1/*- 2 * Copyright (c) 2007 Robert N. M. Watson 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27/*- 28 * Kernel text-dump support: write a series of text files to the dump 29 * partition for later recovery, including captured DDB output, kernel 30 * configuration, message buffer, and panic message. This allows for a more 31 * compact representation of critical debugging information than traditional 32 * binary dumps, as well as allowing dump information to be used without 33 * access to kernel symbols, source code, etc. 34 * 35 * Storage Layout 36 * -------------- 37 * 38 * Crash dumps are aligned to the end of the dump or swap partition in order 39 * to minimize the chances of swap duing fsck eating into the dump. However, 40 * unlike a memory dump, we don't know the size of the textdump a priori, so 41 * can't just write it out sequentially in order from a known starting point 42 * calculated with respect to the end of the partition. In order to address 43 * this, we actually write out the textdump in reverse block order, allowing 44 * us to directly align it to the end of the partition and then write out the 45 * dump header and trailer before and after it once done. savecore(8) must 46 * know to reverse the order of the blocks in order to produce a readable 47 * file. 48 * 49 * Data is written out in the ustar file format so that we can write data 50 * incrementally as a stream without reference to previous files. 51 * 52 * TODO 53 * ---- 54 * 55 * - Allow subsytems to register to submit files for inclusion in the text 56 * dump in a generic way. 57 */ 58 59#include <sys/cdefs.h> 60__FBSDID("$FreeBSD$"); 61 62#include "opt_config.h" 63 64#include "opt_ddb.h" 65 66#include <sys/param.h> 67#include <sys/conf.h> 68#include <sys/kernel.h> 69#include <sys/kerneldump.h> 70#include <sys/msgbuf.h> 71#include <sys/sysctl.h> 72#include <sys/systm.h> 73 74#include <ddb/ddb.h> 75#include <ddb/db_lex.h> 76 77static SYSCTL_NODE(_debug_ddb, OID_AUTO, textdump, CTLFLAG_RW, 0, 78 "DDB textdump options"); 79 80/* 81 * Don't touch the first SIZEOF_METADATA bytes on the dump device. This is 82 * to protect us from metadata and metadata from us. 83 */ 84#define SIZEOF_METADATA (64*1024) 85 86/* 87 * Data is written out as a series of files in the ustar tar format. ustar 88 * is a simple streamed format consiting of a series of files prefixed with 89 * headers, and all padded to 512-byte block boundaries, which maps 90 * conveniently to our requirements. 91 */ 92struct ustar_header { 93 char uh_filename[100]; 94 char uh_mode[8]; 95 char uh_tar_owner[8]; 96 char uh_tar_group[8]; 97 char uh_size[12]; 98 char uh_mtime[12]; 99 char uh_sum[8]; 100 char uh_type; 101 char uh_linkfile[100]; 102 char uh_ustar[6]; 103 char uh_version[2]; 104 char uh_owner[32]; 105 char uh_group[32]; 106 char uh_major[8]; 107 char uh_minor[8]; 108 char uh_filenameprefix[155]; 109 char uh_zeropad[12]; 110} __packed; 111 112/* 113 * Various size assertions -- pretty much everything must be one block in 114 * size. 115 */ 116CTASSERT(sizeof(struct kerneldumpheader) == TEXTDUMP_BLOCKSIZE); 117CTASSERT(sizeof(struct ustar_header) == TEXTDUMP_BLOCKSIZE); 118 119/* 120 * Is a textdump scheduled? If so, the shutdown code will invoke our dumpsys 121 * routine instead of the machine-dependent kernel dump routine. 122 */ 123#ifdef TEXTDUMP_PREFERRED 124int textdump_pending = 1; 125#else 126int textdump_pending = 0; 127#endif 128SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, pending, CTLFLAG_RW, 129 &textdump_pending, 0, 130 "Perform textdump instead of regular kernel dump."); 131 132/* 133 * Various constants for tar headers and contents. 134 */ 135#define TAR_USER "root" 136#define TAR_GROUP "wheel" 137#define TAR_UID "0" 138#define TAR_GID "0" 139#define TAR_MODE "0600" 140#define TAR_USTAR "ustar" 141 142#define TAR_CONFIG_FILENAME "config.txt" /* Kernel configuration. */ 143#define TAR_MSGBUF_FILENAME "msgbuf.txt" /* Kernel messsage buffer. */ 144#define TAR_PANIC_FILENAME "panic.txt" /* Panic message. */ 145#define TAR_VERSION_FILENAME "version.txt" /* Kernel version. */ 146 147/* 148 * Configure which files will be dumped. 149 */ 150#ifdef INCLUDE_CONFIG_FILE 151static int textdump_do_config = 1; 152SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_config, CTLFLAG_RW, 153 &textdump_do_config, 0, "Dump kernel configuration in textdump"); 154#endif 155 156static int textdump_do_ddb = 1; 157SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_ddb, CTLFLAG_RW, 158 &textdump_do_ddb, 0, "Dump DDB captured output in textdump"); 159 160static int textdump_do_msgbuf = 1; 161SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_msgbuf, CTLFLAG_RW, 162 &textdump_do_msgbuf, 0, "Dump kernel message buffer in textdump"); 163 164static int textdump_do_panic = 1; 165SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_panic, CTLFLAG_RW, 166 &textdump_do_panic, 0, "Dump kernel panic message in textdump"); 167 168static int textdump_do_version = 1; 169SYSCTL_INT(_debug_ddb_textdump, OID_AUTO, do_version, CTLFLAG_RW, 170 &textdump_do_version, 0, "Dump kernel version string in textdump"); 171 172/* 173 * State related to incremental writing of blocks to disk. 174 */ 175static off_t textdump_offset; /* Offset of next sequential write. */ 176static int textdump_error; /* Carried write error, if any. */ 177 178/* 179 * Statically allocate space to prepare block-sized headers and data. 180 */ 181char textdump_block_buffer[TEXTDUMP_BLOCKSIZE]; 182static struct kerneldumpheader kdh; 183 184/* 185 * Calculate and fill in the checksum for a ustar header. 186 */ 187static void 188ustar_checksum(struct ustar_header *uhp) 189{ 190 u_int sum; 191 int i; 192 193 for (i = 0; i < sizeof(uhp->uh_sum); i++) 194 uhp->uh_sum[i] = ' '; 195 sum = 0; 196 for (i = 0; i < sizeof(*uhp); i++) 197 sum += ((u_char *)uhp)[i]; 198 snprintf(uhp->uh_sum, sizeof(uhp->uh_sum), "%6o", sum); 199} 200 201/* 202 * Each file in the tarball has a block-sized header with its name and other, 203 * largely hard-coded, properties. 204 */ 205void 206textdump_mkustar(char *block_buffer, const char *filename, u_int size) 207{ 208 struct ustar_header *uhp; 209 210#ifdef TEXTDUMP_VERBOSE 211 if (textdump_error == 0) 212 printf("textdump: creating '%s'.\n", filename); 213#endif 214 uhp = (struct ustar_header *)block_buffer; 215 bzero(uhp, sizeof(*uhp)); 216 strlcpy(uhp->uh_filename, filename, sizeof(uhp->uh_filename)); 217 strlcpy(uhp->uh_mode, TAR_MODE, sizeof(uhp->uh_mode)); 218 snprintf(uhp->uh_size, sizeof(uhp->uh_size), "%o", size); 219 strlcpy(uhp->uh_tar_owner, TAR_UID, sizeof(uhp->uh_tar_owner)); 220 strlcpy(uhp->uh_tar_group, TAR_GID, sizeof(uhp->uh_tar_group)); 221 strlcpy(uhp->uh_owner, TAR_USER, sizeof(uhp->uh_owner)); 222 strlcpy(uhp->uh_group, TAR_GROUP, sizeof(uhp->uh_group)); 223 snprintf(uhp->uh_mtime, sizeof(uhp->uh_mtime), "%lo", 224 (unsigned long)time_second); 225 uhp->uh_type = 0; 226 strlcpy(uhp->uh_ustar, TAR_USTAR, sizeof(uhp->uh_ustar)); 227 ustar_checksum(uhp); 228} 229 230/* 231 * textdump_writeblock() writes TEXTDUMP_BLOCKSIZE-sized blocks of data to 232 * the space between di->mediaoffset and di->mediaoffset + di->mediasize. It 233 * accepts an offset relative to di->mediaoffset. If we're carrying any 234 * error from previous I/O, return that error and don't continue to try to 235 * write. Most writers ignore the error and forge ahead on the basis that 236 * there's not much you can do. 237 */ 238static int 239textdump_writeblock(struct dumperinfo *di, off_t offset, char *buffer) 240{ 241 242 if (textdump_error) 243 return (textdump_error); 244 if (offset + TEXTDUMP_BLOCKSIZE > di->mediasize) 245 return (EIO); 246 if (offset < SIZEOF_METADATA) 247 return (ENOSPC); 248 textdump_error = dump_write(di, buffer, 0, offset + di->mediaoffset, 249 TEXTDUMP_BLOCKSIZE); 250 if (textdump_error) 251 printf("textdump_writeblock: offset %jd, error %d\n", (intmax_t)offset, 252 textdump_error); 253 return (textdump_error); 254} 255 256/* 257 * Interfaces to save and restore the dump offset, so that printers can go 258 * back to rewrite a header if required, while avoiding their knowing about 259 * the global layout of the blocks. 260 * 261 * If we ever want to support writing textdumps to tape or other 262 * stream-oriented target, we'll need to remove this. 263 */ 264void 265textdump_saveoff(off_t *offsetp) 266{ 267 268 *offsetp = textdump_offset; 269} 270 271void 272textdump_restoreoff(off_t offset) 273{ 274 275 textdump_offset = offset; 276} 277 278/* 279 * Interface to write the "next block" relative to the current offset; since 280 * we write backwards from the end of the partition, we subtract, but there's 281 * no reason for the caller to know this. 282 */ 283int 284textdump_writenextblock(struct dumperinfo *di, char *buffer) 285{ 286 int error; 287 288 error = textdump_writeblock(di, textdump_offset, buffer); 289 textdump_offset -= TEXTDUMP_BLOCKSIZE; 290 return (error); 291} 292 293#ifdef INCLUDE_CONFIG_FILE 294extern char kernconfstring[]; 295 296/* 297 * Dump kernel configuration. 298 */ 299static void 300textdump_dump_config(struct dumperinfo *di) 301{ 302 u_int count, fullblocks, len; 303 304 len = strlen(kernconfstring); 305 textdump_mkustar(textdump_block_buffer, TAR_CONFIG_FILENAME, len); 306 (void)textdump_writenextblock(di, textdump_block_buffer); 307 308 /* 309 * Write out all full blocks directly from the string, and handle any 310 * left-over bits by copying it to out to the local buffer and 311 * zero-padding it. 312 */ 313 fullblocks = len / TEXTDUMP_BLOCKSIZE; 314 for (count = 0; count < fullblocks; count++) 315 (void)textdump_writenextblock(di, kernconfstring + count * 316 TEXTDUMP_BLOCKSIZE); 317 if (len % TEXTDUMP_BLOCKSIZE != 0) { 318 bzero(textdump_block_buffer, TEXTDUMP_BLOCKSIZE); 319 bcopy(kernconfstring + count * TEXTDUMP_BLOCKSIZE, 320 textdump_block_buffer, len % TEXTDUMP_BLOCKSIZE); 321 (void)textdump_writenextblock(di, textdump_block_buffer); 322 } 323} 324#endif /* INCLUDE_CONFIG_FILE */ 325 326/* 327 * Dump kernel message buffer. 328 */ 329static void 330textdump_dump_msgbuf(struct dumperinfo *di) 331{ 332 off_t end_offset, tarhdr_offset; 333 u_int i, len, offset, seq, total_len; 334 char buf[16]; 335 336 /* 337 * Write out a dummy tar header to advance the offset; we'll rewrite 338 * it later once we know the true size. 339 */ 340 textdump_saveoff(&tarhdr_offset); 341 textdump_mkustar(textdump_block_buffer, TAR_MSGBUF_FILENAME, 0); 342 (void)textdump_writenextblock(di, textdump_block_buffer); 343 344 /* 345 * Copy out the data in small chunks, but don't copy nuls that may be 346 * present if the message buffer has not yet completely filled at 347 * least once. 348 */ 349 total_len = 0; 350 offset = 0; 351 msgbuf_peekbytes(msgbufp, NULL, 0, &seq); 352 while ((len = msgbuf_peekbytes(msgbufp, buf, sizeof(buf), &seq)) > 0) { 353 for (i = 0; i < len; i++) { 354 if (buf[i] == '\0') 355 continue; 356 textdump_block_buffer[offset] = buf[i]; 357 offset++; 358 if (offset != sizeof(textdump_block_buffer)) 359 continue; 360 (void)textdump_writenextblock(di, 361 textdump_block_buffer); 362 total_len += offset; 363 offset = 0; 364 } 365 } 366 total_len += offset; /* Without the zero-padding. */ 367 if (offset != 0) { 368 bzero(textdump_block_buffer + offset, 369 sizeof(textdump_block_buffer) - offset); 370 (void)textdump_writenextblock(di, textdump_block_buffer); 371 } 372 373 /* 374 * Rewrite tar header to reflect how much was actually written. 375 */ 376 textdump_saveoff(&end_offset); 377 textdump_restoreoff(tarhdr_offset); 378 textdump_mkustar(textdump_block_buffer, TAR_MSGBUF_FILENAME, 379 total_len); 380 (void)textdump_writenextblock(di, textdump_block_buffer); 381 textdump_restoreoff(end_offset); 382} 383 384static void 385textdump_dump_panic(struct dumperinfo *di) 386{ 387 u_int len; 388 389 /* 390 * Write out tar header -- we store up to one block of panic message. 391 */ 392 len = min(strlen(panicstr), TEXTDUMP_BLOCKSIZE); 393 textdump_mkustar(textdump_block_buffer, TAR_PANIC_FILENAME, len); 394 (void)textdump_writenextblock(di, textdump_block_buffer); 395 396 /* 397 * Zero-pad the panic string and write out block. 398 */ 399 bzero(textdump_block_buffer, sizeof(textdump_block_buffer)); 400 bcopy(panicstr, textdump_block_buffer, len); 401 (void)textdump_writenextblock(di, textdump_block_buffer); 402} 403 404static void 405textdump_dump_version(struct dumperinfo *di) 406{ 407 u_int len; 408 409 /* 410 * Write out tar header -- at most one block of version information. 411 */ 412 len = min(strlen(version), TEXTDUMP_BLOCKSIZE); 413 textdump_mkustar(textdump_block_buffer, TAR_VERSION_FILENAME, len); 414 (void)textdump_writenextblock(di, textdump_block_buffer); 415 416 /* 417 * Zero pad the version string and write out block. 418 */ 419 bzero(textdump_block_buffer, sizeof(textdump_block_buffer)); 420 bcopy(version, textdump_block_buffer, len); 421 (void)textdump_writenextblock(di, textdump_block_buffer); 422} 423 424/* 425 * Commit text dump to disk. 426 */ 427void 428textdump_dumpsys(struct dumperinfo *di) 429{ 430 off_t dumplen, trailer_offset; 431 432 if (di->blocksize != TEXTDUMP_BLOCKSIZE) { 433 printf("Dump partition block size (%ju) not textdump " 434 "block size (%ju)", (uintmax_t)di->blocksize, 435 (uintmax_t)TEXTDUMP_BLOCKSIZE); 436 return; 437 } 438 439 /* 440 * We don't know a priori how large the dump will be, but we do know 441 * that we need to reserve space for metadata and that we need two 442 * dump headers. Also leave room for one ustar header and one block 443 * of data. 444 */ 445 if (di->mediasize < SIZEOF_METADATA + 2 * sizeof(kdh)) { 446 printf("Insufficient space on dump partition for minimal textdump.\n"); 447 return; 448 } 449 textdump_error = 0; 450 451 /* 452 * Position the start of the dump so that we'll write the kernel dump 453 * trailer immediately before the end of the partition, and then work 454 * our way back. We will rewrite this header later to reflect the 455 * true size if things go well. 456 */ 457 textdump_offset = di->mediasize - sizeof(kdh); 458 textdump_saveoff(&trailer_offset); 459 mkdumpheader(&kdh, TEXTDUMPMAGIC, KERNELDUMP_TEXT_VERSION, 0, TEXTDUMP_BLOCKSIZE); 460 (void)textdump_writenextblock(di, (char *)&kdh); 461 462 /* 463 * Write a series of files in ustar format. 464 */ 465 if (textdump_do_ddb) 466 db_capture_dump(di); 467#ifdef INCLUDE_CONFIG_FILE 468 if (textdump_do_config) 469 textdump_dump_config(di); 470#endif 471 if (textdump_do_msgbuf) 472 textdump_dump_msgbuf(di); 473 if (textdump_do_panic && panicstr != NULL) 474 textdump_dump_panic(di); 475 if (textdump_do_version) 476 textdump_dump_version(di); 477 478 /* 479 * Now that we know the true size, we can write out the header, then 480 * seek back to the end and rewrite the trailer with the correct 481 * size. 482 */ 483 dumplen = trailer_offset - (textdump_offset + TEXTDUMP_BLOCKSIZE); 484 mkdumpheader(&kdh, TEXTDUMPMAGIC, KERNELDUMP_TEXT_VERSION, dumplen, 485 TEXTDUMP_BLOCKSIZE); 486 (void)textdump_writenextblock(di, (char *)&kdh); 487 textdump_restoreoff(trailer_offset); 488 (void)textdump_writenextblock(di, (char *)&kdh); 489 490 /* 491 * Terminate the dump, report any errors, and clear the pending flag. 492 */ 493 if (textdump_error == 0) 494 (void)dump_write(di, NULL, 0, 0, 0); 495 if (textdump_error == ENOSPC) 496 printf("Textdump: Insufficient space on dump partition\n"); 497 else if (textdump_error != 0) 498 printf("Textdump: Error %d writing dump\n", textdump_error); 499 else 500 printf("Textdump complete.\n"); 501 textdump_pending = 0; 502} 503 504/*- 505 * DDB(4) command to manage textdumps: 506 * 507 * textdump set - request a textdump 508 * textdump status - print DDB output textdump status 509 * textdump unset - clear textdump request 510 */ 511static void 512db_textdump_usage(void) 513{ 514 515 db_printf("textdump [unset|set|status|dump]\n"); 516} 517 518void 519db_textdump_cmd(db_expr_t addr, boolean_t have_addr, db_expr_t count, 520 char *modif) 521{ 522 int t; 523 524 t = db_read_token(); 525 if (t != tIDENT) { 526 db_textdump_usage(); 527 return; 528 } 529 if (db_read_token() != tEOL) { 530 db_textdump_usage(); 531 return; 532 } 533 if (strcmp(db_tok_string, "set") == 0) { 534 textdump_pending = 1; 535 db_printf("textdump set\n"); 536 } else if (strcmp(db_tok_string, "status") == 0) { 537 if (textdump_pending) 538 db_printf("textdump is set\n"); 539 else 540 db_printf("textdump is not set\n"); 541 } else if (strcmp(db_tok_string, "unset") == 0) { 542 textdump_pending = 0; 543 db_printf("textdump unset\n"); 544 } else if (strcmp(db_tok_string, "dump") == 0) { 545 textdump_pending = 1; 546 doadump(TRUE); 547 } else { 548 db_textdump_usage(); 549 } 550} 551