1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/capability.h> 50 #include <sys/errno.h> 51 #define _KERNEL 52 #include <sys/time.h> 53 #undef _KERNEL 54 #include <sys/uio.h> 55 #include <sys/ktrace.h> 56 #include <sys/ioctl.h> 57 #include <sys/socket.h> 58 #include <sys/stat.h> 59 #include <sys/sysent.h> 60 #include <sys/un.h> 61 #include <sys/queue.h> 62 #include <sys/wait.h> 63 #ifdef IPX 64 #include <sys/types.h> 65 #include <netipx/ipx.h> 66 #endif 67 #ifdef NETATALK 68 #include <netatalk/at.h> 69 #endif 70 #include <arpa/inet.h> 71 #include <netinet/in.h> 72 #include <ctype.h> 73 #include <dlfcn.h> 74 #include <err.h> 75 #include <grp.h> 76 #include <inttypes.h> 77 #include <locale.h> 78 #include <netdb.h> 79 #include <nl_types.h> 80 #include <pwd.h> 81 #include <stdio.h> 82 #include <stdlib.h> 83 #include <string.h> 84 #include <termios.h> 85 #include <time.h> 86 #include <unistd.h> 87 #include <vis.h> 88 #include "ktrace.h" 89 #include "kdump_subr.h" 90 91 u_int abidump(struct ktr_header *); 92 int fetchprocinfo(struct ktr_header *, u_int *); 93 int fread_tail(void *, int, int); 94 void dumpheader(struct ktr_header *); 95 void ktrsyscall(struct ktr_syscall *, u_int); 96 void ktrsysret(struct ktr_sysret *, u_int); 97 void ktrnamei(char *, int); 98 void hexdump(char *, int, int); 99 void visdump(char *, int, int); 100 void ktrgenio(struct ktr_genio *, int); 101 void ktrpsig(struct ktr_psig *); 102 void ktrcsw(struct ktr_csw *); 103 void ktrcsw_old(struct ktr_csw_old *); 104 void ktruser_malloc(unsigned char *); 105 void ktruser_rtld(int, unsigned char *); 106 void ktruser(int, unsigned char *); 107 void ktrcaprights(cap_rights_t *); 108 void ktrsockaddr(struct sockaddr *); 109 void ktrstat(struct stat *); 110 void ktrstruct(char *, size_t); 111 void ktrcapfail(struct ktr_cap_fail *); 112 void ktrfault(struct ktr_fault *); 113 void ktrfaultend(struct ktr_faultend *); 114 void limitfd(int fd); 115 void usage(void); 116 void ioctlname(unsigned long, int); 117 118 int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 119 resolv = 0, abiflag = 0; 120 const char *tracefile = DEF_TRACEFILE; 121 struct ktr_header ktr_header; 122 123 #define TIME_FORMAT "%b %e %T %Y" 124 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 125 126 #define print_number(i,n,c) do { \ 127 if (decimal) \ 128 printf("%c%jd", c, (intmax_t)*i); \ 129 else \ 130 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 131 i++; \ 132 n--; \ 133 c = ','; \ 134 } while (0) 135 136 #if defined(__amd64__) || defined(__i386__) 137 138 void linux_ktrsyscall(struct ktr_syscall *); 139 void linux_ktrsysret(struct ktr_sysret *); 140 extern char *linux_syscallnames[]; 141 extern int nlinux_syscalls; 142 143 /* 144 * from linux.h 145 * Linux syscalls return negative errno's, we do positive and map them 146 */ 147 static int bsd_to_linux_errno[ELAST + 1] = { 148 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 149 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 150 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 151 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 152 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 153 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 154 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 155 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 156 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 157 -72, -67, -71 158 }; 159 #endif 160 161 struct proc_info 162 { 163 TAILQ_ENTRY(proc_info) info; 164 u_int sv_flags; 165 pid_t pid; 166 }; 167 168 TAILQ_HEAD(trace_procs, proc_info) trace_procs; 169 170 static void 171 strerror_init(void) 172 { 173 174 /* 175 * Cache NLS data before entering capability mode. 176 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 177 */ 178 (void)catopen("libc", NL_CAT_LOCALE); 179 } 180 181 static void 182 localtime_init(void) 183 { 184 time_t ltime; 185 186 /* 187 * Allow localtime(3) to cache /etc/localtime content before entering 188 * capability mode. 189 * XXXPJD: There should be localtime_init() in libc. 190 */ 191 (void)time(<ime); 192 (void)localtime(<ime); 193 } 194 195 int 196 main(int argc, char *argv[]) 197 { 198 int ch, ktrlen, size; 199 void *m; 200 int trpoints = ALL_POINTS; 201 int drop_logged; 202 pid_t pid = 0; 203 u_int sv_flags; 204 205 setlocale(LC_CTYPE, ""); 206 207 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrsTt:")) != -1) 208 switch (ch) { 209 case 'A': 210 abiflag = 1; 211 break; 212 case 'f': 213 tracefile = optarg; 214 break; 215 case 'd': 216 decimal = 1; 217 break; 218 case 'l': 219 tail = 1; 220 break; 221 case 'm': 222 maxdata = atoi(optarg); 223 break; 224 case 'n': 225 fancy = 0; 226 break; 227 case 'p': 228 pid = atoi(optarg); 229 break; 230 case 'r': 231 resolv = 1; 232 break; 233 case 's': 234 suppressdata = 1; 235 break; 236 case 'E': 237 timestamp = 3; /* elapsed timestamp */ 238 break; 239 case 'H': 240 threads = 1; 241 break; 242 case 'R': 243 timestamp = 2; /* relative timestamp */ 244 break; 245 case 'T': 246 timestamp = 1; 247 break; 248 case 't': 249 trpoints = getpoints(optarg); 250 if (trpoints < 0) 251 errx(1, "unknown trace point in %s", optarg); 252 break; 253 default: 254 usage(); 255 } 256 257 if (argc > optind) 258 usage(); 259 260 m = malloc(size = 1025); 261 if (m == NULL) 262 errx(1, "%s", strerror(ENOMEM)); 263 if (!freopen(tracefile, "r", stdin)) 264 err(1, "%s", tracefile); 265 266 strerror_init(); 267 localtime_init(); 268 269 if (resolv == 0) { 270 if (cap_enter() < 0 && errno != ENOSYS) 271 err(1, "unable to enter capability mode"); 272 } 273 limitfd(STDIN_FILENO); 274 limitfd(STDOUT_FILENO); 275 limitfd(STDERR_FILENO); 276 277 TAILQ_INIT(&trace_procs); 278 drop_logged = 0; 279 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 280 if (ktr_header.ktr_type & KTR_DROP) { 281 ktr_header.ktr_type &= ~KTR_DROP; 282 if (!drop_logged && threads) { 283 printf( 284 "%6jd %6jd %-8.*s Events dropped.\n", 285 (intmax_t)ktr_header.ktr_pid, 286 ktr_header.ktr_tid > 0 ? 287 (intmax_t)ktr_header.ktr_tid : 0, 288 MAXCOMLEN, ktr_header.ktr_comm); 289 drop_logged = 1; 290 } else if (!drop_logged) { 291 printf("%6jd %-8.*s Events dropped.\n", 292 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 293 ktr_header.ktr_comm); 294 drop_logged = 1; 295 } 296 } 297 if (trpoints & (1<<ktr_header.ktr_type)) 298 if (pid == 0 || ktr_header.ktr_pid == pid || 299 ktr_header.ktr_tid == pid) 300 dumpheader(&ktr_header); 301 if ((ktrlen = ktr_header.ktr_len) < 0) 302 errx(1, "bogus length 0x%x", ktrlen); 303 if (ktrlen > size) { 304 m = realloc(m, ktrlen+1); 305 if (m == NULL) 306 errx(1, "%s", strerror(ENOMEM)); 307 size = ktrlen; 308 } 309 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 310 errx(1, "data too short"); 311 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 312 continue; 313 sv_flags = abidump(&ktr_header); 314 if (pid && ktr_header.ktr_pid != pid && 315 ktr_header.ktr_tid != pid) 316 continue; 317 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 318 continue; 319 drop_logged = 0; 320 switch (ktr_header.ktr_type) { 321 case KTR_SYSCALL: 322 #if defined(__amd64__) || defined(__i386__) 323 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 324 linux_ktrsyscall((struct ktr_syscall *)m); 325 else 326 #endif 327 ktrsyscall((struct ktr_syscall *)m, sv_flags); 328 break; 329 case KTR_SYSRET: 330 #if defined(__amd64__) || defined(__i386__) 331 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 332 linux_ktrsysret((struct ktr_sysret *)m); 333 else 334 #endif 335 ktrsysret((struct ktr_sysret *)m, sv_flags); 336 break; 337 case KTR_NAMEI: 338 case KTR_SYSCTL: 339 ktrnamei(m, ktrlen); 340 break; 341 case KTR_GENIO: 342 ktrgenio((struct ktr_genio *)m, ktrlen); 343 break; 344 case KTR_PSIG: 345 ktrpsig((struct ktr_psig *)m); 346 break; 347 case KTR_CSW: 348 if (ktrlen == sizeof(struct ktr_csw_old)) 349 ktrcsw_old((struct ktr_csw_old *)m); 350 else 351 ktrcsw((struct ktr_csw *)m); 352 break; 353 case KTR_USER: 354 ktruser(ktrlen, m); 355 break; 356 case KTR_STRUCT: 357 ktrstruct(m, ktrlen); 358 break; 359 case KTR_CAPFAIL: 360 ktrcapfail((struct ktr_cap_fail *)m); 361 break; 362 case KTR_FAULT: 363 ktrfault((struct ktr_fault *)m); 364 break; 365 case KTR_FAULTEND: 366 ktrfaultend((struct ktr_faultend *)m); 367 break; 368 default: 369 printf("\n"); 370 break; 371 } 372 if (tail) 373 fflush(stdout); 374 } 375 return 0; 376 } 377 378 void 379 limitfd(int fd) 380 { 381 cap_rights_t rights; 382 unsigned long cmd; 383 384 cap_rights_init(&rights, CAP_FSTAT); 385 cmd = -1; 386 387 switch (fd) { 388 case STDIN_FILENO: 389 cap_rights_set(&rights, CAP_READ); 390 break; 391 case STDOUT_FILENO: 392 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE); 393 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 394 break; 395 case STDERR_FILENO: 396 cap_rights_set(&rights, CAP_WRITE); 397 if (!suppressdata) { 398 cap_rights_set(&rights, CAP_IOCTL); 399 cmd = TIOCGWINSZ; 400 } 401 break; 402 default: 403 abort(); 404 } 405 406 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) 407 err(1, "unable to limit rights for descriptor %d", fd); 408 if (cmd != -1 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 409 err(1, "unable to limit ioctls for descriptor %d", fd); 410 } 411 412 int 413 fread_tail(void *buf, int size, int num) 414 { 415 int i; 416 417 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 418 sleep(1); 419 clearerr(stdin); 420 } 421 return (i); 422 } 423 424 int 425 fetchprocinfo(struct ktr_header *kth, u_int *flags) 426 { 427 struct proc_info *pi; 428 429 switch (kth->ktr_type) { 430 case KTR_PROCCTOR: 431 TAILQ_FOREACH(pi, &trace_procs, info) { 432 if (pi->pid == kth->ktr_pid) { 433 TAILQ_REMOVE(&trace_procs, pi, info); 434 break; 435 } 436 } 437 pi = malloc(sizeof(struct proc_info)); 438 if (pi == NULL) 439 errx(1, "%s", strerror(ENOMEM)); 440 pi->sv_flags = *flags; 441 pi->pid = kth->ktr_pid; 442 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 443 return (1); 444 445 case KTR_PROCDTOR: 446 TAILQ_FOREACH(pi, &trace_procs, info) { 447 if (pi->pid == kth->ktr_pid) { 448 TAILQ_REMOVE(&trace_procs, pi, info); 449 free(pi); 450 break; 451 } 452 } 453 return (1); 454 } 455 456 return (0); 457 } 458 459 u_int 460 abidump(struct ktr_header *kth) 461 { 462 struct proc_info *pi; 463 const char *abi; 464 const char *arch; 465 u_int flags = 0; 466 467 TAILQ_FOREACH(pi, &trace_procs, info) { 468 if (pi->pid == kth->ktr_pid) { 469 flags = pi->sv_flags; 470 break; 471 } 472 } 473 474 if (abiflag == 0) 475 return (flags); 476 477 switch (flags & SV_ABI_MASK) { 478 case SV_ABI_LINUX: 479 abi = "L"; 480 break; 481 case SV_ABI_FREEBSD: 482 abi = "F"; 483 break; 484 default: 485 abi = "U"; 486 break; 487 } 488 489 if (flags != 0) { 490 if (flags & SV_LP64) 491 arch = "64"; 492 else 493 arch = "32"; 494 } else 495 arch = "00"; 496 497 printf("%s%s ", abi, arch); 498 499 return (flags); 500 } 501 502 void 503 dumpheader(struct ktr_header *kth) 504 { 505 static char unknown[64]; 506 static struct timeval prevtime, temp; 507 const char *type; 508 509 switch (kth->ktr_type) { 510 case KTR_SYSCALL: 511 type = "CALL"; 512 break; 513 case KTR_SYSRET: 514 type = "RET "; 515 break; 516 case KTR_NAMEI: 517 type = "NAMI"; 518 break; 519 case KTR_GENIO: 520 type = "GIO "; 521 break; 522 case KTR_PSIG: 523 type = "PSIG"; 524 break; 525 case KTR_CSW: 526 type = "CSW "; 527 break; 528 case KTR_USER: 529 type = "USER"; 530 break; 531 case KTR_STRUCT: 532 type = "STRU"; 533 break; 534 case KTR_SYSCTL: 535 type = "SCTL"; 536 break; 537 case KTR_PROCCTOR: 538 /* FALLTHROUGH */ 539 case KTR_PROCDTOR: 540 return; 541 case KTR_CAPFAIL: 542 type = "CAP "; 543 break; 544 case KTR_FAULT: 545 type = "PFLT"; 546 break; 547 case KTR_FAULTEND: 548 type = "PRET"; 549 break; 550 default: 551 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 552 type = unknown; 553 } 554 555 /* 556 * The ktr_tid field was previously the ktr_buffer field, which held 557 * the kernel pointer value for the buffer associated with data 558 * following the record header. It now holds a threadid, but only 559 * for trace files after the change. Older trace files still contain 560 * kernel pointers. Detect this and suppress the results by printing 561 * negative tid's as 0. 562 */ 563 if (threads) 564 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 565 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 566 MAXCOMLEN, kth->ktr_comm); 567 else 568 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 569 kth->ktr_comm); 570 if (timestamp) { 571 if (timestamp == 3) { 572 if (prevtime.tv_sec == 0) 573 prevtime = kth->ktr_time; 574 timevalsub(&kth->ktr_time, &prevtime); 575 } 576 if (timestamp == 2) { 577 temp = kth->ktr_time; 578 timevalsub(&kth->ktr_time, &prevtime); 579 prevtime = temp; 580 } 581 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 582 kth->ktr_time.tv_usec); 583 } 584 printf("%s ", type); 585 } 586 587 #include <sys/syscall.h> 588 #define KTRACE 589 #include <sys/kern/syscalls.c> 590 #undef KTRACE 591 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 592 593 void 594 ktrsyscall(struct ktr_syscall *ktr, u_int flags) 595 { 596 int narg = ktr->ktr_narg; 597 register_t *ip; 598 intmax_t arg; 599 600 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 601 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 602 printf("[%d]", ktr->ktr_code); 603 else 604 printf("%s", syscallnames[ktr->ktr_code]); 605 ip = &ktr->ktr_args[0]; 606 if (narg) { 607 char c = '('; 608 if (fancy && 609 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 610 switch (ktr->ktr_code) { 611 case SYS_bindat: 612 case SYS_connectat: 613 case SYS_faccessat: 614 case SYS_fchmodat: 615 case SYS_fchownat: 616 case SYS_fstatat: 617 case SYS_futimesat: 618 case SYS_linkat: 619 case SYS_mkdirat: 620 case SYS_mkfifoat: 621 case SYS_mknodat: 622 case SYS_openat: 623 case SYS_readlinkat: 624 case SYS_renameat: 625 case SYS_unlinkat: 626 putchar('('); 627 atfdname(*ip, decimal); 628 c = ','; 629 ip++; 630 narg--; 631 break; 632 } 633 switch (ktr->ktr_code) { 634 case SYS_ioctl: { 635 print_number(ip, narg, c); 636 putchar(c); 637 ioctlname(*ip, decimal); 638 c = ','; 639 ip++; 640 narg--; 641 break; 642 } 643 case SYS_ptrace: 644 putchar('('); 645 ptraceopname(*ip); 646 c = ','; 647 ip++; 648 narg--; 649 break; 650 case SYS_access: 651 case SYS_eaccess: 652 case SYS_faccessat: 653 print_number(ip, narg, c); 654 putchar(','); 655 accessmodename(*ip); 656 ip++; 657 narg--; 658 break; 659 case SYS_open: 660 case SYS_openat: 661 print_number(ip, narg, c); 662 putchar(','); 663 flagsandmodename(ip[0], ip[1], decimal); 664 ip += 2; 665 narg -= 2; 666 break; 667 case SYS_wait4: 668 print_number(ip, narg, c); 669 print_number(ip, narg, c); 670 /* 671 * A flags value of zero is valid for 672 * wait4() but not for wait6(), so 673 * handle zero special here. 674 */ 675 if (*ip == 0) { 676 print_number(ip, narg, c); 677 } else { 678 putchar(','); 679 wait6optname(*ip); 680 ip++; 681 narg--; 682 } 683 break; 684 case SYS_wait6: 685 putchar('('); 686 idtypename(*ip, decimal); 687 c = ','; 688 ip++; 689 narg--; 690 print_number(ip, narg, c); 691 print_number(ip, narg, c); 692 putchar(','); 693 wait6optname(*ip); 694 ip++; 695 narg--; 696 break; 697 case SYS_chmod: 698 case SYS_fchmod: 699 case SYS_lchmod: 700 print_number(ip, narg, c); 701 putchar(','); 702 modename(*ip); 703 ip++; 704 narg--; 705 break; 706 case SYS_mknod: 707 case SYS_mknodat: 708 print_number(ip, narg, c); 709 putchar(','); 710 modename(*ip); 711 ip++; 712 narg--; 713 break; 714 case SYS_getfsstat: 715 print_number(ip, narg, c); 716 print_number(ip, narg, c); 717 putchar(','); 718 getfsstatflagsname(*ip); 719 ip++; 720 narg--; 721 break; 722 case SYS_mount: 723 print_number(ip, narg, c); 724 print_number(ip, narg, c); 725 putchar(','); 726 mountflagsname(*ip); 727 ip++; 728 narg--; 729 break; 730 case SYS_unmount: 731 print_number(ip, narg, c); 732 putchar(','); 733 mountflagsname(*ip); 734 ip++; 735 narg--; 736 break; 737 case SYS_recvmsg: 738 case SYS_sendmsg: 739 print_number(ip, narg, c); 740 print_number(ip, narg, c); 741 putchar(','); 742 sendrecvflagsname(*ip); 743 ip++; 744 narg--; 745 break; 746 case SYS_recvfrom: 747 case SYS_sendto: 748 print_number(ip, narg, c); 749 print_number(ip, narg, c); 750 print_number(ip, narg, c); 751 putchar(','); 752 sendrecvflagsname(*ip); 753 ip++; 754 narg--; 755 break; 756 case SYS_chflags: 757 case SYS_fchflags: 758 case SYS_lchflags: 759 print_number(ip, narg, c); 760 putchar(','); 761 modename(*ip); 762 ip++; 763 narg--; 764 break; 765 case SYS_kill: 766 print_number(ip, narg, c); 767 putchar(','); 768 signame(*ip); 769 ip++; 770 narg--; 771 break; 772 case SYS_reboot: 773 putchar('('); 774 rebootoptname(*ip); 775 ip++; 776 narg--; 777 break; 778 case SYS_umask: 779 putchar('('); 780 modename(*ip); 781 ip++; 782 narg--; 783 break; 784 case SYS_msync: 785 print_number(ip, narg, c); 786 print_number(ip, narg, c); 787 putchar(','); 788 msyncflagsname(*ip); 789 ip++; 790 narg--; 791 break; 792 #ifdef SYS_freebsd6_mmap 793 case SYS_freebsd6_mmap: 794 print_number(ip, narg, c); 795 print_number(ip, narg, c); 796 putchar(','); 797 mmapprotname(*ip); 798 putchar(','); 799 ip++; 800 narg--; 801 mmapflagsname(*ip); 802 ip++; 803 narg--; 804 break; 805 #endif 806 case SYS_mmap: 807 print_number(ip, narg, c); 808 print_number(ip, narg, c); 809 putchar(','); 810 mmapprotname(*ip); 811 putchar(','); 812 ip++; 813 narg--; 814 mmapflagsname(*ip); 815 ip++; 816 narg--; 817 break; 818 case SYS_mprotect: 819 print_number(ip, narg, c); 820 print_number(ip, narg, c); 821 putchar(','); 822 mmapprotname(*ip); 823 ip++; 824 narg--; 825 break; 826 case SYS_madvise: 827 print_number(ip, narg, c); 828 print_number(ip, narg, c); 829 putchar(','); 830 madvisebehavname(*ip); 831 ip++; 832 narg--; 833 break; 834 case SYS_setpriority: 835 print_number(ip, narg, c); 836 print_number(ip, narg, c); 837 putchar(','); 838 prioname(*ip); 839 ip++; 840 narg--; 841 break; 842 case SYS_fcntl: 843 print_number(ip, narg, c); 844 putchar(','); 845 fcntlcmdname(ip[0], ip[1], decimal); 846 ip += 2; 847 narg -= 2; 848 break; 849 case SYS_socket: { 850 int sockdomain; 851 putchar('('); 852 sockdomain = *ip; 853 sockdomainname(sockdomain); 854 ip++; 855 narg--; 856 putchar(','); 857 socktypenamewithflags(*ip); 858 ip++; 859 narg--; 860 if (sockdomain == PF_INET || 861 sockdomain == PF_INET6) { 862 putchar(','); 863 sockipprotoname(*ip); 864 ip++; 865 narg--; 866 } 867 c = ','; 868 break; 869 } 870 case SYS_setsockopt: 871 case SYS_getsockopt: 872 print_number(ip, narg, c); 873 putchar(','); 874 sockoptlevelname(*ip, decimal); 875 if (*ip == SOL_SOCKET) { 876 ip++; 877 narg--; 878 putchar(','); 879 sockoptname(*ip); 880 } 881 ip++; 882 narg--; 883 break; 884 #ifdef SYS_freebsd6_lseek 885 case SYS_freebsd6_lseek: 886 print_number(ip, narg, c); 887 /* Hidden 'pad' argument, not in lseek(2) */ 888 print_number(ip, narg, c); 889 print_number(ip, narg, c); 890 putchar(','); 891 whencename(*ip); 892 ip++; 893 narg--; 894 break; 895 #endif 896 case SYS_lseek: 897 print_number(ip, narg, c); 898 /* Hidden 'pad' argument, not in lseek(2) */ 899 print_number(ip, narg, c); 900 putchar(','); 901 whencename(*ip); 902 ip++; 903 narg--; 904 break; 905 case SYS_flock: 906 print_number(ip, narg, c); 907 putchar(','); 908 flockname(*ip); 909 ip++; 910 narg--; 911 break; 912 case SYS_mkfifo: 913 case SYS_mkfifoat: 914 case SYS_mkdir: 915 case SYS_mkdirat: 916 print_number(ip, narg, c); 917 putchar(','); 918 modename(*ip); 919 ip++; 920 narg--; 921 break; 922 case SYS_shutdown: 923 print_number(ip, narg, c); 924 putchar(','); 925 shutdownhowname(*ip); 926 ip++; 927 narg--; 928 break; 929 case SYS_socketpair: 930 putchar('('); 931 sockdomainname(*ip); 932 ip++; 933 narg--; 934 putchar(','); 935 socktypenamewithflags(*ip); 936 ip++; 937 narg--; 938 c = ','; 939 break; 940 case SYS_getrlimit: 941 case SYS_setrlimit: 942 putchar('('); 943 rlimitname(*ip); 944 ip++; 945 narg--; 946 c = ','; 947 break; 948 case SYS_quotactl: 949 print_number(ip, narg, c); 950 putchar(','); 951 quotactlname(*ip); 952 ip++; 953 narg--; 954 c = ','; 955 break; 956 case SYS_nfssvc: 957 putchar('('); 958 nfssvcname(*ip); 959 ip++; 960 narg--; 961 c = ','; 962 break; 963 case SYS_rtprio: 964 putchar('('); 965 rtprioname(*ip); 966 ip++; 967 narg--; 968 c = ','; 969 break; 970 case SYS___semctl: 971 print_number(ip, narg, c); 972 print_number(ip, narg, c); 973 putchar(','); 974 semctlname(*ip); 975 ip++; 976 narg--; 977 break; 978 case SYS_semget: 979 print_number(ip, narg, c); 980 print_number(ip, narg, c); 981 putchar(','); 982 semgetname(*ip); 983 ip++; 984 narg--; 985 break; 986 case SYS_msgctl: 987 print_number(ip, narg, c); 988 putchar(','); 989 shmctlname(*ip); 990 ip++; 991 narg--; 992 break; 993 case SYS_shmat: 994 print_number(ip, narg, c); 995 print_number(ip, narg, c); 996 putchar(','); 997 shmatname(*ip); 998 ip++; 999 narg--; 1000 break; 1001 case SYS_shmctl: 1002 print_number(ip, narg, c); 1003 putchar(','); 1004 shmctlname(*ip); 1005 ip++; 1006 narg--; 1007 break; 1008 case SYS_minherit: 1009 print_number(ip, narg, c); 1010 print_number(ip, narg, c); 1011 putchar(','); 1012 minheritname(*ip); 1013 ip++; 1014 narg--; 1015 break; 1016 case SYS_rfork: 1017 putchar('('); 1018 rforkname(*ip); 1019 ip++; 1020 narg--; 1021 c = ','; 1022 break; 1023 case SYS_lio_listio: 1024 putchar('('); 1025 lio_listioname(*ip); 1026 ip++; 1027 narg--; 1028 c = ','; 1029 break; 1030 case SYS_mlockall: 1031 putchar('('); 1032 mlockallname(*ip); 1033 ip++; 1034 narg--; 1035 break; 1036 case SYS_sched_setscheduler: 1037 print_number(ip, narg, c); 1038 putchar(','); 1039 schedpolicyname(*ip); 1040 ip++; 1041 narg--; 1042 break; 1043 case SYS_sched_get_priority_max: 1044 case SYS_sched_get_priority_min: 1045 putchar('('); 1046 schedpolicyname(*ip); 1047 ip++; 1048 narg--; 1049 break; 1050 case SYS_sendfile: 1051 print_number(ip, narg, c); 1052 print_number(ip, narg, c); 1053 print_number(ip, narg, c); 1054 print_number(ip, narg, c); 1055 print_number(ip, narg, c); 1056 print_number(ip, narg, c); 1057 putchar(','); 1058 sendfileflagsname(*ip); 1059 ip++; 1060 narg--; 1061 break; 1062 case SYS_kldsym: 1063 print_number(ip, narg, c); 1064 putchar(','); 1065 kldsymcmdname(*ip); 1066 ip++; 1067 narg--; 1068 break; 1069 case SYS_sigprocmask: 1070 putchar('('); 1071 sigprocmaskhowname(*ip); 1072 ip++; 1073 narg--; 1074 c = ','; 1075 break; 1076 case SYS___acl_get_file: 1077 case SYS___acl_set_file: 1078 case SYS___acl_get_fd: 1079 case SYS___acl_set_fd: 1080 case SYS___acl_delete_file: 1081 case SYS___acl_delete_fd: 1082 case SYS___acl_aclcheck_file: 1083 case SYS___acl_aclcheck_fd: 1084 case SYS___acl_get_link: 1085 case SYS___acl_set_link: 1086 case SYS___acl_delete_link: 1087 case SYS___acl_aclcheck_link: 1088 print_number(ip, narg, c); 1089 putchar(','); 1090 acltypename(*ip); 1091 ip++; 1092 narg--; 1093 break; 1094 case SYS_sigaction: 1095 putchar('('); 1096 signame(*ip); 1097 ip++; 1098 narg--; 1099 c = ','; 1100 break; 1101 case SYS_extattrctl: 1102 print_number(ip, narg, c); 1103 putchar(','); 1104 extattrctlname(*ip); 1105 ip++; 1106 narg--; 1107 break; 1108 case SYS_nmount: 1109 print_number(ip, narg, c); 1110 print_number(ip, narg, c); 1111 putchar(','); 1112 mountflagsname(*ip); 1113 ip++; 1114 narg--; 1115 break; 1116 case SYS_thr_create: 1117 print_number(ip, narg, c); 1118 print_number(ip, narg, c); 1119 putchar(','); 1120 thrcreateflagsname(*ip); 1121 ip++; 1122 narg--; 1123 break; 1124 case SYS_thr_kill: 1125 print_number(ip, narg, c); 1126 putchar(','); 1127 signame(*ip); 1128 ip++; 1129 narg--; 1130 break; 1131 case SYS_kldunloadf: 1132 print_number(ip, narg, c); 1133 putchar(','); 1134 kldunloadfflagsname(*ip); 1135 ip++; 1136 narg--; 1137 break; 1138 case SYS_linkat: 1139 case SYS_renameat: 1140 case SYS_symlinkat: 1141 print_number(ip, narg, c); 1142 putchar(','); 1143 atfdname(*ip, decimal); 1144 ip++; 1145 narg--; 1146 break; 1147 case SYS_cap_fcntls_limit: 1148 print_number(ip, narg, c); 1149 putchar(','); 1150 arg = *ip; 1151 ip++; 1152 narg--; 1153 capfcntlname(arg); 1154 break; 1155 case SYS_posix_fadvise: 1156 print_number(ip, narg, c); 1157 print_number(ip, narg, c); 1158 print_number(ip, narg, c); 1159 (void)putchar(','); 1160 fadvisebehavname((int)*ip); 1161 ip++; 1162 narg--; 1163 break; 1164 case SYS_procctl: 1165 putchar('('); 1166 idtypename(*ip, decimal); 1167 c = ','; 1168 ip++; 1169 narg--; 1170 print_number(ip, narg, c); 1171 putchar(','); 1172 procctlcmdname(*ip); 1173 ip++; 1174 narg--; 1175 break; 1176 } 1177 } 1178 while (narg > 0) { 1179 print_number(ip, narg, c); 1180 } 1181 putchar(')'); 1182 } 1183 putchar('\n'); 1184 } 1185 1186 void 1187 ktrsysret(struct ktr_sysret *ktr, u_int flags) 1188 { 1189 register_t ret = ktr->ktr_retval; 1190 int error = ktr->ktr_error; 1191 int code = ktr->ktr_code; 1192 1193 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1194 (code >= nsyscalls || code < 0)) 1195 printf("[%d] ", code); 1196 else 1197 printf("%s ", syscallnames[code]); 1198 1199 if (error == 0) { 1200 if (fancy) { 1201 printf("%ld", (long)ret); 1202 if (ret < 0 || ret > 9) 1203 printf("/%#lx", (unsigned long)ret); 1204 } else { 1205 if (decimal) 1206 printf("%ld", (long)ret); 1207 else 1208 printf("%#lx", (unsigned long)ret); 1209 } 1210 } else if (error == ERESTART) 1211 printf("RESTART"); 1212 else if (error == EJUSTRETURN) 1213 printf("JUSTRETURN"); 1214 else { 1215 printf("-1 errno %d", ktr->ktr_error); 1216 if (fancy) 1217 printf(" %s", strerror(ktr->ktr_error)); 1218 } 1219 putchar('\n'); 1220 } 1221 1222 void 1223 ktrnamei(char *cp, int len) 1224 { 1225 printf("\"%.*s\"\n", len, cp); 1226 } 1227 1228 void 1229 hexdump(char *p, int len, int screenwidth) 1230 { 1231 int n, i; 1232 int width; 1233 1234 width = 0; 1235 do { 1236 width += 2; 1237 i = 13; /* base offset */ 1238 i += (width / 2) + 1; /* spaces every second byte */ 1239 i += (width * 2); /* width of bytes */ 1240 i += 3; /* " |" */ 1241 i += width; /* each byte */ 1242 i += 1; /* "|" */ 1243 } while (i < screenwidth); 1244 width -= 2; 1245 1246 for (n = 0; n < len; n += width) { 1247 for (i = n; i < n + width; i++) { 1248 if ((i % width) == 0) { /* beginning of line */ 1249 printf(" 0x%04x", i); 1250 } 1251 if ((i % 2) == 0) { 1252 printf(" "); 1253 } 1254 if (i < len) 1255 printf("%02x", p[i] & 0xff); 1256 else 1257 printf(" "); 1258 } 1259 printf(" |"); 1260 for (i = n; i < n + width; i++) { 1261 if (i >= len) 1262 break; 1263 if (p[i] >= ' ' && p[i] <= '~') 1264 printf("%c", p[i]); 1265 else 1266 printf("."); 1267 } 1268 printf("|\n"); 1269 } 1270 if ((i % width) != 0) 1271 printf("\n"); 1272 } 1273 1274 void 1275 visdump(char *dp, int datalen, int screenwidth) 1276 { 1277 int col = 0; 1278 char *cp; 1279 int width; 1280 char visbuf[5]; 1281 1282 printf(" \""); 1283 col = 8; 1284 for (;datalen > 0; datalen--, dp++) { 1285 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1286 cp = visbuf; 1287 /* 1288 * Keep track of printables and 1289 * space chars (like fold(1)). 1290 */ 1291 if (col == 0) { 1292 putchar('\t'); 1293 col = 8; 1294 } 1295 switch(*cp) { 1296 case '\n': 1297 col = 0; 1298 putchar('\n'); 1299 continue; 1300 case '\t': 1301 width = 8 - (col&07); 1302 break; 1303 default: 1304 width = strlen(cp); 1305 } 1306 if (col + width > (screenwidth-2)) { 1307 printf("\\\n\t"); 1308 col = 8; 1309 } 1310 col += width; 1311 do { 1312 putchar(*cp++); 1313 } while (*cp); 1314 } 1315 if (col == 0) 1316 printf(" "); 1317 printf("\"\n"); 1318 } 1319 1320 void 1321 ktrgenio(struct ktr_genio *ktr, int len) 1322 { 1323 int datalen = len - sizeof (struct ktr_genio); 1324 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1325 static int screenwidth = 0; 1326 int i, binary; 1327 1328 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1329 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1330 datalen == 1 ? "" : "s"); 1331 if (suppressdata) 1332 return; 1333 if (screenwidth == 0) { 1334 struct winsize ws; 1335 1336 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1337 ws.ws_col > 8) 1338 screenwidth = ws.ws_col; 1339 else 1340 screenwidth = 80; 1341 } 1342 if (maxdata && datalen > maxdata) 1343 datalen = maxdata; 1344 1345 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1346 if (dp[i] >= 32 && dp[i] < 127) 1347 continue; 1348 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1349 continue; 1350 binary = 1; 1351 } 1352 if (binary) 1353 hexdump(dp, datalen, screenwidth); 1354 else 1355 visdump(dp, datalen, screenwidth); 1356 } 1357 1358 const char *signames[] = { 1359 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1360 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1361 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1362 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1363 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1364 "USR2", NULL, /* 31 - 32 */ 1365 }; 1366 1367 void 1368 ktrpsig(struct ktr_psig *psig) 1369 { 1370 if (psig->signo > 0 && psig->signo < NSIG) 1371 printf("SIG%s ", signames[psig->signo]); 1372 else 1373 printf("SIG %d ", psig->signo); 1374 if (psig->action == SIG_DFL) { 1375 printf("SIG_DFL code="); 1376 sigcodename(psig->signo, psig->code); 1377 putchar('\n'); 1378 } else { 1379 printf("caught handler=0x%lx mask=0x%x code=", 1380 (u_long)psig->action, psig->mask.__bits[0]); 1381 sigcodename(psig->signo, psig->code); 1382 putchar('\n'); 1383 } 1384 } 1385 1386 void 1387 ktrcsw_old(struct ktr_csw_old *cs) 1388 { 1389 printf("%s %s\n", cs->out ? "stop" : "resume", 1390 cs->user ? "user" : "kernel"); 1391 } 1392 1393 void 1394 ktrcsw(struct ktr_csw *cs) 1395 { 1396 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1397 cs->user ? "user" : "kernel", cs->wmesg); 1398 } 1399 1400 #define UTRACE_DLOPEN_START 1 1401 #define UTRACE_DLOPEN_STOP 2 1402 #define UTRACE_DLCLOSE_START 3 1403 #define UTRACE_DLCLOSE_STOP 4 1404 #define UTRACE_LOAD_OBJECT 5 1405 #define UTRACE_UNLOAD_OBJECT 6 1406 #define UTRACE_ADD_RUNDEP 7 1407 #define UTRACE_PRELOAD_FINISHED 8 1408 #define UTRACE_INIT_CALL 9 1409 #define UTRACE_FINI_CALL 10 1410 1411 struct utrace_rtld { 1412 char sig[4]; /* 'RTLD' */ 1413 int event; 1414 void *handle; 1415 void *mapbase; 1416 size_t mapsize; 1417 int refcnt; 1418 char name[MAXPATHLEN]; 1419 }; 1420 1421 void 1422 ktruser_rtld(int len, unsigned char *p) 1423 { 1424 struct utrace_rtld *ut = (struct utrace_rtld *)p; 1425 void *parent; 1426 int mode; 1427 1428 switch (ut->event) { 1429 case UTRACE_DLOPEN_START: 1430 mode = ut->refcnt; 1431 printf("dlopen(%s, ", ut->name); 1432 switch (mode & RTLD_MODEMASK) { 1433 case RTLD_NOW: 1434 printf("RTLD_NOW"); 1435 break; 1436 case RTLD_LAZY: 1437 printf("RTLD_LAZY"); 1438 break; 1439 default: 1440 printf("%#x", mode & RTLD_MODEMASK); 1441 } 1442 if (mode & RTLD_GLOBAL) 1443 printf(" | RTLD_GLOBAL"); 1444 if (mode & RTLD_TRACE) 1445 printf(" | RTLD_TRACE"); 1446 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1447 printf(" | %#x", mode & 1448 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1449 printf(")\n"); 1450 break; 1451 case UTRACE_DLOPEN_STOP: 1452 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1453 ut->refcnt); 1454 break; 1455 case UTRACE_DLCLOSE_START: 1456 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1457 ut->refcnt); 1458 break; 1459 case UTRACE_DLCLOSE_STOP: 1460 printf("dlclose(%p) finished\n", ut->handle); 1461 break; 1462 case UTRACE_LOAD_OBJECT: 1463 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1464 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1465 ut->name); 1466 break; 1467 case UTRACE_UNLOAD_OBJECT: 1468 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1469 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1470 ut->name); 1471 break; 1472 case UTRACE_ADD_RUNDEP: 1473 parent = ut->mapbase; 1474 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1475 ut->handle, ut->name, ut->refcnt); 1476 break; 1477 case UTRACE_PRELOAD_FINISHED: 1478 printf("RTLD: LD_PRELOAD finished\n"); 1479 break; 1480 case UTRACE_INIT_CALL: 1481 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1482 ut->name); 1483 break; 1484 case UTRACE_FINI_CALL: 1485 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1486 ut->name); 1487 break; 1488 default: 1489 p += 4; 1490 len -= 4; 1491 printf("RTLD: %d ", len); 1492 while (len--) 1493 if (decimal) 1494 printf(" %d", *p++); 1495 else 1496 printf(" %02x", *p++); 1497 printf("\n"); 1498 } 1499 } 1500 1501 struct utrace_malloc { 1502 void *p; 1503 size_t s; 1504 void *r; 1505 }; 1506 1507 void 1508 ktruser_malloc(unsigned char *p) 1509 { 1510 struct utrace_malloc *ut = (struct utrace_malloc *)p; 1511 1512 if (ut->p == (void *)(intptr_t)(-1)) 1513 printf("malloc_init()\n"); 1514 else if (ut->s == 0) 1515 printf("free(%p)\n", ut->p); 1516 else if (ut->p == NULL) 1517 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1518 else 1519 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1520 } 1521 1522 void 1523 ktruser(int len, unsigned char *p) 1524 { 1525 1526 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1527 ktruser_rtld(len, p); 1528 return; 1529 } 1530 1531 if (len == sizeof(struct utrace_malloc)) { 1532 ktruser_malloc(p); 1533 return; 1534 } 1535 1536 printf("%d ", len); 1537 while (len--) 1538 if (decimal) 1539 printf(" %d", *p++); 1540 else 1541 printf(" %02x", *p++); 1542 printf("\n"); 1543 } 1544 1545 void 1546 ktrcaprights(cap_rights_t *rightsp) 1547 { 1548 1549 printf("cap_rights_t "); 1550 capname(rightsp); 1551 printf("\n"); 1552 } 1553 1554 void 1555 ktrsockaddr(struct sockaddr *sa) 1556 { 1557 /* 1558 TODO: Support additional address families 1559 #include <netnatm/natm.h> 1560 struct sockaddr_natm *natm; 1561 #include <netsmb/netbios.h> 1562 struct sockaddr_nb *nb; 1563 */ 1564 char addr[64]; 1565 1566 /* 1567 * note: ktrstruct() has already verified that sa points to a 1568 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1569 * sa->sa_len bytes long. 1570 */ 1571 printf("struct sockaddr { "); 1572 sockfamilyname(sa->sa_family); 1573 printf(", "); 1574 1575 #define check_sockaddr_len(n) \ 1576 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1577 printf("invalid"); \ 1578 break; \ 1579 } 1580 1581 switch(sa->sa_family) { 1582 case AF_INET: { 1583 struct sockaddr_in sa_in; 1584 1585 memset(&sa_in, 0, sizeof(sa_in)); 1586 memcpy(&sa_in, sa, sa->sa_len); 1587 check_sockaddr_len(in); 1588 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1589 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1590 break; 1591 } 1592 #ifdef NETATALK 1593 case AF_APPLETALK: { 1594 struct sockaddr_at sa_at; 1595 struct netrange *nr; 1596 1597 memset(&sa_at, 0, sizeof(sa_at)); 1598 memcpy(&sa_at, sa, sa->sa_len); 1599 check_sockaddr_len(at); 1600 nr = &sa_at.sat_range.r_netrange; 1601 printf("%d.%d, %d-%d, %d", ntohs(sa_at.sat_addr.s_net), 1602 sa_at.sat_addr.s_node, ntohs(nr->nr_firstnet), 1603 ntohs(nr->nr_lastnet), nr->nr_phase); 1604 break; 1605 } 1606 #endif 1607 case AF_INET6: { 1608 struct sockaddr_in6 sa_in6; 1609 1610 memset(&sa_in6, 0, sizeof(sa_in6)); 1611 memcpy(&sa_in6, sa, sa->sa_len); 1612 check_sockaddr_len(in6); 1613 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1614 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1615 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1616 break; 1617 } 1618 #ifdef IPX 1619 case AF_IPX: { 1620 struct sockaddr_ipx sa_ipx; 1621 1622 memset(&sa_ipx, 0, sizeof(sa_ipx)); 1623 memcpy(&sa_ipx, sa, sa->sa_len); 1624 check_sockaddr_len(ipx); 1625 /* XXX wish we had ipx_ntop */ 1626 printf("%s", ipx_ntoa(sa_ipx.sipx_addr)); 1627 free(sa_ipx); 1628 break; 1629 } 1630 #endif 1631 case AF_UNIX: { 1632 struct sockaddr_un sa_un; 1633 1634 memset(&sa_un, 0, sizeof(sa_un)); 1635 memcpy(&sa_un, sa, sa->sa_len); 1636 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1637 break; 1638 } 1639 default: 1640 printf("unknown address family"); 1641 } 1642 printf(" }\n"); 1643 } 1644 1645 void 1646 ktrstat(struct stat *statp) 1647 { 1648 char mode[12], timestr[PATH_MAX + 4]; 1649 struct passwd *pwd; 1650 struct group *grp; 1651 struct tm *tm; 1652 1653 /* 1654 * note: ktrstruct() has already verified that statp points to a 1655 * buffer exactly sizeof(struct stat) bytes long. 1656 */ 1657 printf("struct stat {"); 1658 strmode(statp->st_mode, mode); 1659 printf("dev=%ju, ino=%ju, mode=%s, nlink=%ju, ", 1660 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino, mode, 1661 (uintmax_t)statp->st_nlink); 1662 if (resolv == 0 || (pwd = getpwuid(statp->st_uid)) == NULL) 1663 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1664 else 1665 printf("uid=\"%s\", ", pwd->pw_name); 1666 if (resolv == 0 || (grp = getgrgid(statp->st_gid)) == NULL) 1667 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1668 else 1669 printf("gid=\"%s\", ", grp->gr_name); 1670 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1671 printf("atime="); 1672 if (resolv == 0) 1673 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1674 else { 1675 tm = localtime(&statp->st_atim.tv_sec); 1676 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1677 printf("\"%s\"", timestr); 1678 } 1679 if (statp->st_atim.tv_nsec != 0) 1680 printf(".%09ld, ", statp->st_atim.tv_nsec); 1681 else 1682 printf(", "); 1683 printf("stime="); 1684 if (resolv == 0) 1685 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1686 else { 1687 tm = localtime(&statp->st_mtim.tv_sec); 1688 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1689 printf("\"%s\"", timestr); 1690 } 1691 if (statp->st_mtim.tv_nsec != 0) 1692 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1693 else 1694 printf(", "); 1695 printf("ctime="); 1696 if (resolv == 0) 1697 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1698 else { 1699 tm = localtime(&statp->st_ctim.tv_sec); 1700 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1701 printf("\"%s\"", timestr); 1702 } 1703 if (statp->st_ctim.tv_nsec != 0) 1704 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1705 else 1706 printf(", "); 1707 printf("birthtime="); 1708 if (resolv == 0) 1709 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1710 else { 1711 tm = localtime(&statp->st_birthtim.tv_sec); 1712 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1713 printf("\"%s\"", timestr); 1714 } 1715 if (statp->st_birthtim.tv_nsec != 0) 1716 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1717 else 1718 printf(", "); 1719 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1720 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1721 (intmax_t)statp->st_blocks, statp->st_flags); 1722 printf(" }\n"); 1723 } 1724 1725 void 1726 ktrstruct(char *buf, size_t buflen) 1727 { 1728 char *name, *data; 1729 size_t namelen, datalen; 1730 int i; 1731 cap_rights_t rights; 1732 struct stat sb; 1733 struct sockaddr_storage ss; 1734 1735 for (name = buf, namelen = 0; 1736 namelen < buflen && name[namelen] != '\0'; 1737 ++namelen) 1738 /* nothing */; 1739 if (namelen == buflen) 1740 goto invalid; 1741 if (name[namelen] != '\0') 1742 goto invalid; 1743 data = buf + namelen + 1; 1744 datalen = buflen - namelen - 1; 1745 if (datalen == 0) 1746 goto invalid; 1747 /* sanity check */ 1748 for (i = 0; i < (int)namelen; ++i) 1749 if (!isalpha(name[i])) 1750 goto invalid; 1751 if (strcmp(name, "caprights") == 0) { 1752 if (datalen != sizeof(cap_rights_t)) 1753 goto invalid; 1754 memcpy(&rights, data, datalen); 1755 ktrcaprights(&rights); 1756 } else if (strcmp(name, "stat") == 0) { 1757 if (datalen != sizeof(struct stat)) 1758 goto invalid; 1759 memcpy(&sb, data, datalen); 1760 ktrstat(&sb); 1761 } else if (strcmp(name, "sockaddr") == 0) { 1762 if (datalen > sizeof(ss)) 1763 goto invalid; 1764 memcpy(&ss, data, datalen); 1765 if (datalen != ss.ss_len) 1766 goto invalid; 1767 ktrsockaddr((struct sockaddr *)&ss); 1768 } else { 1769 printf("unknown structure\n"); 1770 } 1771 return; 1772 invalid: 1773 printf("invalid record\n"); 1774 } 1775 1776 void 1777 ktrcapfail(struct ktr_cap_fail *ktr) 1778 { 1779 switch (ktr->cap_type) { 1780 case CAPFAIL_NOTCAPABLE: 1781 /* operation on fd with insufficient capabilities */ 1782 printf("operation requires "); 1783 capname(&ktr->cap_needed); 1784 printf(", process holds "); 1785 capname(&ktr->cap_held); 1786 break; 1787 case CAPFAIL_INCREASE: 1788 /* requested more capabilities than fd already has */ 1789 printf("attempt to increase capabilities from "); 1790 capname(&ktr->cap_held); 1791 printf(" to "); 1792 capname(&ktr->cap_needed); 1793 break; 1794 case CAPFAIL_SYSCALL: 1795 /* called restricted syscall */ 1796 printf("disallowed system call"); 1797 break; 1798 case CAPFAIL_LOOKUP: 1799 /* used ".." in strict-relative mode */ 1800 printf("restricted VFS lookup"); 1801 break; 1802 default: 1803 printf("unknown capability failure: "); 1804 capname(&ktr->cap_needed); 1805 printf(" "); 1806 capname(&ktr->cap_held); 1807 break; 1808 } 1809 printf("\n"); 1810 } 1811 1812 void 1813 ktrfault(struct ktr_fault *ktr) 1814 { 1815 1816 printf("0x%jx ", ktr->vaddr); 1817 vmprotname(ktr->type); 1818 printf("\n"); 1819 } 1820 1821 void 1822 ktrfaultend(struct ktr_faultend *ktr) 1823 { 1824 1825 vmresultname(ktr->result); 1826 printf("\n"); 1827 } 1828 1829 #if defined(__amd64__) || defined(__i386__) 1830 void 1831 linux_ktrsyscall(struct ktr_syscall *ktr) 1832 { 1833 int narg = ktr->ktr_narg; 1834 register_t *ip; 1835 1836 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0) 1837 printf("[%d]", ktr->ktr_code); 1838 else 1839 printf("%s", linux_syscallnames[ktr->ktr_code]); 1840 ip = &ktr->ktr_args[0]; 1841 if (narg) { 1842 char c = '('; 1843 while (narg > 0) 1844 print_number(ip, narg, c); 1845 putchar(')'); 1846 } 1847 putchar('\n'); 1848 } 1849 1850 void 1851 linux_ktrsysret(struct ktr_sysret *ktr) 1852 { 1853 register_t ret = ktr->ktr_retval; 1854 int error = ktr->ktr_error; 1855 int code = ktr->ktr_code; 1856 1857 if (code >= nlinux_syscalls || code < 0) 1858 printf("[%d] ", code); 1859 else 1860 printf("%s ", linux_syscallnames[code]); 1861 1862 if (error == 0) { 1863 if (fancy) { 1864 printf("%ld", (long)ret); 1865 if (ret < 0 || ret > 9) 1866 printf("/%#lx", (unsigned long)ret); 1867 } else { 1868 if (decimal) 1869 printf("%ld", (long)ret); 1870 else 1871 printf("%#lx", (unsigned long)ret); 1872 } 1873 } else if (error == ERESTART) 1874 printf("RESTART"); 1875 else if (error == EJUSTRETURN) 1876 printf("JUSTRETURN"); 1877 else { 1878 if (ktr->ktr_error <= ELAST + 1) 1879 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 1880 else 1881 error = 999; 1882 printf("-1 errno %d", error); 1883 if (fancy) 1884 printf(" %s", strerror(ktr->ktr_error)); 1885 } 1886 putchar('\n'); 1887 } 1888 #endif 1889 1890 void 1891 usage(void) 1892 { 1893 fprintf(stderr, "usage: kdump [-dEnlHRrsTA] [-f trfile] " 1894 "[-m maxdata] [-p pid] [-t trstr]\n"); 1895 exit(1); 1896 } 1897