d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3fcbde5e88
freebsd-nq/usr.bin/truss/truss.h
Alex Richardson 7daca4e204 truss: improved support for decoding compat32 arguments 
Currently running `truss -a -e` does not decode any
argument values for freebsd32_* syscalls (open/readlink/etc.)

This change checks whether a syscall starts with freebsd{32,64}_ and if
so strips that prefix when looking up the syscall information. To ensure
that the truss logs include the real syscall name we create a copy of
the syscall information struct with the updated.

The other problem is that when reading string array values, truss
naively iterates over an array of char* and fetches the pointer value.
This will result in arguments not being loaded if the pointer is not
aligned to sizeof(void*), which can happens in the compat32 case. If it
happens to be aligned, we would end up printing every other value.
To fix this problem, this changes adds a pointer_size member to the
procabi struct and uses that to correctly read indirect arguments
as 64/32 bit addresses in the the compat32 case (and also compat64 on
CheriBSD).

The motivating use-case for this change is using truss for 64-bit
programs on a CHERI system, but most of the diff also applies to 32-bit
compat on a 64-bit system, so I'm upstreaming this instead of keeping it
as a local CheriBSD patch.

Output of `truss -aef ldd32 /usr/bin/ldd32` before:
39113: freebsd32_mmap(0x0,0x1000,0x3,0x1002,0xffffffff,0x0,0x0) = 543440896 (0x20644000)
39113: freebsd32_ioctl(0x1,0x402c7413,0xffffd2a0) = 0 (0x0)
/usr/bin/ldd32:
39113: write(1,"/usr/bin/ldd32:\n",16)		 = 16 (0x10)
39113: fork()					 = 39114 (0x98ca)
39114: <new process>
39114: freebsd32_execve(0xffffd97e,0xffffd680,0x20634000) EJUSTRETURN
39114: freebsd32_mmap(0x0,0x20000,0x3,0x1002,0xffffffff,0x0,0x0) = 541237248 (0x2042a000)
39114: freebsd32_mprotect(0x20427000,0x1000,0x1) = 0 (0x0)
39114: issetugid()				 = 0 (0x0)
39114: openat(AT_FDCWD,"/etc/libmap32.conf",O_RDONLY|O_CLOEXEC,00) ERR#2 'No such file or directory'
39114: openat(AT_FDCWD,"/var/run/ld-elf32.so.hints",O_RDONLY|O_CLOEXEC,00) = 3 (0x3)
39114: read(3,"Ehnt\^A\0\0\0\M^@\0\0\0#\0\0\0\0"...,128) = 128 (0x80)
39114: freebsd32_fstat(0x3,0xffffbd98)		 = 0 (0x0)
39114: freebsd32_pread(0x3,0x2042f000,0x23,0x80,0x0) = 35 (0x23)
39114: close(3)					 = 0 (0x0)
39114: openat(AT_FDCWD,"/usr/lib32/libc.so.7",O_RDONLY|O_CLOEXEC|O_VERIFY,00) = 3 (0x3)
39114: freebsd32_fstat(0x3,0xffffc7d0)		 = 0 (0x0)
39114: freebsd32_mmap(0x0,0x1000,0x1,0x40002,0x3,0x0,0x0) = 541368320 (0x2044a000)

After:
  783: freebsd32_mmap(0x0,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON|MAP_ALIGNED(12),-1,0x0) = 543543296 (0x2065d000)
  783: freebsd32_ioctl(1,TIOCGETA,0xffffd7b0)    = 0 (0x0)
/usr/bin/ldd32:
  783: write(1,"/usr/bin/ldd32:\n",16)           = 16 (0x10)
  784: <new process>
  783: fork()                                    = 784 (0x310)
  784: freebsd32_execve("/usr/bin/ldd32",[ "(null)" ],[ "LD_32_TRACE_LOADED_OBJECTS_PROGNAME=/usr/bin/ldd32", "LD_TRACE_LOADED_OBJECTS_PROGNAME=/usr/bin/ldd32", "LD_32_TRACE_LOADED_OBJECTS=yes", "LD_TRACE_LOADED_OBJECTS=yes", "USER=root", "LOGNAME=root", "HOME=/root", "SHELL=/bin/csh", "BLOCKSIZE=K", "MAIL=/var/mail/root", "MM_CHARSET=UTF-8", "LANG=C.UTF-8", "PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/root/bin", "TERM=vt100", "HOSTTYPE=FreeBSD", "VENDOR=amd", "OSTYPE=FreeBSD", "MACHTYPE=x86_64", "SHLVL=1", "PWD=/root", "GROUP=wheel", "HOST=freebsd-amd64", "EDITOR=vi", "PAGER=less" ]) EJUSTRETURN
  784: freebsd32_mmap(0x0,135168,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 541212672 (0x20424000)
  784: freebsd32_mprotect(0x20421000,4096,PROT_READ) = 0 (0x0)
  784: issetugid()                               = 0 (0x0)
  784: sigfastblock(0x1,0x204234fc)              = 0 (0x0)
  784: open("/etc/libmap32.conf",O_RDONLY|O_CLOEXEC,00) ERR#2 'No such file or directory'
  784: open("/var/run/ld-elf32.so.hints",O_RDONLY|O_CLOEXEC,00) = 3 (0x3)
  784: read(3,"Ehnt\^A\0\0\0\M^@\0\0\0\v\0\0\0"...,128) = 128 (0x80)
  784: freebsd32_fstat(3,{ mode=-r--r--r-- ,inode=18680,size=32768,blksize=0 }) = 0 (0x0)
  784: freebsd32_pread(3,"/usr/lib32\0",11,0x80) = 11 (0xb)

Reviewed By:	jhb
Differential Revision: https://reviews.freebsd.org/D27625
2021-03-25 11:14:13 +00:00

119 lines
3.5 KiB
C
Raw Blame History

/*-
* SPDX-License-Identifier: BSD-2-Clause-FreeBSD
*
* Copyright 2001 Jamey Wood
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $FreeBSD$
*/
#include <sys/queue.h>
#define FOLLOWFORKS 0x00000001
#define RELATIVETIMESTAMPS 0x00000002
#define ABSOLUTETIMESTAMPS 0x00000004
#define NOSIGS 0x00000008
#define EXECVEARGS 0x00000010
#define EXECVEENVS 0x00000020
#define COUNTONLY 0x00000040
#define DISPLAYTIDS 0x00000080
struct procinfo;
struct syscall;
struct trussinfo;
/*
* The lookup of normal system calls are optimized by using a fixed
* array for the first 1024 system calls that can be indexed directly.
* Unknown system calls with other IDs are stored in a linked list.
*/
#define SYSCALL_NORMAL_COUNT 1024
struct extra_syscall {
STAILQ_ENTRY(extra_syscall) entries;
struct syscall *sc;
u_int number;
};
struct procabi {
const char *type;
enum sysdecode_abi abi;
size_t pointer_size;
const char *compat_prefix;
STAILQ_HEAD(, extra_syscall) extra_syscalls;
struct syscall *syscalls[SYSCALL_NORMAL_COUNT];
};
/*
* This is confusingly named. It holds per-thread state about the
* currently executing system call. syscall.h defines a struct
* syscall that holds metadata used to format system call arguments.
*
* NB: args[] stores the raw argument values (e.g. from registers)
* passed to the system call. s_args[] stores a string representation
* of a system call's arguments. These do not necessarily map one to
* one. A system call description may omit individual arguments
* (padding) or combine adjacent arguments (e.g. when passing an off_t
* argument on a 32-bit system). The nargs member contains the count
* of valid pointers in s_args[], not args[].
*/
struct current_syscall {
struct syscall *sc;
unsigned int number;
unsigned int nargs;
unsigned long args[10];
char *s_args[10]; /* the printable arguments */
};
struct threadinfo
{
LIST_ENTRY(threadinfo) entries;
struct procinfo *proc;
lwpid_t tid;
int in_syscall;
struct current_syscall cs;
struct timespec before;
struct timespec after;
};
struct procinfo {
LIST_ENTRY(procinfo) entries;
pid_t pid;
struct procabi *abi;
LIST_HEAD(, threadinfo) threadlist;
};
struct trussinfo
{
int flags;
int strsize;
FILE *outfile;
struct timespec start_time;
struct threadinfo *curthread;
LIST_HEAD(, procinfo) proclist;
};
Reference in New Issue View Git Blame Copy Permalink