1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/capability.h> 50 #include <sys/errno.h> 51 #define _KERNEL 52 #include <sys/time.h> 53 #undef _KERNEL 54 #include <sys/uio.h> 55 #include <sys/ktrace.h> 56 #include <sys/ioctl.h> 57 #include <sys/socket.h> 58 #include <sys/stat.h> 59 #include <sys/sysent.h> 60 #include <sys/un.h> 61 #include <sys/queue.h> 62 #ifdef IPX 63 #include <sys/types.h> 64 #include <netipx/ipx.h> 65 #endif 66 #ifdef NETATALK 67 #include <netatalk/at.h> 68 #endif 69 #include <arpa/inet.h> 70 #include <netinet/in.h> 71 #include <ctype.h> 72 #include <dlfcn.h> 73 #include <err.h> 74 #include <grp.h> 75 #include <inttypes.h> 76 #include <locale.h> 77 #include <netdb.h> 78 #include <nl_types.h> 79 #include <pwd.h> 80 #include <stdio.h> 81 #include <stdlib.h> 82 #include <string.h> 83 #include <termios.h> 84 #include <time.h> 85 #include <unistd.h> 86 #include <vis.h> 87 #include "ktrace.h" 88 #include "kdump_subr.h" 89 90 u_int abidump(struct ktr_header *); 91 int fetchprocinfo(struct ktr_header *, u_int *); 92 int fread_tail(void *, int, int); 93 void dumpheader(struct ktr_header *); 94 void ktrsyscall(struct ktr_syscall *, u_int); 95 void ktrsysret(struct ktr_sysret *, u_int); 96 void ktrnamei(char *, int); 97 void hexdump(char *, int, int); 98 void visdump(char *, int, int); 99 void ktrgenio(struct ktr_genio *, int); 100 void ktrpsig(struct ktr_psig *); 101 void ktrcsw(struct ktr_csw *); 102 void ktrcsw_old(struct ktr_csw_old *); 103 void ktruser_malloc(unsigned char *); 104 void ktruser_rtld(int, unsigned char *); 105 void ktruser(int, unsigned char *); 106 void ktrsockaddr(struct sockaddr *); 107 void ktrstat(struct stat *); 108 void ktrstruct(char *, size_t); 109 void ktrcapfail(struct ktr_cap_fail *); 110 void ktrfault(struct ktr_fault *); 111 void ktrfaultend(struct ktr_faultend *); 112 void limitfd(int fd); 113 void usage(void); 114 void ioctlname(unsigned long, int); 115 116 int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 117 resolv = 0, abiflag = 0; 118 const char *tracefile = DEF_TRACEFILE; 119 struct ktr_header ktr_header; 120 121 #define TIME_FORMAT "%b %e %T %Y" 122 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 123 124 #define print_number(i,n,c) do { \ 125 if (decimal) \ 126 printf("%c%jd", c, (intmax_t)*i); \ 127 else \ 128 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 129 i++; \ 130 n--; \ 131 c = ','; \ 132 } while (0) 133 134 #if defined(__amd64__) || defined(__i386__) 135 136 void linux_ktrsyscall(struct ktr_syscall *); 137 void linux_ktrsysret(struct ktr_sysret *); 138 extern char *linux_syscallnames[]; 139 extern int nlinux_syscalls; 140 141 /* 142 * from linux.h 143 * Linux syscalls return negative errno's, we do positive and map them 144 */ 145 static int bsd_to_linux_errno[ELAST + 1] = { 146 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 147 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 148 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 149 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 150 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 151 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 152 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 153 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 154 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 155 -72, -67, -71 156 }; 157 #endif 158 159 struct proc_info 160 { 161 TAILQ_ENTRY(proc_info) info; 162 u_int sv_flags; 163 pid_t pid; 164 }; 165 166 TAILQ_HEAD(trace_procs, proc_info) trace_procs; 167 168 static void 169 strerror_init(void) 170 { 171 172 /* 173 * Cache NLS data before entering capability mode. 174 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 175 */ 176 (void)catopen("libc", NL_CAT_LOCALE); 177 } 178 179 static void 180 localtime_init(void) 181 { 182 time_t ltime; 183 184 /* 185 * Allow localtime(3) to cache /etc/localtime content before entering 186 * capability mode. 187 * XXXPJD: There should be localtime_init() in libc. 188 */ 189 (void)time(<ime); 190 (void)localtime(<ime); 191 } 192 193 int 194 main(int argc, char *argv[]) 195 { 196 int ch, ktrlen, size; 197 void *m; 198 int trpoints = ALL_POINTS; 199 int drop_logged; 200 pid_t pid = 0; 201 u_int sv_flags; 202 203 setlocale(LC_CTYPE, ""); 204 205 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrsTt:")) != -1) 206 switch (ch) { 207 case 'A': 208 abiflag = 1; 209 break; 210 case 'f': 211 tracefile = optarg; 212 break; 213 case 'd': 214 decimal = 1; 215 break; 216 case 'l': 217 tail = 1; 218 break; 219 case 'm': 220 maxdata = atoi(optarg); 221 break; 222 case 'n': 223 fancy = 0; 224 break; 225 case 'p': 226 pid = atoi(optarg); 227 break; 228 case 'r': 229 resolv = 1; 230 break; 231 case 's': 232 suppressdata = 1; 233 break; 234 case 'E': 235 timestamp = 3; /* elapsed timestamp */ 236 break; 237 case 'H': 238 threads = 1; 239 break; 240 case 'R': 241 timestamp = 2; /* relative timestamp */ 242 break; 243 case 'T': 244 timestamp = 1; 245 break; 246 case 't': 247 trpoints = getpoints(optarg); 248 if (trpoints < 0) 249 errx(1, "unknown trace point in %s", optarg); 250 break; 251 default: 252 usage(); 253 } 254 255 if (argc > optind) 256 usage(); 257 258 m = malloc(size = 1025); 259 if (m == NULL) 260 errx(1, "%s", strerror(ENOMEM)); 261 if (!freopen(tracefile, "r", stdin)) 262 err(1, "%s", tracefile); 263 264 strerror_init(); 265 localtime_init(); 266 267 if (resolv == 0) { 268 if (cap_enter() < 0 && errno != ENOSYS) 269 err(1, "unable to enter capability mode"); 270 } 271 limitfd(STDIN_FILENO); 272 limitfd(STDOUT_FILENO); 273 limitfd(STDERR_FILENO); 274 275 TAILQ_INIT(&trace_procs); 276 drop_logged = 0; 277 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 278 if (ktr_header.ktr_type & KTR_DROP) { 279 ktr_header.ktr_type &= ~KTR_DROP; 280 if (!drop_logged && threads) { 281 printf( 282 "%6jd %6jd %-8.*s Events dropped.\n", 283 (intmax_t)ktr_header.ktr_pid, 284 ktr_header.ktr_tid > 0 ? 285 (intmax_t)ktr_header.ktr_tid : 0, 286 MAXCOMLEN, ktr_header.ktr_comm); 287 drop_logged = 1; 288 } else if (!drop_logged) { 289 printf("%6jd %-8.*s Events dropped.\n", 290 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 291 ktr_header.ktr_comm); 292 drop_logged = 1; 293 } 294 } 295 if (trpoints & (1<<ktr_header.ktr_type)) 296 if (pid == 0 || ktr_header.ktr_pid == pid || 297 ktr_header.ktr_tid == pid) 298 dumpheader(&ktr_header); 299 if ((ktrlen = ktr_header.ktr_len) < 0) 300 errx(1, "bogus length 0x%x", ktrlen); 301 if (ktrlen > size) { 302 m = realloc(m, ktrlen+1); 303 if (m == NULL) 304 errx(1, "%s", strerror(ENOMEM)); 305 size = ktrlen; 306 } 307 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 308 errx(1, "data too short"); 309 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 310 continue; 311 sv_flags = abidump(&ktr_header); 312 if (pid && ktr_header.ktr_pid != pid && 313 ktr_header.ktr_tid != pid) 314 continue; 315 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 316 continue; 317 drop_logged = 0; 318 switch (ktr_header.ktr_type) { 319 case KTR_SYSCALL: 320 #if defined(__amd64__) || defined(__i386__) 321 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 322 linux_ktrsyscall((struct ktr_syscall *)m); 323 else 324 #endif 325 ktrsyscall((struct ktr_syscall *)m, sv_flags); 326 break; 327 case KTR_SYSRET: 328 #if defined(__amd64__) || defined(__i386__) 329 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 330 linux_ktrsysret((struct ktr_sysret *)m); 331 else 332 #endif 333 ktrsysret((struct ktr_sysret *)m, sv_flags); 334 break; 335 case KTR_NAMEI: 336 case KTR_SYSCTL: 337 ktrnamei(m, ktrlen); 338 break; 339 case KTR_GENIO: 340 ktrgenio((struct ktr_genio *)m, ktrlen); 341 break; 342 case KTR_PSIG: 343 ktrpsig((struct ktr_psig *)m); 344 break; 345 case KTR_CSW: 346 if (ktrlen == sizeof(struct ktr_csw_old)) 347 ktrcsw_old((struct ktr_csw_old *)m); 348 else 349 ktrcsw((struct ktr_csw *)m); 350 break; 351 case KTR_USER: 352 ktruser(ktrlen, m); 353 break; 354 case KTR_STRUCT: 355 ktrstruct(m, ktrlen); 356 break; 357 case KTR_CAPFAIL: 358 ktrcapfail((struct ktr_cap_fail *)m); 359 break; 360 case KTR_FAULT: 361 ktrfault((struct ktr_fault *)m); 362 break; 363 case KTR_FAULTEND: 364 ktrfaultend((struct ktr_faultend *)m); 365 break; 366 default: 367 printf("\n"); 368 break; 369 } 370 if (tail) 371 fflush(stdout); 372 } 373 return 0; 374 } 375 376 void 377 limitfd(int fd) 378 { 379 cap_rights_t rights; 380 unsigned long cmd; 381 382 rights = CAP_FSTAT; 383 cmd = -1; 384 385 switch (fd) { 386 case STDIN_FILENO: 387 rights |= CAP_READ; 388 break; 389 case STDOUT_FILENO: 390 rights |= CAP_IOCTL | CAP_WRITE; 391 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 392 break; 393 case STDERR_FILENO: 394 rights |= CAP_WRITE; 395 if (!suppressdata) { 396 rights |= CAP_IOCTL; 397 cmd = TIOCGWINSZ; 398 } 399 break; 400 default: 401 abort(); 402 } 403 404 if (cap_rights_limit(fd, rights) < 0 && errno != ENOSYS) 405 err(1, "unable to limit rights for descriptor %d", fd); 406 if (cmd != -1 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 407 err(1, "unable to limit ioctls for descriptor %d", fd); 408 } 409 410 int 411 fread_tail(void *buf, int size, int num) 412 { 413 int i; 414 415 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 416 sleep(1); 417 clearerr(stdin); 418 } 419 return (i); 420 } 421 422 int 423 fetchprocinfo(struct ktr_header *kth, u_int *flags) 424 { 425 struct proc_info *pi; 426 427 switch (kth->ktr_type) { 428 case KTR_PROCCTOR: 429 TAILQ_FOREACH(pi, &trace_procs, info) { 430 if (pi->pid == kth->ktr_pid) { 431 TAILQ_REMOVE(&trace_procs, pi, info); 432 break; 433 } 434 } 435 pi = malloc(sizeof(struct proc_info)); 436 if (pi == NULL) 437 errx(1, "%s", strerror(ENOMEM)); 438 pi->sv_flags = *flags; 439 pi->pid = kth->ktr_pid; 440 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 441 return (1); 442 443 case KTR_PROCDTOR: 444 TAILQ_FOREACH(pi, &trace_procs, info) { 445 if (pi->pid == kth->ktr_pid) { 446 TAILQ_REMOVE(&trace_procs, pi, info); 447 free(pi); 448 break; 449 } 450 } 451 return (1); 452 } 453 454 return (0); 455 } 456 457 u_int 458 abidump(struct ktr_header *kth) 459 { 460 struct proc_info *pi; 461 const char *abi; 462 const char *arch; 463 u_int flags = 0; 464 465 TAILQ_FOREACH(pi, &trace_procs, info) { 466 if (pi->pid == kth->ktr_pid) { 467 flags = pi->sv_flags; 468 break; 469 } 470 } 471 472 if (abiflag == 0) 473 return (flags); 474 475 switch (flags & SV_ABI_MASK) { 476 case SV_ABI_LINUX: 477 abi = "L"; 478 break; 479 case SV_ABI_FREEBSD: 480 abi = "F"; 481 break; 482 default: 483 abi = "U"; 484 break; 485 } 486 487 if (flags != 0) { 488 if (flags & SV_LP64) 489 arch = "64"; 490 else 491 arch = "32"; 492 } else 493 arch = "00"; 494 495 printf("%s%s ", abi, arch); 496 497 return (flags); 498 } 499 500 void 501 dumpheader(struct ktr_header *kth) 502 { 503 static char unknown[64]; 504 static struct timeval prevtime, temp; 505 const char *type; 506 507 switch (kth->ktr_type) { 508 case KTR_SYSCALL: 509 type = "CALL"; 510 break; 511 case KTR_SYSRET: 512 type = "RET "; 513 break; 514 case KTR_NAMEI: 515 type = "NAMI"; 516 break; 517 case KTR_GENIO: 518 type = "GIO "; 519 break; 520 case KTR_PSIG: 521 type = "PSIG"; 522 break; 523 case KTR_CSW: 524 type = "CSW "; 525 break; 526 case KTR_USER: 527 type = "USER"; 528 break; 529 case KTR_STRUCT: 530 type = "STRU"; 531 break; 532 case KTR_SYSCTL: 533 type = "SCTL"; 534 break; 535 case KTR_PROCCTOR: 536 /* FALLTHROUGH */ 537 case KTR_PROCDTOR: 538 return; 539 case KTR_CAPFAIL: 540 type = "CAP "; 541 break; 542 case KTR_FAULT: 543 type = "PFLT"; 544 break; 545 case KTR_FAULTEND: 546 type = "PRET"; 547 break; 548 default: 549 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 550 type = unknown; 551 } 552 553 /* 554 * The ktr_tid field was previously the ktr_buffer field, which held 555 * the kernel pointer value for the buffer associated with data 556 * following the record header. It now holds a threadid, but only 557 * for trace files after the change. Older trace files still contain 558 * kernel pointers. Detect this and suppress the results by printing 559 * negative tid's as 0. 560 */ 561 if (threads) 562 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 563 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 564 MAXCOMLEN, kth->ktr_comm); 565 else 566 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 567 kth->ktr_comm); 568 if (timestamp) { 569 if (timestamp == 3) { 570 if (prevtime.tv_sec == 0) 571 prevtime = kth->ktr_time; 572 timevalsub(&kth->ktr_time, &prevtime); 573 } 574 if (timestamp == 2) { 575 temp = kth->ktr_time; 576 timevalsub(&kth->ktr_time, &prevtime); 577 prevtime = temp; 578 } 579 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 580 kth->ktr_time.tv_usec); 581 } 582 printf("%s ", type); 583 } 584 585 #include <sys/syscall.h> 586 #define KTRACE 587 #include <sys/kern/syscalls.c> 588 #undef KTRACE 589 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 590 591 void 592 ktrsyscall(struct ktr_syscall *ktr, u_int flags) 593 { 594 int narg = ktr->ktr_narg; 595 register_t *ip; 596 intmax_t arg; 597 598 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 599 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 600 printf("[%d]", ktr->ktr_code); 601 else 602 printf("%s", syscallnames[ktr->ktr_code]); 603 ip = &ktr->ktr_args[0]; 604 if (narg) { 605 char c = '('; 606 if (fancy && 607 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 608 switch (ktr->ktr_code) { 609 case SYS_bindat: 610 case SYS_connectat: 611 case SYS_faccessat: 612 case SYS_fchmodat: 613 case SYS_fchownat: 614 case SYS_fstatat: 615 case SYS_futimesat: 616 case SYS_linkat: 617 case SYS_mkdirat: 618 case SYS_mkfifoat: 619 case SYS_mknodat: 620 case SYS_openat: 621 case SYS_readlinkat: 622 case SYS_renameat: 623 case SYS_unlinkat: 624 putchar('('); 625 atfdname(*ip, decimal); 626 c = ','; 627 ip++; 628 narg--; 629 break; 630 } 631 switch (ktr->ktr_code) { 632 case SYS_ioctl: { 633 print_number(ip, narg, c); 634 putchar(c); 635 ioctlname(*ip, decimal); 636 c = ','; 637 ip++; 638 narg--; 639 break; 640 } 641 case SYS_ptrace: 642 putchar('('); 643 ptraceopname(*ip); 644 c = ','; 645 ip++; 646 narg--; 647 break; 648 case SYS_access: 649 case SYS_eaccess: 650 case SYS_faccessat: 651 print_number(ip, narg, c); 652 putchar(','); 653 accessmodename(*ip); 654 ip++; 655 narg--; 656 break; 657 case SYS_open: 658 case SYS_openat: 659 print_number(ip, narg, c); 660 putchar(','); 661 flagsandmodename(ip[0], ip[1], decimal); 662 ip += 2; 663 narg -= 2; 664 break; 665 case SYS_wait4: 666 print_number(ip, narg, c); 667 print_number(ip, narg, c); 668 putchar(','); 669 wait4optname(*ip); 670 ip++; 671 narg--; 672 break; 673 case SYS_chmod: 674 case SYS_fchmod: 675 case SYS_lchmod: 676 print_number(ip, narg, c); 677 putchar(','); 678 modename(*ip); 679 ip++; 680 narg--; 681 break; 682 case SYS_mknod: 683 case SYS_mknodat: 684 print_number(ip, narg, c); 685 putchar(','); 686 modename(*ip); 687 ip++; 688 narg--; 689 break; 690 case SYS_getfsstat: 691 print_number(ip, narg, c); 692 print_number(ip, narg, c); 693 putchar(','); 694 getfsstatflagsname(*ip); 695 ip++; 696 narg--; 697 break; 698 case SYS_mount: 699 print_number(ip, narg, c); 700 print_number(ip, narg, c); 701 putchar(','); 702 mountflagsname(*ip); 703 ip++; 704 narg--; 705 break; 706 case SYS_unmount: 707 print_number(ip, narg, c); 708 putchar(','); 709 mountflagsname(*ip); 710 ip++; 711 narg--; 712 break; 713 case SYS_recvmsg: 714 case SYS_sendmsg: 715 print_number(ip, narg, c); 716 print_number(ip, narg, c); 717 putchar(','); 718 sendrecvflagsname(*ip); 719 ip++; 720 narg--; 721 break; 722 case SYS_recvfrom: 723 case SYS_sendto: 724 print_number(ip, narg, c); 725 print_number(ip, narg, c); 726 print_number(ip, narg, c); 727 putchar(','); 728 sendrecvflagsname(*ip); 729 ip++; 730 narg--; 731 break; 732 case SYS_chflags: 733 case SYS_fchflags: 734 case SYS_lchflags: 735 print_number(ip, narg, c); 736 putchar(','); 737 modename(*ip); 738 ip++; 739 narg--; 740 break; 741 case SYS_kill: 742 print_number(ip, narg, c); 743 putchar(','); 744 signame(*ip); 745 ip++; 746 narg--; 747 break; 748 case SYS_reboot: 749 putchar('('); 750 rebootoptname(*ip); 751 ip++; 752 narg--; 753 break; 754 case SYS_umask: 755 putchar('('); 756 modename(*ip); 757 ip++; 758 narg--; 759 break; 760 case SYS_msync: 761 print_number(ip, narg, c); 762 print_number(ip, narg, c); 763 putchar(','); 764 msyncflagsname(*ip); 765 ip++; 766 narg--; 767 break; 768 #ifdef SYS_freebsd6_mmap 769 case SYS_freebsd6_mmap: 770 print_number(ip, narg, c); 771 print_number(ip, narg, c); 772 putchar(','); 773 mmapprotname(*ip); 774 putchar(','); 775 ip++; 776 narg--; 777 mmapflagsname(*ip); 778 ip++; 779 narg--; 780 break; 781 #endif 782 case SYS_mmap: 783 print_number(ip, narg, c); 784 print_number(ip, narg, c); 785 putchar(','); 786 mmapprotname(*ip); 787 putchar(','); 788 ip++; 789 narg--; 790 mmapflagsname(*ip); 791 ip++; 792 narg--; 793 break; 794 case SYS_mprotect: 795 print_number(ip, narg, c); 796 print_number(ip, narg, c); 797 putchar(','); 798 mmapprotname(*ip); 799 ip++; 800 narg--; 801 break; 802 case SYS_madvise: 803 print_number(ip, narg, c); 804 print_number(ip, narg, c); 805 putchar(','); 806 madvisebehavname(*ip); 807 ip++; 808 narg--; 809 break; 810 case SYS_setpriority: 811 print_number(ip, narg, c); 812 print_number(ip, narg, c); 813 putchar(','); 814 prioname(*ip); 815 ip++; 816 narg--; 817 break; 818 case SYS_fcntl: 819 print_number(ip, narg, c); 820 putchar(','); 821 fcntlcmdname(ip[0], ip[1], decimal); 822 ip += 2; 823 narg -= 2; 824 break; 825 case SYS_socket: { 826 int sockdomain; 827 putchar('('); 828 sockdomain = *ip; 829 sockdomainname(sockdomain); 830 ip++; 831 narg--; 832 putchar(','); 833 socktypenamewithflags(*ip); 834 ip++; 835 narg--; 836 if (sockdomain == PF_INET || 837 sockdomain == PF_INET6) { 838 putchar(','); 839 sockipprotoname(*ip); 840 ip++; 841 narg--; 842 } 843 c = ','; 844 break; 845 } 846 case SYS_setsockopt: 847 case SYS_getsockopt: 848 print_number(ip, narg, c); 849 putchar(','); 850 sockoptlevelname(*ip, decimal); 851 if (*ip == SOL_SOCKET) { 852 ip++; 853 narg--; 854 putchar(','); 855 sockoptname(*ip); 856 } 857 ip++; 858 narg--; 859 break; 860 #ifdef SYS_freebsd6_lseek 861 case SYS_freebsd6_lseek: 862 print_number(ip, narg, c); 863 /* Hidden 'pad' argument, not in lseek(2) */ 864 print_number(ip, narg, c); 865 print_number(ip, narg, c); 866 putchar(','); 867 whencename(*ip); 868 ip++; 869 narg--; 870 break; 871 #endif 872 case SYS_lseek: 873 print_number(ip, narg, c); 874 /* Hidden 'pad' argument, not in lseek(2) */ 875 print_number(ip, narg, c); 876 putchar(','); 877 whencename(*ip); 878 ip++; 879 narg--; 880 break; 881 case SYS_flock: 882 print_number(ip, narg, c); 883 putchar(','); 884 flockname(*ip); 885 ip++; 886 narg--; 887 break; 888 case SYS_mkfifo: 889 case SYS_mkfifoat: 890 case SYS_mkdir: 891 case SYS_mkdirat: 892 print_number(ip, narg, c); 893 putchar(','); 894 modename(*ip); 895 ip++; 896 narg--; 897 break; 898 case SYS_shutdown: 899 print_number(ip, narg, c); 900 putchar(','); 901 shutdownhowname(*ip); 902 ip++; 903 narg--; 904 break; 905 case SYS_socketpair: 906 putchar('('); 907 sockdomainname(*ip); 908 ip++; 909 narg--; 910 putchar(','); 911 socktypenamewithflags(*ip); 912 ip++; 913 narg--; 914 c = ','; 915 break; 916 case SYS_getrlimit: 917 case SYS_setrlimit: 918 putchar('('); 919 rlimitname(*ip); 920 ip++; 921 narg--; 922 c = ','; 923 break; 924 case SYS_quotactl: 925 print_number(ip, narg, c); 926 putchar(','); 927 quotactlname(*ip); 928 ip++; 929 narg--; 930 c = ','; 931 break; 932 case SYS_nfssvc: 933 putchar('('); 934 nfssvcname(*ip); 935 ip++; 936 narg--; 937 c = ','; 938 break; 939 case SYS_rtprio: 940 putchar('('); 941 rtprioname(*ip); 942 ip++; 943 narg--; 944 c = ','; 945 break; 946 case SYS___semctl: 947 print_number(ip, narg, c); 948 print_number(ip, narg, c); 949 putchar(','); 950 semctlname(*ip); 951 ip++; 952 narg--; 953 break; 954 case SYS_semget: 955 print_number(ip, narg, c); 956 print_number(ip, narg, c); 957 putchar(','); 958 semgetname(*ip); 959 ip++; 960 narg--; 961 break; 962 case SYS_msgctl: 963 print_number(ip, narg, c); 964 putchar(','); 965 shmctlname(*ip); 966 ip++; 967 narg--; 968 break; 969 case SYS_shmat: 970 print_number(ip, narg, c); 971 print_number(ip, narg, c); 972 putchar(','); 973 shmatname(*ip); 974 ip++; 975 narg--; 976 break; 977 case SYS_shmctl: 978 print_number(ip, narg, c); 979 putchar(','); 980 shmctlname(*ip); 981 ip++; 982 narg--; 983 break; 984 case SYS_minherit: 985 print_number(ip, narg, c); 986 print_number(ip, narg, c); 987 putchar(','); 988 minheritname(*ip); 989 ip++; 990 narg--; 991 break; 992 case SYS_rfork: 993 putchar('('); 994 rforkname(*ip); 995 ip++; 996 narg--; 997 c = ','; 998 break; 999 case SYS_lio_listio: 1000 putchar('('); 1001 lio_listioname(*ip); 1002 ip++; 1003 narg--; 1004 c = ','; 1005 break; 1006 case SYS_mlockall: 1007 putchar('('); 1008 mlockallname(*ip); 1009 ip++; 1010 narg--; 1011 break; 1012 case SYS_sched_setscheduler: 1013 print_number(ip, narg, c); 1014 putchar(','); 1015 schedpolicyname(*ip); 1016 ip++; 1017 narg--; 1018 break; 1019 case SYS_sched_get_priority_max: 1020 case SYS_sched_get_priority_min: 1021 putchar('('); 1022 schedpolicyname(*ip); 1023 ip++; 1024 narg--; 1025 break; 1026 case SYS_sendfile: 1027 print_number(ip, narg, c); 1028 print_number(ip, narg, c); 1029 print_number(ip, narg, c); 1030 print_number(ip, narg, c); 1031 print_number(ip, narg, c); 1032 print_number(ip, narg, c); 1033 putchar(','); 1034 sendfileflagsname(*ip); 1035 ip++; 1036 narg--; 1037 break; 1038 case SYS_kldsym: 1039 print_number(ip, narg, c); 1040 putchar(','); 1041 kldsymcmdname(*ip); 1042 ip++; 1043 narg--; 1044 break; 1045 case SYS_sigprocmask: 1046 putchar('('); 1047 sigprocmaskhowname(*ip); 1048 ip++; 1049 narg--; 1050 c = ','; 1051 break; 1052 case SYS___acl_get_file: 1053 case SYS___acl_set_file: 1054 case SYS___acl_get_fd: 1055 case SYS___acl_set_fd: 1056 case SYS___acl_delete_file: 1057 case SYS___acl_delete_fd: 1058 case SYS___acl_aclcheck_file: 1059 case SYS___acl_aclcheck_fd: 1060 case SYS___acl_get_link: 1061 case SYS___acl_set_link: 1062 case SYS___acl_delete_link: 1063 case SYS___acl_aclcheck_link: 1064 print_number(ip, narg, c); 1065 putchar(','); 1066 acltypename(*ip); 1067 ip++; 1068 narg--; 1069 break; 1070 case SYS_sigaction: 1071 putchar('('); 1072 signame(*ip); 1073 ip++; 1074 narg--; 1075 c = ','; 1076 break; 1077 case SYS_extattrctl: 1078 print_number(ip, narg, c); 1079 putchar(','); 1080 extattrctlname(*ip); 1081 ip++; 1082 narg--; 1083 break; 1084 case SYS_nmount: 1085 print_number(ip, narg, c); 1086 print_number(ip, narg, c); 1087 putchar(','); 1088 mountflagsname(*ip); 1089 ip++; 1090 narg--; 1091 break; 1092 case SYS_thr_create: 1093 print_number(ip, narg, c); 1094 print_number(ip, narg, c); 1095 putchar(','); 1096 thrcreateflagsname(*ip); 1097 ip++; 1098 narg--; 1099 break; 1100 case SYS_thr_kill: 1101 print_number(ip, narg, c); 1102 putchar(','); 1103 signame(*ip); 1104 ip++; 1105 narg--; 1106 break; 1107 case SYS_kldunloadf: 1108 print_number(ip, narg, c); 1109 putchar(','); 1110 kldunloadfflagsname(*ip); 1111 ip++; 1112 narg--; 1113 break; 1114 case SYS_linkat: 1115 case SYS_renameat: 1116 case SYS_symlinkat: 1117 print_number(ip, narg, c); 1118 putchar(','); 1119 atfdname(*ip, decimal); 1120 ip++; 1121 narg--; 1122 break; 1123 case SYS_cap_new: 1124 case SYS_cap_rights_limit: 1125 print_number(ip, narg, c); 1126 putchar(','); 1127 arg = *ip; 1128 ip++; 1129 narg--; 1130 /* 1131 * Hack: the second argument is a 1132 * cap_rights_t, which 64 bits wide, so on 1133 * 32-bit systems, it is split between two 1134 * registers. 1135 * 1136 * Since sizeof() is not evaluated by the 1137 * preprocessor, we can't use an #ifdef, 1138 * but the compiler will probably optimize 1139 * the code out anyway. 1140 */ 1141 if (sizeof(cap_rights_t) > sizeof(register_t)) { 1142 #if _BYTE_ORDER == _LITTLE_ENDIAN 1143 arg = ((intmax_t)*ip << 32) + arg; 1144 #else 1145 arg = (arg << 32) + *ip; 1146 #endif 1147 ip++; 1148 narg--; 1149 } 1150 capname(arg); 1151 break; 1152 case SYS_cap_fcntls_limit: 1153 print_number(ip, narg, c); 1154 putchar(','); 1155 arg = *ip; 1156 ip++; 1157 narg--; 1158 capfcntlname(arg); 1159 break; 1160 case SYS_posix_fadvise: 1161 print_number(ip, narg, c); 1162 print_number(ip, narg, c); 1163 print_number(ip, narg, c); 1164 (void)putchar(','); 1165 fadvisebehavname((int)*ip); 1166 ip++; 1167 narg--; 1168 break; 1169 } 1170 } 1171 while (narg > 0) { 1172 print_number(ip, narg, c); 1173 } 1174 putchar(')'); 1175 } 1176 putchar('\n'); 1177 } 1178 1179 void 1180 ktrsysret(struct ktr_sysret *ktr, u_int flags) 1181 { 1182 register_t ret = ktr->ktr_retval; 1183 int error = ktr->ktr_error; 1184 int code = ktr->ktr_code; 1185 1186 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1187 (code >= nsyscalls || code < 0)) 1188 printf("[%d] ", code); 1189 else 1190 printf("%s ", syscallnames[code]); 1191 1192 if (error == 0) { 1193 if (fancy) { 1194 printf("%ld", (long)ret); 1195 if (ret < 0 || ret > 9) 1196 printf("/%#lx", (unsigned long)ret); 1197 } else { 1198 if (decimal) 1199 printf("%ld", (long)ret); 1200 else 1201 printf("%#lx", (unsigned long)ret); 1202 } 1203 } else if (error == ERESTART) 1204 printf("RESTART"); 1205 else if (error == EJUSTRETURN) 1206 printf("JUSTRETURN"); 1207 else { 1208 printf("-1 errno %d", ktr->ktr_error); 1209 if (fancy) 1210 printf(" %s", strerror(ktr->ktr_error)); 1211 } 1212 putchar('\n'); 1213 } 1214 1215 void 1216 ktrnamei(char *cp, int len) 1217 { 1218 printf("\"%.*s\"\n", len, cp); 1219 } 1220 1221 void 1222 hexdump(char *p, int len, int screenwidth) 1223 { 1224 int n, i; 1225 int width; 1226 1227 width = 0; 1228 do { 1229 width += 2; 1230 i = 13; /* base offset */ 1231 i += (width / 2) + 1; /* spaces every second byte */ 1232 i += (width * 2); /* width of bytes */ 1233 i += 3; /* " |" */ 1234 i += width; /* each byte */ 1235 i += 1; /* "|" */ 1236 } while (i < screenwidth); 1237 width -= 2; 1238 1239 for (n = 0; n < len; n += width) { 1240 for (i = n; i < n + width; i++) { 1241 if ((i % width) == 0) { /* beginning of line */ 1242 printf(" 0x%04x", i); 1243 } 1244 if ((i % 2) == 0) { 1245 printf(" "); 1246 } 1247 if (i < len) 1248 printf("%02x", p[i] & 0xff); 1249 else 1250 printf(" "); 1251 } 1252 printf(" |"); 1253 for (i = n; i < n + width; i++) { 1254 if (i >= len) 1255 break; 1256 if (p[i] >= ' ' && p[i] <= '~') 1257 printf("%c", p[i]); 1258 else 1259 printf("."); 1260 } 1261 printf("|\n"); 1262 } 1263 if ((i % width) != 0) 1264 printf("\n"); 1265 } 1266 1267 void 1268 visdump(char *dp, int datalen, int screenwidth) 1269 { 1270 int col = 0; 1271 char *cp; 1272 int width; 1273 char visbuf[5]; 1274 1275 printf(" \""); 1276 col = 8; 1277 for (;datalen > 0; datalen--, dp++) { 1278 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1279 cp = visbuf; 1280 /* 1281 * Keep track of printables and 1282 * space chars (like fold(1)). 1283 */ 1284 if (col == 0) { 1285 putchar('\t'); 1286 col = 8; 1287 } 1288 switch(*cp) { 1289 case '\n': 1290 col = 0; 1291 putchar('\n'); 1292 continue; 1293 case '\t': 1294 width = 8 - (col&07); 1295 break; 1296 default: 1297 width = strlen(cp); 1298 } 1299 if (col + width > (screenwidth-2)) { 1300 printf("\\\n\t"); 1301 col = 8; 1302 } 1303 col += width; 1304 do { 1305 putchar(*cp++); 1306 } while (*cp); 1307 } 1308 if (col == 0) 1309 printf(" "); 1310 printf("\"\n"); 1311 } 1312 1313 void 1314 ktrgenio(struct ktr_genio *ktr, int len) 1315 { 1316 int datalen = len - sizeof (struct ktr_genio); 1317 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1318 static int screenwidth = 0; 1319 int i, binary; 1320 1321 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1322 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1323 datalen == 1 ? "" : "s"); 1324 if (suppressdata) 1325 return; 1326 if (screenwidth == 0) { 1327 struct winsize ws; 1328 1329 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1330 ws.ws_col > 8) 1331 screenwidth = ws.ws_col; 1332 else 1333 screenwidth = 80; 1334 } 1335 if (maxdata && datalen > maxdata) 1336 datalen = maxdata; 1337 1338 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1339 if (dp[i] >= 32 && dp[i] < 127) 1340 continue; 1341 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1342 continue; 1343 binary = 1; 1344 } 1345 if (binary) 1346 hexdump(dp, datalen, screenwidth); 1347 else 1348 visdump(dp, datalen, screenwidth); 1349 } 1350 1351 const char *signames[] = { 1352 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1353 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1354 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1355 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1356 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1357 "USR2", NULL, /* 31 - 32 */ 1358 }; 1359 1360 void 1361 ktrpsig(struct ktr_psig *psig) 1362 { 1363 if (psig->signo > 0 && psig->signo < NSIG) 1364 printf("SIG%s ", signames[psig->signo]); 1365 else 1366 printf("SIG %d ", psig->signo); 1367 if (psig->action == SIG_DFL) { 1368 printf("SIG_DFL code="); 1369 sigcodename(psig->signo, psig->code); 1370 putchar('\n'); 1371 } else { 1372 printf("caught handler=0x%lx mask=0x%x code=", 1373 (u_long)psig->action, psig->mask.__bits[0]); 1374 sigcodename(psig->signo, psig->code); 1375 putchar('\n'); 1376 } 1377 } 1378 1379 void 1380 ktrcsw_old(struct ktr_csw_old *cs) 1381 { 1382 printf("%s %s\n", cs->out ? "stop" : "resume", 1383 cs->user ? "user" : "kernel"); 1384 } 1385 1386 void 1387 ktrcsw(struct ktr_csw *cs) 1388 { 1389 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1390 cs->user ? "user" : "kernel", cs->wmesg); 1391 } 1392 1393 #define UTRACE_DLOPEN_START 1 1394 #define UTRACE_DLOPEN_STOP 2 1395 #define UTRACE_DLCLOSE_START 3 1396 #define UTRACE_DLCLOSE_STOP 4 1397 #define UTRACE_LOAD_OBJECT 5 1398 #define UTRACE_UNLOAD_OBJECT 6 1399 #define UTRACE_ADD_RUNDEP 7 1400 #define UTRACE_PRELOAD_FINISHED 8 1401 #define UTRACE_INIT_CALL 9 1402 #define UTRACE_FINI_CALL 10 1403 1404 struct utrace_rtld { 1405 char sig[4]; /* 'RTLD' */ 1406 int event; 1407 void *handle; 1408 void *mapbase; 1409 size_t mapsize; 1410 int refcnt; 1411 char name[MAXPATHLEN]; 1412 }; 1413 1414 void 1415 ktruser_rtld(int len, unsigned char *p) 1416 { 1417 struct utrace_rtld *ut = (struct utrace_rtld *)p; 1418 void *parent; 1419 int mode; 1420 1421 switch (ut->event) { 1422 case UTRACE_DLOPEN_START: 1423 mode = ut->refcnt; 1424 printf("dlopen(%s, ", ut->name); 1425 switch (mode & RTLD_MODEMASK) { 1426 case RTLD_NOW: 1427 printf("RTLD_NOW"); 1428 break; 1429 case RTLD_LAZY: 1430 printf("RTLD_LAZY"); 1431 break; 1432 default: 1433 printf("%#x", mode & RTLD_MODEMASK); 1434 } 1435 if (mode & RTLD_GLOBAL) 1436 printf(" | RTLD_GLOBAL"); 1437 if (mode & RTLD_TRACE) 1438 printf(" | RTLD_TRACE"); 1439 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1440 printf(" | %#x", mode & 1441 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1442 printf(")\n"); 1443 break; 1444 case UTRACE_DLOPEN_STOP: 1445 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1446 ut->refcnt); 1447 break; 1448 case UTRACE_DLCLOSE_START: 1449 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1450 ut->refcnt); 1451 break; 1452 case UTRACE_DLCLOSE_STOP: 1453 printf("dlclose(%p) finished\n", ut->handle); 1454 break; 1455 case UTRACE_LOAD_OBJECT: 1456 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1457 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1458 ut->name); 1459 break; 1460 case UTRACE_UNLOAD_OBJECT: 1461 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1462 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1463 ut->name); 1464 break; 1465 case UTRACE_ADD_RUNDEP: 1466 parent = ut->mapbase; 1467 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1468 ut->handle, ut->name, ut->refcnt); 1469 break; 1470 case UTRACE_PRELOAD_FINISHED: 1471 printf("RTLD: LD_PRELOAD finished\n"); 1472 break; 1473 case UTRACE_INIT_CALL: 1474 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1475 ut->name); 1476 break; 1477 case UTRACE_FINI_CALL: 1478 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1479 ut->name); 1480 break; 1481 default: 1482 p += 4; 1483 len -= 4; 1484 printf("RTLD: %d ", len); 1485 while (len--) 1486 if (decimal) 1487 printf(" %d", *p++); 1488 else 1489 printf(" %02x", *p++); 1490 printf("\n"); 1491 } 1492 } 1493 1494 struct utrace_malloc { 1495 void *p; 1496 size_t s; 1497 void *r; 1498 }; 1499 1500 void 1501 ktruser_malloc(unsigned char *p) 1502 { 1503 struct utrace_malloc *ut = (struct utrace_malloc *)p; 1504 1505 if (ut->p == (void *)(intptr_t)(-1)) 1506 printf("malloc_init()\n"); 1507 else if (ut->s == 0) 1508 printf("free(%p)\n", ut->p); 1509 else if (ut->p == NULL) 1510 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1511 else 1512 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1513 } 1514 1515 void 1516 ktruser(int len, unsigned char *p) 1517 { 1518 1519 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1520 ktruser_rtld(len, p); 1521 return; 1522 } 1523 1524 if (len == sizeof(struct utrace_malloc)) { 1525 ktruser_malloc(p); 1526 return; 1527 } 1528 1529 printf("%d ", len); 1530 while (len--) 1531 if (decimal) 1532 printf(" %d", *p++); 1533 else 1534 printf(" %02x", *p++); 1535 printf("\n"); 1536 } 1537 1538 void 1539 ktrsockaddr(struct sockaddr *sa) 1540 { 1541 /* 1542 TODO: Support additional address families 1543 #include <netnatm/natm.h> 1544 struct sockaddr_natm *natm; 1545 #include <netsmb/netbios.h> 1546 struct sockaddr_nb *nb; 1547 */ 1548 char addr[64]; 1549 1550 /* 1551 * note: ktrstruct() has already verified that sa points to a 1552 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1553 * sa->sa_len bytes long. 1554 */ 1555 printf("struct sockaddr { "); 1556 sockfamilyname(sa->sa_family); 1557 printf(", "); 1558 1559 #define check_sockaddr_len(n) \ 1560 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1561 printf("invalid"); \ 1562 break; \ 1563 } 1564 1565 switch(sa->sa_family) { 1566 case AF_INET: { 1567 struct sockaddr_in sa_in; 1568 1569 memset(&sa_in, 0, sizeof(sa_in)); 1570 memcpy(&sa_in, sa, sa->sa_len); 1571 check_sockaddr_len(in); 1572 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1573 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1574 break; 1575 } 1576 #ifdef NETATALK 1577 case AF_APPLETALK: { 1578 struct sockaddr_at sa_at; 1579 struct netrange *nr; 1580 1581 memset(&sa_at, 0, sizeof(sa_at)); 1582 memcpy(&sa_at, sa, sa->sa_len); 1583 check_sockaddr_len(at); 1584 nr = &sa_at.sat_range.r_netrange; 1585 printf("%d.%d, %d-%d, %d", ntohs(sa_at.sat_addr.s_net), 1586 sa_at.sat_addr.s_node, ntohs(nr->nr_firstnet), 1587 ntohs(nr->nr_lastnet), nr->nr_phase); 1588 break; 1589 } 1590 #endif 1591 case AF_INET6: { 1592 struct sockaddr_in6 sa_in6; 1593 1594 memset(&sa_in6, 0, sizeof(sa_in6)); 1595 memcpy(&sa_in6, sa, sa->sa_len); 1596 check_sockaddr_len(in6); 1597 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1598 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1599 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1600 break; 1601 } 1602 #ifdef IPX 1603 case AF_IPX: { 1604 struct sockaddr_ipx sa_ipx; 1605 1606 memset(&sa_ipx, 0, sizeof(sa_ipx)); 1607 memcpy(&sa_ipx, sa, sa->sa_len); 1608 check_sockaddr_len(ipx); 1609 /* XXX wish we had ipx_ntop */ 1610 printf("%s", ipx_ntoa(sa_ipx.sipx_addr)); 1611 free(sa_ipx); 1612 break; 1613 } 1614 #endif 1615 case AF_UNIX: { 1616 struct sockaddr_un sa_un; 1617 1618 memset(&sa_un, 0, sizeof(sa_un)); 1619 memcpy(&sa_un, sa, sa->sa_len); 1620 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1621 break; 1622 } 1623 default: 1624 printf("unknown address family"); 1625 } 1626 printf(" }\n"); 1627 } 1628 1629 void 1630 ktrstat(struct stat *statp) 1631 { 1632 char mode[12], timestr[PATH_MAX + 4]; 1633 struct passwd *pwd; 1634 struct group *grp; 1635 struct tm *tm; 1636 1637 /* 1638 * note: ktrstruct() has already verified that statp points to a 1639 * buffer exactly sizeof(struct stat) bytes long. 1640 */ 1641 printf("struct stat {"); 1642 strmode(statp->st_mode, mode); 1643 printf("dev=%ju, ino=%ju, mode=%s, nlink=%ju, ", 1644 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino, mode, 1645 (uintmax_t)statp->st_nlink); 1646 if (resolv == 0 || (pwd = getpwuid(statp->st_uid)) == NULL) 1647 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1648 else 1649 printf("uid=\"%s\", ", pwd->pw_name); 1650 if (resolv == 0 || (grp = getgrgid(statp->st_gid)) == NULL) 1651 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1652 else 1653 printf("gid=\"%s\", ", grp->gr_name); 1654 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1655 printf("atime="); 1656 if (resolv == 0) 1657 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1658 else { 1659 tm = localtime(&statp->st_atim.tv_sec); 1660 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1661 printf("\"%s\"", timestr); 1662 } 1663 if (statp->st_atim.tv_nsec != 0) 1664 printf(".%09ld, ", statp->st_atim.tv_nsec); 1665 else 1666 printf(", "); 1667 printf("stime="); 1668 if (resolv == 0) 1669 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1670 else { 1671 tm = localtime(&statp->st_mtim.tv_sec); 1672 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1673 printf("\"%s\"", timestr); 1674 } 1675 if (statp->st_mtim.tv_nsec != 0) 1676 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1677 else 1678 printf(", "); 1679 printf("ctime="); 1680 if (resolv == 0) 1681 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1682 else { 1683 tm = localtime(&statp->st_ctim.tv_sec); 1684 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1685 printf("\"%s\"", timestr); 1686 } 1687 if (statp->st_ctim.tv_nsec != 0) 1688 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1689 else 1690 printf(", "); 1691 printf("birthtime="); 1692 if (resolv == 0) 1693 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1694 else { 1695 tm = localtime(&statp->st_birthtim.tv_sec); 1696 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1697 printf("\"%s\"", timestr); 1698 } 1699 if (statp->st_birthtim.tv_nsec != 0) 1700 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1701 else 1702 printf(", "); 1703 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1704 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1705 (intmax_t)statp->st_blocks, statp->st_flags); 1706 printf(" }\n"); 1707 } 1708 1709 void 1710 ktrstruct(char *buf, size_t buflen) 1711 { 1712 char *name, *data; 1713 size_t namelen, datalen; 1714 int i; 1715 struct stat sb; 1716 struct sockaddr_storage ss; 1717 1718 for (name = buf, namelen = 0; 1719 namelen < buflen && name[namelen] != '\0'; 1720 ++namelen) 1721 /* nothing */; 1722 if (namelen == buflen) 1723 goto invalid; 1724 if (name[namelen] != '\0') 1725 goto invalid; 1726 data = buf + namelen + 1; 1727 datalen = buflen - namelen - 1; 1728 if (datalen == 0) 1729 goto invalid; 1730 /* sanity check */ 1731 for (i = 0; i < (int)namelen; ++i) 1732 if (!isalpha(name[i])) 1733 goto invalid; 1734 if (strcmp(name, "stat") == 0) { 1735 if (datalen != sizeof(struct stat)) 1736 goto invalid; 1737 memcpy(&sb, data, datalen); 1738 ktrstat(&sb); 1739 } else if (strcmp(name, "sockaddr") == 0) { 1740 if (datalen > sizeof(ss)) 1741 goto invalid; 1742 memcpy(&ss, data, datalen); 1743 if (datalen != ss.ss_len) 1744 goto invalid; 1745 ktrsockaddr((struct sockaddr *)&ss); 1746 } else { 1747 printf("unknown structure\n"); 1748 } 1749 return; 1750 invalid: 1751 printf("invalid record\n"); 1752 } 1753 1754 void 1755 ktrcapfail(struct ktr_cap_fail *ktr) 1756 { 1757 switch (ktr->cap_type) { 1758 case CAPFAIL_NOTCAPABLE: 1759 /* operation on fd with insufficient capabilities */ 1760 printf("operation requires "); 1761 capname((intmax_t)ktr->cap_needed); 1762 printf(", process holds "); 1763 capname((intmax_t)ktr->cap_held); 1764 break; 1765 case CAPFAIL_INCREASE: 1766 /* requested more capabilities than fd already has */ 1767 printf("attempt to increase capabilities from "); 1768 capname((intmax_t)ktr->cap_held); 1769 printf(" to "); 1770 capname((intmax_t)ktr->cap_needed); 1771 break; 1772 case CAPFAIL_SYSCALL: 1773 /* called restricted syscall */ 1774 printf("disallowed system call"); 1775 break; 1776 case CAPFAIL_LOOKUP: 1777 /* used ".." in strict-relative mode */ 1778 printf("restricted VFS lookup"); 1779 break; 1780 default: 1781 printf("unknown capability failure: "); 1782 capname((intmax_t)ktr->cap_needed); 1783 printf(" "); 1784 capname((intmax_t)ktr->cap_held); 1785 break; 1786 } 1787 printf("\n"); 1788 } 1789 1790 void 1791 ktrfault(struct ktr_fault *ktr) 1792 { 1793 1794 printf("0x%jx ", ktr->vaddr); 1795 vmprotname(ktr->type); 1796 printf("\n"); 1797 } 1798 1799 void 1800 ktrfaultend(struct ktr_faultend *ktr) 1801 { 1802 1803 vmresultname(ktr->result); 1804 printf("\n"); 1805 } 1806 1807 #if defined(__amd64__) || defined(__i386__) 1808 void 1809 linux_ktrsyscall(struct ktr_syscall *ktr) 1810 { 1811 int narg = ktr->ktr_narg; 1812 register_t *ip; 1813 1814 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0) 1815 printf("[%d]", ktr->ktr_code); 1816 else 1817 printf("%s", linux_syscallnames[ktr->ktr_code]); 1818 ip = &ktr->ktr_args[0]; 1819 if (narg) { 1820 char c = '('; 1821 while (narg > 0) 1822 print_number(ip, narg, c); 1823 putchar(')'); 1824 } 1825 putchar('\n'); 1826 } 1827 1828 void 1829 linux_ktrsysret(struct ktr_sysret *ktr) 1830 { 1831 register_t ret = ktr->ktr_retval; 1832 int error = ktr->ktr_error; 1833 int code = ktr->ktr_code; 1834 1835 if (code >= nlinux_syscalls || code < 0) 1836 printf("[%d] ", code); 1837 else 1838 printf("%s ", linux_syscallnames[code]); 1839 1840 if (error == 0) { 1841 if (fancy) { 1842 printf("%ld", (long)ret); 1843 if (ret < 0 || ret > 9) 1844 printf("/%#lx", (unsigned long)ret); 1845 } else { 1846 if (decimal) 1847 printf("%ld", (long)ret); 1848 else 1849 printf("%#lx", (unsigned long)ret); 1850 } 1851 } else if (error == ERESTART) 1852 printf("RESTART"); 1853 else if (error == EJUSTRETURN) 1854 printf("JUSTRETURN"); 1855 else { 1856 if (ktr->ktr_error <= ELAST + 1) 1857 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 1858 else 1859 error = 999; 1860 printf("-1 errno %d", error); 1861 if (fancy) 1862 printf(" %s", strerror(ktr->ktr_error)); 1863 } 1864 putchar('\n'); 1865 } 1866 #endif 1867 1868 void 1869 usage(void) 1870 { 1871 fprintf(stderr, "usage: kdump [-dEnlHRrsTA] [-f trfile] " 1872 "[-m maxdata] [-p pid] [-t trstr]\n"); 1873 exit(1); 1874 } 1875