1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/capsicum.h> 50 #include <sys/errno.h> 51 #define _KERNEL 52 #include <sys/time.h> 53 #undef _KERNEL 54 #include <sys/uio.h> 55 #include <sys/ktrace.h> 56 #include <sys/ioctl.h> 57 #include <sys/socket.h> 58 #include <sys/stat.h> 59 #include <sys/sysent.h> 60 #include <sys/umtx.h> 61 #include <sys/un.h> 62 #include <sys/queue.h> 63 #include <sys/wait.h> 64 #include <arpa/inet.h> 65 #include <netinet/in.h> 66 #include <ctype.h> 67 #include <dlfcn.h> 68 #include <err.h> 69 #include <grp.h> 70 #include <inttypes.h> 71 #ifdef HAVE_LIBCAPSICUM 72 #include <libcapsicum.h> 73 #include <libcapsicum_grp.h> 74 #include <libcapsicum_pwd.h> 75 #include <libcapsicum_service.h> 76 #endif 77 #include <locale.h> 78 #include <netdb.h> 79 #include <nl_types.h> 80 #ifdef HAVE_LIBCAPSICUM 81 #include <nv.h> 82 #endif 83 #include <pwd.h> 84 #include <stdio.h> 85 #include <stdlib.h> 86 #include <string.h> 87 #include <termios.h> 88 #include <time.h> 89 #include <unistd.h> 90 #include <vis.h> 91 #include "ktrace.h" 92 #include "kdump_subr.h" 93 94 u_int abidump(struct ktr_header *); 95 int fetchprocinfo(struct ktr_header *, u_int *); 96 int fread_tail(void *, int, int); 97 void dumpheader(struct ktr_header *); 98 void ktrsyscall(struct ktr_syscall *, u_int); 99 void ktrsysret(struct ktr_sysret *, u_int); 100 void ktrnamei(char *, int); 101 void hexdump(char *, int, int); 102 void visdump(char *, int, int); 103 void ktrgenio(struct ktr_genio *, int); 104 void ktrpsig(struct ktr_psig *); 105 void ktrcsw(struct ktr_csw *); 106 void ktrcsw_old(struct ktr_csw_old *); 107 void ktruser_malloc(void *); 108 void ktruser_rtld(int, void *); 109 void ktruser(int, void *); 110 void ktrcaprights(cap_rights_t *); 111 void ktrsockaddr(struct sockaddr *); 112 void ktrstat(struct stat *); 113 void ktrstruct(char *, size_t); 114 void ktrcapfail(struct ktr_cap_fail *); 115 void ktrfault(struct ktr_fault *); 116 void ktrfaultend(struct ktr_faultend *); 117 void limitfd(int fd); 118 void usage(void); 119 void ioctlname(unsigned long, int); 120 121 #define TIMESTAMP_NONE 0x0 122 #define TIMESTAMP_ABSOLUTE 0x1 123 #define TIMESTAMP_ELAPSED 0x2 124 #define TIMESTAMP_RELATIVE 0x4 125 126 extern const char *signames[], *syscallnames[]; 127 extern int nsyscalls; 128 129 static int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 130 resolv = 0, abiflag = 0, syscallno = 0; 131 static const char *tracefile = DEF_TRACEFILE; 132 static struct ktr_header ktr_header; 133 134 #define TIME_FORMAT "%b %e %T %Y" 135 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 136 137 #define print_number(i,n,c) do { \ 138 if (decimal) \ 139 printf("%c%jd", c, (intmax_t)*i); \ 140 else \ 141 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 142 i++; \ 143 n--; \ 144 c = ','; \ 145 } while (0) 146 147 #if defined(__amd64__) || defined(__i386__) 148 149 void linux_ktrsyscall(struct ktr_syscall *); 150 void linux_ktrsysret(struct ktr_sysret *); 151 extern char *linux_syscallnames[]; 152 extern int nlinux_syscalls; 153 154 /* 155 * from linux.h 156 * Linux syscalls return negative errno's, we do positive and map them 157 */ 158 static int bsd_to_linux_errno[ELAST + 1] = { 159 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 160 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 161 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 162 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 163 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 164 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 165 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 166 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 167 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 168 -72, -67, -71 169 }; 170 #endif 171 172 struct proc_info 173 { 174 TAILQ_ENTRY(proc_info) info; 175 u_int sv_flags; 176 pid_t pid; 177 }; 178 179 static TAILQ_HEAD(trace_procs, proc_info) trace_procs; 180 181 #ifdef HAVE_LIBCAPSICUM 182 static cap_channel_t *cappwd, *capgrp; 183 #endif 184 185 static void 186 strerror_init(void) 187 { 188 189 /* 190 * Cache NLS data before entering capability mode. 191 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 192 */ 193 (void)catopen("libc", NL_CAT_LOCALE); 194 } 195 196 static void 197 localtime_init(void) 198 { 199 time_t ltime; 200 201 /* 202 * Allow localtime(3) to cache /etc/localtime content before entering 203 * capability mode. 204 * XXXPJD: There should be localtime_init() in libc. 205 */ 206 (void)time(<ime); 207 (void)localtime(<ime); 208 } 209 210 #ifdef HAVE_LIBCAPSICUM 211 static int 212 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp) 213 { 214 cap_channel_t *capcas, *cappwdloc, *capgrploc; 215 const char *cmds[1], *fields[1]; 216 217 capcas = cap_init(); 218 if (capcas == NULL) { 219 warn("unable to contact casperd"); 220 return (-1); 221 } 222 cappwdloc = cap_service_open(capcas, "system.pwd"); 223 capgrploc = cap_service_open(capcas, "system.grp"); 224 /* Casper capability no longer needed. */ 225 cap_close(capcas); 226 if (cappwdloc == NULL || capgrploc == NULL) { 227 if (cappwdloc == NULL) 228 warn("unable to open system.pwd service"); 229 if (capgrploc == NULL) 230 warn("unable to open system.grp service"); 231 exit(1); 232 } 233 /* Limit system.pwd to only getpwuid() function and pw_name field. */ 234 cmds[0] = "getpwuid"; 235 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0) 236 err(1, "unable to limit system.pwd service"); 237 fields[0] = "pw_name"; 238 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0) 239 err(1, "unable to limit system.pwd service"); 240 /* Limit system.grp to only getgrgid() function and gr_name field. */ 241 cmds[0] = "getgrgid"; 242 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0) 243 err(1, "unable to limit system.grp service"); 244 fields[0] = "gr_name"; 245 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0) 246 err(1, "unable to limit system.grp service"); 247 248 *cappwdp = cappwdloc; 249 *capgrpp = capgrploc; 250 return (0); 251 } 252 #endif /* HAVE_LIBCAPSICUM */ 253 254 int 255 main(int argc, char *argv[]) 256 { 257 int ch, ktrlen, size; 258 void *m; 259 int trpoints = ALL_POINTS; 260 int drop_logged; 261 pid_t pid = 0; 262 u_int sv_flags; 263 264 setlocale(LC_CTYPE, ""); 265 266 timestamp = TIMESTAMP_NONE; 267 268 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1) 269 switch (ch) { 270 case 'A': 271 abiflag = 1; 272 break; 273 case 'f': 274 tracefile = optarg; 275 break; 276 case 'd': 277 decimal = 1; 278 break; 279 case 'l': 280 tail = 1; 281 break; 282 case 'm': 283 maxdata = atoi(optarg); 284 break; 285 case 'n': 286 fancy = 0; 287 break; 288 case 'p': 289 pid = atoi(optarg); 290 break; 291 case 'r': 292 resolv = 1; 293 break; 294 case 'S': 295 syscallno = 1; 296 break; 297 case 's': 298 suppressdata = 1; 299 break; 300 case 'E': 301 timestamp |= TIMESTAMP_ELAPSED; 302 break; 303 case 'H': 304 threads = 1; 305 break; 306 case 'R': 307 timestamp |= TIMESTAMP_RELATIVE; 308 break; 309 case 'T': 310 timestamp |= TIMESTAMP_ABSOLUTE; 311 break; 312 case 't': 313 trpoints = getpoints(optarg); 314 if (trpoints < 0) 315 errx(1, "unknown trace point in %s", optarg); 316 break; 317 default: 318 usage(); 319 } 320 321 if (argc > optind) 322 usage(); 323 324 m = malloc(size = 1025); 325 if (m == NULL) 326 errx(1, "%s", strerror(ENOMEM)); 327 if (!freopen(tracefile, "r", stdin)) 328 err(1, "%s", tracefile); 329 330 strerror_init(); 331 localtime_init(); 332 #ifdef HAVE_LIBCAPSICUM 333 if (resolv != 0) { 334 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) { 335 cappwd = NULL; 336 capgrp = NULL; 337 } 338 } 339 if (resolv == 0 || (cappwd != NULL && capgrp != NULL)) { 340 if (cap_enter() < 0 && errno != ENOSYS) 341 err(1, "unable to enter capability mode"); 342 } 343 #else 344 if (resolv == 0) { 345 if (cap_enter() < 0 && errno != ENOSYS) 346 err(1, "unable to enter capability mode"); 347 } 348 #endif 349 limitfd(STDIN_FILENO); 350 limitfd(STDOUT_FILENO); 351 limitfd(STDERR_FILENO); 352 if (cap_sandboxed()) 353 fprintf(stderr, "capability mode sandbox enabled\n"); 354 355 TAILQ_INIT(&trace_procs); 356 drop_logged = 0; 357 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 358 if (ktr_header.ktr_type & KTR_DROP) { 359 ktr_header.ktr_type &= ~KTR_DROP; 360 if (!drop_logged && threads) { 361 printf( 362 "%6jd %6jd %-8.*s Events dropped.\n", 363 (intmax_t)ktr_header.ktr_pid, 364 ktr_header.ktr_tid > 0 ? 365 (intmax_t)ktr_header.ktr_tid : 0, 366 MAXCOMLEN, ktr_header.ktr_comm); 367 drop_logged = 1; 368 } else if (!drop_logged) { 369 printf("%6jd %-8.*s Events dropped.\n", 370 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 371 ktr_header.ktr_comm); 372 drop_logged = 1; 373 } 374 } 375 if (trpoints & (1<<ktr_header.ktr_type)) 376 if (pid == 0 || ktr_header.ktr_pid == pid || 377 ktr_header.ktr_tid == pid) 378 dumpheader(&ktr_header); 379 if ((ktrlen = ktr_header.ktr_len) < 0) 380 errx(1, "bogus length 0x%x", ktrlen); 381 if (ktrlen > size) { 382 m = realloc(m, ktrlen+1); 383 if (m == NULL) 384 errx(1, "%s", strerror(ENOMEM)); 385 size = ktrlen; 386 } 387 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 388 errx(1, "data too short"); 389 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 390 continue; 391 sv_flags = abidump(&ktr_header); 392 if (pid && ktr_header.ktr_pid != pid && 393 ktr_header.ktr_tid != pid) 394 continue; 395 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 396 continue; 397 drop_logged = 0; 398 switch (ktr_header.ktr_type) { 399 case KTR_SYSCALL: 400 #if defined(__amd64__) || defined(__i386__) 401 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 402 linux_ktrsyscall((struct ktr_syscall *)m); 403 else 404 #endif 405 ktrsyscall((struct ktr_syscall *)m, sv_flags); 406 break; 407 case KTR_SYSRET: 408 #if defined(__amd64__) || defined(__i386__) 409 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 410 linux_ktrsysret((struct ktr_sysret *)m); 411 else 412 #endif 413 ktrsysret((struct ktr_sysret *)m, sv_flags); 414 break; 415 case KTR_NAMEI: 416 case KTR_SYSCTL: 417 ktrnamei(m, ktrlen); 418 break; 419 case KTR_GENIO: 420 ktrgenio((struct ktr_genio *)m, ktrlen); 421 break; 422 case KTR_PSIG: 423 ktrpsig((struct ktr_psig *)m); 424 break; 425 case KTR_CSW: 426 if (ktrlen == sizeof(struct ktr_csw_old)) 427 ktrcsw_old((struct ktr_csw_old *)m); 428 else 429 ktrcsw((struct ktr_csw *)m); 430 break; 431 case KTR_USER: 432 ktruser(ktrlen, m); 433 break; 434 case KTR_STRUCT: 435 ktrstruct(m, ktrlen); 436 break; 437 case KTR_CAPFAIL: 438 ktrcapfail((struct ktr_cap_fail *)m); 439 break; 440 case KTR_FAULT: 441 ktrfault((struct ktr_fault *)m); 442 break; 443 case KTR_FAULTEND: 444 ktrfaultend((struct ktr_faultend *)m); 445 break; 446 default: 447 printf("\n"); 448 break; 449 } 450 if (tail) 451 fflush(stdout); 452 } 453 return 0; 454 } 455 456 void 457 limitfd(int fd) 458 { 459 cap_rights_t rights; 460 unsigned long cmd; 461 462 cap_rights_init(&rights, CAP_FSTAT); 463 cmd = 0; 464 465 switch (fd) { 466 case STDIN_FILENO: 467 cap_rights_set(&rights, CAP_READ); 468 break; 469 case STDOUT_FILENO: 470 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE); 471 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 472 break; 473 case STDERR_FILENO: 474 cap_rights_set(&rights, CAP_WRITE); 475 if (!suppressdata) { 476 cap_rights_set(&rights, CAP_IOCTL); 477 cmd = TIOCGWINSZ; 478 } 479 break; 480 default: 481 abort(); 482 } 483 484 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) 485 err(1, "unable to limit rights for descriptor %d", fd); 486 if (cmd != 0 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 487 err(1, "unable to limit ioctls for descriptor %d", fd); 488 } 489 490 int 491 fread_tail(void *buf, int size, int num) 492 { 493 int i; 494 495 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 496 sleep(1); 497 clearerr(stdin); 498 } 499 return (i); 500 } 501 502 int 503 fetchprocinfo(struct ktr_header *kth, u_int *flags) 504 { 505 struct proc_info *pi; 506 507 switch (kth->ktr_type) { 508 case KTR_PROCCTOR: 509 TAILQ_FOREACH(pi, &trace_procs, info) { 510 if (pi->pid == kth->ktr_pid) { 511 TAILQ_REMOVE(&trace_procs, pi, info); 512 break; 513 } 514 } 515 pi = malloc(sizeof(struct proc_info)); 516 if (pi == NULL) 517 errx(1, "%s", strerror(ENOMEM)); 518 pi->sv_flags = *flags; 519 pi->pid = kth->ktr_pid; 520 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 521 return (1); 522 523 case KTR_PROCDTOR: 524 TAILQ_FOREACH(pi, &trace_procs, info) { 525 if (pi->pid == kth->ktr_pid) { 526 TAILQ_REMOVE(&trace_procs, pi, info); 527 free(pi); 528 break; 529 } 530 } 531 return (1); 532 } 533 534 return (0); 535 } 536 537 u_int 538 abidump(struct ktr_header *kth) 539 { 540 struct proc_info *pi; 541 const char *abi; 542 const char *arch; 543 u_int flags = 0; 544 545 TAILQ_FOREACH(pi, &trace_procs, info) { 546 if (pi->pid == kth->ktr_pid) { 547 flags = pi->sv_flags; 548 break; 549 } 550 } 551 552 if (abiflag == 0) 553 return (flags); 554 555 switch (flags & SV_ABI_MASK) { 556 case SV_ABI_LINUX: 557 abi = "L"; 558 break; 559 case SV_ABI_FREEBSD: 560 abi = "F"; 561 break; 562 default: 563 abi = "U"; 564 break; 565 } 566 567 if (flags != 0) { 568 if (flags & SV_LP64) 569 arch = "64"; 570 else 571 arch = "32"; 572 } else 573 arch = "00"; 574 575 printf("%s%s ", abi, arch); 576 577 return (flags); 578 } 579 580 void 581 dumpheader(struct ktr_header *kth) 582 { 583 static char unknown[64]; 584 static struct timeval prevtime, prevtime_e, temp; 585 const char *type; 586 587 switch (kth->ktr_type) { 588 case KTR_SYSCALL: 589 type = "CALL"; 590 break; 591 case KTR_SYSRET: 592 type = "RET "; 593 break; 594 case KTR_NAMEI: 595 type = "NAMI"; 596 break; 597 case KTR_GENIO: 598 type = "GIO "; 599 break; 600 case KTR_PSIG: 601 type = "PSIG"; 602 break; 603 case KTR_CSW: 604 type = "CSW "; 605 break; 606 case KTR_USER: 607 type = "USER"; 608 break; 609 case KTR_STRUCT: 610 type = "STRU"; 611 break; 612 case KTR_SYSCTL: 613 type = "SCTL"; 614 break; 615 case KTR_PROCCTOR: 616 /* FALLTHROUGH */ 617 case KTR_PROCDTOR: 618 return; 619 case KTR_CAPFAIL: 620 type = "CAP "; 621 break; 622 case KTR_FAULT: 623 type = "PFLT"; 624 break; 625 case KTR_FAULTEND: 626 type = "PRET"; 627 break; 628 default: 629 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 630 type = unknown; 631 } 632 633 /* 634 * The ktr_tid field was previously the ktr_buffer field, which held 635 * the kernel pointer value for the buffer associated with data 636 * following the record header. It now holds a threadid, but only 637 * for trace files after the change. Older trace files still contain 638 * kernel pointers. Detect this and suppress the results by printing 639 * negative tid's as 0. 640 */ 641 if (threads) 642 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 643 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 644 MAXCOMLEN, kth->ktr_comm); 645 else 646 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 647 kth->ktr_comm); 648 if (timestamp) { 649 if (timestamp & TIMESTAMP_ABSOLUTE) { 650 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 651 kth->ktr_time.tv_usec); 652 } 653 if (timestamp & TIMESTAMP_ELAPSED) { 654 if (prevtime_e.tv_sec == 0) 655 prevtime_e = kth->ktr_time; 656 timevalsub(&kth->ktr_time, &prevtime_e); 657 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 658 kth->ktr_time.tv_usec); 659 timevaladd(&kth->ktr_time, &prevtime_e); 660 } 661 if (timestamp & TIMESTAMP_RELATIVE) { 662 temp = kth->ktr_time; 663 timevalsub(&kth->ktr_time, &prevtime); 664 prevtime = temp; 665 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 666 kth->ktr_time.tv_usec); 667 } 668 } 669 printf("%s ", type); 670 } 671 672 #include <sys/syscall.h> 673 #define KTRACE 674 #include <sys/kern/syscalls.c> 675 #undef KTRACE 676 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 677 678 void 679 ktrsyscall(struct ktr_syscall *ktr, u_int flags) 680 { 681 int narg = ktr->ktr_narg; 682 register_t *ip; 683 intmax_t arg; 684 685 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 686 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 687 printf("[%d]", ktr->ktr_code); 688 else { 689 printf("%s", syscallnames[ktr->ktr_code]); 690 if (syscallno) 691 printf("[%d]", ktr->ktr_code); 692 } 693 ip = &ktr->ktr_args[0]; 694 if (narg) { 695 char c = '('; 696 if (fancy && 697 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 698 switch (ktr->ktr_code) { 699 case SYS_bindat: 700 case SYS_connectat: 701 case SYS_faccessat: 702 case SYS_fchmodat: 703 case SYS_fchownat: 704 case SYS_fstatat: 705 case SYS_futimesat: 706 case SYS_linkat: 707 case SYS_mkdirat: 708 case SYS_mkfifoat: 709 case SYS_mknodat: 710 case SYS_openat: 711 case SYS_readlinkat: 712 case SYS_renameat: 713 case SYS_unlinkat: 714 putchar('('); 715 atfdname(*ip, decimal); 716 c = ','; 717 ip++; 718 narg--; 719 break; 720 } 721 switch (ktr->ktr_code) { 722 case SYS_ioctl: { 723 print_number(ip, narg, c); 724 putchar(c); 725 ioctlname(*ip, decimal); 726 c = ','; 727 ip++; 728 narg--; 729 break; 730 } 731 case SYS_ptrace: 732 putchar('('); 733 ptraceopname(*ip); 734 c = ','; 735 ip++; 736 narg--; 737 break; 738 case SYS_access: 739 case SYS_eaccess: 740 case SYS_faccessat: 741 print_number(ip, narg, c); 742 putchar(','); 743 accessmodename(*ip); 744 ip++; 745 narg--; 746 break; 747 case SYS_open: 748 case SYS_openat: 749 print_number(ip, narg, c); 750 putchar(','); 751 flagsandmodename(ip[0], ip[1], decimal); 752 ip += 2; 753 narg -= 2; 754 break; 755 case SYS_wait4: 756 print_number(ip, narg, c); 757 print_number(ip, narg, c); 758 /* 759 * A flags value of zero is valid for 760 * wait4() but not for wait6(), so 761 * handle zero special here. 762 */ 763 if (*ip == 0) { 764 print_number(ip, narg, c); 765 } else { 766 putchar(','); 767 wait6optname(*ip); 768 ip++; 769 narg--; 770 } 771 break; 772 case SYS_wait6: 773 putchar('('); 774 idtypename(*ip, decimal); 775 c = ','; 776 ip++; 777 narg--; 778 print_number(ip, narg, c); 779 print_number(ip, narg, c); 780 putchar(','); 781 wait6optname(*ip); 782 ip++; 783 narg--; 784 break; 785 case SYS_chmod: 786 case SYS_fchmod: 787 case SYS_lchmod: 788 print_number(ip, narg, c); 789 putchar(','); 790 modename(*ip); 791 ip++; 792 narg--; 793 break; 794 case SYS_mknod: 795 case SYS_mknodat: 796 print_number(ip, narg, c); 797 putchar(','); 798 modename(*ip); 799 ip++; 800 narg--; 801 break; 802 case SYS_getfsstat: 803 print_number(ip, narg, c); 804 print_number(ip, narg, c); 805 putchar(','); 806 getfsstatflagsname(*ip); 807 ip++; 808 narg--; 809 break; 810 case SYS_mount: 811 print_number(ip, narg, c); 812 print_number(ip, narg, c); 813 putchar(','); 814 mountflagsname(*ip); 815 ip++; 816 narg--; 817 break; 818 case SYS_unmount: 819 print_number(ip, narg, c); 820 putchar(','); 821 mountflagsname(*ip); 822 ip++; 823 narg--; 824 break; 825 case SYS_recvmsg: 826 case SYS_sendmsg: 827 print_number(ip, narg, c); 828 print_number(ip, narg, c); 829 putchar(','); 830 sendrecvflagsname(*ip); 831 ip++; 832 narg--; 833 break; 834 case SYS_recvfrom: 835 case SYS_sendto: 836 print_number(ip, narg, c); 837 print_number(ip, narg, c); 838 print_number(ip, narg, c); 839 putchar(','); 840 sendrecvflagsname(*ip); 841 ip++; 842 narg--; 843 break; 844 case SYS_chflags: 845 case SYS_fchflags: 846 case SYS_lchflags: 847 print_number(ip, narg, c); 848 putchar(','); 849 modename(*ip); 850 ip++; 851 narg--; 852 break; 853 case SYS_kill: 854 print_number(ip, narg, c); 855 putchar(','); 856 signame(*ip); 857 ip++; 858 narg--; 859 break; 860 case SYS_reboot: 861 putchar('('); 862 rebootoptname(*ip); 863 ip++; 864 narg--; 865 break; 866 case SYS_umask: 867 putchar('('); 868 modename(*ip); 869 ip++; 870 narg--; 871 break; 872 case SYS_msync: 873 print_number(ip, narg, c); 874 print_number(ip, narg, c); 875 putchar(','); 876 msyncflagsname(*ip); 877 ip++; 878 narg--; 879 break; 880 #ifdef SYS_freebsd6_mmap 881 case SYS_freebsd6_mmap: 882 print_number(ip, narg, c); 883 print_number(ip, narg, c); 884 putchar(','); 885 mmapprotname(*ip); 886 putchar(','); 887 ip++; 888 narg--; 889 mmapflagsname(*ip); 890 ip++; 891 narg--; 892 break; 893 #endif 894 case SYS_mmap: 895 print_number(ip, narg, c); 896 print_number(ip, narg, c); 897 putchar(','); 898 mmapprotname(*ip); 899 putchar(','); 900 ip++; 901 narg--; 902 mmapflagsname(*ip); 903 ip++; 904 narg--; 905 break; 906 case SYS_mprotect: 907 print_number(ip, narg, c); 908 print_number(ip, narg, c); 909 putchar(','); 910 mmapprotname(*ip); 911 ip++; 912 narg--; 913 break; 914 case SYS_madvise: 915 print_number(ip, narg, c); 916 print_number(ip, narg, c); 917 putchar(','); 918 madvisebehavname(*ip); 919 ip++; 920 narg--; 921 break; 922 case SYS_setpriority: 923 print_number(ip, narg, c); 924 print_number(ip, narg, c); 925 putchar(','); 926 prioname(*ip); 927 ip++; 928 narg--; 929 break; 930 case SYS_fcntl: 931 print_number(ip, narg, c); 932 putchar(','); 933 fcntlcmdname(ip[0], ip[1], decimal); 934 ip += 2; 935 narg -= 2; 936 break; 937 case SYS_socket: { 938 int sockdomain; 939 putchar('('); 940 sockdomain = *ip; 941 sockdomainname(sockdomain); 942 ip++; 943 narg--; 944 putchar(','); 945 socktypenamewithflags(*ip); 946 ip++; 947 narg--; 948 if (sockdomain == PF_INET || 949 sockdomain == PF_INET6) { 950 putchar(','); 951 sockipprotoname(*ip); 952 ip++; 953 narg--; 954 } 955 c = ','; 956 break; 957 } 958 case SYS_setsockopt: 959 case SYS_getsockopt: 960 print_number(ip, narg, c); 961 putchar(','); 962 sockoptlevelname(*ip, decimal); 963 if (*ip == SOL_SOCKET) { 964 ip++; 965 narg--; 966 putchar(','); 967 sockoptname(*ip); 968 } 969 ip++; 970 narg--; 971 break; 972 #ifdef SYS_freebsd6_lseek 973 case SYS_freebsd6_lseek: 974 print_number(ip, narg, c); 975 /* Hidden 'pad' argument, not in lseek(2) */ 976 print_number(ip, narg, c); 977 print_number(ip, narg, c); 978 putchar(','); 979 whencename(*ip); 980 ip++; 981 narg--; 982 break; 983 #endif 984 case SYS_lseek: 985 print_number(ip, narg, c); 986 /* Hidden 'pad' argument, not in lseek(2) */ 987 print_number(ip, narg, c); 988 putchar(','); 989 whencename(*ip); 990 ip++; 991 narg--; 992 break; 993 case SYS_flock: 994 print_number(ip, narg, c); 995 putchar(','); 996 flockname(*ip); 997 ip++; 998 narg--; 999 break; 1000 case SYS_mkfifo: 1001 case SYS_mkfifoat: 1002 case SYS_mkdir: 1003 case SYS_mkdirat: 1004 print_number(ip, narg, c); 1005 putchar(','); 1006 modename(*ip); 1007 ip++; 1008 narg--; 1009 break; 1010 case SYS_shutdown: 1011 print_number(ip, narg, c); 1012 putchar(','); 1013 shutdownhowname(*ip); 1014 ip++; 1015 narg--; 1016 break; 1017 case SYS_socketpair: 1018 putchar('('); 1019 sockdomainname(*ip); 1020 ip++; 1021 narg--; 1022 putchar(','); 1023 socktypenamewithflags(*ip); 1024 ip++; 1025 narg--; 1026 c = ','; 1027 break; 1028 case SYS_getrlimit: 1029 case SYS_setrlimit: 1030 putchar('('); 1031 rlimitname(*ip); 1032 ip++; 1033 narg--; 1034 c = ','; 1035 break; 1036 case SYS_quotactl: 1037 print_number(ip, narg, c); 1038 putchar(','); 1039 quotactlname(*ip); 1040 ip++; 1041 narg--; 1042 c = ','; 1043 break; 1044 case SYS_nfssvc: 1045 putchar('('); 1046 nfssvcname(*ip); 1047 ip++; 1048 narg--; 1049 c = ','; 1050 break; 1051 case SYS_rtprio: 1052 putchar('('); 1053 rtprioname(*ip); 1054 ip++; 1055 narg--; 1056 c = ','; 1057 break; 1058 case SYS___semctl: 1059 print_number(ip, narg, c); 1060 print_number(ip, narg, c); 1061 putchar(','); 1062 semctlname(*ip); 1063 ip++; 1064 narg--; 1065 break; 1066 case SYS_semget: 1067 print_number(ip, narg, c); 1068 print_number(ip, narg, c); 1069 putchar(','); 1070 semgetname(*ip); 1071 ip++; 1072 narg--; 1073 break; 1074 case SYS_msgctl: 1075 print_number(ip, narg, c); 1076 putchar(','); 1077 shmctlname(*ip); 1078 ip++; 1079 narg--; 1080 break; 1081 case SYS_shmat: 1082 print_number(ip, narg, c); 1083 print_number(ip, narg, c); 1084 putchar(','); 1085 shmatname(*ip); 1086 ip++; 1087 narg--; 1088 break; 1089 case SYS_shmctl: 1090 print_number(ip, narg, c); 1091 putchar(','); 1092 shmctlname(*ip); 1093 ip++; 1094 narg--; 1095 break; 1096 case SYS_shm_open: 1097 print_number(ip, narg, c); 1098 putchar(','); 1099 flagsname(ip[0]); 1100 printf(",0%o", (unsigned int)ip[1]); 1101 ip += 3; 1102 narg -= 3; 1103 break; 1104 case SYS_minherit: 1105 print_number(ip, narg, c); 1106 print_number(ip, narg, c); 1107 putchar(','); 1108 minheritname(*ip); 1109 ip++; 1110 narg--; 1111 break; 1112 case SYS_rfork: 1113 putchar('('); 1114 rforkname(*ip); 1115 ip++; 1116 narg--; 1117 c = ','; 1118 break; 1119 case SYS_lio_listio: 1120 putchar('('); 1121 lio_listioname(*ip); 1122 ip++; 1123 narg--; 1124 c = ','; 1125 break; 1126 case SYS_mlockall: 1127 putchar('('); 1128 mlockallname(*ip); 1129 ip++; 1130 narg--; 1131 break; 1132 case SYS_sched_setscheduler: 1133 print_number(ip, narg, c); 1134 putchar(','); 1135 schedpolicyname(*ip); 1136 ip++; 1137 narg--; 1138 break; 1139 case SYS_sched_get_priority_max: 1140 case SYS_sched_get_priority_min: 1141 putchar('('); 1142 schedpolicyname(*ip); 1143 ip++; 1144 narg--; 1145 break; 1146 case SYS_sendfile: 1147 print_number(ip, narg, c); 1148 print_number(ip, narg, c); 1149 print_number(ip, narg, c); 1150 print_number(ip, narg, c); 1151 print_number(ip, narg, c); 1152 print_number(ip, narg, c); 1153 putchar(','); 1154 sendfileflagsname(*ip); 1155 ip++; 1156 narg--; 1157 break; 1158 case SYS_kldsym: 1159 print_number(ip, narg, c); 1160 putchar(','); 1161 kldsymcmdname(*ip); 1162 ip++; 1163 narg--; 1164 break; 1165 case SYS_sigprocmask: 1166 putchar('('); 1167 sigprocmaskhowname(*ip); 1168 ip++; 1169 narg--; 1170 c = ','; 1171 break; 1172 case SYS___acl_get_file: 1173 case SYS___acl_set_file: 1174 case SYS___acl_get_fd: 1175 case SYS___acl_set_fd: 1176 case SYS___acl_delete_file: 1177 case SYS___acl_delete_fd: 1178 case SYS___acl_aclcheck_file: 1179 case SYS___acl_aclcheck_fd: 1180 case SYS___acl_get_link: 1181 case SYS___acl_set_link: 1182 case SYS___acl_delete_link: 1183 case SYS___acl_aclcheck_link: 1184 print_number(ip, narg, c); 1185 putchar(','); 1186 acltypename(*ip); 1187 ip++; 1188 narg--; 1189 break; 1190 case SYS_sigaction: 1191 putchar('('); 1192 signame(*ip); 1193 ip++; 1194 narg--; 1195 c = ','; 1196 break; 1197 case SYS_extattrctl: 1198 print_number(ip, narg, c); 1199 putchar(','); 1200 extattrctlname(*ip); 1201 ip++; 1202 narg--; 1203 break; 1204 case SYS_nmount: 1205 print_number(ip, narg, c); 1206 print_number(ip, narg, c); 1207 putchar(','); 1208 mountflagsname(*ip); 1209 ip++; 1210 narg--; 1211 break; 1212 case SYS_thr_create: 1213 print_number(ip, narg, c); 1214 print_number(ip, narg, c); 1215 putchar(','); 1216 thrcreateflagsname(*ip); 1217 ip++; 1218 narg--; 1219 break; 1220 case SYS_thr_kill: 1221 print_number(ip, narg, c); 1222 putchar(','); 1223 signame(*ip); 1224 ip++; 1225 narg--; 1226 break; 1227 case SYS_kldunloadf: 1228 print_number(ip, narg, c); 1229 putchar(','); 1230 kldunloadfflagsname(*ip); 1231 ip++; 1232 narg--; 1233 break; 1234 case SYS_linkat: 1235 case SYS_renameat: 1236 case SYS_symlinkat: 1237 print_number(ip, narg, c); 1238 putchar(','); 1239 atfdname(*ip, decimal); 1240 ip++; 1241 narg--; 1242 break; 1243 case SYS_cap_fcntls_limit: 1244 print_number(ip, narg, c); 1245 putchar(','); 1246 arg = *ip; 1247 ip++; 1248 narg--; 1249 capfcntlname(arg); 1250 break; 1251 case SYS_posix_fadvise: 1252 print_number(ip, narg, c); 1253 print_number(ip, narg, c); 1254 print_number(ip, narg, c); 1255 (void)putchar(','); 1256 fadvisebehavname((int)*ip); 1257 ip++; 1258 narg--; 1259 break; 1260 case SYS_procctl: 1261 putchar('('); 1262 idtypename(*ip, decimal); 1263 c = ','; 1264 ip++; 1265 narg--; 1266 print_number(ip, narg, c); 1267 putchar(','); 1268 procctlcmdname(*ip); 1269 ip++; 1270 narg--; 1271 break; 1272 case SYS__umtx_op: 1273 print_number(ip, narg, c); 1274 putchar(','); 1275 umtxopname(*ip); 1276 switch (*ip) { 1277 case UMTX_OP_CV_WAIT: 1278 ip++; 1279 narg--; 1280 putchar(','); 1281 umtxcvwaitflags(*ip); 1282 break; 1283 case UMTX_OP_RW_RDLOCK: 1284 ip++; 1285 narg--; 1286 putchar(','); 1287 umtxrwlockflags(*ip); 1288 break; 1289 } 1290 ip++; 1291 narg--; 1292 } 1293 } 1294 while (narg > 0) { 1295 print_number(ip, narg, c); 1296 } 1297 putchar(')'); 1298 } 1299 putchar('\n'); 1300 } 1301 1302 void 1303 ktrsysret(struct ktr_sysret *ktr, u_int flags) 1304 { 1305 register_t ret = ktr->ktr_retval; 1306 int error = ktr->ktr_error; 1307 int code = ktr->ktr_code; 1308 1309 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1310 (code >= nsyscalls || code < 0)) 1311 printf("[%d] ", code); 1312 else { 1313 printf("%s", syscallnames[code]); 1314 if (syscallno) 1315 printf("[%d]", code); 1316 printf(" "); 1317 } 1318 1319 if (error == 0) { 1320 if (fancy) { 1321 printf("%ld", (long)ret); 1322 if (ret < 0 || ret > 9) 1323 printf("/%#lx", (unsigned long)ret); 1324 } else { 1325 if (decimal) 1326 printf("%ld", (long)ret); 1327 else 1328 printf("%#lx", (unsigned long)ret); 1329 } 1330 } else if (error == ERESTART) 1331 printf("RESTART"); 1332 else if (error == EJUSTRETURN) 1333 printf("JUSTRETURN"); 1334 else { 1335 printf("-1 errno %d", ktr->ktr_error); 1336 if (fancy) 1337 printf(" %s", strerror(ktr->ktr_error)); 1338 } 1339 putchar('\n'); 1340 } 1341 1342 void 1343 ktrnamei(char *cp, int len) 1344 { 1345 printf("\"%.*s\"\n", len, cp); 1346 } 1347 1348 void 1349 hexdump(char *p, int len, int screenwidth) 1350 { 1351 int n, i; 1352 int width; 1353 1354 width = 0; 1355 do { 1356 width += 2; 1357 i = 13; /* base offset */ 1358 i += (width / 2) + 1; /* spaces every second byte */ 1359 i += (width * 2); /* width of bytes */ 1360 i += 3; /* " |" */ 1361 i += width; /* each byte */ 1362 i += 1; /* "|" */ 1363 } while (i < screenwidth); 1364 width -= 2; 1365 1366 for (n = 0; n < len; n += width) { 1367 for (i = n; i < n + width; i++) { 1368 if ((i % width) == 0) { /* beginning of line */ 1369 printf(" 0x%04x", i); 1370 } 1371 if ((i % 2) == 0) { 1372 printf(" "); 1373 } 1374 if (i < len) 1375 printf("%02x", p[i] & 0xff); 1376 else 1377 printf(" "); 1378 } 1379 printf(" |"); 1380 for (i = n; i < n + width; i++) { 1381 if (i >= len) 1382 break; 1383 if (p[i] >= ' ' && p[i] <= '~') 1384 printf("%c", p[i]); 1385 else 1386 printf("."); 1387 } 1388 printf("|\n"); 1389 } 1390 if ((i % width) != 0) 1391 printf("\n"); 1392 } 1393 1394 void 1395 visdump(char *dp, int datalen, int screenwidth) 1396 { 1397 int col = 0; 1398 char *cp; 1399 int width; 1400 char visbuf[5]; 1401 1402 printf(" \""); 1403 col = 8; 1404 for (;datalen > 0; datalen--, dp++) { 1405 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1406 cp = visbuf; 1407 /* 1408 * Keep track of printables and 1409 * space chars (like fold(1)). 1410 */ 1411 if (col == 0) { 1412 putchar('\t'); 1413 col = 8; 1414 } 1415 switch(*cp) { 1416 case '\n': 1417 col = 0; 1418 putchar('\n'); 1419 continue; 1420 case '\t': 1421 width = 8 - (col&07); 1422 break; 1423 default: 1424 width = strlen(cp); 1425 } 1426 if (col + width > (screenwidth-2)) { 1427 printf("\\\n\t"); 1428 col = 8; 1429 } 1430 col += width; 1431 do { 1432 putchar(*cp++); 1433 } while (*cp); 1434 } 1435 if (col == 0) 1436 printf(" "); 1437 printf("\"\n"); 1438 } 1439 1440 void 1441 ktrgenio(struct ktr_genio *ktr, int len) 1442 { 1443 int datalen = len - sizeof (struct ktr_genio); 1444 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1445 static int screenwidth = 0; 1446 int i, binary; 1447 1448 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1449 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1450 datalen == 1 ? "" : "s"); 1451 if (suppressdata) 1452 return; 1453 if (screenwidth == 0) { 1454 struct winsize ws; 1455 1456 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1457 ws.ws_col > 8) 1458 screenwidth = ws.ws_col; 1459 else 1460 screenwidth = 80; 1461 } 1462 if (maxdata && datalen > maxdata) 1463 datalen = maxdata; 1464 1465 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1466 if (dp[i] >= 32 && dp[i] < 127) 1467 continue; 1468 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1469 continue; 1470 binary = 1; 1471 } 1472 if (binary) 1473 hexdump(dp, datalen, screenwidth); 1474 else 1475 visdump(dp, datalen, screenwidth); 1476 } 1477 1478 const char *signames[] = { 1479 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1480 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1481 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1482 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1483 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1484 "USR2", NULL, /* 31 - 32 */ 1485 }; 1486 1487 void 1488 ktrpsig(struct ktr_psig *psig) 1489 { 1490 if (psig->signo > 0 && psig->signo < NSIG) 1491 printf("SIG%s ", signames[psig->signo]); 1492 else 1493 printf("SIG %d ", psig->signo); 1494 if (psig->action == SIG_DFL) { 1495 printf("SIG_DFL code="); 1496 sigcodename(psig->signo, psig->code); 1497 putchar('\n'); 1498 } else { 1499 printf("caught handler=0x%lx mask=0x%x code=", 1500 (u_long)psig->action, psig->mask.__bits[0]); 1501 sigcodename(psig->signo, psig->code); 1502 putchar('\n'); 1503 } 1504 } 1505 1506 void 1507 ktrcsw_old(struct ktr_csw_old *cs) 1508 { 1509 printf("%s %s\n", cs->out ? "stop" : "resume", 1510 cs->user ? "user" : "kernel"); 1511 } 1512 1513 void 1514 ktrcsw(struct ktr_csw *cs) 1515 { 1516 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1517 cs->user ? "user" : "kernel", cs->wmesg); 1518 } 1519 1520 #define UTRACE_DLOPEN_START 1 1521 #define UTRACE_DLOPEN_STOP 2 1522 #define UTRACE_DLCLOSE_START 3 1523 #define UTRACE_DLCLOSE_STOP 4 1524 #define UTRACE_LOAD_OBJECT 5 1525 #define UTRACE_UNLOAD_OBJECT 6 1526 #define UTRACE_ADD_RUNDEP 7 1527 #define UTRACE_PRELOAD_FINISHED 8 1528 #define UTRACE_INIT_CALL 9 1529 #define UTRACE_FINI_CALL 10 1530 1531 struct utrace_rtld { 1532 char sig[4]; /* 'RTLD' */ 1533 int event; 1534 void *handle; 1535 void *mapbase; 1536 size_t mapsize; 1537 int refcnt; 1538 char name[MAXPATHLEN]; 1539 }; 1540 1541 void 1542 ktruser_rtld(int len, void *p) 1543 { 1544 struct utrace_rtld *ut = p; 1545 unsigned char *cp; 1546 void *parent; 1547 int mode; 1548 1549 switch (ut->event) { 1550 case UTRACE_DLOPEN_START: 1551 mode = ut->refcnt; 1552 printf("dlopen(%s, ", ut->name); 1553 switch (mode & RTLD_MODEMASK) { 1554 case RTLD_NOW: 1555 printf("RTLD_NOW"); 1556 break; 1557 case RTLD_LAZY: 1558 printf("RTLD_LAZY"); 1559 break; 1560 default: 1561 printf("%#x", mode & RTLD_MODEMASK); 1562 } 1563 if (mode & RTLD_GLOBAL) 1564 printf(" | RTLD_GLOBAL"); 1565 if (mode & RTLD_TRACE) 1566 printf(" | RTLD_TRACE"); 1567 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1568 printf(" | %#x", mode & 1569 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1570 printf(")\n"); 1571 break; 1572 case UTRACE_DLOPEN_STOP: 1573 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1574 ut->refcnt); 1575 break; 1576 case UTRACE_DLCLOSE_START: 1577 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1578 ut->refcnt); 1579 break; 1580 case UTRACE_DLCLOSE_STOP: 1581 printf("dlclose(%p) finished\n", ut->handle); 1582 break; 1583 case UTRACE_LOAD_OBJECT: 1584 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1585 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1586 ut->name); 1587 break; 1588 case UTRACE_UNLOAD_OBJECT: 1589 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1590 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1591 ut->name); 1592 break; 1593 case UTRACE_ADD_RUNDEP: 1594 parent = ut->mapbase; 1595 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1596 ut->handle, ut->name, ut->refcnt); 1597 break; 1598 case UTRACE_PRELOAD_FINISHED: 1599 printf("RTLD: LD_PRELOAD finished\n"); 1600 break; 1601 case UTRACE_INIT_CALL: 1602 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1603 ut->name); 1604 break; 1605 case UTRACE_FINI_CALL: 1606 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1607 ut->name); 1608 break; 1609 default: 1610 cp = p; 1611 cp += 4; 1612 len -= 4; 1613 printf("RTLD: %d ", len); 1614 while (len--) 1615 if (decimal) 1616 printf(" %d", *cp++); 1617 else 1618 printf(" %02x", *cp++); 1619 printf("\n"); 1620 } 1621 } 1622 1623 struct utrace_malloc { 1624 void *p; 1625 size_t s; 1626 void *r; 1627 }; 1628 1629 void 1630 ktruser_malloc(void *p) 1631 { 1632 struct utrace_malloc *ut = p; 1633 1634 if (ut->p == (void *)(intptr_t)(-1)) 1635 printf("malloc_init()\n"); 1636 else if (ut->s == 0) 1637 printf("free(%p)\n", ut->p); 1638 else if (ut->p == NULL) 1639 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1640 else 1641 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1642 } 1643 1644 void 1645 ktruser(int len, void *p) 1646 { 1647 unsigned char *cp; 1648 1649 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1650 ktruser_rtld(len, p); 1651 return; 1652 } 1653 1654 if (len == sizeof(struct utrace_malloc)) { 1655 ktruser_malloc(p); 1656 return; 1657 } 1658 1659 printf("%d ", len); 1660 cp = p; 1661 while (len--) 1662 if (decimal) 1663 printf(" %d", *cp++); 1664 else 1665 printf(" %02x", *cp++); 1666 printf("\n"); 1667 } 1668 1669 void 1670 ktrcaprights(cap_rights_t *rightsp) 1671 { 1672 1673 printf("cap_rights_t "); 1674 capname(rightsp); 1675 printf("\n"); 1676 } 1677 1678 void 1679 ktrsockaddr(struct sockaddr *sa) 1680 { 1681 /* 1682 TODO: Support additional address families 1683 #include <netnatm/natm.h> 1684 struct sockaddr_natm *natm; 1685 #include <netsmb/netbios.h> 1686 struct sockaddr_nb *nb; 1687 */ 1688 char addr[64]; 1689 1690 /* 1691 * note: ktrstruct() has already verified that sa points to a 1692 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1693 * sa->sa_len bytes long. 1694 */ 1695 printf("struct sockaddr { "); 1696 sockfamilyname(sa->sa_family); 1697 printf(", "); 1698 1699 #define check_sockaddr_len(n) \ 1700 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1701 printf("invalid"); \ 1702 break; \ 1703 } 1704 1705 switch(sa->sa_family) { 1706 case AF_INET: { 1707 struct sockaddr_in sa_in; 1708 1709 memset(&sa_in, 0, sizeof(sa_in)); 1710 memcpy(&sa_in, sa, sa->sa_len); 1711 check_sockaddr_len(in); 1712 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1713 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1714 break; 1715 } 1716 case AF_INET6: { 1717 struct sockaddr_in6 sa_in6; 1718 1719 memset(&sa_in6, 0, sizeof(sa_in6)); 1720 memcpy(&sa_in6, sa, sa->sa_len); 1721 check_sockaddr_len(in6); 1722 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1723 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1724 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1725 break; 1726 } 1727 case AF_UNIX: { 1728 struct sockaddr_un sa_un; 1729 1730 memset(&sa_un, 0, sizeof(sa_un)); 1731 memcpy(&sa_un, sa, sa->sa_len); 1732 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1733 break; 1734 } 1735 default: 1736 printf("unknown address family"); 1737 } 1738 printf(" }\n"); 1739 } 1740 1741 void 1742 ktrstat(struct stat *statp) 1743 { 1744 char mode[12], timestr[PATH_MAX + 4]; 1745 struct passwd *pwd; 1746 struct group *grp; 1747 struct tm *tm; 1748 1749 /* 1750 * note: ktrstruct() has already verified that statp points to a 1751 * buffer exactly sizeof(struct stat) bytes long. 1752 */ 1753 printf("struct stat {"); 1754 printf("dev=%ju, ino=%ju, ", 1755 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); 1756 if (resolv == 0) 1757 printf("mode=0%jo, ", (uintmax_t)statp->st_mode); 1758 else { 1759 strmode(statp->st_mode, mode); 1760 printf("mode=%s, ", mode); 1761 } 1762 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); 1763 if (resolv == 0) { 1764 pwd = NULL; 1765 } else { 1766 #ifdef HAVE_LIBCAPSICUM 1767 if (cappwd != NULL) 1768 pwd = cap_getpwuid(cappwd, statp->st_uid); 1769 else 1770 #endif 1771 pwd = getpwuid(statp->st_uid); 1772 } 1773 if (pwd == NULL) 1774 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1775 else 1776 printf("uid=\"%s\", ", pwd->pw_name); 1777 if (resolv == 0) { 1778 grp = NULL; 1779 } else { 1780 #ifdef HAVE_LIBCAPSICUM 1781 if (capgrp != NULL) 1782 grp = cap_getgrgid(capgrp, statp->st_gid); 1783 else 1784 #endif 1785 grp = getgrgid(statp->st_gid); 1786 } 1787 if (grp == NULL) 1788 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1789 else 1790 printf("gid=\"%s\", ", grp->gr_name); 1791 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1792 printf("atime="); 1793 if (resolv == 0) 1794 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1795 else { 1796 tm = localtime(&statp->st_atim.tv_sec); 1797 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1798 printf("\"%s\"", timestr); 1799 } 1800 if (statp->st_atim.tv_nsec != 0) 1801 printf(".%09ld, ", statp->st_atim.tv_nsec); 1802 else 1803 printf(", "); 1804 printf("stime="); 1805 if (resolv == 0) 1806 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1807 else { 1808 tm = localtime(&statp->st_mtim.tv_sec); 1809 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1810 printf("\"%s\"", timestr); 1811 } 1812 if (statp->st_mtim.tv_nsec != 0) 1813 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1814 else 1815 printf(", "); 1816 printf("ctime="); 1817 if (resolv == 0) 1818 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1819 else { 1820 tm = localtime(&statp->st_ctim.tv_sec); 1821 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1822 printf("\"%s\"", timestr); 1823 } 1824 if (statp->st_ctim.tv_nsec != 0) 1825 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1826 else 1827 printf(", "); 1828 printf("birthtime="); 1829 if (resolv == 0) 1830 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1831 else { 1832 tm = localtime(&statp->st_birthtim.tv_sec); 1833 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1834 printf("\"%s\"", timestr); 1835 } 1836 if (statp->st_birthtim.tv_nsec != 0) 1837 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1838 else 1839 printf(", "); 1840 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1841 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1842 (intmax_t)statp->st_blocks, statp->st_flags); 1843 printf(" }\n"); 1844 } 1845 1846 void 1847 ktrstruct(char *buf, size_t buflen) 1848 { 1849 char *name, *data; 1850 size_t namelen, datalen; 1851 int i; 1852 cap_rights_t rights; 1853 struct stat sb; 1854 struct sockaddr_storage ss; 1855 1856 for (name = buf, namelen = 0; 1857 namelen < buflen && name[namelen] != '\0'; 1858 ++namelen) 1859 /* nothing */; 1860 if (namelen == buflen) 1861 goto invalid; 1862 if (name[namelen] != '\0') 1863 goto invalid; 1864 data = buf + namelen + 1; 1865 datalen = buflen - namelen - 1; 1866 if (datalen == 0) 1867 goto invalid; 1868 /* sanity check */ 1869 for (i = 0; i < (int)namelen; ++i) 1870 if (!isalpha(name[i])) 1871 goto invalid; 1872 if (strcmp(name, "caprights") == 0) { 1873 if (datalen != sizeof(cap_rights_t)) 1874 goto invalid; 1875 memcpy(&rights, data, datalen); 1876 ktrcaprights(&rights); 1877 } else if (strcmp(name, "stat") == 0) { 1878 if (datalen != sizeof(struct stat)) 1879 goto invalid; 1880 memcpy(&sb, data, datalen); 1881 ktrstat(&sb); 1882 } else if (strcmp(name, "sockaddr") == 0) { 1883 if (datalen > sizeof(ss)) 1884 goto invalid; 1885 memcpy(&ss, data, datalen); 1886 if (datalen != ss.ss_len) 1887 goto invalid; 1888 ktrsockaddr((struct sockaddr *)&ss); 1889 } else { 1890 printf("unknown structure\n"); 1891 } 1892 return; 1893 invalid: 1894 printf("invalid record\n"); 1895 } 1896 1897 void 1898 ktrcapfail(struct ktr_cap_fail *ktr) 1899 { 1900 switch (ktr->cap_type) { 1901 case CAPFAIL_NOTCAPABLE: 1902 /* operation on fd with insufficient capabilities */ 1903 printf("operation requires "); 1904 capname(&ktr->cap_needed); 1905 printf(", descriptor holds "); 1906 capname(&ktr->cap_held); 1907 break; 1908 case CAPFAIL_INCREASE: 1909 /* requested more capabilities than fd already has */ 1910 printf("attempt to increase capabilities from "); 1911 capname(&ktr->cap_held); 1912 printf(" to "); 1913 capname(&ktr->cap_needed); 1914 break; 1915 case CAPFAIL_SYSCALL: 1916 /* called restricted syscall */ 1917 printf("disallowed system call"); 1918 break; 1919 case CAPFAIL_LOOKUP: 1920 /* used ".." in strict-relative mode */ 1921 printf("restricted VFS lookup"); 1922 break; 1923 default: 1924 printf("unknown capability failure: "); 1925 capname(&ktr->cap_needed); 1926 printf(" "); 1927 capname(&ktr->cap_held); 1928 break; 1929 } 1930 printf("\n"); 1931 } 1932 1933 void 1934 ktrfault(struct ktr_fault *ktr) 1935 { 1936 1937 printf("0x%jx ", ktr->vaddr); 1938 vmprotname(ktr->type); 1939 printf("\n"); 1940 } 1941 1942 void 1943 ktrfaultend(struct ktr_faultend *ktr) 1944 { 1945 1946 vmresultname(ktr->result); 1947 printf("\n"); 1948 } 1949 1950 #if defined(__amd64__) || defined(__i386__) 1951 void 1952 linux_ktrsyscall(struct ktr_syscall *ktr) 1953 { 1954 int narg = ktr->ktr_narg; 1955 register_t *ip; 1956 1957 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0) 1958 printf("[%d]", ktr->ktr_code); 1959 else { 1960 printf("%s", linux_syscallnames[ktr->ktr_code]); 1961 if (syscallno) 1962 printf("[%d]", ktr->ktr_code); 1963 } 1964 ip = &ktr->ktr_args[0]; 1965 if (narg) { 1966 char c = '('; 1967 while (narg > 0) 1968 print_number(ip, narg, c); 1969 putchar(')'); 1970 } 1971 putchar('\n'); 1972 } 1973 1974 void 1975 linux_ktrsysret(struct ktr_sysret *ktr) 1976 { 1977 register_t ret = ktr->ktr_retval; 1978 int error = ktr->ktr_error; 1979 int code = ktr->ktr_code; 1980 1981 if (code >= nlinux_syscalls || code < 0) 1982 printf("[%d] ", code); 1983 else { 1984 printf("%s", linux_syscallnames[code]); 1985 if (syscallno) 1986 printf("[%d]", code); 1987 printf(" "); 1988 } 1989 1990 if (error == 0) { 1991 if (fancy) { 1992 printf("%ld", (long)ret); 1993 if (ret < 0 || ret > 9) 1994 printf("/%#lx", (unsigned long)ret); 1995 } else { 1996 if (decimal) 1997 printf("%ld", (long)ret); 1998 else 1999 printf("%#lx", (unsigned long)ret); 2000 } 2001 } else if (error == ERESTART) 2002 printf("RESTART"); 2003 else if (error == EJUSTRETURN) 2004 printf("JUSTRETURN"); 2005 else { 2006 if (ktr->ktr_error <= ELAST + 1) 2007 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 2008 else 2009 error = 999; 2010 printf("-1 errno %d", error); 2011 if (fancy) 2012 printf(" %s", strerror(ktr->ktr_error)); 2013 } 2014 putchar('\n'); 2015 } 2016 #endif 2017 2018 void 2019 usage(void) 2020 { 2021 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] " 2022 "[-m maxdata] [-p pid] [-t trstr]\n"); 2023 exit(1); 2024 } 2025