1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright 2001 Jamey Wood 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 * 27 * $FreeBSD$ 28 */ 29 30 #include <sys/linker_set.h> 31 #include <sys/queue.h> 32 33 #define FOLLOWFORKS 0x00000001 34 #define RELATIVETIMESTAMPS 0x00000002 35 #define ABSOLUTETIMESTAMPS 0x00000004 36 #define NOSIGS 0x00000008 37 #define EXECVEARGS 0x00000010 38 #define EXECVEENVS 0x00000020 39 #define COUNTONLY 0x00000040 40 #define DISPLAYTIDS 0x00000080 41 42 struct procinfo; 43 struct syscall; 44 struct trussinfo; 45 46 /* 47 * The lookup of normal system calls are optimized by using a fixed 48 * array for the first 1024 system calls that can be indexed directly. 49 * Unknown system calls with other IDs are stored in a linked list. 50 */ 51 #define SYSCALL_NORMAL_COUNT 1024 52 53 struct extra_syscall { 54 STAILQ_ENTRY(extra_syscall) entries; 55 struct syscall *sc; 56 u_int number; 57 }; 58 59 struct procabi { 60 const char *type; 61 enum sysdecode_abi abi; 62 int (*fetch_args)(struct trussinfo *, u_int); 63 int (*fetch_retval)(struct trussinfo *, long *, int *); 64 STAILQ_HEAD(, extra_syscall) extra_syscalls; 65 struct syscall *syscalls[SYSCALL_NORMAL_COUNT]; 66 }; 67 68 #define PROCABI(abi) DATA_SET(procabi, abi) 69 70 /* 71 * This is confusingly named. It holds per-thread state about the 72 * currently executing system call. syscall.h defines a struct 73 * syscall that holds metadata used to format system call arguments. 74 * 75 * NB: args[] stores the raw argument values (e.g. from registers) 76 * passed to the system call. s_args[] stores a string representation 77 * of a system call's arguments. These do not necessarily map one to 78 * one. A system call description may omit individual arguments 79 * (padding) or combine adjacent arguments (e.g. when passing an off_t 80 * argument on a 32-bit system). The nargs member contains the count 81 * of valid pointers in s_args[], not args[]. 82 */ 83 struct current_syscall { 84 struct syscall *sc; 85 unsigned int number; 86 unsigned int nargs; 87 unsigned long args[10]; 88 char *s_args[10]; /* the printable arguments */ 89 }; 90 91 struct threadinfo 92 { 93 LIST_ENTRY(threadinfo) entries; 94 struct procinfo *proc; 95 lwpid_t tid; 96 int in_syscall; 97 struct current_syscall cs; 98 struct timespec before; 99 struct timespec after; 100 }; 101 102 struct procinfo { 103 LIST_ENTRY(procinfo) entries; 104 pid_t pid; 105 struct procabi *abi; 106 107 LIST_HEAD(, threadinfo) threadlist; 108 }; 109 110 struct trussinfo 111 { 112 int flags; 113 int strsize; 114 FILE *outfile; 115 116 struct timespec start_time; 117 118 struct threadinfo *curthread; 119 120 LIST_HEAD(, procinfo) proclist; 121 }; 122 123 #define timespecsubt(tvp, uvp, vvp) \ 124 do { \ 125 (vvp)->tv_sec = (tvp)->tv_sec - (uvp)->tv_sec; \ 126 (vvp)->tv_nsec = (tvp)->tv_nsec - (uvp)->tv_nsec; \ 127 if ((vvp)->tv_nsec < 0) { \ 128 (vvp)->tv_sec--; \ 129 (vvp)->tv_nsec += 1000000000; \ 130 } \ 131 } while (0) 132 133 #define timespecadd(tvp, uvp, vvp) \ 134 do { \ 135 (vvp)->tv_sec = (tvp)->tv_sec + (uvp)->tv_sec; \ 136 (vvp)->tv_nsec = (tvp)->tv_nsec + (uvp)->tv_nsec; \ 137 if ((vvp)->tv_nsec > 1000000000) { \ 138 (vvp)->tv_sec++; \ 139 (vvp)->tv_nsec -= 1000000000; \ 140 } \ 141 } while (0) 142