1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #ifndef lint 33 static const char copyright[] = 34 "@(#) Copyright (c) 1988, 1993\n\ 35 The Regents of the University of California. All rights reserved.\n"; 36 #endif /* not lint */ 37 38 #ifndef lint 39 #if 0 40 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 41 #endif 42 #endif /* not lint */ 43 #include <sys/cdefs.h> 44 __FBSDID("$FreeBSD$"); 45 46 #define _WANT_KERNEL_ERRNO 47 #ifdef __LP64__ 48 #define _WANT_KEVENT32 49 #endif 50 #define _WANT_FREEBSD11_KEVENT 51 #define _WANT_FREEBSD_BITSET 52 #include <sys/param.h> 53 #include <sys/capsicum.h> 54 #include <sys/_bitset.h> 55 #include <sys/bitset.h> 56 #include <sys/errno.h> 57 #include <sys/time.h> 58 #include <sys/uio.h> 59 #include <sys/event.h> 60 #include <sys/ktrace.h> 61 #include <sys/mman.h> 62 #include <sys/ioctl.h> 63 #include <sys/socket.h> 64 #include <sys/stat.h> 65 #include <sys/sysent.h> 66 #include <sys/umtx.h> 67 #include <sys/un.h> 68 #include <sys/queue.h> 69 #include <sys/wait.h> 70 #ifdef WITH_CASPER 71 #include <sys/nv.h> 72 #endif 73 #include <arpa/inet.h> 74 #include <netinet/in.h> 75 #include <ctype.h> 76 #include <capsicum_helpers.h> 77 #include <err.h> 78 #include <grp.h> 79 #include <inttypes.h> 80 #include <locale.h> 81 #include <netdb.h> 82 #include <nl_types.h> 83 #include <pwd.h> 84 #include <stddef.h> 85 #include <stdio.h> 86 #include <stdlib.h> 87 #include <string.h> 88 #include <sysdecode.h> 89 #include <time.h> 90 #include <unistd.h> 91 #include <vis.h> 92 #include "ktrace.h" 93 #include "kdump.h" 94 95 #ifdef WITH_CASPER 96 #include <libcasper.h> 97 98 #include <casper/cap_grp.h> 99 #include <casper/cap_pwd.h> 100 #endif 101 102 int fetchprocinfo(struct ktr_header *, u_int *); 103 u_int findabi(struct ktr_header *); 104 int fread_tail(void *, int, int); 105 void dumpheader(struct ktr_header *, u_int); 106 void ktrsyscall(struct ktr_syscall *, u_int); 107 void ktrsysret(struct ktr_sysret *, u_int); 108 void ktrnamei(char *, int); 109 void hexdump(char *, int, int); 110 void visdump(char *, int, int); 111 void ktrgenio(struct ktr_genio *, int); 112 void ktrpsig(struct ktr_psig *); 113 void ktrcsw(struct ktr_csw *); 114 void ktrcsw_old(struct ktr_csw_old *); 115 void ktruser(int, void *); 116 void ktrcaprights(cap_rights_t *); 117 void ktritimerval(struct itimerval *it); 118 void ktrsockaddr(struct sockaddr *); 119 void ktrstat(struct stat *); 120 void ktrstruct(char *, size_t); 121 void ktrcapfail(struct ktr_cap_fail *); 122 void ktrfault(struct ktr_fault *); 123 void ktrfaultend(struct ktr_faultend *); 124 void ktrkevent(struct kevent *); 125 void ktrstructarray(struct ktr_struct_array *, size_t); 126 void ktrbitset(char *, struct bitset *, size_t); 127 void ktrsyscall_freebsd(struct ktr_syscall *ktr, register_t **resip, 128 int *resnarg, char *resc, u_int sv_flags); 129 void usage(void); 130 131 #define TIMESTAMP_NONE 0x0 132 #define TIMESTAMP_ABSOLUTE 0x1 133 #define TIMESTAMP_ELAPSED 0x2 134 #define TIMESTAMP_RELATIVE 0x4 135 136 bool decimal, fancy = true, resolv; 137 static bool abiflag, suppressdata, syscallno, tail, threads; 138 static int timestamp, maxdata; 139 static const char *tracefile = DEF_TRACEFILE; 140 static struct ktr_header ktr_header; 141 142 #define TIME_FORMAT "%b %e %T %Y" 143 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 144 145 struct proc_info 146 { 147 TAILQ_ENTRY(proc_info) info; 148 u_int sv_flags; 149 pid_t pid; 150 }; 151 152 static TAILQ_HEAD(trace_procs, proc_info) trace_procs; 153 154 #ifdef WITH_CASPER 155 static cap_channel_t *cappwd, *capgrp; 156 157 static int 158 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp) 159 { 160 cap_channel_t *capcas, *cappwdloc, *capgrploc; 161 const char *cmds[1], *fields[1]; 162 163 capcas = cap_init(); 164 if (capcas == NULL) { 165 err(1, "unable to create casper process"); 166 exit(1); 167 } 168 cappwdloc = cap_service_open(capcas, "system.pwd"); 169 capgrploc = cap_service_open(capcas, "system.grp"); 170 /* Casper capability no longer needed. */ 171 cap_close(capcas); 172 if (cappwdloc == NULL || capgrploc == NULL) { 173 if (cappwdloc == NULL) 174 warn("unable to open system.pwd service"); 175 if (capgrploc == NULL) 176 warn("unable to open system.grp service"); 177 exit(1); 178 } 179 /* Limit system.pwd to only getpwuid() function and pw_name field. */ 180 cmds[0] = "getpwuid"; 181 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0) 182 err(1, "unable to limit system.pwd service"); 183 fields[0] = "pw_name"; 184 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0) 185 err(1, "unable to limit system.pwd service"); 186 /* Limit system.grp to only getgrgid() function and gr_name field. */ 187 cmds[0] = "getgrgid"; 188 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0) 189 err(1, "unable to limit system.grp service"); 190 fields[0] = "gr_name"; 191 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0) 192 err(1, "unable to limit system.grp service"); 193 194 *cappwdp = cappwdloc; 195 *capgrpp = capgrploc; 196 return (0); 197 } 198 #endif /* WITH_CASPER */ 199 200 void 201 print_integer_arg(const char *(*decoder)(int), int value) 202 { 203 const char *str; 204 205 str = decoder(value); 206 if (str != NULL) 207 printf("%s", str); 208 else { 209 if (decimal) 210 printf("<invalid=%d>", value); 211 else 212 printf("<invalid=%#x>", value); 213 } 214 } 215 216 /* Like print_integer_arg but unknown values are treated as valid. */ 217 void 218 print_integer_arg_valid(const char *(*decoder)(int), int value) 219 { 220 const char *str; 221 222 str = decoder(value); 223 if (str != NULL) 224 printf("%s", str); 225 else { 226 if (decimal) 227 printf("%d", value); 228 else 229 printf("%#x", value); 230 } 231 } 232 233 bool 234 print_mask_arg_part(bool (*decoder)(FILE *, int, int *), int value, int *rem) 235 { 236 237 printf("%#x<", value); 238 return (decoder(stdout, value, rem)); 239 } 240 241 void 242 print_mask_arg(bool (*decoder)(FILE *, int, int *), int value) 243 { 244 bool invalid; 245 int rem; 246 247 invalid = !print_mask_arg_part(decoder, value, &rem); 248 printf(">"); 249 if (invalid) 250 printf("<invalid>%u", rem); 251 } 252 253 void 254 print_mask_arg0(bool (*decoder)(FILE *, int, int *), int value) 255 { 256 bool invalid; 257 int rem; 258 259 if (value == 0) { 260 printf("0"); 261 return; 262 } 263 printf("%#x<", value); 264 invalid = !decoder(stdout, value, &rem); 265 printf(">"); 266 if (invalid) 267 printf("<invalid>%u", rem); 268 } 269 270 static void 271 decode_fileflags(fflags_t value) 272 { 273 bool invalid; 274 fflags_t rem; 275 276 if (value == 0) { 277 printf("0"); 278 return; 279 } 280 printf("%#x<", value); 281 invalid = !sysdecode_fileflags(stdout, value, &rem); 282 printf(">"); 283 if (invalid) 284 printf("<invalid>%u", rem); 285 } 286 287 void 288 decode_filemode(int value) 289 { 290 bool invalid; 291 int rem; 292 293 if (value == 0) { 294 printf("0"); 295 return; 296 } 297 printf("%#o<", value); 298 invalid = !sysdecode_filemode(stdout, value, &rem); 299 printf(">"); 300 if (invalid) 301 printf("<invalid>%u", rem); 302 } 303 304 void 305 print_mask_arg32(bool (*decoder)(FILE *, uint32_t, uint32_t *), uint32_t value) 306 { 307 bool invalid; 308 uint32_t rem; 309 310 printf("%#x<", value); 311 invalid = !decoder(stdout, value, &rem); 312 printf(">"); 313 if (invalid) 314 printf("<invalid>%u", rem); 315 } 316 317 void 318 print_mask_argul(bool (*decoder)(FILE *, u_long, u_long *), u_long value) 319 { 320 bool invalid; 321 u_long rem; 322 323 if (value == 0) { 324 printf("0"); 325 return; 326 } 327 printf("%#lx<", value); 328 invalid = !decoder(stdout, value, &rem); 329 printf(">"); 330 if (invalid) 331 printf("<invalid>%lu", rem); 332 } 333 334 int 335 main(int argc, char *argv[]) 336 { 337 int ch, ktrlen, size; 338 void *m; 339 int trpoints = ALL_POINTS; 340 int drop_logged; 341 pid_t pid = 0; 342 u_int sv_flags; 343 344 setlocale(LC_CTYPE, ""); 345 346 timestamp = TIMESTAMP_NONE; 347 348 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1) 349 switch (ch) { 350 case 'A': 351 abiflag = true; 352 break; 353 case 'f': 354 tracefile = optarg; 355 break; 356 case 'd': 357 decimal = true; 358 break; 359 case 'l': 360 tail = true; 361 break; 362 case 'm': 363 maxdata = atoi(optarg); 364 break; 365 case 'n': 366 fancy = false; 367 break; 368 case 'p': 369 pid = atoi(optarg); 370 break; 371 case 'r': 372 resolv = true; 373 break; 374 case 'S': 375 syscallno = true; 376 break; 377 case 's': 378 suppressdata = true; 379 break; 380 case 'E': 381 timestamp |= TIMESTAMP_ELAPSED; 382 break; 383 case 'H': 384 threads = true; 385 break; 386 case 'R': 387 timestamp |= TIMESTAMP_RELATIVE; 388 break; 389 case 'T': 390 timestamp |= TIMESTAMP_ABSOLUTE; 391 break; 392 case 't': 393 trpoints = getpoints(optarg); 394 if (trpoints < 0) 395 errx(1, "unknown trace point in %s", optarg); 396 break; 397 default: 398 usage(); 399 } 400 401 if (argc > optind) 402 usage(); 403 404 m = malloc(size = 1025); 405 if (m == NULL) 406 errx(1, "%s", strerror(ENOMEM)); 407 if (strcmp(tracefile, "-") != 0) 408 if (!freopen(tracefile, "r", stdin)) 409 err(1, "%s", tracefile); 410 411 caph_cache_catpages(); 412 caph_cache_tzdata(); 413 414 #ifdef WITH_CASPER 415 if (resolv) { 416 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) { 417 cappwd = NULL; 418 capgrp = NULL; 419 } 420 } 421 if (!resolv || (cappwd != NULL && capgrp != NULL)) { 422 if (caph_enter() < 0) 423 err(1, "unable to enter capability mode"); 424 } 425 #else 426 if (!resolv) { 427 if (caph_enter() < 0) 428 err(1, "unable to enter capability mode"); 429 } 430 #endif 431 if (caph_limit_stdio() == -1) 432 err(1, "unable to limit stdio"); 433 434 TAILQ_INIT(&trace_procs); 435 drop_logged = 0; 436 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 437 if (ktr_header.ktr_type & KTR_DROP) { 438 ktr_header.ktr_type &= ~KTR_DROP; 439 if (!drop_logged && threads) { 440 printf( 441 "%6jd %6jd %-8.*s Events dropped.\n", 442 (intmax_t)ktr_header.ktr_pid, 443 ktr_header.ktr_tid > 0 ? 444 (intmax_t)ktr_header.ktr_tid : 0, 445 MAXCOMLEN, ktr_header.ktr_comm); 446 drop_logged = 1; 447 } else if (!drop_logged) { 448 printf("%6jd %-8.*s Events dropped.\n", 449 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 450 ktr_header.ktr_comm); 451 drop_logged = 1; 452 } 453 } 454 if ((ktrlen = ktr_header.ktr_len) < 0) 455 errx(1, "bogus length 0x%x", ktrlen); 456 if (ktrlen > size) { 457 m = realloc(m, ktrlen+1); 458 if (m == NULL) 459 errx(1, "%s", strerror(ENOMEM)); 460 size = ktrlen; 461 } 462 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 463 errx(1, "data too short"); 464 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 465 continue; 466 if (pid && ktr_header.ktr_pid != pid && 467 ktr_header.ktr_tid != pid) 468 continue; 469 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 470 continue; 471 sv_flags = findabi(&ktr_header); 472 dumpheader(&ktr_header, sv_flags); 473 drop_logged = 0; 474 switch (ktr_header.ktr_type) { 475 case KTR_SYSCALL: 476 ktrsyscall((struct ktr_syscall *)m, sv_flags); 477 break; 478 case KTR_SYSRET: 479 ktrsysret((struct ktr_sysret *)m, sv_flags); 480 break; 481 case KTR_NAMEI: 482 case KTR_SYSCTL: 483 ktrnamei(m, ktrlen); 484 break; 485 case KTR_GENIO: 486 ktrgenio((struct ktr_genio *)m, ktrlen); 487 break; 488 case KTR_PSIG: 489 ktrpsig((struct ktr_psig *)m); 490 break; 491 case KTR_CSW: 492 if (ktrlen == sizeof(struct ktr_csw_old)) 493 ktrcsw_old((struct ktr_csw_old *)m); 494 else 495 ktrcsw((struct ktr_csw *)m); 496 break; 497 case KTR_USER: 498 ktruser(ktrlen, m); 499 break; 500 case KTR_STRUCT: 501 ktrstruct(m, ktrlen); 502 break; 503 case KTR_CAPFAIL: 504 ktrcapfail((struct ktr_cap_fail *)m); 505 break; 506 case KTR_FAULT: 507 ktrfault((struct ktr_fault *)m); 508 break; 509 case KTR_FAULTEND: 510 ktrfaultend((struct ktr_faultend *)m); 511 break; 512 case KTR_STRUCT_ARRAY: 513 ktrstructarray((struct ktr_struct_array *)m, ktrlen); 514 break; 515 default: 516 printf("\n"); 517 break; 518 } 519 if (tail) 520 fflush(stdout); 521 } 522 return 0; 523 } 524 525 int 526 fread_tail(void *buf, int size, int num) 527 { 528 int i; 529 530 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 531 sleep(1); 532 clearerr(stdin); 533 } 534 return (i); 535 } 536 537 int 538 fetchprocinfo(struct ktr_header *kth, u_int *flags) 539 { 540 struct proc_info *pi; 541 542 switch (kth->ktr_type) { 543 case KTR_PROCCTOR: 544 TAILQ_FOREACH(pi, &trace_procs, info) { 545 if (pi->pid == kth->ktr_pid) { 546 TAILQ_REMOVE(&trace_procs, pi, info); 547 break; 548 } 549 } 550 pi = malloc(sizeof(struct proc_info)); 551 if (pi == NULL) 552 errx(1, "%s", strerror(ENOMEM)); 553 pi->sv_flags = *flags; 554 pi->pid = kth->ktr_pid; 555 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 556 return (1); 557 558 case KTR_PROCDTOR: 559 TAILQ_FOREACH(pi, &trace_procs, info) { 560 if (pi->pid == kth->ktr_pid) { 561 TAILQ_REMOVE(&trace_procs, pi, info); 562 free(pi); 563 break; 564 } 565 } 566 return (1); 567 } 568 569 return (0); 570 } 571 572 u_int 573 findabi(struct ktr_header *kth) 574 { 575 struct proc_info *pi; 576 577 TAILQ_FOREACH(pi, &trace_procs, info) { 578 if (pi->pid == kth->ktr_pid) { 579 return (pi->sv_flags); 580 } 581 } 582 return (0); 583 } 584 585 void 586 dumpheader(struct ktr_header *kth, u_int sv_flags) 587 { 588 static char unknown[64]; 589 static struct timeval prevtime, prevtime_e; 590 struct timeval temp; 591 const char *abi; 592 const char *arch; 593 const char *type; 594 const char *sign; 595 596 switch (kth->ktr_type) { 597 case KTR_SYSCALL: 598 type = "CALL"; 599 break; 600 case KTR_SYSRET: 601 type = "RET "; 602 break; 603 case KTR_NAMEI: 604 type = "NAMI"; 605 break; 606 case KTR_GENIO: 607 type = "GIO "; 608 break; 609 case KTR_PSIG: 610 type = "PSIG"; 611 break; 612 case KTR_CSW: 613 type = "CSW "; 614 break; 615 case KTR_USER: 616 type = "USER"; 617 break; 618 case KTR_STRUCT: 619 case KTR_STRUCT_ARRAY: 620 type = "STRU"; 621 break; 622 case KTR_SYSCTL: 623 type = "SCTL"; 624 break; 625 case KTR_CAPFAIL: 626 type = "CAP "; 627 break; 628 case KTR_FAULT: 629 type = "PFLT"; 630 break; 631 case KTR_FAULTEND: 632 type = "PRET"; 633 break; 634 default: 635 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 636 type = unknown; 637 } 638 639 /* 640 * The ktr_tid field was previously the ktr_buffer field, which held 641 * the kernel pointer value for the buffer associated with data 642 * following the record header. It now holds a threadid, but only 643 * for trace files after the change. Older trace files still contain 644 * kernel pointers. Detect this and suppress the results by printing 645 * negative tid's as 0. 646 */ 647 if (threads) 648 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 649 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 650 MAXCOMLEN, kth->ktr_comm); 651 else 652 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 653 kth->ktr_comm); 654 if (timestamp) { 655 if (timestamp & TIMESTAMP_ABSOLUTE) { 656 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 657 kth->ktr_time.tv_usec); 658 } 659 if (timestamp & TIMESTAMP_ELAPSED) { 660 if (prevtime_e.tv_sec == 0) 661 prevtime_e = kth->ktr_time; 662 timersub(&kth->ktr_time, &prevtime_e, &temp); 663 printf("%jd.%06ld ", (intmax_t)temp.tv_sec, 664 temp.tv_usec); 665 } 666 if (timestamp & TIMESTAMP_RELATIVE) { 667 if (prevtime.tv_sec == 0) 668 prevtime = kth->ktr_time; 669 if (timercmp(&kth->ktr_time, &prevtime, <)) { 670 timersub(&prevtime, &kth->ktr_time, &temp); 671 sign = "-"; 672 } else { 673 timersub(&kth->ktr_time, &prevtime, &temp); 674 sign = ""; 675 } 676 prevtime = kth->ktr_time; 677 printf("%s%jd.%06ld ", sign, (intmax_t)temp.tv_sec, 678 temp.tv_usec); 679 } 680 } 681 printf("%s ", type); 682 if (abiflag != 0) { 683 switch (sv_flags & SV_ABI_MASK) { 684 case SV_ABI_LINUX: 685 abi = "L"; 686 break; 687 case SV_ABI_FREEBSD: 688 abi = "F"; 689 break; 690 default: 691 abi = "U"; 692 break; 693 } 694 695 if ((sv_flags & SV_LP64) != 0) 696 arch = "64"; 697 else if ((sv_flags & SV_ILP32) != 0) 698 arch = "32"; 699 else 700 arch = "00"; 701 702 printf("%s%s ", abi, arch); 703 } 704 } 705 706 #include <sys/syscall.h> 707 708 static void 709 ioctlname(unsigned long val) 710 { 711 const char *str; 712 713 str = sysdecode_ioctlname(val); 714 if (str != NULL) 715 printf("%s", str); 716 else if (decimal) 717 printf("%lu", val); 718 else 719 printf("%#lx", val); 720 } 721 722 static enum sysdecode_abi 723 syscallabi(u_int sv_flags) 724 { 725 726 if (sv_flags == 0) 727 return (SYSDECODE_ABI_FREEBSD); 728 switch (sv_flags & SV_ABI_MASK) { 729 case SV_ABI_FREEBSD: 730 return (SYSDECODE_ABI_FREEBSD); 731 case SV_ABI_LINUX: 732 #ifdef __LP64__ 733 if (sv_flags & SV_ILP32) 734 return (SYSDECODE_ABI_LINUX32); 735 #endif 736 return (SYSDECODE_ABI_LINUX); 737 default: 738 return (SYSDECODE_ABI_UNKNOWN); 739 } 740 } 741 742 static void 743 syscallname(u_int code, u_int sv_flags) 744 { 745 const char *name; 746 747 name = sysdecode_syscallname(syscallabi(sv_flags), code); 748 if (name == NULL) 749 printf("[%d]", code); 750 else { 751 printf("%s", name); 752 if (syscallno) 753 printf("[%d]", code); 754 } 755 } 756 757 static void 758 print_signal(int signo) 759 { 760 const char *signame; 761 762 signame = sysdecode_signal(signo); 763 if (signame != NULL) 764 printf("%s", signame); 765 else 766 printf("SIG %d", signo); 767 } 768 769 void 770 ktrsyscall(struct ktr_syscall *ktr, u_int sv_flags) 771 { 772 int narg = ktr->ktr_narg; 773 register_t *ip; 774 775 syscallname(ktr->ktr_code, sv_flags); 776 ip = &ktr->ktr_args[0]; 777 if (narg) { 778 char c = '('; 779 if (fancy) { 780 switch (sv_flags & SV_ABI_MASK) { 781 case SV_ABI_FREEBSD: 782 ktrsyscall_freebsd(ktr, &ip, &narg, &c, 783 sv_flags); 784 break; 785 #ifdef SYSDECODE_HAVE_LINUX 786 case SV_ABI_LINUX: 787 #ifdef __amd64__ 788 if (sv_flags & SV_ILP32) 789 ktrsyscall_linux32(ktr, &ip, 790 &narg, &c); 791 else 792 #endif 793 ktrsyscall_linux(ktr, &ip, &narg, &c); 794 break; 795 #endif /* SYSDECODE_HAVE_LINUX */ 796 } 797 } 798 while (narg > 0) 799 print_number(ip, narg, c); 800 putchar(')'); 801 } 802 putchar('\n'); 803 } 804 805 void 806 ktrsyscall_freebsd(struct ktr_syscall *ktr, register_t **resip, 807 int *resnarg, char *resc, u_int sv_flags) 808 { 809 int narg = ktr->ktr_narg; 810 register_t *ip, *first; 811 intmax_t arg; 812 int quad_align, quad_slots; 813 814 ip = first = &ktr->ktr_args[0]; 815 char c = *resc; 816 817 quad_align = 0; 818 if (sv_flags & SV_ILP32) { 819 #ifdef __powerpc__ 820 quad_align = 1; 821 #endif 822 quad_slots = 2; 823 } else 824 quad_slots = 1; 825 switch (ktr->ktr_code) { 826 case SYS_bindat: 827 case SYS_chflagsat: 828 case SYS_connectat: 829 case SYS_faccessat: 830 case SYS_fchmodat: 831 case SYS_fchownat: 832 case SYS_fstatat: 833 case SYS_futimesat: 834 case SYS_linkat: 835 case SYS_mkdirat: 836 case SYS_mkfifoat: 837 case SYS_mknodat: 838 case SYS_openat: 839 case SYS_readlinkat: 840 case SYS_renameat: 841 case SYS_unlinkat: 842 case SYS_utimensat: 843 putchar('('); 844 print_integer_arg_valid(sysdecode_atfd, *ip); 845 c = ','; 846 ip++; 847 narg--; 848 break; 849 } 850 switch (ktr->ktr_code) { 851 case SYS_ioctl: { 852 print_number(ip, narg, c); 853 putchar(c); 854 ioctlname(*ip); 855 c = ','; 856 ip++; 857 narg--; 858 break; 859 } 860 case SYS_ptrace: 861 putchar('('); 862 print_integer_arg(sysdecode_ptrace_request, *ip); 863 c = ','; 864 ip++; 865 narg--; 866 break; 867 case SYS_access: 868 case SYS_eaccess: 869 case SYS_faccessat: 870 print_number(ip, narg, c); 871 putchar(','); 872 print_mask_arg(sysdecode_access_mode, *ip); 873 ip++; 874 narg--; 875 break; 876 case SYS_close_range: 877 print_number(ip, narg, c); 878 print_number(ip, narg, c); 879 putchar(','); 880 print_mask_arg(sysdecode_close_range_flags, *ip); 881 ip += 3; 882 narg -= 3; 883 break; 884 case SYS_open: 885 case SYS_openat: 886 print_number(ip, narg, c); 887 putchar(','); 888 print_mask_arg(sysdecode_open_flags, ip[0]); 889 if ((ip[0] & O_CREAT) == O_CREAT) { 890 putchar(','); 891 decode_filemode(ip[1]); 892 } 893 ip += 2; 894 narg -= 2; 895 break; 896 case SYS_wait4: 897 print_number(ip, narg, c); 898 print_number(ip, narg, c); 899 putchar(','); 900 print_mask_arg0(sysdecode_wait4_options, *ip); 901 ip++; 902 narg--; 903 break; 904 case SYS_wait6: 905 putchar('('); 906 print_integer_arg(sysdecode_idtype, *ip); 907 c = ','; 908 ip++; 909 narg--; 910 print_number64(first, ip, narg, c); 911 print_number(ip, narg, c); 912 putchar(','); 913 print_mask_arg(sysdecode_wait6_options, *ip); 914 ip++; 915 narg--; 916 break; 917 case SYS_chmod: 918 case SYS_fchmod: 919 case SYS_lchmod: 920 case SYS_fchmodat: 921 print_number(ip, narg, c); 922 putchar(','); 923 decode_filemode(*ip); 924 ip++; 925 narg--; 926 break; 927 case SYS_mknodat: 928 print_number(ip, narg, c); 929 putchar(','); 930 decode_filemode(*ip); 931 ip++; 932 narg--; 933 break; 934 case SYS_getfsstat: 935 print_number(ip, narg, c); 936 print_number(ip, narg, c); 937 putchar(','); 938 print_integer_arg(sysdecode_getfsstat_mode, *ip); 939 ip++; 940 narg--; 941 break; 942 case SYS_mount: 943 print_number(ip, narg, c); 944 print_number(ip, narg, c); 945 putchar(','); 946 print_mask_arg(sysdecode_mount_flags, *ip); 947 ip++; 948 narg--; 949 break; 950 case SYS_unmount: 951 print_number(ip, narg, c); 952 putchar(','); 953 print_mask_arg(sysdecode_mount_flags, *ip); 954 ip++; 955 narg--; 956 break; 957 case SYS_recvmsg: 958 case SYS_sendmsg: 959 print_number(ip, narg, c); 960 print_number(ip, narg, c); 961 putchar(','); 962 print_mask_arg0(sysdecode_msg_flags, *ip); 963 ip++; 964 narg--; 965 break; 966 case SYS_recvfrom: 967 case SYS_sendto: 968 print_number(ip, narg, c); 969 print_number(ip, narg, c); 970 print_number(ip, narg, c); 971 putchar(','); 972 print_mask_arg0(sysdecode_msg_flags, *ip); 973 ip++; 974 narg--; 975 break; 976 case SYS_chflags: 977 case SYS_chflagsat: 978 case SYS_fchflags: 979 case SYS_lchflags: 980 print_number(ip, narg, c); 981 putchar(','); 982 decode_fileflags(*ip); 983 ip++; 984 narg--; 985 break; 986 case SYS_kill: 987 print_number(ip, narg, c); 988 putchar(','); 989 print_signal(*ip); 990 ip++; 991 narg--; 992 break; 993 case SYS_reboot: 994 putchar('('); 995 print_mask_arg(sysdecode_reboot_howto, *ip); 996 ip++; 997 narg--; 998 break; 999 case SYS_umask: 1000 putchar('('); 1001 decode_filemode(*ip); 1002 ip++; 1003 narg--; 1004 break; 1005 case SYS_msync: 1006 print_number(ip, narg, c); 1007 print_number(ip, narg, c); 1008 putchar(','); 1009 print_mask_arg(sysdecode_msync_flags, *ip); 1010 ip++; 1011 narg--; 1012 break; 1013 #ifdef SYS_freebsd6_mmap 1014 case SYS_freebsd6_mmap: 1015 print_number(ip, narg, c); 1016 print_number(ip, narg, c); 1017 putchar(','); 1018 print_mask_arg(sysdecode_mmap_prot, *ip); 1019 putchar(','); 1020 ip++; 1021 narg--; 1022 print_mask_arg(sysdecode_mmap_flags, *ip); 1023 ip++; 1024 narg--; 1025 break; 1026 #endif 1027 case SYS_mmap: 1028 print_number(ip, narg, c); 1029 print_number(ip, narg, c); 1030 putchar(','); 1031 print_mask_arg(sysdecode_mmap_prot, *ip); 1032 putchar(','); 1033 ip++; 1034 narg--; 1035 print_mask_arg(sysdecode_mmap_flags, *ip); 1036 ip++; 1037 narg--; 1038 break; 1039 case SYS_mprotect: 1040 print_number(ip, narg, c); 1041 print_number(ip, narg, c); 1042 putchar(','); 1043 print_mask_arg(sysdecode_mmap_prot, *ip); 1044 ip++; 1045 narg--; 1046 break; 1047 case SYS_madvise: 1048 print_number(ip, narg, c); 1049 print_number(ip, narg, c); 1050 putchar(','); 1051 print_integer_arg(sysdecode_madvice, *ip); 1052 ip++; 1053 narg--; 1054 break; 1055 case SYS_pathconf: 1056 case SYS_lpathconf: 1057 case SYS_fpathconf: 1058 print_number(ip, narg, c); 1059 putchar(','); 1060 print_integer_arg(sysdecode_pathconf_name, *ip); 1061 ip++; 1062 narg--; 1063 break; 1064 case SYS_getpriority: 1065 case SYS_setpriority: 1066 putchar('('); 1067 print_integer_arg(sysdecode_prio_which, *ip); 1068 c = ','; 1069 ip++; 1070 narg--; 1071 break; 1072 case SYS_fcntl: 1073 print_number(ip, narg, c); 1074 putchar(','); 1075 print_integer_arg(sysdecode_fcntl_cmd, ip[0]); 1076 if (sysdecode_fcntl_arg_p(ip[0])) { 1077 putchar(','); 1078 if (ip[0] == F_SETFL) 1079 print_mask_arg( 1080 sysdecode_fcntl_fileflags, 1081 ip[1]); 1082 else 1083 sysdecode_fcntl_arg(stdout, 1084 ip[0], ip[1], 1085 decimal ? 10 : 16); 1086 } 1087 ip += 2; 1088 narg -= 2; 1089 break; 1090 case SYS_socket: { 1091 int sockdomain; 1092 putchar('('); 1093 sockdomain = *ip; 1094 print_integer_arg(sysdecode_socketdomain, 1095 sockdomain); 1096 ip++; 1097 narg--; 1098 putchar(','); 1099 print_mask_arg(sysdecode_socket_type, *ip); 1100 ip++; 1101 narg--; 1102 if (sockdomain == PF_INET || 1103 sockdomain == PF_INET6) { 1104 putchar(','); 1105 print_integer_arg(sysdecode_ipproto, 1106 *ip); 1107 ip++; 1108 narg--; 1109 } 1110 c = ','; 1111 break; 1112 } 1113 case SYS_setsockopt: 1114 case SYS_getsockopt: { 1115 const char *str; 1116 1117 print_number(ip, narg, c); 1118 putchar(','); 1119 print_integer_arg_valid(sysdecode_sockopt_level, 1120 *ip); 1121 str = sysdecode_sockopt_name(ip[0], ip[1]); 1122 if (str != NULL) { 1123 printf(",%s", str); 1124 ip++; 1125 narg--; 1126 } 1127 ip++; 1128 narg--; 1129 break; 1130 } 1131 #ifdef SYS_freebsd6_lseek 1132 case SYS_freebsd6_lseek: 1133 print_number(ip, narg, c); 1134 /* Hidden 'pad' argument, not in lseek(2) */ 1135 print_number(ip, narg, c); 1136 print_number64(first, ip, narg, c); 1137 putchar(','); 1138 print_integer_arg(sysdecode_whence, *ip); 1139 ip++; 1140 narg--; 1141 break; 1142 #endif 1143 case SYS_lseek: 1144 print_number(ip, narg, c); 1145 print_number64(first, ip, narg, c); 1146 putchar(','); 1147 print_integer_arg(sysdecode_whence, *ip); 1148 ip++; 1149 narg--; 1150 break; 1151 case SYS_flock: 1152 print_number(ip, narg, c); 1153 putchar(','); 1154 print_mask_arg(sysdecode_flock_operation, *ip); 1155 ip++; 1156 narg--; 1157 break; 1158 case SYS_mkfifo: 1159 case SYS_mkfifoat: 1160 case SYS_mkdir: 1161 case SYS_mkdirat: 1162 print_number(ip, narg, c); 1163 putchar(','); 1164 decode_filemode(*ip); 1165 ip++; 1166 narg--; 1167 break; 1168 case SYS_shutdown: 1169 print_number(ip, narg, c); 1170 putchar(','); 1171 print_integer_arg(sysdecode_shutdown_how, *ip); 1172 ip++; 1173 narg--; 1174 break; 1175 case SYS_socketpair: 1176 putchar('('); 1177 print_integer_arg(sysdecode_socketdomain, *ip); 1178 ip++; 1179 narg--; 1180 putchar(','); 1181 print_mask_arg(sysdecode_socket_type, *ip); 1182 ip++; 1183 narg--; 1184 c = ','; 1185 break; 1186 case SYS_getrlimit: 1187 case SYS_setrlimit: 1188 putchar('('); 1189 print_integer_arg(sysdecode_rlimit, *ip); 1190 ip++; 1191 narg--; 1192 c = ','; 1193 break; 1194 case SYS_getrusage: 1195 putchar('('); 1196 print_integer_arg(sysdecode_getrusage_who, *ip); 1197 ip++; 1198 narg--; 1199 c = ','; 1200 break; 1201 case SYS_quotactl: 1202 print_number(ip, narg, c); 1203 putchar(','); 1204 if (!sysdecode_quotactl_cmd(stdout, *ip)) { 1205 if (decimal) 1206 printf("<invalid=%d>", (int)*ip); 1207 else 1208 printf("<invalid=%#x>", 1209 (int)*ip); 1210 } 1211 ip++; 1212 narg--; 1213 c = ','; 1214 break; 1215 case SYS_nfssvc: 1216 putchar('('); 1217 print_integer_arg(sysdecode_nfssvc_flags, *ip); 1218 ip++; 1219 narg--; 1220 c = ','; 1221 break; 1222 case SYS_rtprio: 1223 case SYS_rtprio_thread: 1224 putchar('('); 1225 print_integer_arg(sysdecode_rtprio_function, 1226 *ip); 1227 ip++; 1228 narg--; 1229 c = ','; 1230 break; 1231 case SYS___semctl: 1232 print_number(ip, narg, c); 1233 print_number(ip, narg, c); 1234 putchar(','); 1235 print_integer_arg(sysdecode_semctl_cmd, *ip); 1236 ip++; 1237 narg--; 1238 break; 1239 case SYS_semget: 1240 print_number(ip, narg, c); 1241 print_number(ip, narg, c); 1242 putchar(','); 1243 print_mask_arg(sysdecode_semget_flags, *ip); 1244 ip++; 1245 narg--; 1246 break; 1247 case SYS_msgctl: 1248 print_number(ip, narg, c); 1249 putchar(','); 1250 print_integer_arg(sysdecode_msgctl_cmd, *ip); 1251 ip++; 1252 narg--; 1253 break; 1254 case SYS_shmat: 1255 print_number(ip, narg, c); 1256 print_number(ip, narg, c); 1257 putchar(','); 1258 print_mask_arg(sysdecode_shmat_flags, *ip); 1259 ip++; 1260 narg--; 1261 break; 1262 case SYS_shmctl: 1263 print_number(ip, narg, c); 1264 putchar(','); 1265 print_integer_arg(sysdecode_shmctl_cmd, *ip); 1266 ip++; 1267 narg--; 1268 break; 1269 #ifdef SYS_freebsd12_shm_open 1270 case SYS_freebsd12_shm_open: 1271 if (ip[0] == (uintptr_t)SHM_ANON) { 1272 printf("(SHM_ANON"); 1273 ip++; 1274 } else { 1275 print_number(ip, narg, c); 1276 } 1277 putchar(','); 1278 print_mask_arg(sysdecode_open_flags, ip[0]); 1279 putchar(','); 1280 decode_filemode(ip[1]); 1281 ip += 2; 1282 narg -= 2; 1283 break; 1284 #endif 1285 case SYS_shm_open2: 1286 if (ip[0] == (uintptr_t)SHM_ANON) { 1287 printf("(SHM_ANON"); 1288 ip++; 1289 } else { 1290 print_number(ip, narg, c); 1291 } 1292 putchar(','); 1293 print_mask_arg(sysdecode_open_flags, ip[0]); 1294 putchar(','); 1295 decode_filemode(ip[1]); 1296 putchar(','); 1297 print_mask_arg(sysdecode_shmflags, ip[2]); 1298 ip += 3; 1299 narg -= 3; 1300 break; 1301 case SYS_minherit: 1302 print_number(ip, narg, c); 1303 print_number(ip, narg, c); 1304 putchar(','); 1305 print_integer_arg(sysdecode_minherit_inherit, 1306 *ip); 1307 ip++; 1308 narg--; 1309 break; 1310 case SYS_rfork: 1311 putchar('('); 1312 print_mask_arg(sysdecode_rfork_flags, *ip); 1313 ip++; 1314 narg--; 1315 c = ','; 1316 break; 1317 case SYS_lio_listio: 1318 putchar('('); 1319 print_integer_arg(sysdecode_lio_listio_mode, 1320 *ip); 1321 ip++; 1322 narg--; 1323 c = ','; 1324 break; 1325 case SYS_mlockall: 1326 putchar('('); 1327 print_mask_arg(sysdecode_mlockall_flags, *ip); 1328 ip++; 1329 narg--; 1330 break; 1331 case SYS_sched_setscheduler: 1332 print_number(ip, narg, c); 1333 putchar(','); 1334 print_integer_arg(sysdecode_scheduler_policy, 1335 *ip); 1336 ip++; 1337 narg--; 1338 break; 1339 case SYS_sched_get_priority_max: 1340 case SYS_sched_get_priority_min: 1341 putchar('('); 1342 print_integer_arg(sysdecode_scheduler_policy, 1343 *ip); 1344 ip++; 1345 narg--; 1346 break; 1347 case SYS_sendfile: 1348 print_number(ip, narg, c); 1349 print_number(ip, narg, c); 1350 print_number(ip, narg, c); 1351 print_number(ip, narg, c); 1352 print_number(ip, narg, c); 1353 print_number(ip, narg, c); 1354 putchar(','); 1355 print_mask_arg(sysdecode_sendfile_flags, *ip); 1356 ip++; 1357 narg--; 1358 break; 1359 case SYS_kldsym: 1360 print_number(ip, narg, c); 1361 putchar(','); 1362 print_integer_arg(sysdecode_kldsym_cmd, *ip); 1363 ip++; 1364 narg--; 1365 break; 1366 case SYS_sigprocmask: 1367 putchar('('); 1368 print_integer_arg(sysdecode_sigprocmask_how, 1369 *ip); 1370 ip++; 1371 narg--; 1372 c = ','; 1373 break; 1374 case SYS___acl_get_file: 1375 case SYS___acl_set_file: 1376 case SYS___acl_get_fd: 1377 case SYS___acl_set_fd: 1378 case SYS___acl_delete_file: 1379 case SYS___acl_delete_fd: 1380 case SYS___acl_aclcheck_file: 1381 case SYS___acl_aclcheck_fd: 1382 case SYS___acl_get_link: 1383 case SYS___acl_set_link: 1384 case SYS___acl_delete_link: 1385 case SYS___acl_aclcheck_link: 1386 print_number(ip, narg, c); 1387 putchar(','); 1388 print_integer_arg(sysdecode_acltype, *ip); 1389 ip++; 1390 narg--; 1391 break; 1392 case SYS_sigaction: 1393 putchar('('); 1394 print_signal(*ip); 1395 ip++; 1396 narg--; 1397 c = ','; 1398 break; 1399 case SYS_extattrctl: 1400 print_number(ip, narg, c); 1401 putchar(','); 1402 print_integer_arg(sysdecode_extattrnamespace, 1403 *ip); 1404 ip++; 1405 narg--; 1406 break; 1407 case SYS_nmount: 1408 print_number(ip, narg, c); 1409 print_number(ip, narg, c); 1410 putchar(','); 1411 print_mask_arg(sysdecode_mount_flags, *ip); 1412 ip++; 1413 narg--; 1414 break; 1415 case SYS_thr_create: 1416 print_number(ip, narg, c); 1417 print_number(ip, narg, c); 1418 putchar(','); 1419 print_mask_arg(sysdecode_thr_create_flags, *ip); 1420 ip++; 1421 narg--; 1422 break; 1423 case SYS_thr_kill: 1424 print_number(ip, narg, c); 1425 putchar(','); 1426 print_signal(*ip); 1427 ip++; 1428 narg--; 1429 break; 1430 case SYS_kldunloadf: 1431 print_number(ip, narg, c); 1432 putchar(','); 1433 print_integer_arg(sysdecode_kldunload_flags, 1434 *ip); 1435 ip++; 1436 narg--; 1437 break; 1438 case SYS_linkat: 1439 case SYS_renameat: 1440 case SYS_symlinkat: 1441 print_number(ip, narg, c); 1442 putchar(','); 1443 print_integer_arg_valid(sysdecode_atfd, *ip); 1444 ip++; 1445 narg--; 1446 print_number(ip, narg, c); 1447 break; 1448 case SYS_cap_fcntls_limit: 1449 print_number(ip, narg, c); 1450 putchar(','); 1451 arg = *ip; 1452 ip++; 1453 narg--; 1454 print_mask_arg32(sysdecode_cap_fcntlrights, arg); 1455 break; 1456 case SYS_posix_fadvise: 1457 print_number(ip, narg, c); 1458 print_number(ip, narg, c); 1459 print_number(ip, narg, c); 1460 (void)putchar(','); 1461 print_integer_arg(sysdecode_fadvice, *ip); 1462 ip++; 1463 narg--; 1464 break; 1465 case SYS_procctl: 1466 putchar('('); 1467 print_integer_arg(sysdecode_idtype, *ip); 1468 c = ','; 1469 ip++; 1470 narg--; 1471 print_number64(first, ip, narg, c); 1472 putchar(','); 1473 print_integer_arg(sysdecode_procctl_cmd, *ip); 1474 ip++; 1475 narg--; 1476 break; 1477 case SYS__umtx_op: { 1478 int op; 1479 1480 print_number(ip, narg, c); 1481 putchar(','); 1482 if (print_mask_arg_part(sysdecode_umtx_op_flags, 1483 *ip, &op)) 1484 putchar('|'); 1485 print_integer_arg(sysdecode_umtx_op, op); 1486 putchar('>'); 1487 switch (*ip) { 1488 case UMTX_OP_CV_WAIT: 1489 ip++; 1490 narg--; 1491 putchar(','); 1492 print_mask_argul( 1493 sysdecode_umtx_cvwait_flags, *ip); 1494 break; 1495 case UMTX_OP_RW_RDLOCK: 1496 ip++; 1497 narg--; 1498 putchar(','); 1499 print_mask_argul( 1500 sysdecode_umtx_rwlock_flags, *ip); 1501 break; 1502 } 1503 ip++; 1504 narg--; 1505 break; 1506 } 1507 case SYS_ftruncate: 1508 case SYS_truncate: 1509 print_number(ip, narg, c); 1510 print_number64(first, ip, narg, c); 1511 break; 1512 case SYS_fchownat: 1513 print_number(ip, narg, c); 1514 print_number(ip, narg, c); 1515 print_number(ip, narg, c); 1516 break; 1517 case SYS_fstatat: 1518 case SYS_utimensat: 1519 print_number(ip, narg, c); 1520 print_number(ip, narg, c); 1521 break; 1522 case SYS_unlinkat: 1523 print_number(ip, narg, c); 1524 break; 1525 case SYS_sysarch: 1526 putchar('('); 1527 print_integer_arg(sysdecode_sysarch_number, *ip); 1528 ip++; 1529 narg--; 1530 c = ','; 1531 break; 1532 case SYS_getitimer: 1533 case SYS_setitimer: 1534 putchar('('); 1535 print_integer_arg(sysdecode_itimer, *ip); 1536 ip++; 1537 narg--; 1538 c = ','; 1539 break; 1540 } 1541 switch (ktr->ktr_code) { 1542 case SYS_chflagsat: 1543 case SYS_fchownat: 1544 case SYS_faccessat: 1545 case SYS_fchmodat: 1546 case SYS_fstatat: 1547 case SYS_linkat: 1548 case SYS_unlinkat: 1549 case SYS_utimensat: 1550 putchar(','); 1551 print_mask_arg0(sysdecode_atflags, *ip); 1552 ip++; 1553 narg--; 1554 break; 1555 } 1556 *resc = c; 1557 *resip = ip; 1558 *resnarg = narg; 1559 } 1560 1561 void 1562 ktrsysret(struct ktr_sysret *ktr, u_int sv_flags) 1563 { 1564 register_t ret = ktr->ktr_retval; 1565 int error = ktr->ktr_error; 1566 1567 syscallname(ktr->ktr_code, sv_flags); 1568 printf(" "); 1569 1570 if (error == 0) { 1571 if (fancy) { 1572 printf("%ld", (long)ret); 1573 if (ret < 0 || ret > 9) 1574 printf("/%#lx", (unsigned long)ret); 1575 } else { 1576 if (decimal) 1577 printf("%ld", (long)ret); 1578 else 1579 printf("%#lx", (unsigned long)ret); 1580 } 1581 } else if (error == ERESTART) 1582 printf("RESTART"); 1583 else if (error == EJUSTRETURN) 1584 printf("JUSTRETURN"); 1585 else { 1586 printf("-1 errno %d", sysdecode_freebsd_to_abi_errno( 1587 syscallabi(sv_flags), error)); 1588 if (fancy) 1589 printf(" %s", strerror(ktr->ktr_error)); 1590 } 1591 putchar('\n'); 1592 } 1593 1594 void 1595 ktrnamei(char *cp, int len) 1596 { 1597 printf("\"%.*s\"\n", len, cp); 1598 } 1599 1600 void 1601 hexdump(char *p, int len, int screenwidth) 1602 { 1603 int n, i; 1604 int width; 1605 1606 width = 0; 1607 do { 1608 width += 2; 1609 i = 13; /* base offset */ 1610 i += (width / 2) + 1; /* spaces every second byte */ 1611 i += (width * 2); /* width of bytes */ 1612 i += 3; /* " |" */ 1613 i += width; /* each byte */ 1614 i += 1; /* "|" */ 1615 } while (i < screenwidth); 1616 width -= 2; 1617 1618 for (n = 0; n < len; n += width) { 1619 for (i = n; i < n + width; i++) { 1620 if ((i % width) == 0) { /* beginning of line */ 1621 printf(" 0x%04x", i); 1622 } 1623 if ((i % 2) == 0) { 1624 printf(" "); 1625 } 1626 if (i < len) 1627 printf("%02x", p[i] & 0xff); 1628 else 1629 printf(" "); 1630 } 1631 printf(" |"); 1632 for (i = n; i < n + width; i++) { 1633 if (i >= len) 1634 break; 1635 if (p[i] >= ' ' && p[i] <= '~') 1636 printf("%c", p[i]); 1637 else 1638 printf("."); 1639 } 1640 printf("|\n"); 1641 } 1642 if ((i % width) != 0) 1643 printf("\n"); 1644 } 1645 1646 void 1647 visdump(char *dp, int datalen, int screenwidth) 1648 { 1649 int col = 0; 1650 char *cp; 1651 int width; 1652 char visbuf[5]; 1653 1654 printf(" \""); 1655 col = 8; 1656 for (;datalen > 0; datalen--, dp++) { 1657 vis(visbuf, *dp, VIS_CSTYLE | VIS_NOLOCALE, *(dp+1)); 1658 cp = visbuf; 1659 /* 1660 * Keep track of printables and 1661 * space chars (like fold(1)). 1662 */ 1663 if (col == 0) { 1664 putchar('\t'); 1665 col = 8; 1666 } 1667 switch(*cp) { 1668 case '\n': 1669 col = 0; 1670 putchar('\n'); 1671 continue; 1672 case '\t': 1673 width = 8 - (col&07); 1674 break; 1675 default: 1676 width = strlen(cp); 1677 } 1678 if (col + width > (screenwidth-2)) { 1679 printf("\\\n\t"); 1680 col = 8; 1681 } 1682 col += width; 1683 do { 1684 putchar(*cp++); 1685 } while (*cp); 1686 } 1687 if (col == 0) 1688 printf(" "); 1689 printf("\"\n"); 1690 } 1691 1692 void 1693 ktrgenio(struct ktr_genio *ktr, int len) 1694 { 1695 int datalen = len - sizeof (struct ktr_genio); 1696 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1697 static int screenwidth = 0; 1698 int i, binary; 1699 1700 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1701 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1702 datalen == 1 ? "" : "s"); 1703 if (suppressdata) 1704 return; 1705 if (screenwidth == 0) { 1706 struct winsize ws; 1707 1708 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1709 ws.ws_col > 8) 1710 screenwidth = ws.ws_col; 1711 else 1712 screenwidth = 80; 1713 } 1714 if (maxdata && datalen > maxdata) 1715 datalen = maxdata; 1716 1717 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1718 if (dp[i] >= 32 && dp[i] < 127) 1719 continue; 1720 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1721 continue; 1722 binary = 1; 1723 } 1724 if (binary) 1725 hexdump(dp, datalen, screenwidth); 1726 else 1727 visdump(dp, datalen, screenwidth); 1728 } 1729 1730 void 1731 ktrpsig(struct ktr_psig *psig) 1732 { 1733 const char *str; 1734 1735 print_signal(psig->signo); 1736 if (psig->action == SIG_DFL) { 1737 printf(" SIG_DFL"); 1738 } else { 1739 printf(" caught handler=0x%lx mask=0x%x", 1740 (u_long)psig->action, psig->mask.__bits[0]); 1741 } 1742 printf(" code="); 1743 str = sysdecode_sigcode(psig->signo, psig->code); 1744 if (str != NULL) 1745 printf("%s", str); 1746 else 1747 printf("<invalid=%#x>", psig->code); 1748 putchar('\n'); 1749 } 1750 1751 void 1752 ktrcsw_old(struct ktr_csw_old *cs) 1753 { 1754 printf("%s %s\n", cs->out ? "stop" : "resume", 1755 cs->user ? "user" : "kernel"); 1756 } 1757 1758 void 1759 ktrcsw(struct ktr_csw *cs) 1760 { 1761 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1762 cs->user ? "user" : "kernel", cs->wmesg); 1763 } 1764 1765 void 1766 ktruser(int len, void *p) 1767 { 1768 unsigned char *cp; 1769 1770 if (sysdecode_utrace(stdout, p, len)) { 1771 printf("\n"); 1772 return; 1773 } 1774 1775 printf("%d ", len); 1776 cp = p; 1777 while (len--) 1778 if (decimal) 1779 printf(" %d", *cp++); 1780 else 1781 printf(" %02x", *cp++); 1782 printf("\n"); 1783 } 1784 1785 void 1786 ktrcaprights(cap_rights_t *rightsp) 1787 { 1788 1789 printf("cap_rights_t "); 1790 sysdecode_cap_rights(stdout, rightsp); 1791 printf("\n"); 1792 } 1793 1794 static void 1795 ktrtimeval(struct timeval *tv) 1796 { 1797 1798 printf("{%ld, %ld}", (long)tv->tv_sec, tv->tv_usec); 1799 } 1800 1801 void 1802 ktritimerval(struct itimerval *it) 1803 { 1804 1805 printf("itimerval { .interval = "); 1806 ktrtimeval(&it->it_interval); 1807 printf(", .value = "); 1808 ktrtimeval(&it->it_value); 1809 printf(" }\n"); 1810 } 1811 1812 void 1813 ktrsockaddr(struct sockaddr *sa) 1814 { 1815 /* 1816 TODO: Support additional address families 1817 #include <netsmb/netbios.h> 1818 struct sockaddr_nb *nb; 1819 */ 1820 const char *str; 1821 char addr[64]; 1822 1823 /* 1824 * note: ktrstruct() has already verified that sa points to a 1825 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1826 * sa->sa_len bytes long. 1827 */ 1828 printf("struct sockaddr { "); 1829 str = sysdecode_sockaddr_family(sa->sa_family); 1830 if (str != NULL) 1831 printf("%s", str); 1832 else 1833 printf("<invalid=%d>", sa->sa_family); 1834 printf(", "); 1835 1836 #define check_sockaddr_len(n) \ 1837 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1838 printf("invalid"); \ 1839 break; \ 1840 } 1841 1842 switch(sa->sa_family) { 1843 case AF_INET: { 1844 struct sockaddr_in sa_in; 1845 1846 memset(&sa_in, 0, sizeof(sa_in)); 1847 memcpy(&sa_in, sa, sa->sa_len); 1848 check_sockaddr_len(in); 1849 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1850 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1851 break; 1852 } 1853 case AF_INET6: { 1854 struct sockaddr_in6 sa_in6; 1855 1856 memset(&sa_in6, 0, sizeof(sa_in6)); 1857 memcpy(&sa_in6, sa, sa->sa_len); 1858 check_sockaddr_len(in6); 1859 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1860 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1861 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1862 break; 1863 } 1864 case AF_UNIX: { 1865 struct sockaddr_un sa_un; 1866 1867 memset(&sa_un, 0, sizeof(sa_un)); 1868 memcpy(&sa_un, sa, sa->sa_len); 1869 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1870 break; 1871 } 1872 default: 1873 printf("unknown address family"); 1874 } 1875 printf(" }\n"); 1876 } 1877 1878 void 1879 ktrstat(struct stat *statp) 1880 { 1881 char mode[12], timestr[PATH_MAX + 4]; 1882 struct passwd *pwd; 1883 struct group *grp; 1884 struct tm *tm; 1885 1886 /* 1887 * note: ktrstruct() has already verified that statp points to a 1888 * buffer exactly sizeof(struct stat) bytes long. 1889 */ 1890 printf("struct stat {"); 1891 printf("dev=%ju, ino=%ju, ", 1892 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); 1893 if (!resolv) 1894 printf("mode=0%jo, ", (uintmax_t)statp->st_mode); 1895 else { 1896 strmode(statp->st_mode, mode); 1897 printf("mode=%s, ", mode); 1898 } 1899 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); 1900 if (!resolv) { 1901 pwd = NULL; 1902 } else { 1903 #ifdef WITH_CASPER 1904 if (cappwd != NULL) 1905 pwd = cap_getpwuid(cappwd, statp->st_uid); 1906 else 1907 #endif 1908 pwd = getpwuid(statp->st_uid); 1909 } 1910 if (pwd == NULL) 1911 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1912 else 1913 printf("uid=\"%s\", ", pwd->pw_name); 1914 if (!resolv) { 1915 grp = NULL; 1916 } else { 1917 #ifdef WITH_CASPER 1918 if (capgrp != NULL) 1919 grp = cap_getgrgid(capgrp, statp->st_gid); 1920 else 1921 #endif 1922 grp = getgrgid(statp->st_gid); 1923 } 1924 if (grp == NULL) 1925 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1926 else 1927 printf("gid=\"%s\", ", grp->gr_name); 1928 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1929 printf("atime="); 1930 if (!resolv) 1931 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1932 else { 1933 tm = localtime(&statp->st_atim.tv_sec); 1934 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1935 printf("\"%s\"", timestr); 1936 } 1937 if (statp->st_atim.tv_nsec != 0) 1938 printf(".%09ld, ", statp->st_atim.tv_nsec); 1939 else 1940 printf(", "); 1941 printf("mtime="); 1942 if (!resolv) 1943 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1944 else { 1945 tm = localtime(&statp->st_mtim.tv_sec); 1946 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1947 printf("\"%s\"", timestr); 1948 } 1949 if (statp->st_mtim.tv_nsec != 0) 1950 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1951 else 1952 printf(", "); 1953 printf("ctime="); 1954 if (!resolv) 1955 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1956 else { 1957 tm = localtime(&statp->st_ctim.tv_sec); 1958 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1959 printf("\"%s\"", timestr); 1960 } 1961 if (statp->st_ctim.tv_nsec != 0) 1962 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1963 else 1964 printf(", "); 1965 printf("birthtime="); 1966 if (!resolv) 1967 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1968 else { 1969 tm = localtime(&statp->st_birthtim.tv_sec); 1970 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1971 printf("\"%s\"", timestr); 1972 } 1973 if (statp->st_birthtim.tv_nsec != 0) 1974 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1975 else 1976 printf(", "); 1977 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1978 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1979 (intmax_t)statp->st_blocks, statp->st_flags); 1980 printf(" }\n"); 1981 } 1982 1983 void 1984 ktrbitset(char *name, struct bitset *set, size_t setlen) 1985 { 1986 int i, maxi, c = 0; 1987 1988 if (setlen > INT32_MAX) 1989 setlen = INT32_MAX; 1990 maxi = setlen * CHAR_BIT; 1991 printf("%s [ ", name); 1992 for (i = 0; i < maxi; i++) { 1993 if (!BIT_ISSET(setlen, i, set)) 1994 continue; 1995 if (c == 0) 1996 printf("%d", i); 1997 else 1998 printf(", %d", i); 1999 c++; 2000 } 2001 if (c == 0) 2002 printf(" empty ]\n"); 2003 else 2004 printf(" ]\n"); 2005 } 2006 2007 void 2008 ktrstruct(char *buf, size_t buflen) 2009 { 2010 char *name, *data; 2011 size_t namelen, datalen; 2012 int i; 2013 cap_rights_t rights; 2014 struct itimerval it; 2015 struct stat sb; 2016 struct sockaddr_storage ss; 2017 struct bitset *set; 2018 2019 for (name = buf, namelen = 0; 2020 namelen < buflen && name[namelen] != '\0'; 2021 ++namelen) 2022 /* nothing */; 2023 if (namelen == buflen) 2024 goto invalid; 2025 if (name[namelen] != '\0') 2026 goto invalid; 2027 data = buf + namelen + 1; 2028 datalen = buflen - namelen - 1; 2029 if (datalen == 0) 2030 goto invalid; 2031 /* sanity check */ 2032 for (i = 0; i < (int)namelen; ++i) 2033 if (!isalpha(name[i]) && name[i] != '_') 2034 goto invalid; 2035 if (strcmp(name, "caprights") == 0) { 2036 if (datalen != sizeof(cap_rights_t)) 2037 goto invalid; 2038 memcpy(&rights, data, datalen); 2039 ktrcaprights(&rights); 2040 } else if (strcmp(name, "itimerval") == 0) { 2041 if (datalen != sizeof(struct itimerval)) 2042 goto invalid; 2043 memcpy(&it, data, datalen); 2044 ktritimerval(&it); 2045 } else if (strcmp(name, "stat") == 0) { 2046 if (datalen != sizeof(struct stat)) 2047 goto invalid; 2048 memcpy(&sb, data, datalen); 2049 ktrstat(&sb); 2050 } else if (strcmp(name, "sockaddr") == 0) { 2051 if (datalen > sizeof(ss)) 2052 goto invalid; 2053 memcpy(&ss, data, datalen); 2054 if (datalen != ss.ss_len) 2055 goto invalid; 2056 ktrsockaddr((struct sockaddr *)&ss); 2057 } else if (strcmp(name, "cpuset_t") == 0) { 2058 if (datalen < 1) 2059 goto invalid; 2060 set = malloc(datalen); 2061 if (set == NULL) 2062 errx(1, "%s", strerror(ENOMEM)); 2063 memcpy(set, data, datalen); 2064 ktrbitset(name, set, datalen); 2065 free(set); 2066 } else { 2067 #ifdef SYSDECODE_HAVE_LINUX 2068 if (ktrstruct_linux(name, data, datalen) == false) 2069 #endif 2070 printf("unknown structure\n"); 2071 } 2072 return; 2073 invalid: 2074 printf("invalid record\n"); 2075 } 2076 2077 void 2078 ktrcapfail(struct ktr_cap_fail *ktr) 2079 { 2080 switch (ktr->cap_type) { 2081 case CAPFAIL_NOTCAPABLE: 2082 /* operation on fd with insufficient capabilities */ 2083 printf("operation requires "); 2084 sysdecode_cap_rights(stdout, &ktr->cap_needed); 2085 printf(", descriptor holds "); 2086 sysdecode_cap_rights(stdout, &ktr->cap_held); 2087 break; 2088 case CAPFAIL_INCREASE: 2089 /* requested more capabilities than fd already has */ 2090 printf("attempt to increase capabilities from "); 2091 sysdecode_cap_rights(stdout, &ktr->cap_held); 2092 printf(" to "); 2093 sysdecode_cap_rights(stdout, &ktr->cap_needed); 2094 break; 2095 case CAPFAIL_SYSCALL: 2096 /* called restricted syscall */ 2097 printf("disallowed system call"); 2098 break; 2099 case CAPFAIL_LOOKUP: 2100 /* absolute or AT_FDCWD path, ".." path, etc. */ 2101 printf("restricted VFS lookup"); 2102 break; 2103 default: 2104 printf("unknown capability failure: "); 2105 sysdecode_cap_rights(stdout, &ktr->cap_needed); 2106 printf(" "); 2107 sysdecode_cap_rights(stdout, &ktr->cap_held); 2108 break; 2109 } 2110 printf("\n"); 2111 } 2112 2113 void 2114 ktrfault(struct ktr_fault *ktr) 2115 { 2116 2117 printf("0x%jx ", (uintmax_t)ktr->vaddr); 2118 print_mask_arg(sysdecode_vmprot, ktr->type); 2119 printf("\n"); 2120 } 2121 2122 void 2123 ktrfaultend(struct ktr_faultend *ktr) 2124 { 2125 const char *str; 2126 2127 str = sysdecode_vmresult(ktr->result); 2128 if (str != NULL) 2129 printf("%s", str); 2130 else 2131 printf("<invalid=%d>", ktr->result); 2132 printf("\n"); 2133 } 2134 2135 void 2136 ktrkevent(struct kevent *kev) 2137 { 2138 2139 printf("{ ident="); 2140 switch (kev->filter) { 2141 case EVFILT_READ: 2142 case EVFILT_WRITE: 2143 case EVFILT_VNODE: 2144 case EVFILT_PROC: 2145 case EVFILT_TIMER: 2146 case EVFILT_PROCDESC: 2147 case EVFILT_EMPTY: 2148 printf("%ju", (uintmax_t)kev->ident); 2149 break; 2150 case EVFILT_SIGNAL: 2151 print_signal(kev->ident); 2152 break; 2153 default: 2154 printf("%p", (void *)kev->ident); 2155 } 2156 printf(", filter="); 2157 print_integer_arg(sysdecode_kevent_filter, kev->filter); 2158 printf(", flags="); 2159 print_mask_arg0(sysdecode_kevent_flags, kev->flags); 2160 printf(", fflags="); 2161 sysdecode_kevent_fflags(stdout, kev->filter, kev->fflags, 2162 decimal ? 10 : 16); 2163 printf(", data=%#jx, udata=%p }", (uintmax_t)kev->data, kev->udata); 2164 } 2165 2166 void 2167 ktrstructarray(struct ktr_struct_array *ksa, size_t buflen) 2168 { 2169 struct kevent kev; 2170 char *name, *data; 2171 size_t namelen, datalen; 2172 int i; 2173 bool first; 2174 2175 buflen -= sizeof(*ksa); 2176 for (name = (char *)(ksa + 1), namelen = 0; 2177 namelen < buflen && name[namelen] != '\0'; 2178 ++namelen) 2179 /* nothing */; 2180 if (namelen == buflen) 2181 goto invalid; 2182 if (name[namelen] != '\0') 2183 goto invalid; 2184 /* sanity check */ 2185 for (i = 0; i < (int)namelen; ++i) 2186 if (!isalnum(name[i]) && name[i] != '_') 2187 goto invalid; 2188 data = name + namelen + 1; 2189 datalen = buflen - namelen - 1; 2190 printf("struct %s[] = { ", name); 2191 first = true; 2192 for (; datalen >= ksa->struct_size; 2193 data += ksa->struct_size, datalen -= ksa->struct_size) { 2194 if (!first) 2195 printf("\n "); 2196 else 2197 first = false; 2198 if (strcmp(name, "kevent") == 0) { 2199 if (ksa->struct_size != sizeof(kev)) 2200 goto bad_size; 2201 memcpy(&kev, data, sizeof(kev)); 2202 ktrkevent(&kev); 2203 } else if (strcmp(name, "freebsd11_kevent") == 0) { 2204 struct freebsd11_kevent kev11; 2205 2206 if (ksa->struct_size != sizeof(kev11)) 2207 goto bad_size; 2208 memcpy(&kev11, data, sizeof(kev11)); 2209 memset(&kev, 0, sizeof(kev)); 2210 kev.ident = kev11.ident; 2211 kev.filter = kev11.filter; 2212 kev.flags = kev11.flags; 2213 kev.fflags = kev11.fflags; 2214 kev.data = kev11.data; 2215 kev.udata = kev11.udata; 2216 ktrkevent(&kev); 2217 #ifdef _WANT_KEVENT32 2218 } else if (strcmp(name, "kevent32") == 0) { 2219 struct kevent32 kev32; 2220 2221 if (ksa->struct_size != sizeof(kev32)) 2222 goto bad_size; 2223 memcpy(&kev32, data, sizeof(kev32)); 2224 memset(&kev, 0, sizeof(kev)); 2225 kev.ident = kev32.ident; 2226 kev.filter = kev32.filter; 2227 kev.flags = kev32.flags; 2228 kev.fflags = kev32.fflags; 2229 #if BYTE_ORDER == BIG_ENDIAN 2230 kev.data = kev32.data2 | ((int64_t)kev32.data1 << 32); 2231 #else 2232 kev.data = kev32.data1 | ((int64_t)kev32.data2 << 32); 2233 #endif 2234 kev.udata = (void *)(uintptr_t)kev32.udata; 2235 ktrkevent(&kev); 2236 } else if (strcmp(name, "freebsd11_kevent32") == 0) { 2237 struct freebsd11_kevent32 kev32; 2238 2239 if (ksa->struct_size != sizeof(kev32)) 2240 goto bad_size; 2241 memcpy(&kev32, data, sizeof(kev32)); 2242 memset(&kev, 0, sizeof(kev)); 2243 kev.ident = kev32.ident; 2244 kev.filter = kev32.filter; 2245 kev.flags = kev32.flags; 2246 kev.fflags = kev32.fflags; 2247 kev.data = kev32.data; 2248 kev.udata = (void *)(uintptr_t)kev32.udata; 2249 ktrkevent(&kev); 2250 #endif 2251 } else { 2252 printf("<unknown structure> }\n"); 2253 return; 2254 } 2255 } 2256 printf(" }\n"); 2257 return; 2258 invalid: 2259 printf("invalid record\n"); 2260 return; 2261 bad_size: 2262 printf("<bad size> }\n"); 2263 return; 2264 } 2265 2266 void 2267 usage(void) 2268 { 2269 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] " 2270 "[-m maxdata] [-p pid] [-t trstr]\n"); 2271 exit(1); 2272 } 2273