xref: /freebsd/usr.bin/truss/syscalls.c (revision 5214320f76a612f9b5b1543c1c210c5987304fcb) 
1bbeaf6c0SSean Eric Fagan /*
209d64da3SSean Eric Fagan  * Copryight 1997 Sean Eric Fagan
309d64da3SSean Eric Fagan  *
409d64da3SSean Eric Fagan  * Redistribution and use in source and binary forms, with or without
509d64da3SSean Eric Fagan  * modification, are permitted provided that the following conditions
609d64da3SSean Eric Fagan  * are met:
709d64da3SSean Eric Fagan  * 1. Redistributions of source code must retain the above copyright
809d64da3SSean Eric Fagan  *    notice, this list of conditions and the following disclaimer.
909d64da3SSean Eric Fagan  * 2. Redistributions in binary form must reproduce the above copyright
1009d64da3SSean Eric Fagan  *    notice, this list of conditions and the following disclaimer in the
1109d64da3SSean Eric Fagan  *    documentation and/or other materials provided with the distribution.
1209d64da3SSean Eric Fagan  * 3. All advertising materials mentioning features or use of this software
1309d64da3SSean Eric Fagan  *    must display the following acknowledgement:
1409d64da3SSean Eric Fagan  *	This product includes software developed by Sean Eric Fagan
1509d64da3SSean Eric Fagan  * 4. Neither the name of the author may be used to endorse or promote
1609d64da3SSean Eric Fagan  *    products derived from this software without specific prior written
1709d64da3SSean Eric Fagan  *    permission.
1809d64da3SSean Eric Fagan  *
1909d64da3SSean Eric Fagan  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
2009d64da3SSean Eric Fagan  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
2109d64da3SSean Eric Fagan  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
2209d64da3SSean Eric Fagan  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
2309d64da3SSean Eric Fagan  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
2409d64da3SSean Eric Fagan  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
2509d64da3SSean Eric Fagan  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
2609d64da3SSean Eric Fagan  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
2709d64da3SSean Eric Fagan  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
2809d64da3SSean Eric Fagan  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
2909d64da3SSean Eric Fagan  * SUCH DAMAGE.
3009d64da3SSean Eric Fagan  */
3109d64da3SSean Eric Fagan 
323cf51049SPhilippe Charnier #ifndef lint
333cf51049SPhilippe Charnier static const char rcsid[] =
34c3aac50fSPeter Wemm   "$FreeBSD$";
353cf51049SPhilippe Charnier #endif /* not lint */
363cf51049SPhilippe Charnier 
3709d64da3SSean Eric Fagan /*
38bbeaf6c0SSean Eric Fagan  * This file has routines used to print out system calls and their
39bbeaf6c0SSean Eric Fagan  * arguments.
40bbeaf6c0SSean Eric Fagan  */
41bbeaf6c0SSean Eric Fagan 
42894b8f7aSAlfred Perlstein #include <sys/mman.h>
439ddd1412SDag-Erling Smørgrav #include <sys/types.h>
449ddd1412SDag-Erling Smørgrav #include <sys/socket.h>
451d631f7eSMike Barcroft #include <sys/time.h>
469ddd1412SDag-Erling Smørgrav #include <sys/un.h>
479ddd1412SDag-Erling Smørgrav #include <netinet/in.h>
489ddd1412SDag-Erling Smørgrav #include <arpa/inet.h>
499ddd1412SDag-Erling Smørgrav 
50dec17687SBrian Feldman #include <ctype.h>
513cf51049SPhilippe Charnier #include <err.h>
52894b8f7aSAlfred Perlstein #include <fcntl.h>
539ddd1412SDag-Erling Smørgrav #include <signal.h>
54bbeaf6c0SSean Eric Fagan #include <stdio.h>
55bbeaf6c0SSean Eric Fagan #include <stdlib.h>
56bbeaf6c0SSean Eric Fagan #include <string.h>
5737169f94SMatthew N. Dodd #include <time.h>
58bbeaf6c0SSean Eric Fagan #include <unistd.h>
599ddd1412SDag-Erling Smørgrav 
60ec0bed25SMatthew N. Dodd #include "truss.h"
611be5d704SMark Murray #include "extern.h"
62bbeaf6c0SSean Eric Fagan #include "syscall.h"
63bbeaf6c0SSean Eric Fagan 
64bbeaf6c0SSean Eric Fagan /*
65bbeaf6c0SSean Eric Fagan  * This should probably be in its own file.
66bbeaf6c0SSean Eric Fagan  */
67bbeaf6c0SSean Eric Fagan 
68bbeaf6c0SSean Eric Fagan struct syscall syscalls[] = {
69894b8f7aSAlfred Perlstein 	{ "fcntl", 1, 3,
70894b8f7aSAlfred Perlstein 	  { { Int, 0 } , { Fcntl, 1 }, { Hex, 2 }}},
71bbeaf6c0SSean Eric Fagan 	{ "readlink", 1, 3,
72bbeaf6c0SSean Eric Fagan 	  { { String, 0 } , { String | OUT, 1 }, { Int, 2 }}},
73bbeaf6c0SSean Eric Fagan 	{ "lseek", 2, 3,
74bbeaf6c0SSean Eric Fagan 	  { { Int, 0 }, {Quad, 2 }, { Int, 4 }}},
75bbeaf6c0SSean Eric Fagan 	{ "mmap", 2, 6,
76894b8f7aSAlfred Perlstein 	  { { Ptr, 0 }, {Int, 1}, {Mprot, 2}, {Mmapflags, 3}, {Int, 4}, {Quad, 6}}},
775214320fSAlfred Perlstein 	{ "mprotect", 1, 3,
785214320fSAlfred Perlstein 	  { { Ptr, 0 }, {Int, 1}, {Mprot, 2}}},
79bbeaf6c0SSean Eric Fagan 	{ "open", 1, 3,
8009bf1169SAlfred Perlstein 	  { { String | IN, 0} , { Hex, 1}, {Octal, 2}}},
81bbeaf6c0SSean Eric Fagan 	{ "linux_open", 1, 3,
8209bf1169SAlfred Perlstein 	  { { String, 0 }, { Hex, 1}, { Octal, 2 }}},
83726c2ca0SMatthew N. Dodd 	{ "close", 1, 1,
84726c2ca0SMatthew N. Dodd 	  { { Int, 0 } } },
85726c2ca0SMatthew N. Dodd 	{ "link", 0, 2,
86726c2ca0SMatthew N. Dodd 	  { { String, 0 }, { String, 1 }}},
87726c2ca0SMatthew N. Dodd 	{ "unlink", 0, 1,
88726c2ca0SMatthew N. Dodd 	  { { String, 0 }}},
89726c2ca0SMatthew N. Dodd 	{ "chdir", 0, 1,
90726c2ca0SMatthew N. Dodd 	  { { String, 0 }}},
91726c2ca0SMatthew N. Dodd 	{ "mknod", 0, 3,
92726c2ca0SMatthew N. Dodd 	  { { String, 0 }, { Octal, 1 }, { Int, 3 }}},
93726c2ca0SMatthew N. Dodd 	{ "chmod", 0, 2,
94726c2ca0SMatthew N. Dodd 	  { { String, 0 }, { Octal, 1 }}},
95726c2ca0SMatthew N. Dodd 	{ "chown", 0, 3,
96726c2ca0SMatthew N. Dodd 	  { { String, 0 }, { Int, 1 }, { Int, 2 }}},
97726c2ca0SMatthew N. Dodd 	{ "mount", 0, 4,
98726c2ca0SMatthew N. Dodd 	  { { String, 0 }, { String, 1 }, { Int, 2 }, { Ptr, 3 }}},
99726c2ca0SMatthew N. Dodd 	{ "umount", 0, 2,
100726c2ca0SMatthew N. Dodd 	  { { String, 0 }, { Int, 2 }}},
101bbeaf6c0SSean Eric Fagan 	{ "fstat", 1, 2,
102bbeaf6c0SSean Eric Fagan 	  { { Int, 0},  {Ptr | OUT , 1 }}},
103bbeaf6c0SSean Eric Fagan 	{ "stat", 1, 2,
104bbeaf6c0SSean Eric Fagan 	  { { String | IN, 0 }, { Ptr | OUT, 1 }}},
105a8f37218SSean Eric Fagan 	{ "lstat", 1, 2,
106a8f37218SSean Eric Fagan 	  { { String | IN, 0 }, { Ptr | OUT, 1 }}},
107bbeaf6c0SSean Eric Fagan 	{ "linux_newstat", 1, 2,
108bbeaf6c0SSean Eric Fagan 	  { { String | IN, 0 }, { Ptr | OUT, 1 }}},
109bbeaf6c0SSean Eric Fagan 	{ "linux_newfstat", 1, 2,
110bbeaf6c0SSean Eric Fagan 	  { { Int, 0 }, { Ptr | OUT, 1 }}},
111bbeaf6c0SSean Eric Fagan 	{ "write", 1, 3,
112bbeaf6c0SSean Eric Fagan 	  { { Int, 0 }, { Ptr | IN, 1 }, { Int, 2 }}},
113970649f9SSean Eric Fagan 	{ "ioctl", 1, 3,
114970649f9SSean Eric Fagan 	  { { Int, 0 }, { Ioctl, 1 }, { Hex, 2 }}},
115bbeaf6c0SSean Eric Fagan 	{ "break", 1, 1, { { Hex, 0 }}},
116bbeaf6c0SSean Eric Fagan 	{ "exit", 0, 1, { { Hex, 0 }}},
11710714102SDag-Erling Smørgrav 	{ "access", 1, 2, { { String | IN, 0 }, { Int, 1 }}},
118f0ebbc29SDag-Erling Smørgrav 	{ "sigaction", 1, 3,
119f0ebbc29SDag-Erling Smørgrav 	  { { Signal, 0 }, { Ptr | IN, 1 }, { Ptr | OUT, 2 }}},
1209ddd1412SDag-Erling Smørgrav 	{ "accept", 1, 3,
1219ddd1412SDag-Erling Smørgrav 	  { { Hex, 0 }, { Sockaddr | OUT, 1 }, { Ptr | OUT, 2 } } },
1229ddd1412SDag-Erling Smørgrav 	{ "bind", 1, 3,
1239ddd1412SDag-Erling Smørgrav 	  { { Hex, 0 }, { Sockaddr | IN, 1 }, { Int, 2 } } },
1249ddd1412SDag-Erling Smørgrav 	{ "connect", 1, 3,
1259ddd1412SDag-Erling Smørgrav 	  { { Hex, 0 }, { Sockaddr | IN, 1 }, { Int, 2 } } },
1269ddd1412SDag-Erling Smørgrav 	{ "getpeername", 1, 3,
1279ddd1412SDag-Erling Smørgrav 	  { { Hex, 0 }, { Sockaddr | OUT, 1 }, { Ptr | OUT, 2 } } },
1289ddd1412SDag-Erling Smørgrav 	{ "getsockname", 1, 3,
1299ddd1412SDag-Erling Smørgrav 	  { { Hex, 0 }, { Sockaddr | OUT, 1 }, { Ptr | OUT, 2 } } },
1309b2f78c5SDag-Erling Smørgrav 	{ "recvfrom", 1, 6,
1319b2f78c5SDag-Erling Smørgrav 	  { { Hex, 0 }, { Ptr | IN, 1 }, { Int, 3 }, { Hex, 3 }, { Sockaddr | OUT, 4 }, { Ptr | OUT, 5 } } },
1329b2f78c5SDag-Erling Smørgrav 	{ "sendto", 1, 6,
1339b2f78c5SDag-Erling Smørgrav 	  { { Hex, 0 }, { Ptr | IN, 1 }, { Int, 3 }, { Hex, 3 }, { Sockaddr | IN, 4 }, { Ptr | IN, 5 } } },
1349897b203SMatthew N. Dodd 	{ "execve", 1, 3,
1359897b203SMatthew N. Dodd 	  { { String | IN, 0 }, { StringArray | IN, 1 }, { StringArray | IN, 2 } } },
1369897b203SMatthew N. Dodd 	{ "linux_execve", 1, 3,
1379897b203SMatthew N. Dodd 	  { { String | IN, 0 }, { StringArray | IN, 1 }, { StringArray | IN, 2 } } },
138726c2ca0SMatthew N. Dodd 	{ "kldload", 0, 1, { { String | IN, 0 }}},
139726c2ca0SMatthew N. Dodd 	{ "kldunload", 0, 1, { { Int, 0 }}},
140726c2ca0SMatthew N. Dodd 	{ "kldfind", 0, 1, { { String | IN, 0 }}},
141726c2ca0SMatthew N. Dodd 	{ "kldnext", 0, 1, { { Int, 0 }}},
142726c2ca0SMatthew N. Dodd 	{ "kldstat", 0, 2, { { Int, 0 }, { Ptr, 1 }}},
143726c2ca0SMatthew N. Dodd 	{ "kldfirstmod", 0, 1, { { Int, 0 }}},
1443cf51049SPhilippe Charnier 	{ 0, 0, 0, { { 0, 0 }}},
145bbeaf6c0SSean Eric Fagan };
146bbeaf6c0SSean Eric Fagan 
147bbeaf6c0SSean Eric Fagan /*
148bbeaf6c0SSean Eric Fagan  * If/when the list gets big, it might be desirable to do it
149bbeaf6c0SSean Eric Fagan  * as a hash table or binary search.
150bbeaf6c0SSean Eric Fagan  */
151bbeaf6c0SSean Eric Fagan 
152bbeaf6c0SSean Eric Fagan struct syscall *
153bbeaf6c0SSean Eric Fagan get_syscall(const char *name) {
154bbeaf6c0SSean Eric Fagan 	struct syscall *sc = syscalls;
155bbeaf6c0SSean Eric Fagan 
156bbeaf6c0SSean Eric Fagan 	while (sc->name) {
157bbeaf6c0SSean Eric Fagan 		if (!strcmp(name, sc->name))
158bbeaf6c0SSean Eric Fagan 			return sc;
159bbeaf6c0SSean Eric Fagan 		sc++;
160bbeaf6c0SSean Eric Fagan 	}
161bbeaf6c0SSean Eric Fagan 	return NULL;
162bbeaf6c0SSean Eric Fagan }
163bbeaf6c0SSean Eric Fagan 
164bbeaf6c0SSean Eric Fagan /*
1659ddd1412SDag-Erling Smørgrav  * get_struct
1669ddd1412SDag-Erling Smørgrav  *
1679ddd1412SDag-Erling Smørgrav  * Copy a fixed amount of bytes from the process.
1689ddd1412SDag-Erling Smørgrav  */
1699ddd1412SDag-Erling Smørgrav 
1701be5d704SMark Murray static int
1719ddd1412SDag-Erling Smørgrav get_struct(int procfd, void *offset, void *buf, int len) {
1729ddd1412SDag-Erling Smørgrav 	char *pos;
1739ddd1412SDag-Erling Smørgrav 	FILE *p;
1749ddd1412SDag-Erling Smørgrav 	int c, fd;
1759ddd1412SDag-Erling Smørgrav 
1769ddd1412SDag-Erling Smørgrav 	if ((fd = dup(procfd)) == -1)
1779ddd1412SDag-Erling Smørgrav 		err(1, "dup");
1789ddd1412SDag-Erling Smørgrav 	if ((p = fdopen(fd, "r")) == NULL)
1799ddd1412SDag-Erling Smørgrav 		err(1, "fdopen");
1804e92419dSMarcel Moolenaar 	if (fseeko(p, (uintptr_t)offset, SEEK_SET) == 0) {
1819ddd1412SDag-Erling Smørgrav 		for (pos = (char *)buf; len--; pos++) {
1829ddd1412SDag-Erling Smørgrav 			if ((c = fgetc(p)) == EOF)
1834e92419dSMarcel Moolenaar 				return (-1);
1849ddd1412SDag-Erling Smørgrav 			*pos = c;
1859ddd1412SDag-Erling Smørgrav 		}
1864e92419dSMarcel Moolenaar 	} else
1874e92419dSMarcel Moolenaar 		bzero(buf, len);
1889ddd1412SDag-Erling Smørgrav 	fclose(p);
1899ddd1412SDag-Erling Smørgrav 	return 0;
1909ddd1412SDag-Erling Smørgrav }
1919ddd1412SDag-Erling Smørgrav 
1929ddd1412SDag-Erling Smørgrav /*
193bbeaf6c0SSean Eric Fagan  * get_string
194bbeaf6c0SSean Eric Fagan  * Copy a string from the process.  Note that it is
195bbeaf6c0SSean Eric Fagan  * expected to be a C string, but if max is set, it will
196bbeaf6c0SSean Eric Fagan  * only get that much.
197bbeaf6c0SSean Eric Fagan  */
198bbeaf6c0SSean Eric Fagan 
199bbeaf6c0SSean Eric Fagan char *
200bbeaf6c0SSean Eric Fagan get_string(int procfd, void *offset, int max) {
2013cf51049SPhilippe Charnier 	char *buf;
20205d5ca35SSean Eric Fagan 	int size, len, c, fd;
203bbeaf6c0SSean Eric Fagan 	FILE *p;
204bbeaf6c0SSean Eric Fagan 
20505d5ca35SSean Eric Fagan 	if ((fd = dup(procfd)) == -1)
20605d5ca35SSean Eric Fagan 		err(1, "dup");
20705d5ca35SSean Eric Fagan 	if ((p = fdopen(fd, "r")) == NULL)
2083cf51049SPhilippe Charnier 		err(1, "fdopen");
209bbeaf6c0SSean Eric Fagan 	buf = malloc( size = (max ? max : 64 ) );
210bbeaf6c0SSean Eric Fagan 	len = 0;
2118a2ecea9SJoerg Wunsch 	buf[0] = 0;
2124e92419dSMarcel Moolenaar 	if (fseeko(p, (uintptr_t)offset, SEEK_SET) == 0) {
213bbeaf6c0SSean Eric Fagan 		while ((c = fgetc(p)) != EOF) {
214bbeaf6c0SSean Eric Fagan 			buf[len++] = c;
215bbeaf6c0SSean Eric Fagan 			if (c == 0 || len == max) {
216bbeaf6c0SSean Eric Fagan 				buf[len] = 0;
217bbeaf6c0SSean Eric Fagan 				break;
218bbeaf6c0SSean Eric Fagan 			}
219bbeaf6c0SSean Eric Fagan 			if (len == size) {
22005d5ca35SSean Eric Fagan 				char *tmp;
221bbeaf6c0SSean Eric Fagan 				tmp = realloc(buf, size+64);
222bbeaf6c0SSean Eric Fagan 				if (tmp == NULL) {
223bbeaf6c0SSean Eric Fagan 					buf[len] = 0;
2244e92419dSMarcel Moolenaar 					break;
225bbeaf6c0SSean Eric Fagan 				}
226bbeaf6c0SSean Eric Fagan 				size += 64;
22705d5ca35SSean Eric Fagan 				buf = tmp;
228bbeaf6c0SSean Eric Fagan 			}
229bbeaf6c0SSean Eric Fagan 		}
2304e92419dSMarcel Moolenaar 	}
23105d5ca35SSean Eric Fagan 	fclose(p);
2324e92419dSMarcel Moolenaar 	return (buf);
233bbeaf6c0SSean Eric Fagan }
234bbeaf6c0SSean Eric Fagan 
235bbeaf6c0SSean Eric Fagan 
236bbeaf6c0SSean Eric Fagan /*
237bbeaf6c0SSean Eric Fagan  * Gag.  This is really unportable.  Multiplication is more portable.
238bbeaf6c0SSean Eric Fagan  * But slower, from the code I saw.
239bbeaf6c0SSean Eric Fagan  */
240bbeaf6c0SSean Eric Fagan 
241bbeaf6c0SSean Eric Fagan static long long
242bbeaf6c0SSean Eric Fagan make_quad(unsigned long p1, unsigned long p2) {
243bbeaf6c0SSean Eric Fagan   union {
244bbeaf6c0SSean Eric Fagan     long long ll;
245bbeaf6c0SSean Eric Fagan     unsigned long l[2];
246bbeaf6c0SSean Eric Fagan   } t;
247bbeaf6c0SSean Eric Fagan   t.l[0] = p1;
248bbeaf6c0SSean Eric Fagan   t.l[1] = p2;
249bbeaf6c0SSean Eric Fagan   return t.ll;
250bbeaf6c0SSean Eric Fagan }
251bbeaf6c0SSean Eric Fagan 
252894b8f7aSAlfred Perlstein /*
253894b8f7aSAlfred Perlstein  * Remove a trailing '|' in a string, useful for fixup after decoding
254894b8f7aSAlfred Perlstein  * a "flags" argument.
255894b8f7aSAlfred Perlstein  */
256894b8f7aSAlfred Perlstein 
257894b8f7aSAlfred Perlstein void
258894b8f7aSAlfred Perlstein remove_trailing_or(char *str)
259894b8f7aSAlfred Perlstein {
260894b8f7aSAlfred Perlstein 
261894b8f7aSAlfred Perlstein 	if (str != NULL && (str = rindex(str, '|')) != NULL && str[1] == '\0')
262894b8f7aSAlfred Perlstein 		*str = '\0';
263894b8f7aSAlfred Perlstein }
264bbeaf6c0SSean Eric Fagan 
265bbeaf6c0SSean Eric Fagan /*
266bbeaf6c0SSean Eric Fagan  * print_arg
267bbeaf6c0SSean Eric Fagan  * Converts a syscall argument into a string.  Said string is
268bbeaf6c0SSean Eric Fagan  * allocated via malloc(), so needs to be free()'d.  The file
269bbeaf6c0SSean Eric Fagan  * descriptor is for the process' memory (via /proc), and is used
270bbeaf6c0SSean Eric Fagan  * to get any data (where the argument is a pointer).  sc is
271bbeaf6c0SSean Eric Fagan  * a pointer to the syscall description (see above); args is
272bbeaf6c0SSean Eric Fagan  * an array of all of the system call arguments.
273bbeaf6c0SSean Eric Fagan  */
274bbeaf6c0SSean Eric Fagan 
275bbeaf6c0SSean Eric Fagan char *
276bbeaf6c0SSean Eric Fagan print_arg(int fd, struct syscall_args *sc, unsigned long *args) {
2773cf51049SPhilippe Charnier   char *tmp = NULL;
278bbeaf6c0SSean Eric Fagan   switch (sc->type & ARG_MASK) {
279bbeaf6c0SSean Eric Fagan   case Hex:
2801bcb5f5aSMarcel Moolenaar     asprintf(&tmp, "0x%lx", args[sc->offset]);
281bbeaf6c0SSean Eric Fagan     break;
282bbeaf6c0SSean Eric Fagan   case Octal:
2831bcb5f5aSMarcel Moolenaar     asprintf(&tmp, "0%lo", args[sc->offset]);
284bbeaf6c0SSean Eric Fagan     break;
285bbeaf6c0SSean Eric Fagan   case Int:
2861bcb5f5aSMarcel Moolenaar     asprintf(&tmp, "%ld", args[sc->offset]);
287bbeaf6c0SSean Eric Fagan     break;
288bbeaf6c0SSean Eric Fagan   case String:
289bbeaf6c0SSean Eric Fagan     {
290bbeaf6c0SSean Eric Fagan       char *tmp2;
291bbeaf6c0SSean Eric Fagan       tmp2 = get_string(fd, (void*)args[sc->offset], 0);
2921bcb5f5aSMarcel Moolenaar       asprintf(&tmp, "\"%s\"", tmp2);
293bbeaf6c0SSean Eric Fagan       free(tmp2);
294bbeaf6c0SSean Eric Fagan     }
295bbeaf6c0SSean Eric Fagan   break;
2969897b203SMatthew N. Dodd   case StringArray:
2979897b203SMatthew N. Dodd     {
2989897b203SMatthew N. Dodd       int num, size, i;
2999897b203SMatthew N. Dodd       char *tmp2;
3009897b203SMatthew N. Dodd       char *string;
3019897b203SMatthew N. Dodd       char *strarray[100];	/* XXX This is ugly. */
3029897b203SMatthew N. Dodd 
3039897b203SMatthew N. Dodd       if (get_struct(fd, (void *)args[sc->offset], (void *)&strarray,
3049897b203SMatthew N. Dodd                      sizeof(strarray)) == -1) {
3059897b203SMatthew N. Dodd 	err(1, "get_struct %p", (void *)args[sc->offset]);
3069897b203SMatthew N. Dodd       }
3079897b203SMatthew N. Dodd       num = 0;
3089897b203SMatthew N. Dodd       size = 0;
3099897b203SMatthew N. Dodd 
3109897b203SMatthew N. Dodd       /* Find out how large of a buffer we'll need. */
3119897b203SMatthew N. Dodd       while (strarray[num] != NULL) {
3129897b203SMatthew N. Dodd 	string = get_string(fd, (void*)strarray[num], 0);
3139897b203SMatthew N. Dodd         size += strlen(string);
3149897b203SMatthew N. Dodd 	free(string);
3159897b203SMatthew N. Dodd 	num++;
3169897b203SMatthew N. Dodd       }
3179897b203SMatthew N. Dodd       size += 4 + (num * 4);
3189897b203SMatthew N. Dodd       tmp = (char *)malloc(size);
3199897b203SMatthew N. Dodd       tmp2 = tmp;
3209897b203SMatthew N. Dodd 
3219897b203SMatthew N. Dodd       tmp2 += sprintf(tmp2, " [");
3229897b203SMatthew N. Dodd       for (i = 0; i < num; i++) {
3239897b203SMatthew N. Dodd 	string = get_string(fd, (void*)strarray[i], 0);
3249897b203SMatthew N. Dodd         tmp2 += sprintf(tmp2, " \"%s\"%c", string, (i+1 == num) ? ' ' : ',');
3259897b203SMatthew N. Dodd 	free(string);
3269897b203SMatthew N. Dodd       }
3279897b203SMatthew N. Dodd       tmp2 += sprintf(tmp2, "]");
3289897b203SMatthew N. Dodd     }
3299897b203SMatthew N. Dodd   break;
330bbeaf6c0SSean Eric Fagan   case Quad:
331bbeaf6c0SSean Eric Fagan     {
332bbeaf6c0SSean Eric Fagan       unsigned long long t;
333bbeaf6c0SSean Eric Fagan       unsigned long l1, l2;
334bbeaf6c0SSean Eric Fagan       l1 = args[sc->offset];
335bbeaf6c0SSean Eric Fagan       l2 = args[sc->offset+1];
336bbeaf6c0SSean Eric Fagan       t = make_quad(l1, l2);
3371bcb5f5aSMarcel Moolenaar       asprintf(&tmp, "0x%qx", t);
338bbeaf6c0SSean Eric Fagan       break;
339bbeaf6c0SSean Eric Fagan     }
340bbeaf6c0SSean Eric Fagan   case Ptr:
3411bcb5f5aSMarcel Moolenaar     asprintf(&tmp, "0x%lx", args[sc->offset]);
342bbeaf6c0SSean Eric Fagan     break;
343970649f9SSean Eric Fagan   case Ioctl:
344970649f9SSean Eric Fagan     {
3451be5d704SMark Murray       const char *temp = ioctlname(args[sc->offset]);
346970649f9SSean Eric Fagan       if (temp)
347970649f9SSean Eric Fagan 	tmp = strdup(temp);
3481bcb5f5aSMarcel Moolenaar       else
3491bcb5f5aSMarcel Moolenaar 	asprintf(&tmp, "0x%lx", args[sc->offset]);
350970649f9SSean Eric Fagan     }
351f0ebbc29SDag-Erling Smørgrav     break;
352f0ebbc29SDag-Erling Smørgrav   case Signal:
353f0ebbc29SDag-Erling Smørgrav     {
354f0ebbc29SDag-Erling Smørgrav       long sig;
355f0ebbc29SDag-Erling Smørgrav 
356f0ebbc29SDag-Erling Smørgrav       sig = args[sc->offset];
357f0ebbc29SDag-Erling Smørgrav       if (sig > 0 && sig < NSIG) {
358f0ebbc29SDag-Erling Smørgrav 	int i;
3591bcb5f5aSMarcel Moolenaar 	asprintf(&tmp, "sig%s", sys_signame[sig]);
360f0ebbc29SDag-Erling Smørgrav 	for (i = 0; tmp[i] != '\0'; ++i)
361f0ebbc29SDag-Erling Smørgrav 	  tmp[i] = toupper(tmp[i]);
3621bcb5f5aSMarcel Moolenaar       } else
3631bcb5f5aSMarcel Moolenaar         asprintf(&tmp, "%ld", sig);
364f0ebbc29SDag-Erling Smørgrav     }
365f0ebbc29SDag-Erling Smørgrav     break;
366894b8f7aSAlfred Perlstein   case Fcntl:
367894b8f7aSAlfred Perlstein     {
368894b8f7aSAlfred Perlstein 	switch (args[sc->offset]) {
369894b8f7aSAlfred Perlstein #define S(a)	case a: tmp = strdup(#a); break;
370894b8f7aSAlfred Perlstein 	S(F_DUPFD);
371894b8f7aSAlfred Perlstein 	S(F_GETFD);
372894b8f7aSAlfred Perlstein 	S(F_SETFD);
373894b8f7aSAlfred Perlstein 	S(F_GETFL);
374894b8f7aSAlfred Perlstein 	S(F_SETFL);
375894b8f7aSAlfred Perlstein 	S(F_GETOWN);
376894b8f7aSAlfred Perlstein 	S(F_SETOWN);
377894b8f7aSAlfred Perlstein 	S(F_GETLK);
378894b8f7aSAlfred Perlstein 	S(F_SETLK);
379894b8f7aSAlfred Perlstein 	S(F_SETLKW);
380894b8f7aSAlfred Perlstein #undef S
381894b8f7aSAlfred Perlstein 	}
382894b8f7aSAlfred Perlstein 	if (tmp == NULL)
383894b8f7aSAlfred Perlstein     		asprintf(&tmp, "0x%lx", args[sc->offset]);
384894b8f7aSAlfred Perlstein     }
385894b8f7aSAlfred Perlstein     break;
386894b8f7aSAlfred Perlstein 
387894b8f7aSAlfred Perlstein   case Mprot:
388894b8f7aSAlfred Perlstein     {
389894b8f7aSAlfred Perlstein 
390894b8f7aSAlfred Perlstein #define S(a)	((args[sc->offset] & a) ? #a "|" : "")
391894b8f7aSAlfred Perlstein 	    asprintf(&tmp, "(0x%lx)%s%s%s%s", args[sc->offset],
392894b8f7aSAlfred Perlstein 		S(PROT_NONE), S(PROT_READ), S(PROT_WRITE), S(PROT_EXEC));
393894b8f7aSAlfred Perlstein #undef S
394894b8f7aSAlfred Perlstein 	    remove_trailing_or(tmp);
395894b8f7aSAlfred Perlstein 
396894b8f7aSAlfred Perlstein     }
397894b8f7aSAlfred Perlstein     break;
398894b8f7aSAlfred Perlstein 
399894b8f7aSAlfred Perlstein   case Mmapflags:
400894b8f7aSAlfred Perlstein     {
401894b8f7aSAlfred Perlstein #define S(a)	((args[sc->offset] & a) ? #a "|" : "")
402894b8f7aSAlfred Perlstein 	    asprintf(&tmp, "(0x%lx)%s%s%s%s%s%s%s%s", args[sc->offset],
403894b8f7aSAlfred Perlstein 		S(MAP_ANON), S(MAP_FIXED), S(MAP_HASSEMAPHORE),
404894b8f7aSAlfred Perlstein 		S(MAP_NOCORE), S(MAP_NOSYNC), S(MAP_PRIVATE),
405894b8f7aSAlfred Perlstein 		S(MAP_SHARED), S(MAP_STACK));
406894b8f7aSAlfred Perlstein #undef S
407894b8f7aSAlfred Perlstein 
408894b8f7aSAlfred Perlstein 	    remove_trailing_or(tmp);
409894b8f7aSAlfred Perlstein     }
410894b8f7aSAlfred Perlstein     break;
411894b8f7aSAlfred Perlstein 
4129ddd1412SDag-Erling Smørgrav   case Sockaddr:
4139ddd1412SDag-Erling Smørgrav     {
414dec17687SBrian Feldman       struct sockaddr_storage ss;
4159ddd1412SDag-Erling Smørgrav       char addr[64];
4161be5d704SMark Murray       struct sockaddr_in *lsin;
4171be5d704SMark Murray       struct sockaddr_in6 *lsin6;
418dec17687SBrian Feldman       struct sockaddr_un *sun;
419dec17687SBrian Feldman       struct sockaddr *sa;
420dec17687SBrian Feldman       char *p;
421dec17687SBrian Feldman       u_char *q;
422dec17687SBrian Feldman       int i;
4239ddd1412SDag-Erling Smørgrav 
424a7a08c7eSMarcel Moolenaar       if (args[sc->offset] == 0) {
425a7a08c7eSMarcel Moolenaar 	      asprintf(&tmp, "NULL");
426a7a08c7eSMarcel Moolenaar 	      break;
427a7a08c7eSMarcel Moolenaar       }
428a7a08c7eSMarcel Moolenaar 
429dec17687SBrian Feldman       /* yuck: get ss_len */
430dec17687SBrian Feldman       if (get_struct(fd, (void *)args[sc->offset], (void *)&ss,
431dec17687SBrian Feldman 	sizeof(ss.ss_len) + sizeof(ss.ss_family)) == -1)
432dec17687SBrian Feldman 	err(1, "get_struct %p", (void *)args[sc->offset]);
433dec17687SBrian Feldman       /* sockaddr_un never have the length filled in! */
434dec17687SBrian Feldman       if (ss.ss_family == AF_UNIX) {
435dec17687SBrian Feldman 	if (get_struct(fd, (void *)args[sc->offset], (void *)&ss,
436dec17687SBrian Feldman 	  sizeof(*sun))
437dec17687SBrian Feldman 	  == -1)
438dec17687SBrian Feldman 	  err(2, "get_struct %p", (void *)args[sc->offset]);
4399ddd1412SDag-Erling Smørgrav       } else {
440dec17687SBrian Feldman 	if (get_struct(fd, (void *)args[sc->offset], (void *)&ss, ss.ss_len)
441dec17687SBrian Feldman 	  == -1)
442dec17687SBrian Feldman 	  err(2, "get_struct %p", (void *)args[sc->offset]);
4439ddd1412SDag-Erling Smørgrav       }
444dec17687SBrian Feldman 
445dec17687SBrian Feldman       switch (ss.ss_family) {
446dec17687SBrian Feldman       case AF_INET:
4471be5d704SMark Murray 	lsin = (struct sockaddr_in *)&ss;
4481be5d704SMark Murray 	inet_ntop(AF_INET, &lsin->sin_addr, addr, sizeof addr);
4491be5d704SMark Murray 	asprintf(&tmp, "{ AF_INET %s:%d }", addr, htons(lsin->sin_port));
450dec17687SBrian Feldman 	break;
451dec17687SBrian Feldman       case AF_INET6:
4521be5d704SMark Murray 	lsin6 = (struct sockaddr_in6 *)&ss;
4531be5d704SMark Murray 	inet_ntop(AF_INET6, &lsin6->sin6_addr, addr, sizeof addr);
4541be5d704SMark Murray 	asprintf(&tmp, "{ AF_INET6 [%s]:%d }", addr, htons(lsin6->sin6_port));
455dec17687SBrian Feldman 	break;
456dec17687SBrian Feldman       case AF_UNIX:
457dec17687SBrian Feldman         sun = (struct sockaddr_un *)&ss;
458dec17687SBrian Feldman         asprintf(&tmp, "{ AF_UNIX \"%s\" }", sun->sun_path);
459dec17687SBrian Feldman 	break;
460dec17687SBrian Feldman       default:
461dec17687SBrian Feldman 	sa = (struct sockaddr *)&ss;
462dec17687SBrian Feldman         asprintf(&tmp, "{ sa_len = %d, sa_family = %d, sa_data = {%n%*s } }",
463dec17687SBrian Feldman 	  (int)sa->sa_len, (int)sa->sa_family, &i,
464dec17687SBrian Feldman 	  6 * (int)(sa->sa_len - ((char *)&sa->sa_data - (char *)sa)), "");
465dec17687SBrian Feldman 	if (tmp != NULL) {
466dec17687SBrian Feldman 	  p = tmp + i;
467dec17687SBrian Feldman           for (q = (u_char *)&sa->sa_data; q < (u_char *)sa + sa->sa_len; q++)
468dec17687SBrian Feldman             p += sprintf(p, " %#02x,", *q);
469dec17687SBrian Feldman 	}
470dec17687SBrian Feldman       }
4719ddd1412SDag-Erling Smørgrav     }
4729ddd1412SDag-Erling Smørgrav     break;
473bbeaf6c0SSean Eric Fagan   }
474bbeaf6c0SSean Eric Fagan   return tmp;
475bbeaf6c0SSean Eric Fagan }
476bbeaf6c0SSean Eric Fagan 
477203098d8SMatthew N. Dodd #define timespecsubt(tvp, uvp, vvp)					\
478203098d8SMatthew N. Dodd 	do {								\
479203098d8SMatthew N. Dodd 		(vvp)->tv_sec = (tvp)->tv_sec - (uvp)->tv_sec;		\
480203098d8SMatthew N. Dodd 		(vvp)->tv_nsec = (tvp)->tv_nsec - (uvp)->tv_nsec;	\
481203098d8SMatthew N. Dodd 		if ((vvp)->tv_nsec < 0) {				\
482203098d8SMatthew N. Dodd 			(vvp)->tv_sec--;				\
483203098d8SMatthew N. Dodd 			(vvp)->tv_nsec += 1000000000;			\
484203098d8SMatthew N. Dodd 		}							\
485203098d8SMatthew N. Dodd 	} while (0)
486203098d8SMatthew N. Dodd 
487bbeaf6c0SSean Eric Fagan /*
488bbeaf6c0SSean Eric Fagan  * print_syscall
489bbeaf6c0SSean Eric Fagan  * Print (to outfile) the system call and its arguments.  Note that
490bbeaf6c0SSean Eric Fagan  * nargs is the number of arguments (not the number of words; this is
491bbeaf6c0SSean Eric Fagan  * potentially confusing, I know).
492bbeaf6c0SSean Eric Fagan  */
493bbeaf6c0SSean Eric Fagan 
494bbeaf6c0SSean Eric Fagan void
495ec0bed25SMatthew N. Dodd print_syscall(struct trussinfo *trussinfo, const char *name, int nargs, char **s_args) {
496bbeaf6c0SSean Eric Fagan   int i;
4976cb533feSSean Eric Fagan   int len = 0;
498203098d8SMatthew N. Dodd   struct timespec timediff;
4990d0bd00eSMatthew N. Dodd 
500c03bfcc8SMatthew N. Dodd   if (trussinfo->flags & FOLLOWFORKS)
501c03bfcc8SMatthew N. Dodd     len += fprintf(trussinfo->outfile, "%5d: ", trussinfo->pid);
502c03bfcc8SMatthew N. Dodd 
503967706f3SDavid Malone   if (name != NULL && (!strcmp(name, "execve") || !strcmp(name, "exit"))) {
504203098d8SMatthew N. Dodd     clock_gettime(CLOCK_REALTIME, &trussinfo->after);
5050d0bd00eSMatthew N. Dodd   }
5060d0bd00eSMatthew N. Dodd 
5070d0bd00eSMatthew N. Dodd   if (trussinfo->flags & ABSOLUTETIMESTAMPS) {
508203098d8SMatthew N. Dodd     timespecsubt(&trussinfo->after, &trussinfo->start_time, &timediff);
50937169f94SMatthew N. Dodd     len += fprintf(trussinfo->outfile, "%ld.%09ld ",
510fb034d05SMatthew N. Dodd 		   (long)timediff.tv_sec, timediff.tv_nsec);
5110d0bd00eSMatthew N. Dodd   }
5120d0bd00eSMatthew N. Dodd 
5130d0bd00eSMatthew N. Dodd   if (trussinfo->flags & RELATIVETIMESTAMPS) {
514203098d8SMatthew N. Dodd     timespecsubt(&trussinfo->after, &trussinfo->before, &timediff);
51537169f94SMatthew N. Dodd     len += fprintf(trussinfo->outfile, "%ld.%09ld ",
516fb034d05SMatthew N. Dodd 		   (long)timediff.tv_sec, timediff.tv_nsec);
5170d0bd00eSMatthew N. Dodd   }
5180d0bd00eSMatthew N. Dodd 
519ec0bed25SMatthew N. Dodd   len += fprintf(trussinfo->outfile, "%s(", name);
520c03bfcc8SMatthew N. Dodd 
521bbeaf6c0SSean Eric Fagan   for (i = 0; i < nargs; i++) {
522bbeaf6c0SSean Eric Fagan     if (s_args[i])
523ec0bed25SMatthew N. Dodd       len += fprintf(trussinfo->outfile, "%s", s_args[i]);
524bbeaf6c0SSean Eric Fagan     else
525ec0bed25SMatthew N. Dodd       len += fprintf(trussinfo->outfile, "<missing argument>");
526ec0bed25SMatthew N. Dodd     len += fprintf(trussinfo->outfile, "%s", i < (nargs - 1) ? "," : "");
527bbeaf6c0SSean Eric Fagan   }
528ec0bed25SMatthew N. Dodd   len += fprintf(trussinfo->outfile, ")");
5296cb533feSSean Eric Fagan   for (i = 0; i < 6 - (len / 8); i++)
530ec0bed25SMatthew N. Dodd 	fprintf(trussinfo->outfile, "\t");
5316cb533feSSean Eric Fagan }
5326cb533feSSean Eric Fagan 
5336cb533feSSean Eric Fagan void
5341bcb5f5aSMarcel Moolenaar print_syscall_ret(struct trussinfo *trussinfo, const char *name, int nargs,
5351bcb5f5aSMarcel Moolenaar     char **s_args, int errorp, long retval)
5361bcb5f5aSMarcel Moolenaar {
537ec0bed25SMatthew N. Dodd   print_syscall(trussinfo, name, nargs, s_args);
5386cb533feSSean Eric Fagan   if (errorp) {
5399b83b9f7SDavid Malone     fprintf(trussinfo->outfile, " ERR#%ld '%s'\n", retval, strerror(retval));
5406cb533feSSean Eric Fagan   } else {
5411bcb5f5aSMarcel Moolenaar     fprintf(trussinfo->outfile, " = %ld (0x%lx)\n", retval, retval);
5426cb533feSSean Eric Fagan   }
543bbeaf6c0SSean Eric Fagan }
544