1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #pragma ident "%Z%%M% %I% %E% SMI" 27 28 /* 29 * Kernel Process View Target 30 * 31 * The kproc target is activated when the user is debugging a kernel using the 32 * kvm target and executes a ::context dcmd to change the debugger view to one 33 * of the running processes. The kvm target's t_setcontext operation will 34 * create and activate a kproc target in response to this call. The kproc 35 * target itself is built upon the kvm target's libkvm cookie and the ability 36 * to read information from the kernel itself and the ability to read the 37 * address space of a particular user process with kvm_aread(). It also relies 38 * on a special set of functions provided by the kvm target's mdb_ks support 39 * module in order to bootstrap: specifically, given the initial proc pointer, 40 * mdb_ks provides functions to return the set of address space mappings, the 41 * address space pointer itself, the aux vector vector saved in the u-area, 42 * and the process data model. The kproc target maintains a list of address 43 * space mappings (kp_map_t) and load objects (kp_file_t), and for each load 44 * object will attempt to read the corresponding dynamic symbol table. In 45 * order to bootstrap, the target uses the AT_BASE and AT_ENTRY aux vector 46 * elements to locate the dynamic linker and executable mappings. With these 47 * mappings in place, we initialize a librtld_db agent on the target (see 48 * mdb_pservice.c for how this is done), and then process each load object 49 * found in the link-map chain. In order to simplify the construction of 50 * symbol tables for each load object, we would like make use of our existing 51 * library of GElf processing code. Since the MDB GElf code uses mdb_io 52 * objects to read in an ELF file, we simply define a new type of mdb_io object 53 * where each read operation is translated into a call to kproc's t_vread 54 * function to read from the range of the address space defined by the mapping 55 * as if it were a file. 56 */ 57 58 #include <sys/types.h> 59 #include <sys/proc.h> 60 #include <sys/auxv.h> 61 62 #include <strings.h> 63 #include <limits.h> 64 #include <rtld_db.h> 65 #include <procfs.h> 66 #include <dlfcn.h> 67 #include <kvm.h> 68 69 #include <mdb/mdb_target_impl.h> 70 #include <mdb/mdb_debug.h> 71 #include <mdb/mdb_string.h> 72 #include <mdb/mdb_err.h> 73 #include <mdb/mdb_ks.h> 74 #include <mdb/mdb_gelf.h> 75 #include <mdb/mdb_io_impl.h> 76 #include <mdb/mdb.h> 77 78 typedef struct kp_symarg { 79 mdb_tgt_sym_f *sym_cb; /* Caller's callback function */ 80 void *sym_data; /* Callback function argument */ 81 uint_t sym_type; /* Symbol type/binding filter */ 82 uintptr_t sym_adjust; /* Symbol value adjustment */ 83 mdb_syminfo_t sym_info; /* Symbol id and table id */ 84 const char *sym_obj; /* Containing object */ 85 } kp_symarg_t; 86 87 typedef struct kp_file { 88 mdb_gelf_file_t *kpf_file; /* ELF file object */ 89 mdb_io_t *kpf_fio; /* ELF file back-end */ 90 mdb_gelf_symtab_t *kpf_dynsym; /* Dynamic symbol table */ 91 struct kp_map *kpf_map; /* Primary (text) mapping */ 92 const char *kpf_basename; /* Mapping basename */ 93 uintptr_t kpf_dyn_base; /* Load address for ET_DYN files */ 94 uintptr_t kpf_text_base; /* Base address of text mapping */ 95 uintptr_t kpf_data_base; /* Base address of data mapping */ 96 struct kp_file *kpf_next; /* Pointer to next file */ 97 } kp_file_t; 98 99 typedef struct kp_map { 100 mdb_map_t kpm_map; /* Mapping information */ 101 kp_file_t *kpm_file; /* Pointer to load object */ 102 struct kp_map *kpm_next; /* Pointer to next mapping */ 103 } kp_map_t; 104 105 typedef struct kp_io { 106 mdb_tgt_t *kpi_tgt; /* Backpointer to kproc target */ 107 kp_map_t *kpi_map; /* Mapping for this i/o */ 108 uintptr_t kpi_ptr; /* Virtual address pointer */ 109 uintptr_t kpi_lim; /* Virtual address limit */ 110 } kp_io_t; 111 112 typedef struct kp_data { 113 mdb_tgt_t *kp_parent; /* Parent kvm target */ 114 kvm_t *kp_cookie; /* Cookie for libkvm routines */ 115 rd_agent_t *kp_rap; /* Cookie for librtld_db routines */ 116 proc_t *kp_proc; /* Proc address in dump */ 117 struct as *kp_as; /* Proc as address in dump */ 118 pid_t kp_pid; /* Process ID */ 119 auxv_t *kp_auxv; /* Auxv array from u-area */ 120 int kp_nauxv; /* Length of kp_auxv */ 121 const char *kp_platform; /* Platform string from kvm target */ 122 uint_t kp_model; /* Process data model */ 123 kp_file_t *kp_file_head; /* Head of load object list */ 124 kp_file_t *kp_file_tail; /* Tail of load object list */ 125 kp_map_t *kp_map_head; /* Head of mapping list */ 126 kp_map_t *kp_map_tail; /* Tail of mapping list */ 127 int kp_num_files; /* Length of load object list */ 128 int kp_num_maps; /* Length of mapping list */ 129 kp_map_t *kp_map_exec; /* Executable mapping */ 130 kp_map_t *kp_map_ldso; /* Interpreter mapping */ 131 kp_file_t kp_prfile; /* Fake file for mdb.m_prsym */ 132 } kp_data_t; 133 134 static mdb_io_t *kp_io_create(mdb_tgt_t *, kp_map_t *); 135 136 static kp_map_t * 137 kp_addr_to_kpmap(kp_data_t *kp, uintptr_t addr) 138 { 139 kp_map_t *kpm; 140 141 for (kpm = kp->kp_map_head; kpm != NULL; kpm = kpm->kpm_next) { 142 if (addr >= kpm->kpm_map.map_base && 143 addr < kpm->kpm_map.map_base + kpm->kpm_map.map_size) 144 return (kpm); 145 } 146 147 return (NULL); 148 } 149 150 static long 151 kp_getauxval(kp_data_t *kp, int type) 152 { 153 auxv_t *auxp; 154 155 for (auxp = kp->kp_auxv; auxp->a_type != AT_NULL; auxp++) { 156 if (auxp->a_type == type) 157 return (auxp->a_un.a_val); 158 } 159 160 return (-1L); 161 } 162 163 static void 164 kp_add_mapping(const mdb_map_t *pmp, void *data) 165 { 166 kp_map_t *kpm = mdb_zalloc(sizeof (kp_map_t), UM_SLEEP); 167 kp_data_t *kp = data; 168 169 bcopy(pmp, &kpm->kpm_map, sizeof (mdb_map_t)); 170 171 if (kp->kp_map_tail != NULL) 172 kp->kp_map_tail->kpm_next = kpm; 173 else 174 kp->kp_map_head = kpm; 175 176 kp->kp_map_tail = kpm; 177 kp->kp_num_maps++; 178 } 179 180 static kp_file_t * 181 kp_file_create(mdb_tgt_t *t, kp_map_t *kpm, GElf_Half etype) 182 { 183 kp_file_t *kpf = mdb_zalloc(sizeof (kp_file_t), UM_SLEEP); 184 kp_data_t *kp = t->t_data; 185 186 kpf->kpf_fio = kp_io_create(t, kpm); 187 kpf->kpf_map = kpm; 188 kpf->kpf_basename = strbasename(kpm->kpm_map.map_name); 189 kpf->kpf_file = mdb_gelf_create(kpf->kpf_fio, etype, GF_PROGRAM); 190 kpf->kpf_text_base = kpm->kpm_map.map_base; 191 192 if (kpm != kp->kp_map_exec) 193 kpf->kpf_dyn_base = kpf->kpf_text_base; 194 195 if (kpf->kpf_file == NULL) 196 goto err; /* Failed to create ELF file */ 197 198 mdb_dprintf(MDB_DBG_TGT, "loading symbols for %s\n", 199 kpm->kpm_map.map_name); 200 201 kpf->kpf_dynsym = mdb_gelf_symtab_create_dynamic(kpf->kpf_file, 202 MDB_TGT_DYNSYM); 203 204 if (kpf->kpf_dynsym == NULL) 205 goto err; /* Failed to create symbol table */ 206 207 kpm->kpm_file = kpf; 208 209 if (kp->kp_file_tail != NULL) 210 kp->kp_file_tail->kpf_next = kpf; 211 else 212 kp->kp_file_head = kpf; 213 214 kp->kp_file_tail = kpf; 215 kp->kp_num_files++; 216 217 return (kpf); 218 219 err: 220 if (kpf->kpf_file != NULL) 221 mdb_gelf_destroy(kpf->kpf_file); 222 else 223 mdb_io_destroy(kpf->kpf_fio); 224 mdb_free(kpf, sizeof (kp_file_t)); 225 return (NULL); 226 } 227 228 static void 229 kp_file_destroy(kp_file_t *kpf) 230 { 231 if (kpf->kpf_dynsym != NULL) 232 mdb_gelf_symtab_destroy(kpf->kpf_dynsym); 233 234 mdb_gelf_destroy(kpf->kpf_file); 235 mdb_free(kpf, sizeof (kp_file_t)); 236 } 237 238 static int 239 kp_setcontext(mdb_tgt_t *t, void *context) 240 { 241 kp_data_t *kp = t->t_data; 242 243 if (kp->kp_proc != context) { 244 mdb_tgt_destroy(t); 245 return (mdb_tgt_setcontext(mdb.m_target, context)); 246 } 247 248 mdb_warn("debugger context is already set to proc %p\n", context); 249 return (0); 250 } 251 252 static kp_map_t * 253 kp_find_data(kp_data_t *kp, kp_file_t *kpf, const rd_loadobj_t *rlp) 254 { 255 GElf_Phdr *gpp = kpf->kpf_file->gf_phdrs; 256 size_t i, n = kpf->kpf_file->gf_npload; 257 258 /* 259 * Find the first loadable, writeable Phdr and compute kpf_data_base 260 * as the virtual address at which is was loaded. 261 */ 262 for (i = 0; i < n; i++, gpp++) { 263 if (gpp->p_type == PT_LOAD && (gpp->p_flags & PF_W)) { 264 kpf->kpf_data_base = gpp->p_vaddr; 265 if (kpf->kpf_map != kp->kp_map_exec) 266 kpf->kpf_data_base += rlp->rl_base; 267 break; 268 } 269 } 270 271 /* 272 * If we found a suitable Phdr and set kpf_data_base, return 273 * the mapping information for this address; otherwise fail. 274 */ 275 if (kpf->kpf_data_base != 0) 276 return (kp_addr_to_kpmap(kp, kpf->kpf_data_base)); 277 278 return (NULL); 279 } 280 281 static int 282 kp_iter_mapping(const rd_loadobj_t *rlp, mdb_tgt_t *t) 283 { 284 kp_data_t *kp = t->t_data; 285 kp_file_t *kpf; 286 kp_map_t *kpm; 287 288 char name[MDB_TGT_MAPSZ]; 289 290 if (mdb_tgt_readstr(t, MDB_TGT_AS_VIRT, name, 291 sizeof (name), (mdb_tgt_addr_t)rlp->rl_nameaddr) <= 0) { 292 mdb_dprintf(MDB_DBG_TGT, "failed to read name %p", 293 (void *)rlp->rl_nameaddr); 294 return (1); /* Keep going; forget this if we can't read name */ 295 } 296 297 mdb_dprintf(MDB_DBG_TGT, "rd_loadobj name = \"%s\" rl_base = %p\n", 298 name, (void *)rlp->rl_base); 299 300 if ((kpm = kp_addr_to_kpmap(kp, rlp->rl_base)) == NULL) 301 return (1); /* Keep going; no mapping at this address */ 302 303 (void) strncpy(kpm->kpm_map.map_name, name, MDB_TGT_MAPSZ); 304 kpm->kpm_map.map_name[MDB_TGT_MAPSZ - 1] = '\0'; 305 306 if ((kpf = kpm->kpm_file) == NULL) { 307 if (kpm == kp->kp_map_exec) 308 kpf = kp_file_create(t, kpm, ET_EXEC); 309 else 310 kpf = kp_file_create(t, kpm, ET_DYN); 311 312 if (kpf == NULL) 313 return (1); /* Keep going; failed to build ELF file */ 314 } else 315 kpf->kpf_basename = strbasename(kpm->kpm_map.map_name); 316 317 if ((kpm = kp_find_data(kp, kpf, rlp)) != NULL) { 318 mdb_dprintf(MDB_DBG_TGT, "found data for %s at %p\n", 319 kpf->kpf_basename, (void *)kpm->kpm_map.map_base); 320 kpm->kpm_file = kpf; 321 } 322 323 return (1); 324 } 325 326 /*ARGSUSED*/ 327 static int 328 kp_status_dcmd(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv) 329 { 330 kp_data_t *kp = mdb.m_target->t_data; 331 332 mdb_printf("debugging PID %d (%d-bit) in kernel crash dump\n", 333 kp->kp_pid, kp->kp_model == PR_MODEL_ILP32 ? 32 : 64); 334 335 if (kp->kp_map_exec != NULL) { 336 mdb_printf("executable file: %s\n", 337 kp->kp_map_exec->kpm_map.map_name); 338 } 339 340 return (DCMD_OK); 341 } 342 343 static const mdb_dcmd_t kp_dcmds[] = { 344 { "status", NULL, "print summary of current target", kp_status_dcmd }, 345 { NULL } 346 }; 347 348 static void 349 kp_activate(mdb_tgt_t *t) 350 { 351 kp_data_t *kp = t->t_data; 352 353 mdb_prop_postmortem = TRUE; 354 mdb_prop_kernel = FALSE; 355 356 if (kp->kp_model == PR_MODEL_ILP32) 357 mdb_prop_datamodel = MDB_TGT_MODEL_ILP32; 358 else 359 mdb_prop_datamodel = MDB_TGT_MODEL_LP64; 360 361 /* 362 * Initialize our rtld_db agent and then iterate over the link map, 363 * instantiating kp_file objects as we go. 364 */ 365 if ((kp->kp_rap = rd_new((struct ps_prochandle *)t)) != NULL) { 366 (void) rd_loadobj_iter(kp->kp_rap, (rl_iter_f *) 367 kp_iter_mapping, t); 368 } else { 369 mdb_warn("unable to initialize rtld_db agent for proc %p\n", 370 (void *)kp->kp_proc); 371 } 372 373 (void) mdb_tgt_register_dcmds(t, &kp_dcmds[0], MDB_MOD_FORCE); 374 375 if (kp->kp_map_exec != NULL && kp->kp_map_exec->kpm_file != NULL) 376 mdb_tgt_elf_export(kp->kp_map_exec->kpm_file->kpf_file); 377 else 378 mdb_tgt_elf_export(NULL); 379 } 380 381 static void 382 kp_deactivate(mdb_tgt_t *t) 383 { 384 const mdb_dcmd_t *dcp; 385 386 for (dcp = &kp_dcmds[0]; dcp->dc_name != NULL; dcp++) { 387 if (mdb_module_remove_dcmd(t->t_module, dcp->dc_name) == -1) 388 warn("failed to remove dcmd %s", dcp->dc_name); 389 } 390 391 mdb_prop_postmortem = FALSE; 392 mdb_prop_kernel = FALSE; 393 mdb_prop_datamodel = MDB_TGT_MODEL_UNKNOWN; 394 } 395 396 static void 397 kp_destroy(mdb_tgt_t *t) 398 { 399 kp_data_t *kp = t->t_data; 400 kp_map_t *kpm, *nkpm; 401 kp_file_t *kpf, *nkpf; 402 403 if (kp->kp_rap != NULL) 404 rd_delete(kp->kp_rap); 405 406 for (kpm = kp->kp_map_head; kpm != NULL; kpm = nkpm) { 407 nkpm = kpm->kpm_next; 408 mdb_free(kpm, sizeof (kp_map_t)); 409 } 410 411 for (kpf = kp->kp_file_head; kpf != NULL; kpf = nkpf) { 412 nkpf = kpf->kpf_next; 413 kp_file_destroy(kpf); 414 } 415 416 mdb_free(kp->kp_auxv, kp->kp_nauxv * sizeof (auxv_t)); 417 mdb_free(kp, sizeof (kp_data_t)); 418 } 419 420 /*ARGSUSED*/ 421 static const char * 422 kp_name(mdb_tgt_t *t) 423 { 424 return ("kproc"); 425 } 426 427 static const char * 428 kp_isa(mdb_tgt_t *t) 429 { 430 kp_data_t *kp = t->t_data; 431 #ifdef __sparc 432 return (kp->kp_model == PR_MODEL_ILP32 ? "sparc" : "sparcv9"); 433 #else 434 return (kp->kp_model == PR_MODEL_ILP32 ? "i386" : "amd64"); 435 #endif 436 } 437 438 static const char * 439 kp_platform(mdb_tgt_t *t) 440 { 441 return (((kp_data_t *)t->t_data)->kp_platform); 442 } 443 444 static int 445 kp_uname(mdb_tgt_t *t, struct utsname *utsp) 446 { 447 kp_data_t *kp = t->t_data; 448 return (mdb_tgt_uname(kp->kp_parent, utsp)); 449 } 450 451 static int 452 kp_dmodel(mdb_tgt_t *t) 453 { 454 kp_data_t *kp = t->t_data; 455 456 switch (kp->kp_model) { 457 case PR_MODEL_ILP32: 458 return (MDB_TGT_MODEL_ILP32); 459 case PR_MODEL_LP64: 460 return (MDB_TGT_MODEL_LP64); 461 } 462 463 return (MDB_TGT_MODEL_UNKNOWN); 464 } 465 466 static kp_map_t * 467 kp_name_to_kpmap(kp_data_t *kp, const char *name) 468 { 469 size_t namelen; 470 kp_file_t *kpf; 471 kp_map_t *kpm; 472 473 /* 474 * Handle special reserved names (except for MDB_TGT_OBJ_EVERY): 475 */ 476 if (name == MDB_TGT_OBJ_EXEC) 477 return (kp->kp_map_exec); 478 479 if (name == MDB_TGT_OBJ_RTLD) 480 return (kp->kp_map_ldso); 481 482 /* 483 * First pass: look for exact matches on the entire pathname 484 * associated with the mapping or its basename. 485 */ 486 for (kpm = kp->kp_map_head; kpm != NULL; kpm = kpm->kpm_next) { 487 if ((kpf = kpm->kpm_file) != NULL) { 488 if (strcmp(kpm->kpm_map.map_name, name) == 0 || 489 strcmp(kpf->kpf_basename, name) == 0) 490 return (kpf->kpf_map); 491 } 492 } 493 494 namelen = strlen(name); 495 496 /* 497 * Second pass: look for partial matches (initial basename match 498 * up to a '.' suffix); allows "libc.so" or "libc" to match "libc.so.1" 499 */ 500 for (kpm = kp->kp_map_head; kpm != NULL; kpm = kpm->kpm_next) { 501 if ((kpf = kpm->kpm_file) != NULL) { 502 if (strncmp(kpf->kpf_basename, name, namelen) == 0 && 503 kpf->kpf_basename[namelen] == '.') 504 return (kpf->kpf_map); 505 } 506 } 507 508 /* 509 * One last check: we allow "a.out" to always alias the executable, 510 * assuming this name was not in use for something else. 511 */ 512 if (strcmp(name, "a.out") == 0) 513 return (kp->kp_map_exec); 514 515 return (NULL); 516 } 517 518 519 static ssize_t 520 kp_vread(mdb_tgt_t *t, void *buf, size_t nbytes, uintptr_t addr) 521 { 522 kp_data_t *kp = t->t_data; 523 ssize_t n = kvm_aread(kp->kp_cookie, addr, buf, nbytes, kp->kp_as); 524 525 if (n == -1) 526 return (set_errno(EMDB_NOMAP)); 527 528 return (n); 529 } 530 531 static ssize_t 532 kp_vwrite(mdb_tgt_t *t, const void *buf, size_t nbytes, uintptr_t addr) 533 { 534 kp_data_t *kp = t->t_data; 535 ssize_t n = kvm_awrite(kp->kp_cookie, addr, buf, nbytes, kp->kp_as); 536 537 if (n == -1) 538 return (set_errno(EMDB_NOMAP)); 539 540 return (n); 541 } 542 543 544 int 545 kp_vtop(mdb_tgt_t *t, mdb_tgt_as_t as, uintptr_t va, physaddr_t *pap) 546 { 547 kp_data_t *kp = t->t_data; 548 physaddr_t pa; 549 550 if (as != MDB_TGT_AS_VIRT) 551 return (set_errno(EINVAL)); 552 553 if ((pa = kvm_physaddr(kp->kp_cookie, kp->kp_as, va)) != -1ULL) { 554 *pap = pa; 555 return (0); 556 } 557 558 return (set_errno(EMDB_NOMAP)); 559 } 560 561 static int 562 kp_lookup_by_name(mdb_tgt_t *t, const char *object, 563 const char *name, GElf_Sym *symp, mdb_syminfo_t *sip) 564 { 565 kp_data_t *kp = t->t_data; 566 kp_file_t *kpf; 567 int n; 568 569 GElf_Sym sym; 570 uint_t symid; 571 int rv = -1; 572 573 /* 574 * Simplify our task: if object is EVERY, then we need to search 575 * kp_num_files files beginning at kp_file_head; otherwise we are 576 * searching 1 file whose file pointer is obtained via object_to_map. 577 */ 578 if (object != MDB_TGT_OBJ_EVERY) { 579 kp_map_t *kpm = kp_name_to_kpmap(kp, object); 580 if (kpm == NULL || kpm->kpm_file == NULL) 581 return (set_errno(EMDB_NOOBJ)); 582 kpf = kpm->kpm_file; 583 n = 1; 584 } else { 585 kpf = kp->kp_file_head; 586 n = kp->kp_num_files; 587 } 588 589 /* 590 * Iterate through the load object files and look for the symbol name 591 * in the .dynsym of each. If we encounter a match with SHN_UNDEF, 592 * keep looking in hopes of finding a better match. This means that 593 * a name such as "puts" will match the puts function in libc instead 594 * of matching the puts PLT entry in the a.out file. 595 */ 596 for (; n > 0; n--, kpf = kpf->kpf_next) { 597 if (kpf->kpf_dynsym == NULL) 598 continue; /* No symbols for this file */ 599 600 if (mdb_gelf_symtab_lookup_by_name(kpf->kpf_dynsym, 601 name, symp, &sip->sym_id) != 0) 602 continue; /* Symbol name not found */ 603 604 symp->st_value += kpf->kpf_dyn_base; 605 606 if (symp->st_shndx != SHN_UNDEF) { 607 sip->sym_table = MDB_TGT_DYNSYM; 608 return (0); 609 } 610 611 if (rv != 0) { 612 sym = *symp; 613 symid = sip->sym_id; 614 rv = 0; 615 } 616 } 617 618 if (rv != 0) 619 return (set_errno(EMDB_NOSYM)); 620 621 sip->sym_table = MDB_TGT_DYNSYM; 622 sip->sym_id = symid; 623 *symp = sym; 624 625 return (0); 626 } 627 628 static int 629 kp_lookup_by_addr(mdb_tgt_t *t, uintptr_t addr, uint_t flags, 630 char *buf, size_t nbytes, GElf_Sym *symp, mdb_syminfo_t *sip) 631 { 632 kp_data_t *kp = t->t_data; 633 kp_map_t *kpm = kp_addr_to_kpmap(kp, addr); 634 635 kp_file_t *sym_kpf = NULL; 636 GElf_Sym sym; 637 uint_t symid; 638 639 const char *name; 640 kp_file_t *kpf; 641 int n; 642 643 /* 644 * Check the user's private symbol table first; if a match is 645 * found there, we're done or we have a first guess. 646 */ 647 if (mdb_gelf_symtab_lookup_by_addr(mdb.m_prsym, 648 addr, flags, buf, nbytes, symp, &sip->sym_id) == 0) { 649 sym_kpf = &kp->kp_prfile; 650 if (flags & MDB_TGT_SYM_EXACT) 651 goto found; 652 sym = *symp; 653 symid = sip->sym_id; 654 } 655 656 /* 657 * If no mapping contains the address and EXACT mode is set, we're done. 658 * Otherwise we need to search all the symbol tables in fuzzy mode. 659 * If we find a mapping, then we only need to search that symtab. 660 */ 661 if (kpm == NULL || kpm->kpm_file == NULL) { 662 if (flags & MDB_TGT_SYM_EXACT) 663 return (set_errno(EMDB_NOSYMADDR)); 664 kpf = kp->kp_file_head; 665 n = kp->kp_num_files; 666 } else { 667 kpf = kpm->kpm_file; 668 n = 1; 669 } 670 671 /* 672 * Iterate through our list of load objects, scanning each one which 673 * has a symbol table. In fuzzy mode, we continue looking and 674 * improve our choice if we find a closer symbol. 675 */ 676 for (; n > 0; n--, kpf = kpf->kpf_next) { 677 if (kpf->kpf_dynsym == NULL) 678 continue; /* No symbols for this file */ 679 680 if (mdb_gelf_symtab_lookup_by_addr(kpf->kpf_dynsym, 681 addr - kpf->kpf_dyn_base, flags, buf, nbytes, 682 symp, &sip->sym_id) != 0) 683 continue; /* No symbol for this address */ 684 685 symp->st_value += kpf->kpf_dyn_base; 686 687 if (flags & MDB_TGT_SYM_EXACT) { 688 sym_kpf = kpf; 689 goto found; 690 } 691 692 if (sym_kpf == NULL || mdb_gelf_sym_closer(symp, &sym, addr)) { 693 sym_kpf = kpf; 694 sym = *symp; 695 symid = sip->sym_id; 696 } 697 } 698 699 if (sym_kpf == NULL) 700 return (set_errno(EMDB_NOSYMADDR)); 701 702 *symp = sym; /* Copy our best symbol into the caller's symbol */ 703 sip->sym_id = symid; 704 found: 705 /* 706 * Once we've found something, copy the final name into the caller's 707 * buffer and prefix it with the load object name if appropriate. 708 */ 709 name = mdb_gelf_sym_name(sym_kpf->kpf_dynsym, symp); 710 711 if (sym_kpf != kp->kp_map_exec->kpm_file && sym_kpf != &kp->kp_prfile) { 712 (void) mdb_snprintf(buf, nbytes, "%s`%s", 713 sym_kpf->kpf_basename, name); 714 } else if (nbytes > 0) { 715 (void) strncpy(buf, name, nbytes); 716 buf[nbytes - 1] = '\0'; 717 } 718 719 if (sym_kpf == &kp->kp_prfile) 720 sip->sym_table = MDB_TGT_PRVSYM; 721 else 722 sip->sym_table = MDB_TGT_DYNSYM; 723 724 return (0); 725 } 726 727 static int 728 kp_symtab_func(void *data, const GElf_Sym *symp, const char *name, uint_t id) 729 { 730 kp_symarg_t *argp = data; 731 if (mdb_tgt_sym_match(symp, argp->sym_type)) { 732 GElf_Sym sym = *symp; 733 734 sym.st_value += argp->sym_adjust; 735 736 argp->sym_info.sym_id = id; 737 738 return (argp->sym_cb(argp->sym_data, &sym, name, 739 &argp->sym_info, argp->sym_obj)); 740 } 741 742 return (0); 743 } 744 745 static void 746 kp_symtab_iter(kp_file_t *kpf, uint_t type, const char *obj, 747 mdb_tgt_sym_f *cb, void *data) 748 { 749 if (kpf->kpf_dynsym != NULL) { 750 kp_symarg_t arg; 751 752 arg.sym_cb = cb; 753 arg.sym_data = data; 754 arg.sym_type = type; 755 arg.sym_adjust = kpf->kpf_dyn_base; 756 arg.sym_info.sym_table = kpf->kpf_dynsym->gst_tabid; 757 arg.sym_obj = obj; 758 759 mdb_gelf_symtab_iter(kpf->kpf_dynsym, kp_symtab_func, &arg); 760 } 761 } 762 763 /*ARGSUSED*/ 764 static int 765 kp_symbol_iter(mdb_tgt_t *t, const char *object, uint_t which, 766 uint_t type, mdb_tgt_sym_f *func, void *private) 767 { 768 kp_data_t *kp = t->t_data; 769 kp_file_t *kpf = NULL; 770 kp_map_t *kpm; 771 772 switch ((uintptr_t)object) { 773 case (uintptr_t)MDB_TGT_OBJ_EVERY: 774 if (kp->kp_map_exec && kp->kp_map_exec->kpm_file) { 775 kpf = kp->kp_map_exec->kpm_file; 776 kp_symtab_iter(kpf, type, MDB_TGT_OBJ_EXEC, func, 777 private); 778 } 779 if (kp->kp_map_ldso && kp->kp_map_ldso->kpm_file) { 780 kpf = kp->kp_map_ldso->kpm_file; 781 kp_symtab_iter(kpf, type, MDB_TGT_OBJ_RTLD, func, 782 private); 783 } 784 return (0); 785 786 case (uintptr_t)MDB_TGT_OBJ_EXEC: 787 if (kp->kp_map_exec && kp->kp_map_exec->kpm_file) 788 kpf = kp->kp_map_exec->kpm_file; 789 break; 790 791 case (uintptr_t)MDB_TGT_OBJ_RTLD: 792 if (kp->kp_map_ldso && kp->kp_map_ldso->kpm_file) 793 kpf = kp->kp_map_ldso->kpm_file; 794 break; 795 796 default: 797 if ((kpm = kp_name_to_kpmap(kp, object)) != NULL) { 798 kpf = kpm->kpm_file; 799 break; 800 } else 801 return (set_errno(EMDB_NOOBJ)); 802 } 803 804 if (kpf != NULL) 805 kp_symtab_iter(kpf, type, object, func, private); 806 807 return (0); 808 } 809 810 static int 811 kp_mapping_iter(mdb_tgt_t *t, mdb_tgt_map_f *func, void *private) 812 { 813 kp_data_t *kp = t->t_data; 814 kp_map_t *kpm; 815 816 for (kpm = kp->kp_map_head; kpm != NULL; kpm = kpm->kpm_next) { 817 if (func(private, &kpm->kpm_map, kpm->kpm_map.map_name) != 0) 818 break; 819 } 820 821 return (0); 822 } 823 824 static int 825 kp_object_iter(mdb_tgt_t *t, mdb_tgt_map_f *func, void *private) 826 { 827 kp_data_t *kp = t->t_data; 828 kp_file_t *kpf; 829 830 for (kpf = kp->kp_file_head; kpf != NULL; kpf = kpf->kpf_next) { 831 if (func(private, &kpf->kpf_map->kpm_map, 832 kpf->kpf_map->kpm_map.map_name) != 0) 833 break; 834 } 835 836 return (0); 837 } 838 839 static const mdb_map_t * 840 kp_addr_to_map(mdb_tgt_t *t, uintptr_t addr) 841 { 842 kp_map_t *kpm = kp_addr_to_kpmap(t->t_data, addr); 843 844 if (kpm != NULL) 845 return (&kpm->kpm_map); 846 847 (void) set_errno(EMDB_NOMAP); 848 return (NULL); 849 } 850 851 static const mdb_map_t * 852 kp_name_to_map(mdb_tgt_t *t, const char *name) 853 { 854 kp_map_t *kpm = kp_name_to_kpmap(t->t_data, name); 855 856 if (kpm != NULL) 857 return (&kpm->kpm_map); 858 859 (void) set_errno(EMDB_NOOBJ); 860 return (NULL); 861 } 862 863 /*ARGSUSED*/ 864 static int 865 kp_status(mdb_tgt_t *t, mdb_tgt_status_t *tsp) 866 { 867 bzero(tsp, sizeof (mdb_tgt_status_t)); 868 tsp->st_state = MDB_TGT_DEAD; 869 return (0); 870 } 871 872 static int 873 kp_auxv(mdb_tgt_t *t, const auxv_t **auxvp) 874 { 875 kp_data_t *kp = t->t_data; 876 *auxvp = kp->kp_auxv; 877 return (0); 878 } 879 880 static const mdb_tgt_ops_t kproc_ops = { 881 (int (*)()) mdb_tgt_notsup, /* t_setflags */ 882 kp_setcontext, /* t_setcontext */ 883 kp_activate, /* t_activate */ 884 kp_deactivate, /* t_deactivate */ 885 (void (*)()) mdb_tgt_nop, /* t_periodic */ 886 kp_destroy, /* t_destroy */ 887 kp_name, /* t_name */ 888 kp_isa, /* t_isa */ 889 kp_platform, /* t_platform */ 890 kp_uname, /* t_uname */ 891 kp_dmodel, /* t_dmodel */ 892 (ssize_t (*)()) mdb_tgt_notsup, /* t_aread */ 893 (ssize_t (*)()) mdb_tgt_notsup, /* t_awrite */ 894 kp_vread, /* t_vread */ 895 kp_vwrite, /* t_vwrite */ 896 (ssize_t (*)()) mdb_tgt_notsup, /* t_pread */ 897 (ssize_t (*)()) mdb_tgt_notsup, /* t_pwrite */ 898 (ssize_t (*)()) mdb_tgt_notsup, /* t_fread */ 899 (ssize_t (*)()) mdb_tgt_notsup, /* t_fwrite */ 900 (ssize_t (*)()) mdb_tgt_notsup, /* t_ioread */ 901 (ssize_t (*)()) mdb_tgt_notsup, /* t_iowrite */ 902 kp_vtop, /* t_vtop */ 903 kp_lookup_by_name, /* t_lookup_by_name */ 904 kp_lookup_by_addr, /* t_lookup_by_addr */ 905 kp_symbol_iter, /* t_symbol_iter */ 906 kp_mapping_iter, /* t_mapping_iter */ 907 kp_object_iter, /* t_object_iter */ 908 kp_addr_to_map, /* t_addr_to_map */ 909 kp_name_to_map, /* t_name_to_map */ 910 (struct ctf_file *(*)()) mdb_tgt_null, /* t_addr_to_ctf */ 911 (struct ctf_file *(*)()) mdb_tgt_null, /* t_name_to_ctf */ 912 kp_status, /* t_status */ 913 (int (*)()) mdb_tgt_notsup, /* t_run */ 914 (int (*)()) mdb_tgt_notsup, /* t_step */ 915 (int (*)()) mdb_tgt_notsup, /* t_step_out */ 916 (int (*)()) mdb_tgt_notsup, /* t_step_branch */ 917 (int (*)()) mdb_tgt_notsup, /* t_next */ 918 (int (*)()) mdb_tgt_notsup, /* t_cont */ 919 (int (*)()) mdb_tgt_notsup, /* t_signal */ 920 (int (*)()) mdb_tgt_null, /* t_add_sbrkpt */ 921 (int (*)()) mdb_tgt_null, /* t_add_vbrkpt */ 922 (int (*)()) mdb_tgt_null, /* t_add_pwapt */ 923 (int (*)()) mdb_tgt_null, /* t_add_vwapt */ 924 (int (*)()) mdb_tgt_null, /* t_add_iowapt */ 925 (int (*)()) mdb_tgt_null, /* t_add_sysenter */ 926 (int (*)()) mdb_tgt_null, /* t_add_sysexit */ 927 (int (*)()) mdb_tgt_null, /* t_add_signal */ 928 (int (*)()) mdb_tgt_null, /* t_add_fault */ 929 (int (*)()) mdb_tgt_notsup, /* t_getareg XXX */ 930 (int (*)()) mdb_tgt_notsup, /* t_putareg XXX */ 931 (int (*)()) mdb_tgt_notsup, /* t_stack_iter XXX */ 932 kp_auxv /* t_auxv */ 933 }; 934 935 int 936 mdb_kproc_tgt_create(mdb_tgt_t *t, int argc, const char *argv[]) 937 { 938 kp_data_t *kp = mdb_zalloc(sizeof (kp_data_t), UM_SLEEP); 939 void *proc = (void *)argv[0]; 940 long at_entry, at_base; 941 GElf_Sym sym; 942 943 int (*f_asiter)(uintptr_t, void (*)(const mdb_map_t *, void *), void *); 944 int (*f_auxv)(uintptr_t, auxv_t *); 945 uintptr_t (*f_as)(uintptr_t); 946 uint_t (*f_model)(uintptr_t); 947 pid_t (*f_pid)(uintptr_t); 948 949 if (argc != 1) 950 return (set_errno(EINVAL)); 951 952 t->t_flags &= ~MDB_TGT_F_RDWR; 953 t->t_data = kp; 954 t->t_ops = &kproc_ops; 955 956 f_asiter = (int (*)()) dlsym(RTLD_NEXT, "mdb_kproc_asiter"); 957 f_auxv = (int (*)()) dlsym(RTLD_NEXT, "mdb_kproc_auxv"); 958 f_as = (uintptr_t (*)()) dlsym(RTLD_NEXT, "mdb_kproc_as"); 959 f_model = (model_t (*)()) dlsym(RTLD_NEXT, "mdb_kproc_model"); 960 f_pid = (pid_t (*)()) dlsym(RTLD_NEXT, "mdb_kproc_pid"); 961 962 if (f_asiter == NULL || f_auxv == NULL || 963 f_as == NULL || f_model == NULL || f_pid == NULL) { 964 warn("required kernel support module is not loaded\n"); 965 goto err; 966 } 967 968 /* 969 * Here the kproc target relies on the fact that at the time of its 970 * instantiation, mdb.m_target is pointing at a kvm target, and 971 * that the kvm target has stored its libkvm handle in t_pshandle. 972 */ 973 kp->kp_parent = mdb.m_target; 974 kp->kp_cookie = mdb.m_target->t_pshandle; 975 kp->kp_platform = mdb_tgt_platform(mdb.m_target); 976 kp->kp_proc = proc; 977 kp->kp_as = (struct as *)f_as((uintptr_t)proc); 978 kp->kp_pid = f_pid((uintptr_t)proc); 979 980 if (kp->kp_as == NULL) { 981 warn("failed to obtain address space for proc %p\n", proc); 982 goto err; 983 } 984 985 if (kp->kp_pid == -1) { 986 warn("failed to obtain PID for proc %p\n", proc); 987 goto err; 988 } 989 990 if (mdb_tgt_lookup_by_name(kp->kp_parent, MDB_TGT_OBJ_EXEC, "kas", 991 &sym, NULL) == 0 && kp->kp_as == 992 (struct as *)(uintptr_t)sym.st_value) { 993 warn("specified process is a system process (no context)\n"); 994 goto err; 995 } 996 997 if ((kp->kp_model = f_model((uintptr_t)proc)) == PR_MODEL_UNKNOWN) { 998 warn("failed to obtain data model for proc %p\n", proc); 999 goto err; 1000 } 1001 1002 if (f_asiter((uintptr_t)kp->kp_as, kp_add_mapping, kp) == -1) { 1003 warn("failed to load mappings for proc %p", proc); 1004 goto err; 1005 } 1006 1007 kp->kp_nauxv = f_auxv((uintptr_t)proc, NULL) + 1; 1008 kp->kp_auxv = mdb_alloc(sizeof (auxv_t) * kp->kp_nauxv, UM_SLEEP); 1009 1010 if (f_auxv((uintptr_t)proc, kp->kp_auxv) == -1) { 1011 warn("failed to load auxv for proc %p", proc); 1012 goto err; 1013 } 1014 1015 kp->kp_auxv[kp->kp_nauxv - 1].a_type = AT_NULL; 1016 kp->kp_auxv[kp->kp_nauxv - 1].a_un.a_val = 0; 1017 1018 if ((at_entry = kp_getauxval(kp, AT_ENTRY)) == -1L) { 1019 warn("auxv for proc %p is missing AT_ENTRY\n", proc); 1020 goto err; 1021 } 1022 1023 if ((at_base = kp_getauxval(kp, AT_BASE)) == -1L) { 1024 warn("auxv for proc %p is missing AT_BASE\n", proc); 1025 goto err; 1026 } 1027 1028 /* 1029 * If we're applying kproc to a live kernel, we need to force libkvm 1030 * to set the current process to the process in question so we can 1031 * read from its address space. If kvm_getproc returns NULL, the 1032 * process may have gone away since our previous calls to mdb_ks. 1033 */ 1034 if (mdb_prop_postmortem == FALSE && 1035 kvm_getproc(kp->kp_cookie, kp->kp_pid) == NULL) 1036 warn("failed to attach to PID %d\n", (int)kp->kp_pid); 1037 1038 kp->kp_map_exec = kp_addr_to_kpmap(kp, at_entry); 1039 kp->kp_map_ldso = kp_addr_to_kpmap(kp, at_base); 1040 1041 (void) kp_file_create(t, kp->kp_map_exec, ET_EXEC); 1042 (void) kp_file_create(t, kp->kp_map_ldso, ET_DYN); 1043 1044 kp->kp_prfile.kpf_dynsym = mdb.m_prsym; 1045 1046 return (0); 1047 1048 err: 1049 kp_destroy(t); 1050 return (-1); 1051 } 1052 1053 static ssize_t 1054 kp_io_read(mdb_io_t *io, void *buf, size_t nbytes) 1055 { 1056 kp_io_t *kpi = io->io_data; 1057 kp_data_t *kp = kpi->kpi_tgt->t_data; 1058 1059 kp_map_t *kpm = kp_addr_to_kpmap(kp, kpi->kpi_ptr); 1060 size_t left; 1061 1062 if (kpm != NULL) { 1063 const mdb_map_t *mp = &kpm->kpm_map; 1064 left = mp->map_base + mp->map_size - kpi->kpi_ptr; 1065 } else 1066 left = 0; 1067 1068 if (left != 0) { 1069 ssize_t rbytes = kp_vread(kpi->kpi_tgt, 1070 buf, MIN(nbytes, left), kpi->kpi_ptr); 1071 1072 if (rbytes >= 0) 1073 kpi->kpi_ptr += rbytes; 1074 1075 return (rbytes); 1076 } 1077 1078 return (0); /* At end of segment or in hole; return EOF */ 1079 } 1080 1081 static off64_t 1082 kp_io_seek(mdb_io_t *io, off64_t offset, int whence) 1083 { 1084 kp_io_t *kpi = io->io_data; 1085 const mdb_map_t *mp = &kpi->kpi_map->kpm_map; 1086 uintptr_t nptr; 1087 1088 if (io->io_next != NULL) 1089 return (IOP_SEEK(io->io_next, offset, whence)); 1090 1091 switch (whence) { 1092 case SEEK_SET: 1093 nptr = mp->map_base + offset; 1094 break; 1095 case SEEK_CUR: 1096 nptr = kpi->kpi_ptr + offset; 1097 break; 1098 case SEEK_END: 1099 nptr = kpi->kpi_lim + offset; 1100 break; 1101 default: 1102 return (set_errno(EINVAL)); 1103 } 1104 1105 if (nptr < mp->map_base || nptr >= kpi->kpi_lim) 1106 return (set_errno(EINVAL)); 1107 1108 kpi->kpi_ptr = nptr; 1109 return ((off64_t)(nptr - mp->map_base)); 1110 } 1111 1112 static void 1113 kp_io_close(mdb_io_t *io) 1114 { 1115 mdb_free(io->io_data, sizeof (kp_io_t)); 1116 } 1117 1118 static const char * 1119 kp_io_name(mdb_io_t *io) 1120 { 1121 kp_io_t *kpi = io->io_data; 1122 1123 if (io->io_next != NULL) 1124 return (IOP_NAME(io->io_next)); 1125 1126 return (kpi->kpi_map->kpm_map.map_name); 1127 } 1128 1129 static const mdb_io_ops_t kp_io_ops = { 1130 kp_io_read, 1131 no_io_write, 1132 kp_io_seek, 1133 no_io_ctl, 1134 kp_io_close, 1135 kp_io_name, 1136 no_io_link, 1137 no_io_unlink, 1138 no_io_setattr, 1139 no_io_suspend, 1140 no_io_resume 1141 }; 1142 1143 static mdb_io_t * 1144 kp_io_create(mdb_tgt_t *t, kp_map_t *kpm) 1145 { 1146 kp_data_t *kp = t->t_data; 1147 mdb_map_t *mp = &kp->kp_map_tail->kpm_map; 1148 1149 mdb_io_t *io = mdb_alloc(sizeof (mdb_io_t), UM_SLEEP); 1150 kp_io_t *kpi = mdb_alloc(sizeof (kp_io_t), UM_SLEEP); 1151 1152 kpi->kpi_tgt = t; 1153 kpi->kpi_map = kpm; 1154 kpi->kpi_ptr = kpm->kpm_map.map_base; 1155 kpi->kpi_lim = mp->map_base + mp->map_size; 1156 1157 io->io_ops = &kp_io_ops; 1158 io->io_data = kpi; 1159 io->io_next = NULL; 1160 io->io_refcnt = 0; 1161 1162 return (io); 1163 } 1164