1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/capsicum.h> 50 #include <sys/errno.h> 51 #define _KERNEL 52 #include <sys/time.h> 53 #undef _KERNEL 54 #include <sys/uio.h> 55 #include <sys/ktrace.h> 56 #include <sys/ioctl.h> 57 #include <sys/socket.h> 58 #include <sys/stat.h> 59 #include <sys/sysent.h> 60 #include <sys/umtx.h> 61 #include <sys/un.h> 62 #include <sys/queue.h> 63 #include <sys/wait.h> 64 #ifdef HAVE_LIBCASPER 65 #include <sys/nv.h> 66 #endif 67 #include <arpa/inet.h> 68 #include <netinet/in.h> 69 #include <ctype.h> 70 #include <err.h> 71 #include <grp.h> 72 #include <inttypes.h> 73 #include <locale.h> 74 #include <netdb.h> 75 #include <nl_types.h> 76 #include <pwd.h> 77 #include <stdio.h> 78 #include <stdlib.h> 79 #include <string.h> 80 #include <sysdecode.h> 81 #include <termios.h> 82 #include <time.h> 83 #include <unistd.h> 84 #include <vis.h> 85 #include "ktrace.h" 86 #include "kdump_subr.h" 87 88 #ifdef HAVE_LIBCASPER 89 #include <libcasper.h> 90 91 #include <casper/cap_grp.h> 92 #include <casper/cap_pwd.h> 93 #endif 94 95 u_int abidump(struct ktr_header *); 96 int fetchprocinfo(struct ktr_header *, u_int *); 97 int fread_tail(void *, int, int); 98 void dumpheader(struct ktr_header *); 99 void ktrsyscall(struct ktr_syscall *, u_int); 100 void ktrsysret(struct ktr_sysret *, u_int); 101 void ktrnamei(char *, int); 102 void hexdump(char *, int, int); 103 void visdump(char *, int, int); 104 void ktrgenio(struct ktr_genio *, int); 105 void ktrpsig(struct ktr_psig *); 106 void ktrcsw(struct ktr_csw *); 107 void ktrcsw_old(struct ktr_csw_old *); 108 void ktruser_malloc(void *); 109 void ktruser_rtld(int, void *); 110 void ktruser(int, void *); 111 void ktrcaprights(cap_rights_t *); 112 void ktritimerval(struct itimerval *it); 113 void ktrsockaddr(struct sockaddr *); 114 void ktrstat(struct stat *); 115 void ktrstruct(char *, size_t); 116 void ktrcapfail(struct ktr_cap_fail *); 117 void ktrfault(struct ktr_fault *); 118 void ktrfaultend(struct ktr_faultend *); 119 void limitfd(int fd); 120 void usage(void); 121 122 #define TIMESTAMP_NONE 0x0 123 #define TIMESTAMP_ABSOLUTE 0x1 124 #define TIMESTAMP_ELAPSED 0x2 125 #define TIMESTAMP_RELATIVE 0x4 126 127 extern const char *signames[]; 128 129 static int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 130 resolv = 0, abiflag = 0, syscallno = 0; 131 static const char *tracefile = DEF_TRACEFILE; 132 static struct ktr_header ktr_header; 133 134 #define TIME_FORMAT "%b %e %T %Y" 135 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 136 137 #define print_number(i,n,c) do { \ 138 if (decimal) \ 139 printf("%c%jd", c, (intmax_t)*i); \ 140 else \ 141 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 142 i++; \ 143 n--; \ 144 c = ','; \ 145 } while (0) 146 147 struct proc_info 148 { 149 TAILQ_ENTRY(proc_info) info; 150 u_int sv_flags; 151 pid_t pid; 152 }; 153 154 static TAILQ_HEAD(trace_procs, proc_info) trace_procs; 155 156 #ifdef HAVE_LIBCASPER 157 static cap_channel_t *cappwd, *capgrp; 158 #endif 159 160 static void 161 strerror_init(void) 162 { 163 164 /* 165 * Cache NLS data before entering capability mode. 166 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 167 */ 168 (void)catopen("libc", NL_CAT_LOCALE); 169 } 170 171 static void 172 localtime_init(void) 173 { 174 time_t ltime; 175 176 /* 177 * Allow localtime(3) to cache /etc/localtime content before entering 178 * capability mode. 179 * XXXPJD: There should be localtime_init() in libc. 180 */ 181 (void)time(<ime); 182 (void)localtime(<ime); 183 } 184 185 #ifdef HAVE_LIBCASPER 186 static int 187 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp) 188 { 189 cap_channel_t *capcas, *cappwdloc, *capgrploc; 190 const char *cmds[1], *fields[1]; 191 192 capcas = cap_init(); 193 if (capcas == NULL) { 194 err(1, "unable to create casper process"); 195 exit(1); 196 } 197 cappwdloc = cap_service_open(capcas, "system.pwd"); 198 capgrploc = cap_service_open(capcas, "system.grp"); 199 /* Casper capability no longer needed. */ 200 cap_close(capcas); 201 if (cappwdloc == NULL || capgrploc == NULL) { 202 if (cappwdloc == NULL) 203 warn("unable to open system.pwd service"); 204 if (capgrploc == NULL) 205 warn("unable to open system.grp service"); 206 exit(1); 207 } 208 /* Limit system.pwd to only getpwuid() function and pw_name field. */ 209 cmds[0] = "getpwuid"; 210 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0) 211 err(1, "unable to limit system.pwd service"); 212 fields[0] = "pw_name"; 213 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0) 214 err(1, "unable to limit system.pwd service"); 215 /* Limit system.grp to only getgrgid() function and gr_name field. */ 216 cmds[0] = "getgrgid"; 217 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0) 218 err(1, "unable to limit system.grp service"); 219 fields[0] = "gr_name"; 220 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0) 221 err(1, "unable to limit system.grp service"); 222 223 *cappwdp = cappwdloc; 224 *capgrpp = capgrploc; 225 return (0); 226 } 227 #endif /* HAVE_LIBCASPER */ 228 229 int 230 main(int argc, char *argv[]) 231 { 232 int ch, ktrlen, size; 233 void *m; 234 int trpoints = ALL_POINTS; 235 int drop_logged; 236 pid_t pid = 0; 237 u_int sv_flags; 238 239 setlocale(LC_CTYPE, ""); 240 241 timestamp = TIMESTAMP_NONE; 242 243 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1) 244 switch (ch) { 245 case 'A': 246 abiflag = 1; 247 break; 248 case 'f': 249 tracefile = optarg; 250 break; 251 case 'd': 252 decimal = 1; 253 break; 254 case 'l': 255 tail = 1; 256 break; 257 case 'm': 258 maxdata = atoi(optarg); 259 break; 260 case 'n': 261 fancy = 0; 262 break; 263 case 'p': 264 pid = atoi(optarg); 265 break; 266 case 'r': 267 resolv = 1; 268 break; 269 case 'S': 270 syscallno = 1; 271 break; 272 case 's': 273 suppressdata = 1; 274 break; 275 case 'E': 276 timestamp |= TIMESTAMP_ELAPSED; 277 break; 278 case 'H': 279 threads = 1; 280 break; 281 case 'R': 282 timestamp |= TIMESTAMP_RELATIVE; 283 break; 284 case 'T': 285 timestamp |= TIMESTAMP_ABSOLUTE; 286 break; 287 case 't': 288 trpoints = getpoints(optarg); 289 if (trpoints < 0) 290 errx(1, "unknown trace point in %s", optarg); 291 break; 292 default: 293 usage(); 294 } 295 296 if (argc > optind) 297 usage(); 298 299 m = malloc(size = 1025); 300 if (m == NULL) 301 errx(1, "%s", strerror(ENOMEM)); 302 if (strcmp(tracefile, "-") != 0) 303 if (!freopen(tracefile, "r", stdin)) 304 err(1, "%s", tracefile); 305 306 strerror_init(); 307 localtime_init(); 308 #ifdef HAVE_LIBCASPER 309 if (resolv != 0) { 310 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) { 311 cappwd = NULL; 312 capgrp = NULL; 313 } 314 } 315 if (resolv == 0 || (cappwd != NULL && capgrp != NULL)) { 316 if (cap_enter() < 0 && errno != ENOSYS) 317 err(1, "unable to enter capability mode"); 318 } 319 #else 320 if (resolv == 0) { 321 if (cap_enter() < 0 && errno != ENOSYS) 322 err(1, "unable to enter capability mode"); 323 } 324 #endif 325 limitfd(STDIN_FILENO); 326 limitfd(STDOUT_FILENO); 327 limitfd(STDERR_FILENO); 328 329 TAILQ_INIT(&trace_procs); 330 drop_logged = 0; 331 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 332 if (ktr_header.ktr_type & KTR_DROP) { 333 ktr_header.ktr_type &= ~KTR_DROP; 334 if (!drop_logged && threads) { 335 printf( 336 "%6jd %6jd %-8.*s Events dropped.\n", 337 (intmax_t)ktr_header.ktr_pid, 338 ktr_header.ktr_tid > 0 ? 339 (intmax_t)ktr_header.ktr_tid : 0, 340 MAXCOMLEN, ktr_header.ktr_comm); 341 drop_logged = 1; 342 } else if (!drop_logged) { 343 printf("%6jd %-8.*s Events dropped.\n", 344 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 345 ktr_header.ktr_comm); 346 drop_logged = 1; 347 } 348 } 349 if (trpoints & (1<<ktr_header.ktr_type)) 350 if (pid == 0 || ktr_header.ktr_pid == pid || 351 ktr_header.ktr_tid == pid) 352 dumpheader(&ktr_header); 353 if ((ktrlen = ktr_header.ktr_len) < 0) 354 errx(1, "bogus length 0x%x", ktrlen); 355 if (ktrlen > size) { 356 m = realloc(m, ktrlen+1); 357 if (m == NULL) 358 errx(1, "%s", strerror(ENOMEM)); 359 size = ktrlen; 360 } 361 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 362 errx(1, "data too short"); 363 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 364 continue; 365 sv_flags = abidump(&ktr_header); 366 if (pid && ktr_header.ktr_pid != pid && 367 ktr_header.ktr_tid != pid) 368 continue; 369 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 370 continue; 371 drop_logged = 0; 372 switch (ktr_header.ktr_type) { 373 case KTR_SYSCALL: 374 ktrsyscall((struct ktr_syscall *)m, sv_flags); 375 break; 376 case KTR_SYSRET: 377 ktrsysret((struct ktr_sysret *)m, sv_flags); 378 break; 379 case KTR_NAMEI: 380 case KTR_SYSCTL: 381 ktrnamei(m, ktrlen); 382 break; 383 case KTR_GENIO: 384 ktrgenio((struct ktr_genio *)m, ktrlen); 385 break; 386 case KTR_PSIG: 387 ktrpsig((struct ktr_psig *)m); 388 break; 389 case KTR_CSW: 390 if (ktrlen == sizeof(struct ktr_csw_old)) 391 ktrcsw_old((struct ktr_csw_old *)m); 392 else 393 ktrcsw((struct ktr_csw *)m); 394 break; 395 case KTR_USER: 396 ktruser(ktrlen, m); 397 break; 398 case KTR_STRUCT: 399 ktrstruct(m, ktrlen); 400 break; 401 case KTR_CAPFAIL: 402 ktrcapfail((struct ktr_cap_fail *)m); 403 break; 404 case KTR_FAULT: 405 ktrfault((struct ktr_fault *)m); 406 break; 407 case KTR_FAULTEND: 408 ktrfaultend((struct ktr_faultend *)m); 409 break; 410 default: 411 printf("\n"); 412 break; 413 } 414 if (tail) 415 fflush(stdout); 416 } 417 return 0; 418 } 419 420 void 421 limitfd(int fd) 422 { 423 cap_rights_t rights; 424 unsigned long cmd; 425 426 cap_rights_init(&rights, CAP_FSTAT); 427 cmd = 0; 428 429 switch (fd) { 430 case STDIN_FILENO: 431 cap_rights_set(&rights, CAP_READ); 432 break; 433 case STDOUT_FILENO: 434 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE); 435 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 436 break; 437 case STDERR_FILENO: 438 cap_rights_set(&rights, CAP_WRITE); 439 if (!suppressdata) { 440 cap_rights_set(&rights, CAP_IOCTL); 441 cmd = TIOCGWINSZ; 442 } 443 break; 444 default: 445 abort(); 446 } 447 448 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) 449 err(1, "unable to limit rights for descriptor %d", fd); 450 if (cmd != 0 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 451 err(1, "unable to limit ioctls for descriptor %d", fd); 452 } 453 454 int 455 fread_tail(void *buf, int size, int num) 456 { 457 int i; 458 459 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 460 sleep(1); 461 clearerr(stdin); 462 } 463 return (i); 464 } 465 466 int 467 fetchprocinfo(struct ktr_header *kth, u_int *flags) 468 { 469 struct proc_info *pi; 470 471 switch (kth->ktr_type) { 472 case KTR_PROCCTOR: 473 TAILQ_FOREACH(pi, &trace_procs, info) { 474 if (pi->pid == kth->ktr_pid) { 475 TAILQ_REMOVE(&trace_procs, pi, info); 476 break; 477 } 478 } 479 pi = malloc(sizeof(struct proc_info)); 480 if (pi == NULL) 481 errx(1, "%s", strerror(ENOMEM)); 482 pi->sv_flags = *flags; 483 pi->pid = kth->ktr_pid; 484 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 485 return (1); 486 487 case KTR_PROCDTOR: 488 TAILQ_FOREACH(pi, &trace_procs, info) { 489 if (pi->pid == kth->ktr_pid) { 490 TAILQ_REMOVE(&trace_procs, pi, info); 491 free(pi); 492 break; 493 } 494 } 495 return (1); 496 } 497 498 return (0); 499 } 500 501 u_int 502 abidump(struct ktr_header *kth) 503 { 504 struct proc_info *pi; 505 const char *abi; 506 const char *arch; 507 u_int flags = 0; 508 509 TAILQ_FOREACH(pi, &trace_procs, info) { 510 if (pi->pid == kth->ktr_pid) { 511 flags = pi->sv_flags; 512 break; 513 } 514 } 515 516 if (abiflag == 0) 517 return (flags); 518 519 switch (flags & SV_ABI_MASK) { 520 case SV_ABI_LINUX: 521 abi = "L"; 522 break; 523 case SV_ABI_FREEBSD: 524 abi = "F"; 525 break; 526 case SV_ABI_CLOUDABI: 527 abi = "C"; 528 break; 529 default: 530 abi = "U"; 531 break; 532 } 533 534 if (flags & SV_LP64) 535 arch = "64"; 536 else if (flags & SV_ILP32) 537 arch = "32"; 538 else 539 arch = "00"; 540 541 printf("%s%s ", abi, arch); 542 543 return (flags); 544 } 545 546 void 547 dumpheader(struct ktr_header *kth) 548 { 549 static char unknown[64]; 550 static struct timeval prevtime, prevtime_e, temp; 551 const char *type; 552 const char *sign; 553 554 switch (kth->ktr_type) { 555 case KTR_SYSCALL: 556 type = "CALL"; 557 break; 558 case KTR_SYSRET: 559 type = "RET "; 560 break; 561 case KTR_NAMEI: 562 type = "NAMI"; 563 break; 564 case KTR_GENIO: 565 type = "GIO "; 566 break; 567 case KTR_PSIG: 568 type = "PSIG"; 569 break; 570 case KTR_CSW: 571 type = "CSW "; 572 break; 573 case KTR_USER: 574 type = "USER"; 575 break; 576 case KTR_STRUCT: 577 type = "STRU"; 578 break; 579 case KTR_SYSCTL: 580 type = "SCTL"; 581 break; 582 case KTR_PROCCTOR: 583 /* FALLTHROUGH */ 584 case KTR_PROCDTOR: 585 return; 586 case KTR_CAPFAIL: 587 type = "CAP "; 588 break; 589 case KTR_FAULT: 590 type = "PFLT"; 591 break; 592 case KTR_FAULTEND: 593 type = "PRET"; 594 break; 595 default: 596 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 597 type = unknown; 598 } 599 600 /* 601 * The ktr_tid field was previously the ktr_buffer field, which held 602 * the kernel pointer value for the buffer associated with data 603 * following the record header. It now holds a threadid, but only 604 * for trace files after the change. Older trace files still contain 605 * kernel pointers. Detect this and suppress the results by printing 606 * negative tid's as 0. 607 */ 608 if (threads) 609 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 610 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 611 MAXCOMLEN, kth->ktr_comm); 612 else 613 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 614 kth->ktr_comm); 615 if (timestamp) { 616 if (timestamp & TIMESTAMP_ABSOLUTE) { 617 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 618 kth->ktr_time.tv_usec); 619 } 620 if (timestamp & TIMESTAMP_ELAPSED) { 621 if (prevtime_e.tv_sec == 0) 622 prevtime_e = kth->ktr_time; 623 timevalsub(&kth->ktr_time, &prevtime_e); 624 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 625 kth->ktr_time.tv_usec); 626 timevaladd(&kth->ktr_time, &prevtime_e); 627 } 628 if (timestamp & TIMESTAMP_RELATIVE) { 629 if (prevtime.tv_sec == 0) 630 prevtime = kth->ktr_time; 631 temp = kth->ktr_time; 632 timevalsub(&kth->ktr_time, &prevtime); 633 if ((intmax_t)kth->ktr_time.tv_sec < 0) { 634 kth->ktr_time = prevtime; 635 prevtime = temp; 636 timevalsub(&kth->ktr_time, &prevtime); 637 sign = "-"; 638 } else { 639 prevtime = temp; 640 sign = ""; 641 } 642 printf("%s%jd.%06ld ", sign, (intmax_t)kth->ktr_time.tv_sec, 643 kth->ktr_time.tv_usec); 644 } 645 } 646 printf("%s ", type); 647 } 648 649 #include <sys/syscall.h> 650 651 static void 652 ioctlname(unsigned long val) 653 { 654 const char *str; 655 656 str = sysdecode_ioctlname(val); 657 if (str != NULL) 658 printf("%s", str); 659 else if (decimal) 660 printf("%lu", val); 661 else 662 printf("%#lx", val); 663 } 664 665 static enum sysdecode_abi 666 syscallabi(u_int sv_flags) 667 { 668 669 if (sv_flags == 0) 670 return (SYSDECODE_ABI_FREEBSD); 671 switch (sv_flags & SV_ABI_MASK) { 672 case SV_ABI_FREEBSD: 673 return (SYSDECODE_ABI_FREEBSD); 674 #if defined(__amd64__) || defined(__i386__) 675 case SV_ABI_LINUX: 676 #ifdef __amd64__ 677 if (sv_flags & SV_ILP32) 678 return (SYSDECODE_ABI_LINUX32); 679 #endif 680 return (SYSDECODE_ABI_LINUX); 681 #endif 682 #if defined(__aarch64__) || defined(__amd64__) 683 case SV_ABI_CLOUDABI: 684 return (SYSDECODE_ABI_CLOUDABI64); 685 #endif 686 default: 687 return (SYSDECODE_ABI_UNKNOWN); 688 } 689 } 690 691 static void 692 syscallname(u_int code, u_int sv_flags) 693 { 694 const char *name; 695 696 name = sysdecode_syscallname(syscallabi(sv_flags), code); 697 if (name == NULL) 698 printf("[%d]", code); 699 else { 700 printf("%s", name); 701 if (syscallno) 702 printf("[%d]", code); 703 } 704 } 705 706 void 707 ktrsyscall(struct ktr_syscall *ktr, u_int sv_flags) 708 { 709 int narg = ktr->ktr_narg; 710 register_t *ip; 711 intmax_t arg; 712 713 syscallname(ktr->ktr_code, sv_flags); 714 ip = &ktr->ktr_args[0]; 715 if (narg) { 716 char c = '('; 717 if (fancy && 718 (sv_flags == 0 || 719 (sv_flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 720 switch (ktr->ktr_code) { 721 case SYS_bindat: 722 case SYS_connectat: 723 case SYS_faccessat: 724 case SYS_fchmodat: 725 case SYS_fchownat: 726 case SYS_fstatat: 727 case SYS_futimesat: 728 case SYS_linkat: 729 case SYS_mkdirat: 730 case SYS_mkfifoat: 731 case SYS_mknodat: 732 case SYS_openat: 733 case SYS_readlinkat: 734 case SYS_renameat: 735 case SYS_unlinkat: 736 case SYS_utimensat: 737 putchar('('); 738 atfdname(*ip, decimal); 739 c = ','; 740 ip++; 741 narg--; 742 break; 743 } 744 switch (ktr->ktr_code) { 745 case SYS_ioctl: { 746 print_number(ip, narg, c); 747 putchar(c); 748 ioctlname(*ip); 749 c = ','; 750 ip++; 751 narg--; 752 break; 753 } 754 case SYS_ptrace: 755 putchar('('); 756 ptraceopname(*ip); 757 c = ','; 758 ip++; 759 narg--; 760 break; 761 case SYS_access: 762 case SYS_eaccess: 763 case SYS_faccessat: 764 print_number(ip, narg, c); 765 putchar(','); 766 accessmodename(*ip); 767 ip++; 768 narg--; 769 break; 770 case SYS_open: 771 case SYS_openat: 772 print_number(ip, narg, c); 773 putchar(','); 774 flagsandmodename(ip[0], ip[1], decimal); 775 ip += 2; 776 narg -= 2; 777 break; 778 case SYS_wait4: 779 print_number(ip, narg, c); 780 print_number(ip, narg, c); 781 /* 782 * A flags value of zero is valid for 783 * wait4() but not for wait6(), so 784 * handle zero special here. 785 */ 786 if (*ip == 0) { 787 print_number(ip, narg, c); 788 } else { 789 putchar(','); 790 wait6optname(*ip); 791 ip++; 792 narg--; 793 } 794 break; 795 case SYS_wait6: 796 putchar('('); 797 idtypename(*ip, decimal); 798 c = ','; 799 ip++; 800 narg--; 801 print_number(ip, narg, c); 802 print_number(ip, narg, c); 803 putchar(','); 804 wait6optname(*ip); 805 ip++; 806 narg--; 807 break; 808 case SYS_chmod: 809 case SYS_fchmod: 810 case SYS_lchmod: 811 case SYS_fchmodat: 812 print_number(ip, narg, c); 813 putchar(','); 814 modename(*ip); 815 ip++; 816 narg--; 817 break; 818 case SYS_mknod: 819 case SYS_mknodat: 820 print_number(ip, narg, c); 821 putchar(','); 822 modename(*ip); 823 ip++; 824 narg--; 825 break; 826 case SYS_getfsstat: 827 print_number(ip, narg, c); 828 print_number(ip, narg, c); 829 putchar(','); 830 getfsstatflagsname(*ip); 831 ip++; 832 narg--; 833 break; 834 case SYS_mount: 835 print_number(ip, narg, c); 836 print_number(ip, narg, c); 837 putchar(','); 838 mountflagsname(*ip); 839 ip++; 840 narg--; 841 break; 842 case SYS_unmount: 843 print_number(ip, narg, c); 844 putchar(','); 845 mountflagsname(*ip); 846 ip++; 847 narg--; 848 break; 849 case SYS_recvmsg: 850 case SYS_sendmsg: 851 print_number(ip, narg, c); 852 print_number(ip, narg, c); 853 putchar(','); 854 sendrecvflagsname(*ip); 855 ip++; 856 narg--; 857 break; 858 case SYS_recvfrom: 859 case SYS_sendto: 860 print_number(ip, narg, c); 861 print_number(ip, narg, c); 862 print_number(ip, narg, c); 863 putchar(','); 864 sendrecvflagsname(*ip); 865 ip++; 866 narg--; 867 break; 868 case SYS_chflags: 869 case SYS_fchflags: 870 case SYS_lchflags: 871 print_number(ip, narg, c); 872 putchar(','); 873 modename(*ip); 874 ip++; 875 narg--; 876 break; 877 case SYS_kill: 878 print_number(ip, narg, c); 879 putchar(','); 880 signame(*ip); 881 ip++; 882 narg--; 883 break; 884 case SYS_reboot: 885 putchar('('); 886 rebootoptname(*ip); 887 ip++; 888 narg--; 889 break; 890 case SYS_umask: 891 putchar('('); 892 modename(*ip); 893 ip++; 894 narg--; 895 break; 896 case SYS_msync: 897 print_number(ip, narg, c); 898 print_number(ip, narg, c); 899 putchar(','); 900 msyncflagsname(*ip); 901 ip++; 902 narg--; 903 break; 904 #ifdef SYS_freebsd6_mmap 905 case SYS_freebsd6_mmap: 906 print_number(ip, narg, c); 907 print_number(ip, narg, c); 908 putchar(','); 909 mmapprotname(*ip); 910 putchar(','); 911 ip++; 912 narg--; 913 mmapflagsname(*ip); 914 ip++; 915 narg--; 916 break; 917 #endif 918 case SYS_mmap: 919 print_number(ip, narg, c); 920 print_number(ip, narg, c); 921 putchar(','); 922 mmapprotname(*ip); 923 putchar(','); 924 ip++; 925 narg--; 926 mmapflagsname(*ip); 927 ip++; 928 narg--; 929 break; 930 case SYS_mprotect: 931 print_number(ip, narg, c); 932 print_number(ip, narg, c); 933 putchar(','); 934 mmapprotname(*ip); 935 ip++; 936 narg--; 937 break; 938 case SYS_madvise: 939 print_number(ip, narg, c); 940 print_number(ip, narg, c); 941 putchar(','); 942 madvisebehavname(*ip); 943 ip++; 944 narg--; 945 break; 946 case SYS_setpriority: 947 print_number(ip, narg, c); 948 print_number(ip, narg, c); 949 putchar(','); 950 prioname(*ip); 951 ip++; 952 narg--; 953 break; 954 case SYS_fcntl: 955 print_number(ip, narg, c); 956 putchar(','); 957 fcntlcmdname(ip[0], ip[1], decimal); 958 ip += 2; 959 narg -= 2; 960 break; 961 case SYS_socket: { 962 int sockdomain; 963 putchar('('); 964 sockdomain = *ip; 965 sockdomainname(sockdomain); 966 ip++; 967 narg--; 968 putchar(','); 969 socktypenamewithflags(*ip); 970 ip++; 971 narg--; 972 if (sockdomain == PF_INET || 973 sockdomain == PF_INET6) { 974 putchar(','); 975 sockipprotoname(*ip); 976 ip++; 977 narg--; 978 } 979 c = ','; 980 break; 981 } 982 case SYS_setsockopt: 983 case SYS_getsockopt: 984 print_number(ip, narg, c); 985 putchar(','); 986 sockoptlevelname(*ip, decimal); 987 if (*ip == SOL_SOCKET) { 988 ip++; 989 narg--; 990 putchar(','); 991 sockoptname(*ip); 992 } 993 ip++; 994 narg--; 995 break; 996 #ifdef SYS_freebsd6_lseek 997 case SYS_freebsd6_lseek: 998 print_number(ip, narg, c); 999 /* Hidden 'pad' argument, not in lseek(2) */ 1000 print_number(ip, narg, c); 1001 print_number(ip, narg, c); 1002 putchar(','); 1003 whencename(*ip); 1004 ip++; 1005 narg--; 1006 break; 1007 #endif 1008 case SYS_lseek: 1009 print_number(ip, narg, c); 1010 /* Hidden 'pad' argument, not in lseek(2) */ 1011 print_number(ip, narg, c); 1012 putchar(','); 1013 whencename(*ip); 1014 ip++; 1015 narg--; 1016 break; 1017 case SYS_flock: 1018 print_number(ip, narg, c); 1019 putchar(','); 1020 flockname(*ip); 1021 ip++; 1022 narg--; 1023 break; 1024 case SYS_mkfifo: 1025 case SYS_mkfifoat: 1026 case SYS_mkdir: 1027 case SYS_mkdirat: 1028 print_number(ip, narg, c); 1029 putchar(','); 1030 modename(*ip); 1031 ip++; 1032 narg--; 1033 break; 1034 case SYS_shutdown: 1035 print_number(ip, narg, c); 1036 putchar(','); 1037 shutdownhowname(*ip); 1038 ip++; 1039 narg--; 1040 break; 1041 case SYS_socketpair: 1042 putchar('('); 1043 sockdomainname(*ip); 1044 ip++; 1045 narg--; 1046 putchar(','); 1047 socktypenamewithflags(*ip); 1048 ip++; 1049 narg--; 1050 c = ','; 1051 break; 1052 case SYS_getrlimit: 1053 case SYS_setrlimit: 1054 putchar('('); 1055 rlimitname(*ip); 1056 ip++; 1057 narg--; 1058 c = ','; 1059 break; 1060 case SYS_quotactl: 1061 print_number(ip, narg, c); 1062 putchar(','); 1063 quotactlname(*ip); 1064 ip++; 1065 narg--; 1066 c = ','; 1067 break; 1068 case SYS_nfssvc: 1069 putchar('('); 1070 nfssvcname(*ip); 1071 ip++; 1072 narg--; 1073 c = ','; 1074 break; 1075 case SYS_rtprio: 1076 putchar('('); 1077 rtprioname(*ip); 1078 ip++; 1079 narg--; 1080 c = ','; 1081 break; 1082 case SYS___semctl: 1083 print_number(ip, narg, c); 1084 print_number(ip, narg, c); 1085 putchar(','); 1086 semctlname(*ip); 1087 ip++; 1088 narg--; 1089 break; 1090 case SYS_semget: 1091 print_number(ip, narg, c); 1092 print_number(ip, narg, c); 1093 putchar(','); 1094 semgetname(*ip); 1095 ip++; 1096 narg--; 1097 break; 1098 case SYS_msgctl: 1099 print_number(ip, narg, c); 1100 putchar(','); 1101 shmctlname(*ip); 1102 ip++; 1103 narg--; 1104 break; 1105 case SYS_shmat: 1106 print_number(ip, narg, c); 1107 print_number(ip, narg, c); 1108 putchar(','); 1109 shmatname(*ip); 1110 ip++; 1111 narg--; 1112 break; 1113 case SYS_shmctl: 1114 print_number(ip, narg, c); 1115 putchar(','); 1116 shmctlname(*ip); 1117 ip++; 1118 narg--; 1119 break; 1120 case SYS_shm_open: 1121 print_number(ip, narg, c); 1122 putchar(','); 1123 flagsname(ip[0]); 1124 printf(",0%o", (unsigned int)ip[1]); 1125 ip += 3; 1126 narg -= 3; 1127 break; 1128 case SYS_minherit: 1129 print_number(ip, narg, c); 1130 print_number(ip, narg, c); 1131 putchar(','); 1132 minheritname(*ip); 1133 ip++; 1134 narg--; 1135 break; 1136 case SYS_rfork: 1137 putchar('('); 1138 rforkname(*ip); 1139 ip++; 1140 narg--; 1141 c = ','; 1142 break; 1143 case SYS_lio_listio: 1144 putchar('('); 1145 lio_listioname(*ip); 1146 ip++; 1147 narg--; 1148 c = ','; 1149 break; 1150 case SYS_mlockall: 1151 putchar('('); 1152 mlockallname(*ip); 1153 ip++; 1154 narg--; 1155 break; 1156 case SYS_sched_setscheduler: 1157 print_number(ip, narg, c); 1158 putchar(','); 1159 schedpolicyname(*ip); 1160 ip++; 1161 narg--; 1162 break; 1163 case SYS_sched_get_priority_max: 1164 case SYS_sched_get_priority_min: 1165 putchar('('); 1166 schedpolicyname(*ip); 1167 ip++; 1168 narg--; 1169 break; 1170 case SYS_sendfile: 1171 print_number(ip, narg, c); 1172 print_number(ip, narg, c); 1173 print_number(ip, narg, c); 1174 print_number(ip, narg, c); 1175 print_number(ip, narg, c); 1176 print_number(ip, narg, c); 1177 putchar(','); 1178 sendfileflagsname(*(int *)ip); 1179 ip++; 1180 narg--; 1181 break; 1182 case SYS_kldsym: 1183 print_number(ip, narg, c); 1184 putchar(','); 1185 kldsymcmdname(*ip); 1186 ip++; 1187 narg--; 1188 break; 1189 case SYS_sigprocmask: 1190 putchar('('); 1191 sigprocmaskhowname(*ip); 1192 ip++; 1193 narg--; 1194 c = ','; 1195 break; 1196 case SYS___acl_get_file: 1197 case SYS___acl_set_file: 1198 case SYS___acl_get_fd: 1199 case SYS___acl_set_fd: 1200 case SYS___acl_delete_file: 1201 case SYS___acl_delete_fd: 1202 case SYS___acl_aclcheck_file: 1203 case SYS___acl_aclcheck_fd: 1204 case SYS___acl_get_link: 1205 case SYS___acl_set_link: 1206 case SYS___acl_delete_link: 1207 case SYS___acl_aclcheck_link: 1208 print_number(ip, narg, c); 1209 putchar(','); 1210 acltypename(*ip); 1211 ip++; 1212 narg--; 1213 break; 1214 case SYS_sigaction: 1215 putchar('('); 1216 signame(*ip); 1217 ip++; 1218 narg--; 1219 c = ','; 1220 break; 1221 case SYS_extattrctl: 1222 print_number(ip, narg, c); 1223 putchar(','); 1224 extattrctlname(*ip); 1225 ip++; 1226 narg--; 1227 break; 1228 case SYS_nmount: 1229 print_number(ip, narg, c); 1230 print_number(ip, narg, c); 1231 putchar(','); 1232 mountflagsname(*ip); 1233 ip++; 1234 narg--; 1235 break; 1236 case SYS_thr_create: 1237 print_number(ip, narg, c); 1238 print_number(ip, narg, c); 1239 putchar(','); 1240 thrcreateflagsname(*ip); 1241 ip++; 1242 narg--; 1243 break; 1244 case SYS_thr_kill: 1245 print_number(ip, narg, c); 1246 putchar(','); 1247 signame(*ip); 1248 ip++; 1249 narg--; 1250 break; 1251 case SYS_kldunloadf: 1252 print_number(ip, narg, c); 1253 putchar(','); 1254 kldunloadfflagsname(*ip); 1255 ip++; 1256 narg--; 1257 break; 1258 case SYS_linkat: 1259 case SYS_renameat: 1260 case SYS_symlinkat: 1261 print_number(ip, narg, c); 1262 putchar(','); 1263 atfdname(*ip, decimal); 1264 ip++; 1265 narg--; 1266 break; 1267 case SYS_cap_fcntls_limit: 1268 print_number(ip, narg, c); 1269 putchar(','); 1270 arg = *ip; 1271 ip++; 1272 narg--; 1273 capfcntlname(arg); 1274 break; 1275 case SYS_posix_fadvise: 1276 print_number(ip, narg, c); 1277 print_number(ip, narg, c); 1278 print_number(ip, narg, c); 1279 (void)putchar(','); 1280 fadvisebehavname((int)*ip); 1281 ip++; 1282 narg--; 1283 break; 1284 case SYS_procctl: 1285 putchar('('); 1286 idtypename(*ip, decimal); 1287 c = ','; 1288 ip++; 1289 narg--; 1290 print_number(ip, narg, c); 1291 putchar(','); 1292 procctlcmdname(*ip); 1293 ip++; 1294 narg--; 1295 break; 1296 case SYS__umtx_op: 1297 print_number(ip, narg, c); 1298 putchar(','); 1299 umtxopname(*ip); 1300 switch (*ip) { 1301 case UMTX_OP_CV_WAIT: 1302 ip++; 1303 narg--; 1304 putchar(','); 1305 umtxcvwaitflags(*ip); 1306 break; 1307 case UMTX_OP_RW_RDLOCK: 1308 ip++; 1309 narg--; 1310 putchar(','); 1311 umtxrwlockflags(*ip); 1312 break; 1313 } 1314 ip++; 1315 narg--; 1316 } 1317 } 1318 while (narg > 0) { 1319 print_number(ip, narg, c); 1320 } 1321 putchar(')'); 1322 } 1323 putchar('\n'); 1324 } 1325 1326 void 1327 ktrsysret(struct ktr_sysret *ktr, u_int sv_flags) 1328 { 1329 register_t ret = ktr->ktr_retval; 1330 int error = ktr->ktr_error; 1331 1332 syscallname(ktr->ktr_code, sv_flags); 1333 printf(" "); 1334 1335 if (error == 0) { 1336 if (fancy) { 1337 printf("%ld", (long)ret); 1338 if (ret < 0 || ret > 9) 1339 printf("/%#lx", (unsigned long)ret); 1340 } else { 1341 if (decimal) 1342 printf("%ld", (long)ret); 1343 else 1344 printf("%#lx", (unsigned long)ret); 1345 } 1346 } else if (error == ERESTART) 1347 printf("RESTART"); 1348 else if (error == EJUSTRETURN) 1349 printf("JUSTRETURN"); 1350 else { 1351 printf("-1 errno %d", sysdecode_freebsd_to_abi_errno( 1352 syscallabi(sv_flags), error)); 1353 if (fancy) 1354 printf(" %s", strerror(ktr->ktr_error)); 1355 } 1356 putchar('\n'); 1357 } 1358 1359 void 1360 ktrnamei(char *cp, int len) 1361 { 1362 printf("\"%.*s\"\n", len, cp); 1363 } 1364 1365 void 1366 hexdump(char *p, int len, int screenwidth) 1367 { 1368 int n, i; 1369 int width; 1370 1371 width = 0; 1372 do { 1373 width += 2; 1374 i = 13; /* base offset */ 1375 i += (width / 2) + 1; /* spaces every second byte */ 1376 i += (width * 2); /* width of bytes */ 1377 i += 3; /* " |" */ 1378 i += width; /* each byte */ 1379 i += 1; /* "|" */ 1380 } while (i < screenwidth); 1381 width -= 2; 1382 1383 for (n = 0; n < len; n += width) { 1384 for (i = n; i < n + width; i++) { 1385 if ((i % width) == 0) { /* beginning of line */ 1386 printf(" 0x%04x", i); 1387 } 1388 if ((i % 2) == 0) { 1389 printf(" "); 1390 } 1391 if (i < len) 1392 printf("%02x", p[i] & 0xff); 1393 else 1394 printf(" "); 1395 } 1396 printf(" |"); 1397 for (i = n; i < n + width; i++) { 1398 if (i >= len) 1399 break; 1400 if (p[i] >= ' ' && p[i] <= '~') 1401 printf("%c", p[i]); 1402 else 1403 printf("."); 1404 } 1405 printf("|\n"); 1406 } 1407 if ((i % width) != 0) 1408 printf("\n"); 1409 } 1410 1411 void 1412 visdump(char *dp, int datalen, int screenwidth) 1413 { 1414 int col = 0; 1415 char *cp; 1416 int width; 1417 char visbuf[5]; 1418 1419 printf(" \""); 1420 col = 8; 1421 for (;datalen > 0; datalen--, dp++) { 1422 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1423 cp = visbuf; 1424 /* 1425 * Keep track of printables and 1426 * space chars (like fold(1)). 1427 */ 1428 if (col == 0) { 1429 putchar('\t'); 1430 col = 8; 1431 } 1432 switch(*cp) { 1433 case '\n': 1434 col = 0; 1435 putchar('\n'); 1436 continue; 1437 case '\t': 1438 width = 8 - (col&07); 1439 break; 1440 default: 1441 width = strlen(cp); 1442 } 1443 if (col + width > (screenwidth-2)) { 1444 printf("\\\n\t"); 1445 col = 8; 1446 } 1447 col += width; 1448 do { 1449 putchar(*cp++); 1450 } while (*cp); 1451 } 1452 if (col == 0) 1453 printf(" "); 1454 printf("\"\n"); 1455 } 1456 1457 void 1458 ktrgenio(struct ktr_genio *ktr, int len) 1459 { 1460 int datalen = len - sizeof (struct ktr_genio); 1461 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1462 static int screenwidth = 0; 1463 int i, binary; 1464 1465 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1466 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1467 datalen == 1 ? "" : "s"); 1468 if (suppressdata) 1469 return; 1470 if (screenwidth == 0) { 1471 struct winsize ws; 1472 1473 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1474 ws.ws_col > 8) 1475 screenwidth = ws.ws_col; 1476 else 1477 screenwidth = 80; 1478 } 1479 if (maxdata && datalen > maxdata) 1480 datalen = maxdata; 1481 1482 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1483 if (dp[i] >= 32 && dp[i] < 127) 1484 continue; 1485 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1486 continue; 1487 binary = 1; 1488 } 1489 if (binary) 1490 hexdump(dp, datalen, screenwidth); 1491 else 1492 visdump(dp, datalen, screenwidth); 1493 } 1494 1495 const char *signames[] = { 1496 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1497 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1498 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1499 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1500 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1501 "USR2", NULL, /* 31 - 32 */ 1502 }; 1503 1504 void 1505 ktrpsig(struct ktr_psig *psig) 1506 { 1507 if (psig->signo > 0 && psig->signo < NSIG) 1508 printf("SIG%s ", signames[psig->signo]); 1509 else 1510 printf("SIG %d ", psig->signo); 1511 if (psig->action == SIG_DFL) { 1512 printf("SIG_DFL code="); 1513 sigcodename(psig->signo, psig->code); 1514 putchar('\n'); 1515 } else { 1516 printf("caught handler=0x%lx mask=0x%x code=", 1517 (u_long)psig->action, psig->mask.__bits[0]); 1518 sigcodename(psig->signo, psig->code); 1519 putchar('\n'); 1520 } 1521 } 1522 1523 void 1524 ktrcsw_old(struct ktr_csw_old *cs) 1525 { 1526 printf("%s %s\n", cs->out ? "stop" : "resume", 1527 cs->user ? "user" : "kernel"); 1528 } 1529 1530 void 1531 ktrcsw(struct ktr_csw *cs) 1532 { 1533 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1534 cs->user ? "user" : "kernel", cs->wmesg); 1535 } 1536 1537 void 1538 ktruser(int len, void *p) 1539 { 1540 unsigned char *cp; 1541 1542 if (sysdecode_utrace(stdout, p, len)) { 1543 printf("\n"); 1544 return; 1545 } 1546 1547 printf("%d ", len); 1548 cp = p; 1549 while (len--) 1550 if (decimal) 1551 printf(" %d", *cp++); 1552 else 1553 printf(" %02x", *cp++); 1554 printf("\n"); 1555 } 1556 1557 void 1558 ktrcaprights(cap_rights_t *rightsp) 1559 { 1560 1561 printf("cap_rights_t "); 1562 capname(rightsp); 1563 printf("\n"); 1564 } 1565 1566 static void 1567 ktrtimeval(struct timeval *tv) 1568 { 1569 1570 printf("{%ld, %ld}", (long)tv->tv_sec, tv->tv_usec); 1571 } 1572 1573 void 1574 ktritimerval(struct itimerval *it) 1575 { 1576 1577 printf("itimerval { .interval = "); 1578 ktrtimeval(&it->it_interval); 1579 printf(", .value = "); 1580 ktrtimeval(&it->it_value); 1581 printf(" }\n"); 1582 } 1583 1584 void 1585 ktrsockaddr(struct sockaddr *sa) 1586 { 1587 /* 1588 TODO: Support additional address families 1589 #include <netnatm/natm.h> 1590 struct sockaddr_natm *natm; 1591 #include <netsmb/netbios.h> 1592 struct sockaddr_nb *nb; 1593 */ 1594 char addr[64]; 1595 1596 /* 1597 * note: ktrstruct() has already verified that sa points to a 1598 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1599 * sa->sa_len bytes long. 1600 */ 1601 printf("struct sockaddr { "); 1602 sockfamilyname(sa->sa_family); 1603 printf(", "); 1604 1605 #define check_sockaddr_len(n) \ 1606 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1607 printf("invalid"); \ 1608 break; \ 1609 } 1610 1611 switch(sa->sa_family) { 1612 case AF_INET: { 1613 struct sockaddr_in sa_in; 1614 1615 memset(&sa_in, 0, sizeof(sa_in)); 1616 memcpy(&sa_in, sa, sa->sa_len); 1617 check_sockaddr_len(in); 1618 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1619 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1620 break; 1621 } 1622 case AF_INET6: { 1623 struct sockaddr_in6 sa_in6; 1624 1625 memset(&sa_in6, 0, sizeof(sa_in6)); 1626 memcpy(&sa_in6, sa, sa->sa_len); 1627 check_sockaddr_len(in6); 1628 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1629 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1630 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1631 break; 1632 } 1633 case AF_UNIX: { 1634 struct sockaddr_un sa_un; 1635 1636 memset(&sa_un, 0, sizeof(sa_un)); 1637 memcpy(&sa_un, sa, sa->sa_len); 1638 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1639 break; 1640 } 1641 default: 1642 printf("unknown address family"); 1643 } 1644 printf(" }\n"); 1645 } 1646 1647 void 1648 ktrstat(struct stat *statp) 1649 { 1650 char mode[12], timestr[PATH_MAX + 4]; 1651 struct passwd *pwd; 1652 struct group *grp; 1653 struct tm *tm; 1654 1655 /* 1656 * note: ktrstruct() has already verified that statp points to a 1657 * buffer exactly sizeof(struct stat) bytes long. 1658 */ 1659 printf("struct stat {"); 1660 printf("dev=%ju, ino=%ju, ", 1661 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); 1662 if (resolv == 0) 1663 printf("mode=0%jo, ", (uintmax_t)statp->st_mode); 1664 else { 1665 strmode(statp->st_mode, mode); 1666 printf("mode=%s, ", mode); 1667 } 1668 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); 1669 if (resolv == 0) { 1670 pwd = NULL; 1671 } else { 1672 #ifdef HAVE_LIBCASPER 1673 if (cappwd != NULL) 1674 pwd = cap_getpwuid(cappwd, statp->st_uid); 1675 else 1676 #endif 1677 pwd = getpwuid(statp->st_uid); 1678 } 1679 if (pwd == NULL) 1680 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1681 else 1682 printf("uid=\"%s\", ", pwd->pw_name); 1683 if (resolv == 0) { 1684 grp = NULL; 1685 } else { 1686 #ifdef HAVE_LIBCASPER 1687 if (capgrp != NULL) 1688 grp = cap_getgrgid(capgrp, statp->st_gid); 1689 else 1690 #endif 1691 grp = getgrgid(statp->st_gid); 1692 } 1693 if (grp == NULL) 1694 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1695 else 1696 printf("gid=\"%s\", ", grp->gr_name); 1697 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1698 printf("atime="); 1699 if (resolv == 0) 1700 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1701 else { 1702 tm = localtime(&statp->st_atim.tv_sec); 1703 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1704 printf("\"%s\"", timestr); 1705 } 1706 if (statp->st_atim.tv_nsec != 0) 1707 printf(".%09ld, ", statp->st_atim.tv_nsec); 1708 else 1709 printf(", "); 1710 printf("mtime="); 1711 if (resolv == 0) 1712 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1713 else { 1714 tm = localtime(&statp->st_mtim.tv_sec); 1715 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1716 printf("\"%s\"", timestr); 1717 } 1718 if (statp->st_mtim.tv_nsec != 0) 1719 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1720 else 1721 printf(", "); 1722 printf("ctime="); 1723 if (resolv == 0) 1724 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1725 else { 1726 tm = localtime(&statp->st_ctim.tv_sec); 1727 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1728 printf("\"%s\"", timestr); 1729 } 1730 if (statp->st_ctim.tv_nsec != 0) 1731 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1732 else 1733 printf(", "); 1734 printf("birthtime="); 1735 if (resolv == 0) 1736 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1737 else { 1738 tm = localtime(&statp->st_birthtim.tv_sec); 1739 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1740 printf("\"%s\"", timestr); 1741 } 1742 if (statp->st_birthtim.tv_nsec != 0) 1743 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1744 else 1745 printf(", "); 1746 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1747 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1748 (intmax_t)statp->st_blocks, statp->st_flags); 1749 printf(" }\n"); 1750 } 1751 1752 void 1753 ktrstruct(char *buf, size_t buflen) 1754 { 1755 char *name, *data; 1756 size_t namelen, datalen; 1757 int i; 1758 cap_rights_t rights; 1759 struct itimerval it; 1760 struct stat sb; 1761 struct sockaddr_storage ss; 1762 1763 for (name = buf, namelen = 0; 1764 namelen < buflen && name[namelen] != '\0'; 1765 ++namelen) 1766 /* nothing */; 1767 if (namelen == buflen) 1768 goto invalid; 1769 if (name[namelen] != '\0') 1770 goto invalid; 1771 data = buf + namelen + 1; 1772 datalen = buflen - namelen - 1; 1773 if (datalen == 0) 1774 goto invalid; 1775 /* sanity check */ 1776 for (i = 0; i < (int)namelen; ++i) 1777 if (!isalpha(name[i])) 1778 goto invalid; 1779 if (strcmp(name, "caprights") == 0) { 1780 if (datalen != sizeof(cap_rights_t)) 1781 goto invalid; 1782 memcpy(&rights, data, datalen); 1783 ktrcaprights(&rights); 1784 } else if (strcmp(name, "itimerval") == 0) { 1785 if (datalen != sizeof(struct itimerval)) 1786 goto invalid; 1787 memcpy(&it, data, datalen); 1788 ktritimerval(&it); 1789 } else if (strcmp(name, "stat") == 0) { 1790 if (datalen != sizeof(struct stat)) 1791 goto invalid; 1792 memcpy(&sb, data, datalen); 1793 ktrstat(&sb); 1794 } else if (strcmp(name, "sockaddr") == 0) { 1795 if (datalen > sizeof(ss)) 1796 goto invalid; 1797 memcpy(&ss, data, datalen); 1798 if (datalen != ss.ss_len) 1799 goto invalid; 1800 ktrsockaddr((struct sockaddr *)&ss); 1801 } else { 1802 printf("unknown structure\n"); 1803 } 1804 return; 1805 invalid: 1806 printf("invalid record\n"); 1807 } 1808 1809 void 1810 ktrcapfail(struct ktr_cap_fail *ktr) 1811 { 1812 switch (ktr->cap_type) { 1813 case CAPFAIL_NOTCAPABLE: 1814 /* operation on fd with insufficient capabilities */ 1815 printf("operation requires "); 1816 capname(&ktr->cap_needed); 1817 printf(", descriptor holds "); 1818 capname(&ktr->cap_held); 1819 break; 1820 case CAPFAIL_INCREASE: 1821 /* requested more capabilities than fd already has */ 1822 printf("attempt to increase capabilities from "); 1823 capname(&ktr->cap_held); 1824 printf(" to "); 1825 capname(&ktr->cap_needed); 1826 break; 1827 case CAPFAIL_SYSCALL: 1828 /* called restricted syscall */ 1829 printf("disallowed system call"); 1830 break; 1831 case CAPFAIL_LOOKUP: 1832 /* used ".." in strict-relative mode */ 1833 printf("restricted VFS lookup"); 1834 break; 1835 default: 1836 printf("unknown capability failure: "); 1837 capname(&ktr->cap_needed); 1838 printf(" "); 1839 capname(&ktr->cap_held); 1840 break; 1841 } 1842 printf("\n"); 1843 } 1844 1845 void 1846 ktrfault(struct ktr_fault *ktr) 1847 { 1848 1849 printf("0x%jx ", (uintmax_t)ktr->vaddr); 1850 vmprotname(ktr->type); 1851 printf("\n"); 1852 } 1853 1854 void 1855 ktrfaultend(struct ktr_faultend *ktr) 1856 { 1857 1858 vmresultname(ktr->result); 1859 printf("\n"); 1860 } 1861 1862 void 1863 usage(void) 1864 { 1865 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] " 1866 "[-m maxdata] [-p pid] [-t trstr]\n"); 1867 exit(1); 1868 } 1869