Commit Graph

150 Commits

Author SHA1 Message Date
Ed Maste
c0347e182c kdump: expand comment on reasons for CAPFAIL_LOOKUP
Comment for CAPFAIL_LOOKUP refered only to paths containing ".." but
it is returned for other restricted VFS lookup cases, such as absolute
paths or openat(AT_FDCWD, ...).
2019-02-18 03:49:16 +00:00
John Baldwin
5cb9940ce2 Use 'bool' instead of 'int' for various boolean flags.
Reviewed by:	kib
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D16611
2018-08-18 20:23:53 +00:00
John Baldwin
7cf2ca3b01 Remove spurious ABI tags from kdump output.
The abidump routine output an ABI tag when -A was specified for records
that were not displayed due to type or pid filtering.  To fix, split
the code to lookup the ABI from the code to display the ABI, move the
code to display the ABI into dumpheader(), and move dumpheader() later
in the main loop as a simplification.  Previously dumpheader() was
called under a condition that repeated conditions made later in the
main loop.

Reviewed by:	kib
MFC after:	1 month
Sponsored by:	DARPA / AFRL
Differential Revision:	https://reviews.freebsd.org/D16608
2018-08-07 00:10:58 +00:00
Mariusz Zaborski
7672a0148f Convert cap_enter() < 0 && errno != ENOSYS to caph_enter() < 0.
No functional change intended.
2018-06-19 23:43:14 +00:00
Ed Maste
fc7d33b49e kdump: simplify/remove per-arch #ifdefs
It is acceptable for syscallabi to map SV_ABI to SYSDECODE_ABI on all
architectures; libsysdecode will return not-found sentinel values if
it does not have a syscall name or errno mapping for a given
architecture.

Also, use __LP64__ for the SV_ILP32 -> SYSDECODE_ABI_LINUX32 mapping,
for any future 32- on 64-bit linuxulator implementation.

Reviewed by:	jhb
Sponsored by:	Turing Robotic Industries Inc.
2018-04-24 19:23:26 +00:00
Mariusz Zaborski
c5033697f1 NLS data and tz can be cached using caspicum helpers.
Using them we simplifies and unifies sandboxed code.
2018-01-03 07:43:04 +00:00
John Baldwin
ffb6607984 Decode kevent structures logged via ktrace(2) in kdump.
- Add a new KTR_STRUCT_ARRAY ktrace record type which dumps an array of
  structures.

  The structure name in the record payload is preceded by a size_t
  containing the size of the individual structures.  Use this to
  replace the previous code that dumped the kevent arrays dumped for
  kevent().  kdump is now able to decode the kevent structures rather
  than dumping their contents via a hexdump.

  One change from before is that the 'changes' and 'events' arrays are
  not marked with separate 'read' and 'write' annotations in kdump
  output.  Instead, the first array is the 'changes' array, and the
  second array (only present if kevent doesn't fail with an error) is
  the 'events' array.  For kevent(), empty arrays are denoted by an
  entry with an array containing zero entries rather than no record.

- Move kevent decoding tables from truss to libsysdecode.

  This adds three new functions to decode members of struct kevent:
  sysdecode_kevent_filter, sysdecode_kevent_flags, and
  sysdecode_kevent_fflags.

  kdump uses these helper functions to pretty-print kevent fields.

- Move structure definitions for freebsd11 and freebsd32 kevent
  structures to <sys/event.h> so that they can be shared with userland.
  The 32-bit structures are only exposed if _WANT_KEVENT32 is defined.
  The freebsd11 structures are only exposed if _WANT_FREEBSD11_KEVENT is
  defined.  The 32-bit freebsd11 structure requires both.

- Decode freebsd11 kevent structures in truss for the compat11.kevent()
  system call.

- Log 32-bit kevent structures via ktrace for 32-bit compat kevent()
  system calls.

- While here, constify the 'void *data' argument to ktrstruct().

Reviewed by:	kib (earlier version)
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D12470
2017-11-25 04:49:12 +00:00
Pedro F. Giffuni
8a16b7a18f General further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
2017-11-20 19:49:47 +00:00
Mariusz Zaborski
2560d18180 We use a few different ifdef's names to check if we are using Casper or not,
let's standardize this. Now we are always use WITH_CASPER name.

Discussed with:	emaste@
MFC after:	1 month
2017-09-21 14:41:41 +00:00
John Baldwin
39a3a4386a Decode pathconf() names, *at() flags, and sysarch() numbers in libsysdecode.
Move tables that were previously in truss over to libsysdecode.  truss
output is unchanged, but kdump has been updated to decode these fields.
In addition, sysdecode_sysarch_number() should support all platforms
whereas the old table in truss only supported x86.
2017-09-04 05:34:36 +00:00
John Baldwin
66ba8943a1 Decode arguments to rtprio_thread() (same as rtprio()). 2017-06-10 01:32:18 +00:00
John Baldwin
9483ab16d4 Fix decoding of setpriority() arguments.
The PRIO_* 'which' value is stored in the first argument to setpriority(2),
not the last.  While here, decode the arguments to getpriority(2).
2017-06-10 00:35:45 +00:00
John Baldwin
ee8aa41dca Decode the 'who' argument passed to getrusage().
Add a new sysdecode_getrusage_who() which decodes the RUSAGE_* constant
passed as the first argument to getrusage().  Use this function in both
kdump and truss to decode the first argument to getrusage().

PR:		215448
Submitted by:	Anton Yuzhaninov <citrin+pr@citrin.ru>
MFC after:	1 month
2017-06-03 14:22:15 +00:00
Konstantin Belousov
6992112349 Commit the 64-bit inode project.
Extend the ino_t, dev_t, nlink_t types to 64-bit ints.  Modify
struct dirent layout to add d_off, increase the size of d_fileno
to 64-bits, increase the size of d_namlen to 16-bits, and change
the required alignment.  Increase struct statfs f_mntfromname[] and
f_mntonname[] array length MNAMELEN to 1024.

ABI breakage is mitigated by providing compatibility using versioned
symbols, ingenious use of the existing padding in structures, and
by employing other tricks.  Unfortunately, not everything can be
fixed, especially outside the base system.  For instance, third-party
APIs which pass struct stat around are broken in backward and
forward incompatible ways.

Kinfo sysctl MIBs ABI is changed in backward-compatible way, but
there is no general mechanism to handle other sysctl MIBS which
return structures where the layout has changed. It was considered
that the breakage is either in the management interfaces, where we
usually allow ABI slip, or is not important.

Struct xvnode changed layout, no compat shims are provided.

For struct xtty, dev_t tty device member was reduced to uint32_t.
It was decided that keeping ABI compat in this case is more useful
than reporting 64-bit dev_t, for the sake of pstat.

Update note: strictly follow the instructions in UPDATING.  Build
and install the new kernel with COMPAT_FREEBSD11 option enabled,
then reboot, and only then install new world.

Credits: The 64-bit inode project, also known as ino64, started life
many years ago as a project by Gleb Kurtsou (gleb).  Kirk McKusick
(mckusick) then picked up and updated the patch, and acted as a
flag-waver.  Feedback, suggestions, and discussions were carried
by Ed Maste (emaste), John Baldwin (jhb), Jilles Tjoelker (jilles),
and Rick Macklem (rmacklem).  Kris Moore (kris) performed an initial
ports investigation followed by an exp-run by Antoine Brodin (antoine).
Essential and all-embracing testing was done by Peter Holm (pho).
The heavy lifting of coordinating all these efforts and bringing the
project to completion were done by Konstantin Belousov (kib).

Sponsored by:	The FreeBSD Foundation (emaste, kib)
Differential revision:	https://reviews.freebsd.org/D10439
2017-05-23 09:29:05 +00:00
Brooks Davis
b4e2ab78df Remove NATM configuration bits and assorted NATM and ATM remnants.
Reported by:	ak
Reviewed by:	ngie (first version)
Differential Revision:	https://reviews.freebsd.org/D10497
2017-04-25 21:59:34 +00:00
John Baldwin
c4561fab03 Decode arguments to chflagsat(). 2017-03-15 22:36:26 +00:00
Warner Losh
fbbd9655e5 Renumber copyright clause 4
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by:	Jan Schaumann <jschauma@stevens.edu>
Pull Request:	https://github.com/freebsd/freebsd/pull/96
2017-02-28 23:42:47 +00:00
John Baldwin
48f7957436 Update libsysdecode for getfsstat() 'flags' argument changing to 'mode'.
As a followup to r310638, update libsysdecode (and kdump) to decode the
'mode' argument to getfsstat().  sysdecode_getfsstat_flags() has been
renamed to sysdecode_getfsstat_mode() and now treats the argument as an
enumerated value rather than a mask of flags.
2017-01-03 01:39:05 +00:00
John Baldwin
9289f547a2 Move mksubr from kdump into libsysdecode.
Restructure this script so that it generates a header of tables instead
of a source file.  The tables are included in a flags.c source file which
provides functions to decode various system call arguments.

For functions that decode an enumeration, the function returns a pointer
to a string for known values and NULL for unknown values.

For functions that do more complex decoding (typically of a bitmask), the
function accepts a pointer to a FILE object (open_memstream() can be used
as a string builder) to which decoded values are written.  If the
function operates on a bitmask, the function returns true if any bits
were decoded or false if the entire value was valid.  Additionally, the
third argument accepts a pointer to a value to which any undecoded bits
are stored.  This pointer can be NULL if the caller doesn't care about
remaining bits.

Convert kdump over to using decoder functions from libsysdecode instead of
mksubr.  truss also uses decoders from libsysdecode instead of private
lookup tables, though lookup tables for objects not decoded by kdump remain
in truss for now.  Eventually most of these tables should move into
libsysdecode as the automated table generation approach from mksubr is
less stale than the static tables in truss.

Some changes have been made to truss and kdump output:
- The flags passed to open() are now properly decoded in that one of
  O_RDONLY, O_RDWR, O_WRONLY, or O_EXEC is always included in a decoded
  mask.
- Optional arguments to open(), openat(), and fcntl() are only printed
  in kdump if they exist (e.g. the mode is only printed for open() if
  O_CREAT is set in the flags).
- Print argument to F_GETLK/SETLK/SETLKW in kdump as a pointer, not int.
- Include all procctl() commands.
- Correctly decode pipe2() flags in truss by not assuming full
  open()-like flags with O_RDONLY, etc.
- Decode file flags passed to *chflags() as file flags (UF_* and SF_*)
  rather than as a file mode.
- Fix decoding of quotactl() commands by splitting out the two command
  components instead of assuming the raw command value matches the
  primary command component.

In addition, truss and kdump now build without triggering any warnings.
All of the sysdecode manpages now include the required headers in the
synopsis.

Reviewed by:	kib (several older versions), wblock (manpages)
MFC after:	2 months
Differential Revision:	https://reviews.freebsd.org/D7847
2016-10-17 22:37:07 +00:00
Mariusz Zaborski
a4e3fc54a0 Remove the duplicated code using Capsicum helpers.
Reviewed by:	cem, ed, bapt, emaste
Differential Revision	https://reviews.freebsd.org/D8140
2016-10-07 17:56:57 +00:00
John Baldwin
dda41f2078 Don't declare the 'temp' timeval as static. 2016-10-01 22:17:40 +00:00
John Baldwin
54b10c9e17 Use timercmp() and timersub() in kdump.
Previously, kdump used the kernel-only timervalsub() macro which required
defining _KERNEL when including <sys/time.h>.  Now, kdump uses the existing
userland API.  The timercmp() usage to check for a backwards timestamp is
also clearer and simpler than the previous code which checked the result of
the subtraction for a negative value.

While here, take advantage of the 3-arg timersub() to store the subtraction
results in a tempory timeval instead of overwriting the timestamp in the
ktrace record and then having to restore it.
2016-10-01 22:12:33 +00:00
John Baldwin
406d2926f2 Expose kernel-only errno values if _WANT_KERNEL_ERRNO is defined.
The kernel uses a few negative errno values for internal conditions
such as requesting a system call restart.  Normally these errno values
are not exposed to userland.  However, kdump needs access to these
values as some of then can be present in a ktrace system call return
record.  Previously kdump was defining _KERNEL to gain access to ehse
values, but was then having to manually declare 'errno' (and doing it
incorrectly).  Now, kdump uses _WANT_KERNEL_ERRNO instead of _KERNEL
and uses the system-provided declaration of errno.
2016-10-01 22:08:07 +00:00
John Baldwin
8dec694290 Decode arguments to truncate and ftruncate.
In particular, decode the off_t argument as a 64-bit argument to fix
decoding for 32-bit processes.
2016-10-01 22:03:41 +00:00
John Baldwin
71ed318eb4 Handle 64-bit system call arguments (off_t, id_t).
In particular, 64-bit system call arguments use up two register_t
arguments for 32-bit processes.  They must also be aligned on a 64-bit
boundary on 32-bit powerpc processes.  This fixes the decoding of
lseek(), procctl(), and wait6() arguments for 32-bit processes (both
native and via freebsd32).

Note that the ktrace system call return record only returns a single
register, so the return value of lseek is always truncated to the low
32-bits for 32-bit processes.
2016-10-01 22:01:41 +00:00
Konstantin Belousov
6bdee22607 Remove unused prototypes.
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2016-08-12 07:52:13 +00:00
Konstantin Belousov
de56aee0bf Trace timeval parameters to the getitimer(2) and setitimer(2) syscalls.
Reviewed by:	jhb
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D7158
2016-07-13 14:37:58 +00:00
Enji Cooper
0e80f25894 Fix humanized decoding of struct stat with respect to .st_mtim
st_mtim was being incorrectly described as "stime=", not "mtime=". This was
introduced with the original feature commit (r176471).

MFC after: 1 week
PR: 209699
Submitted by: naddy
Sponsored by: EMC / Isilon Storage Division
2016-05-22 18:20:45 +00:00
Simon J. Gerraty
9d0fa50eed Use != 0 to be clear 2016-05-17 00:27:18 +00:00
Simon J. Gerraty
0d2181d9ac Allow -f - to read from stdin. 2016-05-17 00:08:43 +00:00
Baptiste Daroussin
eebea334c4 Print the fchmodat mode in human readable fashion
MFC after:	1 week
2016-05-03 21:27:17 +00:00
John Baldwin
6fc8053f1a Fix reporting of the CloudABI ABI in kdump.
- Advertise the word size for CloudABI ABIs via the SV_LP64 flag.  All of
  the other ABIs include either SV_ILP32 or SV_LP64.
- Fix kdump to not assume a 32-bit ABI if the ABI flags field is non-zero
  but SV_LP64 isn't set.  Instead, only assume a 32-bit ABI if SV_ILP32 is
  set and fallback to the unknown value of "00" if neither SV_LP64 nor
  SV_ILP32 is set.

Reviewed by:	kib, ed
Differential Revision:	https://reviews.freebsd.org/D5560
2016-03-09 18:38:30 +00:00
Mariusz Zaborski
c501d73c7e Convert casperd(8) daemon to the libcasper.
After calling the cap_init(3) function Casper will fork from it's original
process, using pdfork(2). Forking from a process has a lot of advantages:
1. We have the same cwd as the original process.
2. The same uid, gid and groups.
3. The same MAC labels.
4. The same descriptor table.
5. The same routing table.
6. The same umask.
7. The same cpuset(1).
From now services are also in form of libraries.
We also removed libcapsicum at all and converts existing program using Casper
to new architecture.

Discussed with:		pjd, jonathan, ed, drysdale@google.com, emaste
Partially reviewed by:	drysdale@google.com, bdrewery
Approved by:		pjd (mentor)
Differential Revision:	https://reviews.freebsd.org/D4277
2016-02-25 18:23:40 +00:00
John Baldwin
6fb8946b7f Add simple support for CloudABI processes to kdump(1).
This does not decode arguments to system calls but should properly
decode system call names and error return values.

Reviewed by:	ed
Differential Revision:	https://reviews.freebsd.org/D5412
2016-02-25 17:43:32 +00:00
John Baldwin
287b96dd25 Add handling for non-native error values to libsysdecode.
Add two new functions, sysdecode_abi_to_freebsd_errno() and
sysdecode_freebsd_to_abi_errno(), which convert errno values between
the native FreeBSD ABI and other supported ABIs. Note that the
mappings are not necessarily perfect meaning in some cases multiple
errors in one ABI might map to a single error in another ABI. In that
case, the reverse mapping will return one of the errors that maps, but
which error is non-deterministic.

Change truss to always report the raw error value to the user but
use libsysdecode to map it to a native errno value that can be used
with strerror() to generate a description. Previously truss reported
the "converted" error value. Now the user will always see the exact
error value that the application sees.

Change kdump to report the truly raw error value to the user. Previously
kdump would report the absolute value of the raw error value (so for
Linux binaries it didn't output the FreeBSD error value, but the positive
value of the Linux error). Now it reports the real (i.e. negative) error
value for Linux binaries. Also, use libsysdecode to convert the native
FreeBSD error reported in the ktrace record to the raw error used by the
ABI. This means that the Linux ABI can now be handled directly in
ktrsysret() and removes the need for linux_ktrsysret().

Reviewed by:	bdrewery, kib
Helpful notes:	wblock (manpage)
Differential Revision:	https://reviews.freebsd.org/D5314
2016-02-23 20:00:55 +00:00
John Baldwin
5842bd683f Add a SYSDECODE_ABI_ prefix to the ABI enums to avoid potential collisions.
Suggested by:	jmallett
Reviewed by:	bdrewery, jmallett
Differential Revision:	https://reviews.freebsd.org/D5123
2016-01-30 01:00:54 +00:00
John Baldwin
a5f14abfd2 Add support to libsysdecode for decoding system call names.
A new sysdecode_syscallname() function accepts a system call code and
returns a string of the corresponding name (or NULL if the code is
unknown).  To support different process ABIs, the new function accepts a
value from a new sysdecode_abi enum as its first argument to select the
ABI in use.  Current ABIs supported include FREEBSD (native binaries),
FREEBSD32, LINUX, LINUX32, and CLOUDABI64.  Note that not all ABIs are
supported by all platforms.  In general, a given ABI is only supported
if a platform can execute binaries for that ABI.

To simplify the implementation, libsysdecode's build reuses the
existing pre-generated files from the kernel source tree rather than
duplicating new copies of said files during the build.

kdump(1) and truss(1) now use these functions to map system call
identifiers to names.  For kdump(1), a new 'syscallname()' function
consolidates duplicated code from ktrsyscall() and ktrsyscallret().
The Linux ABI no longer requires custom handling for ktrsyscall() and
linux_ktrsyscall() has been removed as a result.

Reviewed by:	bdrewery
Differential Revision:	https://reviews.freebsd.org/D4823
2016-01-26 19:07:09 +00:00
John Baldwin
265e58989d Move the mkioctls script to libsysdecode and use it to generate a
sysdecode_ioctlname() function.  This function matches the behavior
of the truss variant in that it returns a pointer to a string description
for known ioctls.  The caller is responsible for displaying unknown
ioctl requests.  For kdump this meant moving the logic to handle unknown
ioctl requests out of the generated function and into an ioctlname()
function in kdump.c instead.

Differential Revision:	https://reviews.freebsd.org/D4610
2015-12-22 20:33:49 +00:00
John Baldwin
d6fb489498 Start on a new library (libsysdecode) that provides routines for decoding
system call information such as system call arguments.  Initially this
will consist of pulling duplicated code out of truss and kdump though it
may prove useful for other utilities in the future.

This commit moves the shared utrace(2) record parser out of kdump into
the library and updates kdump and truss to use it.  One difference from
the previous version is that the library version treats unknown events
that start with the "RTLD" signature as unknown events.  This simplifies
the interface and allows the consumer to decide how to handle all
non-recognized events.  Instead, this function only generates a string
description for known malloc() and RTLD records.

Reviewed by:	bdrewery
Differential Revision:	https://reviews.freebsd.org/D4537
2015-12-15 00:05:07 +00:00
Bryan Drewery
195aef9962 truss: Add support for utrace(2).
This uses the kdump(1) utrace support code directly until a common library
is created.

This allows malloc(3) tracing with MALLOC_CONF=utrace:true and rtld tracing
with LD_UTRACE=1.  Unknown utrace(2) data is just printed as hex.

PR:		43819 [inspired by]
Reviewed by:	jhb
MFC after:	2 weeks
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D3819
2015-10-06 21:58:38 +00:00
Mariusz Zaborski
c36e54bb32 Let the nv.h and dnv.h includes be only in sys directory.
Change consumers to include those files from sys.
Add duplicated files to ObsoleteFiles.

Approved by:	pjd (mentor)
2015-07-02 21:58:10 +00:00
Dmitry Chagin
c64979dc7e Teach kdump to understand both linux emulation.
Differential Revision:	https://reviews.freebsd.org/D1079
Reviewed by:	emaste
2015-05-24 16:22:03 +00:00
Brooks Davis
5743dcb3c2 Remove "capability mode sandbox enabled" messages.
These messages serve little purpose and break some consumers.

PR:		199855
Differential Revision:	https://reviews.freebsd.org/D2440
Reviewed by:	rwatson
Approved by:	pjd
MFC after:	1 week
Sponsored by:	DARPA, AFRL
2015-05-04 21:44:51 +00:00
Maxim Sobolev
da551bb2c2 o Properly init prevtime, so that we don't print bogus value in the
first entry reported by the relative mode (-R).

o Properly print negative offsets, which I guess may happen if
records get re-ordered somehow, possibly due to the locking. Right
now we report huge bogus diff (i.e. 2 seconds or so).
2015-04-25 04:58:08 +00:00
Sergey Kandaurov
723ea6bc93 kdump: sendfile(2) "flags" argument needs casting on 64-bit platforms.
MFC after:	1 week
Sponsored by:	Nginx, Inc.
2015-02-16 17:19:28 +00:00
Dag-Erling Smørgrav
4ac1e0a9fc Allow tracing dlfunc() / dlsym() events.
MFC after:	1 week
2015-01-25 12:11:50 +00:00
Jilles Tjoelker
2205e0d1bd Add futimens and utimensat system calls.
The core kernel part is patch file utimes.2008.4.diff from
pluknet@FreeBSD.org. I updated the code for API changes, added the manual
page and added compatibility code for old kernels. There is also audit and
Capsicum support.

A new UTIME_* constant might allow setting birthtimes in future.

Differential Revision:	https://reviews.freebsd.org/D1426
Submitted by:	pluknet (partially)
Reviewed by:	delphij, pluknet, rwatson
Relnotes:	yes
2015-01-23 21:07:08 +00:00
Dmitry Chagin
78ec874dd3 kdump: eliminate new clang warnings.
MFC after:	1 week
2015-01-06 18:53:09 +00:00
John Baldwin
fdb5bf37fa Decode the arguments passed to _umtx_op(). In particular, decode the
opcode.

MFC after:	1 week
Sponsored by:	Norse
2014-10-13 16:37:06 +00:00
John Baldwin
bb1a2d4aa2 Fix most of the warnings in kdump(1).
Sponsored by:	Norse
2014-10-13 16:17:42 +00:00