truss: improved support for decoding compat32 arguments

Currently running `truss -a -e` does not decode any
argument values for freebsd32_* syscalls (open/readlink/etc.)

This change checks whether a syscall starts with freebsd{32,64}_ and if
so strips that prefix when looking up the syscall information. To ensure
that the truss logs include the real syscall name we create a copy of
the syscall information struct with the updated.

The other problem is that when reading string array values, truss
naively iterates over an array of char* and fetches the pointer value.
This will result in arguments not being loaded if the pointer is not
aligned to sizeof(void*), which can happens in the compat32 case. If it
happens to be aligned, we would end up printing every other value.
To fix this problem, this changes adds a pointer_size member to the
procabi struct and uses that to correctly read indirect arguments
as 64/32 bit addresses in the the compat32 case (and also compat64 on
CheriBSD).

The motivating use-case for this change is using truss for 64-bit
programs on a CHERI system, but most of the diff also applies to 32-bit
compat on a 64-bit system, so I'm upstreaming this instead of keeping it
as a local CheriBSD patch.

Output of `truss -aef ldd32 /usr/bin/ldd32` before:
39113: freebsd32_mmap(0x0,0x1000,0x3,0x1002,0xffffffff,0x0,0x0) = 543440896 (0x20644000)
39113: freebsd32_ioctl(0x1,0x402c7413,0xffffd2a0) = 0 (0x0)
/usr/bin/ldd32:
39113: write(1,"/usr/bin/ldd32:\n",16)		 = 16 (0x10)
39113: fork()					 = 39114 (0x98ca)
39114: <new process>
39114: freebsd32_execve(0xffffd97e,0xffffd680,0x20634000) EJUSTRETURN
39114: freebsd32_mmap(0x0,0x20000,0x3,0x1002,0xffffffff,0x0,0x0) = 541237248 (0x2042a000)
39114: freebsd32_mprotect(0x20427000,0x1000,0x1) = 0 (0x0)
39114: issetugid()				 = 0 (0x0)
39114: openat(AT_FDCWD,"/etc/libmap32.conf",O_RDONLY|O_CLOEXEC,00) ERR#2 'No such file or directory'
39114: openat(AT_FDCWD,"/var/run/ld-elf32.so.hints",O_RDONLY|O_CLOEXEC,00) = 3 (0x3)
39114: read(3,"Ehnt\^A\0\0\0\M^@\0\0\0#\0\0\0\0"...,128) = 128 (0x80)
39114: freebsd32_fstat(0x3,0xffffbd98)		 = 0 (0x0)
39114: freebsd32_pread(0x3,0x2042f000,0x23,0x80,0x0) = 35 (0x23)
39114: close(3)					 = 0 (0x0)
39114: openat(AT_FDCWD,"/usr/lib32/libc.so.7",O_RDONLY|O_CLOEXEC|O_VERIFY,00) = 3 (0x3)
39114: freebsd32_fstat(0x3,0xffffc7d0)		 = 0 (0x0)
39114: freebsd32_mmap(0x0,0x1000,0x1,0x40002,0x3,0x0,0x0) = 541368320 (0x2044a000)

After:
  783: freebsd32_mmap(0x0,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON|MAP_ALIGNED(12),-1,0x0) = 543543296 (0x2065d000)
  783: freebsd32_ioctl(1,TIOCGETA,0xffffd7b0)    = 0 (0x0)
/usr/bin/ldd32:
  783: write(1,"/usr/bin/ldd32:\n",16)           = 16 (0x10)
  784: <new process>
  783: fork()                                    = 784 (0x310)
  784: freebsd32_execve("/usr/bin/ldd32",[ "(null)" ],[ "LD_32_TRACE_LOADED_OBJECTS_PROGNAME=/usr/bin/ldd32", "LD_TRACE_LOADED_OBJECTS_PROGNAME=/usr/bin/ldd32", "LD_32_TRACE_LOADED_OBJECTS=yes", "LD_TRACE_LOADED_OBJECTS=yes", "USER=root", "LOGNAME=root", "HOME=/root", "SHELL=/bin/csh", "BLOCKSIZE=K", "MAIL=/var/mail/root", "MM_CHARSET=UTF-8", "LANG=C.UTF-8", "PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/root/bin", "TERM=vt100", "HOSTTYPE=FreeBSD", "VENDOR=amd", "OSTYPE=FreeBSD", "MACHTYPE=x86_64", "SHLVL=1", "PWD=/root", "GROUP=wheel", "HOST=freebsd-amd64", "EDITOR=vi", "PAGER=less" ]) EJUSTRETURN
  784: freebsd32_mmap(0x0,135168,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 541212672 (0x20424000)
  784: freebsd32_mprotect(0x20421000,4096,PROT_READ) = 0 (0x0)
  784: issetugid()                               = 0 (0x0)
  784: sigfastblock(0x1,0x204234fc)              = 0 (0x0)
  784: open("/etc/libmap32.conf",O_RDONLY|O_CLOEXEC,00) ERR#2 'No such file or directory'
  784: open("/var/run/ld-elf32.so.hints",O_RDONLY|O_CLOEXEC,00) = 3 (0x3)
  784: read(3,"Ehnt\^A\0\0\0\M^@\0\0\0\v\0\0\0"...,128) = 128 (0x80)
  784: freebsd32_fstat(3,{ mode=-r--r--r-- ,inode=18680,size=32768,blksize=0 }) = 0 (0x0)
  784: freebsd32_pread(3,"/usr/lib32\0",11,0x80) = 11 (0xb)

Reviewed By:	jhb
Differential Revision: https://reviews.freebsd.org/D27625

usr.bin/truss/setup.c

@@ -74,59 +74,72 @@ static void	new_proc(struct trussinfo *, pid_t, lwpid_t);
 
 
 static struct procabi cloudabi32 = {
-	"CloudABI32",
+	.type = "CloudABI32",
-	SYSDECODE_ABI_CLOUDABI32,
+	.abi = SYSDECODE_ABI_CLOUDABI32,
-	STAILQ_HEAD_INITIALIZER(cloudabi32.extra_syscalls),
+	.pointer_size = sizeof(uint32_t),
-	{ NULL }
+	.extra_syscalls = STAILQ_HEAD_INITIALIZER(cloudabi32.extra_syscalls),
+	.syscalls = { NULL }
 };
 
 static struct procabi cloudabi64 = {
-	"CloudABI64",
+	.type = "CloudABI64",
-	SYSDECODE_ABI_CLOUDABI64,
+	.abi = SYSDECODE_ABI_CLOUDABI64,
-	STAILQ_HEAD_INITIALIZER(cloudabi64.extra_syscalls),
+	.pointer_size = sizeof(uint64_t),
-	{ NULL }
+	.extra_syscalls = STAILQ_HEAD_INITIALIZER(cloudabi64.extra_syscalls),
+	.syscalls = { NULL }
 };
 
 static struct procabi freebsd = {
-	"FreeBSD",
+	.type = "FreeBSD",
-	SYSDECODE_ABI_FREEBSD,
+	.abi = SYSDECODE_ABI_FREEBSD,
-	STAILQ_HEAD_INITIALIZER(freebsd.extra_syscalls),
+	.pointer_size = sizeof(void *),
-	{ NULL }
+	.extra_syscalls = STAILQ_HEAD_INITIALIZER(freebsd.extra_syscalls),
+	.syscalls = { NULL }
 };
 
-#ifdef __LP64__
+#if !defined(__SIZEOF_POINTER__)
+#error "Use a modern compiler."
+#endif
+
+#if __SIZEOF_POINTER__ > 4
 static struct procabi freebsd32 = {
-	"FreeBSD32",
+	.type = "FreeBSD32",
-	SYSDECODE_ABI_FREEBSD32,
+	.abi = SYSDECODE_ABI_FREEBSD32,
-	STAILQ_HEAD_INITIALIZER(freebsd32.extra_syscalls),
+	.pointer_size = sizeof(uint32_t),
-	{ NULL }
+	.compat_prefix = "freebsd32",
+	.extra_syscalls = STAILQ_HEAD_INITIALIZER(freebsd32.extra_syscalls),
+	.syscalls = { NULL }
 };
 #endif
 
 static struct procabi linux = {
-	"Linux",
+	.type = "Linux",
-	SYSDECODE_ABI_LINUX,
+	.abi = SYSDECODE_ABI_LINUX,
-	STAILQ_HEAD_INITIALIZER(linux.extra_syscalls),
+	.pointer_size = sizeof(void *),
-	{ NULL }
+	.extra_syscalls = STAILQ_HEAD_INITIALIZER(linux.extra_syscalls),
+	.syscalls = { NULL }
 };
 
-#ifdef __LP64__
+#if __SIZEOF_POINTER__ > 4
 static struct procabi linux32 = {
-	"Linux32",
+	.type = "Linux32",
-	SYSDECODE_ABI_LINUX32,
+	.abi = SYSDECODE_ABI_LINUX32,
-	STAILQ_HEAD_INITIALIZER(linux32.extra_syscalls),
+	.pointer_size = sizeof(uint32_t),
-	{ NULL }
+	.extra_syscalls = STAILQ_HEAD_INITIALIZER(linux32.extra_syscalls),
+	.syscalls = { NULL }
 };
 #endif
 
 static struct procabi_table abis[] = {
 	{ "CloudABI ELF32", &cloudabi32 },
 	{ "CloudABI ELF64", &cloudabi64 },
-#ifdef __LP64__
+#if __SIZEOF_POINTER__ == 4
+	{ "FreeBSD ELF32", &freebsd },
+#elif __SIZEOF_POINTER__ == 8
 	{ "FreeBSD ELF64", &freebsd },
 	{ "FreeBSD ELF32", &freebsd32 },
 #else
-	{ "FreeBSD ELF32", &freebsd },
+#error "Unsupported pointer size"
 #endif
 #if defined(__powerpc64__)
 	{ "FreeBSD ELF64 V2", &freebsd },
@@ -137,7 +150,7 @@ static struct procabi_table abis[] = {
 #if defined(__i386__)
 	{ "FreeBSD a.out", &freebsd },
 #endif
-#ifdef __LP64__
+#if __SIZEOF_POINTER__ >= 8
 	{ "Linux ELF64", &linux },
 	{ "Linux ELF32", &linux32 },
 #else

usr.bin/truss/syscalls.c

@@ -963,7 +963,6 @@ print_mask_arg32(bool (*decoder)(FILE *, uint32_t, uint32_t *), FILE *fp,
 		fprintf(fp, "|0x%x", rem);
 }
 
-#ifndef __LP64__
 /*
  * Add argument padding to subsequent system calls after Quad
  * syscall arguments as needed.  This used to be done by hand in the
@@ -1008,7 +1007,6 @@ quad_fixup(struct syscall_decode *sc)
 		}
 	}
 }
-#endif
 
 static struct syscall *
 find_syscall(struct procabi *abi, u_int number)
@@ -1029,10 +1027,13 @@ add_syscall(struct procabi *abi, u_int number, struct syscall *sc)
 {
 	struct extra_syscall *es;
 
-#ifndef __LP64__
+	/*
-	/* FIXME: should be based on syscall ABI not truss ABI */
+	 * quad_fixup() is currently needed for all 32-bit ABIs.
-	quad_fixup(&sc->decode);
+	 * TODO: This should probably be a function pointer inside struct
-#endif
+	 *  procabi instead.
+	 */
+	if (abi->pointer_size == 4)
+		quad_fixup(&sc->decode);
 
 	if (number < nitems(abi->syscalls)) {
 		assert(abi->syscalls[number] == NULL);
@@ -1055,16 +1056,19 @@ struct syscall *
 get_syscall(struct threadinfo *t, u_int number, u_int nargs)
 {
 	struct syscall *sc;
+	struct procabi *procabi;
 	const char *sysdecode_name;
+	const char *lookup_name;
 	const char *name;
 	u_int i;
 
-	sc = find_syscall(t->proc->abi, number);
+	procabi = t->proc->abi;
+	sc = find_syscall(procabi, number);
 	if (sc != NULL)
 		return (sc);
 
 	/* Memory is not explicitly deallocated, it's released on exit(). */
-	sysdecode_name = sysdecode_syscallname(t->proc->abi->abi, number);
+	sysdecode_name = sysdecode_syscallname(procabi->abi, number);
 	if (sysdecode_name == NULL)
 		asprintf(__DECONST(char **, &name), "#%d", number);
 	else
@@ -1073,8 +1077,14 @@ get_syscall(struct threadinfo *t, u_int number, u_int nargs)
 	sc = calloc(1, sizeof(*sc));
 	sc->name = name;
 
+	/* Also decode compat syscalls arguments by stripping the prefix. */
+	lookup_name = name;
+	if (procabi->compat_prefix != NULL && strncmp(procabi->compat_prefix,
+	    name, strlen(procabi->compat_prefix)) == 0)
+		lookup_name += strlen(procabi->compat_prefix);
+
 	for (i = 0; i < nitems(decoded_syscalls); i++) {
-		if (strcmp(name, decoded_syscalls[i].name) == 0) {
+		if (strcmp(lookup_name, decoded_syscalls[i].name) == 0) {
 			sc->decode = decoded_syscalls[i];
 			add_syscall(t->proc->abi, number, sc);
 			return (sc);
@@ -1817,12 +1827,15 @@ print_arg(struct syscall_arg *sc, unsigned long *args, register_t *retval,
 	case StringArray: {
 		uintptr_t addr;
 		union {
-			char *strarray[0];
+			int32_t strarray32[PAGE_SIZE / sizeof(int32_t)];
+			int64_t strarray64[PAGE_SIZE / sizeof(int64_t)];
 			char buf[PAGE_SIZE];
 		} u;
 		char *string;
 		size_t len;
 		u_int first, i;
+		size_t pointer_size =
+		    trussinfo->curthread->proc->abi->pointer_size;
 
 		/*
 		 * Only parse argv[] and environment arrays from exec calls
@@ -1842,7 +1855,7 @@ print_arg(struct syscall_arg *sc, unsigned long *args, register_t *retval,
 		 * a partial page.
 		 */
 		addr = args[sc->offset];
-		if (addr % sizeof(char *) != 0) {
+		if (addr % pointer_size != 0) {
 			print_pointer(fp, args[sc->offset]);
 			break;
 		}
@@ -1852,22 +1865,36 @@ print_arg(struct syscall_arg *sc, unsigned long *args, register_t *retval,
 			print_pointer(fp, args[sc->offset]);
 			break;
 		}
+		assert(len > 0);
 
 		fputc('[', fp);
 		first = 1;
 		i = 0;
-		while (u.strarray[i] != NULL) {
+		for (;;) {
-			string = get_string(pid, (uintptr_t)u.strarray[i], 0);
+			uintptr_t straddr;
+			if (pointer_size == 4) {
+				if (u.strarray32[i] == 0)
+					break;
+				/* sign-extend 32-bit pointers */
+				straddr = (intptr_t)u.strarray32[i];
+			} else if (pointer_size == 8) {
+				if (u.strarray64[i] == 0)
+					break;
+				straddr = (intptr_t)u.strarray64[i];
+			} else {
+				errx(1, "Unsupported pointer size: %zu",
+				    pointer_size);
+			}
+			string = get_string(pid, straddr, 0);
 			fprintf(fp, "%s \"%s\"", first ? "" : ",", string);
 			free(string);
 			first = 0;
 
 			i++;
-			if (i == len / sizeof(char *)) {
+			if (i == len / pointer_size) {
 				addr += len;
 				len = PAGE_SIZE;
-				if (get_struct(pid, addr, u.buf, len) ==
+				if (get_struct(pid, addr, u.buf, len) == -1) {
-				    -1) {
 					fprintf(fp, ", <inval>");
 					break;
 				}

usr.bin/truss/truss.h

@@ -58,6 +58,8 @@ struct extra_syscall {
 struct procabi {
 	const char *type;
 	enum sysdecode_abi abi;
+	size_t pointer_size;
+	const char *compat_prefix;
 	STAILQ_HEAD(, extra_syscall) extra_syscalls;
 	struct syscall *syscalls[SYSCALL_NORMAL_COUNT];
 };