1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/capability.h> 50 #include <sys/errno.h> 51 #define _KERNEL 52 #include <sys/time.h> 53 #undef _KERNEL 54 #include <sys/uio.h> 55 #include <sys/ktrace.h> 56 #include <sys/ioctl.h> 57 #include <sys/socket.h> 58 #include <sys/stat.h> 59 #include <sys/sysent.h> 60 #include <sys/un.h> 61 #include <sys/queue.h> 62 #ifdef IPX 63 #include <sys/types.h> 64 #include <netipx/ipx.h> 65 #endif 66 #ifdef NETATALK 67 #include <netatalk/at.h> 68 #endif 69 #include <arpa/inet.h> 70 #include <netinet/in.h> 71 #include <ctype.h> 72 #include <dlfcn.h> 73 #include <err.h> 74 #include <grp.h> 75 #include <inttypes.h> 76 #include <locale.h> 77 #include <nl_types.h> 78 #include <pwd.h> 79 #include <stdio.h> 80 #include <stdlib.h> 81 #include <string.h> 82 #include <termios.h> 83 #include <time.h> 84 #include <unistd.h> 85 #include <vis.h> 86 #include "ktrace.h" 87 #include "kdump_subr.h" 88 89 u_int abidump(struct ktr_header *); 90 int fetchprocinfo(struct ktr_header *, u_int *); 91 int fread_tail(void *, int, int); 92 void dumpheader(struct ktr_header *); 93 void ktrsyscall(struct ktr_syscall *, u_int); 94 void ktrsysret(struct ktr_sysret *, u_int); 95 void ktrnamei(char *, int); 96 void hexdump(char *, int, int); 97 void visdump(char *, int, int); 98 void ktrgenio(struct ktr_genio *, int); 99 void ktrpsig(struct ktr_psig *); 100 void ktrcsw(struct ktr_csw *); 101 void ktrcsw_old(struct ktr_csw_old *); 102 void ktruser_malloc(unsigned char *); 103 void ktruser_rtld(int, unsigned char *); 104 void ktruser(int, unsigned char *); 105 void ktrsockaddr(struct sockaddr *); 106 void ktrstat(struct stat *); 107 void ktrstruct(char *, size_t); 108 void ktrcapfail(struct ktr_cap_fail *); 109 void ktrfault(struct ktr_fault *); 110 void ktrfaultend(struct ktr_faultend *); 111 void limitfd(int fd); 112 void usage(void); 113 void ioctlname(unsigned long, int); 114 115 int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 116 resolv = 0, abiflag = 0; 117 const char *tracefile = DEF_TRACEFILE; 118 struct ktr_header ktr_header; 119 120 #define TIME_FORMAT "%b %e %T %Y" 121 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 122 123 #define print_number(i,n,c) do { \ 124 if (decimal) \ 125 printf("%c%jd", c, (intmax_t)*i); \ 126 else \ 127 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 128 i++; \ 129 n--; \ 130 c = ','; \ 131 } while (0) 132 133 #if defined(__amd64__) || defined(__i386__) 134 135 void linux_ktrsyscall(struct ktr_syscall *); 136 void linux_ktrsysret(struct ktr_sysret *); 137 extern char *linux_syscallnames[]; 138 extern int nlinux_syscalls; 139 140 /* 141 * from linux.h 142 * Linux syscalls return negative errno's, we do positive and map them 143 */ 144 static int bsd_to_linux_errno[ELAST + 1] = { 145 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 146 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 147 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 148 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 149 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 150 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 151 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 152 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 153 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 154 -72, -67, -71 155 }; 156 #endif 157 158 struct proc_info 159 { 160 TAILQ_ENTRY(proc_info) info; 161 u_int sv_flags; 162 pid_t pid; 163 }; 164 165 TAILQ_HEAD(trace_procs, proc_info) trace_procs; 166 167 int 168 main(int argc, char *argv[]) 169 { 170 int ch, ktrlen, size; 171 void *m; 172 int trpoints = ALL_POINTS; 173 int drop_logged; 174 pid_t pid = 0; 175 u_int sv_flags; 176 177 setlocale(LC_CTYPE, ""); 178 179 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrsTt:")) != -1) 180 switch (ch) { 181 case 'A': 182 abiflag = 1; 183 break; 184 case 'f': 185 tracefile = optarg; 186 break; 187 case 'd': 188 decimal = 1; 189 break; 190 case 'l': 191 tail = 1; 192 break; 193 case 'm': 194 maxdata = atoi(optarg); 195 break; 196 case 'n': 197 fancy = 0; 198 break; 199 case 'p': 200 pid = atoi(optarg); 201 break; 202 case 'r': 203 resolv = 1; 204 break; 205 case 's': 206 suppressdata = 1; 207 break; 208 case 'E': 209 timestamp = 3; /* elapsed timestamp */ 210 break; 211 case 'H': 212 threads = 1; 213 break; 214 case 'R': 215 timestamp = 2; /* relative timestamp */ 216 break; 217 case 'T': 218 timestamp = 1; 219 break; 220 case 't': 221 trpoints = getpoints(optarg); 222 if (trpoints < 0) 223 errx(1, "unknown trace point in %s", optarg); 224 break; 225 default: 226 usage(); 227 } 228 229 if (argc > optind) 230 usage(); 231 232 m = malloc(size = 1025); 233 if (m == NULL) 234 errx(1, "%s", strerror(ENOMEM)); 235 if (!freopen(tracefile, "r", stdin)) 236 err(1, "%s", tracefile); 237 238 /* 239 * Cache NLS data before entering capability mode. 240 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 241 */ 242 (void)catopen("libc", NL_CAT_LOCALE); 243 if (cap_enter() < 0 && errno != ENOSYS) 244 err(1, "unable to enter capability mode"); 245 limitfd(STDIN_FILENO); 246 limitfd(STDOUT_FILENO); 247 limitfd(STDERR_FILENO); 248 249 TAILQ_INIT(&trace_procs); 250 drop_logged = 0; 251 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 252 if (ktr_header.ktr_type & KTR_DROP) { 253 ktr_header.ktr_type &= ~KTR_DROP; 254 if (!drop_logged && threads) { 255 printf( 256 "%6jd %6jd %-8.*s Events dropped.\n", 257 (intmax_t)ktr_header.ktr_pid, 258 ktr_header.ktr_tid > 0 ? 259 (intmax_t)ktr_header.ktr_tid : 0, 260 MAXCOMLEN, ktr_header.ktr_comm); 261 drop_logged = 1; 262 } else if (!drop_logged) { 263 printf("%6jd %-8.*s Events dropped.\n", 264 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 265 ktr_header.ktr_comm); 266 drop_logged = 1; 267 } 268 } 269 if (trpoints & (1<<ktr_header.ktr_type)) 270 if (pid == 0 || ktr_header.ktr_pid == pid || 271 ktr_header.ktr_tid == pid) 272 dumpheader(&ktr_header); 273 if ((ktrlen = ktr_header.ktr_len) < 0) 274 errx(1, "bogus length 0x%x", ktrlen); 275 if (ktrlen > size) { 276 m = realloc(m, ktrlen+1); 277 if (m == NULL) 278 errx(1, "%s", strerror(ENOMEM)); 279 size = ktrlen; 280 } 281 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 282 errx(1, "data too short"); 283 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 284 continue; 285 sv_flags = abidump(&ktr_header); 286 if (pid && ktr_header.ktr_pid != pid && 287 ktr_header.ktr_tid != pid) 288 continue; 289 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 290 continue; 291 drop_logged = 0; 292 switch (ktr_header.ktr_type) { 293 case KTR_SYSCALL: 294 #if defined(__amd64__) || defined(__i386__) 295 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 296 linux_ktrsyscall((struct ktr_syscall *)m); 297 else 298 #endif 299 ktrsyscall((struct ktr_syscall *)m, sv_flags); 300 break; 301 case KTR_SYSRET: 302 #if defined(__amd64__) || defined(__i386__) 303 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 304 linux_ktrsysret((struct ktr_sysret *)m); 305 else 306 #endif 307 ktrsysret((struct ktr_sysret *)m, sv_flags); 308 break; 309 case KTR_NAMEI: 310 case KTR_SYSCTL: 311 ktrnamei(m, ktrlen); 312 break; 313 case KTR_GENIO: 314 ktrgenio((struct ktr_genio *)m, ktrlen); 315 break; 316 case KTR_PSIG: 317 ktrpsig((struct ktr_psig *)m); 318 break; 319 case KTR_CSW: 320 if (ktrlen == sizeof(struct ktr_csw_old)) 321 ktrcsw_old((struct ktr_csw_old *)m); 322 else 323 ktrcsw((struct ktr_csw *)m); 324 break; 325 case KTR_USER: 326 ktruser(ktrlen, m); 327 break; 328 case KTR_STRUCT: 329 ktrstruct(m, ktrlen); 330 break; 331 case KTR_CAPFAIL: 332 ktrcapfail((struct ktr_cap_fail *)m); 333 break; 334 case KTR_FAULT: 335 ktrfault((struct ktr_fault *)m); 336 break; 337 case KTR_FAULTEND: 338 ktrfaultend((struct ktr_faultend *)m); 339 break; 340 default: 341 printf("\n"); 342 break; 343 } 344 if (tail) 345 fflush(stdout); 346 } 347 return 0; 348 } 349 350 void 351 limitfd(int fd) 352 { 353 cap_rights_t rights; 354 unsigned long cmd; 355 356 rights = CAP_FSTAT; 357 cmd = -1; 358 359 switch (fd) { 360 case STDIN_FILENO: 361 rights |= CAP_READ; 362 break; 363 case STDOUT_FILENO: 364 rights |= CAP_IOCTL | CAP_WRITE; 365 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 366 break; 367 case STDERR_FILENO: 368 rights |= CAP_WRITE; 369 if (!suppressdata) { 370 rights |= CAP_IOCTL; 371 cmd = TIOCGWINSZ; 372 } 373 break; 374 default: 375 abort(); 376 } 377 378 if (cap_rights_limit(fd, rights) < 0 && errno != ENOSYS) 379 err(1, "unable to limit rights for descriptor %d", fd); 380 if (cmd != -1 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 381 err(1, "unable to limit ioctls for descriptor %d", fd); 382 } 383 384 int 385 fread_tail(void *buf, int size, int num) 386 { 387 int i; 388 389 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 390 sleep(1); 391 clearerr(stdin); 392 } 393 return (i); 394 } 395 396 int 397 fetchprocinfo(struct ktr_header *kth, u_int *flags) 398 { 399 struct proc_info *pi; 400 401 switch (kth->ktr_type) { 402 case KTR_PROCCTOR: 403 TAILQ_FOREACH(pi, &trace_procs, info) { 404 if (pi->pid == kth->ktr_pid) { 405 TAILQ_REMOVE(&trace_procs, pi, info); 406 break; 407 } 408 } 409 pi = malloc(sizeof(struct proc_info)); 410 if (pi == NULL) 411 errx(1, "%s", strerror(ENOMEM)); 412 pi->sv_flags = *flags; 413 pi->pid = kth->ktr_pid; 414 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 415 return (1); 416 417 case KTR_PROCDTOR: 418 TAILQ_FOREACH(pi, &trace_procs, info) { 419 if (pi->pid == kth->ktr_pid) { 420 TAILQ_REMOVE(&trace_procs, pi, info); 421 free(pi); 422 break; 423 } 424 } 425 return (1); 426 } 427 428 return (0); 429 } 430 431 u_int 432 abidump(struct ktr_header *kth) 433 { 434 struct proc_info *pi; 435 const char *abi; 436 const char *arch; 437 u_int flags = 0; 438 439 TAILQ_FOREACH(pi, &trace_procs, info) { 440 if (pi->pid == kth->ktr_pid) { 441 flags = pi->sv_flags; 442 break; 443 } 444 } 445 446 if (abiflag == 0) 447 return (flags); 448 449 switch (flags & SV_ABI_MASK) { 450 case SV_ABI_LINUX: 451 abi = "L"; 452 break; 453 case SV_ABI_FREEBSD: 454 abi = "F"; 455 break; 456 default: 457 abi = "U"; 458 break; 459 } 460 461 if (flags != 0) { 462 if (flags & SV_LP64) 463 arch = "64"; 464 else 465 arch = "32"; 466 } else 467 arch = "00"; 468 469 printf("%s%s ", abi, arch); 470 471 return (flags); 472 } 473 474 void 475 dumpheader(struct ktr_header *kth) 476 { 477 static char unknown[64]; 478 static struct timeval prevtime, temp; 479 const char *type; 480 481 switch (kth->ktr_type) { 482 case KTR_SYSCALL: 483 type = "CALL"; 484 break; 485 case KTR_SYSRET: 486 type = "RET "; 487 break; 488 case KTR_NAMEI: 489 type = "NAMI"; 490 break; 491 case KTR_GENIO: 492 type = "GIO "; 493 break; 494 case KTR_PSIG: 495 type = "PSIG"; 496 break; 497 case KTR_CSW: 498 type = "CSW "; 499 break; 500 case KTR_USER: 501 type = "USER"; 502 break; 503 case KTR_STRUCT: 504 type = "STRU"; 505 break; 506 case KTR_SYSCTL: 507 type = "SCTL"; 508 break; 509 case KTR_PROCCTOR: 510 /* FALLTHROUGH */ 511 case KTR_PROCDTOR: 512 return; 513 case KTR_CAPFAIL: 514 type = "CAP "; 515 break; 516 case KTR_FAULT: 517 type = "PFLT"; 518 break; 519 case KTR_FAULTEND: 520 type = "PRET"; 521 break; 522 default: 523 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 524 type = unknown; 525 } 526 527 /* 528 * The ktr_tid field was previously the ktr_buffer field, which held 529 * the kernel pointer value for the buffer associated with data 530 * following the record header. It now holds a threadid, but only 531 * for trace files after the change. Older trace files still contain 532 * kernel pointers. Detect this and suppress the results by printing 533 * negative tid's as 0. 534 */ 535 if (threads) 536 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 537 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 538 MAXCOMLEN, kth->ktr_comm); 539 else 540 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 541 kth->ktr_comm); 542 if (timestamp) { 543 if (timestamp == 3) { 544 if (prevtime.tv_sec == 0) 545 prevtime = kth->ktr_time; 546 timevalsub(&kth->ktr_time, &prevtime); 547 } 548 if (timestamp == 2) { 549 temp = kth->ktr_time; 550 timevalsub(&kth->ktr_time, &prevtime); 551 prevtime = temp; 552 } 553 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 554 kth->ktr_time.tv_usec); 555 } 556 printf("%s ", type); 557 } 558 559 #include <sys/syscall.h> 560 #define KTRACE 561 #include <sys/kern/syscalls.c> 562 #undef KTRACE 563 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 564 565 void 566 ktrsyscall(struct ktr_syscall *ktr, u_int flags) 567 { 568 int narg = ktr->ktr_narg; 569 register_t *ip; 570 intmax_t arg; 571 572 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 573 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 574 printf("[%d]", ktr->ktr_code); 575 else 576 printf("%s", syscallnames[ktr->ktr_code]); 577 ip = &ktr->ktr_args[0]; 578 if (narg) { 579 char c = '('; 580 if (fancy && 581 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 582 switch (ktr->ktr_code) { 583 case SYS_ioctl: { 584 print_number(ip, narg, c); 585 putchar(c); 586 ioctlname(*ip, decimal); 587 c = ','; 588 ip++; 589 narg--; 590 break; 591 } 592 case SYS_ptrace: 593 putchar('('); 594 ptraceopname(*ip); 595 c = ','; 596 ip++; 597 narg--; 598 break; 599 case SYS_access: 600 case SYS_eaccess: 601 print_number(ip, narg, c); 602 putchar(','); 603 accessmodename(*ip); 604 ip++; 605 narg--; 606 break; 607 case SYS_open: 608 print_number(ip, narg, c); 609 putchar(','); 610 flagsandmodename(ip[0], ip[1], decimal); 611 ip += 2; 612 narg -= 2; 613 break; 614 case SYS_wait4: 615 print_number(ip, narg, c); 616 print_number(ip, narg, c); 617 putchar(','); 618 wait4optname(*ip); 619 ip++; 620 narg--; 621 break; 622 case SYS_chmod: 623 case SYS_fchmod: 624 case SYS_lchmod: 625 print_number(ip, narg, c); 626 putchar(','); 627 modename(*ip); 628 ip++; 629 narg--; 630 break; 631 case SYS_mknod: 632 print_number(ip, narg, c); 633 putchar(','); 634 modename(*ip); 635 ip++; 636 narg--; 637 break; 638 case SYS_getfsstat: 639 print_number(ip, narg, c); 640 print_number(ip, narg, c); 641 putchar(','); 642 getfsstatflagsname(*ip); 643 ip++; 644 narg--; 645 break; 646 case SYS_mount: 647 print_number(ip, narg, c); 648 print_number(ip, narg, c); 649 putchar(','); 650 mountflagsname(*ip); 651 ip++; 652 narg--; 653 break; 654 case SYS_unmount: 655 print_number(ip, narg, c); 656 putchar(','); 657 mountflagsname(*ip); 658 ip++; 659 narg--; 660 break; 661 case SYS_recvmsg: 662 case SYS_sendmsg: 663 print_number(ip, narg, c); 664 print_number(ip, narg, c); 665 putchar(','); 666 sendrecvflagsname(*ip); 667 ip++; 668 narg--; 669 break; 670 case SYS_recvfrom: 671 case SYS_sendto: 672 print_number(ip, narg, c); 673 print_number(ip, narg, c); 674 print_number(ip, narg, c); 675 putchar(','); 676 sendrecvflagsname(*ip); 677 ip++; 678 narg--; 679 break; 680 case SYS_chflags: 681 case SYS_fchflags: 682 case SYS_lchflags: 683 print_number(ip, narg, c); 684 putchar(','); 685 modename(*ip); 686 ip++; 687 narg--; 688 break; 689 case SYS_kill: 690 print_number(ip, narg, c); 691 putchar(','); 692 signame(*ip); 693 ip++; 694 narg--; 695 break; 696 case SYS_reboot: 697 putchar('('); 698 rebootoptname(*ip); 699 ip++; 700 narg--; 701 break; 702 case SYS_umask: 703 putchar('('); 704 modename(*ip); 705 ip++; 706 narg--; 707 break; 708 case SYS_msync: 709 print_number(ip, narg, c); 710 print_number(ip, narg, c); 711 putchar(','); 712 msyncflagsname(*ip); 713 ip++; 714 narg--; 715 break; 716 #ifdef SYS_freebsd6_mmap 717 case SYS_freebsd6_mmap: 718 print_number(ip, narg, c); 719 print_number(ip, narg, c); 720 putchar(','); 721 mmapprotname(*ip); 722 putchar(','); 723 ip++; 724 narg--; 725 mmapflagsname(*ip); 726 ip++; 727 narg--; 728 break; 729 #endif 730 case SYS_mmap: 731 print_number(ip, narg, c); 732 print_number(ip, narg, c); 733 putchar(','); 734 mmapprotname(*ip); 735 putchar(','); 736 ip++; 737 narg--; 738 mmapflagsname(*ip); 739 ip++; 740 narg--; 741 break; 742 case SYS_mprotect: 743 print_number(ip, narg, c); 744 print_number(ip, narg, c); 745 putchar(','); 746 mmapprotname(*ip); 747 ip++; 748 narg--; 749 break; 750 case SYS_madvise: 751 print_number(ip, narg, c); 752 print_number(ip, narg, c); 753 putchar(','); 754 madvisebehavname(*ip); 755 ip++; 756 narg--; 757 break; 758 case SYS_setpriority: 759 print_number(ip, narg, c); 760 print_number(ip, narg, c); 761 putchar(','); 762 prioname(*ip); 763 ip++; 764 narg--; 765 break; 766 case SYS_fcntl: 767 print_number(ip, narg, c); 768 putchar(','); 769 fcntlcmdname(ip[0], ip[1], decimal); 770 ip += 2; 771 narg -= 2; 772 break; 773 case SYS_socket: { 774 int sockdomain; 775 putchar('('); 776 sockdomain = *ip; 777 sockdomainname(sockdomain); 778 ip++; 779 narg--; 780 putchar(','); 781 socktypename(*ip); 782 ip++; 783 narg--; 784 if (sockdomain == PF_INET || 785 sockdomain == PF_INET6) { 786 putchar(','); 787 sockipprotoname(*ip); 788 ip++; 789 narg--; 790 } 791 c = ','; 792 break; 793 } 794 case SYS_setsockopt: 795 case SYS_getsockopt: 796 print_number(ip, narg, c); 797 putchar(','); 798 sockoptlevelname(*ip, decimal); 799 if (*ip == SOL_SOCKET) { 800 ip++; 801 narg--; 802 putchar(','); 803 sockoptname(*ip); 804 } 805 ip++; 806 narg--; 807 break; 808 #ifdef SYS_freebsd6_lseek 809 case SYS_freebsd6_lseek: 810 print_number(ip, narg, c); 811 /* Hidden 'pad' argument, not in lseek(2) */ 812 print_number(ip, narg, c); 813 print_number(ip, narg, c); 814 putchar(','); 815 whencename(*ip); 816 ip++; 817 narg--; 818 break; 819 #endif 820 case SYS_lseek: 821 print_number(ip, narg, c); 822 /* Hidden 'pad' argument, not in lseek(2) */ 823 print_number(ip, narg, c); 824 putchar(','); 825 whencename(*ip); 826 ip++; 827 narg--; 828 break; 829 case SYS_flock: 830 print_number(ip, narg, c); 831 putchar(','); 832 flockname(*ip); 833 ip++; 834 narg--; 835 break; 836 case SYS_mkfifo: 837 case SYS_mkdir: 838 print_number(ip, narg, c); 839 putchar(','); 840 modename(*ip); 841 ip++; 842 narg--; 843 break; 844 case SYS_shutdown: 845 print_number(ip, narg, c); 846 putchar(','); 847 shutdownhowname(*ip); 848 ip++; 849 narg--; 850 break; 851 case SYS_socketpair: 852 putchar('('); 853 sockdomainname(*ip); 854 ip++; 855 narg--; 856 putchar(','); 857 socktypename(*ip); 858 ip++; 859 narg--; 860 c = ','; 861 break; 862 case SYS_getrlimit: 863 case SYS_setrlimit: 864 putchar('('); 865 rlimitname(*ip); 866 ip++; 867 narg--; 868 c = ','; 869 break; 870 case SYS_quotactl: 871 print_number(ip, narg, c); 872 putchar(','); 873 quotactlname(*ip); 874 ip++; 875 narg--; 876 c = ','; 877 break; 878 case SYS_nfssvc: 879 putchar('('); 880 nfssvcname(*ip); 881 ip++; 882 narg--; 883 c = ','; 884 break; 885 case SYS_rtprio: 886 putchar('('); 887 rtprioname(*ip); 888 ip++; 889 narg--; 890 c = ','; 891 break; 892 case SYS___semctl: 893 print_number(ip, narg, c); 894 print_number(ip, narg, c); 895 putchar(','); 896 semctlname(*ip); 897 ip++; 898 narg--; 899 break; 900 case SYS_semget: 901 print_number(ip, narg, c); 902 print_number(ip, narg, c); 903 putchar(','); 904 semgetname(*ip); 905 ip++; 906 narg--; 907 break; 908 case SYS_msgctl: 909 print_number(ip, narg, c); 910 putchar(','); 911 shmctlname(*ip); 912 ip++; 913 narg--; 914 break; 915 case SYS_shmat: 916 print_number(ip, narg, c); 917 print_number(ip, narg, c); 918 putchar(','); 919 shmatname(*ip); 920 ip++; 921 narg--; 922 break; 923 case SYS_shmctl: 924 print_number(ip, narg, c); 925 putchar(','); 926 shmctlname(*ip); 927 ip++; 928 narg--; 929 break; 930 case SYS_minherit: 931 print_number(ip, narg, c); 932 print_number(ip, narg, c); 933 putchar(','); 934 minheritname(*ip); 935 ip++; 936 narg--; 937 break; 938 case SYS_rfork: 939 putchar('('); 940 rforkname(*ip); 941 ip++; 942 narg--; 943 c = ','; 944 break; 945 case SYS_lio_listio: 946 putchar('('); 947 lio_listioname(*ip); 948 ip++; 949 narg--; 950 c = ','; 951 break; 952 case SYS_mlockall: 953 putchar('('); 954 mlockallname(*ip); 955 ip++; 956 narg--; 957 break; 958 case SYS_sched_setscheduler: 959 print_number(ip, narg, c); 960 putchar(','); 961 schedpolicyname(*ip); 962 ip++; 963 narg--; 964 break; 965 case SYS_sched_get_priority_max: 966 case SYS_sched_get_priority_min: 967 putchar('('); 968 schedpolicyname(*ip); 969 ip++; 970 narg--; 971 break; 972 case SYS_sendfile: 973 print_number(ip, narg, c); 974 print_number(ip, narg, c); 975 print_number(ip, narg, c); 976 print_number(ip, narg, c); 977 print_number(ip, narg, c); 978 print_number(ip, narg, c); 979 putchar(','); 980 sendfileflagsname(*ip); 981 ip++; 982 narg--; 983 break; 984 case SYS_kldsym: 985 print_number(ip, narg, c); 986 putchar(','); 987 kldsymcmdname(*ip); 988 ip++; 989 narg--; 990 break; 991 case SYS_sigprocmask: 992 putchar('('); 993 sigprocmaskhowname(*ip); 994 ip++; 995 narg--; 996 c = ','; 997 break; 998 case SYS___acl_get_file: 999 case SYS___acl_set_file: 1000 case SYS___acl_get_fd: 1001 case SYS___acl_set_fd: 1002 case SYS___acl_delete_file: 1003 case SYS___acl_delete_fd: 1004 case SYS___acl_aclcheck_file: 1005 case SYS___acl_aclcheck_fd: 1006 case SYS___acl_get_link: 1007 case SYS___acl_set_link: 1008 case SYS___acl_delete_link: 1009 case SYS___acl_aclcheck_link: 1010 print_number(ip, narg, c); 1011 putchar(','); 1012 acltypename(*ip); 1013 ip++; 1014 narg--; 1015 break; 1016 case SYS_sigaction: 1017 putchar('('); 1018 signame(*ip); 1019 ip++; 1020 narg--; 1021 c = ','; 1022 break; 1023 case SYS_extattrctl: 1024 print_number(ip, narg, c); 1025 putchar(','); 1026 extattrctlname(*ip); 1027 ip++; 1028 narg--; 1029 break; 1030 case SYS_nmount: 1031 print_number(ip, narg, c); 1032 print_number(ip, narg, c); 1033 putchar(','); 1034 mountflagsname(*ip); 1035 ip++; 1036 narg--; 1037 break; 1038 case SYS_thr_create: 1039 print_number(ip, narg, c); 1040 print_number(ip, narg, c); 1041 putchar(','); 1042 thrcreateflagsname(*ip); 1043 ip++; 1044 narg--; 1045 break; 1046 case SYS_thr_kill: 1047 print_number(ip, narg, c); 1048 putchar(','); 1049 signame(*ip); 1050 ip++; 1051 narg--; 1052 break; 1053 case SYS_kldunloadf: 1054 print_number(ip, narg, c); 1055 putchar(','); 1056 kldunloadfflagsname(*ip); 1057 ip++; 1058 narg--; 1059 break; 1060 case SYS_cap_new: 1061 case SYS_cap_rights_limit: 1062 print_number(ip, narg, c); 1063 putchar(','); 1064 arg = *ip; 1065 ip++; 1066 narg--; 1067 /* 1068 * Hack: the second argument is a 1069 * cap_rights_t, which 64 bits wide, so on 1070 * 32-bit systems, it is split between two 1071 * registers. 1072 * 1073 * Since sizeof() is not evaluated by the 1074 * preprocessor, we can't use an #ifdef, 1075 * but the compiler will probably optimize 1076 * the code out anyway. 1077 */ 1078 if (sizeof(cap_rights_t) > sizeof(register_t)) { 1079 #if _BYTE_ORDER == _LITTLE_ENDIAN 1080 arg = ((intmax_t)*ip << 32) + arg; 1081 #else 1082 arg = (arg << 32) + *ip; 1083 #endif 1084 ip++; 1085 narg--; 1086 } 1087 capname(arg); 1088 break; 1089 case SYS_cap_fcntls_limit: 1090 print_number(ip, narg, c); 1091 putchar(','); 1092 arg = *ip; 1093 ip++; 1094 narg--; 1095 capfcntlname(arg); 1096 break; 1097 case SYS_posix_fadvise: 1098 print_number(ip, narg, c); 1099 print_number(ip, narg, c); 1100 print_number(ip, narg, c); 1101 (void)putchar(','); 1102 fadvisebehavname((int)*ip); 1103 ip++; 1104 narg--; 1105 break; 1106 } 1107 } 1108 while (narg > 0) { 1109 print_number(ip, narg, c); 1110 } 1111 putchar(')'); 1112 } 1113 putchar('\n'); 1114 } 1115 1116 void 1117 ktrsysret(struct ktr_sysret *ktr, u_int flags) 1118 { 1119 register_t ret = ktr->ktr_retval; 1120 int error = ktr->ktr_error; 1121 int code = ktr->ktr_code; 1122 1123 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1124 (code >= nsyscalls || code < 0)) 1125 printf("[%d] ", code); 1126 else 1127 printf("%s ", syscallnames[code]); 1128 1129 if (error == 0) { 1130 if (fancy) { 1131 printf("%ld", (long)ret); 1132 if (ret < 0 || ret > 9) 1133 printf("/%#lx", (unsigned long)ret); 1134 } else { 1135 if (decimal) 1136 printf("%ld", (long)ret); 1137 else 1138 printf("%#lx", (unsigned long)ret); 1139 } 1140 } else if (error == ERESTART) 1141 printf("RESTART"); 1142 else if (error == EJUSTRETURN) 1143 printf("JUSTRETURN"); 1144 else { 1145 printf("-1 errno %d", ktr->ktr_error); 1146 if (fancy) 1147 printf(" %s", strerror(ktr->ktr_error)); 1148 } 1149 putchar('\n'); 1150 } 1151 1152 void 1153 ktrnamei(char *cp, int len) 1154 { 1155 printf("\"%.*s\"\n", len, cp); 1156 } 1157 1158 void 1159 hexdump(char *p, int len, int screenwidth) 1160 { 1161 int n, i; 1162 int width; 1163 1164 width = 0; 1165 do { 1166 width += 2; 1167 i = 13; /* base offset */ 1168 i += (width / 2) + 1; /* spaces every second byte */ 1169 i += (width * 2); /* width of bytes */ 1170 i += 3; /* " |" */ 1171 i += width; /* each byte */ 1172 i += 1; /* "|" */ 1173 } while (i < screenwidth); 1174 width -= 2; 1175 1176 for (n = 0; n < len; n += width) { 1177 for (i = n; i < n + width; i++) { 1178 if ((i % width) == 0) { /* beginning of line */ 1179 printf(" 0x%04x", i); 1180 } 1181 if ((i % 2) == 0) { 1182 printf(" "); 1183 } 1184 if (i < len) 1185 printf("%02x", p[i] & 0xff); 1186 else 1187 printf(" "); 1188 } 1189 printf(" |"); 1190 for (i = n; i < n + width; i++) { 1191 if (i >= len) 1192 break; 1193 if (p[i] >= ' ' && p[i] <= '~') 1194 printf("%c", p[i]); 1195 else 1196 printf("."); 1197 } 1198 printf("|\n"); 1199 } 1200 if ((i % width) != 0) 1201 printf("\n"); 1202 } 1203 1204 void 1205 visdump(char *dp, int datalen, int screenwidth) 1206 { 1207 int col = 0; 1208 char *cp; 1209 int width; 1210 char visbuf[5]; 1211 1212 printf(" \""); 1213 col = 8; 1214 for (;datalen > 0; datalen--, dp++) { 1215 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1216 cp = visbuf; 1217 /* 1218 * Keep track of printables and 1219 * space chars (like fold(1)). 1220 */ 1221 if (col == 0) { 1222 putchar('\t'); 1223 col = 8; 1224 } 1225 switch(*cp) { 1226 case '\n': 1227 col = 0; 1228 putchar('\n'); 1229 continue; 1230 case '\t': 1231 width = 8 - (col&07); 1232 break; 1233 default: 1234 width = strlen(cp); 1235 } 1236 if (col + width > (screenwidth-2)) { 1237 printf("\\\n\t"); 1238 col = 8; 1239 } 1240 col += width; 1241 do { 1242 putchar(*cp++); 1243 } while (*cp); 1244 } 1245 if (col == 0) 1246 printf(" "); 1247 printf("\"\n"); 1248 } 1249 1250 void 1251 ktrgenio(struct ktr_genio *ktr, int len) 1252 { 1253 int datalen = len - sizeof (struct ktr_genio); 1254 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1255 static int screenwidth = 0; 1256 int i, binary; 1257 1258 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1259 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1260 datalen == 1 ? "" : "s"); 1261 if (suppressdata) 1262 return; 1263 if (screenwidth == 0) { 1264 struct winsize ws; 1265 1266 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1267 ws.ws_col > 8) 1268 screenwidth = ws.ws_col; 1269 else 1270 screenwidth = 80; 1271 } 1272 if (maxdata && datalen > maxdata) 1273 datalen = maxdata; 1274 1275 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1276 if (dp[i] >= 32 && dp[i] < 127) 1277 continue; 1278 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1279 continue; 1280 binary = 1; 1281 } 1282 if (binary) 1283 hexdump(dp, datalen, screenwidth); 1284 else 1285 visdump(dp, datalen, screenwidth); 1286 } 1287 1288 const char *signames[] = { 1289 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1290 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1291 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1292 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1293 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1294 "USR2", NULL, /* 31 - 32 */ 1295 }; 1296 1297 void 1298 ktrpsig(struct ktr_psig *psig) 1299 { 1300 if (psig->signo > 0 && psig->signo < NSIG) 1301 printf("SIG%s ", signames[psig->signo]); 1302 else 1303 printf("SIG %d ", psig->signo); 1304 if (psig->action == SIG_DFL) { 1305 printf("SIG_DFL code="); 1306 sigcodename(psig->signo, psig->code); 1307 putchar('\n'); 1308 } else { 1309 printf("caught handler=0x%lx mask=0x%x code=", 1310 (u_long)psig->action, psig->mask.__bits[0]); 1311 sigcodename(psig->signo, psig->code); 1312 putchar('\n'); 1313 } 1314 } 1315 1316 void 1317 ktrcsw_old(struct ktr_csw_old *cs) 1318 { 1319 printf("%s %s\n", cs->out ? "stop" : "resume", 1320 cs->user ? "user" : "kernel"); 1321 } 1322 1323 void 1324 ktrcsw(struct ktr_csw *cs) 1325 { 1326 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1327 cs->user ? "user" : "kernel", cs->wmesg); 1328 } 1329 1330 #define UTRACE_DLOPEN_START 1 1331 #define UTRACE_DLOPEN_STOP 2 1332 #define UTRACE_DLCLOSE_START 3 1333 #define UTRACE_DLCLOSE_STOP 4 1334 #define UTRACE_LOAD_OBJECT 5 1335 #define UTRACE_UNLOAD_OBJECT 6 1336 #define UTRACE_ADD_RUNDEP 7 1337 #define UTRACE_PRELOAD_FINISHED 8 1338 #define UTRACE_INIT_CALL 9 1339 #define UTRACE_FINI_CALL 10 1340 1341 struct utrace_rtld { 1342 char sig[4]; /* 'RTLD' */ 1343 int event; 1344 void *handle; 1345 void *mapbase; 1346 size_t mapsize; 1347 int refcnt; 1348 char name[MAXPATHLEN]; 1349 }; 1350 1351 void 1352 ktruser_rtld(int len, unsigned char *p) 1353 { 1354 struct utrace_rtld *ut = (struct utrace_rtld *)p; 1355 void *parent; 1356 int mode; 1357 1358 switch (ut->event) { 1359 case UTRACE_DLOPEN_START: 1360 mode = ut->refcnt; 1361 printf("dlopen(%s, ", ut->name); 1362 switch (mode & RTLD_MODEMASK) { 1363 case RTLD_NOW: 1364 printf("RTLD_NOW"); 1365 break; 1366 case RTLD_LAZY: 1367 printf("RTLD_LAZY"); 1368 break; 1369 default: 1370 printf("%#x", mode & RTLD_MODEMASK); 1371 } 1372 if (mode & RTLD_GLOBAL) 1373 printf(" | RTLD_GLOBAL"); 1374 if (mode & RTLD_TRACE) 1375 printf(" | RTLD_TRACE"); 1376 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1377 printf(" | %#x", mode & 1378 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1379 printf(")\n"); 1380 break; 1381 case UTRACE_DLOPEN_STOP: 1382 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1383 ut->refcnt); 1384 break; 1385 case UTRACE_DLCLOSE_START: 1386 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1387 ut->refcnt); 1388 break; 1389 case UTRACE_DLCLOSE_STOP: 1390 printf("dlclose(%p) finished\n", ut->handle); 1391 break; 1392 case UTRACE_LOAD_OBJECT: 1393 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1394 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1395 ut->name); 1396 break; 1397 case UTRACE_UNLOAD_OBJECT: 1398 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1399 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1400 ut->name); 1401 break; 1402 case UTRACE_ADD_RUNDEP: 1403 parent = ut->mapbase; 1404 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1405 ut->handle, ut->name, ut->refcnt); 1406 break; 1407 case UTRACE_PRELOAD_FINISHED: 1408 printf("RTLD: LD_PRELOAD finished\n"); 1409 break; 1410 case UTRACE_INIT_CALL: 1411 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1412 ut->name); 1413 break; 1414 case UTRACE_FINI_CALL: 1415 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1416 ut->name); 1417 break; 1418 default: 1419 p += 4; 1420 len -= 4; 1421 printf("RTLD: %d ", len); 1422 while (len--) 1423 if (decimal) 1424 printf(" %d", *p++); 1425 else 1426 printf(" %02x", *p++); 1427 printf("\n"); 1428 } 1429 } 1430 1431 struct utrace_malloc { 1432 void *p; 1433 size_t s; 1434 void *r; 1435 }; 1436 1437 void 1438 ktruser_malloc(unsigned char *p) 1439 { 1440 struct utrace_malloc *ut = (struct utrace_malloc *)p; 1441 1442 if (ut->p == (void *)(intptr_t)(-1)) 1443 printf("malloc_init()\n"); 1444 else if (ut->s == 0) 1445 printf("free(%p)\n", ut->p); 1446 else if (ut->p == NULL) 1447 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1448 else 1449 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1450 } 1451 1452 void 1453 ktruser(int len, unsigned char *p) 1454 { 1455 1456 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1457 ktruser_rtld(len, p); 1458 return; 1459 } 1460 1461 if (len == sizeof(struct utrace_malloc)) { 1462 ktruser_malloc(p); 1463 return; 1464 } 1465 1466 printf("%d ", len); 1467 while (len--) 1468 if (decimal) 1469 printf(" %d", *p++); 1470 else 1471 printf(" %02x", *p++); 1472 printf("\n"); 1473 } 1474 1475 void 1476 ktrsockaddr(struct sockaddr *sa) 1477 { 1478 /* 1479 TODO: Support additional address families 1480 #include <netnatm/natm.h> 1481 struct sockaddr_natm *natm; 1482 */ 1483 char addr[64]; 1484 1485 /* 1486 * note: ktrstruct() has already verified that sa points to a 1487 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1488 * sa->sa_len bytes long. 1489 */ 1490 printf("struct sockaddr { "); 1491 sockfamilyname(sa->sa_family); 1492 printf(", "); 1493 1494 #define check_sockaddr_len(n) \ 1495 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1496 printf("invalid"); \ 1497 break; \ 1498 } 1499 1500 switch(sa->sa_family) { 1501 case AF_INET: { 1502 struct sockaddr_in sa_in; 1503 1504 memset(&sa_in, 0, sizeof(sa_in)); 1505 memcpy(&sa_in, sa, sa->sa_len); 1506 check_sockaddr_len(in); 1507 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1508 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1509 break; 1510 } 1511 #ifdef NETATALK 1512 case AF_APPLETALK: { 1513 struct sockaddr_at sa_at; 1514 struct netrange *nr; 1515 1516 memset(&sa_at, 0, sizeof(sa_at)); 1517 memcpy(&sa_at, sa, sa->sa_len); 1518 check_sockaddr_len(at); 1519 nr = &sa_at.sat_range.r_netrange; 1520 printf("%d.%d, %d-%d, %d", ntohs(sa_at.sat_addr.s_net), 1521 sa_at.sat_addr.s_node, ntohs(nr->nr_firstnet), 1522 ntohs(nr->nr_lastnet), nr->nr_phase); 1523 break; 1524 } 1525 #endif 1526 case AF_INET6: { 1527 struct sockaddr_in6 sa_in6; 1528 1529 memset(&sa_in6, 0, sizeof(sa_in6)); 1530 memcpy(&sa_in6, sa, sa->sa_len); 1531 check_sockaddr_len(in6); 1532 inet_ntop(AF_INET6, &sa_in6.sin6_addr, addr, sizeof addr); 1533 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1534 break; 1535 } 1536 #ifdef IPX 1537 case AF_IPX: { 1538 struct sockaddr_ipx sa_ipx; 1539 1540 memset(&sa_ipx, 0, sizeof(sa_ipx)); 1541 memcpy(&sa_ipx, sa, sa->sa_len); 1542 check_sockaddr_len(ipx); 1543 /* XXX wish we had ipx_ntop */ 1544 printf("%s", ipx_ntoa(sa_ipx.sipx_addr)); 1545 free(sa_ipx); 1546 break; 1547 } 1548 #endif 1549 case AF_UNIX: { 1550 struct sockaddr_un sa_un; 1551 1552 memset(&sa_un, 0, sizeof(sa_un)); 1553 memcpy(&sa_un, sa, sa->sa_len); 1554 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1555 break; 1556 } 1557 default: 1558 printf("unknown address family"); 1559 } 1560 printf(" }\n"); 1561 } 1562 1563 void 1564 ktrstat(struct stat *statp) 1565 { 1566 char mode[12], timestr[PATH_MAX + 4]; 1567 struct passwd *pwd; 1568 struct group *grp; 1569 struct tm *tm; 1570 1571 /* 1572 * note: ktrstruct() has already verified that statp points to a 1573 * buffer exactly sizeof(struct stat) bytes long. 1574 */ 1575 printf("struct stat {"); 1576 strmode(statp->st_mode, mode); 1577 printf("dev=%ju, ino=%ju, mode=%s, nlink=%ju, ", 1578 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino, mode, 1579 (uintmax_t)statp->st_nlink); 1580 if (resolv == 0 || (pwd = getpwuid(statp->st_uid)) == NULL) 1581 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1582 else 1583 printf("uid=\"%s\", ", pwd->pw_name); 1584 if (resolv == 0 || (grp = getgrgid(statp->st_gid)) == NULL) 1585 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1586 else 1587 printf("gid=\"%s\", ", grp->gr_name); 1588 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1589 printf("atime="); 1590 if (resolv == 0) 1591 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1592 else { 1593 tm = localtime(&statp->st_atim.tv_sec); 1594 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1595 printf("\"%s\"", timestr); 1596 } 1597 if (statp->st_atim.tv_nsec != 0) 1598 printf(".%09ld, ", statp->st_atim.tv_nsec); 1599 else 1600 printf(", "); 1601 printf("stime="); 1602 if (resolv == 0) 1603 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1604 else { 1605 tm = localtime(&statp->st_mtim.tv_sec); 1606 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1607 printf("\"%s\"", timestr); 1608 } 1609 if (statp->st_mtim.tv_nsec != 0) 1610 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1611 else 1612 printf(", "); 1613 printf("ctime="); 1614 if (resolv == 0) 1615 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1616 else { 1617 tm = localtime(&statp->st_ctim.tv_sec); 1618 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1619 printf("\"%s\"", timestr); 1620 } 1621 if (statp->st_ctim.tv_nsec != 0) 1622 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1623 else 1624 printf(", "); 1625 printf("birthtime="); 1626 if (resolv == 0) 1627 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1628 else { 1629 tm = localtime(&statp->st_birthtim.tv_sec); 1630 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1631 printf("\"%s\"", timestr); 1632 } 1633 if (statp->st_birthtim.tv_nsec != 0) 1634 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1635 else 1636 printf(", "); 1637 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1638 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1639 (intmax_t)statp->st_blocks, statp->st_flags); 1640 printf(" }\n"); 1641 } 1642 1643 void 1644 ktrstruct(char *buf, size_t buflen) 1645 { 1646 char *name, *data; 1647 size_t namelen, datalen; 1648 int i; 1649 struct stat sb; 1650 struct sockaddr_storage ss; 1651 1652 for (name = buf, namelen = 0; 1653 namelen < buflen && name[namelen] != '\0'; 1654 ++namelen) 1655 /* nothing */; 1656 if (namelen == buflen) 1657 goto invalid; 1658 if (name[namelen] != '\0') 1659 goto invalid; 1660 data = buf + namelen + 1; 1661 datalen = buflen - namelen - 1; 1662 if (datalen == 0) 1663 goto invalid; 1664 /* sanity check */ 1665 for (i = 0; i < (int)namelen; ++i) 1666 if (!isalpha(name[i])) 1667 goto invalid; 1668 if (strcmp(name, "stat") == 0) { 1669 if (datalen != sizeof(struct stat)) 1670 goto invalid; 1671 memcpy(&sb, data, datalen); 1672 ktrstat(&sb); 1673 } else if (strcmp(name, "sockaddr") == 0) { 1674 if (datalen > sizeof(ss)) 1675 goto invalid; 1676 memcpy(&ss, data, datalen); 1677 if (datalen != ss.ss_len) 1678 goto invalid; 1679 ktrsockaddr((struct sockaddr *)&ss); 1680 } else { 1681 printf("unknown structure\n"); 1682 } 1683 return; 1684 invalid: 1685 printf("invalid record\n"); 1686 } 1687 1688 void 1689 ktrcapfail(struct ktr_cap_fail *ktr) 1690 { 1691 switch (ktr->cap_type) { 1692 case CAPFAIL_NOTCAPABLE: 1693 /* operation on fd with insufficient capabilities */ 1694 printf("operation requires "); 1695 capname((intmax_t)ktr->cap_needed); 1696 printf(", process holds "); 1697 capname((intmax_t)ktr->cap_held); 1698 break; 1699 case CAPFAIL_INCREASE: 1700 /* requested more capabilities than fd already has */ 1701 printf("attempt to increase capabilities from "); 1702 capname((intmax_t)ktr->cap_held); 1703 printf(" to "); 1704 capname((intmax_t)ktr->cap_needed); 1705 break; 1706 case CAPFAIL_SYSCALL: 1707 /* called restricted syscall */ 1708 printf("disallowed system call"); 1709 break; 1710 case CAPFAIL_LOOKUP: 1711 /* used ".." in strict-relative mode */ 1712 printf("restricted VFS lookup"); 1713 break; 1714 default: 1715 printf("unknown capability failure: "); 1716 capname((intmax_t)ktr->cap_needed); 1717 printf(" "); 1718 capname((intmax_t)ktr->cap_held); 1719 break; 1720 } 1721 printf("\n"); 1722 } 1723 1724 void 1725 ktrfault(struct ktr_fault *ktr) 1726 { 1727 1728 printf("0x%jx ", ktr->vaddr); 1729 vmprotname(ktr->type); 1730 printf("\n"); 1731 } 1732 1733 void 1734 ktrfaultend(struct ktr_faultend *ktr) 1735 { 1736 1737 vmresultname(ktr->result); 1738 printf("\n"); 1739 } 1740 1741 #if defined(__amd64__) || defined(__i386__) 1742 void 1743 linux_ktrsyscall(struct ktr_syscall *ktr) 1744 { 1745 int narg = ktr->ktr_narg; 1746 register_t *ip; 1747 1748 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0) 1749 printf("[%d]", ktr->ktr_code); 1750 else 1751 printf("%s", linux_syscallnames[ktr->ktr_code]); 1752 ip = &ktr->ktr_args[0]; 1753 if (narg) { 1754 char c = '('; 1755 while (narg > 0) 1756 print_number(ip, narg, c); 1757 putchar(')'); 1758 } 1759 putchar('\n'); 1760 } 1761 1762 void 1763 linux_ktrsysret(struct ktr_sysret *ktr) 1764 { 1765 register_t ret = ktr->ktr_retval; 1766 int error = ktr->ktr_error; 1767 int code = ktr->ktr_code; 1768 1769 if (code >= nlinux_syscalls || code < 0) 1770 printf("[%d] ", code); 1771 else 1772 printf("%s ", linux_syscallnames[code]); 1773 1774 if (error == 0) { 1775 if (fancy) { 1776 printf("%ld", (long)ret); 1777 if (ret < 0 || ret > 9) 1778 printf("/%#lx", (unsigned long)ret); 1779 } else { 1780 if (decimal) 1781 printf("%ld", (long)ret); 1782 else 1783 printf("%#lx", (unsigned long)ret); 1784 } 1785 } else if (error == ERESTART) 1786 printf("RESTART"); 1787 else if (error == EJUSTRETURN) 1788 printf("JUSTRETURN"); 1789 else { 1790 if (ktr->ktr_error <= ELAST + 1) 1791 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 1792 else 1793 error = 999; 1794 printf("-1 errno %d", error); 1795 if (fancy) 1796 printf(" %s", strerror(ktr->ktr_error)); 1797 } 1798 putchar('\n'); 1799 } 1800 #endif 1801 1802 void 1803 usage(void) 1804 { 1805 fprintf(stderr, "usage: kdump [-dEnlHRrsTA] [-f trfile] " 1806 "[-m maxdata] [-p pid] [-t trstr]\n"); 1807 exit(1); 1808 } 1809