1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _WANT_KERNEL_ERRNO 45 #include <sys/param.h> 46 #include <sys/capsicum.h> 47 #include <sys/errno.h> 48 #include <sys/time.h> 49 #include <sys/uio.h> 50 #include <sys/ktrace.h> 51 #include <sys/ioctl.h> 52 #include <sys/socket.h> 53 #include <sys/stat.h> 54 #include <sys/sysent.h> 55 #include <sys/umtx.h> 56 #include <sys/un.h> 57 #include <sys/queue.h> 58 #include <sys/wait.h> 59 #ifdef HAVE_LIBCASPER 60 #include <sys/nv.h> 61 #endif 62 #include <arpa/inet.h> 63 #include <netinet/in.h> 64 #include <ctype.h> 65 #include <capsicum_helpers.h> 66 #include <err.h> 67 #include <grp.h> 68 #include <inttypes.h> 69 #include <locale.h> 70 #include <netdb.h> 71 #include <nl_types.h> 72 #include <pwd.h> 73 #include <stddef.h> 74 #include <stdio.h> 75 #include <stdlib.h> 76 #include <string.h> 77 #include <sysdecode.h> 78 #include <time.h> 79 #include <unistd.h> 80 #include <vis.h> 81 #include "ktrace.h" 82 #include "kdump_subr.h" 83 84 #ifdef HAVE_LIBCASPER 85 #include <libcasper.h> 86 87 #include <casper/cap_grp.h> 88 #include <casper/cap_pwd.h> 89 #endif 90 91 u_int abidump(struct ktr_header *); 92 int fetchprocinfo(struct ktr_header *, u_int *); 93 int fread_tail(void *, int, int); 94 void dumpheader(struct ktr_header *); 95 void ktrsyscall(struct ktr_syscall *, u_int); 96 void ktrsysret(struct ktr_sysret *, u_int); 97 void ktrnamei(char *, int); 98 void hexdump(char *, int, int); 99 void visdump(char *, int, int); 100 void ktrgenio(struct ktr_genio *, int); 101 void ktrpsig(struct ktr_psig *); 102 void ktrcsw(struct ktr_csw *); 103 void ktrcsw_old(struct ktr_csw_old *); 104 void ktruser(int, void *); 105 void ktrcaprights(cap_rights_t *); 106 void ktritimerval(struct itimerval *it); 107 void ktrsockaddr(struct sockaddr *); 108 void ktrstat(struct stat *); 109 void ktrstruct(char *, size_t); 110 void ktrcapfail(struct ktr_cap_fail *); 111 void ktrfault(struct ktr_fault *); 112 void ktrfaultend(struct ktr_faultend *); 113 void usage(void); 114 115 #define TIMESTAMP_NONE 0x0 116 #define TIMESTAMP_ABSOLUTE 0x1 117 #define TIMESTAMP_ELAPSED 0x2 118 #define TIMESTAMP_RELATIVE 0x4 119 120 extern const char *signames[]; 121 122 static int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 123 resolv = 0, abiflag = 0, syscallno = 0; 124 static const char *tracefile = DEF_TRACEFILE; 125 static struct ktr_header ktr_header; 126 127 #define TIME_FORMAT "%b %e %T %Y" 128 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 129 130 #define print_number64(first,i,n,c) do { \ 131 uint64_t __v; \ 132 \ 133 if (quad_align && (((ptrdiff_t)((i) - (first))) & 1) == 1) { \ 134 (i)++; \ 135 (n)--; \ 136 } \ 137 if (quad_slots == 2) \ 138 __v = (uint64_t)(uint32_t)(i)[0] | \ 139 ((uint64_t)(uint32_t)(i)[1]) << 32; \ 140 else \ 141 __v = (uint64_t)*(i); \ 142 if (decimal) \ 143 printf("%c%jd", (c), (intmax_t)__v); \ 144 else \ 145 printf("%c%#jx", (c), (uintmax_t)__v); \ 146 (i) += quad_slots; \ 147 (n) -= quad_slots; \ 148 (c) = ','; \ 149 } while (0) 150 151 #define print_number(i,n,c) do { \ 152 if (decimal) \ 153 printf("%c%jd", c, (intmax_t)*i); \ 154 else \ 155 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 156 i++; \ 157 n--; \ 158 c = ','; \ 159 } while (0) 160 161 struct proc_info 162 { 163 TAILQ_ENTRY(proc_info) info; 164 u_int sv_flags; 165 pid_t pid; 166 }; 167 168 static TAILQ_HEAD(trace_procs, proc_info) trace_procs; 169 170 #ifdef HAVE_LIBCASPER 171 static cap_channel_t *cappwd, *capgrp; 172 #endif 173 174 static void 175 strerror_init(void) 176 { 177 178 /* 179 * Cache NLS data before entering capability mode. 180 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 181 */ 182 (void)catopen("libc", NL_CAT_LOCALE); 183 } 184 185 static void 186 localtime_init(void) 187 { 188 time_t ltime; 189 190 /* 191 * Allow localtime(3) to cache /etc/localtime content before entering 192 * capability mode. 193 * XXXPJD: There should be localtime_init() in libc. 194 */ 195 (void)time(<ime); 196 (void)localtime(<ime); 197 } 198 199 #ifdef HAVE_LIBCASPER 200 static int 201 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp) 202 { 203 cap_channel_t *capcas, *cappwdloc, *capgrploc; 204 const char *cmds[1], *fields[1]; 205 206 capcas = cap_init(); 207 if (capcas == NULL) { 208 err(1, "unable to create casper process"); 209 exit(1); 210 } 211 cappwdloc = cap_service_open(capcas, "system.pwd"); 212 capgrploc = cap_service_open(capcas, "system.grp"); 213 /* Casper capability no longer needed. */ 214 cap_close(capcas); 215 if (cappwdloc == NULL || capgrploc == NULL) { 216 if (cappwdloc == NULL) 217 warn("unable to open system.pwd service"); 218 if (capgrploc == NULL) 219 warn("unable to open system.grp service"); 220 exit(1); 221 } 222 /* Limit system.pwd to only getpwuid() function and pw_name field. */ 223 cmds[0] = "getpwuid"; 224 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0) 225 err(1, "unable to limit system.pwd service"); 226 fields[0] = "pw_name"; 227 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0) 228 err(1, "unable to limit system.pwd service"); 229 /* Limit system.grp to only getgrgid() function and gr_name field. */ 230 cmds[0] = "getgrgid"; 231 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0) 232 err(1, "unable to limit system.grp service"); 233 fields[0] = "gr_name"; 234 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0) 235 err(1, "unable to limit system.grp service"); 236 237 *cappwdp = cappwdloc; 238 *capgrpp = capgrploc; 239 return (0); 240 } 241 #endif /* HAVE_LIBCASPER */ 242 243 int 244 main(int argc, char *argv[]) 245 { 246 int ch, ktrlen, size; 247 void *m; 248 int trpoints = ALL_POINTS; 249 int drop_logged; 250 pid_t pid = 0; 251 u_int sv_flags; 252 253 setlocale(LC_CTYPE, ""); 254 255 timestamp = TIMESTAMP_NONE; 256 257 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1) 258 switch (ch) { 259 case 'A': 260 abiflag = 1; 261 break; 262 case 'f': 263 tracefile = optarg; 264 break; 265 case 'd': 266 decimal = 1; 267 break; 268 case 'l': 269 tail = 1; 270 break; 271 case 'm': 272 maxdata = atoi(optarg); 273 break; 274 case 'n': 275 fancy = 0; 276 break; 277 case 'p': 278 pid = atoi(optarg); 279 break; 280 case 'r': 281 resolv = 1; 282 break; 283 case 'S': 284 syscallno = 1; 285 break; 286 case 's': 287 suppressdata = 1; 288 break; 289 case 'E': 290 timestamp |= TIMESTAMP_ELAPSED; 291 break; 292 case 'H': 293 threads = 1; 294 break; 295 case 'R': 296 timestamp |= TIMESTAMP_RELATIVE; 297 break; 298 case 'T': 299 timestamp |= TIMESTAMP_ABSOLUTE; 300 break; 301 case 't': 302 trpoints = getpoints(optarg); 303 if (trpoints < 0) 304 errx(1, "unknown trace point in %s", optarg); 305 break; 306 default: 307 usage(); 308 } 309 310 if (argc > optind) 311 usage(); 312 313 m = malloc(size = 1025); 314 if (m == NULL) 315 errx(1, "%s", strerror(ENOMEM)); 316 if (strcmp(tracefile, "-") != 0) 317 if (!freopen(tracefile, "r", stdin)) 318 err(1, "%s", tracefile); 319 320 strerror_init(); 321 localtime_init(); 322 #ifdef HAVE_LIBCASPER 323 if (resolv != 0) { 324 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) { 325 cappwd = NULL; 326 capgrp = NULL; 327 } 328 } 329 if (resolv == 0 || (cappwd != NULL && capgrp != NULL)) { 330 if (cap_enter() < 0 && errno != ENOSYS) 331 err(1, "unable to enter capability mode"); 332 } 333 #else 334 if (resolv == 0) { 335 if (cap_enter() < 0 && errno != ENOSYS) 336 err(1, "unable to enter capability mode"); 337 } 338 #endif 339 if (caph_limit_stdio() == -1) 340 err(1, "unable to limit stdio"); 341 342 TAILQ_INIT(&trace_procs); 343 drop_logged = 0; 344 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 345 if (ktr_header.ktr_type & KTR_DROP) { 346 ktr_header.ktr_type &= ~KTR_DROP; 347 if (!drop_logged && threads) { 348 printf( 349 "%6jd %6jd %-8.*s Events dropped.\n", 350 (intmax_t)ktr_header.ktr_pid, 351 ktr_header.ktr_tid > 0 ? 352 (intmax_t)ktr_header.ktr_tid : 0, 353 MAXCOMLEN, ktr_header.ktr_comm); 354 drop_logged = 1; 355 } else if (!drop_logged) { 356 printf("%6jd %-8.*s Events dropped.\n", 357 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 358 ktr_header.ktr_comm); 359 drop_logged = 1; 360 } 361 } 362 if (trpoints & (1<<ktr_header.ktr_type)) 363 if (pid == 0 || ktr_header.ktr_pid == pid || 364 ktr_header.ktr_tid == pid) 365 dumpheader(&ktr_header); 366 if ((ktrlen = ktr_header.ktr_len) < 0) 367 errx(1, "bogus length 0x%x", ktrlen); 368 if (ktrlen > size) { 369 m = realloc(m, ktrlen+1); 370 if (m == NULL) 371 errx(1, "%s", strerror(ENOMEM)); 372 size = ktrlen; 373 } 374 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 375 errx(1, "data too short"); 376 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 377 continue; 378 sv_flags = abidump(&ktr_header); 379 if (pid && ktr_header.ktr_pid != pid && 380 ktr_header.ktr_tid != pid) 381 continue; 382 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 383 continue; 384 drop_logged = 0; 385 switch (ktr_header.ktr_type) { 386 case KTR_SYSCALL: 387 ktrsyscall((struct ktr_syscall *)m, sv_flags); 388 break; 389 case KTR_SYSRET: 390 ktrsysret((struct ktr_sysret *)m, sv_flags); 391 break; 392 case KTR_NAMEI: 393 case KTR_SYSCTL: 394 ktrnamei(m, ktrlen); 395 break; 396 case KTR_GENIO: 397 ktrgenio((struct ktr_genio *)m, ktrlen); 398 break; 399 case KTR_PSIG: 400 ktrpsig((struct ktr_psig *)m); 401 break; 402 case KTR_CSW: 403 if (ktrlen == sizeof(struct ktr_csw_old)) 404 ktrcsw_old((struct ktr_csw_old *)m); 405 else 406 ktrcsw((struct ktr_csw *)m); 407 break; 408 case KTR_USER: 409 ktruser(ktrlen, m); 410 break; 411 case KTR_STRUCT: 412 ktrstruct(m, ktrlen); 413 break; 414 case KTR_CAPFAIL: 415 ktrcapfail((struct ktr_cap_fail *)m); 416 break; 417 case KTR_FAULT: 418 ktrfault((struct ktr_fault *)m); 419 break; 420 case KTR_FAULTEND: 421 ktrfaultend((struct ktr_faultend *)m); 422 break; 423 default: 424 printf("\n"); 425 break; 426 } 427 if (tail) 428 fflush(stdout); 429 } 430 return 0; 431 } 432 433 int 434 fread_tail(void *buf, int size, int num) 435 { 436 int i; 437 438 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 439 sleep(1); 440 clearerr(stdin); 441 } 442 return (i); 443 } 444 445 int 446 fetchprocinfo(struct ktr_header *kth, u_int *flags) 447 { 448 struct proc_info *pi; 449 450 switch (kth->ktr_type) { 451 case KTR_PROCCTOR: 452 TAILQ_FOREACH(pi, &trace_procs, info) { 453 if (pi->pid == kth->ktr_pid) { 454 TAILQ_REMOVE(&trace_procs, pi, info); 455 break; 456 } 457 } 458 pi = malloc(sizeof(struct proc_info)); 459 if (pi == NULL) 460 errx(1, "%s", strerror(ENOMEM)); 461 pi->sv_flags = *flags; 462 pi->pid = kth->ktr_pid; 463 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 464 return (1); 465 466 case KTR_PROCDTOR: 467 TAILQ_FOREACH(pi, &trace_procs, info) { 468 if (pi->pid == kth->ktr_pid) { 469 TAILQ_REMOVE(&trace_procs, pi, info); 470 free(pi); 471 break; 472 } 473 } 474 return (1); 475 } 476 477 return (0); 478 } 479 480 u_int 481 abidump(struct ktr_header *kth) 482 { 483 struct proc_info *pi; 484 const char *abi; 485 const char *arch; 486 u_int flags = 0; 487 488 TAILQ_FOREACH(pi, &trace_procs, info) { 489 if (pi->pid == kth->ktr_pid) { 490 flags = pi->sv_flags; 491 break; 492 } 493 } 494 495 if (abiflag == 0) 496 return (flags); 497 498 switch (flags & SV_ABI_MASK) { 499 case SV_ABI_LINUX: 500 abi = "L"; 501 break; 502 case SV_ABI_FREEBSD: 503 abi = "F"; 504 break; 505 case SV_ABI_CLOUDABI: 506 abi = "C"; 507 break; 508 default: 509 abi = "U"; 510 break; 511 } 512 513 if (flags & SV_LP64) 514 arch = "64"; 515 else if (flags & SV_ILP32) 516 arch = "32"; 517 else 518 arch = "00"; 519 520 printf("%s%s ", abi, arch); 521 522 return (flags); 523 } 524 525 void 526 dumpheader(struct ktr_header *kth) 527 { 528 static char unknown[64]; 529 static struct timeval prevtime, prevtime_e; 530 struct timeval temp; 531 const char *type; 532 const char *sign; 533 534 switch (kth->ktr_type) { 535 case KTR_SYSCALL: 536 type = "CALL"; 537 break; 538 case KTR_SYSRET: 539 type = "RET "; 540 break; 541 case KTR_NAMEI: 542 type = "NAMI"; 543 break; 544 case KTR_GENIO: 545 type = "GIO "; 546 break; 547 case KTR_PSIG: 548 type = "PSIG"; 549 break; 550 case KTR_CSW: 551 type = "CSW "; 552 break; 553 case KTR_USER: 554 type = "USER"; 555 break; 556 case KTR_STRUCT: 557 type = "STRU"; 558 break; 559 case KTR_SYSCTL: 560 type = "SCTL"; 561 break; 562 case KTR_PROCCTOR: 563 /* FALLTHROUGH */ 564 case KTR_PROCDTOR: 565 return; 566 case KTR_CAPFAIL: 567 type = "CAP "; 568 break; 569 case KTR_FAULT: 570 type = "PFLT"; 571 break; 572 case KTR_FAULTEND: 573 type = "PRET"; 574 break; 575 default: 576 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 577 type = unknown; 578 } 579 580 /* 581 * The ktr_tid field was previously the ktr_buffer field, which held 582 * the kernel pointer value for the buffer associated with data 583 * following the record header. It now holds a threadid, but only 584 * for trace files after the change. Older trace files still contain 585 * kernel pointers. Detect this and suppress the results by printing 586 * negative tid's as 0. 587 */ 588 if (threads) 589 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 590 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 591 MAXCOMLEN, kth->ktr_comm); 592 else 593 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 594 kth->ktr_comm); 595 if (timestamp) { 596 if (timestamp & TIMESTAMP_ABSOLUTE) { 597 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 598 kth->ktr_time.tv_usec); 599 } 600 if (timestamp & TIMESTAMP_ELAPSED) { 601 if (prevtime_e.tv_sec == 0) 602 prevtime_e = kth->ktr_time; 603 timersub(&kth->ktr_time, &prevtime_e, &temp); 604 printf("%jd.%06ld ", (intmax_t)temp.tv_sec, 605 temp.tv_usec); 606 } 607 if (timestamp & TIMESTAMP_RELATIVE) { 608 if (prevtime.tv_sec == 0) 609 prevtime = kth->ktr_time; 610 if (timercmp(&kth->ktr_time, &prevtime, <)) { 611 timersub(&prevtime, &kth->ktr_time, &temp); 612 sign = "-"; 613 } else { 614 timersub(&kth->ktr_time, &prevtime, &temp); 615 sign = ""; 616 } 617 prevtime = kth->ktr_time; 618 printf("%s%jd.%06ld ", sign, (intmax_t)temp.tv_sec, 619 temp.tv_usec); 620 } 621 } 622 printf("%s ", type); 623 } 624 625 #include <sys/syscall.h> 626 627 static void 628 ioctlname(unsigned long val) 629 { 630 const char *str; 631 632 str = sysdecode_ioctlname(val); 633 if (str != NULL) 634 printf("%s", str); 635 else if (decimal) 636 printf("%lu", val); 637 else 638 printf("%#lx", val); 639 } 640 641 static enum sysdecode_abi 642 syscallabi(u_int sv_flags) 643 { 644 645 if (sv_flags == 0) 646 return (SYSDECODE_ABI_FREEBSD); 647 switch (sv_flags & SV_ABI_MASK) { 648 case SV_ABI_FREEBSD: 649 return (SYSDECODE_ABI_FREEBSD); 650 #if defined(__amd64__) || defined(__i386__) 651 case SV_ABI_LINUX: 652 #ifdef __amd64__ 653 if (sv_flags & SV_ILP32) 654 return (SYSDECODE_ABI_LINUX32); 655 #endif 656 return (SYSDECODE_ABI_LINUX); 657 #endif 658 #if defined(__aarch64__) || defined(__amd64__) 659 case SV_ABI_CLOUDABI: 660 return (SYSDECODE_ABI_CLOUDABI64); 661 #endif 662 default: 663 return (SYSDECODE_ABI_UNKNOWN); 664 } 665 } 666 667 static void 668 syscallname(u_int code, u_int sv_flags) 669 { 670 const char *name; 671 672 name = sysdecode_syscallname(syscallabi(sv_flags), code); 673 if (name == NULL) 674 printf("[%d]", code); 675 else { 676 printf("%s", name); 677 if (syscallno) 678 printf("[%d]", code); 679 } 680 } 681 682 void 683 ktrsyscall(struct ktr_syscall *ktr, u_int sv_flags) 684 { 685 int narg = ktr->ktr_narg; 686 register_t *ip, *first; 687 intmax_t arg; 688 int quad_align, quad_slots; 689 690 syscallname(ktr->ktr_code, sv_flags); 691 ip = first = &ktr->ktr_args[0]; 692 if (narg) { 693 char c = '('; 694 if (fancy && 695 (sv_flags == 0 || 696 (sv_flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 697 quad_align = 0; 698 if (sv_flags & SV_ILP32) { 699 #ifdef __powerpc__ 700 quad_align = 1; 701 #endif 702 quad_slots = 2; 703 } else 704 quad_slots = 1; 705 switch (ktr->ktr_code) { 706 case SYS_bindat: 707 case SYS_connectat: 708 case SYS_faccessat: 709 case SYS_fchmodat: 710 case SYS_fchownat: 711 case SYS_fstatat: 712 case SYS_futimesat: 713 case SYS_linkat: 714 case SYS_mkdirat: 715 case SYS_mkfifoat: 716 case SYS_mknodat: 717 case SYS_openat: 718 case SYS_readlinkat: 719 case SYS_renameat: 720 case SYS_unlinkat: 721 case SYS_utimensat: 722 putchar('('); 723 atfdname(*ip, decimal); 724 c = ','; 725 ip++; 726 narg--; 727 break; 728 } 729 switch (ktr->ktr_code) { 730 case SYS_ioctl: { 731 print_number(ip, narg, c); 732 putchar(c); 733 ioctlname(*ip); 734 c = ','; 735 ip++; 736 narg--; 737 break; 738 } 739 case SYS_ptrace: 740 putchar('('); 741 ptraceopname(*ip); 742 c = ','; 743 ip++; 744 narg--; 745 break; 746 case SYS_access: 747 case SYS_eaccess: 748 case SYS_faccessat: 749 print_number(ip, narg, c); 750 putchar(','); 751 accessmodename(*ip); 752 ip++; 753 narg--; 754 break; 755 case SYS_open: 756 case SYS_openat: 757 print_number(ip, narg, c); 758 putchar(','); 759 flagsandmodename(ip[0], ip[1], decimal); 760 ip += 2; 761 narg -= 2; 762 break; 763 case SYS_wait4: 764 print_number(ip, narg, c); 765 print_number(ip, narg, c); 766 /* 767 * A flags value of zero is valid for 768 * wait4() but not for wait6(), so 769 * handle zero special here. 770 */ 771 if (*ip == 0) { 772 print_number(ip, narg, c); 773 } else { 774 putchar(','); 775 wait6optname(*ip); 776 ip++; 777 narg--; 778 } 779 break; 780 case SYS_wait6: 781 putchar('('); 782 idtypename(*ip, decimal); 783 c = ','; 784 ip++; 785 narg--; 786 print_number64(first, ip, narg, c); 787 print_number(ip, narg, c); 788 putchar(','); 789 wait6optname(*ip); 790 ip++; 791 narg--; 792 break; 793 case SYS_chmod: 794 case SYS_fchmod: 795 case SYS_lchmod: 796 case SYS_fchmodat: 797 print_number(ip, narg, c); 798 putchar(','); 799 modename(*ip); 800 ip++; 801 narg--; 802 break; 803 case SYS_mknod: 804 case SYS_mknodat: 805 print_number(ip, narg, c); 806 putchar(','); 807 modename(*ip); 808 ip++; 809 narg--; 810 break; 811 case SYS_getfsstat: 812 print_number(ip, narg, c); 813 print_number(ip, narg, c); 814 putchar(','); 815 getfsstatflagsname(*ip); 816 ip++; 817 narg--; 818 break; 819 case SYS_mount: 820 print_number(ip, narg, c); 821 print_number(ip, narg, c); 822 putchar(','); 823 mountflagsname(*ip); 824 ip++; 825 narg--; 826 break; 827 case SYS_unmount: 828 print_number(ip, narg, c); 829 putchar(','); 830 mountflagsname(*ip); 831 ip++; 832 narg--; 833 break; 834 case SYS_recvmsg: 835 case SYS_sendmsg: 836 print_number(ip, narg, c); 837 print_number(ip, narg, c); 838 putchar(','); 839 sendrecvflagsname(*ip); 840 ip++; 841 narg--; 842 break; 843 case SYS_recvfrom: 844 case SYS_sendto: 845 print_number(ip, narg, c); 846 print_number(ip, narg, c); 847 print_number(ip, narg, c); 848 putchar(','); 849 sendrecvflagsname(*ip); 850 ip++; 851 narg--; 852 break; 853 case SYS_chflags: 854 case SYS_fchflags: 855 case SYS_lchflags: 856 print_number(ip, narg, c); 857 putchar(','); 858 modename(*ip); 859 ip++; 860 narg--; 861 break; 862 case SYS_kill: 863 print_number(ip, narg, c); 864 putchar(','); 865 signame(*ip); 866 ip++; 867 narg--; 868 break; 869 case SYS_reboot: 870 putchar('('); 871 rebootoptname(*ip); 872 ip++; 873 narg--; 874 break; 875 case SYS_umask: 876 putchar('('); 877 modename(*ip); 878 ip++; 879 narg--; 880 break; 881 case SYS_msync: 882 print_number(ip, narg, c); 883 print_number(ip, narg, c); 884 putchar(','); 885 msyncflagsname(*ip); 886 ip++; 887 narg--; 888 break; 889 #ifdef SYS_freebsd6_mmap 890 case SYS_freebsd6_mmap: 891 print_number(ip, narg, c); 892 print_number(ip, narg, c); 893 putchar(','); 894 mmapprotname(*ip); 895 putchar(','); 896 ip++; 897 narg--; 898 mmapflagsname(*ip); 899 ip++; 900 narg--; 901 break; 902 #endif 903 case SYS_mmap: 904 print_number(ip, narg, c); 905 print_number(ip, narg, c); 906 putchar(','); 907 mmapprotname(*ip); 908 putchar(','); 909 ip++; 910 narg--; 911 mmapflagsname(*ip); 912 ip++; 913 narg--; 914 break; 915 case SYS_mprotect: 916 print_number(ip, narg, c); 917 print_number(ip, narg, c); 918 putchar(','); 919 mmapprotname(*ip); 920 ip++; 921 narg--; 922 break; 923 case SYS_madvise: 924 print_number(ip, narg, c); 925 print_number(ip, narg, c); 926 putchar(','); 927 madvisebehavname(*ip); 928 ip++; 929 narg--; 930 break; 931 case SYS_setpriority: 932 print_number(ip, narg, c); 933 print_number(ip, narg, c); 934 putchar(','); 935 prioname(*ip); 936 ip++; 937 narg--; 938 break; 939 case SYS_fcntl: 940 print_number(ip, narg, c); 941 putchar(','); 942 fcntlcmdname(ip[0], ip[1], decimal); 943 ip += 2; 944 narg -= 2; 945 break; 946 case SYS_socket: { 947 int sockdomain; 948 putchar('('); 949 sockdomain = *ip; 950 sockdomainname(sockdomain); 951 ip++; 952 narg--; 953 putchar(','); 954 socktypenamewithflags(*ip); 955 ip++; 956 narg--; 957 if (sockdomain == PF_INET || 958 sockdomain == PF_INET6) { 959 putchar(','); 960 sockipprotoname(*ip); 961 ip++; 962 narg--; 963 } 964 c = ','; 965 break; 966 } 967 case SYS_setsockopt: 968 case SYS_getsockopt: 969 print_number(ip, narg, c); 970 putchar(','); 971 sockoptlevelname(*ip, decimal); 972 if (*ip == SOL_SOCKET) { 973 ip++; 974 narg--; 975 putchar(','); 976 sockoptname(*ip); 977 } 978 ip++; 979 narg--; 980 break; 981 #ifdef SYS_freebsd6_lseek 982 case SYS_freebsd6_lseek: 983 print_number(ip, narg, c); 984 /* Hidden 'pad' argument, not in lseek(2) */ 985 print_number(ip, narg, c); 986 print_number64(first, ip, narg, c); 987 putchar(','); 988 whencename(*ip); 989 ip++; 990 narg--; 991 break; 992 #endif 993 case SYS_lseek: 994 print_number(ip, narg, c); 995 print_number64(first, ip, narg, c); 996 putchar(','); 997 whencename(*ip); 998 ip++; 999 narg--; 1000 break; 1001 case SYS_flock: 1002 print_number(ip, narg, c); 1003 putchar(','); 1004 flockname(*ip); 1005 ip++; 1006 narg--; 1007 break; 1008 case SYS_mkfifo: 1009 case SYS_mkfifoat: 1010 case SYS_mkdir: 1011 case SYS_mkdirat: 1012 print_number(ip, narg, c); 1013 putchar(','); 1014 modename(*ip); 1015 ip++; 1016 narg--; 1017 break; 1018 case SYS_shutdown: 1019 print_number(ip, narg, c); 1020 putchar(','); 1021 shutdownhowname(*ip); 1022 ip++; 1023 narg--; 1024 break; 1025 case SYS_socketpair: 1026 putchar('('); 1027 sockdomainname(*ip); 1028 ip++; 1029 narg--; 1030 putchar(','); 1031 socktypenamewithflags(*ip); 1032 ip++; 1033 narg--; 1034 c = ','; 1035 break; 1036 case SYS_getrlimit: 1037 case SYS_setrlimit: 1038 putchar('('); 1039 rlimitname(*ip); 1040 ip++; 1041 narg--; 1042 c = ','; 1043 break; 1044 case SYS_quotactl: 1045 print_number(ip, narg, c); 1046 putchar(','); 1047 quotactlname(*ip); 1048 ip++; 1049 narg--; 1050 c = ','; 1051 break; 1052 case SYS_nfssvc: 1053 putchar('('); 1054 nfssvcname(*ip); 1055 ip++; 1056 narg--; 1057 c = ','; 1058 break; 1059 case SYS_rtprio: 1060 putchar('('); 1061 rtprioname(*ip); 1062 ip++; 1063 narg--; 1064 c = ','; 1065 break; 1066 case SYS___semctl: 1067 print_number(ip, narg, c); 1068 print_number(ip, narg, c); 1069 putchar(','); 1070 semctlname(*ip); 1071 ip++; 1072 narg--; 1073 break; 1074 case SYS_semget: 1075 print_number(ip, narg, c); 1076 print_number(ip, narg, c); 1077 putchar(','); 1078 semgetname(*ip); 1079 ip++; 1080 narg--; 1081 break; 1082 case SYS_msgctl: 1083 print_number(ip, narg, c); 1084 putchar(','); 1085 shmctlname(*ip); 1086 ip++; 1087 narg--; 1088 break; 1089 case SYS_shmat: 1090 print_number(ip, narg, c); 1091 print_number(ip, narg, c); 1092 putchar(','); 1093 shmatname(*ip); 1094 ip++; 1095 narg--; 1096 break; 1097 case SYS_shmctl: 1098 print_number(ip, narg, c); 1099 putchar(','); 1100 shmctlname(*ip); 1101 ip++; 1102 narg--; 1103 break; 1104 case SYS_shm_open: 1105 print_number(ip, narg, c); 1106 putchar(','); 1107 flagsname(ip[0]); 1108 printf(",0%o", (unsigned int)ip[1]); 1109 ip += 3; 1110 narg -= 3; 1111 break; 1112 case SYS_minherit: 1113 print_number(ip, narg, c); 1114 print_number(ip, narg, c); 1115 putchar(','); 1116 minheritname(*ip); 1117 ip++; 1118 narg--; 1119 break; 1120 case SYS_rfork: 1121 putchar('('); 1122 rforkname(*ip); 1123 ip++; 1124 narg--; 1125 c = ','; 1126 break; 1127 case SYS_lio_listio: 1128 putchar('('); 1129 lio_listioname(*ip); 1130 ip++; 1131 narg--; 1132 c = ','; 1133 break; 1134 case SYS_mlockall: 1135 putchar('('); 1136 mlockallname(*ip); 1137 ip++; 1138 narg--; 1139 break; 1140 case SYS_sched_setscheduler: 1141 print_number(ip, narg, c); 1142 putchar(','); 1143 schedpolicyname(*ip); 1144 ip++; 1145 narg--; 1146 break; 1147 case SYS_sched_get_priority_max: 1148 case SYS_sched_get_priority_min: 1149 putchar('('); 1150 schedpolicyname(*ip); 1151 ip++; 1152 narg--; 1153 break; 1154 case SYS_sendfile: 1155 print_number(ip, narg, c); 1156 print_number(ip, narg, c); 1157 print_number(ip, narg, c); 1158 print_number(ip, narg, c); 1159 print_number(ip, narg, c); 1160 print_number(ip, narg, c); 1161 putchar(','); 1162 sendfileflagsname(*(int *)ip); 1163 ip++; 1164 narg--; 1165 break; 1166 case SYS_kldsym: 1167 print_number(ip, narg, c); 1168 putchar(','); 1169 kldsymcmdname(*ip); 1170 ip++; 1171 narg--; 1172 break; 1173 case SYS_sigprocmask: 1174 putchar('('); 1175 sigprocmaskhowname(*ip); 1176 ip++; 1177 narg--; 1178 c = ','; 1179 break; 1180 case SYS___acl_get_file: 1181 case SYS___acl_set_file: 1182 case SYS___acl_get_fd: 1183 case SYS___acl_set_fd: 1184 case SYS___acl_delete_file: 1185 case SYS___acl_delete_fd: 1186 case SYS___acl_aclcheck_file: 1187 case SYS___acl_aclcheck_fd: 1188 case SYS___acl_get_link: 1189 case SYS___acl_set_link: 1190 case SYS___acl_delete_link: 1191 case SYS___acl_aclcheck_link: 1192 print_number(ip, narg, c); 1193 putchar(','); 1194 acltypename(*ip); 1195 ip++; 1196 narg--; 1197 break; 1198 case SYS_sigaction: 1199 putchar('('); 1200 signame(*ip); 1201 ip++; 1202 narg--; 1203 c = ','; 1204 break; 1205 case SYS_extattrctl: 1206 print_number(ip, narg, c); 1207 putchar(','); 1208 extattrctlname(*ip); 1209 ip++; 1210 narg--; 1211 break; 1212 case SYS_nmount: 1213 print_number(ip, narg, c); 1214 print_number(ip, narg, c); 1215 putchar(','); 1216 mountflagsname(*ip); 1217 ip++; 1218 narg--; 1219 break; 1220 case SYS_thr_create: 1221 print_number(ip, narg, c); 1222 print_number(ip, narg, c); 1223 putchar(','); 1224 thrcreateflagsname(*ip); 1225 ip++; 1226 narg--; 1227 break; 1228 case SYS_thr_kill: 1229 print_number(ip, narg, c); 1230 putchar(','); 1231 signame(*ip); 1232 ip++; 1233 narg--; 1234 break; 1235 case SYS_kldunloadf: 1236 print_number(ip, narg, c); 1237 putchar(','); 1238 kldunloadfflagsname(*ip); 1239 ip++; 1240 narg--; 1241 break; 1242 case SYS_linkat: 1243 case SYS_renameat: 1244 case SYS_symlinkat: 1245 print_number(ip, narg, c); 1246 putchar(','); 1247 atfdname(*ip, decimal); 1248 ip++; 1249 narg--; 1250 break; 1251 case SYS_cap_fcntls_limit: 1252 print_number(ip, narg, c); 1253 putchar(','); 1254 arg = *ip; 1255 ip++; 1256 narg--; 1257 capfcntlname(arg); 1258 break; 1259 case SYS_posix_fadvise: 1260 print_number(ip, narg, c); 1261 print_number(ip, narg, c); 1262 print_number(ip, narg, c); 1263 (void)putchar(','); 1264 fadvisebehavname((int)*ip); 1265 ip++; 1266 narg--; 1267 break; 1268 case SYS_procctl: 1269 putchar('('); 1270 idtypename(*ip, decimal); 1271 c = ','; 1272 ip++; 1273 narg--; 1274 print_number64(first, ip, narg, c); 1275 putchar(','); 1276 procctlcmdname(*ip); 1277 ip++; 1278 narg--; 1279 break; 1280 case SYS__umtx_op: 1281 print_number(ip, narg, c); 1282 putchar(','); 1283 umtxopname(*ip); 1284 switch (*ip) { 1285 case UMTX_OP_CV_WAIT: 1286 ip++; 1287 narg--; 1288 putchar(','); 1289 umtxcvwaitflags(*ip); 1290 break; 1291 case UMTX_OP_RW_RDLOCK: 1292 ip++; 1293 narg--; 1294 putchar(','); 1295 umtxrwlockflags(*ip); 1296 break; 1297 } 1298 ip++; 1299 narg--; 1300 break; 1301 case SYS_ftruncate: 1302 case SYS_truncate: 1303 print_number(ip, narg, c); 1304 print_number64(first, ip, narg, c); 1305 break; 1306 } 1307 } 1308 while (narg > 0) { 1309 print_number(ip, narg, c); 1310 } 1311 putchar(')'); 1312 } 1313 putchar('\n'); 1314 } 1315 1316 void 1317 ktrsysret(struct ktr_sysret *ktr, u_int sv_flags) 1318 { 1319 register_t ret = ktr->ktr_retval; 1320 int error = ktr->ktr_error; 1321 1322 syscallname(ktr->ktr_code, sv_flags); 1323 printf(" "); 1324 1325 if (error == 0) { 1326 if (fancy) { 1327 printf("%ld", (long)ret); 1328 if (ret < 0 || ret > 9) 1329 printf("/%#lx", (unsigned long)ret); 1330 } else { 1331 if (decimal) 1332 printf("%ld", (long)ret); 1333 else 1334 printf("%#lx", (unsigned long)ret); 1335 } 1336 } else if (error == ERESTART) 1337 printf("RESTART"); 1338 else if (error == EJUSTRETURN) 1339 printf("JUSTRETURN"); 1340 else { 1341 printf("-1 errno %d", sysdecode_freebsd_to_abi_errno( 1342 syscallabi(sv_flags), error)); 1343 if (fancy) 1344 printf(" %s", strerror(ktr->ktr_error)); 1345 } 1346 putchar('\n'); 1347 } 1348 1349 void 1350 ktrnamei(char *cp, int len) 1351 { 1352 printf("\"%.*s\"\n", len, cp); 1353 } 1354 1355 void 1356 hexdump(char *p, int len, int screenwidth) 1357 { 1358 int n, i; 1359 int width; 1360 1361 width = 0; 1362 do { 1363 width += 2; 1364 i = 13; /* base offset */ 1365 i += (width / 2) + 1; /* spaces every second byte */ 1366 i += (width * 2); /* width of bytes */ 1367 i += 3; /* " |" */ 1368 i += width; /* each byte */ 1369 i += 1; /* "|" */ 1370 } while (i < screenwidth); 1371 width -= 2; 1372 1373 for (n = 0; n < len; n += width) { 1374 for (i = n; i < n + width; i++) { 1375 if ((i % width) == 0) { /* beginning of line */ 1376 printf(" 0x%04x", i); 1377 } 1378 if ((i % 2) == 0) { 1379 printf(" "); 1380 } 1381 if (i < len) 1382 printf("%02x", p[i] & 0xff); 1383 else 1384 printf(" "); 1385 } 1386 printf(" |"); 1387 for (i = n; i < n + width; i++) { 1388 if (i >= len) 1389 break; 1390 if (p[i] >= ' ' && p[i] <= '~') 1391 printf("%c", p[i]); 1392 else 1393 printf("."); 1394 } 1395 printf("|\n"); 1396 } 1397 if ((i % width) != 0) 1398 printf("\n"); 1399 } 1400 1401 void 1402 visdump(char *dp, int datalen, int screenwidth) 1403 { 1404 int col = 0; 1405 char *cp; 1406 int width; 1407 char visbuf[5]; 1408 1409 printf(" \""); 1410 col = 8; 1411 for (;datalen > 0; datalen--, dp++) { 1412 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1413 cp = visbuf; 1414 /* 1415 * Keep track of printables and 1416 * space chars (like fold(1)). 1417 */ 1418 if (col == 0) { 1419 putchar('\t'); 1420 col = 8; 1421 } 1422 switch(*cp) { 1423 case '\n': 1424 col = 0; 1425 putchar('\n'); 1426 continue; 1427 case '\t': 1428 width = 8 - (col&07); 1429 break; 1430 default: 1431 width = strlen(cp); 1432 } 1433 if (col + width > (screenwidth-2)) { 1434 printf("\\\n\t"); 1435 col = 8; 1436 } 1437 col += width; 1438 do { 1439 putchar(*cp++); 1440 } while (*cp); 1441 } 1442 if (col == 0) 1443 printf(" "); 1444 printf("\"\n"); 1445 } 1446 1447 void 1448 ktrgenio(struct ktr_genio *ktr, int len) 1449 { 1450 int datalen = len - sizeof (struct ktr_genio); 1451 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1452 static int screenwidth = 0; 1453 int i, binary; 1454 1455 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1456 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1457 datalen == 1 ? "" : "s"); 1458 if (suppressdata) 1459 return; 1460 if (screenwidth == 0) { 1461 struct winsize ws; 1462 1463 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1464 ws.ws_col > 8) 1465 screenwidth = ws.ws_col; 1466 else 1467 screenwidth = 80; 1468 } 1469 if (maxdata && datalen > maxdata) 1470 datalen = maxdata; 1471 1472 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1473 if (dp[i] >= 32 && dp[i] < 127) 1474 continue; 1475 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1476 continue; 1477 binary = 1; 1478 } 1479 if (binary) 1480 hexdump(dp, datalen, screenwidth); 1481 else 1482 visdump(dp, datalen, screenwidth); 1483 } 1484 1485 const char *signames[] = { 1486 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1487 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1488 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1489 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1490 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1491 "USR2", NULL, /* 31 - 32 */ 1492 }; 1493 1494 void 1495 ktrpsig(struct ktr_psig *psig) 1496 { 1497 if (psig->signo > 0 && psig->signo < NSIG) 1498 printf("SIG%s ", signames[psig->signo]); 1499 else 1500 printf("SIG %d ", psig->signo); 1501 if (psig->action == SIG_DFL) { 1502 printf("SIG_DFL code="); 1503 sigcodename(psig->signo, psig->code); 1504 putchar('\n'); 1505 } else { 1506 printf("caught handler=0x%lx mask=0x%x code=", 1507 (u_long)psig->action, psig->mask.__bits[0]); 1508 sigcodename(psig->signo, psig->code); 1509 putchar('\n'); 1510 } 1511 } 1512 1513 void 1514 ktrcsw_old(struct ktr_csw_old *cs) 1515 { 1516 printf("%s %s\n", cs->out ? "stop" : "resume", 1517 cs->user ? "user" : "kernel"); 1518 } 1519 1520 void 1521 ktrcsw(struct ktr_csw *cs) 1522 { 1523 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1524 cs->user ? "user" : "kernel", cs->wmesg); 1525 } 1526 1527 void 1528 ktruser(int len, void *p) 1529 { 1530 unsigned char *cp; 1531 1532 if (sysdecode_utrace(stdout, p, len)) { 1533 printf("\n"); 1534 return; 1535 } 1536 1537 printf("%d ", len); 1538 cp = p; 1539 while (len--) 1540 if (decimal) 1541 printf(" %d", *cp++); 1542 else 1543 printf(" %02x", *cp++); 1544 printf("\n"); 1545 } 1546 1547 void 1548 ktrcaprights(cap_rights_t *rightsp) 1549 { 1550 1551 printf("cap_rights_t "); 1552 capname(rightsp); 1553 printf("\n"); 1554 } 1555 1556 static void 1557 ktrtimeval(struct timeval *tv) 1558 { 1559 1560 printf("{%ld, %ld}", (long)tv->tv_sec, tv->tv_usec); 1561 } 1562 1563 void 1564 ktritimerval(struct itimerval *it) 1565 { 1566 1567 printf("itimerval { .interval = "); 1568 ktrtimeval(&it->it_interval); 1569 printf(", .value = "); 1570 ktrtimeval(&it->it_value); 1571 printf(" }\n"); 1572 } 1573 1574 void 1575 ktrsockaddr(struct sockaddr *sa) 1576 { 1577 /* 1578 TODO: Support additional address families 1579 #include <netnatm/natm.h> 1580 struct sockaddr_natm *natm; 1581 #include <netsmb/netbios.h> 1582 struct sockaddr_nb *nb; 1583 */ 1584 char addr[64]; 1585 1586 /* 1587 * note: ktrstruct() has already verified that sa points to a 1588 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1589 * sa->sa_len bytes long. 1590 */ 1591 printf("struct sockaddr { "); 1592 sockfamilyname(sa->sa_family); 1593 printf(", "); 1594 1595 #define check_sockaddr_len(n) \ 1596 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1597 printf("invalid"); \ 1598 break; \ 1599 } 1600 1601 switch(sa->sa_family) { 1602 case AF_INET: { 1603 struct sockaddr_in sa_in; 1604 1605 memset(&sa_in, 0, sizeof(sa_in)); 1606 memcpy(&sa_in, sa, sa->sa_len); 1607 check_sockaddr_len(in); 1608 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1609 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1610 break; 1611 } 1612 case AF_INET6: { 1613 struct sockaddr_in6 sa_in6; 1614 1615 memset(&sa_in6, 0, sizeof(sa_in6)); 1616 memcpy(&sa_in6, sa, sa->sa_len); 1617 check_sockaddr_len(in6); 1618 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1619 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1620 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1621 break; 1622 } 1623 case AF_UNIX: { 1624 struct sockaddr_un sa_un; 1625 1626 memset(&sa_un, 0, sizeof(sa_un)); 1627 memcpy(&sa_un, sa, sa->sa_len); 1628 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1629 break; 1630 } 1631 default: 1632 printf("unknown address family"); 1633 } 1634 printf(" }\n"); 1635 } 1636 1637 void 1638 ktrstat(struct stat *statp) 1639 { 1640 char mode[12], timestr[PATH_MAX + 4]; 1641 struct passwd *pwd; 1642 struct group *grp; 1643 struct tm *tm; 1644 1645 /* 1646 * note: ktrstruct() has already verified that statp points to a 1647 * buffer exactly sizeof(struct stat) bytes long. 1648 */ 1649 printf("struct stat {"); 1650 printf("dev=%ju, ino=%ju, ", 1651 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); 1652 if (resolv == 0) 1653 printf("mode=0%jo, ", (uintmax_t)statp->st_mode); 1654 else { 1655 strmode(statp->st_mode, mode); 1656 printf("mode=%s, ", mode); 1657 } 1658 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); 1659 if (resolv == 0) { 1660 pwd = NULL; 1661 } else { 1662 #ifdef HAVE_LIBCASPER 1663 if (cappwd != NULL) 1664 pwd = cap_getpwuid(cappwd, statp->st_uid); 1665 else 1666 #endif 1667 pwd = getpwuid(statp->st_uid); 1668 } 1669 if (pwd == NULL) 1670 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1671 else 1672 printf("uid=\"%s\", ", pwd->pw_name); 1673 if (resolv == 0) { 1674 grp = NULL; 1675 } else { 1676 #ifdef HAVE_LIBCASPER 1677 if (capgrp != NULL) 1678 grp = cap_getgrgid(capgrp, statp->st_gid); 1679 else 1680 #endif 1681 grp = getgrgid(statp->st_gid); 1682 } 1683 if (grp == NULL) 1684 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1685 else 1686 printf("gid=\"%s\", ", grp->gr_name); 1687 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1688 printf("atime="); 1689 if (resolv == 0) 1690 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1691 else { 1692 tm = localtime(&statp->st_atim.tv_sec); 1693 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1694 printf("\"%s\"", timestr); 1695 } 1696 if (statp->st_atim.tv_nsec != 0) 1697 printf(".%09ld, ", statp->st_atim.tv_nsec); 1698 else 1699 printf(", "); 1700 printf("mtime="); 1701 if (resolv == 0) 1702 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1703 else { 1704 tm = localtime(&statp->st_mtim.tv_sec); 1705 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1706 printf("\"%s\"", timestr); 1707 } 1708 if (statp->st_mtim.tv_nsec != 0) 1709 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1710 else 1711 printf(", "); 1712 printf("ctime="); 1713 if (resolv == 0) 1714 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1715 else { 1716 tm = localtime(&statp->st_ctim.tv_sec); 1717 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1718 printf("\"%s\"", timestr); 1719 } 1720 if (statp->st_ctim.tv_nsec != 0) 1721 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1722 else 1723 printf(", "); 1724 printf("birthtime="); 1725 if (resolv == 0) 1726 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1727 else { 1728 tm = localtime(&statp->st_birthtim.tv_sec); 1729 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1730 printf("\"%s\"", timestr); 1731 } 1732 if (statp->st_birthtim.tv_nsec != 0) 1733 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1734 else 1735 printf(", "); 1736 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1737 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1738 (intmax_t)statp->st_blocks, statp->st_flags); 1739 printf(" }\n"); 1740 } 1741 1742 void 1743 ktrstruct(char *buf, size_t buflen) 1744 { 1745 char *name, *data; 1746 size_t namelen, datalen; 1747 int i; 1748 cap_rights_t rights; 1749 struct itimerval it; 1750 struct stat sb; 1751 struct sockaddr_storage ss; 1752 1753 for (name = buf, namelen = 0; 1754 namelen < buflen && name[namelen] != '\0'; 1755 ++namelen) 1756 /* nothing */; 1757 if (namelen == buflen) 1758 goto invalid; 1759 if (name[namelen] != '\0') 1760 goto invalid; 1761 data = buf + namelen + 1; 1762 datalen = buflen - namelen - 1; 1763 if (datalen == 0) 1764 goto invalid; 1765 /* sanity check */ 1766 for (i = 0; i < (int)namelen; ++i) 1767 if (!isalpha(name[i])) 1768 goto invalid; 1769 if (strcmp(name, "caprights") == 0) { 1770 if (datalen != sizeof(cap_rights_t)) 1771 goto invalid; 1772 memcpy(&rights, data, datalen); 1773 ktrcaprights(&rights); 1774 } else if (strcmp(name, "itimerval") == 0) { 1775 if (datalen != sizeof(struct itimerval)) 1776 goto invalid; 1777 memcpy(&it, data, datalen); 1778 ktritimerval(&it); 1779 } else if (strcmp(name, "stat") == 0) { 1780 if (datalen != sizeof(struct stat)) 1781 goto invalid; 1782 memcpy(&sb, data, datalen); 1783 ktrstat(&sb); 1784 } else if (strcmp(name, "sockaddr") == 0) { 1785 if (datalen > sizeof(ss)) 1786 goto invalid; 1787 memcpy(&ss, data, datalen); 1788 if (datalen != ss.ss_len) 1789 goto invalid; 1790 ktrsockaddr((struct sockaddr *)&ss); 1791 } else { 1792 printf("unknown structure\n"); 1793 } 1794 return; 1795 invalid: 1796 printf("invalid record\n"); 1797 } 1798 1799 void 1800 ktrcapfail(struct ktr_cap_fail *ktr) 1801 { 1802 switch (ktr->cap_type) { 1803 case CAPFAIL_NOTCAPABLE: 1804 /* operation on fd with insufficient capabilities */ 1805 printf("operation requires "); 1806 capname(&ktr->cap_needed); 1807 printf(", descriptor holds "); 1808 capname(&ktr->cap_held); 1809 break; 1810 case CAPFAIL_INCREASE: 1811 /* requested more capabilities than fd already has */ 1812 printf("attempt to increase capabilities from "); 1813 capname(&ktr->cap_held); 1814 printf(" to "); 1815 capname(&ktr->cap_needed); 1816 break; 1817 case CAPFAIL_SYSCALL: 1818 /* called restricted syscall */ 1819 printf("disallowed system call"); 1820 break; 1821 case CAPFAIL_LOOKUP: 1822 /* used ".." in strict-relative mode */ 1823 printf("restricted VFS lookup"); 1824 break; 1825 default: 1826 printf("unknown capability failure: "); 1827 capname(&ktr->cap_needed); 1828 printf(" "); 1829 capname(&ktr->cap_held); 1830 break; 1831 } 1832 printf("\n"); 1833 } 1834 1835 void 1836 ktrfault(struct ktr_fault *ktr) 1837 { 1838 1839 printf("0x%jx ", (uintmax_t)ktr->vaddr); 1840 vmprotname(ktr->type); 1841 printf("\n"); 1842 } 1843 1844 void 1845 ktrfaultend(struct ktr_faultend *ktr) 1846 { 1847 1848 vmresultname(ktr->result); 1849 printf("\n"); 1850 } 1851 1852 void 1853 usage(void) 1854 { 1855 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] " 1856 "[-m maxdata] [-p pid] [-t trstr]\n"); 1857 exit(1); 1858 } 1859