1/*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30#ifndef lint 31static const char copyright[] = 32"@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34#endif /* not lint */ 35 36#ifndef lint 37#if 0 38static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39#endif 40#endif /* not lint */ 41#include <sys/cdefs.h> 42__FBSDID("$FreeBSD$"); 43 44#define _KERNEL 45extern int errno; 46#include <sys/errno.h> 47#undef _KERNEL 48#include <sys/param.h> 49#include <sys/capability.h> 50#include <sys/errno.h> 51#define _KERNEL 52#include <sys/time.h> 53#undef _KERNEL 54#include <sys/uio.h> 55#include <sys/ktrace.h> 56#include <sys/ioctl.h> 57#include <sys/socket.h> 58#include <sys/stat.h> 59#include <sys/sysent.h> 60#include <sys/un.h> 61#include <sys/queue.h> 62#include <sys/wait.h> 63#ifdef IPX 64#include <sys/types.h> 65#include <netipx/ipx.h> 66#endif 67#ifdef NETATALK 68#include <netatalk/at.h> 69#endif 70#include <arpa/inet.h> 71#include <netinet/in.h> 72#include <ctype.h> 73#include <dlfcn.h> 74#include <err.h> 75#include <grp.h> 76#include <inttypes.h> 77#include <locale.h> 78#include <netdb.h> 79#include <nl_types.h> 80#include <pwd.h> 81#include <stdio.h> 82#include <stdlib.h> 83#include <string.h> 84#include <termios.h> 85#include <time.h> 86#include <unistd.h> 87#include <vis.h> 88#include "ktrace.h" 89#include "kdump_subr.h" 90 91u_int abidump(struct ktr_header *); 92int fetchprocinfo(struct ktr_header *, u_int *); 93int fread_tail(void *, int, int); 94void dumpheader(struct ktr_header *); 95void ktrsyscall(struct ktr_syscall *, u_int); 96void ktrsysret(struct ktr_sysret *, u_int); 97void ktrnamei(char *, int); 98void hexdump(char *, int, int); 99void visdump(char *, int, int); 100void ktrgenio(struct ktr_genio *, int); 101void ktrpsig(struct ktr_psig *); 102void ktrcsw(struct ktr_csw *); 103void ktrcsw_old(struct ktr_csw_old *); 104void ktruser_malloc(unsigned char *); 105void ktruser_rtld(int, unsigned char *); 106void ktruser(int, unsigned char *); 107void ktrcaprights(cap_rights_t *); 108void ktrsockaddr(struct sockaddr *); 109void ktrstat(struct stat *); 110void ktrstruct(char *, size_t); 111void ktrcapfail(struct ktr_cap_fail *); 112void ktrfault(struct ktr_fault *); 113void ktrfaultend(struct ktr_faultend *); 114void limitfd(int fd); 115void usage(void); 116void ioctlname(unsigned long, int); 117 118int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 119 resolv = 0, abiflag = 0, syscallno = 0; 120const char *tracefile = DEF_TRACEFILE; 121struct ktr_header ktr_header; 122 123#define TIME_FORMAT "%b %e %T %Y" 124#define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 125 126#define print_number(i,n,c) do { \ 127 if (decimal) \ 128 printf("%c%jd", c, (intmax_t)*i); \ 129 else \ 130 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 131 i++; \ 132 n--; \ 133 c = ','; \ 134} while (0) 135 136#if defined(__amd64__) || defined(__i386__) 137 138void linux_ktrsyscall(struct ktr_syscall *); 139void linux_ktrsysret(struct ktr_sysret *); 140extern char *linux_syscallnames[]; 141extern int nlinux_syscalls; 142 143/* 144 * from linux.h 145 * Linux syscalls return negative errno's, we do positive and map them 146 */ 147static int bsd_to_linux_errno[ELAST + 1] = { 148 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 149 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 150 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 151 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 152 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 153 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 154 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 155 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 156 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 157 -72, -67, -71 158}; 159#endif 160 161struct proc_info 162{ 163 TAILQ_ENTRY(proc_info) info; 164 u_int sv_flags; 165 pid_t pid; 166}; 167 168TAILQ_HEAD(trace_procs, proc_info) trace_procs; 169 170static void 171strerror_init(void) 172{ 173 174 /* 175 * Cache NLS data before entering capability mode. 176 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 177 */ 178 (void)catopen("libc", NL_CAT_LOCALE); 179} 180 181static void 182localtime_init(void) 183{ 184 time_t ltime; 185 186 /* 187 * Allow localtime(3) to cache /etc/localtime content before entering 188 * capability mode. 189 * XXXPJD: There should be localtime_init() in libc. 190 */ 191 (void)time(<ime); 192 (void)localtime(<ime); 193} 194 195int 196main(int argc, char *argv[]) 197{ 198 int ch, ktrlen, size; 199 void *m; 200 int trpoints = ALL_POINTS; 201 int drop_logged; 202 pid_t pid = 0; 203 u_int sv_flags; 204 205 setlocale(LC_CTYPE, ""); 206 207 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1) 208 switch (ch) { 209 case 'A': 210 abiflag = 1; 211 break; 212 case 'f': 213 tracefile = optarg; 214 break; 215 case 'd': 216 decimal = 1; 217 break; 218 case 'l': 219 tail = 1; 220 break; 221 case 'm': 222 maxdata = atoi(optarg); 223 break; 224 case 'n': 225 fancy = 0; 226 break; 227 case 'p': 228 pid = atoi(optarg); 229 break; 230 case 'r': 231 resolv = 1; 232 break; 233 case 'S': 234 syscallno = 1; 235 break; 236 case 's': 237 suppressdata = 1; 238 break; 239 case 'E': 240 timestamp = 3; /* elapsed timestamp */ 241 break; 242 case 'H': 243 threads = 1; 244 break; 245 case 'R': 246 timestamp = 2; /* relative timestamp */ 247 break; 248 case 'T': 249 timestamp = 1; 250 break; 251 case 't': 252 trpoints = getpoints(optarg); 253 if (trpoints < 0) 254 errx(1, "unknown trace point in %s", optarg); 255 break; 256 default: 257 usage(); 258 } 259 260 if (argc > optind) 261 usage(); 262 263 m = malloc(size = 1025); 264 if (m == NULL) 265 errx(1, "%s", strerror(ENOMEM)); 266 if (!freopen(tracefile, "r", stdin)) 267 err(1, "%s", tracefile); 268 269 strerror_init(); 270 localtime_init(); 271 272 if (resolv == 0) { 273 if (cap_enter() < 0 && errno != ENOSYS) 274 err(1, "unable to enter capability mode"); 275 } 276 limitfd(STDIN_FILENO); 277 limitfd(STDOUT_FILENO); 278 limitfd(STDERR_FILENO); 279 280 TAILQ_INIT(&trace_procs); 281 drop_logged = 0; 282 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 283 if (ktr_header.ktr_type & KTR_DROP) { 284 ktr_header.ktr_type &= ~KTR_DROP; 285 if (!drop_logged && threads) { 286 printf( 287 "%6jd %6jd %-8.*s Events dropped.\n", 288 (intmax_t)ktr_header.ktr_pid, 289 ktr_header.ktr_tid > 0 ? 290 (intmax_t)ktr_header.ktr_tid : 0, 291 MAXCOMLEN, ktr_header.ktr_comm); 292 drop_logged = 1; 293 } else if (!drop_logged) { 294 printf("%6jd %-8.*s Events dropped.\n", 295 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 296 ktr_header.ktr_comm); 297 drop_logged = 1; 298 } 299 } 300 if (trpoints & (1<<ktr_header.ktr_type)) 301 if (pid == 0 || ktr_header.ktr_pid == pid || 302 ktr_header.ktr_tid == pid) 303 dumpheader(&ktr_header); 304 if ((ktrlen = ktr_header.ktr_len) < 0) 305 errx(1, "bogus length 0x%x", ktrlen); 306 if (ktrlen > size) { 307 m = realloc(m, ktrlen+1); 308 if (m == NULL) 309 errx(1, "%s", strerror(ENOMEM)); 310 size = ktrlen; 311 } 312 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 313 errx(1, "data too short"); 314 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 315 continue; 316 sv_flags = abidump(&ktr_header); 317 if (pid && ktr_header.ktr_pid != pid && 318 ktr_header.ktr_tid != pid) 319 continue; 320 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 321 continue; 322 drop_logged = 0; 323 switch (ktr_header.ktr_type) { 324 case KTR_SYSCALL: 325#if defined(__amd64__) || defined(__i386__) 326 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 327 linux_ktrsyscall((struct ktr_syscall *)m); 328 else 329#endif 330 ktrsyscall((struct ktr_syscall *)m, sv_flags); 331 break; 332 case KTR_SYSRET: 333#if defined(__amd64__) || defined(__i386__) 334 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 335 linux_ktrsysret((struct ktr_sysret *)m); 336 else 337#endif 338 ktrsysret((struct ktr_sysret *)m, sv_flags); 339 break; 340 case KTR_NAMEI: 341 case KTR_SYSCTL: 342 ktrnamei(m, ktrlen); 343 break; 344 case KTR_GENIO: 345 ktrgenio((struct ktr_genio *)m, ktrlen); 346 break; 347 case KTR_PSIG: 348 ktrpsig((struct ktr_psig *)m); 349 break; 350 case KTR_CSW: 351 if (ktrlen == sizeof(struct ktr_csw_old)) 352 ktrcsw_old((struct ktr_csw_old *)m); 353 else 354 ktrcsw((struct ktr_csw *)m); 355 break; 356 case KTR_USER: 357 ktruser(ktrlen, m); 358 break; 359 case KTR_STRUCT: 360 ktrstruct(m, ktrlen); 361 break; 362 case KTR_CAPFAIL: 363 ktrcapfail((struct ktr_cap_fail *)m); 364 break; 365 case KTR_FAULT: 366 ktrfault((struct ktr_fault *)m); 367 break; 368 case KTR_FAULTEND: 369 ktrfaultend((struct ktr_faultend *)m); 370 break; 371 default: 372 printf("\n"); 373 break; 374 } 375 if (tail) 376 fflush(stdout); 377 } 378 return 0; 379} 380 381void 382limitfd(int fd) 383{ 384 cap_rights_t rights; 385 unsigned long cmd; 386 387 cap_rights_init(&rights, CAP_FSTAT); 388 cmd = -1; 389 390 switch (fd) { 391 case STDIN_FILENO: 392 cap_rights_set(&rights, CAP_READ); 393 break; 394 case STDOUT_FILENO: 395 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE); 396 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 397 break; 398 case STDERR_FILENO: 399 cap_rights_set(&rights, CAP_WRITE); 400 if (!suppressdata) { 401 cap_rights_set(&rights, CAP_IOCTL); 402 cmd = TIOCGWINSZ; 403 } 404 break; 405 default: 406 abort(); 407 } 408 409 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) 410 err(1, "unable to limit rights for descriptor %d", fd); 411 if (cmd != -1 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 412 err(1, "unable to limit ioctls for descriptor %d", fd); 413} 414 415int 416fread_tail(void *buf, int size, int num) 417{ 418 int i; 419 420 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 421 sleep(1); 422 clearerr(stdin); 423 } 424 return (i); 425} 426 427int 428fetchprocinfo(struct ktr_header *kth, u_int *flags) 429{ 430 struct proc_info *pi; 431 432 switch (kth->ktr_type) { 433 case KTR_PROCCTOR: 434 TAILQ_FOREACH(pi, &trace_procs, info) { 435 if (pi->pid == kth->ktr_pid) { 436 TAILQ_REMOVE(&trace_procs, pi, info); 437 break; 438 } 439 } 440 pi = malloc(sizeof(struct proc_info)); 441 if (pi == NULL) 442 errx(1, "%s", strerror(ENOMEM)); 443 pi->sv_flags = *flags; 444 pi->pid = kth->ktr_pid; 445 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 446 return (1); 447 448 case KTR_PROCDTOR: 449 TAILQ_FOREACH(pi, &trace_procs, info) { 450 if (pi->pid == kth->ktr_pid) { 451 TAILQ_REMOVE(&trace_procs, pi, info); 452 free(pi); 453 break; 454 } 455 } 456 return (1); 457 } 458 459 return (0); 460} 461 462u_int 463abidump(struct ktr_header *kth) 464{ 465 struct proc_info *pi; 466 const char *abi; 467 const char *arch; 468 u_int flags = 0; 469 470 TAILQ_FOREACH(pi, &trace_procs, info) { 471 if (pi->pid == kth->ktr_pid) { 472 flags = pi->sv_flags; 473 break; 474 } 475 } 476 477 if (abiflag == 0) 478 return (flags); 479 480 switch (flags & SV_ABI_MASK) { 481 case SV_ABI_LINUX: 482 abi = "L"; 483 break; 484 case SV_ABI_FREEBSD: 485 abi = "F"; 486 break; 487 default: 488 abi = "U"; 489 break; 490 } 491 492 if (flags != 0) { 493 if (flags & SV_LP64) 494 arch = "64"; 495 else 496 arch = "32"; 497 } else 498 arch = "00"; 499 500 printf("%s%s ", abi, arch); 501 502 return (flags); 503} 504 505void 506dumpheader(struct ktr_header *kth) 507{ 508 static char unknown[64]; 509 static struct timeval prevtime, temp; 510 const char *type; 511 512 switch (kth->ktr_type) { 513 case KTR_SYSCALL: 514 type = "CALL"; 515 break; 516 case KTR_SYSRET: 517 type = "RET "; 518 break; 519 case KTR_NAMEI: 520 type = "NAMI"; 521 break; 522 case KTR_GENIO: 523 type = "GIO "; 524 break; 525 case KTR_PSIG: 526 type = "PSIG"; 527 break; 528 case KTR_CSW: 529 type = "CSW "; 530 break; 531 case KTR_USER: 532 type = "USER"; 533 break; 534 case KTR_STRUCT: 535 type = "STRU"; 536 break; 537 case KTR_SYSCTL: 538 type = "SCTL"; 539 break; 540 case KTR_PROCCTOR: 541 /* FALLTHROUGH */ 542 case KTR_PROCDTOR: 543 return; 544 case KTR_CAPFAIL: 545 type = "CAP "; 546 break; 547 case KTR_FAULT: 548 type = "PFLT"; 549 break; 550 case KTR_FAULTEND: 551 type = "PRET"; 552 break; 553 default: 554 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 555 type = unknown; 556 } 557 558 /* 559 * The ktr_tid field was previously the ktr_buffer field, which held 560 * the kernel pointer value for the buffer associated with data 561 * following the record header. It now holds a threadid, but only 562 * for trace files after the change. Older trace files still contain 563 * kernel pointers. Detect this and suppress the results by printing 564 * negative tid's as 0. 565 */ 566 if (threads) 567 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 568 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 569 MAXCOMLEN, kth->ktr_comm); 570 else 571 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 572 kth->ktr_comm); 573 if (timestamp) { 574 if (timestamp == 3) { 575 if (prevtime.tv_sec == 0) 576 prevtime = kth->ktr_time; 577 timevalsub(&kth->ktr_time, &prevtime); 578 } 579 if (timestamp == 2) { 580 temp = kth->ktr_time; 581 timevalsub(&kth->ktr_time, &prevtime); 582 prevtime = temp; 583 } 584 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 585 kth->ktr_time.tv_usec); 586 } 587 printf("%s ", type); 588} 589 590#include <sys/syscall.h> 591#define KTRACE 592#include <sys/kern/syscalls.c> 593#undef KTRACE 594int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 595 596void 597ktrsyscall(struct ktr_syscall *ktr, u_int flags) 598{ 599 int narg = ktr->ktr_narg; 600 register_t *ip; 601 intmax_t arg; 602 603 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 604 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 605 printf("[%d]", ktr->ktr_code); 606 else { 607 printf("%s", syscallnames[ktr->ktr_code]); 608 if (syscallno) 609 printf("[%d]", ktr->ktr_code); 610 } 611 ip = &ktr->ktr_args[0]; 612 if (narg) { 613 char c = '('; 614 if (fancy && 615 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 616 switch (ktr->ktr_code) { 617 case SYS_bindat: 618 case SYS_connectat: 619 case SYS_faccessat: 620 case SYS_fchmodat: 621 case SYS_fchownat: 622 case SYS_fstatat: 623 case SYS_futimesat: 624 case SYS_linkat: 625 case SYS_mkdirat: 626 case SYS_mkfifoat: 627 case SYS_mknodat: 628 case SYS_openat: 629 case SYS_readlinkat: 630 case SYS_renameat: 631 case SYS_unlinkat: 632 putchar('('); 633 atfdname(*ip, decimal); 634 c = ','; 635 ip++; 636 narg--; 637 break; 638 } 639 switch (ktr->ktr_code) { 640 case SYS_ioctl: { 641 print_number(ip, narg, c); 642 putchar(c); 643 ioctlname(*ip, decimal); 644 c = ','; 645 ip++; 646 narg--; 647 break; 648 } 649 case SYS_ptrace: 650 putchar('('); 651 ptraceopname(*ip); 652 c = ','; 653 ip++; 654 narg--; 655 break; 656 case SYS_access: 657 case SYS_eaccess: 658 case SYS_faccessat: 659 print_number(ip, narg, c); 660 putchar(','); 661 accessmodename(*ip); 662 ip++; 663 narg--; 664 break; 665 case SYS_open: 666 case SYS_openat: 667 print_number(ip, narg, c); 668 putchar(','); 669 flagsandmodename(ip[0], ip[1], decimal); 670 ip += 2; 671 narg -= 2; 672 break; 673 case SYS_wait4: 674 print_number(ip, narg, c); 675 print_number(ip, narg, c); 676 /* 677 * A flags value of zero is valid for 678 * wait4() but not for wait6(), so 679 * handle zero special here. 680 */ 681 if (*ip == 0) { 682 print_number(ip, narg, c); 683 } else { 684 putchar(','); 685 wait6optname(*ip); 686 ip++; 687 narg--; 688 } 689 break; 690 case SYS_wait6: 691 putchar('('); 692 idtypename(*ip, decimal); 693 c = ','; 694 ip++; 695 narg--; 696 print_number(ip, narg, c); 697 print_number(ip, narg, c); 698 putchar(','); 699 wait6optname(*ip); 700 ip++; 701 narg--; 702 break; 703 case SYS_chmod: 704 case SYS_fchmod: 705 case SYS_lchmod: 706 print_number(ip, narg, c); 707 putchar(','); 708 modename(*ip); 709 ip++; 710 narg--; 711 break; 712 case SYS_mknod: 713 case SYS_mknodat: 714 print_number(ip, narg, c); 715 putchar(','); 716 modename(*ip); 717 ip++; 718 narg--; 719 break; 720 case SYS_getfsstat: 721 print_number(ip, narg, c); 722 print_number(ip, narg, c); 723 putchar(','); 724 getfsstatflagsname(*ip); 725 ip++; 726 narg--; 727 break; 728 case SYS_mount: 729 print_number(ip, narg, c); 730 print_number(ip, narg, c); 731 putchar(','); 732 mountflagsname(*ip); 733 ip++; 734 narg--; 735 break; 736 case SYS_unmount: 737 print_number(ip, narg, c); 738 putchar(','); 739 mountflagsname(*ip); 740 ip++; 741 narg--; 742 break; 743 case SYS_recvmsg: 744 case SYS_sendmsg: 745 print_number(ip, narg, c); 746 print_number(ip, narg, c); 747 putchar(','); 748 sendrecvflagsname(*ip); 749 ip++; 750 narg--; 751 break; 752 case SYS_recvfrom: 753 case SYS_sendto: 754 print_number(ip, narg, c); 755 print_number(ip, narg, c); 756 print_number(ip, narg, c); 757 putchar(','); 758 sendrecvflagsname(*ip); 759 ip++; 760 narg--; 761 break; 762 case SYS_chflags: 763 case SYS_fchflags: 764 case SYS_lchflags: 765 print_number(ip, narg, c); 766 putchar(','); 767 modename(*ip); 768 ip++; 769 narg--; 770 break; 771 case SYS_kill: 772 print_number(ip, narg, c); 773 putchar(','); 774 signame(*ip); 775 ip++; 776 narg--; 777 break; 778 case SYS_reboot: 779 putchar('('); 780 rebootoptname(*ip); 781 ip++; 782 narg--; 783 break; 784 case SYS_umask: 785 putchar('('); 786 modename(*ip); 787 ip++; 788 narg--; 789 break; 790 case SYS_msync: 791 print_number(ip, narg, c); 792 print_number(ip, narg, c); 793 putchar(','); 794 msyncflagsname(*ip); 795 ip++; 796 narg--; 797 break; 798#ifdef SYS_freebsd6_mmap 799 case SYS_freebsd6_mmap: 800 print_number(ip, narg, c); 801 print_number(ip, narg, c); 802 putchar(','); 803 mmapprotname(*ip); 804 putchar(','); 805 ip++; 806 narg--; 807 mmapflagsname(*ip); 808 ip++; 809 narg--; 810 break; 811#endif 812 case SYS_mmap: 813 print_number(ip, narg, c); 814 print_number(ip, narg, c); 815 putchar(','); 816 mmapprotname(*ip); 817 putchar(','); 818 ip++; 819 narg--; 820 mmapflagsname(*ip); 821 ip++; 822 narg--; 823 break; 824 case SYS_mprotect: 825 print_number(ip, narg, c); 826 print_number(ip, narg, c); 827 putchar(','); 828 mmapprotname(*ip); 829 ip++; 830 narg--; 831 break; 832 case SYS_madvise: 833 print_number(ip, narg, c); 834 print_number(ip, narg, c); 835 putchar(','); 836 madvisebehavname(*ip); 837 ip++; 838 narg--; 839 break; 840 case SYS_setpriority: 841 print_number(ip, narg, c); 842 print_number(ip, narg, c); 843 putchar(','); 844 prioname(*ip); 845 ip++; 846 narg--; 847 break; 848 case SYS_fcntl: 849 print_number(ip, narg, c); 850 putchar(','); 851 fcntlcmdname(ip[0], ip[1], decimal); 852 ip += 2; 853 narg -= 2; 854 break; 855 case SYS_socket: { 856 int sockdomain; 857 putchar('('); 858 sockdomain = *ip; 859 sockdomainname(sockdomain); 860 ip++; 861 narg--; 862 putchar(','); 863 socktypenamewithflags(*ip); 864 ip++; 865 narg--; 866 if (sockdomain == PF_INET || 867 sockdomain == PF_INET6) { 868 putchar(','); 869 sockipprotoname(*ip); 870 ip++; 871 narg--; 872 } 873 c = ','; 874 break; 875 } 876 case SYS_setsockopt: 877 case SYS_getsockopt: 878 print_number(ip, narg, c); 879 putchar(','); 880 sockoptlevelname(*ip, decimal); 881 if (*ip == SOL_SOCKET) { 882 ip++; 883 narg--; 884 putchar(','); 885 sockoptname(*ip); 886 } 887 ip++; 888 narg--; 889 break; 890#ifdef SYS_freebsd6_lseek 891 case SYS_freebsd6_lseek: 892 print_number(ip, narg, c); 893 /* Hidden 'pad' argument, not in lseek(2) */ 894 print_number(ip, narg, c); 895 print_number(ip, narg, c); 896 putchar(','); 897 whencename(*ip); 898 ip++; 899 narg--; 900 break; 901#endif 902 case SYS_lseek: 903 print_number(ip, narg, c); 904 /* Hidden 'pad' argument, not in lseek(2) */ 905 print_number(ip, narg, c); 906 putchar(','); 907 whencename(*ip); 908 ip++; 909 narg--; 910 break; 911 case SYS_flock: 912 print_number(ip, narg, c); 913 putchar(','); 914 flockname(*ip); 915 ip++; 916 narg--; 917 break; 918 case SYS_mkfifo: 919 case SYS_mkfifoat: 920 case SYS_mkdir: 921 case SYS_mkdirat: 922 print_number(ip, narg, c); 923 putchar(','); 924 modename(*ip); 925 ip++; 926 narg--; 927 break; 928 case SYS_shutdown: 929 print_number(ip, narg, c); 930 putchar(','); 931 shutdownhowname(*ip); 932 ip++; 933 narg--; 934 break; 935 case SYS_socketpair: 936 putchar('('); 937 sockdomainname(*ip); 938 ip++; 939 narg--; 940 putchar(','); 941 socktypenamewithflags(*ip); 942 ip++; 943 narg--; 944 c = ','; 945 break; 946 case SYS_getrlimit: 947 case SYS_setrlimit: 948 putchar('('); 949 rlimitname(*ip); 950 ip++; 951 narg--; 952 c = ','; 953 break; 954 case SYS_quotactl: 955 print_number(ip, narg, c); 956 putchar(','); 957 quotactlname(*ip); 958 ip++; 959 narg--; 960 c = ','; 961 break; 962 case SYS_nfssvc: 963 putchar('('); 964 nfssvcname(*ip); 965 ip++; 966 narg--; 967 c = ','; 968 break; 969 case SYS_rtprio: 970 putchar('('); 971 rtprioname(*ip); 972 ip++; 973 narg--; 974 c = ','; 975 break; 976 case SYS___semctl: 977 print_number(ip, narg, c); 978 print_number(ip, narg, c); 979 putchar(','); 980 semctlname(*ip); 981 ip++; 982 narg--; 983 break; 984 case SYS_semget: 985 print_number(ip, narg, c); 986 print_number(ip, narg, c); 987 putchar(','); 988 semgetname(*ip); 989 ip++; 990 narg--; 991 break; 992 case SYS_msgctl: 993 print_number(ip, narg, c); 994 putchar(','); 995 shmctlname(*ip); 996 ip++; 997 narg--; 998 break; 999 case SYS_shmat: 1000 print_number(ip, narg, c); 1001 print_number(ip, narg, c); 1002 putchar(','); 1003 shmatname(*ip); 1004 ip++; 1005 narg--; 1006 break; 1007 case SYS_shmctl: 1008 print_number(ip, narg, c); 1009 putchar(','); 1010 shmctlname(*ip); 1011 ip++; 1012 narg--; 1013 break; 1014 case SYS_shm_open: 1015 print_number(ip, narg, c); 1016 putchar(','); 1017 flagsname(ip[0]); 1018 printf(",0%o", ip[1]); 1019 ip += 3; 1020 narg -= 3; 1021 break; 1022 case SYS_minherit: 1023 print_number(ip, narg, c); 1024 print_number(ip, narg, c); 1025 putchar(','); 1026 minheritname(*ip); 1027 ip++; 1028 narg--; 1029 break; 1030 case SYS_rfork: 1031 putchar('('); 1032 rforkname(*ip); 1033 ip++; 1034 narg--; 1035 c = ','; 1036 break; 1037 case SYS_lio_listio: 1038 putchar('('); 1039 lio_listioname(*ip); 1040 ip++; 1041 narg--; 1042 c = ','; 1043 break; 1044 case SYS_mlockall: 1045 putchar('('); 1046 mlockallname(*ip); 1047 ip++; 1048 narg--; 1049 break; 1050 case SYS_sched_setscheduler: 1051 print_number(ip, narg, c); 1052 putchar(','); 1053 schedpolicyname(*ip); 1054 ip++; 1055 narg--; 1056 break; 1057 case SYS_sched_get_priority_max: 1058 case SYS_sched_get_priority_min: 1059 putchar('('); 1060 schedpolicyname(*ip); 1061 ip++; 1062 narg--; 1063 break; 1064 case SYS_sendfile: 1065 print_number(ip, narg, c); 1066 print_number(ip, narg, c); 1067 print_number(ip, narg, c); 1068 print_number(ip, narg, c); 1069 print_number(ip, narg, c); 1070 print_number(ip, narg, c); 1071 putchar(','); 1072 sendfileflagsname(*ip); 1073 ip++; 1074 narg--; 1075 break; 1076 case SYS_kldsym: 1077 print_number(ip, narg, c); 1078 putchar(','); 1079 kldsymcmdname(*ip); 1080 ip++; 1081 narg--; 1082 break; 1083 case SYS_sigprocmask: 1084 putchar('('); 1085 sigprocmaskhowname(*ip); 1086 ip++; 1087 narg--; 1088 c = ','; 1089 break; 1090 case SYS___acl_get_file: 1091 case SYS___acl_set_file: 1092 case SYS___acl_get_fd: 1093 case SYS___acl_set_fd: 1094 case SYS___acl_delete_file: 1095 case SYS___acl_delete_fd: 1096 case SYS___acl_aclcheck_file: 1097 case SYS___acl_aclcheck_fd: 1098 case SYS___acl_get_link: 1099 case SYS___acl_set_link: 1100 case SYS___acl_delete_link: 1101 case SYS___acl_aclcheck_link: 1102 print_number(ip, narg, c); 1103 putchar(','); 1104 acltypename(*ip); 1105 ip++; 1106 narg--; 1107 break; 1108 case SYS_sigaction: 1109 putchar('('); 1110 signame(*ip); 1111 ip++; 1112 narg--; 1113 c = ','; 1114 break; 1115 case SYS_extattrctl: 1116 print_number(ip, narg, c); 1117 putchar(','); 1118 extattrctlname(*ip); 1119 ip++; 1120 narg--; 1121 break; 1122 case SYS_nmount: 1123 print_number(ip, narg, c); 1124 print_number(ip, narg, c); 1125 putchar(','); 1126 mountflagsname(*ip); 1127 ip++; 1128 narg--; 1129 break; 1130 case SYS_thr_create: 1131 print_number(ip, narg, c); 1132 print_number(ip, narg, c); 1133 putchar(','); 1134 thrcreateflagsname(*ip); 1135 ip++; 1136 narg--; 1137 break; 1138 case SYS_thr_kill: 1139 print_number(ip, narg, c); 1140 putchar(','); 1141 signame(*ip); 1142 ip++; 1143 narg--; 1144 break; 1145 case SYS_kldunloadf: 1146 print_number(ip, narg, c); 1147 putchar(','); 1148 kldunloadfflagsname(*ip); 1149 ip++; 1150 narg--; 1151 break; 1152 case SYS_linkat: 1153 case SYS_renameat: 1154 case SYS_symlinkat: 1155 print_number(ip, narg, c); 1156 putchar(','); 1157 atfdname(*ip, decimal); 1158 ip++; 1159 narg--; 1160 break; 1161 case SYS_cap_fcntls_limit: 1162 print_number(ip, narg, c); 1163 putchar(','); 1164 arg = *ip; 1165 ip++; 1166 narg--; 1167 capfcntlname(arg); 1168 break; 1169 case SYS_posix_fadvise: 1170 print_number(ip, narg, c); 1171 print_number(ip, narg, c); 1172 print_number(ip, narg, c); 1173 (void)putchar(','); 1174 fadvisebehavname((int)*ip); 1175 ip++; 1176 narg--; 1177 break; 1178 case SYS_procctl: 1179 putchar('('); 1180 idtypename(*ip, decimal); 1181 c = ','; 1182 ip++; 1183 narg--; 1184 print_number(ip, narg, c); 1185 putchar(','); 1186 procctlcmdname(*ip); 1187 ip++; 1188 narg--; 1189 break; 1190 } 1191 } 1192 while (narg > 0) { 1193 print_number(ip, narg, c); 1194 } 1195 putchar(')'); 1196 } 1197 putchar('\n'); 1198} 1199 1200void 1201ktrsysret(struct ktr_sysret *ktr, u_int flags) 1202{ 1203 register_t ret = ktr->ktr_retval; 1204 int error = ktr->ktr_error; 1205 int code = ktr->ktr_code; 1206 1207 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1208 (code >= nsyscalls || code < 0)) 1209 printf("[%d] ", code); 1210 else { 1211 printf("%s", syscallnames[code]); 1212 if (syscallno) 1213 printf("[%d]", code); 1214 printf(" "); 1215 } 1216 1217 if (error == 0) { 1218 if (fancy) { 1219 printf("%ld", (long)ret); 1220 if (ret < 0 || ret > 9) 1221 printf("/%#lx", (unsigned long)ret); 1222 } else { 1223 if (decimal) 1224 printf("%ld", (long)ret); 1225 else 1226 printf("%#lx", (unsigned long)ret); 1227 } 1228 } else if (error == ERESTART) 1229 printf("RESTART"); 1230 else if (error == EJUSTRETURN) 1231 printf("JUSTRETURN"); 1232 else { 1233 printf("-1 errno %d", ktr->ktr_error); 1234 if (fancy) 1235 printf(" %s", strerror(ktr->ktr_error)); 1236 } 1237 putchar('\n'); 1238} 1239 1240void 1241ktrnamei(char *cp, int len) 1242{ 1243 printf("\"%.*s\"\n", len, cp); 1244} 1245 1246void 1247hexdump(char *p, int len, int screenwidth) 1248{ 1249 int n, i; 1250 int width; 1251 1252 width = 0; 1253 do { 1254 width += 2; 1255 i = 13; /* base offset */ 1256 i += (width / 2) + 1; /* spaces every second byte */ 1257 i += (width * 2); /* width of bytes */ 1258 i += 3; /* " |" */ 1259 i += width; /* each byte */ 1260 i += 1; /* "|" */ 1261 } while (i < screenwidth); 1262 width -= 2; 1263 1264 for (n = 0; n < len; n += width) { 1265 for (i = n; i < n + width; i++) { 1266 if ((i % width) == 0) { /* beginning of line */ 1267 printf(" 0x%04x", i); 1268 } 1269 if ((i % 2) == 0) { 1270 printf(" "); 1271 } 1272 if (i < len) 1273 printf("%02x", p[i] & 0xff); 1274 else 1275 printf(" "); 1276 } 1277 printf(" |"); 1278 for (i = n; i < n + width; i++) { 1279 if (i >= len) 1280 break; 1281 if (p[i] >= ' ' && p[i] <= '~') 1282 printf("%c", p[i]); 1283 else 1284 printf("."); 1285 } 1286 printf("|\n"); 1287 } 1288 if ((i % width) != 0) 1289 printf("\n"); 1290} 1291 1292void 1293visdump(char *dp, int datalen, int screenwidth) 1294{ 1295 int col = 0; 1296 char *cp; 1297 int width; 1298 char visbuf[5]; 1299 1300 printf(" \""); 1301 col = 8; 1302 for (;datalen > 0; datalen--, dp++) { 1303 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1304 cp = visbuf; 1305 /* 1306 * Keep track of printables and 1307 * space chars (like fold(1)). 1308 */ 1309 if (col == 0) { 1310 putchar('\t'); 1311 col = 8; 1312 } 1313 switch(*cp) { 1314 case '\n': 1315 col = 0; 1316 putchar('\n'); 1317 continue; 1318 case '\t': 1319 width = 8 - (col&07); 1320 break; 1321 default: 1322 width = strlen(cp); 1323 } 1324 if (col + width > (screenwidth-2)) { 1325 printf("\\\n\t"); 1326 col = 8; 1327 } 1328 col += width; 1329 do { 1330 putchar(*cp++); 1331 } while (*cp); 1332 } 1333 if (col == 0) 1334 printf(" "); 1335 printf("\"\n"); 1336} 1337 1338void 1339ktrgenio(struct ktr_genio *ktr, int len) 1340{ 1341 int datalen = len - sizeof (struct ktr_genio); 1342 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1343 static int screenwidth = 0; 1344 int i, binary; 1345 1346 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1347 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1348 datalen == 1 ? "" : "s"); 1349 if (suppressdata) 1350 return; 1351 if (screenwidth == 0) { 1352 struct winsize ws; 1353 1354 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1355 ws.ws_col > 8) 1356 screenwidth = ws.ws_col; 1357 else 1358 screenwidth = 80; 1359 } 1360 if (maxdata && datalen > maxdata) 1361 datalen = maxdata; 1362 1363 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1364 if (dp[i] >= 32 && dp[i] < 127) 1365 continue; 1366 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1367 continue; 1368 binary = 1; 1369 } 1370 if (binary) 1371 hexdump(dp, datalen, screenwidth); 1372 else 1373 visdump(dp, datalen, screenwidth); 1374} 1375 1376const char *signames[] = { 1377 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1378 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1379 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1380 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1381 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1382 "USR2", NULL, /* 31 - 32 */ 1383}; 1384 1385void 1386ktrpsig(struct ktr_psig *psig) 1387{ 1388 if (psig->signo > 0 && psig->signo < NSIG) 1389 printf("SIG%s ", signames[psig->signo]); 1390 else 1391 printf("SIG %d ", psig->signo); 1392 if (psig->action == SIG_DFL) { 1393 printf("SIG_DFL code="); 1394 sigcodename(psig->signo, psig->code); 1395 putchar('\n'); 1396 } else { 1397 printf("caught handler=0x%lx mask=0x%x code=", 1398 (u_long)psig->action, psig->mask.__bits[0]); 1399 sigcodename(psig->signo, psig->code); 1400 putchar('\n'); 1401 } 1402} 1403 1404void 1405ktrcsw_old(struct ktr_csw_old *cs) 1406{ 1407 printf("%s %s\n", cs->out ? "stop" : "resume", 1408 cs->user ? "user" : "kernel"); 1409} 1410 1411void 1412ktrcsw(struct ktr_csw *cs) 1413{ 1414 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1415 cs->user ? "user" : "kernel", cs->wmesg); 1416} 1417 1418#define UTRACE_DLOPEN_START 1 1419#define UTRACE_DLOPEN_STOP 2 1420#define UTRACE_DLCLOSE_START 3 1421#define UTRACE_DLCLOSE_STOP 4 1422#define UTRACE_LOAD_OBJECT 5 1423#define UTRACE_UNLOAD_OBJECT 6 1424#define UTRACE_ADD_RUNDEP 7 1425#define UTRACE_PRELOAD_FINISHED 8 1426#define UTRACE_INIT_CALL 9 1427#define UTRACE_FINI_CALL 10 1428 1429struct utrace_rtld { 1430 char sig[4]; /* 'RTLD' */ 1431 int event; 1432 void *handle; 1433 void *mapbase; 1434 size_t mapsize; 1435 int refcnt; 1436 char name[MAXPATHLEN]; 1437}; 1438 1439void 1440ktruser_rtld(int len, unsigned char *p) 1441{ 1442 struct utrace_rtld *ut = (struct utrace_rtld *)p; 1443 void *parent; 1444 int mode; 1445 1446 switch (ut->event) { 1447 case UTRACE_DLOPEN_START: 1448 mode = ut->refcnt; 1449 printf("dlopen(%s, ", ut->name); 1450 switch (mode & RTLD_MODEMASK) { 1451 case RTLD_NOW: 1452 printf("RTLD_NOW"); 1453 break; 1454 case RTLD_LAZY: 1455 printf("RTLD_LAZY"); 1456 break; 1457 default: 1458 printf("%#x", mode & RTLD_MODEMASK); 1459 } 1460 if (mode & RTLD_GLOBAL) 1461 printf(" | RTLD_GLOBAL"); 1462 if (mode & RTLD_TRACE) 1463 printf(" | RTLD_TRACE"); 1464 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1465 printf(" | %#x", mode & 1466 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1467 printf(")\n"); 1468 break; 1469 case UTRACE_DLOPEN_STOP: 1470 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1471 ut->refcnt); 1472 break; 1473 case UTRACE_DLCLOSE_START: 1474 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1475 ut->refcnt); 1476 break; 1477 case UTRACE_DLCLOSE_STOP: 1478 printf("dlclose(%p) finished\n", ut->handle); 1479 break; 1480 case UTRACE_LOAD_OBJECT: 1481 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1482 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1483 ut->name); 1484 break; 1485 case UTRACE_UNLOAD_OBJECT: 1486 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1487 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1488 ut->name); 1489 break; 1490 case UTRACE_ADD_RUNDEP: 1491 parent = ut->mapbase; 1492 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1493 ut->handle, ut->name, ut->refcnt); 1494 break; 1495 case UTRACE_PRELOAD_FINISHED: 1496 printf("RTLD: LD_PRELOAD finished\n"); 1497 break; 1498 case UTRACE_INIT_CALL: 1499 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1500 ut->name); 1501 break; 1502 case UTRACE_FINI_CALL: 1503 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1504 ut->name); 1505 break; 1506 default: 1507 p += 4; 1508 len -= 4; 1509 printf("RTLD: %d ", len); 1510 while (len--) 1511 if (decimal) 1512 printf(" %d", *p++); 1513 else 1514 printf(" %02x", *p++); 1515 printf("\n"); 1516 } 1517} 1518 1519struct utrace_malloc { 1520 void *p; 1521 size_t s; 1522 void *r; 1523}; 1524 1525void 1526ktruser_malloc(unsigned char *p) 1527{ 1528 struct utrace_malloc *ut = (struct utrace_malloc *)p; 1529 1530 if (ut->p == (void *)(intptr_t)(-1)) 1531 printf("malloc_init()\n"); 1532 else if (ut->s == 0) 1533 printf("free(%p)\n", ut->p); 1534 else if (ut->p == NULL) 1535 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1536 else 1537 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1538} 1539 1540void 1541ktruser(int len, unsigned char *p) 1542{ 1543 1544 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1545 ktruser_rtld(len, p); 1546 return; 1547 } 1548 1549 if (len == sizeof(struct utrace_malloc)) { 1550 ktruser_malloc(p); 1551 return; 1552 } 1553 1554 printf("%d ", len); 1555 while (len--) 1556 if (decimal) 1557 printf(" %d", *p++); 1558 else 1559 printf(" %02x", *p++); 1560 printf("\n"); 1561} 1562 1563void 1564ktrcaprights(cap_rights_t *rightsp) 1565{ 1566 1567 printf("cap_rights_t "); 1568 capname(rightsp); 1569 printf("\n"); 1570} 1571 1572void 1573ktrsockaddr(struct sockaddr *sa) 1574{ 1575/* 1576 TODO: Support additional address families 1577 #include <netnatm/natm.h> 1578 struct sockaddr_natm *natm; 1579 #include <netsmb/netbios.h> 1580 struct sockaddr_nb *nb; 1581*/ 1582 char addr[64]; 1583 1584 /* 1585 * note: ktrstruct() has already verified that sa points to a 1586 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1587 * sa->sa_len bytes long. 1588 */ 1589 printf("struct sockaddr { "); 1590 sockfamilyname(sa->sa_family); 1591 printf(", "); 1592 1593#define check_sockaddr_len(n) \ 1594 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1595 printf("invalid"); \ 1596 break; \ 1597 } 1598 1599 switch(sa->sa_family) { 1600 case AF_INET: { 1601 struct sockaddr_in sa_in; 1602 1603 memset(&sa_in, 0, sizeof(sa_in)); 1604 memcpy(&sa_in, sa, sa->sa_len); 1605 check_sockaddr_len(in); 1606 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1607 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1608 break; 1609 } 1610#ifdef NETATALK 1611 case AF_APPLETALK: { 1612 struct sockaddr_at sa_at; 1613 struct netrange *nr; 1614 1615 memset(&sa_at, 0, sizeof(sa_at)); 1616 memcpy(&sa_at, sa, sa->sa_len); 1617 check_sockaddr_len(at); 1618 nr = &sa_at.sat_range.r_netrange; 1619 printf("%d.%d, %d-%d, %d", ntohs(sa_at.sat_addr.s_net), 1620 sa_at.sat_addr.s_node, ntohs(nr->nr_firstnet), 1621 ntohs(nr->nr_lastnet), nr->nr_phase); 1622 break; 1623 } 1624#endif 1625 case AF_INET6: { 1626 struct sockaddr_in6 sa_in6; 1627 1628 memset(&sa_in6, 0, sizeof(sa_in6)); 1629 memcpy(&sa_in6, sa, sa->sa_len); 1630 check_sockaddr_len(in6); 1631 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1632 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1633 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1634 break; 1635 } 1636#ifdef IPX 1637 case AF_IPX: { 1638 struct sockaddr_ipx sa_ipx; 1639 1640 memset(&sa_ipx, 0, sizeof(sa_ipx)); 1641 memcpy(&sa_ipx, sa, sa->sa_len); 1642 check_sockaddr_len(ipx); 1643 /* XXX wish we had ipx_ntop */ 1644 printf("%s", ipx_ntoa(sa_ipx.sipx_addr)); 1645 free(sa_ipx); 1646 break; 1647 } 1648#endif 1649 case AF_UNIX: { 1650 struct sockaddr_un sa_un; 1651 1652 memset(&sa_un, 0, sizeof(sa_un)); 1653 memcpy(&sa_un, sa, sa->sa_len); 1654 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1655 break; 1656 } 1657 default: 1658 printf("unknown address family"); 1659 } 1660 printf(" }\n"); 1661} 1662 1663void 1664ktrstat(struct stat *statp) 1665{ 1666 char mode[12], timestr[PATH_MAX + 4]; 1667 struct passwd *pwd; 1668 struct group *grp; 1669 struct tm *tm; 1670 1671 /* 1672 * note: ktrstruct() has already verified that statp points to a 1673 * buffer exactly sizeof(struct stat) bytes long. 1674 */ 1675 printf("struct stat {"); 1676 printf("dev=%ju, ino=%ju, ", 1677 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); 1678 if (resolv == 0) 1679 printf("mode=0%jo, ", (uintmax_t)statp->st_mode); 1680 else { 1681 strmode(statp->st_mode, mode); 1682 printf("mode=%s, ", mode); 1683 } 1684 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); 1685 if (resolv == 0 || (pwd = getpwuid(statp->st_uid)) == NULL) 1686 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1687 else 1688 printf("uid=\"%s\", ", pwd->pw_name); 1689 if (resolv == 0 || (grp = getgrgid(statp->st_gid)) == NULL) 1690 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1691 else 1692 printf("gid=\"%s\", ", grp->gr_name); 1693 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1694 printf("atime="); 1695 if (resolv == 0) 1696 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1697 else { 1698 tm = localtime(&statp->st_atim.tv_sec); 1699 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1700 printf("\"%s\"", timestr); 1701 } 1702 if (statp->st_atim.tv_nsec != 0) 1703 printf(".%09ld, ", statp->st_atim.tv_nsec); 1704 else 1705 printf(", "); 1706 printf("stime="); 1707 if (resolv == 0) 1708 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1709 else { 1710 tm = localtime(&statp->st_mtim.tv_sec); 1711 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1712 printf("\"%s\"", timestr); 1713 } 1714 if (statp->st_mtim.tv_nsec != 0) 1715 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1716 else 1717 printf(", "); 1718 printf("ctime="); 1719 if (resolv == 0) 1720 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1721 else { 1722 tm = localtime(&statp->st_ctim.tv_sec); 1723 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1724 printf("\"%s\"", timestr); 1725 } 1726 if (statp->st_ctim.tv_nsec != 0) 1727 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1728 else 1729 printf(", "); 1730 printf("birthtime="); 1731 if (resolv == 0) 1732 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1733 else { 1734 tm = localtime(&statp->st_birthtim.tv_sec); 1735 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1736 printf("\"%s\"", timestr); 1737 } 1738 if (statp->st_birthtim.tv_nsec != 0) 1739 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1740 else 1741 printf(", "); 1742 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1743 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1744 (intmax_t)statp->st_blocks, statp->st_flags); 1745 printf(" }\n"); 1746} 1747 1748void 1749ktrstruct(char *buf, size_t buflen) 1750{ 1751 char *name, *data; 1752 size_t namelen, datalen; 1753 int i; 1754 cap_rights_t rights; 1755 struct stat sb; 1756 struct sockaddr_storage ss; 1757 1758 for (name = buf, namelen = 0; 1759 namelen < buflen && name[namelen] != '\0'; 1760 ++namelen) 1761 /* nothing */; 1762 if (namelen == buflen) 1763 goto invalid; 1764 if (name[namelen] != '\0') 1765 goto invalid; 1766 data = buf + namelen + 1; 1767 datalen = buflen - namelen - 1; 1768 if (datalen == 0) 1769 goto invalid; 1770 /* sanity check */ 1771 for (i = 0; i < (int)namelen; ++i) 1772 if (!isalpha(name[i])) 1773 goto invalid; 1774 if (strcmp(name, "caprights") == 0) { 1775 if (datalen != sizeof(cap_rights_t)) 1776 goto invalid; 1777 memcpy(&rights, data, datalen); 1778 ktrcaprights(&rights); 1779 } else if (strcmp(name, "stat") == 0) { 1780 if (datalen != sizeof(struct stat)) 1781 goto invalid; 1782 memcpy(&sb, data, datalen); 1783 ktrstat(&sb); 1784 } else if (strcmp(name, "sockaddr") == 0) { 1785 if (datalen > sizeof(ss)) 1786 goto invalid; 1787 memcpy(&ss, data, datalen); 1788 if (datalen != ss.ss_len) 1789 goto invalid; 1790 ktrsockaddr((struct sockaddr *)&ss); 1791 } else { 1792 printf("unknown structure\n"); 1793 } 1794 return; 1795invalid: 1796 printf("invalid record\n"); 1797} 1798 1799void 1800ktrcapfail(struct ktr_cap_fail *ktr) 1801{ 1802 switch (ktr->cap_type) { 1803 case CAPFAIL_NOTCAPABLE: 1804 /* operation on fd with insufficient capabilities */ 1805 printf("operation requires "); 1806 capname(&ktr->cap_needed); 1807 printf(", process holds "); 1808 capname(&ktr->cap_held); 1809 break; 1810 case CAPFAIL_INCREASE: 1811 /* requested more capabilities than fd already has */ 1812 printf("attempt to increase capabilities from "); 1813 capname(&ktr->cap_held); 1814 printf(" to "); 1815 capname(&ktr->cap_needed); 1816 break; 1817 case CAPFAIL_SYSCALL: 1818 /* called restricted syscall */ 1819 printf("disallowed system call"); 1820 break; 1821 case CAPFAIL_LOOKUP: 1822 /* used ".." in strict-relative mode */ 1823 printf("restricted VFS lookup"); 1824 break; 1825 default: 1826 printf("unknown capability failure: "); 1827 capname(&ktr->cap_needed); 1828 printf(" "); 1829 capname(&ktr->cap_held); 1830 break; 1831 } 1832 printf("\n"); 1833} 1834 1835void 1836ktrfault(struct ktr_fault *ktr) 1837{ 1838 1839 printf("0x%jx ", ktr->vaddr); 1840 vmprotname(ktr->type); 1841 printf("\n"); 1842} 1843 1844void 1845ktrfaultend(struct ktr_faultend *ktr) 1846{ 1847 1848 vmresultname(ktr->result); 1849 printf("\n"); 1850} 1851 1852#if defined(__amd64__) || defined(__i386__) 1853void 1854linux_ktrsyscall(struct ktr_syscall *ktr) 1855{ 1856 int narg = ktr->ktr_narg; 1857 register_t *ip; 1858 1859 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0) 1860 printf("[%d]", ktr->ktr_code); 1861 else { 1862 printf("%s", linux_syscallnames[ktr->ktr_code]); 1863 if (syscallno) 1864 printf("[%d]", ktr->ktr_code); 1865 } 1866 ip = &ktr->ktr_args[0]; 1867 if (narg) { 1868 char c = '('; 1869 while (narg > 0) 1870 print_number(ip, narg, c); 1871 putchar(')'); 1872 } 1873 putchar('\n'); 1874} 1875 1876void 1877linux_ktrsysret(struct ktr_sysret *ktr) 1878{ 1879 register_t ret = ktr->ktr_retval; 1880 int error = ktr->ktr_error; 1881 int code = ktr->ktr_code; 1882 1883 if (code >= nlinux_syscalls || code < 0) 1884 printf("[%d] ", code); 1885 else { 1886 printf("%s", linux_syscallnames[code]); 1887 if (syscallno) 1888 printf("[%d]", code); 1889 printf(" "); 1890 } 1891 1892 if (error == 0) { 1893 if (fancy) { 1894 printf("%ld", (long)ret); 1895 if (ret < 0 || ret > 9) 1896 printf("/%#lx", (unsigned long)ret); 1897 } else { 1898 if (decimal) 1899 printf("%ld", (long)ret); 1900 else 1901 printf("%#lx", (unsigned long)ret); 1902 } 1903 } else if (error == ERESTART) 1904 printf("RESTART"); 1905 else if (error == EJUSTRETURN) 1906 printf("JUSTRETURN"); 1907 else { 1908 if (ktr->ktr_error <= ELAST + 1) 1909 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 1910 else 1911 error = 999; 1912 printf("-1 errno %d", error); 1913 if (fancy) 1914 printf(" %s", strerror(ktr->ktr_error)); 1915 } 1916 putchar('\n'); 1917} 1918#endif 1919 1920void 1921usage(void) 1922{ 1923 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] " 1924 "[-m maxdata] [-p pid] [-t trstr]\n"); 1925 exit(1); 1926} 1927