usr.bin/truss/i386-fbsd.c

18334Speter/*
90075Sobrien * Copryight 1997 Sean Eric Fagan
132730Skan *
18334Speter * Redistribution and use in source and binary forms, with or without
90075Sobrien * modification, are permitted provided that the following conditions
18334Speter * are met:
90075Sobrien * 1. Redistributions of source code must retain the above copyright
90075Sobrien *    notice, this list of conditions and the following disclaimer.
90075Sobrien * 2. Redistributions in binary form must reproduce the above copyright
90075Sobrien *    notice, this list of conditions and the following disclaimer in the
18334Speter *    documentation and/or other materials provided with the distribution.
90075Sobrien * 3. All advertising materials mentioning features or use of this software
90075Sobrien *    must display the following acknowledgement:
90075Sobrien *	This product includes software developed by Sean Eric Fagan
90075Sobrien * 4. Neither the name of the author may be used to endorse or promote
18334Speter *    products derived from this software without specific prior written
18334Speter *    permission.
90075Sobrien *
90075Sobrien * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
90075Sobrien * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18334Speter * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
96549Sobrien * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
96549Sobrien * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18334Speter * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
18334Speter * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
18334Speter * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
18334Speter * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
18334Speter * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
18334Speter * SUCH DAMAGE.
18334Speter */
18334Speter
50397Sobrien#ifndef lint
132730Skanstatic const char rcsid[] =
132730Skan  "$FreeBSD: head/usr.bin/truss/i386-fbsd.c 85301 2001-10-22 02:02:00Z des $";
90075Sobrien#endif /* not lint */
18334Speter
90075Sobrien/*
90075Sobrien * FreeBSD/386-specific system call handling.  This is probably the most
18334Speter * complex part of the entire truss program, although I've got lots of
90075Sobrien * it handled relatively cleanly now.  The system call names are generated
18334Speter * automatically, thanks to /usr/src/sys/kern/syscalls.master.  The
90075Sobrien * names used for the various structures are confusing, I sadly admit.
18334Speter */
50397Sobrien
90075Sobrien#include <sys/types.h>
90075Sobrien#include <sys/ioctl.h>
50397Sobrien#include <sys/pioctl.h>
90075Sobrien#include <sys/syscall.h>
90075Sobrien
132730Skan#include <machine/reg.h>
90075Sobrien#include <machine/psl.h>
90075Sobrien
96263Sobrien#include <errno.h>
132730Skan#include <fcntl.h>
132730Skan#include <signal.h>
117421Skan#include <stdio.h>
117421Skan#include <stdlib.h>
132730Skan#include <string.h>
50397Sobrien#include <unistd.h>
18334Speter
18334Speter#include "syscall.h"
18334Speter
18334Speterstatic int fd = -1;
18334Speterstatic int cpid = -1;
18334Speterextern int Procfd;
18334Speter
18334Speterextern FILE *outfile;
18334Speter#include "syscalls.h"
18334Speter
18334Speterstatic int nsyscalls = sizeof(syscallnames) / sizeof(syscallnames[0]);
18334Speter
18334Speter/*
18334Speter * This is what this particular file uses to keep track of a system call.
132730Skan * It is probably not quite sufficient -- I can probably use the same
18334Speter * structure for the various syscall personalities, and I also probably
18334Speter * need to nest system calls (for signal handlers).
18334Speter *
18334Speter * 'struct syscall' describes the system call; it may be NULL, however,
18334Speter * if we don't know about this particular system call yet.
18334Speter */
18334Speterstatic struct freebsd_syscall {
18334Speter	struct syscall *sc;
18334Speter	char *name;
18334Speter	int number;
18334Speter	unsigned long *args;
18334Speter	int nargs;	/* number of arguments -- *not* number of words! */
18334Speter	char **s_args;	/* the printable arguments */
18334Speter} fsc;
132730Skan
18334Speter/* Clear up and free parts of the fsc structure. */
18334Speterstatic inline void
18334Speterclear_fsc() {
132730Skan  if (fsc.args) {
132730Skan    free(fsc.args);
18334Speter  }
18334Speter  if (fsc.s_args) {
18334Speter    int i;
132730Skan    for (i = 0; i < fsc.nargs; i++)
132730Skan      if (fsc.s_args[i])
132730Skan	free(fsc.s_args[i]);
132730Skan    free(fsc.s_args);
132730Skan  }
18334Speter  memset(&fsc, 0, sizeof(fsc));
132730Skan}
132730Skan
18334Speter/*
18334Speter * Called when a process has entered a system call.  nargs is the
18334Speter * number of words, not number of arguments (a necessary distinction
18334Speter * in some cases).  Note that if the STOPEVENT() code in i386/i386/trap.c
132730Skan * is ever changed these functions need to keep up.
18334Speter */
18334Speter
132730Skanvoid
132730Skani386_syscall_entry(int pid, int nargs) {
132730Skan  char buf[32];
132730Skan  struct reg regs = { 0 };
18334Speter  int syscall;
18334Speter  int i;
18334Speter  unsigned int parm_offset;
132730Skan  struct syscall *sc;
132730Skan
90075Sobrien  if (fd == -1 || pid != cpid) {
90075Sobrien    sprintf(buf, "/proc/%d/regs", pid);
117421Skan    fd = open(buf, O_RDWR);
90075Sobrien    if (fd == -1) {
90075Sobrien      fprintf(outfile, "-- CANNOT READ REGISTERS --\n");
90075Sobrien      return;
117421Skan    }
90075Sobrien    cpid = pid;
132730Skan  }
132730Skan
132730Skan  clear_fsc();
18334Speter  lseek(fd, 0L, 0);
132730Skan  i = read(fd, &regs, sizeof(regs));
132730Skan  parm_offset = regs.r_esp + sizeof(int);
132730Skan
18334Speter  /*
132730Skan   * FreeBSD has two special kinds of system call redirctions --
18334Speter   * SYS_syscall, and SYS___syscall.  The former is the old syscall()
132730Skan   * routine, basicly; the latter is for quad-aligned arguments.
132730Skan   */
18334Speter  syscall = regs.r_eax;
132730Skan  switch (syscall) {
132730Skan  case SYS_syscall:
132730Skan    lseek(Procfd, parm_offset, SEEK_SET);
132730Skan    read(Procfd, &syscall, sizeof(int));
18334Speter    parm_offset += sizeof(int);
18334Speter    break;
18334Speter  case SYS___syscall:
18334Speter    lseek(Procfd, parm_offset, SEEK_SET);
18334Speter    read(Procfd, &syscall, sizeof(int));
18334Speter    parm_offset += sizeof(quad_t);
18334Speter    break;
18334Speter  }
18334Speter
18334Speter  fsc.number = syscall;
96263Sobrien  fsc.name =
96263Sobrien    (syscall < 0 || syscall > nsyscalls) ? NULL : syscallnames[syscall];
96263Sobrien  if (!fsc.name) {
96263Sobrien    fprintf(outfile, "-- UNKNOWN SYSCALL %d --\n", syscall);
96263Sobrien  }
18334Speter
18334Speter  if (nargs == 0)
18334Speter    return;
18334Speter
18334Speter  fsc.args = malloc((1+nargs) * sizeof(unsigned long));
18334Speter  lseek(Procfd, parm_offset, SEEK_SET);
18334Speter  if (read(Procfd, fsc.args, nargs * sizeof(unsigned long)) == -1)
18334Speter    return;
18334Speter
132730Skan  sc = get_syscall(fsc.name);
132730Skan  if (sc) {
132730Skan    fsc.nargs = sc->nargs;
18334Speter  } else {
132730Skan#if DEBUG
18334Speter    fprintf(outfile, "unknown syscall %s -- setting args to %d\n",
132730Skan	   fsc.name, nargs);
132730Skan#endif
132730Skan    fsc.nargs = nargs;
132730Skan  }
132730Skan
18334Speter  fsc.s_args = malloc((1+fsc.nargs) * sizeof(char*));
132730Skan  memset(fsc.s_args, 0, fsc.nargs * sizeof(char*));
132730Skan  fsc.sc = sc;
132730Skan
132730Skan  /*
18334Speter   * At this point, we set up the system call arguments.
132730Skan   * We ignore any OUT ones, however -- those are arguments that
132730Skan   * are set by the system call, and so are probably meaningless
132730Skan   * now.  This doesn't currently support arguments that are
132730Skan   * passed in *and* out, however.
18334Speter   */
132730Skan
132730Skan  if (fsc.name) {
18334Speter
132730Skan#if DEBUG
132730Skan    fprintf(stderr, "syscall %s(", fsc.name);
132730Skan#endif
132730Skan    for (i = 0; i < fsc.nargs; i++) {
18334Speter#if DEBUG
132730Skan      fprintf(stderr, "0x%x%s",
132730Skan	     sc
18334Speter	     ? fsc.args[sc->args[i].offset]
132730Skan	     : fsc.args[i],
132730Skan	     i < (fsc.nargs -1) ? "," : "");
132730Skan#endif
18334Speter      if (sc && !(sc->args[i].type & OUT)) {
132730Skan	fsc.s_args[i] = print_arg(Procfd, &sc->args[i], fsc.args);
132730Skan      }
132730Skan    }
132730Skan#if DEBUG
18334Speter    fprintf(stderr, ")\n");
132730Skan#endif
132730Skan  }
18334Speter
132730Skan#if DEBUG
132730Skan  fprintf(outfile, "\n");
132730Skan#endif
132730Skan
132730Skan  /*
18334Speter   * Some system calls should be printed out before they are done --
132730Skan   * execve() and exit(), for example, never return.  Possibly change
132730Skan   * this to work for any system call that doesn't have an OUT
132730Skan   * parameter?
132730Skan   */
132730Skan
18334Speter  if (!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit")) {
132730Skan    print_syscall(outfile, fsc.name, fsc.nargs, fsc.s_args);
132730Skan  }
132730Skan
132730Skan  return;
18334Speter}
132730Skan
132730Skan/*
132730Skan * And when the system call is done, we handle it here.
18334Speter * Currently, no attempt is made to ensure that the system calls
132730Skan * match -- this needs to be fixed (and is, in fact, why S_SCX includes
132730Skan * the sytem call number instead of, say, an error status).
132730Skan */
132730Skan
90075Sobrienvoid
132730Skani386_syscall_exit(int pid, int syscall) {
132730Skan  char buf[32];
132730Skan  struct reg regs;
132730Skan  int retval;
132730Skan  int i;
18334Speter  int errorp;
132730Skan  struct syscall *sc;
132730Skan
132730Skan  if (fd == -1 || pid != cpid) {
18334Speter    sprintf(buf, "/proc/%d/regs", pid);
132730Skan    fd = open(buf, O_RDONLY);
18334Speter    if (fd == -1) {
132730Skan      fprintf(outfile, "-- CANNOT READ REGISTERS --\n");
18334Speter      return;
132730Skan    }
18334Speter    cpid = pid;
132730Skan  }
18334Speter
132730Skan  lseek(fd, 0L, 0);
132730Skan  if (read(fd, &regs, sizeof(regs)) != sizeof(regs))
132730Skan    return;
18334Speter  retval = regs.r_eax;
132730Skan  errorp = !!(regs.r_eflags & PSL_C);
18334Speter
132730Skan  /*
132730Skan   * This code, while simpler than the initial versions I used, could
18334Speter   * stand some significant cleaning.
132730Skan   */
18334Speter
132730Skan  sc = fsc.sc;
132730Skan  if (!sc) {
132730Skan    for (i = 0; i < fsc.nargs; i++) {
132730Skan      fsc.s_args[i] = malloc(12);
132730Skan      sprintf(fsc.s_args[i], "0x%lx", fsc.args[i]);
132730Skan    }
132730Skan  } else {
132730Skan    /*
132730Skan     * Here, we only look for arguments that have OUT masked in --
132730Skan     * otherwise, they were handled in the syscall_entry function.
18334Speter     */
132730Skan    for (i = 0; i < sc->nargs; i++) {
132730Skan      char *temp;
132730Skan      if (sc->args[i].type & OUT) {
132730Skan	/*
132730Skan	 * If an error occurred, than don't bothe getting the data;
132730Skan	 * it may not be valid.
132730Skan	 */
132730Skan	if (errorp) {
132730Skan	  temp = malloc(12);
132730Skan	  sprintf(temp, "0x%lx", fsc.args[sc->args[i].offset]);
90075Sobrien	} else {
132730Skan	  temp = print_arg(Procfd, &sc->args[i], fsc.args);
18334Speter	}
132730Skan	fsc.s_args[i] = temp;
18334Speter      }
132730Skan    }
132730Skan  }
132730Skan
132730Skan  /*
132730Skan   * It would probably be a good idea to merge the error handling,
132730Skan   * but that complicates things considerably.
18334Speter   */
18334Speter
18334Speter  print_syscall_ret(outfile, fsc.name, fsc.nargs, fsc.s_args, errorp, retval);
18334Speter  clear_fsc();
18334Speter
18334Speter  return;
132730Skan}
132730Skan