printf("JUSTRETURN"); 1338 else { 1339 printf("-1 errno %d", ktr->ktr_error); 1340 if (fancy) 1341 printf(" %s", strerror(ktr->ktr_error)); 1342 } 1343 putchar('\n'); 1344 } 1345 1346 void 1347 ktrnamei(char *cp, int len) 1348 { 1349 printf("\"%.*s\"\n", len, cp); 1350 } 1351 1352 void 1353 hexdump(char *p, int len, int screenwidth) 1354 { 1355 int n, i; 1356 int width; 1357 1358 width = 0; 1359 do { 1360 width += 2; 1361 i = 13; /* base offset */ 1362 i += (width / 2) + 1; /* spaces every second byte */ 1363 i += (width * 2); /* width of bytes */ 1364 i += 3; /* " |" */ 1365 i += width; /* each byte */ 1366 i += 1; /* "|" */ 1367 } while (i < screenwidth); 1368 width -= 2; 1369 1370 for (n = 0; n < len; n += width) { 1371 for (i = n; i < n + width; i++) { 1372 if ((i % width) == 0) { /* beginning of line */ 1373 printf(" 0x%04x", i); 1374 } 1375 if ((i % 2) == 0) { 1376 printf(" "); 1377 } 1378 if (i < len) 1379 printf("%02x", p[i] & 0xff); 1380 else 1381 printf(" "); 1382 } 1383 printf(" |"); 1384 for (i = n; i < n + width; i++) { 1385 if (i >= len) 1386 break; 1387 if (p[i] >= ' ' && p[i] <= '~') 1388 printf("%c", p[i]); 1389 else 1390 printf("."); 1391 } 1392 printf("|\n"); 1393 } 1394 if ((i % width) != 0) 1395 printf("\n"); 1396 } 1397 1398 void 1399 visdump(char *dp, int datalen, int screenwidth) 1400 { 1401 int col = 0; 1402 char *cp; 1403 int width; 1404 char visbuf[5]; 1405 1406 printf(" \""); 1407 col = 8; 1408 for (;datalen > 0; datalen--, dp++) { 1409 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1410 cp = visbuf; 1411 /* 1412 * Keep track of printables and 1413 * space chars (like fold(1)). 1414 */ 1415 if (col == 0) { 1416 putchar('\t'); 1417 col = 8; 1418 } 1419 switch(*cp) { 1420 case '\n': 1421 col = 0; 1422 putchar('\n'); 1423 continue; 1424 case '\t': 1425 width = 8 - (col&07); 1426 break; 1427 default: 1428 width = strlen(cp); 1429 } 1430 if (col + width > (screenwidth-2)) { 1431 printf("\\\n\t"); 1432 col = 8; 1433 } 1434 col += width; 1435 do { 1436 putchar(*cp++); 1437 } while (*cp); 1438 } 1439 if (col == 0) 1440 printf(" "); 1441 printf("\"\n"); 1442 } 1443 1444 void 1445 ktrgenio(struct ktr_genio *ktr, int len) 1446 { 1447 int datalen = len - sizeof (struct ktr_genio); 1448 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1449 static int screenwidth = 0; 1450 int i, binary; 1451 1452 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1453 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1454 datalen == 1 ? "" : "s"); 1455 if (suppressdata) 1456 return; 1457 if (screenwidth == 0) { 1458 struct winsize ws; 1459 1460 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1461 ws.ws_col > 8) 1462 screenwidth = ws.ws_col; 1463 else 1464 screenwidth = 80; 1465 } 1466 if (maxdata && datalen > maxdata) 1467 datalen = maxdata; 1468 1469 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1470 if (dp[i] >= 32 && dp[i] < 127) 1471 continue; 1472 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1473 continue; 1474 binary = 1; 1475 } 1476 if (binary) 1477 hexdump(dp, datalen, screenwidth); 1478 else 1479 visdump(dp, datalen, screenwidth); 1480 } 1481 1482 const char *signames[] = { 1483 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1484 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1485 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1486 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1487 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1488 "USR2", NULL, /* 31 - 32 */ 1489 }; 1490 1491 void 1492 ktrpsig(struct ktr_psig *psig) 1493 { 1494 if (psig->signo > 0 && psig->signo < NSIG) 1495 printf("SIG%s ", signames[psig->signo]); 1496 else 1497 printf("SIG %d ", psig->signo); 1498 if (psig->action == SIG_DFL) { 1499 printf("SIG_DFL code="); 1500 sigcodename(psig->signo, psig->code); 1501 putchar('\n'); 1502 } else { 1503 printf("caught handler=0x%lx mask=0x%x code=", 1504 (u_long)psig->action, psig->mask.__bits[0]); 1505 sigcodename(psig->signo, psig->code); 1506 putchar('\n'); 1507 } 1508 } 1509 1510 void 1511 ktrcsw_old(struct ktr_csw_old *cs) 1512 { 1513 printf("%s %s\n", cs->out ? "stop" : "resume", 1514 cs->user ? "user" : "kernel"); 1515 } 1516 1517 void 1518 ktrcsw(struct ktr_csw *cs) 1519 { 1520 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1521 cs->user ? "user" : "kernel", cs->wmesg); 1522 } 1523 1524 #define UTRACE_DLOPEN_START 1 1525 #define UTRACE_DLOPEN_STOP 2 1526 #define UTRACE_DLCLOSE_START 3 1527 #define UTRACE_DLCLOSE_STOP 4 1528 #define UTRACE_LOAD_OBJECT 5 1529 #define UTRACE_UNLOAD_OBJECT 6 1530 #define UTRACE_ADD_RUNDEP 7 1531 #define UTRACE_PRELOAD_FINISHED 8 1532 #define UTRACE_INIT_CALL 9 1533 #define UTRACE_FINI_CALL 10 1534 #define UTRACE_DLSYM_START 11 1535 #define UTRACE_DLSYM_STOP 12 1536 1537 struct utrace_rtld { 1538 char sig[4]; /* 'RTLD' */ 1539 int event; 1540 void *handle; 1541 void *mapbase; 1542 size_t mapsize; 1543 int refcnt; 1544 char name[MAXPATHLEN]; 1545 }; 1546 1547 void 1548 ktruser_rtld(int len, void *p) 1549 { 1550 struct utrace_rtld *ut = p; 1551 unsigned char *cp; 1552 void *parent; 1553 int mode; 1554 1555 switch (ut->event) { 1556 case UTRACE_DLOPEN_START: 1557 mode = ut->refcnt; 1558 printf("dlopen(%s, ", ut->name); 1559 switch (mode & RTLD_MODEMASK) { 1560 case RTLD_NOW: 1561 printf("RTLD_NOW"); 1562 break; 1563 case RTLD_LAZY: 1564 printf("RTLD_LAZY"); 1565 break; 1566 default: 1567 printf("%#x", mode & RTLD_MODEMASK); 1568 } 1569 if (mode & RTLD_GLOBAL) 1570 printf(" | RTLD_GLOBAL"); 1571 if (mode & RTLD_TRACE) 1572 printf(" | RTLD_TRACE"); 1573 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1574 printf(" | %#x", mode & 1575 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1576 printf(")\n"); 1577 break; 1578 case UTRACE_DLOPEN_STOP: 1579 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1580 ut->refcnt); 1581 break; 1582 case UTRACE_DLCLOSE_START: 1583 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1584 ut->refcnt); 1585 break; 1586 case UTRACE_DLCLOSE_STOP: 1587 printf("dlclose(%p) finished\n", ut->handle); 1588 break; 1589 case UTRACE_LOAD_OBJECT: 1590 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1591 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1592 ut->name); 1593 break; 1594 case UTRACE_UNLOAD_OBJECT: 1595 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1596 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1597 ut->name); 1598 break; 1599 case UTRACE_ADD_RUNDEP: 1600 parent = ut->mapbase; 1601 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1602 ut->handle, ut->name, ut->refcnt); 1603 break; 1604 case UTRACE_PRELOAD_FINISHED: 1605 printf("RTLD: LD_PRELOAD finished\n"); 1606 break; 1607 case UTRACE_INIT_CALL: 1608 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1609 ut->name); 1610 break; 1611 case UTRACE_FINI_CALL: 1612 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1613 ut->name); 1614 break; 1615 case UTRACE_DLSYM_START: 1616 printf("RTLD: dlsym(%p, %s)\n", ut->handle, ut->name); 1617 break; 1618 case UTRACE_DLSYM_STOP: 1619 printf("RTLD: %p = dlsym(%p, %s)\n", ut->mapbase, ut->handle, 1620 ut->name); 1621 break; 1622 default: 1623 cp = p; 1624 cp += 4; 1625 len -= 4; 1626 printf("RTLD: %d ", len); 1627 while (len--) 1628 if (decimal) 1629 printf(" %d", *cp++); 1630 else 1631 printf(" %02x", *cp++); 1632 printf("\n"); 1633 } 1634 } 1635 1636 struct utrace_malloc { 1637 void *p; 1638 size_t s; 1639 void *r; 1640 }; 1641 1642 void 1643 ktruser_malloc(void *p) 1644 { 1645 struct utrace_malloc *ut = p; 1646 1647 if (ut->p == (void *)(intptr_t)(-1)) 1648 printf("malloc_init()\n"); 1649 else if (ut->s == 0) 1650 printf("free(%p)\n", ut->p); 1651 else if (ut->p == NULL) 1652 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1653 else 1654 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1655 } 1656 1657 void 1658 ktruser(int len, void *p) 1659 { 1660 unsigned char *cp; 1661 1662 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1663 ktruser_rtld(len, p); 1664 return; 1665 } 1666 1667 if (len == sizeof(struct utrace_malloc)) { 1668 ktruser_malloc(p); 1669 return; 1670 } 1671 1672 printf("%d ", len); 1673 cp = p; 1674 while (len--) 1675 if (decimal) 1676 printf(" %d", *cp++); 1677 else 1678 printf(" %02x", *cp++); 1679 printf("\n"); 1680 } 1681 1682 void 1683 ktrcaprights(cap_rights_t *rightsp) 1684 { 1685 1686 printf("cap_rights_t "); 1687 capname(rightsp); 1688 printf("\n"); 1689 } 1690 1691 void 1692 ktrsockaddr(struct sockaddr *sa) 1693 { 1694 /* 1695 TODO: Support additional address families 1696 #include <netnatm/natm.h> 1697 struct sockaddr_natm *natm; 1698 #include <netsmb/netbios.h> 1699 struct sockaddr_nb *nb; 1700 */ 1701 char addr[64]; 1702 1703 /* 1704 * note: ktrstruct() has already verified that sa points to a 1705 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1706 * sa->sa_len bytes long. 1707 */ 1708 printf("struct sockaddr { "); 1709 sockfamilyname(sa->sa_family); 1710 printf(", "); 1711 1712 #define check_sockaddr_len(n) \ 1713 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1714 printf("invalid"); \ 1715 break; \ 1716 } 1717 1718 switch(sa->sa_family) { 1719 case AF_INET: { 1720 struct sockaddr_in sa_in; 1721 1722 memset(&sa_in, 0, sizeof(sa_in)); 1723 memcpy(&sa_in, sa, sa->sa_len); 1724 check_sockaddr_len(in); 1725 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1726 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1727 break; 1728 } 1729 case AF_INET6: { 1730 struct sockaddr_in6 sa_in6; 1731 1732 memset(&sa_in6, 0, sizeof(sa_in6)); 1733 memcpy(&sa_in6, sa, sa->sa_len); 1734 check_sockaddr_len(in6); 1735 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1736 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1737 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1738 break; 1739 } 1740 case AF_UNIX: { 1741 struct sockaddr_un sa_un; 1742 1743 memset(&sa_un, 0, sizeof(sa_un)); 1744 memcpy(&sa_un, sa, sa->sa_len); 1745 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1746 break; 1747 } 1748 default: 1749 printf("unknown address family"); 1750 } 1751 printf(" }\n"); 1752 } 1753 1754 void 1755 ktrstat(struct stat *statp) 1756 { 1757 char mode[12], timestr[PATH_MAX + 4]; 1758 struct passwd *pwd; 1759 struct group *grp; 1760 struct tm *tm; 1761 1762 /* 1763 * note: ktrstruct() has already verified that statp points to a 1764 * buffer exactly sizeof(struct stat) bytes long. 1765 */ 1766 printf("struct stat {"); 1767 printf("dev=%ju, ino=%ju, ", 1768 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); 1769 if (resolv == 0) 1770 printf("mode=0%jo, ", (uintmax_t)statp->st_mode); 1771 else { 1772 strmode(statp->st_mode, mode); 1773 printf("mode=%s, ", mode); 1774 } 1775 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); 1776 if (resolv == 0) { 1777 pwd = NULL; 1778 } else { 1779 #ifdef HAVE_LIBCAPSICUM 1780 if (cappwd != NULL) 1781 pwd = cap_getpwuid(cappwd, statp->st_uid); 1782 else 1783 #endif 1784 pwd = getpwuid(statp->st_uid); 1785 } 1786 if (pwd == NULL) 1787 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1788 else 1789 printf("uid=\"%s\", ", pwd->pw_name); 1790 if (resolv == 0) { 1791 grp = NULL; 1792 } else { 1793 #ifdef HAVE_LIBCAPSICUM 1794 if (capgrp != NULL) 1795 grp = cap_getgrgid(capgrp, statp->st_gid); 1796 else 1797 #endif 1798 grp = getgrgid(statp->st_gid); 1799 } 1800 if (grp == NULL) 1801 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1802 else 1803 printf("gid=\"%s\", ", grp->gr_name); 1804 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1805 printf("atime="); 1806 if (resolv == 0) 1807 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1808 else { 1809 tm = localtime(&statp->st_atim.tv_sec); 1810 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1811 printf("\"%s\"", timestr); 1812 } 1813 if (statp->st_atim.tv_nsec != 0) 1814 printf(".%09ld, ", statp->st_atim.tv_nsec); 1815 else 1816 printf(", "); 1817 printf("stime="); 1818 if (resolv == 0) 1819 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1820 else { 1821 tm = localtime(&statp->st_mtim.tv_sec); 1822 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1823 printf("\"%s\"", timestr); 1824 } 1825 if (statp->st_mtim.tv_nsec != 0) 1826 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1827 else 1828 printf(", "); 1829 printf("ctime="); 1830 if (resolv == 0) 1831 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1832 else { 1833 tm = localtime(&statp->st_ctim.tv_sec); 1834 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1835 printf("\"%s\"", timestr); 1836 } 1837 if (statp->st_ctim.tv_nsec != 0) 1838 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1839 else 1840 printf(", "); 1841 printf("birthtime="); 1842 if (resolv == 0) 1843 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1844 else { 1845 tm = localtime(&statp->st_birthtim.tv_sec); 1846 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1847 printf("\"%s\"", timestr); 1848 } 1849 if (statp->st_birthtim.tv_nsec != 0) 1850 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1851 else 1852 printf(", "); 1853 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1854 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1855 (intmax_t)statp->st_blocks, statp->st_flags); 1856 printf(" }\n"); 1857 } 1858 1859 void 1860 ktrstruct(char *buf, size_t buflen) 1861 { 1862 char *name, *data; 1863 size_t namelen, datalen; 1864 int i; 1865 cap_rights_t rights; 1866 struct stat sb; 1867 struct sockaddr_storage ss; 1868 1869 for (name = buf, namelen = 0; 1870 namelen < buflen && name[namelen] != '\0'; 1871 ++namelen) 1872 /* nothing */; 1873 if (namelen == buflen) 1874 goto invalid; 1875 if (name[namelen] != '\0') 1876 goto invalid; 1877 data = buf + namelen + 1; 1878 datalen = buflen - namelen - 1; 1879 if (datalen == 0) 1880 goto invalid; 1881 /* sanity check */ 1882 for (i = 0; i < (int)namelen; ++i) 1883 if (!isalpha(name[i])) 1884 goto invalid; 1885 if (strcmp(name, "caprights") == 0) { 1886 if (datalen != sizeof(cap_rights_t)) 1887 goto invalid; 1888 memcpy(&rights, data, datalen); 1889 ktrcaprights(&rights); 1890 } else if (strcmp(name, "stat") == 0) { 1891 if (datalen != sizeof(struct stat)) 1892 goto invalid; 1893 memcpy(&sb, data, datalen); 1894 ktrstat(&sb); 1895 } else if (strcmp(name, "sockaddr") == 0) { 1896 if (datalen > sizeof(ss)) 1897 goto invalid; 1898 memcpy(&ss, data, datalen); 1899 if (datalen != ss.ss_len) 1900 goto invalid; 1901 ktrsockaddr((struct sockaddr *)&ss); 1902 } else { 1903 printf("unknown structure\n"); 1904 } 1905 return; 1906 invalid: 1907 printf("invalid record\n"); 1908 } 1909 1910 void 1911 ktrcapfail(struct ktr_cap_fail *ktr) 1912 { 1913 switch (ktr->cap_type) { 1914 case CAPFAIL_NOTCAPABLE: 1915 /* operation on fd with insufficient capabilities */ 1916 printf("operation requires "); 1917 capname(&ktr->cap_needed); 1918 printf(", descriptor holds "); 1919 capname(&ktr->cap_held); 1920 break; 1921 case CAPFAIL_INCREASE: 1922 /* requested more capabilities than fd already has */ 1923 printf("attempt to increase capabilities from "); 1924 capname(&ktr->cap_held); 1925 printf(" to "); 1926 capname(&ktr->cap_needed); 1927 break; 1928 case CAPFAIL_SYSCALL: 1929 /* called restricted syscall */ 1930 printf("disallowed system call"); 1931 break; 1932 case CAPFAIL_LOOKUP: 1933 /* used ".." in strict-relative mode */ 1934 printf("restricted VFS lookup"); 1935 break; 1936 default: 1937 printf("unknown capability failure: "); 1938 capname(&ktr->cap_needed); 1939 printf(" "); 1940 capname(&ktr->cap_held); 1941 break; 1942 } 1943 printf("\n"); 1944 } 1945 1946 void 1947 ktrfault(struct ktr_fault *ktr) 1948 { 1949 1950 printf("0x%jx ", (uintmax_t)ktr->vaddr); 1951 vmprotname(ktr->type); 1952 printf("\n"); 1953 } 1954 1955 void 1956 ktrfaultend(struct ktr_faultend *ktr) 1957 { 1958 1959 vmresultname(ktr->result); 1960 printf("\n"); 1961 } 1962 1963 #if defined(__amd64__) || defined(__i386__) 1964 void 1965 linux_ktrsyscall(struct ktr_syscall *ktr) 1966 { 1967 int narg = ktr->ktr_narg; 1968 register_t *ip; 1969 1970 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0) 1971 printf("[%d]", ktr->ktr_code); 1972 else { 1973 printf("%s", linux_syscallnames[ktr->ktr_code]); 1974 if (syscallno) 1975 printf("[%d]", ktr->ktr_code); 1976 } 1977 ip = &ktr->ktr_args[0]; 1978 if (narg) { 1979 char c = '('; 1980 while (narg > 0) 1981 print_number(ip, narg, c); 1982 putchar(')'); 1983 } 1984 putchar('\n'); 1985 } 1986 1987 void 1988 linux_ktrsysret(struct ktr_sysret *ktr) 1989 { 1990 register_t ret = ktr->ktr_retval; 1991 int error = ktr->ktr_error; 1992 int code = ktr->ktr_code; 1993 1994 if (code >= nlinux_syscalls || code < 0) 1995 printf("[%d] ", code); 1996 else { 1997 printf("%s", linux_syscallnames[code]); 1998 if (syscallno) 1999 printf("[%d]", code); 2000 printf(" "); 2001 } 2002 2003 if (error == 0) { 2004 if (fancy) { 2005 printf("%ld", (long)ret); 2006 if (ret < 0 || ret > 9) 2007 printf("/%#lx", (unsigned long)ret); 2008 } else { 2009 if (decimal) 2010 printf("%ld", (long)ret); 2011 else 2012 printf("%#lx", (unsigned long)ret); 2013 } 2014 } else if (error == ERESTART) 2015 printf("RESTART"); 2016 else if (error == EJUSTRETURN) 2017 printf("JUSTRETURN"); 2018 else { 2019 if (ktr->ktr_error <= ELAST + 1) 2020 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 2021 else 2022 error = 999; 2023 printf("-1 errno %d", error); 2024 if (fancy) 2025 printf(" %s", strerror(ktr->ktr_error)); 2026 } 2027 putchar('\n'); 2028 } 2029 #endif 2030 2031 void 2032 usage(void) 2033 { 2034 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] " 2035 "[-m maxdata] [-p pid] [-t trstr]\n"); 2036 exit(1); 2037 } 2038