1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/capsicum.h> 50 #include <sys/errno.h> 51 #define _KERNEL 52 #include <sys/time.h> 53 #undef _KERNEL 54 #include <sys/uio.h> 55 #include <sys/ktrace.h> 56 #include <sys/ioctl.h> 57 #include <sys/socket.h> 58 #include <sys/stat.h> 59 #include <sys/sysent.h> 60 #include <sys/umtx.h> 61 #include <sys/un.h> 62 #include <sys/queue.h> 63 #include <sys/wait.h> 64 #ifdef HAVE_LIBCASPER 65 #include <sys/nv.h> 66 #endif 67 #include <arpa/inet.h> 68 #include <netinet/in.h> 69 #include <ctype.h> 70 #include <err.h> 71 #include <grp.h> 72 #include <inttypes.h> 73 #include <locale.h> 74 #include <netdb.h> 75 #include <nl_types.h> 76 #include <pwd.h> 77 #include <stdio.h> 78 #include <stdlib.h> 79 #include <string.h> 80 #include <sysdecode.h> 81 #include <termios.h> 82 #include <time.h> 83 #include <unistd.h> 84 #include <vis.h> 85 #include "ktrace.h" 86 #include "kdump_subr.h" 87 88 #ifdef HAVE_LIBCASPER 89 #include <libcasper.h> 90 91 #include <casper/cap_grp.h> 92 #include <casper/cap_pwd.h> 93 #endif 94 95 u_int abidump(struct ktr_header *); 96 int fetchprocinfo(struct ktr_header *, u_int *); 97 int fread_tail(void *, int, int); 98 void dumpheader(struct ktr_header *); 99 void ktrsyscall(struct ktr_syscall *, u_int); 100 void ktrsysret(struct ktr_sysret *, u_int); 101 void ktrnamei(char *, int); 102 void hexdump(char *, int, int); 103 void visdump(char *, int, int); 104 void ktrgenio(struct ktr_genio *, int); 105 void ktrpsig(struct ktr_psig *); 106 void ktrcsw(struct ktr_csw *); 107 void ktrcsw_old(struct ktr_csw_old *); 108 void ktruser_malloc(void *); 109 void ktruser_rtld(int, void *); 110 void ktruser(int, void *); 111 void ktrcaprights(cap_rights_t *); 112 void ktrsockaddr(struct sockaddr *); 113 void ktrstat(struct stat *); 114 void ktrstruct(char *, size_t); 115 void ktrcapfail(struct ktr_cap_fail *); 116 void ktrfault(struct ktr_fault *); 117 void ktrfaultend(struct ktr_faultend *); 118 void limitfd(int fd); 119 void usage(void); 120 121 #define TIMESTAMP_NONE 0x0 122 #define TIMESTAMP_ABSOLUTE 0x1 123 #define TIMESTAMP_ELAPSED 0x2 124 #define TIMESTAMP_RELATIVE 0x4 125 126 extern const char *signames[]; 127 128 static int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 129 resolv = 0, abiflag = 0, syscallno = 0; 130 static const char *tracefile = DEF_TRACEFILE; 131 static struct ktr_header ktr_header; 132 133 #define TIME_FORMAT "%b %e %T %Y" 134 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 135 136 #define print_number(i,n,c) do { \ 137 if (decimal) \ 138 printf("%c%jd", c, (intmax_t)*i); \ 139 else \ 140 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 141 i++; \ 142 n--; \ 143 c = ','; \ 144 } while (0) 145 146 struct proc_info 147 { 148 TAILQ_ENTRY(proc_info) info; 149 u_int sv_flags; 150 pid_t pid; 151 }; 152 153 static TAILQ_HEAD(trace_procs, proc_info) trace_procs; 154 155 #ifdef HAVE_LIBCASPER 156 static cap_channel_t *cappwd, *capgrp; 157 #endif 158 159 static void 160 strerror_init(void) 161 { 162 163 /* 164 * Cache NLS data before entering capability mode. 165 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 166 */ 167 (void)catopen("libc", NL_CAT_LOCALE); 168 } 169 170 static void 171 localtime_init(void) 172 { 173 time_t ltime; 174 175 /* 176 * Allow localtime(3) to cache /etc/localtime content before entering 177 * capability mode. 178 * XXXPJD: There should be localtime_init() in libc. 179 */ 180 (void)time(<ime); 181 (void)localtime(<ime); 182 } 183 184 #ifdef HAVE_LIBCASPER 185 static int 186 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp) 187 { 188 cap_channel_t *capcas, *cappwdloc, *capgrploc; 189 const char *cmds[1], *fields[1]; 190 191 capcas = cap_init(); 192 if (capcas == NULL) { 193 err(1, "unable to create casper process"); 194 exit(1); 195 } 196 cappwdloc = cap_service_open(capcas, "system.pwd"); 197 capgrploc = cap_service_open(capcas, "system.grp"); 198 /* Casper capability no longer needed. */ 199 cap_close(capcas); 200 if (cappwdloc == NULL || capgrploc == NULL) { 201 if (cappwdloc == NULL) 202 warn("unable to open system.pwd service"); 203 if (capgrploc == NULL) 204 warn("unable to open system.grp service"); 205 exit(1); 206 } 207 /* Limit system.pwd to only getpwuid() function and pw_name field. */ 208 cmds[0] = "getpwuid"; 209 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0) 210 err(1, "unable to limit system.pwd service"); 211 fields[0] = "pw_name"; 212 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0) 213 err(1, "unable to limit system.pwd service"); 214 /* Limit system.grp to only getgrgid() function and gr_name field. */ 215 cmds[0] = "getgrgid"; 216 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0) 217 err(1, "unable to limit system.grp service"); 218 fields[0] = "gr_name"; 219 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0) 220 err(1, "unable to limit system.grp service"); 221 222 *cappwdp = cappwdloc; 223 *capgrpp = capgrploc; 224 return (0); 225 } 226 #endif /* HAVE_LIBCASPER */ 227 228 int 229 main(int argc, char *argv[]) 230 { 231 int ch, ktrlen, size; 232 void *m; 233 int trpoints = ALL_POINTS; 234 int drop_logged; 235 pid_t pid = 0; 236 u_int sv_flags; 237 238 setlocale(LC_CTYPE, ""); 239 240 timestamp = TIMESTAMP_NONE; 241 242 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1) 243 switch (ch) { 244 case 'A': 245 abiflag = 1; 246 break; 247 case 'f': 248 tracefile = optarg; 249 break; 250 case 'd': 251 decimal = 1; 252 break; 253 case 'l': 254 tail = 1; 255 break; 256 case 'm': 257 maxdata = atoi(optarg); 258 break; 259 case 'n': 260 fancy = 0; 261 break; 262 case 'p': 263 pid = atoi(optarg); 264 break; 265 case 'r': 266 resolv = 1; 267 break; 268 case 'S': 269 syscallno = 1; 270 break; 271 case 's': 272 suppressdata = 1; 273 break; 274 case 'E': 275 timestamp |= TIMESTAMP_ELAPSED; 276 break; 277 case 'H': 278 threads = 1; 279 break; 280 case 'R': 281 timestamp |= TIMESTAMP_RELATIVE; 282 break; 283 case 'T': 284 timestamp |= TIMESTAMP_ABSOLUTE; 285 break; 286 case 't': 287 trpoints = getpoints(optarg); 288 if (trpoints < 0) 289 errx(1, "unknown trace point in %s", optarg); 290 break; 291 default: 292 usage(); 293 } 294 295 if (argc > optind) 296 usage(); 297 298 m = malloc(size = 1025); 299 if (m == NULL) 300 errx(1, "%s", strerror(ENOMEM)); 301 if (strcmp(tracefile, "-") != 0) 302 if (!freopen(tracefile, "r", stdin)) 303 err(1, "%s", tracefile); 304 305 strerror_init(); 306 localtime_init(); 307 #ifdef HAVE_LIBCASPER 308 if (resolv != 0) { 309 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) { 310 cappwd = NULL; 311 capgrp = NULL; 312 } 313 } 314 if (resolv == 0 || (cappwd != NULL && capgrp != NULL)) { 315 if (cap_enter() < 0 && errno != ENOSYS) 316 err(1, "unable to enter capability mode"); 317 } 318 #else 319 if (resolv == 0) { 320 if (cap_enter() < 0 && errno != ENOSYS) 321 err(1, "unable to enter capability mode"); 322 } 323 #endif 324 limitfd(STDIN_FILENO); 325 limitfd(STDOUT_FILENO); 326 limitfd(STDERR_FILENO); 327 328 TAILQ_INIT(&trace_procs); 329 drop_logged = 0; 330 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 331 if (ktr_header.ktr_type & KTR_DROP) { 332 ktr_header.ktr_type &= ~KTR_DROP; 333 if (!drop_logged && threads) { 334 printf( 335 "%6jd %6jd %-8.*s Events dropped.\n", 336 (intmax_t)ktr_header.ktr_pid, 337 ktr_header.ktr_tid > 0 ? 338 (intmax_t)ktr_header.ktr_tid : 0, 339 MAXCOMLEN, ktr_header.ktr_comm); 340 drop_logged = 1; 341 } else if (!drop_logged) { 342 printf("%6jd %-8.*s Events dropped.\n", 343 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 344 ktr_header.ktr_comm); 345 drop_logged = 1; 346 } 347 } 348 if (trpoints & (1<<ktr_header.ktr_type)) 349 if (pid == 0 || ktr_header.ktr_pid == pid || 350 ktr_header.ktr_tid == pid) 351 dumpheader(&ktr_header); 352 if ((ktrlen = ktr_header.ktr_len) < 0) 353 errx(1, "bogus length 0x%x", ktrlen); 354 if (ktrlen > size) { 355 m = realloc(m, ktrlen+1); 356 if (m == NULL) 357 errx(1, "%s", strerror(ENOMEM)); 358 size = ktrlen; 359 } 360 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 361 errx(1, "data too short"); 362 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 363 continue; 364 sv_flags = abidump(&ktr_header); 365 if (pid && ktr_header.ktr_pid != pid && 366 ktr_header.ktr_tid != pid) 367 continue; 368 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 369 continue; 370 drop_logged = 0; 371 switch (ktr_header.ktr_type) { 372 case KTR_SYSCALL: 373 ktrsyscall((struct ktr_syscall *)m, sv_flags); 374 break; 375 case KTR_SYSRET: 376 ktrsysret((struct ktr_sysret *)m, sv_flags); 377 break; 378 case KTR_NAMEI: 379 case KTR_SYSCTL: 380 ktrnamei(m, ktrlen); 381 break; 382 case KTR_GENIO: 383 ktrgenio((struct ktr_genio *)m, ktrlen); 384 break; 385 case KTR_PSIG: 386 ktrpsig((struct ktr_psig *)m); 387 break; 388 case KTR_CSW: 389 if (ktrlen == sizeof(struct ktr_csw_old)) 390 ktrcsw_old((struct ktr_csw_old *)m); 391 else 392 ktrcsw((struct ktr_csw *)m); 393 break; 394 case KTR_USER: 395 ktruser(ktrlen, m); 396 break; 397 case KTR_STRUCT: 398 ktrstruct(m, ktrlen); 399 break; 400 case KTR_CAPFAIL: 401 ktrcapfail((struct ktr_cap_fail *)m); 402 break; 403 case KTR_FAULT: 404 ktrfault((struct ktr_fault *)m); 405 break; 406 case KTR_FAULTEND: 407 ktrfaultend((struct ktr_faultend *)m); 408 break; 409 default: 410 printf("\n"); 411 break; 412 } 413 if (tail) 414 fflush(stdout); 415 } 416 return 0; 417 } 418 419 void 420 limitfd(int fd) 421 { 422 cap_rights_t rights; 423 unsigned long cmd; 424 425 cap_rights_init(&rights, CAP_FSTAT); 426 cmd = 0; 427 428 switch (fd) { 429 case STDIN_FILENO: 430 cap_rights_set(&rights, CAP_READ); 431 break; 432 case STDOUT_FILENO: 433 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE); 434 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 435 break; 436 case STDERR_FILENO: 437 cap_rights_set(&rights, CAP_WRITE); 438 if (!suppressdata) { 439 cap_rights_set(&rights, CAP_IOCTL); 440 cmd = TIOCGWINSZ; 441 } 442 break; 443 default: 444 abort(); 445 } 446 447 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) 448 err(1, "unable to limit rights for descriptor %d", fd); 449 if (cmd != 0 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 450 err(1, "unable to limit ioctls for descriptor %d", fd); 451 } 452 453 int 454 fread_tail(void *buf, int size, int num) 455 { 456 int i; 457 458 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 459 sleep(1); 460 clearerr(stdin); 461 } 462 return (i); 463 } 464 465 int 466 fetchprocinfo(struct ktr_header *kth, u_int *flags) 467 { 468 struct proc_info *pi; 469 470 switch (kth->ktr_type) { 471 case KTR_PROCCTOR: 472 TAILQ_FOREACH(pi, &trace_procs, info) { 473 if (pi->pid == kth->ktr_pid) { 474 TAILQ_REMOVE(&trace_procs, pi, info); 475 break; 476 } 477 } 478 pi = malloc(sizeof(struct proc_info)); 479 if (pi == NULL) 480 errx(1, "%s", strerror(ENOMEM)); 481 pi->sv_flags = *flags; 482 pi->pid = kth->ktr_pid; 483 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 484 return (1); 485 486 case KTR_PROCDTOR: 487 TAILQ_FOREACH(pi, &trace_procs, info) { 488 if (pi->pid == kth->ktr_pid) { 489 TAILQ_REMOVE(&trace_procs, pi, info); 490 free(pi); 491 break; 492 } 493 } 494 return (1); 495 } 496 497 return (0); 498 } 499 500 u_int 501 abidump(struct ktr_header *kth) 502 { 503 struct proc_info *pi; 504 const char *abi; 505 const char *arch; 506 u_int flags = 0; 507 508 TAILQ_FOREACH(pi, &trace_procs, info) { 509 if (pi->pid == kth->ktr_pid) { 510 flags = pi->sv_flags; 511 break; 512 } 513 } 514 515 if (abiflag == 0) 516 return (flags); 517 518 switch (flags & SV_ABI_MASK) { 519 case SV_ABI_LINUX: 520 abi = "L"; 521 break; 522 case SV_ABI_FREEBSD: 523 abi = "F"; 524 break; 525 case SV_ABI_CLOUDABI: 526 abi = "C"; 527 break; 528 default: 529 abi = "U"; 530 break; 531 } 532 533 if (flags & SV_LP64) 534 arch = "64"; 535 else if (flags & SV_ILP32) 536 arch = "32"; 537 else 538 arch = "00"; 539 540 printf("%s%s ", abi, arch); 541 542 return (flags); 543 } 544 545 void 546 dumpheader(struct ktr_header *kth) 547 { 548 static char unknown[64]; 549 static struct timeval prevtime, prevtime_e, temp; 550 const char *type; 551 const char *sign; 552 553 switch (kth->ktr_type) { 554 case KTR_SYSCALL: 555 type = "CALL"; 556 break; 557 case KTR_SYSRET: 558 type = "RET "; 559 break; 560 case KTR_NAMEI: 561 type = "NAMI"; 562 break; 563 case KTR_GENIO: 564 type = "GIO "; 565 break; 566 case KTR_PSIG: 567 type = "PSIG"; 568 break; 569 case KTR_CSW: 570 type = "CSW "; 571 break; 572 case KTR_USER: 573 type = "USER"; 574 break; 575 case KTR_STRUCT: 576 type = "STRU"; 577 break; 578 case KTR_SYSCTL: 579 type = "SCTL"; 580 break; 581 case KTR_PROCCTOR: 582 /* FALLTHROUGH */ 583 case KTR_PROCDTOR: 584 return; 585 case KTR_CAPFAIL: 586 type = "CAP "; 587 break; 588 case KTR_FAULT: 589 type = "PFLT"; 590 break; 591 case KTR_FAULTEND: 592 type = "PRET"; 593 break; 594 default: 595 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 596 type = unknown; 597 } 598 599 /* 600 * The ktr_tid field was previously the ktr_buffer field, which held 601 * the kernel pointer value for the buffer associated with data 602 * following the record header. It now holds a threadid, but only 603 * for trace files after the change. Older trace files still contain 604 * kernel pointers. Detect this and suppress the results by printing 605 * negative tid's as 0. 606 */ 607 if (threads) 608 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 609 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 610 MAXCOMLEN, kth->ktr_comm); 611 else 612 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 613 kth->ktr_comm); 614 if (timestamp) { 615 if (timestamp & TIMESTAMP_ABSOLUTE) { 616 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 617 kth->ktr_time.tv_usec); 618 } 619 if (timestamp & TIMESTAMP_ELAPSED) { 620 if (prevtime_e.tv_sec == 0) 621 prevtime_e = kth->ktr_time; 622 timevalsub(&kth->ktr_time, &prevtime_e); 623 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 624 kth->ktr_time.tv_usec); 625 timevaladd(&kth->ktr_time, &prevtime_e); 626 } 627 if (timestamp & TIMESTAMP_RELATIVE) { 628 if (prevtime.tv_sec == 0) 629 prevtime = kth->ktr_time; 630 temp = kth->ktr_time; 631 timevalsub(&kth->ktr_time, &prevtime); 632 if ((intmax_t)kth->ktr_time.tv_sec < 0) { 633 kth->ktr_time = prevtime; 634 prevtime = temp; 635 timevalsub(&kth->ktr_time, &prevtime); 636 sign = "-"; 637 } else { 638 prevtime = temp; 639 sign = ""; 640 } 641 printf("%s%jd.%06ld ", sign, (intmax_t)kth->ktr_time.tv_sec, 642 kth->ktr_time.tv_usec); 643 } 644 } 645 printf("%s ", type); 646 } 647 648 #include <sys/syscall.h> 649 650 static void 651 ioctlname(unsigned long val) 652 { 653 const char *str; 654 655 str = sysdecode_ioctlname(val); 656 if (str != NULL) 657 printf("%s", str); 658 else if (decimal) 659 printf("%lu", val); 660 else 661 printf("%#lx", val); 662 } 663 664 static enum sysdecode_abi 665 syscallabi(u_int sv_flags) 666 { 667 668 if (sv_flags == 0) 669 return (SYSDECODE_ABI_FREEBSD); 670 switch (sv_flags & SV_ABI_MASK) { 671 case SV_ABI_FREEBSD: 672 return (SYSDECODE_ABI_FREEBSD); 673 #if defined(__amd64__) || defined(__i386__) 674 case SV_ABI_LINUX: 675 #ifdef __amd64__ 676 if (sv_flags & SV_ILP32) 677 return (SYSDECODE_ABI_LINUX32); 678 #endif 679 return (SYSDECODE_ABI_LINUX); 680 #endif 681 #if defined(__aarch64__) || defined(__amd64__) 682 case SV_ABI_CLOUDABI: 683 return (SYSDECODE_ABI_CLOUDABI64); 684 #endif 685 default: 686 return (SYSDECODE_ABI_UNKNOWN); 687 } 688 } 689 690 static void 691 syscallname(u_int code, u_int sv_flags) 692 { 693 const char *name; 694 695 name = sysdecode_syscallname(syscallabi(sv_flags), code); 696 if (name == NULL) 697 printf("[%d]", code); 698 else { 699 printf("%s", name); 700 if (syscallno) 701 printf("[%d]", code); 702 } 703 } 704 705 void 706 ktrsyscall(struct ktr_syscall *ktr, u_int sv_flags) 707 { 708 int narg = ktr->ktr_narg; 709 register_t *ip; 710 intmax_t arg; 711 712 syscallname(ktr->ktr_code, sv_flags); 713 ip = &ktr->ktr_args[0]; 714 if (narg) { 715 char c = '('; 716 if (fancy && 717 (sv_flags == 0 || 718 (sv_flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 719 switch (ktr->ktr_code) { 720 case SYS_bindat: 721 case SYS_connectat: 722 case SYS_faccessat: 723 case SYS_fchmodat: 724 case SYS_fchownat: 725 case SYS_fstatat: 726 case SYS_futimesat: 727 case SYS_linkat: 728 case SYS_mkdirat: 729 case SYS_mkfifoat: 730 case SYS_mknodat: 731 case SYS_openat: 732 case SYS_readlinkat: 733 case SYS_renameat: 734 case SYS_unlinkat: 735 case SYS_utimensat: 736 putchar('('); 737 atfdname(*ip, decimal); 738 c = ','; 739 ip++; 740 narg--; 741 break; 742 } 743 switch (ktr->ktr_code) { 744 case SYS_ioctl: { 745 print_number(ip, narg, c); 746 putchar(c); 747 ioctlname(*ip); 748 c = ','; 749 ip++; 750 narg--; 751 break; 752 } 753 case SYS_ptrace: 754 putchar('('); 755 ptraceopname(*ip); 756 c = ','; 757 ip++; 758 narg--; 759 break; 760 case SYS_access: 761 case SYS_eaccess: 762 case SYS_faccessat: 763 print_number(ip, narg, c); 764 putchar(','); 765 accessmodename(*ip); 766 ip++; 767 narg--; 768 break; 769 case SYS_open: 770 case SYS_openat: 771 print_number(ip, narg, c); 772 putchar(','); 773 flagsandmodename(ip[0], ip[1], decimal); 774 ip += 2; 775 narg -= 2; 776 break; 777 case SYS_wait4: 778 print_number(ip, narg, c); 779 print_number(ip, narg, c); 780 /* 781 * A flags value of zero is valid for 782 * wait4() but not for wait6(), so 783 * handle zero special here. 784 */ 785 if (*ip == 0) { 786 print_number(ip, narg, c); 787 } else { 788 putchar(','); 789 wait6optname(*ip); 790 ip++; 791 narg--; 792 } 793 break; 794 case SYS_wait6: 795 putchar('('); 796 idtypename(*ip, decimal); 797 c = ','; 798 ip++; 799 narg--; 800 print_number(ip, narg, c); 801 print_number(ip, narg, c); 802 putchar(','); 803 wait6optname(*ip); 804 ip++; 805 narg--; 806 break; 807 case SYS_chmod: 808 case SYS_fchmod: 809 case SYS_lchmod: 810 case SYS_fchmodat: 811 print_number(ip, narg, c); 812 putchar(','); 813 modename(*ip); 814 ip++; 815 narg--; 816 break; 817 case SYS_mknod: 818 case SYS_mknodat: 819 print_number(ip, narg, c); 820 putchar(','); 821 modename(*ip); 822 ip++; 823 narg--; 824 break; 825 case SYS_getfsstat: 826 print_number(ip, narg, c); 827 print_number(ip, narg, c); 828 putchar(','); 829 getfsstatflagsname(*ip); 830 ip++; 831 narg--; 832 break; 833 case SYS_mount: 834 print_number(ip, narg, c); 835 print_number(ip, narg, c); 836 putchar(','); 837 mountflagsname(*ip); 838 ip++; 839 narg--; 840 break; 841 case SYS_unmount: 842 print_number(ip, narg, c); 843 putchar(','); 844 mountflagsname(*ip); 845 ip++; 846 narg--; 847 break; 848 case SYS_recvmsg: 849 case SYS_sendmsg: 850 print_number(ip, narg, c); 851 print_number(ip, narg, c); 852 putchar(','); 853 sendrecvflagsname(*ip); 854 ip++; 855 narg--; 856 break; 857 case SYS_recvfrom: 858 case SYS_sendto: 859 print_number(ip, narg, c); 860 print_number(ip, narg, c); 861 print_number(ip, narg, c); 862 putchar(','); 863 sendrecvflagsname(*ip); 864 ip++; 865 narg--; 866 break; 867 case SYS_chflags: 868 case SYS_fchflags: 869 case SYS_lchflags: 870 print_number(ip, narg, c); 871 putchar(','); 872 modename(*ip); 873 ip++; 874 narg--; 875 break; 876 case SYS_kill: 877 print_number(ip, narg, c); 878 putchar(','); 879 signame(*ip); 880 ip++; 881 narg--; 882 break; 883 case SYS_reboot: 884 putchar('('); 885 rebootoptname(*ip); 886 ip++; 887 narg--; 888 break; 889 case SYS_umask: 890 putchar('('); 891 modename(*ip); 892 ip++; 893 narg--; 894 break; 895 case SYS_msync: 896 print_number(ip, narg, c); 897 print_number(ip, narg, c); 898 putchar(','); 899 msyncflagsname(*ip); 900 ip++; 901 narg--; 902 break; 903 #ifdef SYS_freebsd6_mmap 904 case SYS_freebsd6_mmap: 905 print_number(ip, narg, c); 906 print_number(ip, narg, c); 907 putchar(','); 908 mmapprotname(*ip); 909 putchar(','); 910 ip++; 911 narg--; 912 mmapflagsname(*ip); 913 ip++; 914 narg--; 915 break; 916 #endif 917 case SYS_mmap: 918 print_number(ip, narg, c); 919 print_number(ip, narg, c); 920 putchar(','); 921 mmapprotname(*ip); 922 putchar(','); 923 ip++; 924 narg--; 925 mmapflagsname(*ip); 926 ip++; 927 narg--; 928 break; 929 case SYS_mprotect: 930 print_number(ip, narg, c); 931 print_number(ip, narg, c); 932 putchar(','); 933 mmapprotname(*ip); 934 ip++; 935 narg--; 936 break; 937 case SYS_madvise: 938 print_number(ip, narg, c); 939 print_number(ip, narg, c); 940 putchar(','); 941 madvisebehavname(*ip); 942 ip++; 943 narg--; 944 break; 945 case SYS_setpriority: 946 print_number(ip, narg, c); 947 print_number(ip, narg, c); 948 putchar(','); 949 prioname(*ip); 950 ip++; 951 narg--; 952 break; 953 case SYS_fcntl: 954 print_number(ip, narg, c); 955 putchar(','); 956 fcntlcmdname(ip[0], ip[1], decimal); 957 ip += 2; 958 narg -= 2; 959 break; 960 case SYS_socket: { 961 int sockdomain; 962 putchar('('); 963 sockdomain = *ip; 964 sockdomainname(sockdomain); 965 ip++; 966 narg--; 967 putchar(','); 968 socktypenamewithflags(*ip); 969 ip++; 970 narg--; 971 if (sockdomain == PF_INET || 972 sockdomain == PF_INET6) { 973 putchar(','); 974 sockipprotoname(*ip); 975 ip++; 976 narg--; 977 } 978 c = ','; 979 break; 980 } 981 case SYS_setsockopt: 982 case SYS_getsockopt: 983 print_number(ip, narg, c); 984 putchar(','); 985 sockoptlevelname(*ip, decimal); 986 if (*ip == SOL_SOCKET) { 987 ip++; 988 narg--; 989 putchar(','); 990 sockoptname(*ip); 991 } 992 ip++; 993 narg--; 994 break; 995 #ifdef SYS_freebsd6_lseek 996 case SYS_freebsd6_lseek: 997 print_number(ip, narg, c); 998 /* Hidden 'pad' argument, not in lseek(2) */ 999 print_number(ip, narg, c); 1000 print_number(ip, narg, c); 1001 putchar(','); 1002 whencename(*ip); 1003 ip++; 1004 narg--; 1005 break; 1006 #endif 1007 case SYS_lseek: 1008 print_number(ip, narg, c); 1009 /* Hidden 'pad' argument, not in lseek(2) */ 1010 print_number(ip, narg, c); 1011 putchar(','); 1012 whencename(*ip); 1013 ip++; 1014 narg--; 1015 break; 1016 case SYS_flock: 1017 print_number(ip, narg, c); 1018 putchar(','); 1019 flockname(*ip); 1020 ip++; 1021 narg--; 1022 break; 1023 case SYS_mkfifo: 1024 case SYS_mkfifoat: 1025 case SYS_mkdir: 1026 case SYS_mkdirat: 1027 print_number(ip, narg, c); 1028 putchar(','); 1029 modename(*ip); 1030 ip++; 1031 narg--; 1032 break; 1033 case SYS_shutdown: 1034 print_number(ip, narg, c); 1035 putchar(','); 1036 shutdownhowname(*ip); 1037 ip++; 1038 narg--; 1039 break; 1040 case SYS_socketpair: 1041 putchar('('); 1042 sockdomainname(*ip); 1043 ip++; 1044 narg--; 1045 putchar(','); 1046 socktypenamewithflags(*ip); 1047 ip++; 1048 narg--; 1049 c = ','; 1050 break; 1051 case SYS_getrlimit: 1052 case SYS_setrlimit: 1053 putchar('('); 1054 rlimitname(*ip); 1055 ip++; 1056 narg--; 1057 c = ','; 1058 break; 1059 case SYS_quotactl: 1060 print_number(ip, narg, c); 1061 putchar(','); 1062 quotactlname(*ip); 1063 ip++; 1064 narg--; 1065 c = ','; 1066 break; 1067 case SYS_nfssvc: 1068 putchar('('); 1069 nfssvcname(*ip); 1070 ip++; 1071 narg--; 1072 c = ','; 1073 break; 1074 case SYS_rtprio: 1075 putchar('('); 1076 rtprioname(*ip); 1077 ip++; 1078 narg--; 1079 c = ','; 1080 break; 1081 case SYS___semctl: 1082 print_number(ip, narg, c); 1083 print_number(ip, narg, c); 1084 putchar(','); 1085 semctlname(*ip); 1086 ip++; 1087 narg--; 1088 break; 1089 case SYS_semget: 1090 print_number(ip, narg, c); 1091 print_number(ip, narg, c); 1092 putchar(','); 1093 semgetname(*ip); 1094 ip++; 1095 narg--; 1096 break; 1097 case SYS_msgctl: 1098 print_number(ip, narg, c); 1099 putchar(','); 1100 shmctlname(*ip); 1101 ip++; 1102 narg--; 1103 break; 1104 case SYS_shmat: 1105 print_number(ip, narg, c); 1106 print_number(ip, narg, c); 1107 putchar(','); 1108 shmatname(*ip); 1109 ip++; 1110 narg--; 1111 break; 1112 case SYS_shmctl: 1113 print_number(ip, narg, c); 1114 putchar(','); 1115 shmctlname(*ip); 1116 ip++; 1117 narg--; 1118 break; 1119 case SYS_shm_open: 1120 print_number(ip, narg, c); 1121 putchar(','); 1122 flagsname(ip[0]); 1123 printf(",0%o", (unsigned int)ip[1]); 1124 ip += 3; 1125 narg -= 3; 1126 break; 1127 case SYS_minherit: 1128 print_number(ip, narg, c); 1129 print_number(ip, narg, c); 1130 putchar(','); 1131 minheritname(*ip); 1132 ip++; 1133 narg--; 1134 break; 1135 case SYS_rfork: 1136 putchar('('); 1137 rforkname(*ip); 1138 ip++; 1139 narg--; 1140 c = ','; 1141 break; 1142 case SYS_lio_listio: 1143 putchar('('); 1144 lio_listioname(*ip); 1145 ip++; 1146 narg--; 1147 c = ','; 1148 break; 1149 case SYS_mlockall: 1150 putchar('('); 1151 mlockallname(*ip); 1152 ip++; 1153 narg--; 1154 break; 1155 case SYS_sched_setscheduler: 1156 print_number(ip, narg, c); 1157 putchar(','); 1158 schedpolicyname(*ip); 1159 ip++; 1160 narg--; 1161 break; 1162 case SYS_sched_get_priority_max: 1163 case SYS_sched_get_priority_min: 1164 putchar('('); 1165 schedpolicyname(*ip); 1166 ip++; 1167 narg--; 1168 break; 1169 case SYS_sendfile: 1170 print_number(ip, narg, c); 1171 print_number(ip, narg, c); 1172 print_number(ip, narg, c); 1173 print_number(ip, narg, c); 1174 print_number(ip, narg, c); 1175 print_number(ip, narg, c); 1176 putchar(','); 1177 sendfileflagsname(*(int *)ip); 1178 ip++; 1179 narg--; 1180 break; 1181 case SYS_kldsym: 1182 print_number(ip, narg, c); 1183 putchar(','); 1184 kldsymcmdname(*ip); 1185 ip++; 1186 narg--; 1187 break; 1188 case SYS_sigprocmask: 1189 putchar('('); 1190 sigprocmaskhowname(*ip); 1191 ip++; 1192 narg--; 1193 c = ','; 1194 break; 1195 case SYS___acl_get_file: 1196 case SYS___acl_set_file: 1197 case SYS___acl_get_fd: 1198 case SYS___acl_set_fd: 1199 case SYS___acl_delete_file: 1200 case SYS___acl_delete_fd: 1201 case SYS___acl_aclcheck_file: 1202 case SYS___acl_aclcheck_fd: 1203 case SYS___acl_get_link: 1204 case SYS___acl_set_link: 1205 case SYS___acl_delete_link: 1206 case SYS___acl_aclcheck_link: 1207 print_number(ip, narg, c); 1208 putchar(','); 1209 acltypename(*ip); 1210 ip++; 1211 narg--; 1212 break; 1213 case SYS_sigaction: 1214 putchar('('); 1215 signame(*ip); 1216 ip++; 1217 narg--; 1218 c = ','; 1219 break; 1220 case SYS_extattrctl: 1221 print_number(ip, narg, c); 1222 putchar(','); 1223 extattrctlname(*ip); 1224 ip++; 1225 narg--; 1226 break; 1227 case SYS_nmount: 1228 print_number(ip, narg, c); 1229 print_number(ip, narg, c); 1230 putchar(','); 1231 mountflagsname(*ip); 1232 ip++; 1233 narg--; 1234 break; 1235 case SYS_thr_create: 1236 print_number(ip, narg, c); 1237 print_number(ip, narg, c); 1238 putchar(','); 1239 thrcreateflagsname(*ip); 1240 ip++; 1241 narg--; 1242 break; 1243 case SYS_thr_kill: 1244 print_number(ip, narg, c); 1245 putchar(','); 1246 signame(*ip); 1247 ip++; 1248 narg--; 1249 break; 1250 case SYS_kldunloadf: 1251 print_number(ip, narg, c); 1252 putchar(','); 1253 kldunloadfflagsname(*ip); 1254 ip++; 1255 narg--; 1256 break; 1257 case SYS_linkat: 1258 case SYS_renameat: 1259 case SYS_symlinkat: 1260 print_number(ip, narg, c); 1261 putchar(','); 1262 atfdname(*ip, decimal); 1263 ip++; 1264 narg--; 1265 break; 1266 case SYS_cap_fcntls_limit: 1267 print_number(ip, narg, c); 1268 putchar(','); 1269 arg = *ip; 1270 ip++; 1271 narg--; 1272 capfcntlname(arg); 1273 break; 1274 case SYS_posix_fadvise: 1275 print_number(ip, narg, c); 1276 print_number(ip, narg, c); 1277 print_number(ip, narg, c); 1278 (void)putchar(','); 1279 fadvisebehavname((int)*ip); 1280 ip++; 1281 narg--; 1282 break; 1283 case SYS_procctl: 1284 putchar('('); 1285 idtypename(*ip, decimal); 1286 c = ','; 1287 ip++; 1288 narg--; 1289 print_number(ip, narg, c); 1290 putchar(','); 1291 procctlcmdname(*ip); 1292 ip++; 1293 narg--; 1294 break; 1295 case SYS__umtx_op: 1296 print_number(ip, narg, c); 1297 putchar(','); 1298 umtxopname(*ip); 1299 switch (*ip) { 1300 case UMTX_OP_CV_WAIT: 1301 ip++; 1302 narg--; 1303 putchar(','); 1304 umtxcvwaitflags(*ip); 1305 break; 1306 case UMTX_OP_RW_RDLOCK: 1307 ip++; 1308 narg--; 1309 putchar(','); 1310 umtxrwlockflags(*ip); 1311 break; 1312 } 1313 ip++; 1314 narg--; 1315 } 1316 } 1317 while (narg > 0) { 1318 print_number(ip, narg, c); 1319 } 1320 putchar(')'); 1321 } 1322 putchar('\n'); 1323 } 1324 1325 void 1326 ktrsysret(struct ktr_sysret *ktr, u_int sv_flags) 1327 { 1328 register_t ret = ktr->ktr_retval; 1329 int error = ktr->ktr_error; 1330 1331 syscallname(ktr->ktr_code, sv_flags); 1332 printf(" "); 1333 1334 if (error == 0) { 1335 if (fancy) { 1336 printf("%ld", (long)ret); 1337 if (ret < 0 || ret > 9) 1338 printf("/%#lx", (unsigned long)ret); 1339 } else { 1340 if (decimal) 1341 printf("%ld", (long)ret); 1342 else 1343 printf("%#lx", (unsigned long)ret); 1344 } 1345 } else if (error == ERESTART) 1346 printf("RESTART"); 1347 else if (error == EJUSTRETURN) 1348 printf("JUSTRETURN"); 1349 else { 1350 printf("-1 errno %d", sysdecode_freebsd_to_abi_errno( 1351 syscallabi(sv_flags), error)); 1352 if (fancy) 1353 printf(" %s", strerror(ktr->ktr_error)); 1354 } 1355 putchar('\n'); 1356 } 1357 1358 void 1359 ktrnamei(char *cp, int len) 1360 { 1361 printf("\"%.*s\"\n", len, cp); 1362 } 1363 1364 void 1365 hexdump(char *p, int len, int screenwidth) 1366 { 1367 int n, i; 1368 int width; 1369 1370 width = 0; 1371 do { 1372 width += 2; 1373 i = 13; /* base offset */ 1374 i += (width / 2) + 1; /* spaces every second byte */ 1375 i += (width * 2); /* width of bytes */ 1376 i += 3; /* " |" */ 1377 i += width; /* each byte */ 1378 i += 1; /* "|" */ 1379 } while (i < screenwidth); 1380 width -= 2; 1381 1382 for (n = 0; n < len; n += width) { 1383 for (i = n; i < n + width; i++) { 1384 if ((i % width) == 0) { /* beginning of line */ 1385 printf(" 0x%04x", i); 1386 } 1387 if ((i % 2) == 0) { 1388 printf(" "); 1389 } 1390 if (i < len) 1391 printf("%02x", p[i] & 0xff); 1392 else 1393 printf(" "); 1394 } 1395 printf(" |"); 1396 for (i = n; i < n + width; i++) { 1397 if (i >= len) 1398 break; 1399 if (p[i] >= ' ' && p[i] <= '~') 1400 printf("%c", p[i]); 1401 else 1402 printf("."); 1403 } 1404 printf("|\n"); 1405 } 1406 if ((i % width) != 0) 1407 printf("\n"); 1408 } 1409 1410 void 1411 visdump(char *dp, int datalen, int screenwidth) 1412 { 1413 int col = 0; 1414 char *cp; 1415 int width; 1416 char visbuf[5]; 1417 1418 printf(" \""); 1419 col = 8; 1420 for (;datalen > 0; datalen--, dp++) { 1421 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1422 cp = visbuf; 1423 /* 1424 * Keep track of printables and 1425 * space chars (like fold(1)). 1426 */ 1427 if (col == 0) { 1428 putchar('\t'); 1429 col = 8; 1430 } 1431 switch(*cp) { 1432 case '\n': 1433 col = 0; 1434 putchar('\n'); 1435 continue; 1436 case '\t': 1437 width = 8 - (col&07); 1438 break; 1439 default: 1440 width = strlen(cp); 1441 } 1442 if (col + width > (screenwidth-2)) { 1443 printf("\\\n\t"); 1444 col = 8; 1445 } 1446 col += width; 1447 do { 1448 putchar(*cp++); 1449 } while (*cp); 1450 } 1451 if (col == 0) 1452 printf(" "); 1453 printf("\"\n"); 1454 } 1455 1456 void 1457 ktrgenio(struct ktr_genio *ktr, int len) 1458 { 1459 int datalen = len - sizeof (struct ktr_genio); 1460 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1461 static int screenwidth = 0; 1462 int i, binary; 1463 1464 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1465 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1466 datalen == 1 ? "" : "s"); 1467 if (suppressdata) 1468 return; 1469 if (screenwidth == 0) { 1470 struct winsize ws; 1471 1472 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1473 ws.ws_col > 8) 1474 screenwidth = ws.ws_col; 1475 else 1476 screenwidth = 80; 1477 } 1478 if (maxdata && datalen > maxdata) 1479 datalen = maxdata; 1480 1481 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1482 if (dp[i] >= 32 && dp[i] < 127) 1483 continue; 1484 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1485 continue; 1486 binary = 1; 1487 } 1488 if (binary) 1489 hexdump(dp, datalen, screenwidth); 1490 else 1491 visdump(dp, datalen, screenwidth); 1492 } 1493 1494 const char *signames[] = { 1495 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1496 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1497 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1498 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1499 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1500 "USR2", NULL, /* 31 - 32 */ 1501 }; 1502 1503 void 1504 ktrpsig(struct ktr_psig *psig) 1505 { 1506 if (psig->signo > 0 && psig->signo < NSIG) 1507 printf("SIG%s ", signames[psig->signo]); 1508 else 1509 printf("SIG %d ", psig->signo); 1510 if (psig->action == SIG_DFL) { 1511 printf("SIG_DFL code="); 1512 sigcodename(psig->signo, psig->code); 1513 putchar('\n'); 1514 } else { 1515 printf("caught handler=0x%lx mask=0x%x code=", 1516 (u_long)psig->action, psig->mask.__bits[0]); 1517 sigcodename(psig->signo, psig->code); 1518 putchar('\n'); 1519 } 1520 } 1521 1522 void 1523 ktrcsw_old(struct ktr_csw_old *cs) 1524 { 1525 printf("%s %s\n", cs->out ? "stop" : "resume", 1526 cs->user ? "user" : "kernel"); 1527 } 1528 1529 void 1530 ktrcsw(struct ktr_csw *cs) 1531 { 1532 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1533 cs->user ? "user" : "kernel", cs->wmesg); 1534 } 1535 1536 void 1537 ktruser(int len, void *p) 1538 { 1539 unsigned char *cp; 1540 1541 if (sysdecode_utrace(stdout, p, len)) { 1542 printf("\n"); 1543 return; 1544 } 1545 1546 printf("%d ", len); 1547 cp = p; 1548 while (len--) 1549 if (decimal) 1550 printf(" %d", *cp++); 1551 else 1552 printf(" %02x", *cp++); 1553 printf("\n"); 1554 } 1555 1556 void 1557 ktrcaprights(cap_rights_t *rightsp) 1558 { 1559 1560 printf("cap_rights_t "); 1561 capname(rightsp); 1562 printf("\n"); 1563 } 1564 1565 void 1566 ktrsockaddr(struct sockaddr *sa) 1567 { 1568 /* 1569 TODO: Support additional address families 1570 #include <netnatm/natm.h> 1571 struct sockaddr_natm *natm; 1572 #include <netsmb/netbios.h> 1573 struct sockaddr_nb *nb; 1574 */ 1575 char addr[64]; 1576 1577 /* 1578 * note: ktrstruct() has already verified that sa points to a 1579 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1580 * sa->sa_len bytes long. 1581 */ 1582 printf("struct sockaddr { "); 1583 sockfamilyname(sa->sa_family); 1584 printf(", "); 1585 1586 #define check_sockaddr_len(n) \ 1587 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1588 printf("invalid"); \ 1589 break; \ 1590 } 1591 1592 switch(sa->sa_family) { 1593 case AF_INET: { 1594 struct sockaddr_in sa_in; 1595 1596 memset(&sa_in, 0, sizeof(sa_in)); 1597 memcpy(&sa_in, sa, sa->sa_len); 1598 check_sockaddr_len(in); 1599 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1600 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1601 break; 1602 } 1603 case AF_INET6: { 1604 struct sockaddr_in6 sa_in6; 1605 1606 memset(&sa_in6, 0, sizeof(sa_in6)); 1607 memcpy(&sa_in6, sa, sa->sa_len); 1608 check_sockaddr_len(in6); 1609 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1610 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1611 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1612 break; 1613 } 1614 case AF_UNIX: { 1615 struct sockaddr_un sa_un; 1616 1617 memset(&sa_un, 0, sizeof(sa_un)); 1618 memcpy(&sa_un, sa, sa->sa_len); 1619 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1620 break; 1621 } 1622 default: 1623 printf("unknown address family"); 1624 } 1625 printf(" }\n"); 1626 } 1627 1628 void 1629 ktrstat(struct stat *statp) 1630 { 1631 char mode[12], timestr[PATH_MAX + 4]; 1632 struct passwd *pwd; 1633 struct group *grp; 1634 struct tm *tm; 1635 1636 /* 1637 * note: ktrstruct() has already verified that statp points to a 1638 * buffer exactly sizeof(struct stat) bytes long. 1639 */ 1640 printf("struct stat {"); 1641 printf("dev=%ju, ino=%ju, ", 1642 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); 1643 if (resolv == 0) 1644 printf("mode=0%jo, ", (uintmax_t)statp->st_mode); 1645 else { 1646 strmode(statp->st_mode, mode); 1647 printf("mode=%s, ", mode); 1648 } 1649 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); 1650 if (resolv == 0) { 1651 pwd = NULL; 1652 } else { 1653 #ifdef HAVE_LIBCASPER 1654 if (cappwd != NULL) 1655 pwd = cap_getpwuid(cappwd, statp->st_uid); 1656 else 1657 #endif 1658 pwd = getpwuid(statp->st_uid); 1659 } 1660 if (pwd == NULL) 1661 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1662 else 1663 printf("uid=\"%s\", ", pwd->pw_name); 1664 if (resolv == 0) { 1665 grp = NULL; 1666 } else { 1667 #ifdef HAVE_LIBCASPER 1668 if (capgrp != NULL) 1669 grp = cap_getgrgid(capgrp, statp->st_gid); 1670 else 1671 #endif 1672 grp = getgrgid(statp->st_gid); 1673 } 1674 if (grp == NULL) 1675 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1676 else 1677 printf("gid=\"%s\", ", grp->gr_name); 1678 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1679 printf("atime="); 1680 if (resolv == 0) 1681 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1682 else { 1683 tm = localtime(&statp->st_atim.tv_sec); 1684 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1685 printf("\"%s\"", timestr); 1686 } 1687 if (statp->st_atim.tv_nsec != 0) 1688 printf(".%09ld, ", statp->st_atim.tv_nsec); 1689 else 1690 printf(", "); 1691 printf("stime="); 1692 if (resolv == 0) 1693 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1694 else { 1695 tm = localtime(&statp->st_mtim.tv_sec); 1696 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1697 printf("\"%s\"", timestr); 1698 } 1699 if (statp->st_mtim.tv_nsec != 0) 1700 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1701 else 1702 printf(", "); 1703 printf("ctime="); 1704 if (resolv == 0) 1705 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1706 else { 1707 tm = localtime(&statp->st_ctim.tv_sec); 1708 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1709 printf("\"%s\"", timestr); 1710 } 1711 if (statp->st_ctim.tv_nsec != 0) 1712 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1713 else 1714 printf(", "); 1715 printf("birthtime="); 1716 if (resolv == 0) 1717 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1718 else { 1719 tm = localtime(&statp->st_birthtim.tv_sec); 1720 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1721 printf("\"%s\"", timestr); 1722 } 1723 if (statp->st_birthtim.tv_nsec != 0) 1724 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1725 else 1726 printf(", "); 1727 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1728 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1729 (intmax_t)statp->st_blocks, statp->st_flags); 1730 printf(" }\n"); 1731 } 1732 1733 void 1734 ktrstruct(char *buf, size_t buflen) 1735 { 1736 char *name, *data; 1737 size_t namelen, datalen; 1738 int i; 1739 cap_rights_t rights; 1740 struct stat sb; 1741 struct sockaddr_storage ss; 1742 1743 for (name = buf, namelen = 0; 1744 namelen < buflen && name[namelen] != '\0'; 1745 ++namelen) 1746 /* nothing */; 1747 if (namelen == buflen) 1748 goto invalid; 1749 if (name[namelen] != '\0') 1750 goto invalid; 1751 data = buf + namelen + 1; 1752 datalen = buflen - namelen - 1; 1753 if (datalen == 0) 1754 goto invalid; 1755 /* sanity check */ 1756 for (i = 0; i < (int)namelen; ++i) 1757 if (!isalpha(name[i])) 1758 goto invalid; 1759 if (strcmp(name, "caprights") == 0) { 1760 if (datalen != sizeof(cap_rights_t)) 1761 goto invalid; 1762 memcpy(&rights, data, datalen); 1763 ktrcaprights(&rights); 1764 } else if (strcmp(name, "stat") == 0) { 1765 if (datalen != sizeof(struct stat)) 1766 goto invalid; 1767 memcpy(&sb, data, datalen); 1768 ktrstat(&sb); 1769 } else if (strcmp(name, "sockaddr") == 0) { 1770 if (datalen > sizeof(ss)) 1771 goto invalid; 1772 memcpy(&ss, data, datalen); 1773 if (datalen != ss.ss_len) 1774 goto invalid; 1775 ktrsockaddr((struct sockaddr *)&ss); 1776 } else { 1777 printf("unknown structure\n"); 1778 } 1779 return; 1780 invalid: 1781 printf("invalid record\n"); 1782 } 1783 1784 void 1785 ktrcapfail(struct ktr_cap_fail *ktr) 1786 { 1787 switch (ktr->cap_type) { 1788 case CAPFAIL_NOTCAPABLE: 1789 /* operation on fd with insufficient capabilities */ 1790 printf("operation requires "); 1791 capname(&ktr->cap_needed); 1792 printf(", descriptor holds "); 1793 capname(&ktr->cap_held); 1794 break; 1795 case CAPFAIL_INCREASE: 1796 /* requested more capabilities than fd already has */ 1797 printf("attempt to increase capabilities from "); 1798 capname(&ktr->cap_held); 1799 printf(" to "); 1800 capname(&ktr->cap_needed); 1801 break; 1802 case CAPFAIL_SYSCALL: 1803 /* called restricted syscall */ 1804 printf("disallowed system call"); 1805 break; 1806 case CAPFAIL_LOOKUP: 1807 /* used ".." in strict-relative mode */ 1808 printf("restricted VFS lookup"); 1809 break; 1810 default: 1811 printf("unknown capability failure: "); 1812 capname(&ktr->cap_needed); 1813 printf(" "); 1814 capname(&ktr->cap_held); 1815 break; 1816 } 1817 printf("\n"); 1818 } 1819 1820 void 1821 ktrfault(struct ktr_fault *ktr) 1822 { 1823 1824 printf("0x%jx ", (uintmax_t)ktr->vaddr); 1825 vmprotname(ktr->type); 1826 printf("\n"); 1827 } 1828 1829 void 1830 ktrfaultend(struct ktr_faultend *ktr) 1831 { 1832 1833 vmresultname(ktr->result); 1834 printf("\n"); 1835 } 1836 1837 void 1838 usage(void) 1839 { 1840 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] " 1841 "[-m maxdata] [-p pid] [-t trstr]\n"); 1842 exit(1); 1843 } 1844