1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/capability.h> 50 #include <sys/errno.h> 51 #define _KERNEL 52 #include <sys/time.h> 53 #undef _KERNEL 54 #include <sys/uio.h> 55 #include <sys/ktrace.h> 56 #include <sys/ioctl.h> 57 #include <sys/socket.h> 58 #include <sys/stat.h> 59 #include <sys/sysent.h> 60 #include <sys/un.h> 61 #include <sys/queue.h> 62 #ifdef IPX 63 #include <sys/types.h> 64 #include <netipx/ipx.h> 65 #endif 66 #ifdef NETATALK 67 #include <netatalk/at.h> 68 #endif 69 #include <arpa/inet.h> 70 #include <netinet/in.h> 71 #include <ctype.h> 72 #include <dlfcn.h> 73 #include <err.h> 74 #include <grp.h> 75 #include <inttypes.h> 76 #include <locale.h> 77 #include <netdb.h> 78 #include <nl_types.h> 79 #include <pwd.h> 80 #include <stdio.h> 81 #include <stdlib.h> 82 #include <string.h> 83 #include <termios.h> 84 #include <time.h> 85 #include <unistd.h> 86 #include <vis.h> 87 #include "ktrace.h" 88 #include "kdump_subr.h" 89 90 u_int abidump(struct ktr_header *); 91 int fetchprocinfo(struct ktr_header *, u_int *); 92 int fread_tail(void *, int, int); 93 void dumpheader(struct ktr_header *); 94 void ktrsyscall(struct ktr_syscall *, u_int); 95 void ktrsysret(struct ktr_sysret *, u_int); 96 void ktrnamei(char *, int); 97 void hexdump(char *, int, int); 98 void visdump(char *, int, int); 99 void ktrgenio(struct ktr_genio *, int); 100 void ktrpsig(struct ktr_psig *); 101 void ktrcsw(struct ktr_csw *); 102 void ktrcsw_old(struct ktr_csw_old *); 103 void ktruser_malloc(unsigned char *); 104 void ktruser_rtld(int, unsigned char *); 105 void ktruser(int, unsigned char *); 106 void ktrsockaddr(struct sockaddr *); 107 void ktrstat(struct stat *); 108 void ktrstruct(char *, size_t); 109 void ktrcapfail(struct ktr_cap_fail *); 110 void ktrfault(struct ktr_fault *); 111 void ktrfaultend(struct ktr_faultend *); 112 void limitfd(int fd); 113 void usage(void); 114 void ioctlname(unsigned long, int); 115 116 int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 117 resolv = 0, abiflag = 0; 118 const char *tracefile = DEF_TRACEFILE; 119 struct ktr_header ktr_header; 120 121 #define TIME_FORMAT "%b %e %T %Y" 122 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 123 124 #define print_number(i,n,c) do { \ 125 if (decimal) \ 126 printf("%c%jd", c, (intmax_t)*i); \ 127 else \ 128 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 129 i++; \ 130 n--; \ 131 c = ','; \ 132 } while (0) 133 134 #if defined(__amd64__) || defined(__i386__) 135 136 void linux_ktrsyscall(struct ktr_syscall *); 137 void linux_ktrsysret(struct ktr_sysret *); 138 extern char *linux_syscallnames[]; 139 extern int nlinux_syscalls; 140 141 /* 142 * from linux.h 143 * Linux syscalls return negative errno's, we do positive and map them 144 */ 145 static int bsd_to_linux_errno[ELAST + 1] = { 146 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 147 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 148 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 149 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 150 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 151 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 152 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 153 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 154 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 155 -72, -67, -71 156 }; 157 #endif 158 159 struct proc_info 160 { 161 TAILQ_ENTRY(proc_info) info; 162 u_int sv_flags; 163 pid_t pid; 164 }; 165 166 TAILQ_HEAD(trace_procs, proc_info) trace_procs; 167 168 int 169 main(int argc, char *argv[]) 170 { 171 int ch, ktrlen, size; 172 void *m; 173 int trpoints = ALL_POINTS; 174 int drop_logged; 175 pid_t pid = 0; 176 u_int sv_flags; 177 178 setlocale(LC_CTYPE, ""); 179 180 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrsTt:")) != -1) 181 switch (ch) { 182 case 'A': 183 abiflag = 1; 184 break; 185 case 'f': 186 tracefile = optarg; 187 break; 188 case 'd': 189 decimal = 1; 190 break; 191 case 'l': 192 tail = 1; 193 break; 194 case 'm': 195 maxdata = atoi(optarg); 196 break; 197 case 'n': 198 fancy = 0; 199 break; 200 case 'p': 201 pid = atoi(optarg); 202 break; 203 case 'r': 204 resolv = 1; 205 break; 206 case 's': 207 suppressdata = 1; 208 break; 209 case 'E': 210 timestamp = 3; /* elapsed timestamp */ 211 break; 212 case 'H': 213 threads = 1; 214 break; 215 case 'R': 216 timestamp = 2; /* relative timestamp */ 217 break; 218 case 'T': 219 timestamp = 1; 220 break; 221 case 't': 222 trpoints = getpoints(optarg); 223 if (trpoints < 0) 224 errx(1, "unknown trace point in %s", optarg); 225 break; 226 default: 227 usage(); 228 } 229 230 if (argc > optind) 231 usage(); 232 233 m = malloc(size = 1025); 234 if (m == NULL) 235 errx(1, "%s", strerror(ENOMEM)); 236 if (!freopen(tracefile, "r", stdin)) 237 err(1, "%s", tracefile); 238 239 /* 240 * Cache NLS data before entering capability mode. 241 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 242 */ 243 (void)catopen("libc", NL_CAT_LOCALE); 244 if (resolv == 0) { 245 if (cap_enter() < 0 && errno != ENOSYS) 246 err(1, "unable to enter capability mode"); 247 } 248 limitfd(STDIN_FILENO); 249 limitfd(STDOUT_FILENO); 250 limitfd(STDERR_FILENO); 251 252 TAILQ_INIT(&trace_procs); 253 drop_logged = 0; 254 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 255 if (ktr_header.ktr_type & KTR_DROP) { 256 ktr_header.ktr_type &= ~KTR_DROP; 257 if (!drop_logged && threads) { 258 printf( 259 "%6jd %6jd %-8.*s Events dropped.\n", 260 (intmax_t)ktr_header.ktr_pid, 261 ktr_header.ktr_tid > 0 ? 262 (intmax_t)ktr_header.ktr_tid : 0, 263 MAXCOMLEN, ktr_header.ktr_comm); 264 drop_logged = 1; 265 } else if (!drop_logged) { 266 printf("%6jd %-8.*s Events dropped.\n", 267 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 268 ktr_header.ktr_comm); 269 drop_logged = 1; 270 } 271 } 272 if (trpoints & (1<<ktr_header.ktr_type)) 273 if (pid == 0 || ktr_header.ktr_pid == pid || 274 ktr_header.ktr_tid == pid) 275 dumpheader(&ktr_header); 276 if ((ktrlen = ktr_header.ktr_len) < 0) 277 errx(1, "bogus length 0x%x", ktrlen); 278 if (ktrlen > size) { 279 m = realloc(m, ktrlen+1); 280 if (m == NULL) 281 errx(1, "%s", strerror(ENOMEM)); 282 size = ktrlen; 283 } 284 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 285 errx(1, "data too short"); 286 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 287 continue; 288 sv_flags = abidump(&ktr_header); 289 if (pid && ktr_header.ktr_pid != pid && 290 ktr_header.ktr_tid != pid) 291 continue; 292 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 293 continue; 294 drop_logged = 0; 295 switch (ktr_header.ktr_type) { 296 case KTR_SYSCALL: 297 #if defined(__amd64__) || defined(__i386__) 298 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 299 linux_ktrsyscall((struct ktr_syscall *)m); 300 else 301 #endif 302 ktrsyscall((struct ktr_syscall *)m, sv_flags); 303 break; 304 case KTR_SYSRET: 305 #if defined(__amd64__) || defined(__i386__) 306 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 307 linux_ktrsysret((struct ktr_sysret *)m); 308 else 309 #endif 310 ktrsysret((struct ktr_sysret *)m, sv_flags); 311 break; 312 case KTR_NAMEI: 313 case KTR_SYSCTL: 314 ktrnamei(m, ktrlen); 315 break; 316 case KTR_GENIO: 317 ktrgenio((struct ktr_genio *)m, ktrlen); 318 break; 319 case KTR_PSIG: 320 ktrpsig((struct ktr_psig *)m); 321 break; 322 case KTR_CSW: 323 if (ktrlen == sizeof(struct ktr_csw_old)) 324 ktrcsw_old((struct ktr_csw_old *)m); 325 else 326 ktrcsw((struct ktr_csw *)m); 327 break; 328 case KTR_USER: 329 ktruser(ktrlen, m); 330 break; 331 case KTR_STRUCT: 332 ktrstruct(m, ktrlen); 333 break; 334 case KTR_CAPFAIL: 335 ktrcapfail((struct ktr_cap_fail *)m); 336 break; 337 case KTR_FAULT: 338 ktrfault((struct ktr_fault *)m); 339 break; 340 case KTR_FAULTEND: 341 ktrfaultend((struct ktr_faultend *)m); 342 break; 343 default: 344 printf("\n"); 345 break; 346 } 347 if (tail) 348 fflush(stdout); 349 } 350 return 0; 351 } 352 353 void 354 limitfd(int fd) 355 { 356 cap_rights_t rights; 357 unsigned long cmd; 358 359 rights = CAP_FSTAT; 360 cmd = -1; 361 362 switch (fd) { 363 case STDIN_FILENO: 364 rights |= CAP_READ; 365 break; 366 case STDOUT_FILENO: 367 rights |= CAP_IOCTL | CAP_WRITE; 368 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 369 break; 370 case STDERR_FILENO: 371 rights |= CAP_WRITE; 372 if (!suppressdata) { 373 rights |= CAP_IOCTL; 374 cmd = TIOCGWINSZ; 375 } 376 break; 377 default: 378 abort(); 379 } 380 381 if (cap_rights_limit(fd, rights) < 0 && errno != ENOSYS) 382 err(1, "unable to limit rights for descriptor %d", fd); 383 if (cmd != -1 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 384 err(1, "unable to limit ioctls for descriptor %d", fd); 385 } 386 387 int 388 fread_tail(void *buf, int size, int num) 389 { 390 int i; 391 392 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 393 sleep(1); 394 clearerr(stdin); 395 } 396 return (i); 397 } 398 399 int 400 fetchprocinfo(struct ktr_header *kth, u_int *flags) 401 { 402 struct proc_info *pi; 403 404 switch (kth->ktr_type) { 405 case KTR_PROCCTOR: 406 TAILQ_FOREACH(pi, &trace_procs, info) { 407 if (pi->pid == kth->ktr_pid) { 408 TAILQ_REMOVE(&trace_procs, pi, info); 409 break; 410 } 411 } 412 pi = malloc(sizeof(struct proc_info)); 413 if (pi == NULL) 414 errx(1, "%s", strerror(ENOMEM)); 415 pi->sv_flags = *flags; 416 pi->pid = kth->ktr_pid; 417 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 418 return (1); 419 420 case KTR_PROCDTOR: 421 TAILQ_FOREACH(pi, &trace_procs, info) { 422 if (pi->pid == kth->ktr_pid) { 423 TAILQ_REMOVE(&trace_procs, pi, info); 424 free(pi); 425 break; 426 } 427 } 428 return (1); 429 } 430 431 return (0); 432 } 433 434 u_int 435 abidump(struct ktr_header *kth) 436 { 437 struct proc_info *pi; 438 const char *abi; 439 const char *arch; 440 u_int flags = 0; 441 442 TAILQ_FOREACH(pi, &trace_procs, info) { 443 if (pi->pid == kth->ktr_pid) { 444 flags = pi->sv_flags; 445 break; 446 } 447 } 448 449 if (abiflag == 0) 450 return (flags); 451 452 switch (flags & SV_ABI_MASK) { 453 case SV_ABI_LINUX: 454 abi = "L"; 455 break; 456 case SV_ABI_FREEBSD: 457 abi = "F"; 458 break; 459 default: 460 abi = "U"; 461 break; 462 } 463 464 if (flags != 0) { 465 if (flags & SV_LP64) 466 arch = "64"; 467 else 468 arch = "32"; 469 } else 470 arch = "00"; 471 472 printf("%s%s ", abi, arch); 473 474 return (flags); 475 } 476 477 void 478 dumpheader(struct ktr_header *kth) 479 { 480 static char unknown[64]; 481 static struct timeval prevtime, temp; 482 const char *type; 483 484 switch (kth->ktr_type) { 485 case KTR_SYSCALL: 486 type = "CALL"; 487 break; 488 case KTR_SYSRET: 489 type = "RET "; 490 break; 491 case KTR_NAMEI: 492 type = "NAMI"; 493 break; 494 case KTR_GENIO: 495 type = "GIO "; 496 break; 497 case KTR_PSIG: 498 type = "PSIG"; 499 break; 500 case KTR_CSW: 501 type = "CSW "; 502 break; 503 case KTR_USER: 504 type = "USER"; 505 break; 506 case KTR_STRUCT: 507 type = "STRU"; 508 break; 509 case KTR_SYSCTL: 510 type = "SCTL"; 511 break; 512 case KTR_PROCCTOR: 513 /* FALLTHROUGH */ 514 case KTR_PROCDTOR: 515 return; 516 case KTR_CAPFAIL: 517 type = "CAP "; 518 break; 519 case KTR_FAULT: 520 type = "PFLT"; 521 break; 522 case KTR_FAULTEND: 523 type = "PRET"; 524 break; 525 default: 526 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 527 type = unknown; 528 } 529 530 /* 531 * The ktr_tid field was previously the ktr_buffer field, which held 532 * the kernel pointer value for the buffer associated with data 533 * following the record header. It now holds a threadid, but only 534 * for trace files after the change. Older trace files still contain 535 * kernel pointers. Detect this and suppress the results by printing 536 * negative tid's as 0. 537 */ 538 if (threads) 539 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 540 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 541 MAXCOMLEN, kth->ktr_comm); 542 else 543 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 544 kth->ktr_comm); 545 if (timestamp) { 546 if (timestamp == 3) { 547 if (prevtime.tv_sec == 0) 548 prevtime = kth->ktr_time; 549 timevalsub(&kth->ktr_time, &prevtime); 550 } 551 if (timestamp == 2) { 552 temp = kth->ktr_time; 553 timevalsub(&kth->ktr_time, &prevtime); 554 prevtime = temp; 555 } 556 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 557 kth->ktr_time.tv_usec); 558 } 559 printf("%s ", type); 560 } 561 562 #include <sys/syscall.h> 563 #define KTRACE 564 #include <sys/kern/syscalls.c> 565 #undef KTRACE 566 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 567 568 void 569 ktrsyscall(struct ktr_syscall *ktr, u_int flags) 570 { 571 int narg = ktr->ktr_narg; 572 register_t *ip; 573 intmax_t arg; 574 575 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 576 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 577 printf("[%d]", ktr->ktr_code); 578 else 579 printf("%s", syscallnames[ktr->ktr_code]); 580 ip = &ktr->ktr_args[0]; 581 if (narg) { 582 char c = '('; 583 if (fancy && 584 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 585 switch (ktr->ktr_code) { 586 case SYS_ioctl: { 587 print_number(ip, narg, c); 588 putchar(c); 589 ioctlname(*ip, decimal); 590 c = ','; 591 ip++; 592 narg--; 593 break; 594 } 595 case SYS_ptrace: 596 putchar('('); 597 ptraceopname(*ip); 598 c = ','; 599 ip++; 600 narg--; 601 break; 602 case SYS_access: 603 case SYS_eaccess: 604 print_number(ip, narg, c); 605 putchar(','); 606 accessmodename(*ip); 607 ip++; 608 narg--; 609 break; 610 case SYS_open: 611 print_number(ip, narg, c); 612 putchar(','); 613 flagsandmodename(ip[0], ip[1], decimal); 614 ip += 2; 615 narg -= 2; 616 break; 617 case SYS_wait4: 618 print_number(ip, narg, c); 619 print_number(ip, narg, c); 620 putchar(','); 621 wait4optname(*ip); 622 ip++; 623 narg--; 624 break; 625 case SYS_chmod: 626 case SYS_fchmod: 627 case SYS_lchmod: 628 print_number(ip, narg, c); 629 putchar(','); 630 modename(*ip); 631 ip++; 632 narg--; 633 break; 634 case SYS_mknod: 635 print_number(ip, narg, c); 636 putchar(','); 637 modename(*ip); 638 ip++; 639 narg--; 640 break; 641 case SYS_getfsstat: 642 print_number(ip, narg, c); 643 print_number(ip, narg, c); 644 putchar(','); 645 getfsstatflagsname(*ip); 646 ip++; 647 narg--; 648 break; 649 case SYS_mount: 650 print_number(ip, narg, c); 651 print_number(ip, narg, c); 652 putchar(','); 653 mountflagsname(*ip); 654 ip++; 655 narg--; 656 break; 657 case SYS_unmount: 658 print_number(ip, narg, c); 659 putchar(','); 660 mountflagsname(*ip); 661 ip++; 662 narg--; 663 break; 664 case SYS_recvmsg: 665 case SYS_sendmsg: 666 print_number(ip, narg, c); 667 print_number(ip, narg, c); 668 putchar(','); 669 sendrecvflagsname(*ip); 670 ip++; 671 narg--; 672 break; 673 case SYS_recvfrom: 674 case SYS_sendto: 675 print_number(ip, narg, c); 676 print_number(ip, narg, c); 677 print_number(ip, narg, c); 678 putchar(','); 679 sendrecvflagsname(*ip); 680 ip++; 681 narg--; 682 break; 683 case SYS_chflags: 684 case SYS_fchflags: 685 case SYS_lchflags: 686 print_number(ip, narg, c); 687 putchar(','); 688 modename(*ip); 689 ip++; 690 narg--; 691 break; 692 case SYS_kill: 693 print_number(ip, narg, c); 694 putchar(','); 695 signame(*ip); 696 ip++; 697 narg--; 698 break; 699 case SYS_reboot: 700 putchar('('); 701 rebootoptname(*ip); 702 ip++; 703 narg--; 704 break; 705 case SYS_umask: 706 putchar('('); 707 modename(*ip); 708 ip++; 709 narg--; 710 break; 711 case SYS_msync: 712 print_number(ip, narg, c); 713 print_number(ip, narg, c); 714 putchar(','); 715 msyncflagsname(*ip); 716 ip++; 717 narg--; 718 break; 719 #ifdef SYS_freebsd6_mmap 720 case SYS_freebsd6_mmap: 721 print_number(ip, narg, c); 722 print_number(ip, narg, c); 723 putchar(','); 724 mmapprotname(*ip); 725 putchar(','); 726 ip++; 727 narg--; 728 mmapflagsname(*ip); 729 ip++; 730 narg--; 731 break; 732 #endif 733 case SYS_mmap: 734 print_number(ip, narg, c); 735 print_number(ip, narg, c); 736 putchar(','); 737 mmapprotname(*ip); 738 putchar(','); 739 ip++; 740 narg--; 741 mmapflagsname(*ip); 742 ip++; 743 narg--; 744 break; 745 case SYS_mprotect: 746 print_number(ip, narg, c); 747 print_number(ip, narg, c); 748 putchar(','); 749 mmapprotname(*ip); 750 ip++; 751 narg--; 752 break; 753 case SYS_madvise: 754 print_number(ip, narg, c); 755 print_number(ip, narg, c); 756 putchar(','); 757 madvisebehavname(*ip); 758 ip++; 759 narg--; 760 break; 761 case SYS_setpriority: 762 print_number(ip, narg, c); 763 print_number(ip, narg, c); 764 putchar(','); 765 prioname(*ip); 766 ip++; 767 narg--; 768 break; 769 case SYS_fcntl: 770 print_number(ip, narg, c); 771 putchar(','); 772 fcntlcmdname(ip[0], ip[1], decimal); 773 ip += 2; 774 narg -= 2; 775 break; 776 case SYS_socket: { 777 int sockdomain; 778 putchar('('); 779 sockdomain = *ip; 780 sockdomainname(sockdomain); 781 ip++; 782 narg--; 783 putchar(','); 784 socktypename(*ip); 785 ip++; 786 narg--; 787 if (sockdomain == PF_INET || 788 sockdomain == PF_INET6) { 789 putchar(','); 790 sockipprotoname(*ip); 791 ip++; 792 narg--; 793 } 794 c = ','; 795 break; 796 } 797 case SYS_setsockopt: 798 case SYS_getsockopt: 799 print_number(ip, narg, c); 800 putchar(','); 801 sockoptlevelname(*ip, decimal); 802 if (*ip == SOL_SOCKET) { 803 ip++; 804 narg--; 805 putchar(','); 806 sockoptname(*ip); 807 } 808 ip++; 809 narg--; 810 break; 811 #ifdef SYS_freebsd6_lseek 812 case SYS_freebsd6_lseek: 813 print_number(ip, narg, c); 814 /* Hidden 'pad' argument, not in lseek(2) */ 815 print_number(ip, narg, c); 816 print_number(ip, narg, c); 817 putchar(','); 818 whencename(*ip); 819 ip++; 820 narg--; 821 break; 822 #endif 823 case SYS_lseek: 824 print_number(ip, narg, c); 825 /* Hidden 'pad' argument, not in lseek(2) */ 826 print_number(ip, narg, c); 827 putchar(','); 828 whencename(*ip); 829 ip++; 830 narg--; 831 break; 832 case SYS_flock: 833 print_number(ip, narg, c); 834 putchar(','); 835 flockname(*ip); 836 ip++; 837 narg--; 838 break; 839 case SYS_mkfifo: 840 case SYS_mkdir: 841 print_number(ip, narg, c); 842 putchar(','); 843 modename(*ip); 844 ip++; 845 narg--; 846 break; 847 case SYS_shutdown: 848 print_number(ip, narg, c); 849 putchar(','); 850 shutdownhowname(*ip); 851 ip++; 852 narg--; 853 break; 854 case SYS_socketpair: 855 putchar('('); 856 sockdomainname(*ip); 857 ip++; 858 narg--; 859 putchar(','); 860 socktypename(*ip); 861 ip++; 862 narg--; 863 c = ','; 864 break; 865 case SYS_getrlimit: 866 case SYS_setrlimit: 867 putchar('('); 868 rlimitname(*ip); 869 ip++; 870 narg--; 871 c = ','; 872 break; 873 case SYS_quotactl: 874 print_number(ip, narg, c); 875 putchar(','); 876 quotactlname(*ip); 877 ip++; 878 narg--; 879 c = ','; 880 break; 881 case SYS_nfssvc: 882 putchar('('); 883 nfssvcname(*ip); 884 ip++; 885 narg--; 886 c = ','; 887 break; 888 case SYS_rtprio: 889 putchar('('); 890 rtprioname(*ip); 891 ip++; 892 narg--; 893 c = ','; 894 break; 895 case SYS___semctl: 896 print_number(ip, narg, c); 897 print_number(ip, narg, c); 898 putchar(','); 899 semctlname(*ip); 900 ip++; 901 narg--; 902 break; 903 case SYS_semget: 904 print_number(ip, narg, c); 905 print_number(ip, narg, c); 906 putchar(','); 907 semgetname(*ip); 908 ip++; 909 narg--; 910 break; 911 case SYS_msgctl: 912 print_number(ip, narg, c); 913 putchar(','); 914 shmctlname(*ip); 915 ip++; 916 narg--; 917 break; 918 case SYS_shmat: 919 print_number(ip, narg, c); 920 print_number(ip, narg, c); 921 putchar(','); 922 shmatname(*ip); 923 ip++; 924 narg--; 925 break; 926 case SYS_shmctl: 927 print_number(ip, narg, c); 928 putchar(','); 929 shmctlname(*ip); 930 ip++; 931 narg--; 932 break; 933 case SYS_minherit: 934 print_number(ip, narg, c); 935 print_number(ip, narg, c); 936 putchar(','); 937 minheritname(*ip); 938 ip++; 939 narg--; 940 break; 941 case SYS_rfork: 942 putchar('('); 943 rforkname(*ip); 944 ip++; 945 narg--; 946 c = ','; 947 break; 948 case SYS_lio_listio: 949 putchar('('); 950 lio_listioname(*ip); 951 ip++; 952 narg--; 953 c = ','; 954 break; 955 case SYS_mlockall: 956 putchar('('); 957 mlockallname(*ip); 958 ip++; 959 narg--; 960 break; 961 case SYS_sched_setscheduler: 962 print_number(ip, narg, c); 963 putchar(','); 964 schedpolicyname(*ip); 965 ip++; 966 narg--; 967 break; 968 case SYS_sched_get_priority_max: 969 case SYS_sched_get_priority_min: 970 putchar('('); 971 schedpolicyname(*ip); 972 ip++; 973 narg--; 974 break; 975 case SYS_sendfile: 976 print_number(ip, narg, c); 977 print_number(ip, narg, c); 978 print_number(ip, narg, c); 979 print_number(ip, narg, c); 980 print_number(ip, narg, c); 981 print_number(ip, narg, c); 982 putchar(','); 983 sendfileflagsname(*ip); 984 ip++; 985 narg--; 986 break; 987 case SYS_kldsym: 988 print_number(ip, narg, c); 989 putchar(','); 990 kldsymcmdname(*ip); 991 ip++; 992 narg--; 993 break; 994 case SYS_sigprocmask: 995 putchar('('); 996 sigprocmaskhowname(*ip); 997 ip++; 998 narg--; 999 c = ','; 1000 break; 1001 case SYS___acl_get_file: 1002 case SYS___acl_set_file: 1003 case SYS___acl_get_fd: 1004 case SYS___acl_set_fd: 1005 case SYS___acl_delete_file: 1006 case SYS___acl_delete_fd: 1007 case SYS___acl_aclcheck_file: 1008 case SYS___acl_aclcheck_fd: 1009 case SYS___acl_get_link: 1010 case SYS___acl_set_link: 1011 case SYS___acl_delete_link: 1012 case SYS___acl_aclcheck_link: 1013 print_number(ip, narg, c); 1014 putchar(','); 1015 acltypename(*ip); 1016 ip++; 1017 narg--; 1018 break; 1019 case SYS_sigaction: 1020 putchar('('); 1021 signame(*ip); 1022 ip++; 1023 narg--; 1024 c = ','; 1025 break; 1026 case SYS_extattrctl: 1027 print_number(ip, narg, c); 1028 putchar(','); 1029 extattrctlname(*ip); 1030 ip++; 1031 narg--; 1032 break; 1033 case SYS_nmount: 1034 print_number(ip, narg, c); 1035 print_number(ip, narg, c); 1036 putchar(','); 1037 mountflagsname(*ip); 1038 ip++; 1039 narg--; 1040 break; 1041 case SYS_thr_create: 1042 print_number(ip, narg, c); 1043 print_number(ip, narg, c); 1044 putchar(','); 1045 thrcreateflagsname(*ip); 1046 ip++; 1047 narg--; 1048 break; 1049 case SYS_thr_kill: 1050 print_number(ip, narg, c); 1051 putchar(','); 1052 signame(*ip); 1053 ip++; 1054 narg--; 1055 break; 1056 case SYS_kldunloadf: 1057 print_number(ip, narg, c); 1058 putchar(','); 1059 kldunloadfflagsname(*ip); 1060 ip++; 1061 narg--; 1062 break; 1063 case SYS_cap_new: 1064 case SYS_cap_rights_limit: 1065 print_number(ip, narg, c); 1066 putchar(','); 1067 arg = *ip; 1068 ip++; 1069 narg--; 1070 /* 1071 * Hack: the second argument is a 1072 * cap_rights_t, which 64 bits wide, so on 1073 * 32-bit systems, it is split between two 1074 * registers. 1075 * 1076 * Since sizeof() is not evaluated by the 1077 * preprocessor, we can't use an #ifdef, 1078 * but the compiler will probably optimize 1079 * the code out anyway. 1080 */ 1081 if (sizeof(cap_rights_t) > sizeof(register_t)) { 1082 #if _BYTE_ORDER == _LITTLE_ENDIAN 1083 arg = ((intmax_t)*ip << 32) + arg; 1084 #else 1085 arg = (arg << 32) + *ip; 1086 #endif 1087 ip++; 1088 narg--; 1089 } 1090 capname(arg); 1091 break; 1092 case SYS_cap_fcntls_limit: 1093 print_number(ip, narg, c); 1094 putchar(','); 1095 arg = *ip; 1096 ip++; 1097 narg--; 1098 capfcntlname(arg); 1099 break; 1100 case SYS_posix_fadvise: 1101 print_number(ip, narg, c); 1102 print_number(ip, narg, c); 1103 print_number(ip, narg, c); 1104 (void)putchar(','); 1105 fadvisebehavname((int)*ip); 1106 ip++; 1107 narg--; 1108 break; 1109 } 1110 } 1111 while (narg > 0) { 1112 print_number(ip, narg, c); 1113 } 1114 putchar(')'); 1115 } 1116 putchar('\n'); 1117 } 1118 1119 void 1120 ktrsysret(struct ktr_sysret *ktr, u_int flags) 1121 { 1122 register_t ret = ktr->ktr_retval; 1123 int error = ktr->ktr_error; 1124 int code = ktr->ktr_code; 1125 1126 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1127 (code >= nsyscalls || code < 0)) 1128 printf("[%d] ", code); 1129 else 1130 printf("%s ", syscallnames[code]); 1131 1132 if (error == 0) { 1133 if (fancy) { 1134 printf("%ld", (long)ret); 1135 if (ret < 0 || ret > 9) 1136 printf("/%#lx", (unsigned long)ret); 1137 } else { 1138 if (decimal) 1139 printf("%ld", (long)ret); 1140 else 1141 printf("%#lx", (unsigned long)ret); 1142 } 1143 } else if (error == ERESTART) 1144 printf("RESTART"); 1145 else if (error == EJUSTRETURN) 1146 printf("JUSTRETURN"); 1147 else { 1148 printf("-1 errno %d", ktr->ktr_error); 1149 if (fancy) 1150 printf(" %s", strerror(ktr->ktr_error)); 1151 } 1152 putchar('\n'); 1153 } 1154 1155 void 1156 ktrnamei(char *cp, int len) 1157 { 1158 printf("\"%.*s\"\n", len, cp); 1159 } 1160 1161 void 1162 hexdump(char *p, int len, int screenwidth) 1163 { 1164 int n, i; 1165 int width; 1166 1167 width = 0; 1168 do { 1169 width += 2; 1170 i = 13; /* base offset */ 1171 i += (width / 2) + 1; /* spaces every second byte */ 1172 i += (width * 2); /* width of bytes */ 1173 i += 3; /* " |" */ 1174 i += width; /* each byte */ 1175 i += 1; /* "|" */ 1176 } while (i < screenwidth); 1177 width -= 2; 1178 1179 for (n = 0; n < len; n += width) { 1180 for (i = n; i < n + width; i++) { 1181 if ((i % width) == 0) { /* beginning of line */ 1182 printf(" 0x%04x", i); 1183 } 1184 if ((i % 2) == 0) { 1185 printf(" "); 1186 } 1187 if (i < len) 1188 printf("%02x", p[i] & 0xff); 1189 else 1190 printf(" "); 1191 } 1192 printf(" |"); 1193 for (i = n; i < n + width; i++) { 1194 if (i >= len) 1195 break; 1196 if (p[i] >= ' ' && p[i] <= '~') 1197 printf("%c", p[i]); 1198 else 1199 printf("."); 1200 } 1201 printf("|\n"); 1202 } 1203 if ((i % width) != 0) 1204 printf("\n"); 1205 } 1206 1207 void 1208 visdump(char *dp, int datalen, int screenwidth) 1209 { 1210 int col = 0; 1211 char *cp; 1212 int width; 1213 char visbuf[5]; 1214 1215 printf(" \""); 1216 col = 8; 1217 for (;datalen > 0; datalen--, dp++) { 1218 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1219 cp = visbuf; 1220 /* 1221 * Keep track of printables and 1222 * space chars (like fold(1)). 1223 */ 1224 if (col == 0) { 1225 putchar('\t'); 1226 col = 8; 1227 } 1228 switch(*cp) { 1229 case '\n': 1230 col = 0; 1231 putchar('\n'); 1232 continue; 1233 case '\t': 1234 width = 8 - (col&07); 1235 break; 1236 default: 1237 width = strlen(cp); 1238 } 1239 if (col + width > (screenwidth-2)) { 1240 printf("\\\n\t"); 1241 col = 8; 1242 } 1243 col += width; 1244 do { 1245 putchar(*cp++); 1246 } while (*cp); 1247 } 1248 if (col == 0) 1249 printf(" "); 1250 printf("\"\n"); 1251 } 1252 1253 void 1254 ktrgenio(struct ktr_genio *ktr, int len) 1255 { 1256 int datalen = len - sizeof (struct ktr_genio); 1257 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1258 static int screenwidth = 0; 1259 int i, binary; 1260 1261 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1262 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1263 datalen == 1 ? "" : "s"); 1264 if (suppressdata) 1265 return; 1266 if (screenwidth == 0) { 1267 struct winsize ws; 1268 1269 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1270 ws.ws_col > 8) 1271 screenwidth = ws.ws_col; 1272 else 1273 screenwidth = 80; 1274 } 1275 if (maxdata && datalen > maxdata) 1276 datalen = maxdata; 1277 1278 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1279 if (dp[i] >= 32 && dp[i] < 127) 1280 continue; 1281 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1282 continue; 1283 binary = 1; 1284 } 1285 if (binary) 1286 hexdump(dp, datalen, screenwidth); 1287 else 1288 visdump(dp, datalen, screenwidth); 1289 } 1290 1291 const char *signames[] = { 1292 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1293 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1294 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1295 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1296 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1297 "USR2", NULL, /* 31 - 32 */ 1298 }; 1299 1300 void 1301 ktrpsig(struct ktr_psig *psig) 1302 { 1303 if (psig->signo > 0 && psig->signo < NSIG) 1304 printf("SIG%s ", signames[psig->signo]); 1305 else 1306 printf("SIG %d ", psig->signo); 1307 if (psig->action == SIG_DFL) { 1308 printf("SIG_DFL code="); 1309 sigcodename(psig->signo, psig->code); 1310 putchar('\n'); 1311 } else { 1312 printf("caught handler=0x%lx mask=0x%x code=", 1313 (u_long)psig->action, psig->mask.__bits[0]); 1314 sigcodename(psig->signo, psig->code); 1315 putchar('\n'); 1316 } 1317 } 1318 1319 void 1320 ktrcsw_old(struct ktr_csw_old *cs) 1321 { 1322 printf("%s %s\n", cs->out ? "stop" : "resume", 1323 cs->user ? "user" : "kernel"); 1324 } 1325 1326 void 1327 ktrcsw(struct ktr_csw *cs) 1328 { 1329 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1330 cs->user ? "user" : "kernel", cs->wmesg); 1331 } 1332 1333 #define UTRACE_DLOPEN_START 1 1334 #define UTRACE_DLOPEN_STOP 2 1335 #define UTRACE_DLCLOSE_START 3 1336 #define UTRACE_DLCLOSE_STOP 4 1337 #define UTRACE_LOAD_OBJECT 5 1338 #define UTRACE_UNLOAD_OBJECT 6 1339 #define UTRACE_ADD_RUNDEP 7 1340 #define UTRACE_PRELOAD_FINISHED 8 1341 #define UTRACE_INIT_CALL 9 1342 #define UTRACE_FINI_CALL 10 1343 1344 struct utrace_rtld { 1345 char sig[4]; /* 'RTLD' */ 1346 int event; 1347 void *handle; 1348 void *mapbase; 1349 size_t mapsize; 1350 int refcnt; 1351 char name[MAXPATHLEN]; 1352 }; 1353 1354 void 1355 ktruser_rtld(int len, unsigned char *p) 1356 { 1357 struct utrace_rtld *ut = (struct utrace_rtld *)p; 1358 void *parent; 1359 int mode; 1360 1361 switch (ut->event) { 1362 case UTRACE_DLOPEN_START: 1363 mode = ut->refcnt; 1364 printf("dlopen(%s, ", ut->name); 1365 switch (mode & RTLD_MODEMASK) { 1366 case RTLD_NOW: 1367 printf("RTLD_NOW"); 1368 break; 1369 case RTLD_LAZY: 1370 printf("RTLD_LAZY"); 1371 break; 1372 default: 1373 printf("%#x", mode & RTLD_MODEMASK); 1374 } 1375 if (mode & RTLD_GLOBAL) 1376 printf(" | RTLD_GLOBAL"); 1377 if (mode & RTLD_TRACE) 1378 printf(" | RTLD_TRACE"); 1379 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1380 printf(" | %#x", mode & 1381 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1382 printf(")\n"); 1383 break; 1384 case UTRACE_DLOPEN_STOP: 1385 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1386 ut->refcnt); 1387 break; 1388 case UTRACE_DLCLOSE_START: 1389 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1390 ut->refcnt); 1391 break; 1392 case UTRACE_DLCLOSE_STOP: 1393 printf("dlclose(%p) finished\n", ut->handle); 1394 break; 1395 case UTRACE_LOAD_OBJECT: 1396 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1397 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1398 ut->name); 1399 break; 1400 case UTRACE_UNLOAD_OBJECT: 1401 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1402 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1403 ut->name); 1404 break; 1405 case UTRACE_ADD_RUNDEP: 1406 parent = ut->mapbase; 1407 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1408 ut->handle, ut->name, ut->refcnt); 1409 break; 1410 case UTRACE_PRELOAD_FINISHED: 1411 printf("RTLD: LD_PRELOAD finished\n"); 1412 break; 1413 case UTRACE_INIT_CALL: 1414 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1415 ut->name); 1416 break; 1417 case UTRACE_FINI_CALL: 1418 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1419 ut->name); 1420 break; 1421 default: 1422 p += 4; 1423 len -= 4; 1424 printf("RTLD: %d ", len); 1425 while (len--) 1426 if (decimal) 1427 printf(" %d", *p++); 1428 else 1429 printf(" %02x", *p++); 1430 printf("\n"); 1431 } 1432 } 1433 1434 struct utrace_malloc { 1435 void *p; 1436 size_t s; 1437 void *r; 1438 }; 1439 1440 void 1441 ktruser_malloc(unsigned char *p) 1442 { 1443 struct utrace_malloc *ut = (struct utrace_malloc *)p; 1444 1445 if (ut->p == (void *)(intptr_t)(-1)) 1446 printf("malloc_init()\n"); 1447 else if (ut->s == 0) 1448 printf("free(%p)\n", ut->p); 1449 else if (ut->p == NULL) 1450 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1451 else 1452 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1453 } 1454 1455 void 1456 ktruser(int len, unsigned char *p) 1457 { 1458 1459 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1460 ktruser_rtld(len, p); 1461 return; 1462 } 1463 1464 if (len == sizeof(struct utrace_malloc)) { 1465 ktruser_malloc(p); 1466 return; 1467 } 1468 1469 printf("%d ", len); 1470 while (len--) 1471 if (decimal) 1472 printf(" %d", *p++); 1473 else 1474 printf(" %02x", *p++); 1475 printf("\n"); 1476 } 1477 1478 void 1479 ktrsockaddr(struct sockaddr *sa) 1480 { 1481 /* 1482 TODO: Support additional address families 1483 #include <netnatm/natm.h> 1484 struct sockaddr_natm *natm; 1485 #include <netsmb/netbios.h> 1486 struct sockaddr_nb *nb; 1487 */ 1488 char addr[64]; 1489 1490 /* 1491 * note: ktrstruct() has already verified that sa points to a 1492 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1493 * sa->sa_len bytes long. 1494 */ 1495 printf("struct sockaddr { "); 1496 sockfamilyname(sa->sa_family); 1497 printf(", "); 1498 1499 #define check_sockaddr_len(n) \ 1500 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1501 printf("invalid"); \ 1502 break; \ 1503 } 1504 1505 switch(sa->sa_family) { 1506 case AF_INET: { 1507 struct sockaddr_in sa_in; 1508 1509 memset(&sa_in, 0, sizeof(sa_in)); 1510 memcpy(&sa_in, sa, sa->sa_len); 1511 check_sockaddr_len(in); 1512 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1513 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1514 break; 1515 } 1516 #ifdef NETATALK 1517 case AF_APPLETALK: { 1518 struct sockaddr_at sa_at; 1519 struct netrange *nr; 1520 1521 memset(&sa_at, 0, sizeof(sa_at)); 1522 memcpy(&sa_at, sa, sa->sa_len); 1523 check_sockaddr_len(at); 1524 nr = &sa_at.sat_range.r_netrange; 1525 printf("%d.%d, %d-%d, %d", ntohs(sa_at.sat_addr.s_net), 1526 sa_at.sat_addr.s_node, ntohs(nr->nr_firstnet), 1527 ntohs(nr->nr_lastnet), nr->nr_phase); 1528 break; 1529 } 1530 #endif 1531 case AF_INET6: { 1532 struct sockaddr_in6 sa_in6; 1533 1534 memset(&sa_in6, 0, sizeof(sa_in6)); 1535 memcpy(&sa_in6, sa, sa->sa_len); 1536 check_sockaddr_len(in6); 1537 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1538 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1539 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1540 break; 1541 } 1542 #ifdef IPX 1543 case AF_IPX: { 1544 struct sockaddr_ipx sa_ipx; 1545 1546 memset(&sa_ipx, 0, sizeof(sa_ipx)); 1547 memcpy(&sa_ipx, sa, sa->sa_len); 1548 check_sockaddr_len(ipx); 1549 /* XXX wish we had ipx_ntop */ 1550 printf("%s", ipx_ntoa(sa_ipx.sipx_addr)); 1551 free(sa_ipx); 1552 break; 1553 } 1554 #endif 1555 case AF_UNIX: { 1556 struct sockaddr_un sa_un; 1557 1558 memset(&sa_un, 0, sizeof(sa_un)); 1559 memcpy(&sa_un, sa, sa->sa_len); 1560 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1561 break; 1562 } 1563 default: 1564 printf("unknown address family"); 1565 } 1566 printf(" }\n"); 1567 } 1568 1569 void 1570 ktrstat(struct stat *statp) 1571 { 1572 char mode[12], timestr[PATH_MAX + 4]; 1573 struct passwd *pwd; 1574 struct group *grp; 1575 struct tm *tm; 1576 1577 /* 1578 * note: ktrstruct() has already verified that statp points to a 1579 * buffer exactly sizeof(struct stat) bytes long. 1580 */ 1581 printf("struct stat {"); 1582 strmode(statp->st_mode, mode); 1583 printf("dev=%ju, ino=%ju, mode=%s, nlink=%ju, ", 1584 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino, mode, 1585 (uintmax_t)statp->st_nlink); 1586 if (resolv == 0 || (pwd = getpwuid(statp->st_uid)) == NULL) 1587 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1588 else 1589 printf("uid=\"%s\", ", pwd->pw_name); 1590 if (resolv == 0 || (grp = getgrgid(statp->st_gid)) == NULL) 1591 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1592 else 1593 printf("gid=\"%s\", ", grp->gr_name); 1594 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1595 printf("atime="); 1596 if (resolv == 0) 1597 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1598 else { 1599 tm = localtime(&statp->st_atim.tv_sec); 1600 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1601 printf("\"%s\"", timestr); 1602 } 1603 if (statp->st_atim.tv_nsec != 0) 1604 printf(".%09ld, ", statp->st_atim.tv_nsec); 1605 else 1606 printf(", "); 1607 printf("stime="); 1608 if (resolv == 0) 1609 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1610 else { 1611 tm = localtime(&statp->st_mtim.tv_sec); 1612 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1613 printf("\"%s\"", timestr); 1614 } 1615 if (statp->st_mtim.tv_nsec != 0) 1616 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1617 else 1618 printf(", "); 1619 printf("ctime="); 1620 if (resolv == 0) 1621 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1622 else { 1623 tm = localtime(&statp->st_ctim.tv_sec); 1624 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1625 printf("\"%s\"", timestr); 1626 } 1627 if (statp->st_ctim.tv_nsec != 0) 1628 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1629 else 1630 printf(", "); 1631 printf("birthtime="); 1632 if (resolv == 0) 1633 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1634 else { 1635 tm = localtime(&statp->st_birthtim.tv_sec); 1636 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1637 printf("\"%s\"", timestr); 1638 } 1639 if (statp->st_birthtim.tv_nsec != 0) 1640 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1641 else 1642 printf(", "); 1643 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1644 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1645 (intmax_t)statp->st_blocks, statp->st_flags); 1646 printf(" }\n"); 1647 } 1648 1649 void 1650 ktrstruct(char *buf, size_t buflen) 1651 { 1652 char *name, *data; 1653 size_t namelen, datalen; 1654 int i; 1655 struct stat sb; 1656 struct sockaddr_storage ss; 1657 1658 for (name = buf, namelen = 0; 1659 namelen < buflen && name[namelen] != '\0'; 1660 ++namelen) 1661 /* nothing */; 1662 if (namelen == buflen) 1663 goto invalid; 1664 if (name[namelen] != '\0') 1665 goto invalid; 1666 data = buf + namelen + 1; 1667 datalen = buflen - namelen - 1; 1668 if (datalen == 0) 1669 goto invalid; 1670 /* sanity check */ 1671 for (i = 0; i < (int)namelen; ++i) 1672 if (!isalpha(name[i])) 1673 goto invalid; 1674 if (strcmp(name, "stat") == 0) { 1675 if (datalen != sizeof(struct stat)) 1676 goto invalid; 1677 memcpy(&sb, data, datalen); 1678 ktrstat(&sb); 1679 } else if (strcmp(name, "sockaddr") == 0) { 1680 if (datalen > sizeof(ss)) 1681 goto invalid; 1682 memcpy(&ss, data, datalen); 1683 if (datalen != ss.ss_len) 1684 goto invalid; 1685 ktrsockaddr((struct sockaddr *)&ss); 1686 } else { 1687 printf("unknown structure\n"); 1688 } 1689 return; 1690 invalid: 1691 printf("invalid record\n"); 1692 } 1693 1694 void 1695 ktrcapfail(struct ktr_cap_fail *ktr) 1696 { 1697 switch (ktr->cap_type) { 1698 case CAPFAIL_NOTCAPABLE: 1699 /* operation on fd with insufficient capabilities */ 1700 printf("operation requires "); 1701 capname((intmax_t)ktr->cap_needed); 1702 printf(", process holds "); 1703 capname((intmax_t)ktr->cap_held); 1704 break; 1705 case CAPFAIL_INCREASE: 1706 /* requested more capabilities than fd already has */ 1707 printf("attempt to increase capabilities from "); 1708 capname((intmax_t)ktr->cap_held); 1709 printf(" to "); 1710 capname((intmax_t)ktr->cap_needed); 1711 break; 1712 case CAPFAIL_SYSCALL: 1713 /* called restricted syscall */ 1714 printf("disallowed system call"); 1715 break; 1716 case CAPFAIL_LOOKUP: 1717 /* used ".." in strict-relative mode */ 1718 printf("restricted VFS lookup"); 1719 break; 1720 default: 1721 printf("unknown capability failure: "); 1722 capname((intmax_t)ktr->cap_needed); 1723 printf(" "); 1724 capname((intmax_t)ktr->cap_held); 1725 break; 1726 } 1727 printf("\n"); 1728 } 1729 1730 void 1731 ktrfault(struct ktr_fault *ktr) 1732 { 1733 1734 printf("0x%jx ", ktr->vaddr); 1735 vmprotname(ktr->type); 1736 printf("\n"); 1737 } 1738 1739 void 1740 ktrfaultend(struct ktr_faultend *ktr) 1741 { 1742 1743 vmresultname(ktr->result); 1744 printf("\n"); 1745 } 1746 1747 #if defined(__amd64__) || defined(__i386__) 1748 void 1749 linux_ktrsyscall(struct ktr_syscall *ktr) 1750 { 1751 int narg = ktr->ktr_narg; 1752 register_t *ip; 1753 1754 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0) 1755 printf("[%d]", ktr->ktr_code); 1756 else 1757 printf("%s", linux_syscallnames[ktr->ktr_code]); 1758 ip = &ktr->ktr_args[0]; 1759 if (narg) { 1760 char c = '('; 1761 while (narg > 0) 1762 print_number(ip, narg, c); 1763 putchar(')'); 1764 } 1765 putchar('\n'); 1766 } 1767 1768 void 1769 linux_ktrsysret(struct ktr_sysret *ktr) 1770 { 1771 register_t ret = ktr->ktr_retval; 1772 int error = ktr->ktr_error; 1773 int code = ktr->ktr_code; 1774 1775 if (code >= nlinux_syscalls || code < 0) 1776 printf("[%d] ", code); 1777 else 1778 printf("%s ", linux_syscallnames[code]); 1779 1780 if (error == 0) { 1781 if (fancy) { 1782 printf("%ld", (long)ret); 1783 if (ret < 0 || ret > 9) 1784 printf("/%#lx", (unsigned long)ret); 1785 } else { 1786 if (decimal) 1787 printf("%ld", (long)ret); 1788 else 1789 printf("%#lx", (unsigned long)ret); 1790 } 1791 } else if (error == ERESTART) 1792 printf("RESTART"); 1793 else if (error == EJUSTRETURN) 1794 printf("JUSTRETURN"); 1795 else { 1796 if (ktr->ktr_error <= ELAST + 1) 1797 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 1798 else 1799 error = 999; 1800 printf("-1 errno %d", error); 1801 if (fancy) 1802 printf(" %s", strerror(ktr->ktr_error)); 1803 } 1804 putchar('\n'); 1805 } 1806 #endif 1807 1808 void 1809 usage(void) 1810 { 1811 fprintf(stderr, "usage: kdump [-dEnlHRrsTA] [-f trfile] " 1812 "[-m maxdata] [-p pid] [-t trstr]\n"); 1813 exit(1); 1814 } 1815