1 | /* $NetBSD: kern_ktrace.c,v 1.169 2016/09/13 07:39:45 martin Exp $ */ |
2 | |
3 | /*- |
4 | * Copyright (c) 2006, 2007, 2008 The NetBSD Foundation, Inc. |
5 | * All rights reserved. |
6 | * |
7 | * This code is derived from software contributed to The NetBSD Foundation |
8 | * by Andrew Doran. |
9 | * |
10 | * Redistribution and use in source and binary forms, with or without |
11 | * modification, are permitted provided that the following conditions |
12 | * are met: |
13 | * 1. Redistributions of source code must retain the above copyright |
14 | * notice, this list of conditions and the following disclaimer. |
15 | * 2. Redistributions in binary form must reproduce the above copyright |
16 | * notice, this list of conditions and the following disclaimer in the |
17 | * documentation and/or other materials provided with the distribution. |
18 | * |
19 | * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS |
20 | * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED |
21 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
22 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS |
23 | * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
24 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
25 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
26 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
27 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
28 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
29 | * POSSIBILITY OF SUCH DAMAGE. |
30 | */ |
31 | |
32 | /* |
33 | * Copyright (c) 1989, 1993 |
34 | * The Regents of the University of California. All rights reserved. |
35 | * |
36 | * Redistribution and use in source and binary forms, with or without |
37 | * modification, are permitted provided that the following conditions |
38 | * are met: |
39 | * 1. Redistributions of source code must retain the above copyright |
40 | * notice, this list of conditions and the following disclaimer. |
41 | * 2. Redistributions in binary form must reproduce the above copyright |
42 | * notice, this list of conditions and the following disclaimer in the |
43 | * documentation and/or other materials provided with the distribution. |
44 | * 3. Neither the name of the University nor the names of its contributors |
45 | * may be used to endorse or promote products derived from this software |
46 | * without specific prior written permission. |
47 | * |
48 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND |
49 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
50 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
51 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
52 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
53 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
54 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
55 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
56 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
57 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
58 | * SUCH DAMAGE. |
59 | * |
60 | * @(#)kern_ktrace.c 8.5 (Berkeley) 5/14/95 |
61 | */ |
62 | |
63 | #include <sys/cdefs.h> |
64 | __KERNEL_RCSID(0, "$NetBSD: kern_ktrace.c,v 1.169 2016/09/13 07:39:45 martin Exp $" ); |
65 | |
66 | #include <sys/param.h> |
67 | #include <sys/systm.h> |
68 | #include <sys/proc.h> |
69 | #include <sys/file.h> |
70 | #include <sys/kernel.h> |
71 | #include <sys/kthread.h> |
72 | #include <sys/ktrace.h> |
73 | #include <sys/kmem.h> |
74 | #include <sys/syslog.h> |
75 | #include <sys/filedesc.h> |
76 | #include <sys/ioctl.h> |
77 | #include <sys/callout.h> |
78 | #include <sys/kauth.h> |
79 | |
80 | #include <sys/mount.h> |
81 | #include <sys/syscallargs.h> |
82 | |
83 | /* |
84 | * TODO: |
85 | * - need better error reporting? |
86 | * - userland utility to sort ktrace.out by timestamp. |
87 | * - keep minimum information in ktrace_entry when rest of alloc failed. |
88 | * - per trace control of configurable parameters. |
89 | */ |
90 | |
91 | struct ktrace_entry { |
92 | TAILQ_ENTRY(ktrace_entry) kte_list; |
93 | struct ktr_header kte_kth; |
94 | void *kte_buf; |
95 | size_t kte_bufsz; |
96 | #define KTE_SPACE 32 |
97 | uint8_t kte_space[KTE_SPACE] __aligned(sizeof(register_t)); |
98 | }; |
99 | |
100 | struct ktr_desc { |
101 | TAILQ_ENTRY(ktr_desc) ktd_list; |
102 | int ktd_flags; |
103 | #define KTDF_WAIT 0x0001 |
104 | #define KTDF_DONE 0x0002 |
105 | #define KTDF_BLOCKING 0x0004 |
106 | #define KTDF_INTERACTIVE 0x0008 |
107 | int ktd_error; |
108 | #define KTDE_ENOMEM 0x0001 |
109 | #define KTDE_ENOSPC 0x0002 |
110 | int ktd_errcnt; |
111 | int ktd_ref; /* # of reference */ |
112 | int ktd_qcount; /* # of entry in the queue */ |
113 | |
114 | /* |
115 | * Params to control behaviour. |
116 | */ |
117 | int ktd_delayqcnt; /* # of entry allowed to delay */ |
118 | int ktd_wakedelay; /* delay of wakeup in *tick* */ |
119 | int ktd_intrwakdl; /* ditto, but when interactive */ |
120 | |
121 | file_t *ktd_fp; /* trace output file */ |
122 | lwp_t *ktd_lwp; /* our kernel thread */ |
123 | TAILQ_HEAD(, ktrace_entry) ktd_queue; |
124 | callout_t ktd_wakch; /* delayed wakeup */ |
125 | kcondvar_t ktd_sync_cv; |
126 | kcondvar_t ktd_cv; |
127 | }; |
128 | |
129 | static void ktrwrite(struct ktr_desc *, struct ktrace_entry *); |
130 | static int ktrops(lwp_t *, struct proc *, int, int, |
131 | struct ktr_desc *); |
132 | static int ktrsetchildren(lwp_t *, struct proc *, int, int, |
133 | struct ktr_desc *); |
134 | static int ktrcanset(lwp_t *, struct proc *); |
135 | static int ktrsamefile(file_t *, file_t *); |
136 | static void ktr_kmem(lwp_t *, int, const void *, size_t); |
137 | static void ktr_io(lwp_t *, int, enum uio_rw, struct iovec *, size_t); |
138 | |
139 | static struct ktr_desc * |
140 | ktd_lookup(file_t *); |
141 | static void ktdrel(struct ktr_desc *); |
142 | static void ktdref(struct ktr_desc *); |
143 | static void ktefree(struct ktrace_entry *); |
144 | static void ktd_logerrl(struct ktr_desc *, int); |
145 | static void ktrace_thread(void *); |
146 | static int ktrderefall(struct ktr_desc *, int); |
147 | |
148 | /* |
149 | * Default vaules. |
150 | */ |
151 | #define KTD_MAXENTRY 1000 /* XXX: tune */ |
152 | #define KTD_TIMEOUT 5 /* XXX: tune */ |
153 | #define KTD_DELAYQCNT 100 /* XXX: tune */ |
154 | #define KTD_WAKEDELAY 5000 /* XXX: tune */ |
155 | #define KTD_INTRWAKDL 100 /* XXX: tune */ |
156 | |
157 | /* |
158 | * Patchable variables. |
159 | */ |
160 | int ktd_maxentry = KTD_MAXENTRY; /* max # of entry in the queue */ |
161 | int ktd_timeout = KTD_TIMEOUT; /* timeout in seconds */ |
162 | int ktd_delayqcnt = KTD_DELAYQCNT; /* # of entry allowed to delay */ |
163 | int ktd_wakedelay = KTD_WAKEDELAY; /* delay of wakeup in *ms* */ |
164 | int ktd_intrwakdl = KTD_INTRWAKDL; /* ditto, but when interactive */ |
165 | |
166 | kmutex_t ktrace_lock; |
167 | int ktrace_on; |
168 | static TAILQ_HEAD(, ktr_desc) ktdq = TAILQ_HEAD_INITIALIZER(ktdq); |
169 | static pool_cache_t kte_cache; |
170 | |
171 | static kauth_listener_t ktrace_listener; |
172 | |
173 | static void |
174 | ktd_wakeup(struct ktr_desc *ktd) |
175 | { |
176 | |
177 | callout_stop(&ktd->ktd_wakch); |
178 | cv_signal(&ktd->ktd_cv); |
179 | } |
180 | |
181 | static void |
182 | ktd_callout(void *arg) |
183 | { |
184 | |
185 | mutex_enter(&ktrace_lock); |
186 | ktd_wakeup(arg); |
187 | mutex_exit(&ktrace_lock); |
188 | } |
189 | |
190 | static void |
191 | ktd_logerrl(struct ktr_desc *ktd, int error) |
192 | { |
193 | |
194 | ktd->ktd_error |= error; |
195 | ktd->ktd_errcnt++; |
196 | } |
197 | |
198 | #if 0 |
199 | static void |
200 | ktd_logerr(struct proc *p, int error) |
201 | { |
202 | struct ktr_desc *ktd; |
203 | |
204 | KASSERT(mutex_owned(&ktrace_lock)); |
205 | |
206 | ktd = p->p_tracep; |
207 | if (ktd == NULL) |
208 | return; |
209 | |
210 | ktd_logerrl(ktd, error); |
211 | } |
212 | #endif |
213 | |
214 | static int |
215 | ktrace_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie, |
216 | void *arg0, void *arg1, void *arg2, void *arg3) |
217 | { |
218 | struct proc *p; |
219 | int result; |
220 | enum kauth_process_req req; |
221 | |
222 | result = KAUTH_RESULT_DEFER; |
223 | p = arg0; |
224 | |
225 | if (action != KAUTH_PROCESS_KTRACE) |
226 | return result; |
227 | |
228 | req = (enum kauth_process_req)(unsigned long)arg1; |
229 | |
230 | /* Privileged; secmodel should handle these. */ |
231 | if (req == KAUTH_REQ_PROCESS_KTRACE_PERSISTENT) |
232 | return result; |
233 | |
234 | if ((p->p_traceflag & KTRFAC_PERSISTENT) || |
235 | (p->p_flag & PK_SUGID)) |
236 | return result; |
237 | |
238 | if (kauth_cred_geteuid(cred) == kauth_cred_getuid(p->p_cred) && |
239 | kauth_cred_getuid(cred) == kauth_cred_getsvuid(p->p_cred) && |
240 | kauth_cred_getgid(cred) == kauth_cred_getgid(p->p_cred) && |
241 | kauth_cred_getgid(cred) == kauth_cred_getsvgid(p->p_cred)) |
242 | result = KAUTH_RESULT_ALLOW; |
243 | |
244 | return result; |
245 | } |
246 | |
247 | /* |
248 | * Initialise the ktrace system. |
249 | */ |
250 | void |
251 | ktrinit(void) |
252 | { |
253 | |
254 | mutex_init(&ktrace_lock, MUTEX_DEFAULT, IPL_NONE); |
255 | kte_cache = pool_cache_init(sizeof(struct ktrace_entry), 0, 0, 0, |
256 | "ktrace" , &pool_allocator_nointr, IPL_NONE, NULL, NULL, NULL); |
257 | |
258 | ktrace_listener = kauth_listen_scope(KAUTH_SCOPE_PROCESS, |
259 | ktrace_listener_cb, NULL); |
260 | } |
261 | |
262 | /* |
263 | * Release a reference. Called with ktrace_lock held. |
264 | */ |
265 | void |
266 | ktdrel(struct ktr_desc *ktd) |
267 | { |
268 | |
269 | KASSERT(mutex_owned(&ktrace_lock)); |
270 | |
271 | KDASSERT(ktd->ktd_ref != 0); |
272 | KASSERT(ktd->ktd_ref > 0); |
273 | KASSERT(ktrace_on > 0); |
274 | ktrace_on--; |
275 | if (--ktd->ktd_ref <= 0) { |
276 | ktd->ktd_flags |= KTDF_DONE; |
277 | cv_signal(&ktd->ktd_cv); |
278 | } |
279 | } |
280 | |
281 | void |
282 | ktdref(struct ktr_desc *ktd) |
283 | { |
284 | |
285 | KASSERT(mutex_owned(&ktrace_lock)); |
286 | |
287 | ktd->ktd_ref++; |
288 | ktrace_on++; |
289 | } |
290 | |
291 | struct ktr_desc * |
292 | ktd_lookup(file_t *fp) |
293 | { |
294 | struct ktr_desc *ktd; |
295 | |
296 | KASSERT(mutex_owned(&ktrace_lock)); |
297 | |
298 | for (ktd = TAILQ_FIRST(&ktdq); ktd != NULL; |
299 | ktd = TAILQ_NEXT(ktd, ktd_list)) { |
300 | if (ktrsamefile(ktd->ktd_fp, fp)) { |
301 | ktdref(ktd); |
302 | break; |
303 | } |
304 | } |
305 | |
306 | return (ktd); |
307 | } |
308 | |
309 | void |
310 | ktraddentry(lwp_t *l, struct ktrace_entry *kte, int flags) |
311 | { |
312 | struct proc *p = l->l_proc; |
313 | struct ktr_desc *ktd; |
314 | #ifdef DEBUG |
315 | struct timeval t1, t2; |
316 | #endif |
317 | |
318 | mutex_enter(&ktrace_lock); |
319 | |
320 | if (p->p_traceflag & KTRFAC_TRC_EMUL) { |
321 | /* Add emulation trace before first entry for this process */ |
322 | p->p_traceflag &= ~KTRFAC_TRC_EMUL; |
323 | mutex_exit(&ktrace_lock); |
324 | ktrexit(l); |
325 | ktremul(); |
326 | (void)ktrenter(l); |
327 | mutex_enter(&ktrace_lock); |
328 | } |
329 | |
330 | /* Tracing may have been cancelled. */ |
331 | ktd = p->p_tracep; |
332 | if (ktd == NULL) |
333 | goto freekte; |
334 | |
335 | /* |
336 | * Bump reference count so that the object will remain while |
337 | * we are here. Note that the trace is controlled by other |
338 | * process. |
339 | */ |
340 | ktdref(ktd); |
341 | |
342 | if (ktd->ktd_flags & KTDF_DONE) |
343 | goto relktd; |
344 | |
345 | if (ktd->ktd_qcount > ktd_maxentry) { |
346 | ktd_logerrl(ktd, KTDE_ENOSPC); |
347 | goto relktd; |
348 | } |
349 | TAILQ_INSERT_TAIL(&ktd->ktd_queue, kte, kte_list); |
350 | ktd->ktd_qcount++; |
351 | if (ktd->ktd_flags & KTDF_BLOCKING) |
352 | goto skip_sync; |
353 | |
354 | if (flags & KTA_WAITOK && |
355 | (/* flags & KTA_LARGE */0 || ktd->ktd_flags & KTDF_WAIT || |
356 | ktd->ktd_qcount > ktd_maxentry >> 1)) |
357 | /* |
358 | * Sync with writer thread since we're requesting rather |
359 | * big one or many requests are pending. |
360 | */ |
361 | do { |
362 | ktd->ktd_flags |= KTDF_WAIT; |
363 | ktd_wakeup(ktd); |
364 | #ifdef DEBUG |
365 | getmicrouptime(&t1); |
366 | #endif |
367 | if (cv_timedwait(&ktd->ktd_sync_cv, &ktrace_lock, |
368 | ktd_timeout * hz) != 0) { |
369 | ktd->ktd_flags |= KTDF_BLOCKING; |
370 | /* |
371 | * Maybe the writer thread is blocking |
372 | * completely for some reason, but |
373 | * don't stop target process forever. |
374 | */ |
375 | log(LOG_NOTICE, "ktrace timeout\n" ); |
376 | break; |
377 | } |
378 | #ifdef DEBUG |
379 | getmicrouptime(&t2); |
380 | timersub(&t2, &t1, &t2); |
381 | if (t2.tv_sec > 0) |
382 | log(LOG_NOTICE, |
383 | "ktrace long wait: %lld.%06ld\n" , |
384 | (long long)t2.tv_sec, (long)t2.tv_usec); |
385 | #endif |
386 | } while (p->p_tracep == ktd && |
387 | (ktd->ktd_flags & (KTDF_WAIT | KTDF_DONE)) == KTDF_WAIT); |
388 | else { |
389 | /* Schedule delayed wakeup */ |
390 | if (ktd->ktd_qcount > ktd->ktd_delayqcnt) |
391 | ktd_wakeup(ktd); /* Wakeup now */ |
392 | else if (!callout_pending(&ktd->ktd_wakch)) |
393 | callout_reset(&ktd->ktd_wakch, |
394 | ktd->ktd_flags & KTDF_INTERACTIVE ? |
395 | ktd->ktd_intrwakdl : ktd->ktd_wakedelay, |
396 | ktd_callout, ktd); |
397 | } |
398 | |
399 | skip_sync: |
400 | ktdrel(ktd); |
401 | mutex_exit(&ktrace_lock); |
402 | ktrexit(l); |
403 | return; |
404 | |
405 | relktd: |
406 | ktdrel(ktd); |
407 | |
408 | freekte: |
409 | mutex_exit(&ktrace_lock); |
410 | ktefree(kte); |
411 | ktrexit(l); |
412 | } |
413 | |
414 | void |
415 | ktefree(struct ktrace_entry *kte) |
416 | { |
417 | |
418 | if (kte->kte_buf != kte->kte_space) |
419 | kmem_free(kte->kte_buf, kte->kte_bufsz); |
420 | pool_cache_put(kte_cache, kte); |
421 | } |
422 | |
423 | /* |
424 | * "deep" compare of two files for the purposes of clearing a trace. |
425 | * Returns true if they're the same open file, or if they point at the |
426 | * same underlying vnode/socket. |
427 | */ |
428 | |
429 | int |
430 | ktrsamefile(file_t *f1, file_t *f2) |
431 | { |
432 | |
433 | return ((f1 == f2) || |
434 | ((f1 != NULL) && (f2 != NULL) && |
435 | (f1->f_type == f2->f_type) && |
436 | (f1->f_data == f2->f_data))); |
437 | } |
438 | |
439 | void |
440 | ktrderef(struct proc *p) |
441 | { |
442 | struct ktr_desc *ktd = p->p_tracep; |
443 | |
444 | KASSERT(mutex_owned(&ktrace_lock)); |
445 | |
446 | p->p_traceflag = 0; |
447 | if (ktd == NULL) |
448 | return; |
449 | p->p_tracep = NULL; |
450 | |
451 | cv_broadcast(&ktd->ktd_sync_cv); |
452 | ktdrel(ktd); |
453 | } |
454 | |
455 | void |
456 | ktradref(struct proc *p) |
457 | { |
458 | struct ktr_desc *ktd = p->p_tracep; |
459 | |
460 | KASSERT(mutex_owned(&ktrace_lock)); |
461 | |
462 | ktdref(ktd); |
463 | } |
464 | |
465 | int |
466 | ktrderefall(struct ktr_desc *ktd, int auth) |
467 | { |
468 | lwp_t *curl = curlwp; |
469 | struct proc *p; |
470 | int error = 0; |
471 | |
472 | mutex_enter(proc_lock); |
473 | PROCLIST_FOREACH(p, &allproc) { |
474 | if (p->p_tracep != ktd) |
475 | continue; |
476 | mutex_enter(p->p_lock); |
477 | mutex_enter(&ktrace_lock); |
478 | if (p->p_tracep == ktd) { |
479 | if (!auth || ktrcanset(curl, p)) |
480 | ktrderef(p); |
481 | else |
482 | error = EPERM; |
483 | } |
484 | mutex_exit(&ktrace_lock); |
485 | mutex_exit(p->p_lock); |
486 | } |
487 | mutex_exit(proc_lock); |
488 | |
489 | return error; |
490 | } |
491 | |
492 | int |
493 | ktealloc(struct ktrace_entry **ktep, void **bufp, lwp_t *l, int type, |
494 | size_t sz) |
495 | { |
496 | struct proc *p = l->l_proc; |
497 | struct ktrace_entry *kte; |
498 | struct ktr_header *kth; |
499 | void *buf; |
500 | |
501 | if (ktrenter(l)) |
502 | return EAGAIN; |
503 | |
504 | kte = pool_cache_get(kte_cache, PR_WAITOK); |
505 | if (sz > sizeof(kte->kte_space)) { |
506 | if ((buf = kmem_alloc(sz, KM_SLEEP)) == NULL) { |
507 | pool_cache_put(kte_cache, kte); |
508 | ktrexit(l); |
509 | return ENOMEM; |
510 | } |
511 | } else |
512 | buf = kte->kte_space; |
513 | |
514 | kte->kte_bufsz = sz; |
515 | kte->kte_buf = buf; |
516 | |
517 | kth = &kte->kte_kth; |
518 | (void)memset(kth, 0, sizeof(*kth)); |
519 | kth->ktr_len = sz; |
520 | kth->ktr_type = type; |
521 | kth->ktr_pid = p->p_pid; |
522 | memcpy(kth->ktr_comm, p->p_comm, MAXCOMLEN); |
523 | kth->ktr_version = KTRFAC_VERSION(p->p_traceflag); |
524 | kth->ktr_lid = l->l_lid; |
525 | nanotime(&kth->ktr_ts); |
526 | |
527 | *ktep = kte; |
528 | *bufp = buf; |
529 | |
530 | return 0; |
531 | } |
532 | |
533 | void |
534 | ktesethdrlen(struct ktrace_entry *kte, size_t l) |
535 | { |
536 | kte->kte_kth.ktr_len = l; |
537 | } |
538 | |
539 | void |
540 | ktr_syscall(register_t code, const register_t args[], int narg) |
541 | { |
542 | lwp_t *l = curlwp; |
543 | struct proc *p = l->l_proc; |
544 | struct ktrace_entry *kte; |
545 | struct ktr_syscall *ktp; |
546 | register_t *argp; |
547 | size_t len; |
548 | u_int i; |
549 | |
550 | if (!KTRPOINT(p, KTR_SYSCALL)) |
551 | return; |
552 | |
553 | len = sizeof(struct ktr_syscall) + narg * sizeof argp[0]; |
554 | |
555 | if (ktealloc(&kte, (void *)&ktp, l, KTR_SYSCALL, len)) |
556 | return; |
557 | |
558 | ktp->ktr_code = code; |
559 | ktp->ktr_argsize = narg * sizeof argp[0]; |
560 | argp = (register_t *)(ktp + 1); |
561 | for (i = 0; i < narg; i++) |
562 | *argp++ = args[i]; |
563 | |
564 | ktraddentry(l, kte, KTA_WAITOK); |
565 | } |
566 | |
567 | void |
568 | ktr_sysret(register_t code, int error, register_t *retval) |
569 | { |
570 | lwp_t *l = curlwp; |
571 | struct ktrace_entry *kte; |
572 | struct ktr_sysret *ktp; |
573 | |
574 | if (!KTRPOINT(l->l_proc, KTR_SYSRET)) |
575 | return; |
576 | |
577 | if (ktealloc(&kte, (void *)&ktp, l, KTR_SYSRET, |
578 | sizeof(struct ktr_sysret))) |
579 | return; |
580 | |
581 | ktp->ktr_code = code; |
582 | ktp->ktr_eosys = 0; /* XXX unused */ |
583 | ktp->ktr_error = error; |
584 | ktp->ktr_retval = retval && error == 0 ? retval[0] : 0; |
585 | ktp->ktr_retval_1 = retval && error == 0 ? retval[1] : 0; |
586 | |
587 | ktraddentry(l, kte, KTA_WAITOK); |
588 | } |
589 | |
590 | void |
591 | ktr_namei(const char *path, size_t pathlen) |
592 | { |
593 | lwp_t *l = curlwp; |
594 | |
595 | if (!KTRPOINT(l->l_proc, KTR_NAMEI)) |
596 | return; |
597 | |
598 | ktr_kmem(l, KTR_NAMEI, path, pathlen); |
599 | } |
600 | |
601 | void |
602 | ktr_namei2(const char *eroot, size_t erootlen, |
603 | const char *path, size_t pathlen) |
604 | { |
605 | lwp_t *l = curlwp; |
606 | struct ktrace_entry *kte; |
607 | void *buf; |
608 | |
609 | if (!KTRPOINT(l->l_proc, KTR_NAMEI)) |
610 | return; |
611 | |
612 | if (ktealloc(&kte, &buf, l, KTR_NAMEI, erootlen + pathlen)) |
613 | return; |
614 | memcpy(buf, eroot, erootlen); |
615 | buf = (char *)buf + erootlen; |
616 | memcpy(buf, path, pathlen); |
617 | ktraddentry(l, kte, KTA_WAITOK); |
618 | } |
619 | |
620 | void |
621 | ktr_emul(void) |
622 | { |
623 | lwp_t *l = curlwp; |
624 | const char *emul = l->l_proc->p_emul->e_name; |
625 | |
626 | if (!KTRPOINT(l->l_proc, KTR_EMUL)) |
627 | return; |
628 | |
629 | ktr_kmem(l, KTR_EMUL, emul, strlen(emul)); |
630 | } |
631 | |
632 | void |
633 | ktr_execarg(const void *bf, size_t len) |
634 | { |
635 | lwp_t *l = curlwp; |
636 | |
637 | if (!KTRPOINT(l->l_proc, KTR_EXEC_ARG)) |
638 | return; |
639 | |
640 | ktr_kmem(l, KTR_EXEC_ARG, bf, len); |
641 | } |
642 | |
643 | void |
644 | ktr_execenv(const void *bf, size_t len) |
645 | { |
646 | lwp_t *l = curlwp; |
647 | |
648 | if (!KTRPOINT(l->l_proc, KTR_EXEC_ENV)) |
649 | return; |
650 | |
651 | ktr_kmem(l, KTR_EXEC_ENV, bf, len); |
652 | } |
653 | |
654 | void |
655 | ktr_execfd(int fd, u_int dtype) |
656 | { |
657 | struct ktrace_entry *kte; |
658 | struct ktr_execfd* ktp; |
659 | |
660 | lwp_t *l = curlwp; |
661 | |
662 | if (!KTRPOINT(l->l_proc, KTR_EXEC_FD)) |
663 | return; |
664 | |
665 | if (ktealloc(&kte, (void *)&ktp, l, KTR_EXEC_FD, sizeof(*ktp))) |
666 | return; |
667 | |
668 | ktp->ktr_fd = fd; |
669 | ktp->ktr_dtype = dtype; |
670 | ktraddentry(l, kte, KTA_WAITOK); |
671 | } |
672 | |
673 | static void |
674 | ktr_kmem(lwp_t *l, int type, const void *bf, size_t len) |
675 | { |
676 | struct ktrace_entry *kte; |
677 | void *buf; |
678 | |
679 | if (ktealloc(&kte, &buf, l, type, len)) |
680 | return; |
681 | memcpy(buf, bf, len); |
682 | ktraddentry(l, kte, KTA_WAITOK); |
683 | } |
684 | |
685 | static void |
686 | ktr_io(lwp_t *l, int fd, enum uio_rw rw, struct iovec *iov, size_t len) |
687 | { |
688 | struct ktrace_entry *kte; |
689 | struct ktr_genio *ktp; |
690 | size_t resid = len, cnt, buflen; |
691 | char *cp; |
692 | |
693 | next: |
694 | buflen = min(PAGE_SIZE, resid + sizeof(struct ktr_genio)); |
695 | |
696 | if (ktealloc(&kte, (void *)&ktp, l, KTR_GENIO, buflen)) |
697 | return; |
698 | |
699 | ktp->ktr_fd = fd; |
700 | ktp->ktr_rw = rw; |
701 | |
702 | cp = (void *)(ktp + 1); |
703 | buflen -= sizeof(struct ktr_genio); |
704 | kte->kte_kth.ktr_len = sizeof(struct ktr_genio); |
705 | |
706 | while (buflen > 0) { |
707 | cnt = min(iov->iov_len, buflen); |
708 | if (copyin(iov->iov_base, cp, cnt) != 0) |
709 | goto out; |
710 | kte->kte_kth.ktr_len += cnt; |
711 | cp += cnt; |
712 | buflen -= cnt; |
713 | resid -= cnt; |
714 | iov->iov_len -= cnt; |
715 | if (iov->iov_len == 0) |
716 | iov++; |
717 | else |
718 | iov->iov_base = (char *)iov->iov_base + cnt; |
719 | } |
720 | |
721 | /* |
722 | * Don't push so many entry at once. It will cause kmem map |
723 | * shortage. |
724 | */ |
725 | ktraddentry(l, kte, KTA_WAITOK | KTA_LARGE); |
726 | if (resid > 0) { |
727 | if (curcpu()->ci_schedstate.spc_flags & SPCF_SHOULDYIELD) { |
728 | (void)ktrenter(l); |
729 | preempt(); |
730 | ktrexit(l); |
731 | } |
732 | |
733 | goto next; |
734 | } |
735 | |
736 | return; |
737 | |
738 | out: |
739 | ktefree(kte); |
740 | ktrexit(l); |
741 | } |
742 | |
743 | void |
744 | ktr_genio(int fd, enum uio_rw rw, const void *addr, size_t len, int error) |
745 | { |
746 | lwp_t *l = curlwp; |
747 | struct iovec iov; |
748 | |
749 | if (!KTRPOINT(l->l_proc, KTR_GENIO) || error != 0) |
750 | return; |
751 | iov.iov_base = __UNCONST(addr); |
752 | iov.iov_len = len; |
753 | ktr_io(l, fd, rw, &iov, len); |
754 | } |
755 | |
756 | void |
757 | ktr_geniov(int fd, enum uio_rw rw, struct iovec *iov, size_t len, int error) |
758 | { |
759 | lwp_t *l = curlwp; |
760 | |
761 | if (!KTRPOINT(l->l_proc, KTR_GENIO) || error != 0) |
762 | return; |
763 | ktr_io(l, fd, rw, iov, len); |
764 | } |
765 | |
766 | void |
767 | ktr_mibio(int fd, enum uio_rw rw, const void *addr, size_t len, int error) |
768 | { |
769 | lwp_t *l = curlwp; |
770 | struct iovec iov; |
771 | |
772 | if (!KTRPOINT(l->l_proc, KTR_MIB) || error != 0) |
773 | return; |
774 | iov.iov_base = __UNCONST(addr); |
775 | iov.iov_len = len; |
776 | ktr_io(l, fd, rw, &iov, len); |
777 | } |
778 | |
779 | void |
780 | ktr_psig(int sig, sig_t action, const sigset_t *mask, |
781 | const ksiginfo_t *ksi) |
782 | { |
783 | struct ktrace_entry *kte; |
784 | lwp_t *l = curlwp; |
785 | struct { |
786 | struct ktr_psig kp; |
787 | siginfo_t si; |
788 | } *kbuf; |
789 | |
790 | if (!KTRPOINT(l->l_proc, KTR_PSIG)) |
791 | return; |
792 | |
793 | if (ktealloc(&kte, (void *)&kbuf, l, KTR_PSIG, sizeof(*kbuf))) |
794 | return; |
795 | |
796 | kbuf->kp.signo = (char)sig; |
797 | kbuf->kp.action = action; |
798 | kbuf->kp.mask = *mask; |
799 | |
800 | if (ksi) { |
801 | kbuf->kp.code = KSI_TRAPCODE(ksi); |
802 | (void)memset(&kbuf->si, 0, sizeof(kbuf->si)); |
803 | kbuf->si._info = ksi->ksi_info; |
804 | kte->kte_kth.ktr_len = sizeof(*kbuf); |
805 | } else { |
806 | kbuf->kp.code = 0; |
807 | kte->kte_kth.ktr_len = sizeof(struct ktr_psig); |
808 | } |
809 | |
810 | ktraddentry(l, kte, KTA_WAITOK); |
811 | } |
812 | |
813 | void |
814 | ktr_csw(int out, int user) |
815 | { |
816 | lwp_t *l = curlwp; |
817 | struct proc *p = l->l_proc; |
818 | struct ktrace_entry *kte; |
819 | struct ktr_csw *kc; |
820 | |
821 | if (!KTRPOINT(p, KTR_CSW)) |
822 | return; |
823 | |
824 | /* |
825 | * Don't record context switches resulting from blocking on |
826 | * locks; it's too easy to get duff results. |
827 | */ |
828 | if (l->l_syncobj == &mutex_syncobj || l->l_syncobj == &rw_syncobj) |
829 | return; |
830 | |
831 | /* |
832 | * We can't sleep if we're already going to sleep (if original |
833 | * condition is met during sleep, we hang up). |
834 | * |
835 | * XXX This is not ideal: it would be better to maintain a pool |
836 | * of ktes and actually push this to the kthread when context |
837 | * switch happens, however given the points where we are called |
838 | * from that is difficult to do. |
839 | */ |
840 | if (out) { |
841 | if (ktrenter(l)) |
842 | return; |
843 | |
844 | nanotime(&l->l_ktrcsw); |
845 | l->l_pflag |= LP_KTRCSW; |
846 | if (user) |
847 | l->l_pflag |= LP_KTRCSWUSER; |
848 | else |
849 | l->l_pflag &= ~LP_KTRCSWUSER; |
850 | |
851 | ktrexit(l); |
852 | return; |
853 | } |
854 | |
855 | /* |
856 | * On the way back in, we need to record twice: once for entry, and |
857 | * once for exit. |
858 | */ |
859 | if ((l->l_pflag & LP_KTRCSW) != 0) { |
860 | struct timespec *ts; |
861 | l->l_pflag &= ~LP_KTRCSW; |
862 | |
863 | if (ktealloc(&kte, (void *)&kc, l, KTR_CSW, sizeof(*kc))) |
864 | return; |
865 | |
866 | kc->out = 1; |
867 | kc->user = ((l->l_pflag & LP_KTRCSWUSER) != 0); |
868 | |
869 | ts = &l->l_ktrcsw; |
870 | switch (KTRFAC_VERSION(p->p_traceflag)) { |
871 | case 0: |
872 | kte->kte_kth.ktr_otv.tv_sec = ts->tv_sec; |
873 | kte->kte_kth.ktr_otv.tv_usec = ts->tv_nsec / 1000; |
874 | break; |
875 | case 1: |
876 | kte->kte_kth.ktr_ots.tv_sec = ts->tv_sec; |
877 | kte->kte_kth.ktr_ots.tv_nsec = ts->tv_nsec; |
878 | break; |
879 | case 2: |
880 | kte->kte_kth.ktr_ts.tv_sec = ts->tv_sec; |
881 | kte->kte_kth.ktr_ts.tv_nsec = ts->tv_nsec; |
882 | break; |
883 | default: |
884 | break; |
885 | } |
886 | |
887 | ktraddentry(l, kte, KTA_WAITOK); |
888 | } |
889 | |
890 | if (ktealloc(&kte, (void *)&kc, l, KTR_CSW, sizeof(*kc))) |
891 | return; |
892 | |
893 | kc->out = 0; |
894 | kc->user = user; |
895 | |
896 | ktraddentry(l, kte, KTA_WAITOK); |
897 | } |
898 | |
899 | bool |
900 | ktr_point(int fac_bit) |
901 | { |
902 | return curlwp->l_proc->p_traceflag & fac_bit; |
903 | } |
904 | |
905 | int |
906 | ktruser(const char *id, void *addr, size_t len, int ustr) |
907 | { |
908 | struct ktrace_entry *kte; |
909 | struct ktr_user *ktp; |
910 | lwp_t *l = curlwp; |
911 | void *user_dta; |
912 | int error; |
913 | |
914 | if (!KTRPOINT(l->l_proc, KTR_USER)) |
915 | return 0; |
916 | |
917 | if (len > KTR_USER_MAXLEN) |
918 | return ENOSPC; |
919 | |
920 | error = ktealloc(&kte, (void *)&ktp, l, KTR_USER, sizeof(*ktp) + len); |
921 | if (error != 0) |
922 | return error; |
923 | |
924 | if (ustr) { |
925 | if (copyinstr(id, ktp->ktr_id, KTR_USER_MAXIDLEN, NULL) != 0) |
926 | ktp->ktr_id[0] = '\0'; |
927 | } else |
928 | strncpy(ktp->ktr_id, id, KTR_USER_MAXIDLEN); |
929 | ktp->ktr_id[KTR_USER_MAXIDLEN-1] = '\0'; |
930 | |
931 | user_dta = (void *)(ktp + 1); |
932 | if ((error = copyin(addr, user_dta, len)) != 0) |
933 | len = 0; |
934 | |
935 | ktraddentry(l, kte, KTA_WAITOK); |
936 | return error; |
937 | } |
938 | |
939 | void |
940 | ktr_kuser(const char *id, const void *addr, size_t len) |
941 | { |
942 | struct ktrace_entry *kte; |
943 | struct ktr_user *ktp; |
944 | lwp_t *l = curlwp; |
945 | int error; |
946 | |
947 | if (!KTRPOINT(l->l_proc, KTR_USER)) |
948 | return; |
949 | |
950 | if (len > KTR_USER_MAXLEN) |
951 | return; |
952 | |
953 | error = ktealloc(&kte, (void *)&ktp, l, KTR_USER, sizeof(*ktp) + len); |
954 | if (error != 0) |
955 | return; |
956 | |
957 | strlcpy(ktp->ktr_id, id, KTR_USER_MAXIDLEN); |
958 | |
959 | memcpy(ktp + 1, addr, len); |
960 | |
961 | ktraddentry(l, kte, KTA_WAITOK); |
962 | } |
963 | |
964 | void |
965 | ktr_mib(const int *name, u_int namelen) |
966 | { |
967 | struct ktrace_entry *kte; |
968 | int *namep; |
969 | size_t size; |
970 | lwp_t *l = curlwp; |
971 | |
972 | if (!KTRPOINT(l->l_proc, KTR_MIB)) |
973 | return; |
974 | |
975 | size = namelen * sizeof(*name); |
976 | |
977 | if (ktealloc(&kte, (void *)&namep, l, KTR_MIB, size)) |
978 | return; |
979 | |
980 | (void)memcpy(namep, name, namelen * sizeof(*name)); |
981 | |
982 | ktraddentry(l, kte, KTA_WAITOK); |
983 | } |
984 | |
985 | /* Interface and common routines */ |
986 | |
987 | int |
988 | ktrace_common(lwp_t *curl, int ops, int facs, int pid, file_t **fpp) |
989 | { |
990 | struct proc *p; |
991 | struct pgrp *pg; |
992 | struct ktr_desc *ktd = NULL; |
993 | file_t *fp = *fpp; |
994 | int ret = 0; |
995 | int error = 0; |
996 | int descend; |
997 | |
998 | descend = ops & KTRFLAG_DESCEND; |
999 | facs = facs & ~((unsigned) KTRFAC_PERSISTENT); |
1000 | |
1001 | (void)ktrenter(curl); |
1002 | |
1003 | switch (KTROP(ops)) { |
1004 | |
1005 | case KTROP_CLEARFILE: |
1006 | /* |
1007 | * Clear all uses of the tracefile |
1008 | */ |
1009 | mutex_enter(&ktrace_lock); |
1010 | ktd = ktd_lookup(fp); |
1011 | mutex_exit(&ktrace_lock); |
1012 | if (ktd == NULL) |
1013 | goto done; |
1014 | error = ktrderefall(ktd, 1); |
1015 | goto done; |
1016 | |
1017 | case KTROP_SET: |
1018 | mutex_enter(&ktrace_lock); |
1019 | ktd = ktd_lookup(fp); |
1020 | mutex_exit(&ktrace_lock); |
1021 | if (ktd == NULL) { |
1022 | ktd = kmem_alloc(sizeof(*ktd), KM_SLEEP); |
1023 | TAILQ_INIT(&ktd->ktd_queue); |
1024 | callout_init(&ktd->ktd_wakch, CALLOUT_MPSAFE); |
1025 | cv_init(&ktd->ktd_cv, "ktrwait" ); |
1026 | cv_init(&ktd->ktd_sync_cv, "ktrsync" ); |
1027 | ktd->ktd_flags = 0; |
1028 | ktd->ktd_qcount = 0; |
1029 | ktd->ktd_error = 0; |
1030 | ktd->ktd_errcnt = 0; |
1031 | ktd->ktd_delayqcnt = ktd_delayqcnt; |
1032 | ktd->ktd_wakedelay = mstohz(ktd_wakedelay); |
1033 | ktd->ktd_intrwakdl = mstohz(ktd_intrwakdl); |
1034 | ktd->ktd_ref = 0; |
1035 | ktd->ktd_fp = fp; |
1036 | mutex_enter(&ktrace_lock); |
1037 | ktdref(ktd); |
1038 | mutex_exit(&ktrace_lock); |
1039 | |
1040 | /* |
1041 | * XXX: not correct. needs an way to detect |
1042 | * whether ktruss or ktrace. |
1043 | */ |
1044 | if (fp->f_type == DTYPE_PIPE) |
1045 | ktd->ktd_flags |= KTDF_INTERACTIVE; |
1046 | |
1047 | mutex_enter(&fp->f_lock); |
1048 | fp->f_count++; |
1049 | mutex_exit(&fp->f_lock); |
1050 | error = kthread_create(PRI_NONE, KTHREAD_MPSAFE, NULL, |
1051 | ktrace_thread, ktd, &ktd->ktd_lwp, "ktrace" ); |
1052 | if (error != 0) { |
1053 | kmem_free(ktd, sizeof(*ktd)); |
1054 | ktd = NULL; |
1055 | mutex_enter(&fp->f_lock); |
1056 | fp->f_count--; |
1057 | mutex_exit(&fp->f_lock); |
1058 | goto done; |
1059 | } |
1060 | |
1061 | mutex_enter(&ktrace_lock); |
1062 | if (ktd_lookup(fp) != NULL) { |
1063 | ktdrel(ktd); |
1064 | ktd = NULL; |
1065 | } else |
1066 | TAILQ_INSERT_TAIL(&ktdq, ktd, ktd_list); |
1067 | if (ktd == NULL) |
1068 | cv_wait(&lbolt, &ktrace_lock); |
1069 | mutex_exit(&ktrace_lock); |
1070 | if (ktd == NULL) |
1071 | goto done; |
1072 | } |
1073 | break; |
1074 | |
1075 | case KTROP_CLEAR: |
1076 | break; |
1077 | } |
1078 | |
1079 | /* |
1080 | * need something to (un)trace (XXX - why is this here?) |
1081 | */ |
1082 | if (!facs) { |
1083 | error = EINVAL; |
1084 | *fpp = NULL; |
1085 | goto done; |
1086 | } |
1087 | |
1088 | /* |
1089 | * do it |
1090 | */ |
1091 | mutex_enter(proc_lock); |
1092 | if (pid < 0) { |
1093 | /* |
1094 | * by process group |
1095 | */ |
1096 | pg = pgrp_find(-pid); |
1097 | if (pg == NULL) |
1098 | error = ESRCH; |
1099 | else { |
1100 | LIST_FOREACH(p, &pg->pg_members, p_pglist) { |
1101 | if (descend) |
1102 | ret |= ktrsetchildren(curl, p, ops, |
1103 | facs, ktd); |
1104 | else |
1105 | ret |= ktrops(curl, p, ops, facs, |
1106 | ktd); |
1107 | } |
1108 | } |
1109 | |
1110 | } else { |
1111 | /* |
1112 | * by pid |
1113 | */ |
1114 | p = proc_find(pid); |
1115 | if (p == NULL) |
1116 | error = ESRCH; |
1117 | else if (descend) |
1118 | ret |= ktrsetchildren(curl, p, ops, facs, ktd); |
1119 | else |
1120 | ret |= ktrops(curl, p, ops, facs, ktd); |
1121 | } |
1122 | mutex_exit(proc_lock); |
1123 | if (error == 0 && !ret) |
1124 | error = EPERM; |
1125 | *fpp = NULL; |
1126 | done: |
1127 | if (ktd != NULL) { |
1128 | mutex_enter(&ktrace_lock); |
1129 | if (error != 0) { |
1130 | /* |
1131 | * Wakeup the thread so that it can be die if we |
1132 | * can't trace any process. |
1133 | */ |
1134 | ktd_wakeup(ktd); |
1135 | } |
1136 | if (KTROP(ops) == KTROP_SET || KTROP(ops) == KTROP_CLEARFILE) |
1137 | ktdrel(ktd); |
1138 | mutex_exit(&ktrace_lock); |
1139 | } |
1140 | ktrexit(curl); |
1141 | return (error); |
1142 | } |
1143 | |
1144 | /* |
1145 | * fktrace system call |
1146 | */ |
1147 | /* ARGSUSED */ |
1148 | int |
1149 | sys_fktrace(struct lwp *l, const struct sys_fktrace_args *uap, register_t *retval) |
1150 | { |
1151 | /* { |
1152 | syscallarg(int) fd; |
1153 | syscallarg(int) ops; |
1154 | syscallarg(int) facs; |
1155 | syscallarg(int) pid; |
1156 | } */ |
1157 | file_t *fp; |
1158 | int error, fd; |
1159 | |
1160 | fd = SCARG(uap, fd); |
1161 | if ((fp = fd_getfile(fd)) == NULL) |
1162 | return (EBADF); |
1163 | if ((fp->f_flag & FWRITE) == 0) |
1164 | error = EBADF; |
1165 | else |
1166 | error = ktrace_common(l, SCARG(uap, ops), |
1167 | SCARG(uap, facs), SCARG(uap, pid), &fp); |
1168 | fd_putfile(fd); |
1169 | return error; |
1170 | } |
1171 | |
1172 | int |
1173 | ktrops(lwp_t *curl, struct proc *p, int ops, int facs, |
1174 | struct ktr_desc *ktd) |
1175 | { |
1176 | int vers = ops & KTRFAC_VER_MASK; |
1177 | int error = 0; |
1178 | |
1179 | mutex_enter(p->p_lock); |
1180 | mutex_enter(&ktrace_lock); |
1181 | |
1182 | if (!ktrcanset(curl, p)) |
1183 | goto out; |
1184 | |
1185 | switch (vers) { |
1186 | case KTRFACv0: |
1187 | case KTRFACv1: |
1188 | case KTRFACv2: |
1189 | break; |
1190 | default: |
1191 | error = EINVAL; |
1192 | goto out; |
1193 | } |
1194 | |
1195 | if (KTROP(ops) == KTROP_SET) { |
1196 | if (p->p_tracep != ktd) { |
1197 | /* |
1198 | * if trace file already in use, relinquish |
1199 | */ |
1200 | ktrderef(p); |
1201 | p->p_tracep = ktd; |
1202 | ktradref(p); |
1203 | } |
1204 | p->p_traceflag |= facs; |
1205 | if (kauth_authorize_process(curl->l_cred, KAUTH_PROCESS_KTRACE, |
1206 | p, KAUTH_ARG(KAUTH_REQ_PROCESS_KTRACE_PERSISTENT), NULL, |
1207 | NULL) == 0) |
1208 | p->p_traceflag |= KTRFAC_PERSISTENT; |
1209 | } else { |
1210 | /* KTROP_CLEAR */ |
1211 | if (((p->p_traceflag &= ~facs) & KTRFAC_MASK) == 0) { |
1212 | /* no more tracing */ |
1213 | ktrderef(p); |
1214 | } |
1215 | } |
1216 | |
1217 | if (p->p_traceflag) |
1218 | p->p_traceflag |= vers; |
1219 | /* |
1220 | * Emit an emulation record, every time there is a ktrace |
1221 | * change/attach request. |
1222 | */ |
1223 | if (KTRPOINT(p, KTR_EMUL)) |
1224 | p->p_traceflag |= KTRFAC_TRC_EMUL; |
1225 | |
1226 | p->p_trace_enabled = trace_is_enabled(p); |
1227 | #ifdef __HAVE_SYSCALL_INTERN |
1228 | (*p->p_emul->e_syscall_intern)(p); |
1229 | #endif |
1230 | |
1231 | out: |
1232 | mutex_exit(&ktrace_lock); |
1233 | mutex_exit(p->p_lock); |
1234 | |
1235 | return error ? 0 : 1; |
1236 | } |
1237 | |
1238 | int |
1239 | ktrsetchildren(lwp_t *curl, struct proc *top, int ops, int facs, |
1240 | struct ktr_desc *ktd) |
1241 | { |
1242 | struct proc *p; |
1243 | int ret = 0; |
1244 | |
1245 | KASSERT(mutex_owned(proc_lock)); |
1246 | |
1247 | p = top; |
1248 | for (;;) { |
1249 | ret |= ktrops(curl, p, ops, facs, ktd); |
1250 | /* |
1251 | * If this process has children, descend to them next, |
1252 | * otherwise do any siblings, and if done with this level, |
1253 | * follow back up the tree (but not past top). |
1254 | */ |
1255 | if (LIST_FIRST(&p->p_children) != NULL) { |
1256 | p = LIST_FIRST(&p->p_children); |
1257 | continue; |
1258 | } |
1259 | for (;;) { |
1260 | if (p == top) |
1261 | return (ret); |
1262 | if (LIST_NEXT(p, p_sibling) != NULL) { |
1263 | p = LIST_NEXT(p, p_sibling); |
1264 | break; |
1265 | } |
1266 | p = p->p_pptr; |
1267 | } |
1268 | } |
1269 | /*NOTREACHED*/ |
1270 | } |
1271 | |
1272 | void |
1273 | ktrwrite(struct ktr_desc *ktd, struct ktrace_entry *kte) |
1274 | { |
1275 | size_t hlen; |
1276 | struct uio auio; |
1277 | struct iovec aiov[64], *iov; |
1278 | struct ktrace_entry *top = kte; |
1279 | struct ktr_header *kth; |
1280 | file_t *fp = ktd->ktd_fp; |
1281 | int error; |
1282 | next: |
1283 | auio.uio_iov = iov = &aiov[0]; |
1284 | auio.uio_offset = 0; |
1285 | auio.uio_rw = UIO_WRITE; |
1286 | auio.uio_resid = 0; |
1287 | auio.uio_iovcnt = 0; |
1288 | UIO_SETUP_SYSSPACE(&auio); |
1289 | do { |
1290 | struct timespec ts; |
1291 | lwpid_t lid; |
1292 | kth = &kte->kte_kth; |
1293 | |
1294 | hlen = sizeof(struct ktr_header); |
1295 | switch (kth->ktr_version) { |
1296 | case 0: |
1297 | ts = kth->ktr_time; |
1298 | |
1299 | kth->ktr_otv.tv_sec = ts.tv_sec; |
1300 | kth->ktr_otv.tv_usec = ts.tv_nsec / 1000; |
1301 | kth->ktr_unused = NULL; |
1302 | hlen -= sizeof(kth->_v) - |
1303 | MAX(sizeof(kth->_v._v0), sizeof(kth->_v._v1)); |
1304 | break; |
1305 | case 1: |
1306 | ts = kth->ktr_time; |
1307 | lid = kth->ktr_lid; |
1308 | |
1309 | kth->ktr_ots.tv_sec = ts.tv_sec; |
1310 | kth->ktr_ots.tv_nsec = ts.tv_nsec; |
1311 | kth->ktr_olid = lid; |
1312 | hlen -= sizeof(kth->_v) - |
1313 | MAX(sizeof(kth->_v._v0), sizeof(kth->_v._v1)); |
1314 | break; |
1315 | } |
1316 | iov->iov_base = (void *)kth; |
1317 | iov++->iov_len = hlen; |
1318 | auio.uio_resid += hlen; |
1319 | auio.uio_iovcnt++; |
1320 | if (kth->ktr_len > 0) { |
1321 | iov->iov_base = kte->kte_buf; |
1322 | iov++->iov_len = kth->ktr_len; |
1323 | auio.uio_resid += kth->ktr_len; |
1324 | auio.uio_iovcnt++; |
1325 | } |
1326 | } while ((kte = TAILQ_NEXT(kte, kte_list)) != NULL && |
1327 | auio.uio_iovcnt < sizeof(aiov) / sizeof(aiov[0]) - 1); |
1328 | |
1329 | again: |
1330 | error = (*fp->f_ops->fo_write)(fp, &fp->f_offset, &auio, |
1331 | fp->f_cred, FOF_UPDATE_OFFSET); |
1332 | switch (error) { |
1333 | |
1334 | case 0: |
1335 | if (auio.uio_resid > 0) |
1336 | goto again; |
1337 | if (kte != NULL) |
1338 | goto next; |
1339 | break; |
1340 | |
1341 | case EWOULDBLOCK: |
1342 | kpause("ktrzzz" , false, 1, NULL); |
1343 | goto again; |
1344 | |
1345 | default: |
1346 | /* |
1347 | * If error encountered, give up tracing on this |
1348 | * vnode. Don't report EPIPE as this can easily |
1349 | * happen with fktrace()/ktruss. |
1350 | */ |
1351 | #ifndef DEBUG |
1352 | if (error != EPIPE) |
1353 | #endif |
1354 | log(LOG_NOTICE, |
1355 | "ktrace write failed, errno %d, tracing stopped\n" , |
1356 | error); |
1357 | (void)ktrderefall(ktd, 0); |
1358 | } |
1359 | |
1360 | while ((kte = top) != NULL) { |
1361 | top = TAILQ_NEXT(top, kte_list); |
1362 | ktefree(kte); |
1363 | } |
1364 | } |
1365 | |
1366 | void |
1367 | ktrace_thread(void *arg) |
1368 | { |
1369 | struct ktr_desc *ktd = arg; |
1370 | file_t *fp = ktd->ktd_fp; |
1371 | struct ktrace_entry *kte; |
1372 | int ktrerr, errcnt; |
1373 | |
1374 | mutex_enter(&ktrace_lock); |
1375 | for (;;) { |
1376 | kte = TAILQ_FIRST(&ktd->ktd_queue); |
1377 | if (kte == NULL) { |
1378 | if (ktd->ktd_flags & KTDF_WAIT) { |
1379 | ktd->ktd_flags &= ~(KTDF_WAIT | KTDF_BLOCKING); |
1380 | cv_broadcast(&ktd->ktd_sync_cv); |
1381 | } |
1382 | if (ktd->ktd_ref == 0) |
1383 | break; |
1384 | cv_wait(&ktd->ktd_cv, &ktrace_lock); |
1385 | continue; |
1386 | } |
1387 | TAILQ_INIT(&ktd->ktd_queue); |
1388 | ktd->ktd_qcount = 0; |
1389 | ktrerr = ktd->ktd_error; |
1390 | errcnt = ktd->ktd_errcnt; |
1391 | ktd->ktd_error = ktd->ktd_errcnt = 0; |
1392 | mutex_exit(&ktrace_lock); |
1393 | |
1394 | if (ktrerr) { |
1395 | log(LOG_NOTICE, |
1396 | "ktrace failed, fp %p, error 0x%x, total %d\n" , |
1397 | fp, ktrerr, errcnt); |
1398 | } |
1399 | ktrwrite(ktd, kte); |
1400 | mutex_enter(&ktrace_lock); |
1401 | } |
1402 | |
1403 | TAILQ_REMOVE(&ktdq, ktd, ktd_list); |
1404 | |
1405 | callout_halt(&ktd->ktd_wakch, &ktrace_lock); |
1406 | callout_destroy(&ktd->ktd_wakch); |
1407 | mutex_exit(&ktrace_lock); |
1408 | |
1409 | /* |
1410 | * ktrace file descriptor can't be watched (are not visible to |
1411 | * userspace), so no kqueue stuff here |
1412 | * XXX: The above comment is wrong, because the fktrace file |
1413 | * descriptor is available in userland. |
1414 | */ |
1415 | closef(fp); |
1416 | |
1417 | cv_destroy(&ktd->ktd_sync_cv); |
1418 | cv_destroy(&ktd->ktd_cv); |
1419 | |
1420 | kmem_free(ktd, sizeof(*ktd)); |
1421 | |
1422 | kthread_exit(0); |
1423 | } |
1424 | |
1425 | /* |
1426 | * Return true if caller has permission to set the ktracing state |
1427 | * of target. Essentially, the target can't possess any |
1428 | * more permissions than the caller. KTRFAC_PERSISTENT signifies that |
1429 | * the tracing will persist on sugid processes during exec; it is only |
1430 | * settable by a process with appropriate credentials. |
1431 | * |
1432 | * TODO: check groups. use caller effective gid. |
1433 | */ |
1434 | int |
1435 | ktrcanset(lwp_t *calll, struct proc *targetp) |
1436 | { |
1437 | KASSERT(mutex_owned(targetp->p_lock)); |
1438 | KASSERT(mutex_owned(&ktrace_lock)); |
1439 | |
1440 | if (kauth_authorize_process(calll->l_cred, KAUTH_PROCESS_KTRACE, |
1441 | targetp, NULL, NULL, NULL) == 0) |
1442 | return (1); |
1443 | |
1444 | return (0); |
1445 | } |
1446 | |
1447 | /* |
1448 | * Put user defined entry to ktrace records. |
1449 | */ |
1450 | int |
1451 | sys_utrace(struct lwp *l, const struct sys_utrace_args *uap, register_t *retval) |
1452 | { |
1453 | /* { |
1454 | syscallarg(const char *) label; |
1455 | syscallarg(void *) addr; |
1456 | syscallarg(size_t) len; |
1457 | } */ |
1458 | |
1459 | return ktruser(SCARG(uap, label), SCARG(uap, addr), |
1460 | SCARG(uap, len), 1); |
1461 | } |
1462 | |