1 /*- 2 * SPDX-License-Identifier: BSD-4-Clause 3 * 4 * Copyright 1997 Sean Eric Fagan 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. All advertising materials mentioning features or use of this software 15 * must display the following acknowledgement: 16 * This product includes software developed by Sean Eric Fagan 17 * 4. Neither the name of the author may be used to endorse or promote 18 * products derived from this software without specific prior written 19 * permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * $FreeBSD$ 34 */ 35 36 /* 37 * System call arguments come in several flavours: 38 * Hex -- values that should be printed in hex (addresses) 39 * Octal -- Same as above, but octal 40 * Int -- normal integer values (file descriptors, for example) 41 * LongHex -- long value that should be printed in hex 42 * Name -- pointer to a NULL-terminated string. 43 * BinString -- pointer to an array of chars, printed via strvisx(). 44 * Ptr -- pointer to some unspecified structure. Just print as hex for now. 45 * Stat -- a pointer to a stat buffer. Prints a couple fields. 46 * Stat11 -- a pointer to a freebsd 11 stat buffer. Prints a couple fields. 47 * StatFs -- a pointer to a statfs buffer. Prints a few fields. 48 * Ioctl -- an ioctl command. Woefully limited. 49 * Quad -- a double-word value. e.g., lseek(int, offset_t, int) 50 * Signal -- a signal number. Prints the signal name (SIGxxx) 51 * Sockaddr -- a pointer to a struct sockaddr. Prints symbolic AF, and IP:Port 52 * StringArray -- a pointer to an array of string pointers. 53 * Timespec -- a pointer to a struct timespec. Prints both elements. 54 * Timeval -- a pointer to a struct timeval. Prints both elements. 55 * Timeval2 -- a pointer to two struct timevals. Prints both elements of both. 56 * Itimerval -- a pointer to a struct itimerval. Prints all elements. 57 * Pollfd -- a pointer to an array of struct pollfd. Prints .fd and .events. 58 * Fd_set -- a pointer to an array of fd_set. Prints the fds that are set. 59 * Sigaction -- a pointer to a struct sigaction. Prints all elements. 60 * Sigset -- a pointer to a sigset_t. Prints the signals that are set. 61 * Sigprocmask -- the first argument to sigprocmask(). Prints the name. 62 * Kevent -- a pointer to an array of struct kevents. Prints all elements. 63 * Pathconf -- the 2nd argument of pathconf(). 64 * Utrace -- utrace(2) buffer. 65 * CapRights -- a pointer to a cap_rights_t. Prints all set capabilities. 66 * 67 * In addition, the pointer types (String, Ptr) may have OUT masked in -- 68 * this means that the data is set on *return* from the system call -- or 69 * IN (meaning that the data is passed *into* the system call). 70 */ 71 72 enum Argtype { 73 None = 1, 74 75 /* Scalar integers. */ 76 Socklent, 77 Octal, 78 Int, 79 UInt, 80 Hex, 81 Long, 82 LongHex, 83 Sizet, 84 Quad, 85 QuadHex, 86 87 /* Encoded scalar values. */ 88 Accessmode, 89 Acltype, 90 AiofsyncOp, 91 Atfd, 92 Atflags, 93 CapFcntlRights, 94 Closerangeflags, 95 Extattrnamespace, 96 Fadvice, 97 Fcntl, 98 Fcntlflag, 99 FileFlags, 100 Flockop, 101 Getfsstatmode, 102 Idtype, 103 Ioctl, 104 Kldsymcmd, 105 Kldunloadflags, 106 LioMode, 107 Madvice, 108 Minherit, 109 Msgflags, 110 Mlockall, 111 Mmapflags, 112 Mountflags, 113 Mprot, 114 Msync, 115 Open, 116 Pathconf, 117 Pipe2, 118 Procctl, 119 Priowhich, 120 Ptraceop, 121 Sendfileflags, 122 Sendfilehdtr, 123 Quotactlcmd, 124 Reboothowto, 125 Resource, 126 Rforkflags, 127 Rtpriofunc, 128 RusageWho, 129 Schedpolicy, 130 ShmFlags, 131 Shutdown, 132 Signal, 133 Sigprocmask, 134 Sockdomain, 135 Sockoptlevel, 136 Sockoptname, 137 Sockprotocol, 138 Socktype, 139 Sysarch, 140 Sysctl, 141 Umtxop, 142 Waitoptions, 143 Whence, 144 145 /* Pointers to non-structures. */ 146 Ptr, 147 AiocbArray, 148 AiocbPointer, 149 BinString, 150 CapRights, 151 ExecArgs, 152 ExecEnv, 153 ExitStatus, 154 Fd_set, 155 IntArray, 156 Iovec, 157 Name, 158 PipeFds, 159 PSig, 160 PQuadHex, 161 PUInt, 162 Readlinkres, 163 ShmName, 164 StringArray, 165 166 /* Pointers to structures. */ 167 Aiocb, 168 Itimerval, 169 Kevent, 170 Kevent11, 171 LinuxSockArgs, 172 Msghdr, 173 Pollfd, 174 Rlimit, 175 Rusage, 176 Schedparam, 177 Sctpsndrcvinfo, 178 Sigaction, 179 Sigevent, 180 Siginfo, 181 Sigset, 182 Sockaddr, 183 Stat, 184 Stat11, 185 StatFs, 186 Timespec, 187 Timespec2, 188 Timeval, 189 Timeval2, 190 Utrace, 191 192 MAX_ARG_TYPE, 193 }; 194 195 #define ARG_MASK 0xff 196 #define OUT 0x100 197 #define IN /*0x20*/0 198 199 _Static_assert(ARG_MASK > MAX_ARG_TYPE, 200 "ARG_MASK overlaps with Argtype values"); 201 202 struct syscall_arg { 203 enum Argtype type; 204 int offset; 205 }; 206 207 struct syscall_decode { 208 const char *name; /* Name for calling convention lookup. */ 209 /* 210 * Syscall return type: 211 * 0: no return value (e.g. exit) 212 * 1: normal return value (a single int/long/pointer) 213 * 2: off_t return value (two values for 32-bit ABIs) 214 */ 215 u_int ret_type; 216 u_int nargs; /* number of meaningful arguments */ 217 struct syscall_arg args[10]; /* Hopefully no syscalls with > 10 args */ 218 }; 219 220 struct syscall { 221 STAILQ_ENTRY(syscall) entries; 222 const char *name; /* Name to be displayed, might be malloc()'d */ 223 struct syscall_decode decode; 224 struct timespec time; /* Time spent for this call */ 225 int ncalls; /* Number of calls */ 226 int nerror; /* Number of calls that returned with error */ 227 bool unknown; /* Unknown system call */ 228 }; 229 230 struct syscall *get_syscall(struct threadinfo *, u_int, u_int); 231 char *print_arg(struct syscall_arg *, syscallarg_t *, syscallarg_t *, 232 struct trussinfo *); 233 234 /* 235 * Linux Socket defines 236 */ 237 #define LINUX_SOCKET 1 238 #define LINUX_BIND 2 239 #define LINUX_CONNECT 3 240 #define LINUX_LISTEN 4 241 #define LINUX_ACCEPT 5 242 #define LINUX_GETSOCKNAME 6 243 #define LINUX_GETPEERNAME 7 244 #define LINUX_SOCKETPAIR 8 245 #define LINUX_SEND 9 246 #define LINUX_RECV 10 247 #define LINUX_SENDTO 11 248 #define LINUX_RECVFROM 12 249 #define LINUX_SHUTDOWN 13 250 #define LINUX_SETSOCKOPT 14 251 #define LINUX_GETSOCKOPT 15 252 #define LINUX_SENDMSG 16 253 #define LINUX_RECVMSG 17 254 255 #define PAD_(t) (sizeof(syscallarg_t) <= sizeof(t) ? \ 256 0 : sizeof(syscallarg_t) - sizeof(t)) 257 258 #if BYTE_ORDER == LITTLE_ENDIAN 259 #define PADL_(t) 0 260 #define PADR_(t) PAD_(t) 261 #else 262 #define PADL_(t) PAD_(t) 263 #define PADR_(t) 0 264 #endif 265 266 typedef int l_int; 267 typedef uint32_t l_ulong; 268 269 struct linux_socketcall_args { 270 char what_l_[PADL_(l_int)]; l_int what; char what_r_[PADR_(l_int)]; 271 char args_l_[PADL_(l_ulong)]; l_ulong args; char args_r_[PADR_(l_ulong)]; 272 }; 273 274 void print_syscall(struct trussinfo *); 275 void print_syscall_ret(struct trussinfo *, int, syscallarg_t *); 276 void print_summary(struct trussinfo *trussinfo); 277