ktrace: Record detailed ECAPMODE violations

When a Capsicum violation occurs in the kernel, ktrace will now record
detailed information pertaining to the violation.

For example:
- When a namei lookup violation occurs, ktrace will record the path.
- When a signal violation occurs, ktrace will record the signal number.
- When a sendto(2) violation occurs, ktrace will record the recipient
sockaddr.

For all violations, the syscall and ABI is recorded.

kdump is also modified to display this new information to the user.

Reviewed by: oshogbo, markj
Approved by: markj (mentor)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D40676

kdump: decode pollfd struct arrays coming from poll(2)

We'll handle these just as we do kevents, one per line with subsequent
lines indented sufficiently to distinguish them from the upcoming
return value.

Sample, with indentation stripped and revents changed to '...' in the
first one to keep the line length down:

CALL poll(0x820610560,0x3,0)
STRU struct pollfd[] = { { fd=0, events=0x1<POLLIN>, revents=0x11<...>
{ fd=1, events=0x4<POLLOUT>, revents=0x4<POLLOUT>}
{ fd=-1, events=0x4<POLLOUT>, revents=0} }
RET poll 2

Reviewed by: bapt, jhb
Differential Revision: https://reviews.freebsd.org/D44160

kdump: use print_mask_arg0 appropriately

Some callers are using print_mask_arg() when they should be using
print_mask_arg0(); the latter should be used when all flags are optional
and there's not a flag to be decoded with a 0-mask. This turns:

nmount(0x6991e009000,0x8,0<><invalid>0)

into:

nmount(0x6991e009000,0x8,0)

Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D43007

Remove copyright strings ifdef'd out

We've ifdef'd out the copyright strings for some time now. Go ahead and
remove the ifdefs. Plus whatever other detritis was left over from other
recent removals. These copyright strings are present in the comments and
are largely from CSRG's attempt at adding their copyright to every
binary file (which modern interpretations of the license doesn't
require).

Sponsored by: Netflix

usr.bin: Remove ancient SCCS tags.

Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl script.

Sponsored by: Netflix

Remove $FreeBSD$: one-line .c pattern

Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/

ktrace: make ktr_tid a long not intptr_t (NFC)

Long ago, ktr_tid was ktr_buffer which pointed to the buffer following
the header and was used internally in the kernel. Use was removed in
efbbbf570d70b and it was repurposed as ktr_kid in c6854c347f4d8. For
ABI reasons, it stayed an intptr_t rather than becoming an lwpid_t at
the time. Since it doesn't hold a pointer any more (unless you have
a ktrace.out from 2005), change the type to long which is alwasy the
same size on all supported architectures. Add a suggestion to change
the type to lwpid_t (__int32_t) on a future ABI break.

Remove most remaining references to ktr_buffer, retaing a comment in
kdump.c explaining why negative values are treated as 0. While here,
accept that pid_t and lwpid_t are of type int and simplify casts in
printf.

This changed was motivated by CheriBSD where intptr_t is 16-bytes
in the pure-capability ABI.

Reviewed by: kib, markj
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D36599

ktrace: Increase precision of timestamps.

Replace struct timeval in header with struct timespec.
To differentiate header formats, add a new KTR_VERSIONED flag
set in the header type field similar to the existing KTRDROP flag.

To make it easier to extend ktrace headers in the future,
extend the existing header with a version field (version 0 is
reserved for older records without KTR_VERSIONED) as well as
new fields holding the thread ID and CPU ID.

Reviewed by: jhb, pauamma
Differential Revision: https://reviews.freebsd.org/D35774
MFC after: 2 weeks

kdump: For future use made decode_filemode() public

MFC after: 2 weeks

kdump: Decode getitimer, setitimer which argument

Reviewed by: jhb (previous version, without truss)
Differential revision: https://reviews.freebsd.org/D35231
MFC after: 2 weeks

kdump: Decode Linux l_sigset_t.

Reviewed by: markj
Differential revision: https://reviews.freebsd.org/D35153
MFC after: 2 weeks

kdump: Add preliminary support for decoding Linux syscalls

Reviewed by: jhb
Differential revision: https://reviews.freebsd.org/D35216
MFC after: 2 weeks

kdump: For future use extract common code to a separate files

Reviewed by: jhb
Differential revision: https://reviews.freebsd.org/D35356
MFC after: 2 weeks

kdump: Decode cpuset_t.

Reviewed by: jhb
Differential revision: https://reviews.freebsd.org/D34982
MFC after: 2 weeks

fd: add close_range(..., CLOSE_RANGE_CLOEXEC)

For compatibility with Linux.

MFC after: 3 days
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D34424

struct kevent_freebsd11 -> struct freebsd11_kevent

Rename to match the naming of syscalls and allow 32 to be appended
without making an ugly name like kevent_freebsd1132.

While here, make the kevent changelist argument const.

Reviewed by: kib

Drop cloudabi

According to https://github.com/NuxiNL/cloudlibc:
CloudABI is no longer being maintained. It was an awesome experiment,
but it never got enough traction to be sustainable.

There is no reason to keep it in FreeBSD.

Approved by: ed (private mail)
Reviewed by: emaste
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D31923

kdump: use VIS_NOLOCALE when printing output

Attempting to parse the output as UTF-8 exposed an out-of-bounds read
in vis(3) (see https://reviews.freebsd.org/D30771). However, I don't
think it makes much sense to decode this output at all. Additionally,
passing one byte at a time will almost certainly result in incorrect
output for multi-byte characters.

Reviewed By: brooks
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D30772

kdump/truss: decode new _umtx_op flags

In both cases, print the flag bits first followed by the command.

Output now looks something like this:

(ktrace)
_umtx_op(0x8605f7008,0xf<UMTX_OP_WAIT_UINT_PRIVATE>,0,0,0)
_umtx_op(0x9fffdce8,0x80000003<UMTX_OP__32BIT|UMTX_OP_WAKE>,0x1,0,0)

(truss)
_umtx_op(0x7fffffffda50,UMTX_OP_WAKE,0x1,0x0,0x0) = 0 (0x0)
_umtx_op(0x9fffdd08,UMTX_OP__32BIT|UMTX_OP_WAKE,0x1,0x0,0x0) = 0 (0x0)

Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D27325

kdump: decode shm_open2

This is the kdump counterpart of the truss support added in r358116, and
also a part of D23733. shm_open2 is the successor to shm_open.

Reviewed by: kaktus

kdump: decode SHM_ANON as first arg to legacy shm_open(2)

The first argument to shm_open(2) as well as shm_open2(2) may be a path or
SHM_ANON. Decode SHM_ANON, at least- paths will show up as namei results in
kdump output, which may be sufficient; in those cases, we'll have printed an
address.

Future commits will add support for shm_open2() to libsysdecode/truss/kdump.

Reported by: kaktus
MFC after: 3 days

sysent: regenerate after r352705

This also implements it, fixes kdump, and removes no longer needed bits from
lib/libc/sys/shm_open.c for the interim.

kdump: expand comment on reasons for CAPFAIL_LOOKUP

Comment for CAPFAIL_LOOKUP refered only to paths containing ".." but
it is returned for other restricted VFS lookup cases, such as absolute
paths or openat(AT_FDCWD, ...).

Use 'bool' instead of 'int' for various boolean flags.

Reviewed by: kib
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D16611

Remove spurious ABI tags from kdump output.

The abidump routine output an ABI tag when -A was specified for records
that were not displayed due to type or pid filtering. To fix, split
the code to lookup the ABI from the code to display the ABI, move the
code to display the ABI into dumpheader(), and move dumpheader() later
in the main loop as a simplification. Previously dumpheader() was
called under a condition that repeated conditions made later in the
main loop.

Reviewed by: kib
MFC after: 1 month
Sponsored by: DARPA / AFRL
Differential Revision: https://reviews.freebsd.org/D16608

Convert `cap_enter() < 0 && errno != ENOSYS` to `caph_enter() < 0`.

No functional change intended.

kdump: simplify/remove per-arch #ifdefs

It is acceptable for syscallabi to map SV_ABI to SYSDECODE_ABI on all
architectures; libsysdecode will return not-found sentinel values if
it does not have a syscall name or errno mapping for a given
architecture.

Also, use __LP64__ for the SV_ILP32 -> SYSDECODE_ABI_LINUX32 mapping,
for any future 32- on 64-bit linuxulator implementation.

Reviewed by: jhb
Sponsored by: Turing Robotic Industries Inc.

NLS data and tz can be cached using caspicum helpers.

Using them we simplifies and unifies sandboxed code.

Decode kevent structures logged via ktrace(2) in kdump.

- Add a new KTR_STRUCT_ARRAY ktrace record type which dumps an array of
structures.

The structure name in the record payload is preceded by a size_t
containing the size of the individual structures. Use this to
replace the previous code that dumped the kevent arrays dumped for
kevent(). kdump is now able to decode the kevent structures rather
than dumping their contents via a hexdump.

One change from before is that the 'changes' and 'events' arrays are
not marked with separate 'read' and 'write' annotations in kdump
output. Instead, the first array is the 'changes' array, and the
second array (only present if kevent doesn't fail with an error) is
the 'events' array. For kevent(), empty arrays are denoted by an
entry with an array containing zero entries rather than no record.

- Move kevent decoding tables from truss to libsysdecode.

This adds three new functions to decode members of struct kevent:
sysdecode_kevent_filter, sysdecode_kevent_flags, and
sysdecode_kevent_fflags.

kdump uses these helper functions to pretty-print kevent fields.

- Move structure definitions for freebsd11 and freebsd32 kevent
structures to <sys/event.h> so that they can be shared with userland.
The 32-bit structures are only exposed if _WANT_KEVENT32 is defined.
The freebsd11 structures are only exposed if _WANT_FREEBSD11_KEVENT is
defined. The 32-bit freebsd11 structure requires both.

- Decode freebsd11 kevent structures in truss for the compat11.kevent()
system call.

- Log 32-bit kevent structures via ktrace for 32-bit compat kevent()
system calls.

- While here, constify the 'void *data' argument to ktrstruct().

Reviewed by: kib (earlier version)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D12470

General further adoption of SPDX licensing ID tags.

Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.

We use a few different ifdef's names to check if we are using Casper or not,
let's standardize this. Now we are always use WITH_CASPER name.

Discussed with: emaste@
MFC after: 1 month

Decode pathconf() names, *at() flags, and sysarch() numbers in libsysdecode.

Move tables that were previously in truss over to libsysdecode. truss
output is unchanged, but kdump has been updated to decode these fields.
In addition, sysdecode_sysarch_number() should support all platforms
whereas the old table in truss only supported x86.

Decode arguments to rtprio_thread() (same as rtprio()).

Fix decoding of setpriority() arguments.

The PRIO_* 'which' value is stored in the first argument to setpriority(2),
not the last. While here, decode the arguments to getpriority(2).

Decode the 'who' argument passed to getrusage().

Add a new sysdecode_getrusage_who() which decodes the RUSAGE_* constant
passed as the first argument to getrusage(). Use this function in both
kdump and truss to decode the first argument to getrusage().

PR: 215448
Submitted by: Anton Yuzhaninov <citrin+pr@citrin.ru>
MFC after: 1 month

Commit the 64-bit inode project.

Extend the ino_t, dev_t, nlink_t types to 64-bit ints. Modify
struct dirent layout to add d_off, increase the size of d_fileno
to 64-bits, increase the size of d_namlen to 16-bits, and change
the required alignment. Increase struct statfs f_mntfromname[] and
f_mntonname[] array length MNAMELEN to 1024.

ABI breakage is mitigated by providing compatibility using versioned
symbols, ingenious use of the existing padding in structures, and
by employing other tricks. Unfortunately, not everything can be
fixed, especially outside the base system. For instance, third-party
APIs which pass struct stat around are broken in backward and
forward incompatible ways.

Kinfo sysctl MIBs ABI is changed in backward-compatible way, but
there is no general mechanism to handle other sysctl MIBS which
return structures where the layout has changed. It was considered
that the breakage is either in the management interfaces, where we
usually allow ABI slip, or is not important.

Struct xvnode changed layout, no compat shims are provided.

For struct xtty, dev_t tty device member was reduced to uint32_t.
It was decided that keeping ABI compat in this case is more useful
than reporting 64-bit dev_t, for the sake of pstat.

Update note: strictly follow the instructions in UPDATING. Build
and install the new kernel with COMPAT_FREEBSD11 option enabled,
then reboot, and only then install new world.

Credits: The 64-bit inode project, also known as ino64, started life
many years ago as a project by Gleb Kurtsou (gleb). Kirk McKusick
(mckusick) then picked up and updated the patch, and acted as a
flag-waver. Feedback, suggestions, and discussions were carried
by Ed Maste (emaste), John Baldwin (jhb), Jilles Tjoelker (jilles),
and Rick Macklem (rmacklem). Kris Moore (kris) performed an initial
ports investigation followed by an exp-run by Antoine Brodin (antoine).
Essential and all-embracing testing was done by Peter Holm (pho).
The heavy lifting of coordinating all these efforts and bringing the
project to completion were done by Konstantin Belousov (kib).

Sponsored by: The FreeBSD Foundation (emaste, kib)
Differential revision: https://reviews.freebsd.org/D10439

Remove NATM configuration bits and assorted NATM and ATM remnants.

Reported by: ak
Reviewed by: ngie (first version)
Differential Revision: https://reviews.freebsd.org/D10497

Decode arguments to chflagsat().

Renumber copyright clause 4

Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96

Update libsysdecode for getfsstat() 'flags' argument changing to 'mode'.

As a followup to r310638, update libsysdecode (and kdump) to decode the
'mode' argument to getfsstat(). sysdecode_getfsstat_flags() has been
renamed to sysdecode_getfsstat_mode() and now treats the argument as an
enumerated value rather than a mask of flags.

Move mksubr from kdump into libsysdecode.

Restructure this script so that it generates a header of tables instead
of a source file. The tables are included in a flags.c source file which
provides functions to decode various system call arguments.

For functions that decode an enumeration, the function returns a pointer
to a string for known values and NULL for unknown values.

For functions that do more complex decoding (typically of a bitmask), the
function accepts a pointer to a FILE object (open_memstream() can be used
as a string builder) to which decoded values are written. If the
function operates on a bitmask, the function returns true if any bits
were decoded or false if the entire value was valid. Additionally, the
third argument accepts a pointer to a value to which any undecoded bits
are stored. This pointer can be NULL if the caller doesn't care about
remaining bits.

Convert kdump over to using decoder functions from libsysdecode instead of
mksubr. truss also uses decoders from libsysdecode instead of private
lookup tables, though lookup tables for objects not decoded by kdump remain
in truss for now. Eventually most of these tables should move into
libsysdecode as the automated table generation approach from mksubr is
less stale than the static tables in truss.

Some changes have been made to truss and kdump output:
- The flags passed to open() are now properly decoded in that one of
O_RDONLY, O_RDWR, O_WRONLY, or O_EXEC is always included in a decoded
mask.
- Optional arguments to open(), openat(), and fcntl() are only printed
in kdump if they exist (e.g. the mode is only printed for open() if
O_CREAT is set in the flags).
- Print argument to F_GETLK/SETLK/SETLKW in kdump as a pointer, not int.
- Include all procctl() commands.
- Correctly decode pipe2() flags in truss by not assuming full
open()-like flags with O_RDONLY, etc.
- Decode file flags passed to *chflags() as file flags (UF_* and SF_*)
rather than as a file mode.
- Fix decoding of quotactl() commands by splitting out the two command
components instead of assuming the raw command value matches the
primary command component.

In addition, truss and kdump now build without triggering any warnings.
All of the sysdecode manpages now include the required headers in the
synopsis.

Reviewed by: kib (several older versions), wblock (manpages)
MFC after: 2 months
Differential Revision: https://reviews.freebsd.org/D7847

Remove the duplicated code using Capsicum helpers.

Reviewed by: cem, ed, bapt, emaste
Differential Revision https://reviews.freebsd.org/D8140

Don't declare the 'temp' timeval as static.

Use timercmp() and timersub() in kdump.

Previously, kdump used the kernel-only timervalsub() macro which required
defining _KERNEL when including <sys/time.h>. Now, kdump uses the existing
userland API. The timercmp() usage to check for a backwards timestamp is
also clearer and simpler than the previous code which checked the result of
the subtraction for a negative value.

While here, take advantage of the 3-arg timersub() to store the subtraction
results in a tempory timeval instead of overwriting the timestamp in the
ktrace record and then having to restore it.

Expose kernel-only errno values if _WANT_KERNEL_ERRNO is defined.

The kernel uses a few negative errno values for internal conditions
such as requesting a system call restart. Normally these errno values
are not exposed to userland. However, kdump needs access to these
values as some of then can be present in a ktrace system call return
record. Previously kdump was defining _KERNEL to gain access to ehse
values, but was then having to manually declare 'errno' (and doing it
incorrectly). Now, kdump uses _WANT_KERNEL_ERRNO instead of _KERNEL
and uses the system-provided declaration of errno.

Decode arguments to truncate and ftruncate.

In particular, decode the off_t argument as a 64-bit argument to fix
decoding for 32-bit processes.

Handle 64-bit system call arguments (off_t, id_t).

In particular, 64-bit system call arguments use up two register_t
arguments for 32-bit processes. They must also be aligned on a 64-bit
boundary on 32-bit powerpc processes. This fixes the decoding of
lseek(), procctl(), and wait6() arguments for 32-bit processes (both
native and via freebsd32).

Note that the ktrace system call return record only returns a single
register, so the return value of lseek is always truncated to the low
32-bits for 32-bit processes.

Remove unused prototypes.

Sponsored by: The FreeBSD Foundation
MFC after: 1 week

Trace timeval parameters to the getitimer(2) and setitimer(2) syscalls.

Reviewed by: jhb
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D7158

Fix humanized decoding of struct stat with respect to .st_mtim

st_mtim was being incorrectly described as "stime=", not "mtime=". This was
introduced with the original feature commit (r176471).

MFC after: 1 week
PR: 209699
Submitted by: naddy
Sponsored by: EMC / Isilon Storage Division

Use != 0 to be clear

Allow -f - to read from stdin.

Print the fchmodat mode in human readable fashion

MFC after: 1 week

Fix reporting of the CloudABI ABI in kdump.

- Advertise the word size for CloudABI ABIs via the SV_LP64 flag. All of
the other ABIs include either SV_ILP32 or SV_LP64.
- Fix kdump to not assume a 32-bit ABI if the ABI flags field is non-zero
but SV_LP64 isn't set. Instead, only assume a 32-bit ABI if SV_ILP32 is
set and fallback to the unknown value of "00" if neither SV_LP64 nor
SV_ILP32 is set.

Reviewed by: kib, ed
Differential Revision: https://reviews.freebsd.org/D5560

Convert casperd(8) daemon to the libcasper.
After calling the cap_init(3) function Casper will fork from it's original
process, using pdfork(2). Forking from a process has a lot of advantages:
1. We have the same cwd as the original process.
2. The same uid, gid and groups.
3. The same MAC labels.
4. The same descriptor table.
5. The same routing table.
6. The same umask.
7. The same cpuset(1).
From now services are also in form of libraries.
We also removed libcapsicum at all and converts existing program using Casper
to new architecture.

Discussed with: pjd, jonathan, ed, drysdale@google.com, emaste
Partially reviewed by: drysdale@google.com, bdrewery
Approved by: pjd (mentor)
Differential Revision: https://reviews.freebsd.org/D4277

Add simple support for CloudABI processes to kdump(1).

This does not decode arguments to system calls but should properly
decode system call names and error return values.

Reviewed by: ed
Differential Revision: https://reviews.freebsd.org/D5412

Add handling for non-native error values to libsysdecode.

Add two new functions, sysdecode_abi_to_freebsd_errno() and
sysdecode_freebsd_to_abi_errno(), which convert errno values between
the native FreeBSD ABI and other supported ABIs. Note that the
mappings are not necessarily perfect meaning in some cases multiple
errors in one ABI might map to a single error in another ABI. In that
case, the reverse mapping will return one of the errors that maps, but
which error is non-deterministic.

Change truss to always report the raw error value to the user but
use libsysdecode to map it to a native errno value that can be used
with strerror() to generate a description. Previously truss reported
the "converted" error value. Now the user will always see the exact
error value that the application sees.

Change kdump to report the truly raw error value to the user. Previously
kdump would report the absolute value of the raw error value (so for
Linux binaries it didn't output the FreeBSD error value, but the positive
value of the Linux error). Now it reports the real (i.e. negative) error
value for Linux binaries. Also, use libsysdecode to convert the native
FreeBSD error reported in the ktrace record to the raw error used by the
ABI. This means that the Linux ABI can now be handled directly in
ktrsysret() and removes the need for linux_ktrsysret().

Reviewed by: bdrewery, kib
Helpful notes: wblock (manpage)
Differential Revision: https://reviews.freebsd.org/D5314

Add a SYSDECODE_ABI_ prefix to the ABI enums to avoid potential collisions.

Suggested by: jmallett
Reviewed by: bdrewery, jmallett
Differential Revision: https://reviews.freebsd.org/D5123

Add support to libsysdecode for decoding system call names.

A new sysdecode_syscallname() function accepts a system call code and
returns a string of the corresponding name (or NULL if the code is
unknown). To support different process ABIs, the new function accepts a
value from a new sysdecode_abi enum as its first argument to select the
ABI in use. Current ABIs supported include FREEBSD (native binaries),
FREEBSD32, LINUX, LINUX32, and CLOUDABI64. Note that not all ABIs are
supported by all platforms. In general, a given ABI is only supported
if a platform can execute binaries for that ABI.

To simplify the implementation, libsysdecode's build reuses the
existing pre-generated files from the kernel source tree rather than
duplicating new copies of said files during the build.

kdump(1) and truss(1) now use these functions to map system call
identifiers to names. For kdump(1), a new 'syscallname()' function
consolidates duplicated code from ktrsyscall() and ktrsyscallret().
The Linux ABI no longer requires custom handling for ktrsyscall() and
linux_ktrsyscall() has been removed as a result.

Reviewed by: bdrewery
Differential Revision: https://reviews.freebsd.org/D4823

Move the mkioctls script to libsysdecode and use it to generate a
sysdecode_ioctlname() function. This function matches the behavior
of the truss variant in that it returns a pointer to a string description
for known ioctls. The caller is responsible for displaying unknown
ioctl requests. For kdump this meant moving the logic to handle unknown
ioctl requests out of the generated function and into an ioctlname()
function in kdump.c instead.

Differential Revision: https://reviews.freebsd.org/D4610

Start on a new library (libsysdecode) that provides routines for decoding
system call information such as system call arguments. Initially this
will consist of pulling duplicated code out of truss and kdump though it
may prove useful for other utilities in the future.

This commit moves the shared utrace(2) record parser out of kdump into
the library and updates kdump and truss to use it. One difference from
the previous version is that the library version treats unknown events
that start with the "RTLD" signature as unknown events. This simplifies
the interface and allows the consumer to decide how to handle all
non-recognized events. Instead, this function only generates a string
description for known malloc() and RTLD records.

Reviewed by: bdrewery
Differential Revision: https://reviews.freebsd.org/D4537

truss: Add support for utrace(2).

This uses the kdump(1) utrace support code directly until a common library
is created.

This allows malloc(3) tracing with MALLOC_CONF=utrace:true and rtld tracing
with LD_UTRACE=1. Unknown utrace(2) data is just printed as hex.

PR: 43819 [inspired by]
Reviewed by: jhb
MFC after: 2 weeks
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D3819

Let the nv.h and dnv.h includes be only in sys directory.

Change consumers to include those files from sys.
Add duplicated files to ObsoleteFiles.

Approved by: pjd (mentor)

Teach kdump to understand both linux emulation.

Differential Revision: https://reviews.freebsd.org/D1079
Reviewed by: emaste

Remove "capability mode sandbox enabled" messages.

These messages serve little purpose and break some consumers.

PR: 199855
Differential Revision: https://reviews.freebsd.org/D2440
Reviewed by: rwatson
Approved by: pjd
MFC after: 1 week
Sponsored by: DARPA, AFRL

o Properly init prevtime, so that we don't print bogus value in the
first entry reported by the relative mode (-R).

o Properly print negative offsets, which I guess may happen if
records get re-ordered somehow, possibly due to the locking. Right
now we report huge bogus diff (i.e. 2 seconds or so).

kdump: sendfile(2) "flags" argument needs casting on 64-bit platforms.

MFC after: 1 week
Sponsored by: Nginx, Inc.

Allow tracing dlfunc() / dlsym() events.

MFC after: 1 week

Add futimens and utimensat system calls.

The core kernel part is patch file utimes.2008.4.diff from
pluknet@FreeBSD.org. I updated the code for API changes, added the manual
page and added compatibility code for old kernels. There is also audit and
Capsicum support.

A new UTIME_* constant might allow setting birthtimes in future.

Differential Revision: https://reviews.freebsd.org/D1426
Submitted by: pluknet (partially)
Reviewed by: delphij, pluknet, rwatson
Relnotes: yes

kdump: eliminate new clang warnings.

MFC after: 1 week

Decode the arguments passed to _umtx_op(). In particular, decode the
opcode.

MFC after: 1 week
Sponsored by: Norse

Fix most of the warnings in kdump(1).

Sponsored by: Norse

Add kdump support for shm_open().

MFC after: 1 week

Add `-S' to display syscall numbers in the output as well.

This is useful for debugging compat modules.

Sponsored by: EMC / Isilon Storage Division
Obtained from: Isilon OneFS (based on work by Jeff Hughes)
MFC after: 2 weeks

Make `-R', `-T' and `-E' options mutially non-exclusive. It is often
useful to see two or three types at the same time when inspecting the
dump.

MFC after: 1 month
Sponsored by: Sippy Software, Inc.

Update most userspace consumers of capability.h to use capsicum.h instead.

auditdistd is not updated as I will make the change upstream and then do a
vendor import sometime in the next week or two.

MFC after: 3 weeks

Remove AppleTalk support.

AppleTalk was a network transport protocol for Apple Macintosh devices
in 80s and then 90s. Starting with Mac OS X in 2000 the AppleTalk was
a legacy protocol and primary networking protocol is TCP/IP. The last
Mac OS X release to support AppleTalk happened in 2009. The same year
routing equipment vendors (namely Cisco) end their support.

Thus, AppleTalk won't be supported in FreeBSD 11.0-RELEASE.

Remove IPX support.

IPX was a network transport protocol in Novell's NetWare network operating
system from late 80s and then 90s. The NetWare itself switched to TCP/IP
as default transport in 1998. Later, in this century the Novell Open
Enterprise Server became successor of Novell NetWare. The last release
that claimed to still support IPX was OES 2 in 2007. Routing equipment
vendors (e.g. Cisco) discontinued support for IPX in 2011.

Thus, IPX won't be supported in FreeBSD 11.0-RELEASE.

Capability rights are held by descriptors, not processes.

Reported by: jonathan

If we cannot connect to casperd we don't enter sandbox, but if we can connect
to casperd, but we cannot access the service we need we exit with an error.
This should not happen and just indicates some configuration error which
should be fixed, so we force the user to do it by failing.

Discussed with: emaste

Make use of Casper's system.pwd and system.grp services when the -r option
is given to convert uids and gids to user names and group names even when
running in capability mode sandbox.

While here log on stderr when we successfully enter the sandbox.

Sponsored by: The FreeBSD Foundation

When displaying a struct stat, if the -r option was not specified,
display the numeric rather than symbolic representation of st_mode.

Approved by: re (glebius)
MFC after: 1 week

Extend the support for exempting processes from being killed when swap is
exhausted.
- Add a new protect(1) command that can be used to set or revoke protection
from arbitrary processes. Similar to ktrace it can apply a change to all
existing descendants of a process as well as future descendants.
- Add a new procctl(2) system call that provides a generic interface for
control operations on processes (as opposed to the debugger-specific
operations provided by ptrace(2)). procctl(2) uses a combination of
idtype_t and an id to identify the set of processes on which to operate
similar to wait6().
- Add a PROC_SPROTECT control operation to manage the protection status
of a set of processes. MADV_PROTECT still works for backwards
compatability.
- Add a p_flag2 to struct proc (and a corresponding ki_flag2 to kinfo_proc)
the first bit of which is used to track if P_PROTECT should be inherited
by new child processes.

Reviewed by: kib, jilles (earlier version)
Approved by: re (delphij)
MFC after: 1 month

- Decode the idtype argument passed to wait6() in kdump and truss.
- Don't treat an options argument of 0 to wait4() as an error in
kdump.
- Decode the wait options passed to wait4() and wait6() in truss
and decode the returned rusage and exit status.

Approved by: re (kib)
MFC after: 1 week

Change the cap_rights_t type from uint64_t to a structure that we can extend
in the future in a backward compatible (API and ABI) way.

The cap_rights_t represents capability rights. We used to use one bit to
represent one right, but we are running out of spare bits. Currently the new
structure provides place for 114 rights (so 50 more than the previous
cap_rights_t), but it is possible to grow the structure to hold at least 285
rights, although we can make it even larger if 285 rights won't be enough.

The structure definition looks like this:

struct cap_rights {
uint64_t cr_rights[CAP_RIGHTS_VERSION + 2];
};

The initial CAP_RIGHTS_VERSION is 0.

The top two bits in the first element of the cr_rights[] array contain total
number of elements in the array - 2. This means if those two bits are equal to
0, we have 2 array elements.

The top two bits in all remaining array elements should be 0.
The next five bits in all array elements contain array index. Only one bit is
used and bit position in this five-bits range defines array index. This means
there can be at most five array elements in the future.

To define new right the CAPRIGHT() macro must be used. The macro takes two
arguments - an array index and a bit to set, eg.

#define CAP_PDKILL CAPRIGHT(1, 0x0000000000000800ULL)

We still support aliases that combine few rights, but the rights have to belong
to the same array element, eg:

#define CAP_LOOKUP CAPRIGHT(0, 0x0000000000000400ULL)
#define CAP_FCHMOD CAPRIGHT(0, 0x0000000000002000ULL)

#define CAP_FCHMODAT (CAP_FCHMOD | CAP_LOOKUP)

There is new API to manage the new cap_rights_t structure:

cap_rights_t *cap_rights_init(cap_rights_t *rights, ...);
void cap_rights_set(cap_rights_t *rights, ...);
void cap_rights_clear(cap_rights_t *rights, ...);
bool cap_rights_is_set(const cap_rights_t *rights, ...);

bool cap_rights_is_valid(const cap_rights_t *rights);
void cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src);
void cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src);
bool cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little);

Capability rights to the cap_rights_init(), cap_rights_set(),
cap_rights_clear() and cap_rights_is_set() functions are provided by
separating them with commas, eg:

cap_rights_t rights;

cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_FSTAT);

There is no need to terminate the list of rights, as those functions are
actually macros that take care of the termination, eg:

#define cap_rights_set(rights, ...) \
__cap_rights_set((rights), __VA_ARGS__, 0ULL)
void __cap_rights_set(cap_rights_t *rights, ...);

Thanks to using one bit as an array index we can assert in those functions that
there are no two rights belonging to different array elements provided
together. For example this is illegal and will be detected, because CAP_LOOKUP
belongs to element 0 and CAP_PDKILL to element 1:

cap_rights_init(&rights, CAP_LOOKUP | CAP_PDKILL);

Providing several rights that belongs to the same array's element this way is
correct, but is not advised. It should only be used for aliases definition.

This commit also breaks compatibility with some existing Capsicum system calls,
but I see no other way to do that. This should be fine as Capsicum is still
experimental and this change is not going to 9.x.

Sponsored by: The FreeBSD Foundation

kdump: Decode SOCK_CLOEXEC and SOCK_NONBLOCK in socket() and socketpair().

kdump: Decode AT_FDCWD in first argument of bindat() and connectat().

kdump: Improve decoding of various *at calls:

* Write AT_FDCWD where appropriate.
* Decode the remaining arguments of openat() etc like open() etc.

- Make localtime(3) to work in sandbox.
- Move strerror(3) initialization to its own function.

- Trim an unused and bogus Makefile for mount_smbfs.
- Reconnect with some minor modifications, in particular now selsocket()
internals are adapted to use sbintime units after recent'ish calloutng
switch.

Use getnameinfo(3) instead of inet_ntop(3) to make printable versions of
sockaddr_in6 structures. getnameinfo(3) does the same thing, but it is
also able to represent a scope zone id as described in the RFC 4007.

MFC after: 2 weeks

If the -r option is given we cannot enter capability mode.
The option tells kdump to convert numeric UIDs and GIDs into user and
group names plus to convert times and dates into locallized versions.
This all needs opening various files at various occasions.

MFp4 @229086:

Make use of Capsicum to protect kdump(1), as it might be used to parse data
from untrusted sources:

- Sandbox kdump(1) using capability mode.
- Limit stdin descriptor (where opened file is moved to) to only
CAP_READ and CAP_FSTAT rights.
- Limit stdout descriptor to only CAP_WRITE, CAP_FSTAT and CAP_IOCTL.
Plus limit allowed ioctls to TIOCGETA only, which is needed for
isatty() to work.
- Limit stderr descriptor to only CAP_WRITE and CAP_FSTAT. In addition
if the -s option is not given, grant CAP_IOCTL right, but allow for
TIOCGWINSZ ioctl only, as we need screen width to dump the data.
- Before entering capability mode call catopen("libc", NL_CAT_LOCALE),
which opens message catalogs and caches data, so that strerror(3)
and strsignal(3) can work in a sandbox.

Sponsored by: The FreeBSD Foundation
Discussed with: rwatson

MFp4 @229085:

Rearrange the code so we don't call ioctl(TIOCGWINSZ) if the -s option is given,
as the result won't be used then.

Sponsored by: The FreeBSD Foundation

Merge Capsicum overhaul:

- Capability is no longer separate descriptor type. Now every descriptor
has set of its own capability rights.

- The cap_new(2) system call is left, but it is no longer documented and
should not be used in new code.

- The new syscall cap_rights_limit(2) should be used instead of
cap_new(2), which limits capability rights of the given descriptor
without creating a new one.

- The cap_getrights(2) syscall is renamed to cap_rights_get(2).

- If CAP_IOCTL capability right is present we can further reduce allowed
ioctls list with the new cap_ioctls_limit(2) syscall. List of allowed
ioctls can be retrived with cap_ioctls_get(2) syscall.

- If CAP_FCNTL capability right is present we can further reduce fcntls
that can be used with the new cap_fcntls_limit(2) syscall and retrive
them with cap_fcntls_get(2).

- To support ioctl and fcntl white-listing the filedesc structure was
heavly modified.

- The audit subsystem, kdump and procstat tools were updated to
recognize new syscalls.

- Capability rights were revised and eventhough I tried hard to provide
backward API and ABI compatibility there are some incompatible changes
that are described in detail below:

CAP_CREATE old behaviour:
- Allow for openat(2)+O_CREAT.
- Allow for linkat(2).
- Allow for symlinkat(2).
CAP_CREATE new behaviour:
- Allow for openat(2)+O_CREAT.

Added CAP_LINKAT:
- Allow for linkat(2). ABI: Reuses CAP_RMDIR bit.
- Allow to be target for renameat(2).

Added CAP_SYMLINKAT:
- Allow for symlinkat(2).

Removed CAP_DELETE. Old behaviour:
- Allow for unlinkat(2) when removing non-directory object.
- Allow to be source for renameat(2).

Removed CAP_RMDIR. Old behaviour:
- Allow for unlinkat(2) when removing directory.

Added CAP_RENAMEAT:
- Required for source directory for the renameat(2) syscall.

Added CAP_UNLINKAT (effectively it replaces CAP_DELETE and CAP_RMDIR):
- Allow for unlinkat(2) on any object.
- Required if target of renameat(2) exists and will be removed by this
call.

Removed CAP_MAPEXEC.

CAP_MMAP old behaviour:
- Allow for mmap(2) with any combination of PROT_NONE, PROT_READ and
PROT_WRITE.
CAP_MMAP new behaviour:
- Allow for mmap(2)+PROT_NONE.

Added CAP_MMAP_R:
- Allow for mmap(PROT_READ).
Added CAP_MMAP_W:
- Allow for mmap(PROT_WRITE).
Added CAP_MMAP_X:
- Allow for mmap(PROT_EXEC).
Added CAP_MMAP_RW:
- Allow for mmap(PROT_READ | PROT_WRITE).
Added CAP_MMAP_RX:
- Allow for mmap(PROT_READ | PROT_EXEC).
Added CAP_MMAP_WX:
- Allow for mmap(PROT_WRITE | PROT_EXEC).
Added CAP_MMAP_RWX:
- Allow for mmap(PROT_READ | PROT_WRITE | PROT_EXEC).

Renamed CAP_MKDIR to CAP_MKDIRAT.
Renamed CAP_MKFIFO to CAP_MKFIFOAT.
Renamed CAP_MKNODE to CAP_MKNODEAT.

CAP_READ old behaviour:
- Allow pread(2).
- Disallow read(2), readv(2) (if there is no CAP_SEEK).
CAP_READ new behaviour:
- Allow read(2), readv(2).
- Disallow pread(2) (CAP_SEEK was also required).

CAP_WRITE old behaviour:
- Allow pwrite(2).
- Disallow write(2), writev(2) (if there is no CAP_SEEK).
CAP_WRITE new behaviour:
- Allow write(2), writev(2).
- Disallow pwrite(2) (CAP_SEEK was also required).

Added convinient defines:

#define CAP_PREAD (CAP_SEEK | CAP_READ)
#define CAP_PWRITE (CAP_SEEK | CAP_WRITE)
#define CAP_MMAP_R (CAP_MMAP | CAP_SEEK | CAP_READ)
#define CAP_MMAP_W (CAP_MMAP | CAP_SEEK | CAP_WRITE)
#define CAP_MMAP_X (CAP_MMAP | CAP_SEEK | 0x0000000000000008ULL)
#define CAP_MMAP_RW (CAP_MMAP_R | CAP_MMAP_W)
#define CAP_MMAP_RX (CAP_MMAP_R | CAP_MMAP_X)
#define CAP_MMAP_WX (CAP_MMAP_W | CAP_MMAP_X)
#define CAP_MMAP_RWX (CAP_MMAP_R | CAP_MMAP_W | CAP_MMAP_X)
#define CAP_RECV CAP_READ
#define CAP_SEND CAP_WRITE

#define CAP_SOCK_CLIENT \
(CAP_CONNECT | CAP_GETPEERNAME | CAP_GETSOCKNAME | CAP_GETSOCKOPT | \
CAP_PEELOFF | CAP_RECV | CAP_SEND | CAP_SETSOCKOPT | CAP_SHUTDOWN)
#define CAP_SOCK_SERVER \
(CAP_ACCEPT | CAP_BIND | CAP_GETPEERNAME | CAP_GETSOCKNAME | \
CAP_GETSOCKOPT | CAP_LISTEN | CAP_PEELOFF | CAP_RECV | CAP_SEND | \
CAP_SETSOCKOPT | CAP_SHUTDOWN)

Added defines for backward API compatibility:

#define CAP_MAPEXEC CAP_MMAP_X
#define CAP_DELETE CAP_UNLINKAT
#define CAP_MKDIR CAP_MKDIRAT
#define CAP_RMDIR CAP_UNLINKAT
#define CAP_MKFIFO CAP_MKFIFOAT
#define CAP_MKNOD CAP_MKNODAT
#define CAP_SOCK_ALL (CAP_SOCK_CLIENT | CAP_SOCK_SERVER)

Sponsored by: The FreeBSD Foundation
Reviewed by: Christoph Mallon <christoph.mallon@gmx.de>
Many aspects discussed with: rwatson, benl, jonathan
ABI compatibility discussed with: kib

- Make actually printing path of AF_LOCAL socket types.

MFC after: 1 week

- Use correct size of copying different socket structures.

MFC after: 1 week

Disconnect non-MPSAFE SMBFS from the build in preparation for dropping
GIANT from VFS. In addition, disconnect also netsmb, which is a base
requirement for SMBFS.

In the while SMBFS regular users can use FUSE interface and smbnetfs
port to work with their SMBFS partitions.

Also, there are ongoing efforts by vendor to support in-kernel smbfs,
so there are good chances that it will get relinked once properly locked.

This is not targeted for MFC.

kdump: Pretty-print signal codes.

MFC after: 1 week

Allow the -p argument to kdump to accept either a PID or a thread ID.

Submitted by: Dmitry Banschikov d.banschikov hostcomm ru
MFC after: 1 week

Include the associated wait channel message for context switch ktrace
records. kdump supports both the old and new messages.

Submitted by: Andrey Zonov andrey zonov org
MFC after: 1 week

Add new ktrace records for the start and end of VM faults. This gives
a pair of records similar to syscall entry and return that a user can
use to determine how long page faults take. The new ktrace records are
enabled via the 'p' trace type, and are enabled in the default set of
trace points.

Reviewed by: kib
MFC after: 2 weeks

Fix style in previous commit.

Submitted by: bde

Pretty-print the advice constants passed to posix_fadvise(2).

MFC after: 2 weeks

Fix copy-pasto in CAPFAIL_INCREASE case.

Noticed by: pjd

Revisit the capability failure trace points. The initial implementation
only logged instances where an operation on a file descriptor required
capabilities which the file descriptor did not have. By adding a type enum
to struct ktr_cap_fail, we can catch other types of capability failures as
well, such as disallowed system calls or attempts to wrap a file descriptor
with more capabilities than it had to begin with.

Make kdump compile cleanly at WARNS level 6, with one exception: the
ipfilter headers contain a duplicated function declaration. Turn off
-Werror to allow kdump to compile in spite of this.

It would be neat to be able to turn off -Werror on a file-by-file basis...

PR: bin/161478
Submitted by: Garrett Cooper <yanegomi@gmail.com>

Add a new trace point, KTRFAC_CAPFAIL, which traces capability check
failures. It is included in the default set for ktrace(1) and kdump(1).

The previous commit did not fix the issue since it did not prevent sign
extension. Cast to u_register_t first, then to uintmax_t.

Submitted by: bde@

Cast to unsigned for %#jx.

Noticed by: jh@

Address some of bde@'s concerns with the new code.

Teach kdump(1) to decode capability bitmasks.

MFC after: 3 weeks

Bring ioctlname() in line with all the other *name() functions, which
actually print the name (or the numeric value, if they can't figure out
the correct name) instead of just returning a pointer to it. Also, since
ioctl numbers are not and probably never will be unique, drop support for
using a switch statement instead of an if/else chain.

I appreciate the logic behind using a (void) cast to indicate that the
return value is intentionally ignored, but frankly, all it does is
get in the way of the code.

Also fix a few other incorrect casts, such as (void *)malloc(foo) and
passing signed values to %x.

Fix casting.

Whitespace.

C has had swicth statements for 40 years or so. It's about time we
started using them.

1) Some of the #defines or enums for which we auto-generate naming
functions may be wider than int, so use intmax_t throughout. Also
add missing casts in printf() calls.

2) Clean up some of the auto-generated code to improve readability.

3) Auto-generate kdump_subr.h. Note that this requires a semi-ugly hack
in the Makefile to make sure it is generated before make(1) tries to
build kdump.c, or preprocess it for 'make depend'.

MFC after: 3 weeks

kdump: Show code for signals where the default action was taken.

This information is available as of kernel r220740. Trace files from older
kernels will always have 0.

MFC after: 1 week

Teach kdump to decode linux syscalls names too.

Fix bug introduced in my previous commit: the kernel always dump native
signal numbers, so no need to check the ABI in ktrpsig().

Suggested by: jhb
MFC after: 1 Month.

Teach kdump to understand sv_flags records in the trace files.

MFC after: 1 Month.

Remove the advertising clause from UCB copyrighted files in usr.bin. This
is in accordance with the information provided at
ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change

Also add $FreeBSD$ to a few files to keep svn happy.

Discussed with: imp, rwatson

A new jail(8) with a configuration file, to replace the work currently done
by /etc/rc.d/jail.

Change all our own code to use st_*tim instead of st_*timespec.

Also remove some local patches to diff(1) which are now unneeded.

Create the altix project branch. The altix project will add support
for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting
is a two-module system, consisting of a base compute module and a
CPU expansion module. SGI's NUMAFlex architecture can be an excellent
platform to test CPU affinity and NUMA-aware features in FreeBSD.

MFC r203551:

- Cast intptr_t, pid_t and time_t values to intmax_t and use %jd with
printf.
- Cast the system call return value to long and use %ld in a printf in
ktrsysret().

PR: bin/123774

The kdump data stream is an unaligned data stream for stat and
sockaddr structures. As such, we have top copy the data structure
into a local buffer before we can reference it, otherwise we have
unaligned references (these are fixed up automatically on some CPUs,
but not on others). We do this unconditionally to make the code
easier to read and understand.

Submitted by: Grzegorz Bernacki

- Cast intptr_t, pid_t and time_t values to intmax_t and use %jd with
printf.
- Cast the system call return value to long and use %ld in a printf in
ktrsysret().

PR: bin/123774
MFC after: 2 weeks

MFC r199024:
Use a safety belt for cases where corrupted narg can be passed to the
ktrsyscall().

Update malloc utrace structure parsing to reflect the change (r199265)
in how malloc_init is logged from (0, 0, 0) to (-1, 0, 0).

While we're here, simplify the logic.

Reviewed by: jhb (earlier version)

Use a safety belt for cases where corrupted narg can be passed to the
ktrsyscall(). print_number() does decrement the number of arguments,
leading to infinite loops for negative values.

Reported by: Patrick Lamaiziere <patpr at davenulle dot org>,
Jonathan Pascal <jkpyvxmzsa at mailinator dot com>
Submitted by: jh
PR: bin/120055, kern/119564
MFC: 1 week

Add two missing include files and prototype for sockfamilyname()
which is generated by mksubr.

Add a new type of KTRACE record for sysctl(3) invocations. It uses the
internal sysctl_sysctl_name() handler to map the MIB array to a string
name and logs this name in the trace log. This can be useful to see
exactly which sysctls a thread is invoking.

MFC after: 1 month

- Import the HEAD csup code which is the basis for the cvsmode work.

Remove netatm from HEAD as it is not MPSAFE and relies on the now removed
NET_NEEDS_GIANT. netatm has been disconnected from the build for ten
months in HEAD/RELENG_7. Specifics:

- netatm include files
- netatm command line management tools
- libatm
- ATM parts in rescue and sysinstall
- sample configuration files and documents
- kernel support as a module or in NOTES
- netgraph wrapper nodes for netatm
- ctags data for netatm.
- netatm-specific device drivers.

MFC after: 3 weeks
Reviewed by: bz
Discussed with: bms, bz, harti

Spell -t option's argument by name.

- Remove ksethrcmdname.

This patch adds a new ktrace(2) record type, KTR_STRUCT, whose payload
consists of the null-terminated name and the contents of any structure
you wish to record. A new ktrstruct() function constructs and emits a
KTR_STRUCT record. It is accompanied by convenience macros for struct
stat and struct sockaddr.

In kdump(1), KTR_STRUCT records are handled by a dispatcher function
that runs stringent sanity checks on its contents before handing it
over to individual decoding funtions for each type of structure.
Currently supported structures are struct stat and struct sockaddr for
the AF_INET, AF_INET6 and AF_UNIX families; support for AF_APPLETALK
and AF_IPX is present but disabled, as I am unable to test it properly.

Since 's' was already taken, the letter 't' is used by ktrace(1) to
enable KTR_STRUCT trace points, and in kdump(1) to enable their
decoding.

Derived from patches by Andrew Li <andrew2.li@citi.com>.

PR: kern/117836
MFC after: 3 weeks

Only use sockoptname() to parse socket option names for SOL_SOCKET
requests.

MFC after: 3 days
Reported by: Michiel Boland michiel boland.org

Add several missing comma's in the fancy syscall parsing case before
some arguments that are parsed (e.g., semctl command names).

MFC after: 3 days

Fix alignment of context switch traces.

MFC after: 1 week
Approved by: re (rwatson: "I like simple patches.")

kdump has knowledge of lseek() and mmap() arg decoding. Teach it about
the new mmap and lseek syscalls.

Approved by: re (kensmith)

Remove static ptrace_ops array and extract ptrace op names from
sys/ptrace.h with mksubr.

Add various utrace's for use with ktrace to the ELF runtime linker. To
activate the traces, set the LD_UTRACE (or LD_32_UTRACE) environment
variable. This also includes code in kdump(8) to parse the traces.

Reviewed by: kan, jdp
MFC after: 2 weeks

Add code to parse the utrace(2) entries generated by malloc(3) in a more
human-readable format. Note that we report 'realloc(p, 0)' as 'free(p)'
since both cases are encoded the same way and 'free()' is more common
than a realloc() to 0.

MFC after: 1 week

Add sockipprotoname() function. Decode the third parameter (protocol)
of a socket() call with sockipprotoname() if the first parameter (domain)
is PF_INET or PF_INET6.

Old parsing behavior before this change:
ping6 CALL socket(PF_INET6,SOCK_RAW,0x3a)

New behavior after this change:
ping6 CALL socket(PF_INET6,SOCK_RAW,IPPROTO_ICMPV6)

o Fix some printf(3) format nits in my patch I submitted to kib@.

Submitted by: ru

Check that the signal number is in range.

Submitted by: maxim
MFC after: 1 week
Approved by: pjd (mentor)

Change kdump to print more useful information, i.e. it changes from
32229 telnet CALL mmap(0,0x8000,0x3,0x1002,0xffffffff,0,0,0)
32229 telnet CALL open(0x2807bc28,0,0x1b6)
32229 telnet CALL socket(0x2,0x2,0)
to
32229 telnet CALL mmap(0,0x8000,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,0xffffffff,0,0,0)
32229 telnet CALL open(0x2807bc28,O_RDONLY,<unused>0x1b6)
32229 telnet CALL socket(PF_INET,SOCK_DGRAM,0)

David wanted to implement the suggestions which came up at the review from
arch@ too, but real life rejected this proposal. So I commit what we already
got and let another volunteer pick the remaining work from the ideas list.

Submitted by: "David Kirchner" <dpk@dpk.net>
Suggested by: FreeBSD ideas list page
Reviewed by: arch

Add "-s" argument to kdump to suppress the display of I/O data.

MFC after: 1 week

Add a "-H" argument to kdump, which causes kdump to print an additional
field holding the threadid. This is more useful for libthr than
libpthread, but still quite useful in libpthread as it can be used to
process interlaced records from multiple threads over the course of a
system call.

Detect old ktr_buffer values using the heuristic "if it's negative,
then it must not be a valid threadid". This may leave something to be
desired.

MFC after: 1 month
Reviewed by: davidxu

Place a function prototype correctly.

Submitted by: Divacky Roman

Respect decimal flag when dumping USER type records.

First pass at attempted debrucification:
- sort the -E switch into the right place.
- add previously missing -p pid in usage (from the last few commits).
- add -E to usage.
- consistently use trfile in the man page.

I knew I shouldn't have touched the man page. If I commit to a man page,
it just makes people suspicious. :-)

Add a -E (elapsed time) flag to kdump. This is like -T, except it is
relative to start of the dump.

Approved by: re (scottl)

Two enhancements for kdump.
1) add a "-p pid", which is rather useful for selecting a single pid in
a combined trace file (eg: with ktrace -i).
2) display binary genio data in a more precise format.

Add a default case that just outputs a new line for the case of an
unknown header type.

Teach kdump(8) to handle events marked with KTR_DROP. If a record has
KTR_DROP set in its header, then we output an extra line to stdout to
indicate that events were dropped between the previous record and this
record. It is a bit trickier because we need to always notify the user
if events are dropped even if KTR_DROP is set on a record of a type that
we aren't interested in since kdump(8) doesn't know if the dropped events
were of the types that the user has requested. To avoid outputting
multiple events dropped notices in between actual event logs, a state
variable is set whenever a drop is logged and cleared whenever an actual
record is output.

Requested by: phk

Improve WARNS situation for kdump:

1) Define _KERNEL while including sys/time.h to get some function prototypes.
2) Add prototypes and ANSIify definitions.
3) Constness changes.
4) Remove register keyword.
5) Actually return a sensible value from main.
6) Make fread_tail take a void * instead of a char *.
7) Avoid a signedness warning by casting to a size_t. Should be safe
enough 'cos we also check for nonnegativity.
8) Be extra chummy with sigset_t rather than passing a struct to printf
and pretending it is an int.

Consistently use FBSDID

Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL"
is an application space macro and the applications are supposed to be free
to use it as they please (but cannot). This is consistant with the other
BSD's who made this change quite some time ago. More commits to come.

$Id$ -> $FreeBSD$

Decode new ptrace requests PT_GETDBREGS and PT_SETDBREGS.

Decode all currently supported values of the ptrace `request' arg.

Syscall arguments are now properly aligned. Print them, and syscall return
values, as longs, instead of int.

FIx the output of long command names.

PR: bin/10027
Submitted by: Arne Henrik Juul <arnej@math.ntnu.no>

Use err(3). Correct incomplete man page.

Finish importing Lite2's src/usr.bin, except for ex, diff, grep, mail,
pascal and vmstat.sparc. All changed files on the vendor branch should
already have been imported.

Spelling correction (`1 bytes' is now printed `1 byte')
PR: bin/3376
Submitted by: me

compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.

Fix arg parsing. kdump used to allow a single argument, which it
silently ignored.

Remove length field from utrace entries.

For now we just hexdump the stuff in USER records.

Add setlocale LC_CTYPE

Remove trailing whitespace.

Absolute path to /sys again...

move #include of <sys/errno.h> so that #defining KERNEL actually has an effect,
and then also add a declaration of ernno as an extern int, because we
lose that due to having KERNEL defined while we include errno.h.
Reviewed by: Geoff.

BSD 4.4 Lite Usr.bin Sources