Mainly focus on files that use BSD 3-Clause license.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
This API allows callers to enumerate all known pages, including any
direct map & kernel map virtual addresses, physical addresses, size,
offset into the core, & protection configured.
For architectures that support direct map addresses, also generate pages
for any direct map only addresses that are not associated with kernel
map addresses.
Fix page size portability issue left behind from previous kvm page table
lookup interface.
Reviewed by: jhb
Sponsored by: Backtrace I/O
Differential Revision: https://reviews.freebsd.org/D12279
Return a NUL string instead of just working by accident with kvm_geterr(3)
when MALLOC_PRODUCTION is disabled (I didn't confirm the MALLOC_PRODUCTION
being enabled path).
Document the new explicit return behavior for kvm_geterr(3), as well
as the previous implicit behavior, i.e., the buffer attached to
returned via kvm_geterr(3) would be empty if a previous error hadn't been
stored in `kd`.
Differential Revision: D10022
MFC after: 1 week
Reviewed by: vangyzen
Sponsored by: Dell EMC Isilon
Don't segfault in kvm_close(3) if provided a NULL pointer. Instead, return
-1 and set errno to EINVAL.
Document this new behavior explicitly.
MFC after: 1 week
Reviewed by: vangyzen
Sponsored by: Dell EMC Isilon
Differential Revision: D10065
`error` is the accumulated error from previous close(2) calls.
This bug has been present since the libcall's import from 4.4BSD
Lite (r1573).
MFC after: 1 week
Noticed by: vangyzen (D10022)
Relnotes: yes
Sponsored by: Dell EMC Isilon
This is being done for the following reasons:
- kvm_open(3), etc says they will return NULL.
- NULL by definition is (void*)0 per POSIX, but can be redefined,
depending on the compiler, etc.
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.
Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96
This change consists of two parts:
- allow libkvm to recognize /dev/vmm/* character devices as devices that
provide access to the physical memory of a system (similarly to /dev/fwmem*)
- allow libkvm to recognize that /dev/vmm/* and /dev/fwmem* devices provide
access to the physical memory of live remote systems and, thus, the memory
is writable
As a result, it should be possible to run commands like
$ kgdb -w /path/to/kernel /dev/fwmem0.0
$ kgdb /path/to/kernel /dev/vmm/guest
Reviewed by: kib, jhb
MFC after: 2 weeks
Relnotes: yes
Sponsored by: Panzura
Differential Revision: https://reviews.freebsd.org/D8679
Instead of using a hash table to convert physical page addresses to offsets
in the sparse page array, cache the number of bits set for each 4MB chunk of
physical pages. Upon lookup, find the nearest cached population count, then
add/subtract the number of bits from that point to the page's PTE bit.
Then multiply by page size and add to the sparse page map's base offset.
This replaces O(n) worst-case lookup with O(1) (plus a small number of bits
to scan in the bitmap). Also, for a 128GB system, a typical kernel core of
about 8GB will now only require ~4.5MB of RAM for this approach instead of
~48MB as with the hash table.
More concretely, /usr/sbin/crashinfo against the same core improves from a
max RSS of 188MB and wall time of 43.72s (33.25 user 2.94 sys) to 135MB and
9.43s (2.58 user 1.47 sys). Running "thread apply all bt" in kgdb has a
similar RSS improvement, and wall time drops from 4.44s to 1.93s.
Reviewed by: jhb
Sponsored by: Backtrace I/O
In particular,
- avoid dereferencing NULL pointers
- test pointers against NULL, not 0
- test for errout == NULL in the top-level functions (kvm_open, kvm_openfiles,
kvm_open2, etc)
- Replace a realloc and free on failure with reallocf
Found with: devel/cocchinelle
Differential Revision: https://reviews.freebsd.org/D5954
MFC after: 1 week
Reviewed by: jhb
Sponsored by: EMC / Isilon Storage Division
- Add a kvaddr_type to represent kernel virtual addresses instead of
unsigned long.
- Add a struct kvm_nlist which is a stripped down version of struct nlist
that uses kvaddr_t for n_value.
- Add a kvm_native() routine that returns true if an open kvm descriptor
is for a native kernel and memory image.
- Add a kvm_open2() function similar to kvm_openfiles(). It drops the
unused 'swapfile' argument and adds a new function pointer argument for
a symbol resolving function. Native kernels still use _fdnlist() from
libc to resolve symbols if a resolver function is not supplied, but cross
kernels require a resolver.
- Add a kvm_nlist2() function similar to kvm_nlist() except that it uses
struct kvm_nlist instead of struct nlist.
- Add a kvm_read2() function similar to kvm_read() except that it uses
kvaddr_t instead of unsigned long for the kernel virtual address.
- Add a new kvm_arch switch of routines needed by a vmcore backend.
Each backend is responsible for implementing kvm_read2() for a given
vmcore format.
- Use libelf to read headers from ELF kernels and cores (except for
powerpc cores).
- Add internal helper routines for the common page offset hash table used
by the minidump backends.
- Port all of the existing kvm backends to implement a kvm_arch switch and
to be cross-friendly by using private constants instead of ones that
vary by platform (e.g. PAGE_SIZE). Static assertions are present when
a given backend is compiled natively to ensure the private constants
match the real ones.
- Enable all of the existing vmcore backends on all platforms. This means
that libkvm on any platform should be able to perform KVA translation
and read data from a vmcore of any platform.
Tested on: amd64, i386, sparc64 (marius)
Differential Revision: https://reviews.freebsd.org/D3341
produced will be called libkvm-${ARCH} instead of libkvm. This allows
installing it alongside the native version.
For symbol lookups, use ps_pglobal_lookup() instead of __fdnlist()
when building a cross libkvm. It is assumed that the cross tool that
uses the cross libkvm also provides an implementation for this
proc_services function.
Note that this commit does not change any of the architecture-specific
code for cross-compilation.
- make WARNS=6 clean for archs w/o strict alignment requirments
- add const, ANSIfy, remove unused vars, cast types for comparison
- thanks to differing definitions of VM_MIN_ADDRESS across our archs, we
need to trick the compiler to not complain about signedness. We could
either fix VM_MIN_ADDRESS to always be a simple integer or make the
check conditional on $ARCH.
Closes PRs: kern/42386, kern/83364
Reviewed by: bde
(DPCPU):
A new API, kvm_dpcpu_setcpu(3), selects the active CPU for the purposes
of DPCPU. Calls to kvm_nlist(3) will automatically translate DPCPU
symbols and return a pointer to the current CPU's version of the data.
Consumers needing to read the same symbol on several CPUs will invoke a
series of setcpu/nlist calls, one per CPU of interest.
This addition makes it possible for tools like netstat(1) to query the
values of DPCPU variables during crashdump analysis, and is based on
similar code handling virtualized global variables.
MFC after: 1 week
Sponsored by: Juniper Networks, Inc.
without VIMAGE virtualization in the kernel.
If we cannot resolve a symbol try to see if we can find it with
prefix of the virtualized subsystem, currently only "vnet_entry"
by identifying either the vnet of the current process for a
live system or the vnet of proc0 (or of dumptid if compiled
in a non-default way).
The way this is done currently allows us to only touch libkvm
but no single application. Once we are going to virtualize more
subsystems we will have to review this decision for better scaling.
Submitted by: rwatson (initial version of kvm_vnet.c, lots of ideas)
Reviewed by: rwatson
Approved by: re (kib)
returned an lseek offset in a "u_long *" value, which can't express >4GB
offsets on 32 bit machines (eg: PAE). Change to "off_t *" for all.
Support ELF crashdumps on i386 and amd64.
Support PAE crashdumps on i386. This is done by auto-detecting the
presence of the IdlePDPT which means that PAE is active.
I used Marcel's _kvm_pa2off strategy and ELF header reader for ELF support
on amd64. Paul Saab ported the amd64 changes to i386 and we implemented
the PAE support from there.
Note that gdb6 in the src tree uses whatever libkvm supports. If you want
to debug an old crash dump, you might want to keep an old libkvm.so handy
and use LD_PRELOAD or the like. This does not detect the old raw dump
format.
Approved by: re
This enable us to use /dev/fwmem* as a core file.
e.g.
ps -M /dev/fwmem0.0 -N kernel.debug
dmesg -M /dev/fwmem0.0 -N kernel.debug
gdb -k -c /dev/fwmem0.0 kernel.debug
You need to set target EUI64 in hw.firewire.fwmem.eui64_hi/lo before
opening the device. On the target arch, (PCI) bus address must be
equivalent to physical address.
(We cannot use this for sparc64 because of IOMMU.)
No objection in: -audit
argument to kvm_open() and kvm_openfiles() as unused.
BSD didn't read swap since kvm.c CSRG revision 5.21 (u-area is pageable
under new VM. no need to read from swap.)
The old !NEWVM code was removed in CSRG revision 5.23 (~ten years ago).
and is module aware. Yes, this means that kvm_nlist(3) will find symbols
in loaded modules. The emulation of the nlist struct is pretty crude but
seems to work well enough for all the users in the tree that I found.
for over 5 years since we switched to using procfs for kvm_uread().
This cleanup was motivated by recent breakage of the default swap file
(/dev/drum) when swapon() has not been called.
know what they're doing if they do that. This will allow ps to use
the kvm_proc.c bits without having access to /dev/mem.
Fix kvm_proc.c to not need /dev/mem for access to argv/envp
When malloc fails. don't try to memset NULL pointer, it cause core dump
Replace malloc+memset with calloc, theoretically it can do some
optimization of zeroing process internally
Improve error diagnostic
