1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/capsicum.h> 50 #include <sys/errno.h> 51 #define _KERNEL 52 #include <sys/time.h> 53 #undef _KERNEL 54 #include <sys/uio.h> 55 #include <sys/ktrace.h> 56 #include <sys/ioctl.h> 57 #include <sys/socket.h> 58 #include <sys/stat.h> 59 #include <sys/sysent.h> 60 #include <sys/umtx.h> 61 #include <sys/un.h> 62 #include <sys/queue.h> 63 #include <sys/wait.h> 64 #include <arpa/inet.h> 65 #include <netinet/in.h> 66 #include <ctype.h> 67 #include <dlfcn.h> 68 #include <err.h> 69 #include <grp.h> 70 #include <inttypes.h> 71 #ifdef HAVE_LIBCAPSICUM 72 #include <libcapsicum.h> 73 #include <libcapsicum_grp.h> 74 #include <libcapsicum_pwd.h> 75 #include <libcapsicum_service.h> 76 #endif 77 #include <locale.h> 78 #include <netdb.h> 79 #include <nl_types.h> 80 #ifdef HAVE_LIBCAPSICUM 81 #include <nv.h> 82 #endif 83 #include <pwd.h> 84 #include <stdio.h> 85 #include <stdlib.h> 86 #include <string.h> 87 #include <termios.h> 88 #include <time.h> 89 #include <unistd.h> 90 #include <vis.h> 91 #include "ktrace.h" 92 #include "kdump_subr.h" 93 94 u_int abidump(struct ktr_header *); 95 int fetchprocinfo(struct ktr_header *, u_int *); 96 int fread_tail(void *, int, int); 97 void dumpheader(struct ktr_header *); 98 void ktrsyscall(struct ktr_syscall *, u_int); 99 void ktrsysret(struct ktr_sysret *, u_int); 100 void ktrnamei(char *, int); 101 void hexdump(char *, int, int); 102 void visdump(char *, int, int); 103 void ktrgenio(struct ktr_genio *, int); 104 void ktrpsig(struct ktr_psig *); 105 void ktrcsw(struct ktr_csw *); 106 void ktrcsw_old(struct ktr_csw_old *); 107 void ktruser_malloc(void *); 108 void ktruser_rtld(int, void *); 109 void ktruser(int, void *); 110 void ktrcaprights(cap_rights_t *); 111 void ktrsockaddr(struct sockaddr *); 112 void ktrstat(struct stat *); 113 void ktrstruct(char *, size_t); 114 void ktrcapfail(struct ktr_cap_fail *); 115 void ktrfault(struct ktr_fault *); 116 void ktrfaultend(struct ktr_faultend *); 117 void limitfd(int fd); 118 void usage(void); 119 void ioctlname(unsigned long, int); 120 121 #define TIMESTAMP_NONE 0x0 122 #define TIMESTAMP_ABSOLUTE 0x1 123 #define TIMESTAMP_ELAPSED 0x2 124 #define TIMESTAMP_RELATIVE 0x4 125 126 extern const char *signames[], *syscallnames[]; 127 extern int nsyscalls; 128 129 static int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 130 resolv = 0, abiflag = 0, syscallno = 0; 131 static const char *tracefile = DEF_TRACEFILE; 132 static struct ktr_header ktr_header; 133 134 #define TIME_FORMAT "%b %e %T %Y" 135 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 136 137 #define print_number(i,n,c) do { \ 138 if (decimal) \ 139 printf("%c%jd", c, (intmax_t)*i); \ 140 else \ 141 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 142 i++; \ 143 n--; \ 144 c = ','; \ 145 } while (0) 146 147 #if defined(__amd64__) || defined(__i386__) 148 149 void linux_ktrsyscall(struct ktr_syscall *); 150 void linux_ktrsysret(struct ktr_sysret *); 151 extern const char *linux_syscallnames[]; 152 153 #include <linux_syscalls.c> 154 static int nlinux_syscalls = sizeof(linux_syscallnames) / \ 155 sizeof(linux_syscallnames[0]); 156 157 /* 158 * from linux.h 159 * Linux syscalls return negative errno's, we do positive and map them 160 */ 161 static int bsd_to_linux_errno[ELAST + 1] = { 162 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 163 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 164 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 165 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 166 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 167 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 168 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 169 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 170 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 171 -72, -67, -71 172 }; 173 #endif 174 175 struct proc_info 176 { 177 TAILQ_ENTRY(proc_info) info; 178 u_int sv_flags; 179 pid_t pid; 180 }; 181 182 static TAILQ_HEAD(trace_procs, proc_info) trace_procs; 183 184 #ifdef HAVE_LIBCAPSICUM 185 static cap_channel_t *cappwd, *capgrp; 186 #endif 187 188 static void 189 strerror_init(void) 190 { 191 192 /* 193 * Cache NLS data before entering capability mode. 194 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 195 */ 196 (void)catopen("libc", NL_CAT_LOCALE); 197 } 198 199 static void 200 localtime_init(void) 201 { 202 time_t ltime; 203 204 /* 205 * Allow localtime(3) to cache /etc/localtime content before entering 206 * capability mode. 207 * XXXPJD: There should be localtime_init() in libc. 208 */ 209 (void)time(<ime); 210 (void)localtime(<ime); 211 } 212 213 #ifdef HAVE_LIBCAPSICUM 214 static int 215 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp) 216 { 217 cap_channel_t *capcas, *cappwdloc, *capgrploc; 218 const char *cmds[1], *fields[1]; 219 220 capcas = cap_init(); 221 if (capcas == NULL) { 222 warn("unable to contact casperd"); 223 return (-1); 224 } 225 cappwdloc = cap_service_open(capcas, "system.pwd"); 226 capgrploc = cap_service_open(capcas, "system.grp"); 227 /* Casper capability no longer needed. */ 228 cap_close(capcas); 229 if (cappwdloc == NULL || capgrploc == NULL) { 230 if (cappwdloc == NULL) 231 warn("unable to open system.pwd service"); 232 if (capgrploc == NULL) 233 warn("unable to open system.grp service"); 234 exit(1); 235 } 236 /* Limit system.pwd to only getpwuid() function and pw_name field. */ 237 cmds[0] = "getpwuid"; 238 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0) 239 err(1, "unable to limit system.pwd service"); 240 fields[0] = "pw_name"; 241 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0) 242 err(1, "unable to limit system.pwd service"); 243 /* Limit system.grp to only getgrgid() function and gr_name field. */ 244 cmds[0] = "getgrgid"; 245 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0) 246 err(1, "unable to limit system.grp service"); 247 fields[0] = "gr_name"; 248 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0) 249 err(1, "unable to limit system.grp service"); 250 251 *cappwdp = cappwdloc; 252 *capgrpp = capgrploc; 253 return (0); 254 } 255 #endif /* HAVE_LIBCAPSICUM */ 256 257 int 258 main(int argc, char *argv[]) 259 { 260 int ch, ktrlen, size; 261 void *m; 262 int trpoints = ALL_POINTS; 263 int drop_logged; 264 pid_t pid = 0; 265 u_int sv_flags; 266 267 setlocale(LC_CTYPE, ""); 268 269 timestamp = TIMESTAMP_NONE; 270 271 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1) 272 switch (ch) { 273 case 'A': 274 abiflag = 1; 275 break; 276 case 'f': 277 tracefile = optarg; 278 break; 279 case 'd': 280 decimal = 1; 281 break; 282 case 'l': 283 tail = 1; 284 break; 285 case 'm': 286 maxdata = atoi(optarg); 287 break; 288 case 'n': 289 fancy = 0; 290 break; 291 case 'p': 292 pid = atoi(optarg); 293 break; 294 case 'r': 295 resolv = 1; 296 break; 297 case 'S': 298 syscallno = 1; 299 break; 300 case 's': 301 suppressdata = 1; 302 break; 303 case 'E': 304 timestamp |= TIMESTAMP_ELAPSED; 305 break; 306 case 'H': 307 threads = 1; 308 break; 309 case 'R': 310 timestamp |= TIMESTAMP_RELATIVE; 311 break; 312 case 'T': 313 timestamp |= TIMESTAMP_ABSOLUTE; 314 break; 315 case 't': 316 trpoints = getpoints(optarg); 317 if (trpoints < 0) 318 errx(1, "unknown trace point in %s", optarg); 319 break; 320 default: 321 usage(); 322 } 323 324 if (argc > optind) 325 usage(); 326 327 m = malloc(size = 1025); 328 if (m == NULL) 329 errx(1, "%s", strerror(ENOMEM)); 330 if (!freopen(tracefile, "r", stdin)) 331 err(1, "%s", tracefile); 332 333 strerror_init(); 334 localtime_init(); 335 #ifdef HAVE_LIBCAPSICUM 336 if (resolv != 0) { 337 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) { 338 cappwd = NULL; 339 capgrp = NULL; 340 } 341 } 342 if (resolv == 0 || (cappwd != NULL && capgrp != NULL)) { 343 if (cap_enter() < 0 && errno != ENOSYS) 344 err(1, "unable to enter capability mode"); 345 } 346 #else 347 if (resolv == 0) { 348 if (cap_enter() < 0 && errno != ENOSYS) 349 err(1, "unable to enter capability mode"); 350 } 351 #endif 352 limitfd(STDIN_FILENO); 353 limitfd(STDOUT_FILENO); 354 limitfd(STDERR_FILENO); 355 if (cap_sandboxed()) 356 fprintf(stderr, "capability mode sandbox enabled\n"); 357 358 TAILQ_INIT(&trace_procs); 359 drop_logged = 0; 360 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 361 if (ktr_header.ktr_type & KTR_DROP) { 362 ktr_header.ktr_type &= ~KTR_DROP; 363 if (!drop_logged && threads) { 364 printf( 365 "%6jd %6jd %-8.*s Events dropped.\n", 366 (intmax_t)ktr_header.ktr_pid, 367 ktr_header.ktr_tid > 0 ? 368 (intmax_t)ktr_header.ktr_tid : 0, 369 MAXCOMLEN, ktr_header.ktr_comm); 370 drop_logged = 1; 371 } else if (!drop_logged) { 372 printf("%6jd %-8.*s Events dropped.\n", 373 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 374 ktr_header.ktr_comm); 375 drop_logged = 1; 376 } 377 } 378 if (trpoints & (1<<ktr_header.ktr_type)) 379 if (pid == 0 || ktr_header.ktr_pid == pid || 380 ktr_header.ktr_tid == pid) 381 dumpheader(&ktr_header); 382 if ((ktrlen = ktr_header.ktr_len) < 0) 383 errx(1, "bogus length 0x%x", ktrlen); 384 if (ktrlen > size) { 385 m = realloc(m, ktrlen+1); 386 if (m == NULL) 387 errx(1, "%s", strerror(ENOMEM)); 388 size = ktrlen; 389 } 390 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 391 errx(1, "data too short"); 392 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 393 continue; 394 sv_flags = abidump(&ktr_header); 395 if (pid && ktr_header.ktr_pid != pid && 396 ktr_header.ktr_tid != pid) 397 continue; 398 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 399 continue; 400 drop_logged = 0; 401 switch (ktr_header.ktr_type) { 402 case KTR_SYSCALL: 403 #if defined(__amd64__) || defined(__i386__) 404 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 405 linux_ktrsyscall((struct ktr_syscall *)m); 406 else 407 #endif 408 ktrsyscall((struct ktr_syscall *)m, sv_flags); 409 break; 410 case KTR_SYSRET: 411 #if defined(__amd64__) || defined(__i386__) 412 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 413 linux_ktrsysret((struct ktr_sysret *)m); 414 else 415 #endif 416 ktrsysret((struct ktr_sysret *)m, sv_flags); 417 break; 418 case KTR_NAMEI: 419 case KTR_SYSCTL: 420 ktrnamei(m, ktrlen); 421 break; 422 case KTR_GENIO: 423 ktrgenio((struct ktr_genio *)m, ktrlen); 424 break; 425 case KTR_PSIG: 426 ktrpsig((struct ktr_psig *)m); 427 break; 428 case KTR_CSW: 429 if (ktrlen == sizeof(struct ktr_csw_old)) 430 ktrcsw_old((struct ktr_csw_old *)m); 431 else 432 ktrcsw((struct ktr_csw *)m); 433 break; 434 case KTR_USER: 435 ktruser(ktrlen, m); 436 break; 437 case KTR_STRUCT: 438 ktrstruct(m, ktrlen); 439 break; 440 case KTR_CAPFAIL: 441 ktrcapfail((struct ktr_cap_fail *)m); 442 break; 443 case KTR_FAULT: 444 ktrfault((struct ktr_fault *)m); 445 break; 446 case KTR_FAULTEND: 447 ktrfaultend((struct ktr_faultend *)m); 448 break; 449 default: 450 printf("\n"); 451 break; 452 } 453 if (tail) 454 fflush(stdout); 455 } 456 return 0; 457 } 458 459 void 460 limitfd(int fd) 461 { 462 cap_rights_t rights; 463 unsigned long cmd; 464 465 cap_rights_init(&rights, CAP_FSTAT); 466 cmd = 0; 467 468 switch (fd) { 469 case STDIN_FILENO: 470 cap_rights_set(&rights, CAP_READ); 471 break; 472 case STDOUT_FILENO: 473 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE); 474 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 475 break; 476 case STDERR_FILENO: 477 cap_rights_set(&rights, CAP_WRITE); 478 if (!suppressdata) { 479 cap_rights_set(&rights, CAP_IOCTL); 480 cmd = TIOCGWINSZ; 481 } 482 break; 483 default: 484 abort(); 485 } 486 487 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) 488 err(1, "unable to limit rights for descriptor %d", fd); 489 if (cmd != 0 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 490 err(1, "unable to limit ioctls for descriptor %d", fd); 491 } 492 493 int 494 fread_tail(void *buf, int size, int num) 495 { 496 int i; 497 498 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 499 sleep(1); 500 clearerr(stdin); 501 } 502 return (i); 503 } 504 505 int 506 fetchprocinfo(struct ktr_header *kth, u_int *flags) 507 { 508 struct proc_info *pi; 509 510 switch (kth->ktr_type) { 511 case KTR_PROCCTOR: 512 TAILQ_FOREACH(pi, &trace_procs, info) { 513 if (pi->pid == kth->ktr_pid) { 514 TAILQ_REMOVE(&trace_procs, pi, info); 515 break; 516 } 517 } 518 pi = malloc(sizeof(struct proc_info)); 519 if (pi == NULL) 520 errx(1, "%s", strerror(ENOMEM)); 521 pi->sv_flags = *flags; 522 pi->pid = kth->ktr_pid; 523 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 524 return (1); 525 526 case KTR_PROCDTOR: 527 TAILQ_FOREACH(pi, &trace_procs, info) { 528 if (pi->pid == kth->ktr_pid) { 529 TAILQ_REMOVE(&trace_procs, pi, info); 530 free(pi); 531 break; 532 } 533 } 534 return (1); 535 } 536 537 return (0); 538 } 539 540 u_int 541 abidump(struct ktr_header *kth) 542 { 543 struct proc_info *pi; 544 const char *abi; 545 const char *arch; 546 u_int flags = 0; 547 548 TAILQ_FOREACH(pi, &trace_procs, info) { 549 if (pi->pid == kth->ktr_pid) { 550 flags = pi->sv_flags; 551 break; 552 } 553 } 554 555 if (abiflag == 0) 556 return (flags); 557 558 switch (flags & SV_ABI_MASK) { 559 case SV_ABI_LINUX: 560 abi = "L"; 561 break; 562 case SV_ABI_FREEBSD: 563 abi = "F"; 564 break; 565 default: 566 abi = "U"; 567 break; 568 } 569 570 if (flags != 0) { 571 if (flags & SV_LP64) 572 arch = "64"; 573 else 574 arch = "32"; 575 } else 576 arch = "00"; 577 578 printf("%s%s ", abi, arch); 579 580 return (flags); 581 } 582 583 void 584 dumpheader(struct ktr_header *kth) 585 { 586 static char unknown[64]; 587 static struct timeval prevtime, prevtime_e, temp; 588 const char *type; 589 const char *sign; 590 591 switch (kth->ktr_type) { 592 case KTR_SYSCALL: 593 type = "CALL"; 594 break; 595 case KTR_SYSRET: 596 type = "RET "; 597 break; 598 case KTR_NAMEI: 599 type = "NAMI"; 600 break; 601 case KTR_GENIO: 602 type = "GIO "; 603 break; 604 case KTR_PSIG: 605 type = "PSIG"; 606 break; 607 case KTR_CSW: 608 type = "CSW "; 609 break; 610 case KTR_USER: 611 type = "USER"; 612 break; 613 case KTR_STRUCT: 614 type = "STRU"; 615 break; 616 case KTR_SYSCTL: 617 type = "SCTL"; 618 break; 619 case KTR_PROCCTOR: 620 /* FALLTHROUGH */ 621 case KTR_PROCDTOR: 622 return; 623 case KTR_CAPFAIL: 624 type = "CAP "; 625 break; 626 case KTR_FAULT: 627 type = "PFLT"; 628 break; 629 case KTR_FAULTEND: 630 type = "PRET"; 631 break; 632 default: 633 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 634 type = unknown; 635 } 636 637 /* 638 * The ktr_tid field was previously the ktr_buffer field, which held 639 * the kernel pointer value for the buffer associated with data 640 * following the record header. It now holds a threadid, but only 641 * for trace files after the change. Older trace files still contain 642 * kernel pointers. Detect this and suppress the results by printing 643 * negative tid's as 0. 644 */ 645 if (threads) 646 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 647 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 648 MAXCOMLEN, kth->ktr_comm); 649 else 650 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 651 kth->ktr_comm); 652 if (timestamp) { 653 if (timestamp & TIMESTAMP_ABSOLUTE) { 654 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 655 kth->ktr_time.tv_usec); 656 } 657 if (timestamp & TIMESTAMP_ELAPSED) { 658 if (prevtime_e.tv_sec == 0) 659 prevtime_e = kth->ktr_time; 660 timevalsub(&kth->ktr_time, &prevtime_e); 661 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 662 kth->ktr_time.tv_usec); 663 timevaladd(&kth->ktr_time, &prevtime_e); 664 } 665 if (timestamp & TIMESTAMP_RELATIVE) { 666 if (prevtime.tv_sec == 0) 667 prevtime = kth->ktr_time; 668 temp = kth->ktr_time; 669 timevalsub(&kth->ktr_time, &prevtime); 670 if ((intmax_t)kth->ktr_time.tv_sec < 0) { 671 kth->ktr_time = prevtime; 672 prevtime = temp; 673 timevalsub(&kth->ktr_time, &prevtime); 674 sign = "-"; 675 } else { 676 prevtime = temp; 677 sign = ""; 678 } 679 printf("%s%jd.%06ld ", sign, (intmax_t)kth->ktr_time.tv_sec, 680 kth->ktr_time.tv_usec); 681 } 682 } 683 printf("%s ", type); 684 } 685 686 #include <sys/syscall.h> 687 #define KTRACE 688 #include <sys/kern/syscalls.c> 689 #undef KTRACE 690 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 691 692 void 693 ktrsyscall(struct ktr_syscall *ktr, u_int flags) 694 { 695 int narg = ktr->ktr_narg; 696 register_t *ip; 697 intmax_t arg; 698 699 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 700 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 701 printf("[%d]", ktr->ktr_code); 702 else { 703 printf("%s", syscallnames[ktr->ktr_code]); 704 if (syscallno) 705 printf("[%d]", ktr->ktr_code); 706 } 707 ip = &ktr->ktr_args[0]; 708 if (narg) { 709 char c = '('; 710 if (fancy && 711 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 712 switch (ktr->ktr_code) { 713 case SYS_bindat: 714 case SYS_connectat: 715 case SYS_faccessat: 716 case SYS_fchmodat: 717 case SYS_fchownat: 718 case SYS_fstatat: 719 case SYS_futimesat: 720 case SYS_linkat: 721 case SYS_mkdirat: 722 case SYS_mkfifoat: 723 case SYS_mknodat: 724 case SYS_openat: 725 case SYS_readlinkat: 726 case SYS_renameat: 727 case SYS_unlinkat: 728 case SYS_utimensat: 729 putchar('('); 730 atfdname(*ip, decimal); 731 c = ','; 732 ip++; 733 narg--; 734 break; 735 } 736 switch (ktr->ktr_code) { 737 case SYS_ioctl: { 738 print_number(ip, narg, c); 739 putchar(c); 740 ioctlname(*ip, decimal); 741 c = ','; 742 ip++; 743 narg--; 744 break; 745 } 746 case SYS_ptrace: 747 putchar('('); 748 ptraceopname(*ip); 749 c = ','; 750 ip++; 751 narg--; 752 break; 753 case SYS_access: 754 case SYS_eaccess: 755 case SYS_faccessat: 756 print_number(ip, narg, c); 757 putchar(','); 758 accessmodename(*ip); 759 ip++; 760 narg--; 761 break; 762 case SYS_open: 763 case SYS_openat: 764 print_number(ip, narg, c); 765 putchar(','); 766 flagsandmodename(ip[0], ip[1], decimal); 767 ip += 2; 768 narg -= 2; 769 break; 770 case SYS_wait4: 771 print_number(ip, narg, c); 772 print_number(ip, narg, c); 773 /* 774 * A flags value of zero is valid for 775 * wait4() but not for wait6(), so 776 * handle zero special here. 777 */ 778 if (*ip == 0) { 779 print_number(ip, narg, c); 780 } else { 781 putchar(','); 782 wait6optname(*ip); 783 ip++; 784 narg--; 785 } 786 break; 787 case SYS_wait6: 788 putchar('('); 789 idtypename(*ip, decimal); 790 c = ','; 791 ip++; 792 narg--; 793 print_number(ip, narg, c); 794 print_number(ip, narg, c); 795 putchar(','); 796 wait6optname(*ip); 797 ip++; 798 narg--; 799 break; 800 case SYS_chmod: 801 case SYS_fchmod: 802 case SYS_lchmod: 803 print_number(ip, narg, c); 804 putchar(','); 805 modename(*ip); 806 ip++; 807 narg--; 808 break; 809 case SYS_mknod: 810 case SYS_mknodat: 811 print_number(ip, narg, c); 812 putchar(','); 813 modename(*ip); 814 ip++; 815 narg--; 816 break; 817 case SYS_getfsstat: 818 print_number(ip, narg, c); 819 print_number(ip, narg, c); 820 putchar(','); 821 getfsstatflagsname(*ip); 822 ip++; 823 narg--; 824 break; 825 case SYS_mount: 826 print_number(ip, narg, c); 827 print_number(ip, narg, c); 828 putchar(','); 829 mountflagsname(*ip); 830 ip++; 831 narg--; 832 break; 833 case SYS_unmount: 834 print_number(ip, narg, c); 835 putchar(','); 836 mountflagsname(*ip); 837 ip++; 838 narg--; 839 break; 840 case SYS_recvmsg: 841 case SYS_sendmsg: 842 print_number(ip, narg, c); 843 print_number(ip, narg, c); 844 putchar(','); 845 sendrecvflagsname(*ip); 846 ip++; 847 narg--; 848 break; 849 case SYS_recvfrom: 850 case SYS_sendto: 851 print_number(ip, narg, c); 852 print_number(ip, narg, c); 853 print_number(ip, narg, c); 854 putchar(','); 855 sendrecvflagsname(*ip); 856 ip++; 857 narg--; 858 break; 859 case SYS_chflags: 860 case SYS_fchflags: 861 case SYS_lchflags: 862 print_number(ip, narg, c); 863 putchar(','); 864 modename(*ip); 865 ip++; 866 narg--; 867 break; 868 case SYS_kill: 869 print_number(ip, narg, c); 870 putchar(','); 871 signame(*ip); 872 ip++; 873 narg--; 874 break; 875 case SYS_reboot: 876 putchar('('); 877 rebootoptname(*ip); 878 ip++; 879 narg--; 880 break; 881 case SYS_umask: 882 putchar('('); 883 modename(*ip); 884 ip++; 885 narg--; 886 break; 887 case SYS_msync: 888 print_number(ip, narg, c); 889 print_number(ip, narg, c); 890 putchar(','); 891 msyncflagsname(*ip); 892 ip++; 893 narg--; 894 break; 895 #ifdef SYS_freebsd6_mmap 896 case SYS_freebsd6_mmap: 897 print_number(ip, narg, c); 898 print_number(ip, narg, c); 899 putchar(','); 900 mmapprotname(*ip); 901 putchar(','); 902 ip++; 903 narg--; 904 mmapflagsname(*ip); 905 ip++; 906 narg--; 907 break; 908 #endif 909 case SYS_mmap: 910 print_number(ip, narg, c); 911 print_number(ip, narg, c); 912 putchar(','); 913 mmapprotname(*ip); 914 putchar(','); 915 ip++; 916 narg--; 917 mmapflagsname(*ip); 918 ip++; 919 narg--; 920 break; 921 case SYS_mprotect: 922 print_number(ip, narg, c); 923 print_number(ip, narg, c); 924 putchar(','); 925 mmapprotname(*ip); 926 ip++; 927 narg--; 928 break; 929 case SYS_madvise: 930 print_number(ip, narg, c); 931 print_number(ip, narg, c); 932 putchar(','); 933 madvisebehavname(*ip); 934 ip++; 935 narg--; 936 break; 937 case SYS_setpriority: 938 print_number(ip, narg, c); 939 print_number(ip, narg, c); 940 putchar(','); 941 prioname(*ip); 942 ip++; 943 narg--; 944 break; 945 case SYS_fcntl: 946 print_number(ip, narg, c); 947 putchar(','); 948 fcntlcmdname(ip[0], ip[1], decimal); 949 ip += 2; 950 narg -= 2; 951 break; 952 case SYS_socket: { 953 int sockdomain; 954 putchar('('); 955 sockdomain = *ip; 956 sockdomainname(sockdomain); 957 ip++; 958 narg--; 959 putchar(','); 960 socktypenamewithflags(*ip); 961 ip++; 962 narg--; 963 if (sockdomain == PF_INET || 964 sockdomain == PF_INET6) { 965 putchar(','); 966 sockipprotoname(*ip); 967 ip++; 968 narg--; 969 } 970 c = ','; 971 break; 972 } 973 case SYS_setsockopt: 974 case SYS_getsockopt: 975 print_number(ip, narg, c); 976 putchar(','); 977 sockoptlevelname(*ip, decimal); 978 if (*ip == SOL_SOCKET) { 979 ip++; 980 narg--; 981 putchar(','); 982 sockoptname(*ip); 983 } 984 ip++; 985 narg--; 986 break; 987 #ifdef SYS_freebsd6_lseek 988 case SYS_freebsd6_lseek: 989 print_number(ip, narg, c); 990 /* Hidden 'pad' argument, not in lseek(2) */ 991 print_number(ip, narg, c); 992 print_number(ip, narg, c); 993 putchar(','); 994 whencename(*ip); 995 ip++; 996 narg--; 997 break; 998 #endif 999 case SYS_lseek: 1000 print_number(ip, narg, c); 1001 /* Hidden 'pad' argument, not in lseek(2) */ 1002 print_number(ip, narg, c); 1003 putchar(','); 1004 whencename(*ip); 1005 ip++; 1006 narg--; 1007 break; 1008 case SYS_flock: 1009 print_number(ip, narg, c); 1010 putchar(','); 1011 flockname(*ip); 1012 ip++; 1013 narg--; 1014 break; 1015 case SYS_mkfifo: 1016 case SYS_mkfifoat: 1017 case SYS_mkdir: 1018 case SYS_mkdirat: 1019 print_number(ip, narg, c); 1020 putchar(','); 1021 modename(*ip); 1022 ip++; 1023 narg--; 1024 break; 1025 case SYS_shutdown: 1026 print_number(ip, narg, c); 1027 putchar(','); 1028 shutdownhowname(*ip); 1029 ip++; 1030 narg--; 1031 break; 1032 case SYS_socketpair: 1033 putchar('('); 1034 sockdomainname(*ip); 1035 ip++; 1036 narg--; 1037 putchar(','); 1038 socktypenamewithflags(*ip); 1039 ip++; 1040 narg--; 1041 c = ','; 1042 break; 1043 case SYS_getrlimit: 1044 case SYS_setrlimit: 1045 putchar('('); 1046 rlimitname(*ip); 1047 ip++; 1048 narg--; 1049 c = ','; 1050 break; 1051 case SYS_quotactl: 1052 print_number(ip, narg, c); 1053 putchar(','); 1054 quotactlname(*ip); 1055 ip++; 1056 narg--; 1057 c = ','; 1058 break; 1059 case SYS_nfssvc: 1060 putchar('('); 1061 nfssvcname(*ip); 1062 ip++; 1063 narg--; 1064 c = ','; 1065 break; 1066 case SYS_rtprio: 1067 putchar('('); 1068 rtprioname(*ip); 1069 ip++; 1070 narg--; 1071 c = ','; 1072 break; 1073 case SYS___semctl: 1074 print_number(ip, narg, c); 1075 print_number(ip, narg, c); 1076 putchar(','); 1077 semctlname(*ip); 1078 ip++; 1079 narg--; 1080 break; 1081 case SYS_semget: 1082 print_number(ip, narg, c); 1083 print_number(ip, narg, c); 1084 putchar(','); 1085 semgetname(*ip); 1086 ip++; 1087 narg--; 1088 break; 1089 case SYS_msgctl: 1090 print_number(ip, narg, c); 1091 putchar(','); 1092 shmctlname(*ip); 1093 ip++; 1094 narg--; 1095 break; 1096 case SYS_shmat: 1097 print_number(ip, narg, c); 1098 print_number(ip, narg, c); 1099 putchar(','); 1100 shmatname(*ip); 1101 ip++; 1102 narg--; 1103 break; 1104 case SYS_shmctl: 1105 print_number(ip, narg, c); 1106 putchar(','); 1107 shmctlname(*ip); 1108 ip++; 1109 narg--; 1110 break; 1111 case SYS_shm_open: 1112 print_number(ip, narg, c); 1113 putchar(','); 1114 flagsname(ip[0]); 1115 printf(",0%o", (unsigned int)ip[1]); 1116 ip += 3; 1117 narg -= 3; 1118 break; 1119 case SYS_minherit: 1120 print_number(ip, narg, c); 1121 print_number(ip, narg, c); 1122 putchar(','); 1123 minheritname(*ip); 1124 ip++; 1125 narg--; 1126 break; 1127 case SYS_rfork: 1128 putchar('('); 1129 rforkname(*ip); 1130 ip++; 1131 narg--; 1132 c = ','; 1133 break; 1134 case SYS_lio_listio: 1135 putchar('('); 1136 lio_listioname(*ip); 1137 ip++; 1138 narg--; 1139 c = ','; 1140 break; 1141 case SYS_mlockall: 1142 putchar('('); 1143 mlockallname(*ip); 1144 ip++; 1145 narg--; 1146 break; 1147 case SYS_sched_setscheduler: 1148 print_number(ip, narg, c); 1149 putchar(','); 1150 schedpolicyname(*ip); 1151 ip++; 1152 narg--; 1153 break; 1154 case SYS_sched_get_priority_max: 1155 case SYS_sched_get_priority_min: 1156 putchar('('); 1157 schedpolicyname(*ip); 1158 ip++; 1159 narg--; 1160 break; 1161 case SYS_sendfile: 1162 print_number(ip, narg, c); 1163 print_number(ip, narg, c); 1164 print_number(ip, narg, c); 1165 print_number(ip, narg, c); 1166 print_number(ip, narg, c); 1167 print_number(ip, narg, c); 1168 putchar(','); 1169 sendfileflagsname(*(int *)ip); 1170 ip++; 1171 narg--; 1172 break; 1173 case SYS_kldsym: 1174 print_number(ip, narg, c); 1175 putchar(','); 1176 kldsymcmdname(*ip); 1177 ip++; 1178 narg--; 1179 break; 1180 case SYS_sigprocmask: 1181 putchar('('); 1182 sigprocmaskhowname(*ip); 1183 ip++; 1184 narg--; 1185 c = ','; 1186 break; 1187 case SYS___acl_get_file: 1188 case SYS___acl_set_file: 1189 case SYS___acl_get_fd: 1190 case SYS___acl_set_fd: 1191 case SYS___acl_delete_file: 1192 case SYS___acl_delete_fd: 1193 case SYS___acl_aclcheck_file: 1194 case SYS___acl_aclcheck_fd: 1195 case SYS___acl_get_link: 1196 case SYS___acl_set_link: 1197 case SYS___acl_delete_link: 1198 case SYS___acl_aclcheck_link: 1199 print_number(ip, narg, c); 1200 putchar(','); 1201 acltypename(*ip); 1202 ip++; 1203 narg--; 1204 break; 1205 case SYS_sigaction: 1206 putchar('('); 1207 signame(*ip); 1208 ip++; 1209 narg--; 1210 c = ','; 1211 break; 1212 case SYS_extattrctl: 1213 print_number(ip, narg, c); 1214 putchar(','); 1215 extattrctlname(*ip); 1216 ip++; 1217 narg--; 1218 break; 1219 case SYS_nmount: 1220 print_number(ip, narg, c); 1221 print_number(ip, narg, c); 1222 putchar(','); 1223 mountflagsname(*ip); 1224 ip++; 1225 narg--; 1226 break; 1227 case SYS_thr_create: 1228 print_number(ip, narg, c); 1229 print_number(ip, narg, c); 1230 putchar(','); 1231 thrcreateflagsname(*ip); 1232 ip++; 1233 narg--; 1234 break; 1235 case SYS_thr_kill: 1236 print_number(ip, narg, c); 1237 putchar(','); 1238 signame(*ip); 1239 ip++; 1240 narg--; 1241 break; 1242 case SYS_kldunloadf: 1243 print_number(ip, narg, c); 1244 putchar(','); 1245 kldunloadfflagsname(*ip); 1246 ip++; 1247 narg--; 1248 break; 1249 case SYS_linkat: 1250 case SYS_renameat: 1251 case SYS_symlinkat: 1252 print_number(ip, narg, c); 1253 putchar(','); 1254 atfdname(*ip, decimal); 1255 ip++; 1256 narg--; 1257 break; 1258 case SYS_cap_fcntls_limit: 1259 print_number(ip, narg, c); 1260 putchar(','); 1261 arg = *ip; 1262 ip++; 1263 narg--; 1264 capfcntlname(arg); 1265 break; 1266 case SYS_posix_fadvise: 1267 print_number(ip, narg, c); 1268 print_number(ip, narg, c); 1269 print_number(ip, narg, c); 1270 (void)putchar(','); 1271 fadvisebehavname((int)*ip); 1272 ip++; 1273 narg--; 1274 break; 1275 case SYS_procctl: 1276 putchar('('); 1277 idtypename(*ip, decimal); 1278 c = ','; 1279 ip++; 1280 narg--; 1281 print_number(ip, narg, c); 1282 putchar(','); 1283 procctlcmdname(*ip); 1284 ip++; 1285 narg--; 1286 break; 1287 case SYS__umtx_op: 1288 print_number(ip, narg, c); 1289 putchar(','); 1290 umtxopname(*ip); 1291 switch (*ip) { 1292 case UMTX_OP_CV_WAIT: 1293 ip++; 1294 narg--; 1295 putchar(','); 1296 umtxcvwaitflags(*ip); 1297 break; 1298 case UMTX_OP_RW_RDLOCK: 1299 ip++; 1300 narg--; 1301 putchar(','); 1302 umtxrwlockflags(*ip); 1303 break; 1304 } 1305 ip++; 1306 narg--; 1307 } 1308 } 1309 while (narg > 0) { 1310 print_number(ip, narg, c); 1311 } 1312 putchar(')'); 1313 } 1314 putchar('\n'); 1315 } 1316 1317 void 1318 ktrsysret(struct ktr_sysret *ktr, u_int flags) 1319 { 1320 register_t ret = ktr->ktr_retval; 1321 int error = ktr->ktr_error; 1322 int code = ktr->ktr_code; 1323 1324 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1325 (code >= nsyscalls || code < 0)) 1326 printf("[%d] ", code); 1327 else { 1328 printf("%s", syscallnames[code]); 1329 if (syscallno) 1330 printf("[%d]", code); 1331 printf(" "); 1332 } 1333 1334 if (error == 0) { 1335 if (fancy) { 1336 printf("%ld", (long)ret); 1337 if (ret < 0 || ret > 9) 1338 printf("/%#lx", (unsigned long)ret); 1339 } else { 1340 if (decimal) 1341 printf("%ld", (long)ret); 1342 else 1343 printf("%#lx", (unsigned long)ret); 1344 } 1345 } else if (error == ERESTART) 1346 printf("RESTART"); 1347 else if (error == EJUSTRETURN) 1348 printf("JUSTRETURN"); 1349 else { 1350 printf("-1 errno %d", ktr->ktr_error); 1351 if (fancy) 1352 printf(" %s", strerror(ktr->ktr_error)); 1353 } 1354 putchar('\n'); 1355 } 1356 1357 void 1358 ktrnamei(char *cp, int len) 1359 { 1360 printf("\"%.*s\"\n", len, cp); 1361 } 1362 1363 void 1364 hexdump(char *p, int len, int screenwidth) 1365 { 1366 int n, i; 1367 int width; 1368 1369 width = 0; 1370 do { 1371 width += 2; 1372 i = 13; /* base offset */ 1373 i += (width / 2) + 1; /* spaces every second byte */ 1374 i += (width * 2); /* width of bytes */ 1375 i += 3; /* " |" */ 1376 i += width; /* each byte */ 1377 i += 1; /* "|" */ 1378 } while (i < screenwidth); 1379 width -= 2; 1380 1381 for (n = 0; n < len; n += width) { 1382 for (i = n; i < n + width; i++) { 1383 if ((i % width) == 0) { /* beginning of line */ 1384 printf(" 0x%04x", i); 1385 } 1386 if ((i % 2) == 0) { 1387 printf(" "); 1388 } 1389 if (i < len) 1390 printf("%02x", p[i] & 0xff); 1391 else 1392 printf(" "); 1393 } 1394 printf(" |"); 1395 for (i = n; i < n + width; i++) { 1396 if (i >= len) 1397 break; 1398 if (p[i] >= ' ' && p[i] <= '~') 1399 printf("%c", p[i]); 1400 else 1401 printf("."); 1402 } 1403 printf("|\n"); 1404 } 1405 if ((i % width) != 0) 1406 printf("\n"); 1407 } 1408 1409 void 1410 visdump(char *dp, int datalen, int screenwidth) 1411 { 1412 int col = 0; 1413 char *cp; 1414 int width; 1415 char visbuf[5]; 1416 1417 printf(" \""); 1418 col = 8; 1419 for (;datalen > 0; datalen--, dp++) { 1420 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1421 cp = visbuf; 1422 /* 1423 * Keep track of printables and 1424 * space chars (like fold(1)). 1425 */ 1426 if (col == 0) { 1427 putchar('\t'); 1428 col = 8; 1429 } 1430 switch(*cp) { 1431 case '\n': 1432 col = 0; 1433 putchar('\n'); 1434 continue; 1435 case '\t': 1436 width = 8 - (col&07); 1437 break; 1438 default: 1439 width = strlen(cp); 1440 } 1441 if (col + width > (screenwidth-2)) { 1442 printf("\\\n\t"); 1443 col = 8; 1444 } 1445 col += width; 1446 do { 1447 putchar(*cp++); 1448 } while (*cp); 1449 } 1450 if (col == 0) 1451 printf(" "); 1452 printf("\"\n"); 1453 } 1454 1455 void 1456 ktrgenio(struct ktr_genio *ktr, int len) 1457 { 1458 int datalen = len - sizeof (struct ktr_genio); 1459 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1460 static int screenwidth = 0; 1461 int i, binary; 1462 1463 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1464 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1465 datalen == 1 ? "" : "s"); 1466 if (suppressdata) 1467 return; 1468 if (screenwidth == 0) { 1469 struct winsize ws; 1470 1471 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1472 ws.ws_col > 8) 1473 screenwidth = ws.ws_col; 1474 else 1475 screenwidth = 80; 1476 } 1477 if (maxdata && datalen > maxdata) 1478 datalen = maxdata; 1479 1480 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1481 if (dp[i] >= 32 && dp[i] < 127) 1482 continue; 1483 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1484 continue; 1485 binary = 1; 1486 } 1487 if (binary) 1488 hexdump(dp, datalen, screenwidth); 1489 else 1490 visdump(dp, datalen, screenwidth); 1491 } 1492 1493 const char *signames[] = { 1494 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1495 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1496 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1497 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1498 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1499 "USR2", NULL, /* 31 - 32 */ 1500 }; 1501 1502 void 1503 ktrpsig(struct ktr_psig *psig) 1504 { 1505 if (psig->signo > 0 && psig->signo < NSIG) 1506 printf("SIG%s ", signames[psig->signo]); 1507 else 1508 printf("SIG %d ", psig->signo); 1509 if (psig->action == SIG_DFL) { 1510 printf("SIG_DFL code="); 1511 sigcodename(psig->signo, psig->code); 1512 putchar('\n'); 1513 } else { 1514 printf("caught handler=0x%lx mask=0x%x code=", 1515 (u_long)psig->action, psig->mask.__bits[0]); 1516 sigcodename(psig->signo, psig->code); 1517 putchar('\n'); 1518 } 1519 } 1520 1521 void 1522 ktrcsw_old(struct ktr_csw_old *cs) 1523 { 1524 printf("%s %s\n", cs->out ? "stop" : "resume", 1525 cs->user ? "user" : "kernel"); 1526 } 1527 1528 void 1529 ktrcsw(struct ktr_csw *cs) 1530 { 1531 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1532 cs->user ? "user" : "kernel", cs->wmesg); 1533 } 1534 1535 #define UTRACE_DLOPEN_START 1 1536 #define UTRACE_DLOPEN_STOP 2 1537 #define UTRACE_DLCLOSE_START 3 1538 #define UTRACE_DLCLOSE_STOP 4 1539 #define UTRACE_LOAD_OBJECT 5 1540 #define UTRACE_UNLOAD_OBJECT 6 1541 #define UTRACE_ADD_RUNDEP 7 1542 #define UTRACE_PRELOAD_FINISHED 8 1543 #define UTRACE_INIT_CALL 9 1544 #define UTRACE_FINI_CALL 10 1545 #define UTRACE_DLSYM_START 11 1546 #define UTRACE_DLSYM_STOP 12 1547 1548 struct utrace_rtld { 1549 char sig[4]; /* 'RTLD' */ 1550 int event; 1551 void *handle; 1552 void *mapbase; 1553 size_t mapsize; 1554 int refcnt; 1555 char name[MAXPATHLEN]; 1556 }; 1557 1558 void 1559 ktruser_rtld(int len, void *p) 1560 { 1561 struct utrace_rtld *ut = p; 1562 unsigned char *cp; 1563 void *parent; 1564 int mode; 1565 1566 switch (ut->event) { 1567 case UTRACE_DLOPEN_START: 1568 mode = ut->refcnt; 1569 printf("dlopen(%s, ", ut->name); 1570 switch (mode & RTLD_MODEMASK) { 1571 case RTLD_NOW: 1572 printf("RTLD_NOW"); 1573 break; 1574 case RTLD_LAZY: 1575 printf("RTLD_LAZY"); 1576 break; 1577 default: 1578 printf("%#x", mode & RTLD_MODEMASK); 1579 } 1580 if (mode & RTLD_GLOBAL) 1581 printf(" | RTLD_GLOBAL"); 1582 if (mode & RTLD_TRACE) 1583 printf(" | RTLD_TRACE"); 1584 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1585 printf(" | %#x", mode & 1586 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1587 printf(")\n"); 1588 break; 1589 case UTRACE_DLOPEN_STOP: 1590 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1591 ut->refcnt); 1592 break; 1593 case UTRACE_DLCLOSE_START: 1594 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1595 ut->refcnt); 1596 break; 1597 case UTRACE_DLCLOSE_STOP: 1598 printf("dlclose(%p) finished\n", ut->handle); 1599 break; 1600 case UTRACE_LOAD_OBJECT: 1601 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1602 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1603 ut->name); 1604 break; 1605 case UTRACE_UNLOAD_OBJECT: 1606 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1607 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1608 ut->name); 1609 break; 1610 case UTRACE_ADD_RUNDEP: 1611 parent = ut->mapbase; 1612 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1613 ut->handle, ut->name, ut->refcnt); 1614 break; 1615 case UTRACE_PRELOAD_FINISHED: 1616 printf("RTLD: LD_PRELOAD finished\n"); 1617 break; 1618 case UTRACE_INIT_CALL: 1619 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1620 ut->name); 1621 break; 1622 case UTRACE_FINI_CALL: 1623 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1624 ut->name); 1625 break; 1626 case UTRACE_DLSYM_START: 1627 printf("RTLD: dlsym(%p, %s)\n", ut->handle, ut->name); 1628 break; 1629 case UTRACE_DLSYM_STOP: 1630 printf("RTLD: %p = dlsym(%p, %s)\n", ut->mapbase, ut->handle, 1631 ut->name); 1632 break; 1633 default: 1634 cp = p; 1635 cp += 4; 1636 len -= 4; 1637 printf("RTLD: %d ", len); 1638 while (len--) 1639 if (decimal) 1640 printf(" %d", *cp++); 1641 else 1642 printf(" %02x", *cp++); 1643 printf("\n"); 1644 } 1645 } 1646 1647 struct utrace_malloc { 1648 void *p; 1649 size_t s; 1650 void *r; 1651 }; 1652 1653 void 1654 ktruser_malloc(void *p) 1655 { 1656 struct utrace_malloc *ut = p; 1657 1658 if (ut->p == (void *)(intptr_t)(-1)) 1659 printf("malloc_init()\n"); 1660 else if (ut->s == 0) 1661 printf("free(%p)\n", ut->p); 1662 else if (ut->p == NULL) 1663 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1664 else 1665 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1666 } 1667 1668 void 1669 ktruser(int len, void *p) 1670 { 1671 unsigned char *cp; 1672 1673 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1674 ktruser_rtld(len, p); 1675 return; 1676 } 1677 1678 if (len == sizeof(struct utrace_malloc)) { 1679 ktruser_malloc(p); 1680 return; 1681 } 1682 1683 printf("%d ", len); 1684 cp = p; 1685 while (len--) 1686 if (decimal) 1687 printf(" %d", *cp++); 1688 else 1689 printf(" %02x", *cp++); 1690 printf("\n"); 1691 } 1692 1693 void 1694 ktrcaprights(cap_rights_t *rightsp) 1695 { 1696 1697 printf("cap_rights_t "); 1698 capname(rightsp); 1699 printf("\n"); 1700 } 1701 1702 void 1703 ktrsockaddr(struct sockaddr *sa) 1704 { 1705 /* 1706 TODO: Support additional address families 1707 #include <netnatm/natm.h> 1708 struct sockaddr_natm *natm; 1709 #include <netsmb/netbios.h> 1710 struct sockaddr_nb *nb; 1711 */ 1712 char addr[64]; 1713 1714 /* 1715 * note: ktrstruct() has already verified that sa points to a 1716 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1717 * sa->sa_len bytes long. 1718 */ 1719 printf("struct sockaddr { "); 1720 sockfamilyname(sa->sa_family); 1721 printf(", "); 1722 1723 #define check_sockaddr_len(n) \ 1724 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1725 printf("invalid"); \ 1726 break; \ 1727 } 1728 1729 switch(sa->sa_family) { 1730 case AF_INET: { 1731 struct sockaddr_in sa_in; 1732 1733 memset(&sa_in, 0, sizeof(sa_in)); 1734 memcpy(&sa_in, sa, sa->sa_len); 1735 check_sockaddr_len(in); 1736 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1737 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1738 break; 1739 } 1740 case AF_INET6: { 1741 struct sockaddr_in6 sa_in6; 1742 1743 memset(&sa_in6, 0, sizeof(sa_in6)); 1744 memcpy(&sa_in6, sa, sa->sa_len); 1745 check_sockaddr_len(in6); 1746 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1747 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1748 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1749 break; 1750 } 1751 case AF_UNIX: { 1752 struct sockaddr_un sa_un; 1753 1754 memset(&sa_un, 0, sizeof(sa_un)); 1755 memcpy(&sa_un, sa, sa->sa_len); 1756 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1757 break; 1758 } 1759 default: 1760 printf("unknown address family"); 1761 } 1762 printf(" }\n"); 1763 } 1764 1765 void 1766 ktrstat(struct stat *statp) 1767 { 1768 char mode[12], timestr[PATH_MAX + 4]; 1769 struct passwd *pwd; 1770 struct group *grp; 1771 struct tm *tm; 1772 1773 /* 1774 * note: ktrstruct() has already verified that statp points to a 1775 * buffer exactly sizeof(struct stat) bytes long. 1776 */ 1777 printf("struct stat {"); 1778 printf("dev=%ju, ino=%ju, ", 1779 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); 1780 if (resolv == 0) 1781 printf("mode=0%jo, ", (uintmax_t)statp->st_mode); 1782 else { 1783 strmode(statp->st_mode, mode); 1784 printf("mode=%s, ", mode); 1785 } 1786 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); 1787 if (resolv == 0) { 1788 pwd = NULL; 1789 } else { 1790 #ifdef HAVE_LIBCAPSICUM 1791 if (cappwd != NULL) 1792 pwd = cap_getpwuid(cappwd, statp->st_uid); 1793 else 1794 #endif 1795 pwd = getpwuid(statp->st_uid); 1796 } 1797 if (pwd == NULL) 1798 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1799 else 1800 printf("uid=\"%s\", ", pwd->pw_name); 1801 if (resolv == 0) { 1802 grp = NULL; 1803 } else { 1804 #ifdef HAVE_LIBCAPSICUM 1805 if (capgrp != NULL) 1806 grp = cap_getgrgid(capgrp, statp->st_gid); 1807 else 1808 #endif 1809 grp = getgrgid(statp->st_gid); 1810 } 1811 if (grp == NULL) 1812 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1813 else 1814 printf("gid=\"%s\", ", grp->gr_name); 1815 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1816 printf("atime="); 1817 if (resolv == 0) 1818 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1819 else { 1820 tm = localtime(&statp->st_atim.tv_sec); 1821 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1822 printf("\"%s\"", timestr); 1823 } 1824 if (statp->st_atim.tv_nsec != 0) 1825 printf(".%09ld, ", statp->st_atim.tv_nsec); 1826 else 1827 printf(", "); 1828 printf("stime="); 1829 if (resolv == 0) 1830 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1831 else { 1832 tm = localtime(&statp->st_mtim.tv_sec); 1833 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1834 printf("\"%s\"", timestr); 1835 } 1836 if (statp->st_mtim.tv_nsec != 0) 1837 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1838 else 1839 printf(", "); 1840 printf("ctime="); 1841 if (resolv == 0) 1842 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1843 else { 1844 tm = localtime(&statp->st_ctim.tv_sec); 1845 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1846 printf("\"%s\"", timestr); 1847 } 1848 if (statp->st_ctim.tv_nsec != 0) 1849 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1850 else 1851 printf(", "); 1852 printf("birthtime="); 1853 if (resolv == 0) 1854 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1855 else { 1856 tm = localtime(&statp->st_birthtim.tv_sec); 1857 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1858 printf("\"%s\"", timestr); 1859 } 1860 if (statp->st_birthtim.tv_nsec != 0) 1861 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1862 else 1863 printf(", "); 1864 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1865 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1866 (intmax_t)statp->st_blocks, statp->st_flags); 1867 printf(" }\n"); 1868 } 1869 1870 void 1871 ktrstruct(char *buf, size_t buflen) 1872 { 1873 char *name, *data; 1874 size_t namelen, datalen; 1875 int i; 1876 cap_rights_t rights; 1877 struct stat sb; 1878 struct sockaddr_storage ss; 1879 1880 for (name = buf, namelen = 0; 1881 namelen < buflen && name[namelen] != '\0'; 1882 ++namelen) 1883 /* nothing */; 1884 if (namelen == buflen) 1885 goto invalid; 1886 if (name[namelen] != '\0') 1887 goto invalid; 1888 data = buf + namelen + 1; 1889 datalen = buflen - namelen - 1; 1890 if (datalen == 0) 1891 goto invalid; 1892 /* sanity check */ 1893 for (i = 0; i < (int)namelen; ++i) 1894 if (!isalpha(name[i])) 1895 goto invalid; 1896 if (strcmp(name, "caprights") == 0) { 1897 if (datalen != sizeof(cap_rights_t)) 1898 goto invalid; 1899 memcpy(&rights, data, datalen); 1900 ktrcaprights(&rights); 1901 } else if (strcmp(name, "stat") == 0) { 1902 if (datalen != sizeof(struct stat)) 1903 goto invalid; 1904 memcpy(&sb, data, datalen); 1905 ktrstat(&sb); 1906 } else if (strcmp(name, "sockaddr") == 0) { 1907 if (datalen > sizeof(ss)) 1908 goto invalid; 1909 memcpy(&ss, data, datalen); 1910 if (datalen != ss.ss_len) 1911 goto invalid; 1912 ktrsockaddr((struct sockaddr *)&ss); 1913 } else { 1914 printf("unknown structure\n"); 1915 } 1916 return; 1917 invalid: 1918 printf("invalid record\n"); 1919 } 1920 1921 void 1922 ktrcapfail(struct ktr_cap_fail *ktr) 1923 { 1924 switch (ktr->cap_type) { 1925 case CAPFAIL_NOTCAPABLE: 1926 /* operation on fd with insufficient capabilities */ 1927 printf("operation requires "); 1928 capname(&ktr->cap_needed); 1929 printf(", descriptor holds "); 1930 capname(&ktr->cap_held); 1931 break; 1932 case CAPFAIL_INCREASE: 1933 /* requested more capabilities than fd already has */ 1934 printf("attempt to increase capabilities from "); 1935 capname(&ktr->cap_held); 1936 printf(" to "); 1937 capname(&ktr->cap_needed); 1938 break; 1939 case CAPFAIL_SYSCALL: 1940 /* called restricted syscall */ 1941 printf("disallowed system call"); 1942 break; 1943 case CAPFAIL_LOOKUP: 1944 /* used ".." in strict-relative mode */ 1945 printf("restricted VFS lookup"); 1946 break; 1947 default: 1948 printf("unknown capability failure: "); 1949 capname(&ktr->cap_needed); 1950 printf(" "); 1951 capname(&ktr->cap_held); 1952 break; 1953 } 1954 printf("\n"); 1955 } 1956 1957 void 1958 ktrfault(struct ktr_fault *ktr) 1959 { 1960 1961 printf("0x%jx ", (uintmax_t)ktr->vaddr); 1962 vmprotname(ktr->type); 1963 printf("\n"); 1964 } 1965 1966 void 1967 ktrfaultend(struct ktr_faultend *ktr) 1968 { 1969 1970 vmresultname(ktr->result); 1971 printf("\n"); 1972 } 1973 1974 #if defined(__amd64__) || defined(__i386__) 1975 void 1976 linux_ktrsyscall(struct ktr_syscall *ktr) 1977 { 1978 int narg = ktr->ktr_narg; 1979 register_t *ip; 1980 1981 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0) 1982 printf("[%d]", ktr->ktr_code); 1983 else { 1984 printf("%s", linux_syscallnames[ktr->ktr_code]); 1985 if (syscallno) 1986 printf("[%d]", ktr->ktr_code); 1987 } 1988 ip = &ktr->ktr_args[0]; 1989 if (narg) { 1990 char c = '('; 1991 while (narg > 0) 1992 print_number(ip, narg, c); 1993 putchar(')'); 1994 } 1995 putchar('\n'); 1996 } 1997 1998 void 1999 linux_ktrsysret(struct ktr_sysret *ktr) 2000 { 2001 register_t ret = ktr->ktr_retval; 2002 int error = ktr->ktr_error; 2003 int code = ktr->ktr_code; 2004 2005 if (code >= nlinux_syscalls || code < 0) 2006 printf("[%d] ", code); 2007 else { 2008 printf("%s", linux_syscallnames[code]); 2009 if (syscallno) 2010 printf("[%d]", code); 2011 printf(" "); 2012 } 2013 2014 if (error == 0) { 2015 if (fancy) { 2016 printf("%ld", (long)ret); 2017 if (ret < 0 || ret > 9) 2018 printf("/%#lx", (unsigned long)ret); 2019 } else { 2020 if (decimal) 2021 printf("%ld", (long)ret); 2022 else 2023 printf("%#lx", (unsigned long)ret); 2024 } 2025 } else if (error == ERESTART) 2026 printf("RESTART"); 2027 else if (error == EJUSTRETURN) 2028 printf("JUSTRETURN"); 2029 else { 2030 if (ktr->ktr_error <= ELAST + 1) 2031 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 2032 else 2033 error = 999; 2034 printf("-1 errno %d", error); 2035 if (fancy) 2036 printf(" %s", strerror(ktr->ktr_error)); 2037 } 2038 putchar('\n'); 2039 } 2040 #endif 2041 2042 void 2043 usage(void) 2044 { 2045 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] " 2046 "[-m maxdata] [-p pid] [-t trstr]\n"); 2047 exit(1); 2048 } 2049