1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #define _WANT_KERNEL_ERRNO 33 #ifdef __LP64__ 34 #define _WANT_KEVENT32 35 #endif 36 #define _WANT_FREEBSD11_KEVENT 37 #define _WANT_FREEBSD_BITSET 38 #include <sys/param.h> 39 #include <sys/capsicum.h> 40 #include <sys/_bitset.h> 41 #include <sys/bitset.h> 42 #include <sys/errno.h> 43 #include <sys/time.h> 44 #include <sys/uio.h> 45 #include <sys/event.h> 46 #include <sys/ktrace.h> 47 #include <sys/mman.h> 48 #include <sys/ioctl.h> 49 #include <sys/poll.h> 50 #include <sys/socket.h> 51 #include <sys/stat.h> 52 #include <sys/sysent.h> 53 #include <sys/umtx.h> 54 #include <sys/un.h> 55 #include <sys/queue.h> 56 #include <sys/wait.h> 57 #ifdef WITH_CASPER 58 #include <sys/nv.h> 59 #endif 60 #include <arpa/inet.h> 61 #include <netinet/in.h> 62 #include <netlink/netlink.h> 63 #include <ctype.h> 64 #include <capsicum_helpers.h> 65 #include <err.h> 66 #include <grp.h> 67 #include <inttypes.h> 68 #include <locale.h> 69 #include <netdb.h> 70 #include <nl_types.h> 71 #include <pwd.h> 72 #include <stddef.h> 73 #include <stdio.h> 74 #include <stdlib.h> 75 #include <string.h> 76 #include <sysdecode.h> 77 #include <time.h> 78 #include <unistd.h> 79 #include <vis.h> 80 #include "ktrace.h" 81 #include "kdump.h" 82 83 #ifdef WITH_CASPER 84 #include <libcasper.h> 85 86 #include <casper/cap_grp.h> 87 #include <casper/cap_pwd.h> 88 #endif 89 90 int fetchprocinfo(struct ktr_header *, u_int *); 91 u_int findabi(struct ktr_header *); 92 int fread_tail(void *, int, int); 93 void dumpheader(struct ktr_header *, u_int); 94 void dumptimeval(struct ktr_header_v0 *kth); 95 void dumptimespec(struct ktr_header *kth); 96 void ktrsyscall(struct ktr_syscall *, u_int); 97 void ktrsysret(struct ktr_sysret *, u_int); 98 void ktrnamei(char *, int); 99 void hexdump(char *, int, int); 100 void visdump(char *, int, int); 101 void ktrgenio(struct ktr_genio *, int); 102 void ktrpsig(struct ktr_psig *); 103 void ktrcsw(struct ktr_csw *); 104 void ktrcsw_old(struct ktr_csw_old *); 105 void ktruser(int, void *); 106 void ktrcaprights(cap_rights_t *); 107 void ktritimerval(struct itimerval *it); 108 void ktrsockaddr(struct sockaddr *); 109 void ktrsplice(struct splice *); 110 void ktrstat(struct stat *); 111 void ktrstruct(char *, size_t); 112 void ktrcapfail(struct ktr_cap_fail *); 113 void ktrfault(struct ktr_fault *); 114 void ktrfaultend(struct ktr_faultend *); 115 void ktrkevent(struct kevent *); 116 void ktrpollfd(struct pollfd *); 117 void ktrstructarray(struct ktr_struct_array *, size_t); 118 void ktrbitset(char *, struct bitset *, size_t); 119 void ktrsyscall_freebsd(struct ktr_syscall *ktr, register_t **resip, 120 int *resnarg, char *resc, u_int sv_flags); 121 void ktrexecve(char *, int); 122 void usage(void); 123 124 #define TIMESTAMP_NONE 0x0 125 #define TIMESTAMP_ABSOLUTE 0x1 126 #define TIMESTAMP_ELAPSED 0x2 127 #define TIMESTAMP_RELATIVE 0x4 128 129 bool decimal, fancy = true, resolv; 130 static bool abiflag, suppressdata, syscallno, tail, threads, cpuflag; 131 static int timestamp, maxdata; 132 static const char *tracefile = DEF_TRACEFILE; 133 static struct ktr_header ktr_header; 134 static short version; 135 136 #define TIME_FORMAT "%b %e %T %Y" 137 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 138 139 struct proc_info 140 { 141 TAILQ_ENTRY(proc_info) info; 142 u_int sv_flags; 143 pid_t pid; 144 }; 145 146 static TAILQ_HEAD(trace_procs, proc_info) trace_procs; 147 148 #ifdef WITH_CASPER 149 static cap_channel_t *cappwd, *capgrp; 150 151 static int 152 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp) 153 { 154 cap_channel_t *capcas, *cappwdloc, *capgrploc; 155 const char *cmds[1], *fields[1]; 156 157 capcas = cap_init(); 158 if (capcas == NULL) { 159 err(1, "unable to create casper process"); 160 exit(1); 161 } 162 cappwdloc = cap_service_open(capcas, "system.pwd"); 163 capgrploc = cap_service_open(capcas, "system.grp"); 164 /* Casper capability no longer needed. */ 165 cap_close(capcas); 166 if (cappwdloc == NULL || capgrploc == NULL) { 167 if (cappwdloc == NULL) 168 warn("unable to open system.pwd service"); 169 if (capgrploc == NULL) 170 warn("unable to open system.grp service"); 171 exit(1); 172 } 173 /* Limit system.pwd to only getpwuid() function and pw_name field. */ 174 cmds[0] = "getpwuid"; 175 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0) 176 err(1, "unable to limit system.pwd service"); 177 fields[0] = "pw_name"; 178 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0) 179 err(1, "unable to limit system.pwd service"); 180 /* Limit system.grp to only getgrgid() function and gr_name field. */ 181 cmds[0] = "getgrgid"; 182 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0) 183 err(1, "unable to limit system.grp service"); 184 fields[0] = "gr_name"; 185 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0) 186 err(1, "unable to limit system.grp service"); 187 188 *cappwdp = cappwdloc; 189 *capgrpp = capgrploc; 190 return (0); 191 } 192 #endif /* WITH_CASPER */ 193 194 void 195 print_integer_arg(const char *(*decoder)(int), int value) 196 { 197 const char *str; 198 199 str = decoder(value); 200 if (str != NULL) 201 printf("%s", str); 202 else { 203 if (decimal) 204 printf("<invalid=%d>", value); 205 else 206 printf("<invalid=%#x>", value); 207 } 208 } 209 210 /* Like print_integer_arg but unknown values are treated as valid. */ 211 void 212 print_integer_arg_valid(const char *(*decoder)(int), int value) 213 { 214 const char *str; 215 216 str = decoder(value); 217 if (str != NULL) 218 printf("%s", str); 219 else { 220 if (decimal) 221 printf("%d", value); 222 else 223 printf("%#x", value); 224 } 225 } 226 227 bool 228 print_mask_arg_part(bool (*decoder)(FILE *, int, int *), int value, int *rem) 229 { 230 231 printf("%#x<", value); 232 return (decoder(stdout, value, rem)); 233 } 234 235 void 236 print_mask_arg(bool (*decoder)(FILE *, int, int *), int value) 237 { 238 bool invalid; 239 int rem; 240 241 invalid = !print_mask_arg_part(decoder, value, &rem); 242 printf(">"); 243 if (invalid) 244 printf("<invalid>%u", rem); 245 } 246 247 void 248 print_mask_arg0(bool (*decoder)(FILE *, int, int *), int value) 249 { 250 bool invalid; 251 int rem; 252 253 if (value == 0) { 254 printf("0"); 255 return; 256 } 257 printf("%#x<", value); 258 invalid = !decoder(stdout, value, &rem); 259 printf(">"); 260 if (invalid) 261 printf("<invalid>%u", rem); 262 } 263 264 static void 265 decode_fileflags(fflags_t value) 266 { 267 bool invalid; 268 fflags_t rem; 269 270 if (value == 0) { 271 printf("0"); 272 return; 273 } 274 printf("%#x<", value); 275 invalid = !sysdecode_fileflags(stdout, value, &rem); 276 printf(">"); 277 if (invalid) 278 printf("<invalid>%u", rem); 279 } 280 281 void 282 decode_filemode(int value) 283 { 284 bool invalid; 285 int rem; 286 287 if (value == 0) { 288 printf("0"); 289 return; 290 } 291 printf("%#o<", value); 292 invalid = !sysdecode_filemode(stdout, value, &rem); 293 printf(">"); 294 if (invalid) 295 printf("<invalid>%u", rem); 296 } 297 298 void 299 print_mask_arg32(bool (*decoder)(FILE *, uint32_t, uint32_t *), uint32_t value) 300 { 301 bool invalid; 302 uint32_t rem; 303 304 printf("%#x<", value); 305 invalid = !decoder(stdout, value, &rem); 306 printf(">"); 307 if (invalid) 308 printf("<invalid>%u", rem); 309 } 310 311 void 312 print_mask_argul(bool (*decoder)(FILE *, u_long, u_long *), u_long value) 313 { 314 bool invalid; 315 u_long rem; 316 317 if (value == 0) { 318 printf("0"); 319 return; 320 } 321 printf("%#lx<", value); 322 invalid = !decoder(stdout, value, &rem); 323 printf(">"); 324 if (invalid) 325 printf("<invalid>%lu", rem); 326 } 327 328 int 329 main(int argc, char *argv[]) 330 { 331 int ch, ktrlen, size; 332 void *m; 333 int trpoints = ALL_POINTS; 334 int drop_logged; 335 pid_t pid = 0; 336 u_int sv_flags; 337 338 setlocale(LC_CTYPE, ""); 339 340 timestamp = TIMESTAMP_NONE; 341 342 while ((ch = getopt(argc,argv,"f:cdElm:np:AHRrSsTt:")) != -1) 343 switch (ch) { 344 case 'A': 345 abiflag = true; 346 break; 347 case 'f': 348 tracefile = optarg; 349 break; 350 case 'c': 351 cpuflag = true; 352 break; 353 case 'd': 354 decimal = true; 355 break; 356 case 'l': 357 tail = true; 358 break; 359 case 'm': 360 maxdata = atoi(optarg); 361 break; 362 case 'n': 363 fancy = false; 364 break; 365 case 'p': 366 pid = atoi(optarg); 367 break; 368 case 'r': 369 resolv = true; 370 break; 371 case 'S': 372 syscallno = true; 373 break; 374 case 's': 375 suppressdata = true; 376 break; 377 case 'E': 378 timestamp |= TIMESTAMP_ELAPSED; 379 break; 380 case 'H': 381 threads = true; 382 break; 383 case 'R': 384 timestamp |= TIMESTAMP_RELATIVE; 385 break; 386 case 'T': 387 timestamp |= TIMESTAMP_ABSOLUTE; 388 break; 389 case 't': 390 trpoints = getpoints(optarg); 391 if (trpoints < 0) 392 errx(1, "unknown trace point in %s", optarg); 393 break; 394 default: 395 usage(); 396 } 397 398 if (argc > optind) 399 usage(); 400 401 m = malloc(size = 1025); 402 if (m == NULL) 403 errx(1, "%s", strerror(ENOMEM)); 404 if (strcmp(tracefile, "-") != 0) 405 if (!freopen(tracefile, "r", stdin)) 406 err(1, "%s", tracefile); 407 408 caph_cache_catpages(); 409 caph_cache_tzdata(); 410 411 #ifdef WITH_CASPER 412 if (resolv) { 413 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) { 414 cappwd = NULL; 415 capgrp = NULL; 416 } 417 } 418 if (!resolv || (cappwd != NULL && capgrp != NULL)) { 419 if (caph_enter() < 0) 420 err(1, "unable to enter capability mode"); 421 } 422 #else 423 if (!resolv) { 424 if (caph_enter() < 0) 425 err(1, "unable to enter capability mode"); 426 } 427 #endif 428 if (caph_limit_stdio() == -1) 429 err(1, "unable to limit stdio"); 430 431 TAILQ_INIT(&trace_procs); 432 drop_logged = 0; 433 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 434 if (ktr_header.ktr_type & KTR_VERSIONED) { 435 ktr_header.ktr_type &= ~KTR_VERSIONED; 436 version = ktr_header.ktr_version; 437 } else 438 version = KTR_VERSION0; 439 if (ktr_header.ktr_type & KTR_DROP) { 440 ktr_header.ktr_type &= ~KTR_DROP; 441 if (!drop_logged && threads) { 442 printf( 443 "%6d %6d %-8.*s Events dropped.\n", 444 ktr_header.ktr_pid, 445 ktr_header.ktr_tid > 0 ? 446 (lwpid_t)ktr_header.ktr_tid : 0, 447 MAXCOMLEN, ktr_header.ktr_comm); 448 drop_logged = 1; 449 } else if (!drop_logged) { 450 printf("%6d %-8.*s Events dropped.\n", 451 ktr_header.ktr_pid, MAXCOMLEN, 452 ktr_header.ktr_comm); 453 drop_logged = 1; 454 } 455 } 456 if ((ktrlen = ktr_header.ktr_len) < 0) 457 errx(1, "bogus length 0x%x", ktrlen); 458 if (ktrlen > size) { 459 m = realloc(m, ktrlen+1); 460 if (m == NULL) 461 errx(1, "%s", strerror(ENOMEM)); 462 size = ktrlen; 463 } 464 if (version == KTR_VERSION0 && 465 fseek(stdin, KTR_OFFSET_V0, SEEK_CUR) < 0) 466 errx(1, "%s", strerror(errno)); 467 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 468 errx(1, "data too short"); 469 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 470 continue; 471 if (pid && ktr_header.ktr_pid != pid && 472 ktr_header.ktr_tid != pid) 473 continue; 474 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 475 continue; 476 sv_flags = findabi(&ktr_header); 477 dumpheader(&ktr_header, sv_flags); 478 drop_logged = 0; 479 switch (ktr_header.ktr_type) { 480 case KTR_SYSCALL: 481 ktrsyscall((struct ktr_syscall *)m, sv_flags); 482 break; 483 case KTR_SYSRET: 484 ktrsysret((struct ktr_sysret *)m, sv_flags); 485 break; 486 case KTR_NAMEI: 487 case KTR_SYSCTL: 488 ktrnamei(m, ktrlen); 489 break; 490 case KTR_GENIO: 491 ktrgenio((struct ktr_genio *)m, ktrlen); 492 break; 493 case KTR_PSIG: 494 ktrpsig((struct ktr_psig *)m); 495 break; 496 case KTR_CSW: 497 if (ktrlen == sizeof(struct ktr_csw_old)) 498 ktrcsw_old((struct ktr_csw_old *)m); 499 else 500 ktrcsw((struct ktr_csw *)m); 501 break; 502 case KTR_USER: 503 ktruser(ktrlen, m); 504 break; 505 case KTR_STRUCT: 506 ktrstruct(m, ktrlen); 507 break; 508 case KTR_CAPFAIL: 509 ktrcapfail((struct ktr_cap_fail *)m); 510 break; 511 case KTR_FAULT: 512 ktrfault((struct ktr_fault *)m); 513 break; 514 case KTR_FAULTEND: 515 ktrfaultend((struct ktr_faultend *)m); 516 break; 517 case KTR_STRUCT_ARRAY: 518 ktrstructarray((struct ktr_struct_array *)m, ktrlen); 519 break; 520 case KTR_ARGS: 521 case KTR_ENVS: 522 ktrexecve(m, ktrlen); 523 break; 524 default: 525 printf("\n"); 526 break; 527 } 528 if (tail) 529 fflush(stdout); 530 } 531 return 0; 532 } 533 534 int 535 fread_tail(void *buf, int size, int num) 536 { 537 int i; 538 539 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 540 sleep(1); 541 clearerr(stdin); 542 } 543 return (i); 544 } 545 546 int 547 fetchprocinfo(struct ktr_header *kth, u_int *flags) 548 { 549 struct proc_info *pi; 550 551 switch (kth->ktr_type) { 552 case KTR_PROCCTOR: 553 TAILQ_FOREACH(pi, &trace_procs, info) { 554 if (pi->pid == kth->ktr_pid) { 555 TAILQ_REMOVE(&trace_procs, pi, info); 556 break; 557 } 558 } 559 pi = malloc(sizeof(struct proc_info)); 560 if (pi == NULL) 561 errx(1, "%s", strerror(ENOMEM)); 562 pi->sv_flags = *flags; 563 pi->pid = kth->ktr_pid; 564 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 565 return (1); 566 567 case KTR_PROCDTOR: 568 TAILQ_FOREACH(pi, &trace_procs, info) { 569 if (pi->pid == kth->ktr_pid) { 570 TAILQ_REMOVE(&trace_procs, pi, info); 571 free(pi); 572 break; 573 } 574 } 575 return (1); 576 } 577 578 return (0); 579 } 580 581 u_int 582 findabi(struct ktr_header *kth) 583 { 584 struct proc_info *pi; 585 586 TAILQ_FOREACH(pi, &trace_procs, info) { 587 if (pi->pid == kth->ktr_pid) { 588 return (pi->sv_flags); 589 } 590 } 591 return (0); 592 } 593 594 void 595 dumptimeval(struct ktr_header_v0 *kth) 596 { 597 static struct timeval prevtime, prevtime_e; 598 struct timeval temp; 599 const char *sign; 600 601 if (timestamp & TIMESTAMP_ABSOLUTE) { 602 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 603 kth->ktr_time.tv_usec); 604 } 605 if (timestamp & TIMESTAMP_ELAPSED) { 606 if (prevtime_e.tv_sec == 0) 607 prevtime_e = kth->ktr_time; 608 timersub(&kth->ktr_time, &prevtime_e, &temp); 609 printf("%jd.%06ld ", (intmax_t)temp.tv_sec, 610 temp.tv_usec); 611 } 612 if (timestamp & TIMESTAMP_RELATIVE) { 613 if (prevtime.tv_sec == 0) 614 prevtime = kth->ktr_time; 615 if (timercmp(&kth->ktr_time, &prevtime, <)) { 616 timersub(&prevtime, &kth->ktr_time, &temp); 617 sign = "-"; 618 } else { 619 timersub(&kth->ktr_time, &prevtime, &temp); 620 sign = ""; 621 } 622 prevtime = kth->ktr_time; 623 printf("%s%jd.%06ld ", sign, (intmax_t)temp.tv_sec, 624 temp.tv_usec); 625 } 626 } 627 628 void 629 dumptimespec(struct ktr_header *kth) 630 { 631 static struct timespec prevtime, prevtime_e; 632 struct timespec temp; 633 const char *sign; 634 635 if (timestamp & TIMESTAMP_ABSOLUTE) { 636 printf("%jd.%09ld ", (intmax_t)kth->ktr_time.tv_sec, 637 kth->ktr_time.tv_nsec); 638 } 639 if (timestamp & TIMESTAMP_ELAPSED) { 640 if (prevtime_e.tv_sec == 0) 641 prevtime_e = kth->ktr_time; 642 timespecsub(&kth->ktr_time, &prevtime_e, &temp); 643 printf("%jd.%09ld ", (intmax_t)temp.tv_sec, 644 temp.tv_nsec); 645 } 646 if (timestamp & TIMESTAMP_RELATIVE) { 647 if (prevtime.tv_sec == 0) 648 prevtime = kth->ktr_time; 649 if (timespeccmp(&kth->ktr_time, &prevtime, <)) { 650 timespecsub(&prevtime, &kth->ktr_time, &temp); 651 sign = "-"; 652 } else { 653 timespecsub(&kth->ktr_time, &prevtime, &temp); 654 sign = ""; 655 } 656 prevtime = kth->ktr_time; 657 printf("%s%jd.%09ld ", sign, (intmax_t)temp.tv_sec, 658 temp.tv_nsec); 659 } 660 } 661 662 void 663 dumpheader(struct ktr_header *kth, u_int sv_flags) 664 { 665 static char unknown[64]; 666 const char *abi; 667 const char *arch; 668 const char *type; 669 670 switch (kth->ktr_type) { 671 case KTR_SYSCALL: 672 type = "CALL"; 673 break; 674 case KTR_SYSRET: 675 type = "RET "; 676 break; 677 case KTR_NAMEI: 678 type = "NAMI"; 679 break; 680 case KTR_GENIO: 681 type = "GIO "; 682 break; 683 case KTR_PSIG: 684 type = "PSIG"; 685 break; 686 case KTR_CSW: 687 type = "CSW "; 688 break; 689 case KTR_USER: 690 type = "USER"; 691 break; 692 case KTR_STRUCT: 693 case KTR_STRUCT_ARRAY: 694 type = "STRU"; 695 break; 696 case KTR_SYSCTL: 697 type = "SCTL"; 698 break; 699 case KTR_CAPFAIL: 700 type = "CAP "; 701 break; 702 case KTR_FAULT: 703 type = "PFLT"; 704 break; 705 case KTR_FAULTEND: 706 type = "PRET"; 707 break; 708 case KTR_ARGS: 709 type = "ARGS"; 710 break; 711 case KTR_ENVS: 712 type = "ENVS"; 713 break; 714 default: 715 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 716 type = unknown; 717 } 718 719 /* 720 * The ktr_tid field was previously the ktr_buffer field, which held 721 * the kernel pointer value for the buffer associated with data 722 * following the record header. It now holds a threadid, but only 723 * for trace files after the change. Older trace files still contain 724 * kernel pointers. Detect this and suppress the results by printing 725 * negative tid's as 0. 726 */ 727 if (threads) 728 printf("%6d %6d %-8.*s ", kth->ktr_pid, 729 kth->ktr_tid > 0 ? (lwpid_t)kth->ktr_tid : 0, 730 MAXCOMLEN, kth->ktr_comm); 731 else 732 printf("%6d %-8.*s ", kth->ktr_pid, MAXCOMLEN, kth->ktr_comm); 733 if (timestamp) { 734 if (version == KTR_VERSION0) 735 dumptimeval((struct ktr_header_v0 *)kth); 736 else 737 dumptimespec(kth); 738 } 739 if (cpuflag && version > KTR_VERSION0) 740 printf("%3d ", kth->ktr_cpu); 741 printf("%s ", type); 742 if (abiflag != 0) { 743 switch (sv_flags & SV_ABI_MASK) { 744 case SV_ABI_LINUX: 745 abi = "L"; 746 break; 747 case SV_ABI_FREEBSD: 748 abi = "F"; 749 break; 750 default: 751 abi = "U"; 752 break; 753 } 754 755 if ((sv_flags & SV_LP64) != 0) 756 arch = "64"; 757 else if ((sv_flags & SV_ILP32) != 0) 758 arch = "32"; 759 else 760 arch = "00"; 761 762 printf("%s%s ", abi, arch); 763 } 764 } 765 766 #include <sys/syscall.h> 767 768 static void 769 ioctlname(unsigned long val) 770 { 771 const char *str; 772 773 str = sysdecode_ioctlname(val); 774 if (str != NULL) 775 printf("%s", str); 776 else if (decimal) 777 printf("%lu", val); 778 else 779 printf("%#lx", val); 780 } 781 782 static enum sysdecode_abi 783 syscallabi(u_int sv_flags) 784 { 785 786 if (sv_flags == 0) 787 return (SYSDECODE_ABI_FREEBSD); 788 switch (sv_flags & SV_ABI_MASK) { 789 case SV_ABI_FREEBSD: 790 return (SYSDECODE_ABI_FREEBSD); 791 case SV_ABI_LINUX: 792 #ifdef __LP64__ 793 if (sv_flags & SV_ILP32) 794 return (SYSDECODE_ABI_LINUX32); 795 #endif 796 return (SYSDECODE_ABI_LINUX); 797 default: 798 return (SYSDECODE_ABI_UNKNOWN); 799 } 800 } 801 802 static void 803 syscallname(u_int code, u_int sv_flags) 804 { 805 const char *name; 806 807 name = sysdecode_syscallname(syscallabi(sv_flags), code); 808 if (name == NULL) 809 printf("[%d]", code); 810 else { 811 printf("%s", name); 812 if (syscallno) 813 printf("[%d]", code); 814 } 815 } 816 817 static void 818 print_signal(int signo) 819 { 820 const char *signame; 821 822 signame = sysdecode_signal(signo); 823 if (signame != NULL) 824 printf("%s", signame); 825 else 826 printf("SIG %d", signo); 827 } 828 829 void 830 ktrsyscall(struct ktr_syscall *ktr, u_int sv_flags) 831 { 832 int narg = ktr->ktr_narg; 833 register_t *ip; 834 835 syscallname(ktr->ktr_code, sv_flags); 836 ip = &ktr->ktr_args[0]; 837 if (narg) { 838 char c = '('; 839 if (fancy) { 840 switch (sv_flags & SV_ABI_MASK) { 841 case SV_ABI_FREEBSD: 842 ktrsyscall_freebsd(ktr, &ip, &narg, &c, 843 sv_flags); 844 break; 845 #ifdef SYSDECODE_HAVE_LINUX 846 case SV_ABI_LINUX: 847 #ifdef __amd64__ 848 if (sv_flags & SV_ILP32) 849 ktrsyscall_linux32(ktr, &ip, 850 &narg, &c); 851 else 852 #endif 853 ktrsyscall_linux(ktr, &ip, &narg, &c); 854 break; 855 #endif /* SYSDECODE_HAVE_LINUX */ 856 } 857 } 858 while (narg > 0) 859 print_number(ip, narg, c); 860 putchar(')'); 861 } 862 putchar('\n'); 863 } 864 865 void 866 ktrsyscall_freebsd(struct ktr_syscall *ktr, register_t **resip, 867 int *resnarg, char *resc, u_int sv_flags) 868 { 869 int narg = ktr->ktr_narg; 870 register_t *ip, *first; 871 intmax_t arg; 872 int quad_align, quad_slots; 873 874 ip = first = &ktr->ktr_args[0]; 875 char c = *resc; 876 877 quad_align = 0; 878 if (sv_flags & SV_ILP32) { 879 #ifdef __powerpc__ 880 quad_align = 1; 881 #endif 882 quad_slots = 2; 883 } else 884 quad_slots = 1; 885 switch (ktr->ktr_code) { 886 case SYS_bindat: 887 case SYS_chflagsat: 888 case SYS_connectat: 889 case SYS_faccessat: 890 case SYS_fchmodat: 891 case SYS_fchownat: 892 case SYS_fstatat: 893 case SYS_futimesat: 894 case SYS_linkat: 895 case SYS_mkdirat: 896 case SYS_mkfifoat: 897 case SYS_mknodat: 898 case SYS_openat: 899 case SYS_readlinkat: 900 case SYS_renameat: 901 case SYS_unlinkat: 902 case SYS_utimensat: 903 putchar('('); 904 print_integer_arg_valid(sysdecode_atfd, *ip); 905 c = ','; 906 ip++; 907 narg--; 908 break; 909 } 910 switch (ktr->ktr_code) { 911 case SYS_ioctl: { 912 print_number(ip, narg, c); 913 putchar(c); 914 ioctlname(*ip); 915 c = ','; 916 ip++; 917 narg--; 918 break; 919 } 920 case SYS_ptrace: 921 putchar('('); 922 print_integer_arg(sysdecode_ptrace_request, *ip); 923 c = ','; 924 ip++; 925 narg--; 926 break; 927 case SYS_access: 928 case SYS_eaccess: 929 case SYS_faccessat: 930 print_number(ip, narg, c); 931 putchar(','); 932 print_mask_arg(sysdecode_access_mode, *ip); 933 ip++; 934 narg--; 935 break; 936 case SYS_close_range: 937 print_number(ip, narg, c); 938 print_number(ip, narg, c); 939 putchar(','); 940 print_mask_arg0(sysdecode_close_range_flags, 941 *ip); 942 ip += 3; 943 narg -= 3; 944 break; 945 case SYS_open: 946 case SYS_openat: 947 print_number(ip, narg, c); 948 putchar(','); 949 print_mask_arg(sysdecode_open_flags, ip[0]); 950 if ((ip[0] & O_CREAT) == O_CREAT) { 951 putchar(','); 952 decode_filemode(ip[1]); 953 } 954 ip += 2; 955 narg -= 2; 956 break; 957 case SYS_wait4: 958 print_number(ip, narg, c); 959 print_number(ip, narg, c); 960 putchar(','); 961 print_mask_arg0(sysdecode_wait4_options, *ip); 962 ip++; 963 narg--; 964 break; 965 case SYS_wait6: 966 putchar('('); 967 print_integer_arg(sysdecode_idtype, *ip); 968 c = ','; 969 ip++; 970 narg--; 971 print_number64(first, ip, narg, c); 972 print_number(ip, narg, c); 973 putchar(','); 974 print_mask_arg(sysdecode_wait6_options, *ip); 975 ip++; 976 narg--; 977 break; 978 case SYS_chmod: 979 case SYS_fchmod: 980 case SYS_lchmod: 981 case SYS_fchmodat: 982 print_number(ip, narg, c); 983 putchar(','); 984 decode_filemode(*ip); 985 ip++; 986 narg--; 987 break; 988 case SYS_mknodat: 989 print_number(ip, narg, c); 990 putchar(','); 991 decode_filemode(*ip); 992 ip++; 993 narg--; 994 break; 995 case SYS_getfsstat: 996 print_number(ip, narg, c); 997 print_number(ip, narg, c); 998 putchar(','); 999 print_integer_arg(sysdecode_getfsstat_mode, *ip); 1000 ip++; 1001 narg--; 1002 break; 1003 case SYS_mount: 1004 print_number(ip, narg, c); 1005 print_number(ip, narg, c); 1006 putchar(','); 1007 print_mask_arg0(sysdecode_mount_flags, *ip); 1008 ip++; 1009 narg--; 1010 break; 1011 case SYS_unmount: 1012 print_number(ip, narg, c); 1013 putchar(','); 1014 print_mask_arg0(sysdecode_mount_flags, *ip); 1015 ip++; 1016 narg--; 1017 break; 1018 case SYS_recvmsg: 1019 case SYS_sendmsg: 1020 print_number(ip, narg, c); 1021 print_number(ip, narg, c); 1022 putchar(','); 1023 print_mask_arg0(sysdecode_msg_flags, *ip); 1024 ip++; 1025 narg--; 1026 break; 1027 case SYS_recvfrom: 1028 case SYS_sendto: 1029 print_number(ip, narg, c); 1030 print_number(ip, narg, c); 1031 print_number(ip, narg, c); 1032 putchar(','); 1033 print_mask_arg0(sysdecode_msg_flags, *ip); 1034 ip++; 1035 narg--; 1036 break; 1037 case SYS_chflags: 1038 case SYS_chflagsat: 1039 case SYS_fchflags: 1040 case SYS_lchflags: 1041 print_number(ip, narg, c); 1042 putchar(','); 1043 decode_fileflags(*ip); 1044 ip++; 1045 narg--; 1046 break; 1047 case SYS_kill: 1048 print_number(ip, narg, c); 1049 putchar(','); 1050 print_signal(*ip); 1051 ip++; 1052 narg--; 1053 break; 1054 case SYS_reboot: 1055 putchar('('); 1056 print_mask_arg(sysdecode_reboot_howto, *ip); 1057 ip++; 1058 narg--; 1059 break; 1060 case SYS_umask: 1061 putchar('('); 1062 decode_filemode(*ip); 1063 ip++; 1064 narg--; 1065 break; 1066 case SYS_msync: 1067 print_number(ip, narg, c); 1068 print_number(ip, narg, c); 1069 putchar(','); 1070 print_mask_arg(sysdecode_msync_flags, *ip); 1071 ip++; 1072 narg--; 1073 break; 1074 #ifdef SYS_freebsd6_mmap 1075 case SYS_freebsd6_mmap: 1076 print_number(ip, narg, c); 1077 print_number(ip, narg, c); 1078 putchar(','); 1079 print_mask_arg(sysdecode_mmap_prot, *ip); 1080 putchar(','); 1081 ip++; 1082 narg--; 1083 print_mask_arg(sysdecode_mmap_flags, *ip); 1084 ip++; 1085 narg--; 1086 break; 1087 #endif 1088 case SYS_mmap: 1089 print_number(ip, narg, c); 1090 print_number(ip, narg, c); 1091 putchar(','); 1092 print_mask_arg(sysdecode_mmap_prot, *ip); 1093 putchar(','); 1094 ip++; 1095 narg--; 1096 print_mask_arg(sysdecode_mmap_flags, *ip); 1097 ip++; 1098 narg--; 1099 break; 1100 case SYS_mprotect: 1101 print_number(ip, narg, c); 1102 print_number(ip, narg, c); 1103 putchar(','); 1104 print_mask_arg(sysdecode_mmap_prot, *ip); 1105 ip++; 1106 narg--; 1107 break; 1108 case SYS_madvise: 1109 print_number(ip, narg, c); 1110 print_number(ip, narg, c); 1111 putchar(','); 1112 print_integer_arg(sysdecode_madvice, *ip); 1113 ip++; 1114 narg--; 1115 break; 1116 case SYS_pathconf: 1117 case SYS_lpathconf: 1118 case SYS_fpathconf: 1119 print_number(ip, narg, c); 1120 putchar(','); 1121 print_integer_arg(sysdecode_pathconf_name, *ip); 1122 ip++; 1123 narg--; 1124 break; 1125 case SYS_getpriority: 1126 case SYS_setpriority: 1127 putchar('('); 1128 print_integer_arg(sysdecode_prio_which, *ip); 1129 c = ','; 1130 ip++; 1131 narg--; 1132 break; 1133 case SYS_fcntl: 1134 print_number(ip, narg, c); 1135 putchar(','); 1136 print_integer_arg(sysdecode_fcntl_cmd, ip[0]); 1137 if (sysdecode_fcntl_arg_p(ip[0])) { 1138 putchar(','); 1139 if (ip[0] == F_SETFL) 1140 print_mask_arg( 1141 sysdecode_fcntl_fileflags, 1142 ip[1]); 1143 else 1144 sysdecode_fcntl_arg(stdout, 1145 ip[0], ip[1], 1146 decimal ? 10 : 16); 1147 } 1148 ip += 2; 1149 narg -= 2; 1150 break; 1151 case SYS_socket: { 1152 int sockdomain; 1153 putchar('('); 1154 sockdomain = *ip; 1155 print_integer_arg(sysdecode_socketdomain, 1156 sockdomain); 1157 ip++; 1158 narg--; 1159 putchar(','); 1160 print_mask_arg(sysdecode_socket_type, *ip); 1161 ip++; 1162 narg--; 1163 if (sockdomain == PF_INET || 1164 sockdomain == PF_INET6) { 1165 putchar(','); 1166 print_integer_arg(sysdecode_ipproto, 1167 *ip); 1168 ip++; 1169 narg--; 1170 } 1171 c = ','; 1172 break; 1173 } 1174 case SYS_setsockopt: 1175 case SYS_getsockopt: { 1176 const char *str; 1177 1178 print_number(ip, narg, c); 1179 putchar(','); 1180 print_integer_arg_valid(sysdecode_sockopt_level, 1181 *ip); 1182 str = sysdecode_sockopt_name(ip[0], ip[1]); 1183 if (str != NULL) { 1184 printf(",%s", str); 1185 ip++; 1186 narg--; 1187 } 1188 ip++; 1189 narg--; 1190 break; 1191 } 1192 #ifdef SYS_freebsd6_lseek 1193 case SYS_freebsd6_lseek: 1194 print_number(ip, narg, c); 1195 /* Hidden 'pad' argument, not in lseek(2) */ 1196 print_number(ip, narg, c); 1197 print_number64(first, ip, narg, c); 1198 putchar(','); 1199 print_integer_arg(sysdecode_whence, *ip); 1200 ip++; 1201 narg--; 1202 break; 1203 #endif 1204 case SYS_lseek: 1205 print_number(ip, narg, c); 1206 print_number64(first, ip, narg, c); 1207 putchar(','); 1208 print_integer_arg(sysdecode_whence, *ip); 1209 ip++; 1210 narg--; 1211 break; 1212 case SYS_flock: 1213 print_number(ip, narg, c); 1214 putchar(','); 1215 print_mask_arg(sysdecode_flock_operation, *ip); 1216 ip++; 1217 narg--; 1218 break; 1219 case SYS_mkfifo: 1220 case SYS_mkfifoat: 1221 case SYS_mkdir: 1222 case SYS_mkdirat: 1223 print_number(ip, narg, c); 1224 putchar(','); 1225 decode_filemode(*ip); 1226 ip++; 1227 narg--; 1228 break; 1229 case SYS_shutdown: 1230 print_number(ip, narg, c); 1231 putchar(','); 1232 print_integer_arg(sysdecode_shutdown_how, *ip); 1233 ip++; 1234 narg--; 1235 break; 1236 case SYS_socketpair: 1237 putchar('('); 1238 print_integer_arg(sysdecode_socketdomain, *ip); 1239 ip++; 1240 narg--; 1241 putchar(','); 1242 print_mask_arg(sysdecode_socket_type, *ip); 1243 ip++; 1244 narg--; 1245 c = ','; 1246 break; 1247 case SYS_getrlimit: 1248 case SYS_setrlimit: 1249 putchar('('); 1250 print_integer_arg(sysdecode_rlimit, *ip); 1251 ip++; 1252 narg--; 1253 c = ','; 1254 break; 1255 case SYS_getrusage: 1256 putchar('('); 1257 print_integer_arg(sysdecode_getrusage_who, *ip); 1258 ip++; 1259 narg--; 1260 c = ','; 1261 break; 1262 case SYS_quotactl: 1263 print_number(ip, narg, c); 1264 putchar(','); 1265 if (!sysdecode_quotactl_cmd(stdout, *ip)) { 1266 if (decimal) 1267 printf("<invalid=%d>", (int)*ip); 1268 else 1269 printf("<invalid=%#x>", 1270 (int)*ip); 1271 } 1272 ip++; 1273 narg--; 1274 c = ','; 1275 break; 1276 case SYS_nfssvc: 1277 putchar('('); 1278 print_integer_arg(sysdecode_nfssvc_flags, *ip); 1279 ip++; 1280 narg--; 1281 c = ','; 1282 break; 1283 case SYS_rtprio: 1284 case SYS_rtprio_thread: 1285 putchar('('); 1286 print_integer_arg(sysdecode_rtprio_function, 1287 *ip); 1288 ip++; 1289 narg--; 1290 c = ','; 1291 break; 1292 case SYS___semctl: 1293 print_number(ip, narg, c); 1294 print_number(ip, narg, c); 1295 putchar(','); 1296 print_integer_arg(sysdecode_semctl_cmd, *ip); 1297 ip++; 1298 narg--; 1299 break; 1300 case SYS_semget: 1301 print_number(ip, narg, c); 1302 print_number(ip, narg, c); 1303 putchar(','); 1304 print_mask_arg(sysdecode_semget_flags, *ip); 1305 ip++; 1306 narg--; 1307 break; 1308 case SYS_msgctl: 1309 print_number(ip, narg, c); 1310 putchar(','); 1311 print_integer_arg(sysdecode_msgctl_cmd, *ip); 1312 ip++; 1313 narg--; 1314 break; 1315 case SYS_shmat: 1316 print_number(ip, narg, c); 1317 print_number(ip, narg, c); 1318 putchar(','); 1319 print_mask_arg(sysdecode_shmat_flags, *ip); 1320 ip++; 1321 narg--; 1322 break; 1323 case SYS_shmctl: 1324 print_number(ip, narg, c); 1325 putchar(','); 1326 print_integer_arg(sysdecode_shmctl_cmd, *ip); 1327 ip++; 1328 narg--; 1329 break; 1330 #ifdef SYS_freebsd12_shm_open 1331 case SYS_freebsd12_shm_open: 1332 if (ip[0] == (uintptr_t)SHM_ANON) { 1333 printf("(SHM_ANON"); 1334 ip++; 1335 } else { 1336 print_number(ip, narg, c); 1337 } 1338 putchar(','); 1339 print_mask_arg(sysdecode_open_flags, ip[0]); 1340 putchar(','); 1341 decode_filemode(ip[1]); 1342 ip += 2; 1343 narg -= 2; 1344 break; 1345 #endif 1346 case SYS_shm_open2: 1347 if (ip[0] == (uintptr_t)SHM_ANON) { 1348 printf("(SHM_ANON"); 1349 ip++; 1350 } else { 1351 print_number(ip, narg, c); 1352 } 1353 putchar(','); 1354 print_mask_arg(sysdecode_open_flags, ip[0]); 1355 putchar(','); 1356 decode_filemode(ip[1]); 1357 putchar(','); 1358 print_mask_arg(sysdecode_shmflags, ip[2]); 1359 ip += 3; 1360 narg -= 3; 1361 break; 1362 case SYS_minherit: 1363 print_number(ip, narg, c); 1364 print_number(ip, narg, c); 1365 putchar(','); 1366 print_integer_arg(sysdecode_minherit_inherit, 1367 *ip); 1368 ip++; 1369 narg--; 1370 break; 1371 case SYS_rfork: 1372 putchar('('); 1373 print_mask_arg(sysdecode_rfork_flags, *ip); 1374 ip++; 1375 narg--; 1376 c = ','; 1377 break; 1378 case SYS_lio_listio: 1379 putchar('('); 1380 print_integer_arg(sysdecode_lio_listio_mode, 1381 *ip); 1382 ip++; 1383 narg--; 1384 c = ','; 1385 break; 1386 case SYS_mlockall: 1387 putchar('('); 1388 print_mask_arg(sysdecode_mlockall_flags, *ip); 1389 ip++; 1390 narg--; 1391 break; 1392 case SYS_sched_setscheduler: 1393 print_number(ip, narg, c); 1394 putchar(','); 1395 print_integer_arg(sysdecode_scheduler_policy, 1396 *ip); 1397 ip++; 1398 narg--; 1399 break; 1400 case SYS_sched_get_priority_max: 1401 case SYS_sched_get_priority_min: 1402 putchar('('); 1403 print_integer_arg(sysdecode_scheduler_policy, 1404 *ip); 1405 ip++; 1406 narg--; 1407 break; 1408 case SYS_sendfile: 1409 print_number(ip, narg, c); 1410 print_number(ip, narg, c); 1411 print_number(ip, narg, c); 1412 print_number(ip, narg, c); 1413 print_number(ip, narg, c); 1414 print_number(ip, narg, c); 1415 putchar(','); 1416 print_mask_arg(sysdecode_sendfile_flags, *ip); 1417 ip++; 1418 narg--; 1419 break; 1420 case SYS_kldsym: 1421 print_number(ip, narg, c); 1422 putchar(','); 1423 print_integer_arg(sysdecode_kldsym_cmd, *ip); 1424 ip++; 1425 narg--; 1426 break; 1427 case SYS_sigprocmask: 1428 putchar('('); 1429 print_integer_arg(sysdecode_sigprocmask_how, 1430 *ip); 1431 ip++; 1432 narg--; 1433 c = ','; 1434 break; 1435 case SYS___acl_get_file: 1436 case SYS___acl_set_file: 1437 case SYS___acl_get_fd: 1438 case SYS___acl_set_fd: 1439 case SYS___acl_delete_file: 1440 case SYS___acl_delete_fd: 1441 case SYS___acl_aclcheck_file: 1442 case SYS___acl_aclcheck_fd: 1443 case SYS___acl_get_link: 1444 case SYS___acl_set_link: 1445 case SYS___acl_delete_link: 1446 case SYS___acl_aclcheck_link: 1447 print_number(ip, narg, c); 1448 putchar(','); 1449 print_integer_arg(sysdecode_acltype, *ip); 1450 ip++; 1451 narg--; 1452 break; 1453 case SYS_sigaction: 1454 putchar('('); 1455 print_signal(*ip); 1456 ip++; 1457 narg--; 1458 c = ','; 1459 break; 1460 case SYS_extattrctl: 1461 print_number(ip, narg, c); 1462 putchar(','); 1463 print_integer_arg(sysdecode_extattrnamespace, 1464 *ip); 1465 ip++; 1466 narg--; 1467 break; 1468 case SYS_nmount: 1469 print_number(ip, narg, c); 1470 print_number(ip, narg, c); 1471 putchar(','); 1472 print_mask_arg0(sysdecode_mount_flags, *ip); 1473 ip++; 1474 narg--; 1475 break; 1476 case SYS_thr_create: 1477 print_number(ip, narg, c); 1478 print_number(ip, narg, c); 1479 putchar(','); 1480 print_mask_arg(sysdecode_thr_create_flags, *ip); 1481 ip++; 1482 narg--; 1483 break; 1484 case SYS_thr_kill: 1485 print_number(ip, narg, c); 1486 putchar(','); 1487 print_signal(*ip); 1488 ip++; 1489 narg--; 1490 break; 1491 case SYS_kldunloadf: 1492 print_number(ip, narg, c); 1493 putchar(','); 1494 print_integer_arg(sysdecode_kldunload_flags, 1495 *ip); 1496 ip++; 1497 narg--; 1498 break; 1499 case SYS_linkat: 1500 case SYS_renameat: 1501 case SYS_symlinkat: 1502 print_number(ip, narg, c); 1503 putchar(','); 1504 print_integer_arg_valid(sysdecode_atfd, *ip); 1505 ip++; 1506 narg--; 1507 print_number(ip, narg, c); 1508 break; 1509 case SYS_cap_fcntls_limit: 1510 print_number(ip, narg, c); 1511 putchar(','); 1512 arg = *ip; 1513 ip++; 1514 narg--; 1515 print_mask_arg32(sysdecode_cap_fcntlrights, arg); 1516 break; 1517 case SYS_posix_fadvise: 1518 print_number(ip, narg, c); 1519 print_number(ip, narg, c); 1520 print_number(ip, narg, c); 1521 (void)putchar(','); 1522 print_integer_arg(sysdecode_fadvice, *ip); 1523 ip++; 1524 narg--; 1525 break; 1526 case SYS_procctl: 1527 putchar('('); 1528 print_integer_arg(sysdecode_idtype, *ip); 1529 c = ','; 1530 ip++; 1531 narg--; 1532 print_number64(first, ip, narg, c); 1533 putchar(','); 1534 print_integer_arg(sysdecode_procctl_cmd, *ip); 1535 ip++; 1536 narg--; 1537 break; 1538 case SYS__umtx_op: { 1539 int op; 1540 1541 print_number(ip, narg, c); 1542 putchar(','); 1543 if (print_mask_arg_part(sysdecode_umtx_op_flags, 1544 *ip, &op)) 1545 putchar('|'); 1546 print_integer_arg(sysdecode_umtx_op, op); 1547 putchar('>'); 1548 switch (*ip) { 1549 case UMTX_OP_CV_WAIT: 1550 ip++; 1551 narg--; 1552 putchar(','); 1553 print_mask_argul( 1554 sysdecode_umtx_cvwait_flags, *ip); 1555 break; 1556 case UMTX_OP_RW_RDLOCK: 1557 ip++; 1558 narg--; 1559 putchar(','); 1560 print_mask_argul( 1561 sysdecode_umtx_rwlock_flags, *ip); 1562 break; 1563 } 1564 ip++; 1565 narg--; 1566 break; 1567 } 1568 case SYS_ftruncate: 1569 case SYS_truncate: 1570 print_number(ip, narg, c); 1571 print_number64(first, ip, narg, c); 1572 break; 1573 case SYS_fchownat: 1574 print_number(ip, narg, c); 1575 print_number(ip, narg, c); 1576 print_number(ip, narg, c); 1577 break; 1578 case SYS_fstatat: 1579 case SYS_utimensat: 1580 print_number(ip, narg, c); 1581 print_number(ip, narg, c); 1582 break; 1583 case SYS_unlinkat: 1584 print_number(ip, narg, c); 1585 break; 1586 case SYS_sysarch: 1587 putchar('('); 1588 print_integer_arg(sysdecode_sysarch_number, *ip); 1589 ip++; 1590 narg--; 1591 c = ','; 1592 break; 1593 case SYS_getitimer: 1594 case SYS_setitimer: 1595 putchar('('); 1596 print_integer_arg(sysdecode_itimer, *ip); 1597 ip++; 1598 narg--; 1599 c = ','; 1600 break; 1601 } 1602 switch (ktr->ktr_code) { 1603 case SYS_chflagsat: 1604 case SYS_fchownat: 1605 case SYS_faccessat: 1606 case SYS_fchmodat: 1607 case SYS_fstatat: 1608 case SYS_linkat: 1609 case SYS_unlinkat: 1610 case SYS_utimensat: 1611 putchar(','); 1612 print_mask_arg0(sysdecode_atflags, *ip); 1613 ip++; 1614 narg--; 1615 break; 1616 } 1617 *resc = c; 1618 *resip = ip; 1619 *resnarg = narg; 1620 } 1621 1622 void 1623 ktrsysret(struct ktr_sysret *ktr, u_int sv_flags) 1624 { 1625 register_t ret = ktr->ktr_retval; 1626 int error = ktr->ktr_error; 1627 1628 syscallname(ktr->ktr_code, sv_flags); 1629 printf(" "); 1630 1631 if (error == 0) { 1632 if (fancy) { 1633 printf("%ld", (long)ret); 1634 if (ret < 0 || ret > 9) 1635 printf("/%#lx", (unsigned long)ret); 1636 } else { 1637 if (decimal) 1638 printf("%ld", (long)ret); 1639 else 1640 printf("%#lx", (unsigned long)ret); 1641 } 1642 } else if (error == ERESTART) 1643 printf("RESTART"); 1644 else if (error == EJUSTRETURN) 1645 printf("JUSTRETURN"); 1646 else { 1647 printf("-1 errno %d", sysdecode_freebsd_to_abi_errno( 1648 syscallabi(sv_flags), error)); 1649 if (fancy) 1650 printf(" %s", strerror(ktr->ktr_error)); 1651 } 1652 putchar('\n'); 1653 } 1654 1655 void 1656 ktrnamei(char *cp, int len) 1657 { 1658 printf("\"%.*s\"\n", len, cp); 1659 } 1660 1661 void 1662 ktrexecve(char *m, int len) 1663 { 1664 int i = 0; 1665 1666 while (i < len) { 1667 printf("\"%s\"", m + i); 1668 i += strlen(m + i) + 1; 1669 if (i != len) { 1670 printf(", "); 1671 } 1672 } 1673 printf("\n"); 1674 } 1675 1676 void 1677 hexdump(char *p, int len, int screenwidth) 1678 { 1679 int n, i; 1680 int width; 1681 1682 width = 0; 1683 do { 1684 width += 2; 1685 i = 13; /* base offset */ 1686 i += (width / 2) + 1; /* spaces every second byte */ 1687 i += (width * 2); /* width of bytes */ 1688 i += 3; /* " |" */ 1689 i += width; /* each byte */ 1690 i += 1; /* "|" */ 1691 } while (i < screenwidth); 1692 width -= 2; 1693 1694 for (n = 0; n < len; n += width) { 1695 for (i = n; i < n + width; i++) { 1696 if ((i % width) == 0) { /* beginning of line */ 1697 printf(" 0x%04x", i); 1698 } 1699 if ((i % 2) == 0) { 1700 printf(" "); 1701 } 1702 if (i < len) 1703 printf("%02x", p[i] & 0xff); 1704 else 1705 printf(" "); 1706 } 1707 printf(" |"); 1708 for (i = n; i < n + width; i++) { 1709 if (i >= len) 1710 break; 1711 if (p[i] >= ' ' && p[i] <= '~') 1712 printf("%c", p[i]); 1713 else 1714 printf("."); 1715 } 1716 printf("|\n"); 1717 } 1718 if ((i % width) != 0) 1719 printf("\n"); 1720 } 1721 1722 void 1723 visdump(char *dp, int datalen, int screenwidth) 1724 { 1725 int col = 0; 1726 char *cp; 1727 int width; 1728 char visbuf[5]; 1729 1730 printf(" \""); 1731 col = 8; 1732 for (;datalen > 0; datalen--, dp++) { 1733 vis(visbuf, *dp, VIS_CSTYLE | VIS_NOLOCALE, *(dp+1)); 1734 cp = visbuf; 1735 /* 1736 * Keep track of printables and 1737 * space chars (like fold(1)). 1738 */ 1739 if (col == 0) { 1740 putchar('\t'); 1741 col = 8; 1742 } 1743 switch(*cp) { 1744 case '\n': 1745 col = 0; 1746 putchar('\n'); 1747 continue; 1748 case '\t': 1749 width = 8 - (col&07); 1750 break; 1751 default: 1752 width = strlen(cp); 1753 } 1754 if (col + width > (screenwidth-2)) { 1755 printf("\\\n\t"); 1756 col = 8; 1757 } 1758 col += width; 1759 do { 1760 putchar(*cp++); 1761 } while (*cp); 1762 } 1763 if (col == 0) 1764 printf(" "); 1765 printf("\"\n"); 1766 } 1767 1768 void 1769 ktrgenio(struct ktr_genio *ktr, int len) 1770 { 1771 int datalen = len - sizeof (struct ktr_genio); 1772 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1773 static int screenwidth = 0; 1774 int i, binary; 1775 1776 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1777 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1778 datalen == 1 ? "" : "s"); 1779 if (suppressdata) 1780 return; 1781 if (screenwidth == 0) { 1782 struct winsize ws; 1783 1784 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1785 ws.ws_col > 8) 1786 screenwidth = ws.ws_col; 1787 else 1788 screenwidth = 80; 1789 } 1790 if (maxdata && datalen > maxdata) 1791 datalen = maxdata; 1792 1793 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1794 if (dp[i] >= 32 && dp[i] < 127) 1795 continue; 1796 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1797 continue; 1798 binary = 1; 1799 } 1800 if (binary) 1801 hexdump(dp, datalen, screenwidth); 1802 else 1803 visdump(dp, datalen, screenwidth); 1804 } 1805 1806 void 1807 ktrpsig(struct ktr_psig *psig) 1808 { 1809 const char *str; 1810 1811 print_signal(psig->signo); 1812 if (psig->action == SIG_DFL) { 1813 printf(" SIG_DFL"); 1814 } else { 1815 printf(" caught handler=0x%lx mask=0x%x", 1816 (u_long)psig->action, psig->mask.__bits[0]); 1817 } 1818 printf(" code="); 1819 str = sysdecode_sigcode(psig->signo, psig->code); 1820 if (str != NULL) 1821 printf("%s", str); 1822 else 1823 printf("<invalid=%#x>", psig->code); 1824 putchar('\n'); 1825 } 1826 1827 void 1828 ktrcsw_old(struct ktr_csw_old *cs) 1829 { 1830 printf("%s %s\n", cs->out ? "stop" : "resume", 1831 cs->user ? "user" : "kernel"); 1832 } 1833 1834 void 1835 ktrcsw(struct ktr_csw *cs) 1836 { 1837 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1838 cs->user ? "user" : "kernel", cs->wmesg); 1839 } 1840 1841 void 1842 ktruser(int len, void *p) 1843 { 1844 unsigned char *cp; 1845 1846 if (sysdecode_utrace(stdout, p, len)) { 1847 printf("\n"); 1848 return; 1849 } 1850 1851 printf("%d ", len); 1852 cp = p; 1853 while (len--) 1854 if (decimal) 1855 printf(" %d", *cp++); 1856 else 1857 printf(" %02x", *cp++); 1858 printf("\n"); 1859 } 1860 1861 void 1862 ktrcaprights(cap_rights_t *rightsp) 1863 { 1864 1865 printf("cap_rights_t "); 1866 sysdecode_cap_rights(stdout, rightsp); 1867 printf("\n"); 1868 } 1869 1870 static void 1871 ktrtimeval(struct timeval *tv) 1872 { 1873 1874 printf("{%ld, %ld}", (long)tv->tv_sec, tv->tv_usec); 1875 } 1876 1877 void 1878 ktritimerval(struct itimerval *it) 1879 { 1880 1881 printf("itimerval { .interval = "); 1882 ktrtimeval(&it->it_interval); 1883 printf(", .value = "); 1884 ktrtimeval(&it->it_value); 1885 printf(" }\n"); 1886 } 1887 1888 void 1889 ktrsockaddr(struct sockaddr *sa) 1890 { 1891 /* 1892 TODO: Support additional address families 1893 #include <netsmb/netbios.h> 1894 struct sockaddr_nb *nb; 1895 */ 1896 const char *str; 1897 char addr[64]; 1898 1899 /* 1900 * note: ktrstruct() has already verified that sa points to a 1901 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1902 * sa->sa_len bytes long. 1903 */ 1904 printf("struct sockaddr { "); 1905 str = sysdecode_sockaddr_family(sa->sa_family); 1906 if (str != NULL) 1907 printf("%s", str); 1908 else 1909 printf("<invalid=%d>", sa->sa_family); 1910 printf(", "); 1911 1912 #define check_sockaddr_len(n) \ 1913 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1914 printf("invalid"); \ 1915 break; \ 1916 } 1917 1918 switch(sa->sa_family) { 1919 case AF_INET: { 1920 struct sockaddr_in sa_in; 1921 1922 memset(&sa_in, 0, sizeof(sa_in)); 1923 memcpy(&sa_in, sa, sa->sa_len); 1924 check_sockaddr_len(in); 1925 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1926 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1927 break; 1928 } 1929 case AF_INET6: { 1930 struct sockaddr_in6 sa_in6; 1931 1932 memset(&sa_in6, 0, sizeof(sa_in6)); 1933 memcpy(&sa_in6, sa, sa->sa_len); 1934 check_sockaddr_len(in6); 1935 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1936 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1937 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1938 break; 1939 } 1940 case AF_UNIX: { 1941 struct sockaddr_un sa_un; 1942 1943 memset(&sa_un, 0, sizeof(sa_un)); 1944 memcpy(&sa_un, sa, sa->sa_len); 1945 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1946 break; 1947 } 1948 case AF_NETLINK: { 1949 struct sockaddr_nl sa_nl; 1950 1951 memset(&sa_nl, 0, sizeof(sa_nl)); 1952 memcpy(&sa_nl, sa, sa->sa_len); 1953 printf("netlink[pid=%u, groups=0x%x]", 1954 sa_nl.nl_pid, sa_nl.nl_groups); 1955 break; 1956 } 1957 default: 1958 printf("unknown address family"); 1959 } 1960 printf(" }\n"); 1961 } 1962 1963 void 1964 ktrsplice(struct splice *sp) 1965 { 1966 printf("struct splice { fd=%d, max=%#jx, idle=%jd.%06jd }\n", 1967 sp->sp_fd, (uintmax_t)sp->sp_max, (intmax_t)sp->sp_idle.tv_sec, 1968 (intmax_t)sp->sp_idle.tv_usec); 1969 } 1970 1971 void 1972 ktrstat(struct stat *statp) 1973 { 1974 char mode[12], timestr[PATH_MAX + 4]; 1975 struct passwd *pwd; 1976 struct group *grp; 1977 struct tm *tm; 1978 1979 /* 1980 * note: ktrstruct() has already verified that statp points to a 1981 * buffer exactly sizeof(struct stat) bytes long. 1982 */ 1983 printf("struct stat {"); 1984 printf("dev=%ju, ino=%ju, ", 1985 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); 1986 if (!resolv) 1987 printf("mode=0%jo, ", (uintmax_t)statp->st_mode); 1988 else { 1989 strmode(statp->st_mode, mode); 1990 printf("mode=%s, ", mode); 1991 } 1992 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); 1993 if (!resolv) { 1994 pwd = NULL; 1995 } else { 1996 #ifdef WITH_CASPER 1997 if (cappwd != NULL) 1998 pwd = cap_getpwuid(cappwd, statp->st_uid); 1999 else 2000 #endif 2001 pwd = getpwuid(statp->st_uid); 2002 } 2003 if (pwd == NULL) 2004 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 2005 else 2006 printf("uid=\"%s\", ", pwd->pw_name); 2007 if (!resolv) { 2008 grp = NULL; 2009 } else { 2010 #ifdef WITH_CASPER 2011 if (capgrp != NULL) 2012 grp = cap_getgrgid(capgrp, statp->st_gid); 2013 else 2014 #endif 2015 grp = getgrgid(statp->st_gid); 2016 } 2017 if (grp == NULL) 2018 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 2019 else 2020 printf("gid=\"%s\", ", grp->gr_name); 2021 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 2022 printf("atime="); 2023 if (!resolv) 2024 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 2025 else { 2026 tm = localtime(&statp->st_atim.tv_sec); 2027 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 2028 printf("\"%s\"", timestr); 2029 } 2030 if (statp->st_atim.tv_nsec != 0) 2031 printf(".%09ld, ", statp->st_atim.tv_nsec); 2032 else 2033 printf(", "); 2034 printf("mtime="); 2035 if (!resolv) 2036 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 2037 else { 2038 tm = localtime(&statp->st_mtim.tv_sec); 2039 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 2040 printf("\"%s\"", timestr); 2041 } 2042 if (statp->st_mtim.tv_nsec != 0) 2043 printf(".%09ld, ", statp->st_mtim.tv_nsec); 2044 else 2045 printf(", "); 2046 printf("ctime="); 2047 if (!resolv) 2048 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 2049 else { 2050 tm = localtime(&statp->st_ctim.tv_sec); 2051 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 2052 printf("\"%s\"", timestr); 2053 } 2054 if (statp->st_ctim.tv_nsec != 0) 2055 printf(".%09ld, ", statp->st_ctim.tv_nsec); 2056 else 2057 printf(", "); 2058 printf("birthtime="); 2059 if (!resolv) 2060 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 2061 else { 2062 tm = localtime(&statp->st_birthtim.tv_sec); 2063 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 2064 printf("\"%s\"", timestr); 2065 } 2066 if (statp->st_birthtim.tv_nsec != 0) 2067 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 2068 else 2069 printf(", "); 2070 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 2071 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 2072 (intmax_t)statp->st_blocks, statp->st_flags); 2073 printf(" }\n"); 2074 } 2075 2076 void 2077 ktrbitset(char *name, struct bitset *set, size_t setlen) 2078 { 2079 int i, maxi, c = 0; 2080 2081 if (setlen > INT32_MAX) 2082 setlen = INT32_MAX; 2083 maxi = setlen * CHAR_BIT; 2084 printf("%s [ ", name); 2085 for (i = 0; i < maxi; i++) { 2086 if (!BIT_ISSET(setlen, i, set)) 2087 continue; 2088 if (c == 0) 2089 printf("%d", i); 2090 else 2091 printf(", %d", i); 2092 c++; 2093 } 2094 if (c == 0) 2095 printf(" empty ]\n"); 2096 else 2097 printf(" ]\n"); 2098 } 2099 2100 void 2101 ktrstruct(char *buf, size_t buflen) 2102 { 2103 char *name, *data; 2104 size_t namelen, datalen; 2105 int i; 2106 cap_rights_t rights; 2107 struct itimerval it; 2108 struct stat sb; 2109 struct sockaddr_storage ss; 2110 struct bitset *set; 2111 2112 for (name = buf, namelen = 0; 2113 namelen < buflen && name[namelen] != '\0'; 2114 ++namelen) 2115 /* nothing */; 2116 if (namelen == buflen) 2117 goto invalid; 2118 if (name[namelen] != '\0') 2119 goto invalid; 2120 data = buf + namelen + 1; 2121 datalen = buflen - namelen - 1; 2122 if (datalen == 0) 2123 goto invalid; 2124 /* sanity check */ 2125 for (i = 0; i < (int)namelen; ++i) 2126 if (!isalpha(name[i]) && name[i] != '_') 2127 goto invalid; 2128 if (strcmp(name, "caprights") == 0) { 2129 if (datalen != sizeof(cap_rights_t)) 2130 goto invalid; 2131 memcpy(&rights, data, datalen); 2132 ktrcaprights(&rights); 2133 } else if (strcmp(name, "itimerval") == 0) { 2134 if (datalen != sizeof(struct itimerval)) 2135 goto invalid; 2136 memcpy(&it, data, datalen); 2137 ktritimerval(&it); 2138 } else if (strcmp(name, "stat") == 0) { 2139 if (datalen != sizeof(struct stat)) 2140 goto invalid; 2141 memcpy(&sb, data, datalen); 2142 ktrstat(&sb); 2143 } else if (strcmp(name, "sockaddr") == 0) { 2144 if (datalen > sizeof(ss)) 2145 goto invalid; 2146 memcpy(&ss, data, datalen); 2147 if (datalen != ss.ss_len) 2148 goto invalid; 2149 ktrsockaddr((struct sockaddr *)&ss); 2150 } else if (strcmp(name, "cpuset_t") == 0) { 2151 if (datalen < 1) 2152 goto invalid; 2153 set = malloc(datalen); 2154 if (set == NULL) 2155 errx(1, "%s", strerror(ENOMEM)); 2156 memcpy(set, data, datalen); 2157 ktrbitset(name, set, datalen); 2158 free(set); 2159 } else if (strcmp(name, "splice") == 0) { 2160 struct splice sp; 2161 2162 if (datalen != sizeof(sp)) 2163 goto invalid; 2164 memcpy(&sp, data, datalen); 2165 ktrsplice(&sp); 2166 } else { 2167 #ifdef SYSDECODE_HAVE_LINUX 2168 if (ktrstruct_linux(name, data, datalen) == false) 2169 #endif 2170 printf("unknown structure\n"); 2171 } 2172 return; 2173 invalid: 2174 printf("invalid record\n"); 2175 } 2176 2177 void 2178 ktrcapfail(struct ktr_cap_fail *ktr) 2179 { 2180 union ktr_cap_data *kcd = &ktr->cap_data; 2181 2182 switch (ktr->cap_type) { 2183 case CAPFAIL_NOTCAPABLE: 2184 /* operation on fd with insufficient capabilities */ 2185 printf("operation requires "); 2186 sysdecode_cap_rights(stdout, &kcd->cap_needed); 2187 printf(", descriptor holds "); 2188 sysdecode_cap_rights(stdout, &kcd->cap_held); 2189 break; 2190 case CAPFAIL_INCREASE: 2191 /* requested more capabilities than fd already has */ 2192 printf("attempt to increase capabilities from "); 2193 sysdecode_cap_rights(stdout, &kcd->cap_held); 2194 printf(" to "); 2195 sysdecode_cap_rights(stdout, &kcd->cap_needed); 2196 break; 2197 case CAPFAIL_SYSCALL: 2198 /* called restricted syscall */ 2199 printf("system call not allowed: "); 2200 syscallname(ktr->cap_code, ktr->cap_svflags); 2201 if (syscallabi(ktr->cap_svflags) == SYSDECODE_ABI_FREEBSD) { 2202 switch (ktr->cap_code) { 2203 case SYS_sysarch: 2204 printf(", op: "); 2205 print_integer_arg(sysdecode_sysarch_number, 2206 kcd->cap_int); 2207 break; 2208 case SYS_fcntl: 2209 printf(", cmd: "); 2210 print_integer_arg(sysdecode_fcntl_cmd, 2211 kcd->cap_int); 2212 break; 2213 } 2214 } 2215 break; 2216 case CAPFAIL_SIGNAL: 2217 /* sent signal to proc other than self */ 2218 syscallname(ktr->cap_code, ktr->cap_svflags); 2219 printf(": signal delivery not allowed: "); 2220 print_integer_arg(sysdecode_signal, kcd->cap_int); 2221 break; 2222 case CAPFAIL_PROTO: 2223 /* created socket with restricted protocol */ 2224 syscallname(ktr->cap_code, ktr->cap_svflags); 2225 printf(": protocol not allowed: "); 2226 print_integer_arg(sysdecode_ipproto, kcd->cap_int); 2227 break; 2228 case CAPFAIL_SOCKADDR: 2229 /* unable to look up address */ 2230 syscallname(ktr->cap_code, ktr->cap_svflags); 2231 printf(": restricted address lookup: "); 2232 ktrsockaddr(&kcd->cap_sockaddr); 2233 return; 2234 case CAPFAIL_NAMEI: 2235 /* absolute or AT_FDCWD path, ".." path, etc. */ 2236 syscallname(ktr->cap_code, ktr->cap_svflags); 2237 printf(": restricted VFS lookup: %s\n", kcd->cap_path); 2238 return; 2239 case CAPFAIL_CPUSET: 2240 /* modification of an external cpuset */ 2241 syscallname(ktr->cap_code, ktr->cap_svflags); 2242 printf(": restricted cpuset operation\n"); 2243 return; 2244 default: 2245 syscallname(ktr->cap_code, ktr->cap_svflags); 2246 printf(": unknown capability failure\n"); 2247 return; 2248 } 2249 printf("\n"); 2250 } 2251 2252 void 2253 ktrfault(struct ktr_fault *ktr) 2254 { 2255 2256 printf("0x%jx ", (uintmax_t)ktr->vaddr); 2257 print_mask_arg(sysdecode_vmprot, ktr->type); 2258 printf("\n"); 2259 } 2260 2261 void 2262 ktrfaultend(struct ktr_faultend *ktr) 2263 { 2264 const char *str; 2265 2266 str = sysdecode_vmresult(ktr->result); 2267 if (str != NULL) 2268 printf("%s", str); 2269 else 2270 printf("<invalid=%d>", ktr->result); 2271 printf("\n"); 2272 } 2273 2274 void 2275 ktrkevent(struct kevent *kev) 2276 { 2277 2278 printf("{ ident="); 2279 switch (kev->filter) { 2280 case EVFILT_READ: 2281 case EVFILT_WRITE: 2282 case EVFILT_VNODE: 2283 case EVFILT_PROC: 2284 case EVFILT_TIMER: 2285 case EVFILT_PROCDESC: 2286 case EVFILT_EMPTY: 2287 printf("%ju", (uintmax_t)kev->ident); 2288 break; 2289 case EVFILT_SIGNAL: 2290 print_signal(kev->ident); 2291 break; 2292 default: 2293 printf("%p", (void *)kev->ident); 2294 } 2295 printf(", filter="); 2296 print_integer_arg(sysdecode_kevent_filter, kev->filter); 2297 printf(", flags="); 2298 print_mask_arg0(sysdecode_kevent_flags, kev->flags); 2299 printf(", fflags="); 2300 sysdecode_kevent_fflags(stdout, kev->filter, kev->fflags, 2301 decimal ? 10 : 16); 2302 printf(", data=%#jx, udata=%p }", (uintmax_t)kev->data, kev->udata); 2303 } 2304 2305 void 2306 ktrpollfd(struct pollfd *pfd) 2307 { 2308 2309 printf("{ fd=%d", pfd->fd); 2310 printf(", events="); 2311 print_mask_arg0(sysdecode_pollfd_events, pfd->events); 2312 printf(", revents="); 2313 print_mask_arg0(sysdecode_pollfd_events, pfd->revents); 2314 printf("}"); 2315 } 2316 2317 void 2318 ktrstructarray(struct ktr_struct_array *ksa, size_t buflen) 2319 { 2320 struct kevent kev; 2321 struct pollfd pfd; 2322 char *name, *data; 2323 size_t namelen, datalen; 2324 int i; 2325 bool first; 2326 2327 buflen -= sizeof(*ksa); 2328 for (name = (char *)(ksa + 1), namelen = 0; 2329 namelen < buflen && name[namelen] != '\0'; 2330 ++namelen) 2331 /* nothing */; 2332 if (namelen == buflen) 2333 goto invalid; 2334 if (name[namelen] != '\0') 2335 goto invalid; 2336 /* sanity check */ 2337 for (i = 0; i < (int)namelen; ++i) 2338 if (!isalnum(name[i]) && name[i] != '_') 2339 goto invalid; 2340 data = name + namelen + 1; 2341 datalen = buflen - namelen - 1; 2342 printf("struct %s[] = { ", name); 2343 first = true; 2344 for (; datalen >= ksa->struct_size; 2345 data += ksa->struct_size, datalen -= ksa->struct_size) { 2346 if (!first) 2347 printf("\n "); 2348 else 2349 first = false; 2350 if (strcmp(name, "kevent") == 0) { 2351 if (ksa->struct_size != sizeof(kev)) 2352 goto bad_size; 2353 memcpy(&kev, data, sizeof(kev)); 2354 ktrkevent(&kev); 2355 } else if (strcmp(name, "freebsd11_kevent") == 0) { 2356 struct freebsd11_kevent kev11; 2357 2358 if (ksa->struct_size != sizeof(kev11)) 2359 goto bad_size; 2360 memcpy(&kev11, data, sizeof(kev11)); 2361 memset(&kev, 0, sizeof(kev)); 2362 kev.ident = kev11.ident; 2363 kev.filter = kev11.filter; 2364 kev.flags = kev11.flags; 2365 kev.fflags = kev11.fflags; 2366 kev.data = kev11.data; 2367 kev.udata = kev11.udata; 2368 ktrkevent(&kev); 2369 #ifdef _WANT_KEVENT32 2370 } else if (strcmp(name, "kevent32") == 0) { 2371 struct kevent32 kev32; 2372 2373 if (ksa->struct_size != sizeof(kev32)) 2374 goto bad_size; 2375 memcpy(&kev32, data, sizeof(kev32)); 2376 memset(&kev, 0, sizeof(kev)); 2377 kev.ident = kev32.ident; 2378 kev.filter = kev32.filter; 2379 kev.flags = kev32.flags; 2380 kev.fflags = kev32.fflags; 2381 #if BYTE_ORDER == BIG_ENDIAN 2382 kev.data = kev32.data2 | ((int64_t)kev32.data1 << 32); 2383 #else 2384 kev.data = kev32.data1 | ((int64_t)kev32.data2 << 32); 2385 #endif 2386 kev.udata = (void *)(uintptr_t)kev32.udata; 2387 ktrkevent(&kev); 2388 } else if (strcmp(name, "freebsd11_kevent32") == 0) { 2389 struct freebsd11_kevent32 kev32; 2390 2391 if (ksa->struct_size != sizeof(kev32)) 2392 goto bad_size; 2393 memcpy(&kev32, data, sizeof(kev32)); 2394 memset(&kev, 0, sizeof(kev)); 2395 kev.ident = kev32.ident; 2396 kev.filter = kev32.filter; 2397 kev.flags = kev32.flags; 2398 kev.fflags = kev32.fflags; 2399 kev.data = kev32.data; 2400 kev.udata = (void *)(uintptr_t)kev32.udata; 2401 ktrkevent(&kev); 2402 #endif 2403 } else if (strcmp(name, "pollfd") == 0) { 2404 if (ksa->struct_size != sizeof(pfd)) 2405 goto bad_size; 2406 memcpy(&pfd, data, sizeof(pfd)); 2407 ktrpollfd(&pfd); 2408 } else { 2409 printf("<unknown structure> }\n"); 2410 return; 2411 } 2412 } 2413 printf(" }\n"); 2414 return; 2415 invalid: 2416 printf("invalid record\n"); 2417 return; 2418 bad_size: 2419 printf("<bad size> }\n"); 2420 return; 2421 } 2422 2423 void 2424 usage(void) 2425 { 2426 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] " 2427 "[-m maxdata] [-p pid] [-t trstr]\n"); 2428 exit(1); 2429 } 2430