1 /* 2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk (at) cs.few.eur.nl> 3 * Copyright (c) 1993 Branko Lankester <branko (at) hacktic.nl> 4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs (at) world.std.com> 5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert (at) cistron.nl> 6 * Copyright (c) 1999 IBM Deutschland Entwicklung GmbH, IBM Corporation 7 * Linux for s390 port by D.J. Barrow 8 * <barrow_dj (at) mail.yahoo.com,djbarrow (at) de.ibm.com> 9 * Copyright (c) 1999-2018 The strace developers. 10 * All rights reserved. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. The name of the author may not be used to endorse or promote products 21 * derived from this software without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 24 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 25 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 26 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 27 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 28 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 29 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 30 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 32 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 */ 34 35 #include "defs.h" 36 #include "native_defs.h" 37 #include "ptrace.h" 38 #include "nsig.h" 39 #include "number_set.h" 40 #include <limits.h> 41 42 /* for struct iovec */ 43 #include <sys/uio.h> 44 45 /* for __X32_SYSCALL_BIT */ 46 #include <asm/unistd.h> 47 48 #include "regs.h" 49 50 #if defined(SPARC64) 51 # undef PTRACE_GETREGS 52 # define PTRACE_GETREGS PTRACE_GETREGS64 53 # undef PTRACE_SETREGS 54 # define PTRACE_SETREGS PTRACE_SETREGS64 55 #endif 56 57 #ifndef NT_PRSTATUS 58 # define NT_PRSTATUS 1 59 #endif 60 61 #include "syscall.h" 62 #include "xstring.h" 63 64 /* Define these shorthand notations to simplify the syscallent files. */ 65 #include "sysent_shorthand_defs.h" 66 67 #define SEN(syscall_name) SEN_ ## syscall_name, SYS_FUNC_NAME(sys_ ## syscall_name) 68 69 const struct_sysent sysent0[] = { 70 #include "syscallent.h" 71 }; 72 73 #if SUPPORTED_PERSONALITIES > 1 74 # include PERSONALITY1_INCLUDE_FUNCS 75 static const struct_sysent sysent1[] = { 76 # include "syscallent1.h" 77 }; 78 #endif 79 80 #if SUPPORTED_PERSONALITIES > 2 81 # include PERSONALITY2_INCLUDE_FUNCS 82 static const struct_sysent sysent2[] = { 83 # include "syscallent2.h" 84 }; 85 #endif 86 87 /* Now undef them since short defines cause wicked namespace pollution. */ 88 #include "sysent_shorthand_undefs.h" 89 90 /* 91 * `ioctlent[012].h' files are automatically generated by the auxiliary 92 * program `ioctlsort', such that the list is sorted by the `code' field. 93 * This has the side-effect of resolving the _IO.. macros into 94 * plain integers, eliminating the need to include here everything 95 * in "/usr/include". 96 */ 97 98 const char *const errnoent0[] = { 99 #include "errnoent.h" 100 }; 101 const char *const signalent0[] = { 102 #include "signalent.h" 103 }; 104 const struct_ioctlent ioctlent0[] = { 105 #include "ioctlent0.h" 106 }; 107 108 #if SUPPORTED_PERSONALITIES > 1 109 static const char *const errnoent1[] = { 110 # include "errnoent1.h" 111 }; 112 static const char *const signalent1[] = { 113 # include "signalent1.h" 114 }; 115 static const struct_ioctlent ioctlent1[] = { 116 # include "ioctlent1.h" 117 }; 118 # include PERSONALITY0_INCLUDE_PRINTERS_DECLS 119 static const struct_printers printers0 = { 120 # include PERSONALITY0_INCLUDE_PRINTERS_DEFS 121 }; 122 # include PERSONALITY1_INCLUDE_PRINTERS_DECLS 123 static const struct_printers printers1 = { 124 # include PERSONALITY1_INCLUDE_PRINTERS_DEFS 125 }; 126 #endif 127 128 #if SUPPORTED_PERSONALITIES > 2 129 static const char *const errnoent2[] = { 130 # include "errnoent2.h" 131 }; 132 static const char *const signalent2[] = { 133 # include "signalent2.h" 134 }; 135 static const struct_ioctlent ioctlent2[] = { 136 # include "ioctlent2.h" 137 }; 138 # include PERSONALITY2_INCLUDE_PRINTERS_DECLS 139 static const struct_printers printers2 = { 140 # include PERSONALITY2_INCLUDE_PRINTERS_DEFS 141 }; 142 #endif 143 144 enum { 145 nsyscalls0 = ARRAY_SIZE(sysent0) 146 #if SUPPORTED_PERSONALITIES > 1 147 , nsyscalls1 = ARRAY_SIZE(sysent1) 148 # if SUPPORTED_PERSONALITIES > 2 149 , nsyscalls2 = ARRAY_SIZE(sysent2) 150 # endif 151 #endif 152 }; 153 154 enum { 155 nerrnos0 = ARRAY_SIZE(errnoent0) 156 #if SUPPORTED_PERSONALITIES > 1 157 , nerrnos1 = ARRAY_SIZE(errnoent1) 158 # if SUPPORTED_PERSONALITIES > 2 159 , nerrnos2 = ARRAY_SIZE(errnoent2) 160 # endif 161 #endif 162 }; 163 164 enum { 165 nsignals0 = ARRAY_SIZE(signalent0) 166 #if SUPPORTED_PERSONALITIES > 1 167 , nsignals1 = ARRAY_SIZE(signalent1) 168 # if SUPPORTED_PERSONALITIES > 2 169 , nsignals2 = ARRAY_SIZE(signalent2) 170 # endif 171 #endif 172 }; 173 174 enum { 175 nioctlents0 = ARRAY_SIZE(ioctlent0) 176 #if SUPPORTED_PERSONALITIES > 1 177 , nioctlents1 = ARRAY_SIZE(ioctlent1) 178 # if SUPPORTED_PERSONALITIES > 2 179 , nioctlents2 = ARRAY_SIZE(ioctlent2) 180 # endif 181 #endif 182 }; 183 184 #if SUPPORTED_PERSONALITIES > 1 185 const struct_sysent *sysent = sysent0; 186 const char *const *errnoent = errnoent0; 187 const char *const *signalent = signalent0; 188 const struct_ioctlent *ioctlent = ioctlent0; 189 const struct_printers *printers = &printers0; 190 #endif 191 192 unsigned nsyscalls = nsyscalls0; 193 unsigned nerrnos = nerrnos0; 194 unsigned nsignals = nsignals0; 195 unsigned nioctlents = nioctlents0; 196 197 const unsigned int nsyscall_vec[SUPPORTED_PERSONALITIES] = { 198 nsyscalls0, 199 #if SUPPORTED_PERSONALITIES > 1 200 nsyscalls1, 201 #endif 202 #if SUPPORTED_PERSONALITIES > 2 203 nsyscalls2, 204 #endif 205 }; 206 const struct_sysent *const sysent_vec[SUPPORTED_PERSONALITIES] = { 207 sysent0, 208 #if SUPPORTED_PERSONALITIES > 1 209 sysent1, 210 #endif 211 #if SUPPORTED_PERSONALITIES > 2 212 sysent2, 213 #endif 214 }; 215 216 const char *const personality_names[] = 217 # if defined X86_64 218 {"64 bit", "32 bit", "x32"} 219 # elif defined X32 220 {"x32", "32 bit"} 221 # elif SUPPORTED_PERSONALITIES == 2 222 {"64 bit", "32 bit"} 223 # else 224 {STRINGIFY_VAL(__WORDSIZE) " bit"} 225 # endif 226 ; 227 228 #if SUPPORTED_PERSONALITIES > 1 229 230 unsigned current_personality; 231 232 # ifndef current_wordsize 233 unsigned current_wordsize = PERSONALITY0_WORDSIZE; 234 static const int personality_wordsize[SUPPORTED_PERSONALITIES] = { 235 PERSONALITY0_WORDSIZE, 236 PERSONALITY1_WORDSIZE, 237 # if SUPPORTED_PERSONALITIES > 2 238 PERSONALITY2_WORDSIZE, 239 # endif 240 }; 241 # endif 242 243 # ifndef current_klongsize 244 unsigned current_klongsize = PERSONALITY0_KLONGSIZE; 245 static const int personality_klongsize[SUPPORTED_PERSONALITIES] = { 246 PERSONALITY0_KLONGSIZE, 247 PERSONALITY1_KLONGSIZE, 248 # if SUPPORTED_PERSONALITIES > 2 249 PERSONALITY2_KLONGSIZE, 250 # endif 251 }; 252 # endif 253 254 void 255 set_personality(unsigned int personality) 256 { 257 if (personality == current_personality) 258 return; 259 260 if (personality >= SUPPORTED_PERSONALITIES) 261 error_msg_and_die("Requested switch to unsupported personality " 262 "%u", personality); 263 264 nsyscalls = nsyscall_vec[personality]; 265 sysent = sysent_vec[personality]; 266 267 switch (personality) { 268 case 0: 269 errnoent = errnoent0; 270 nerrnos = nerrnos0; 271 ioctlent = ioctlent0; 272 nioctlents = nioctlents0; 273 signalent = signalent0; 274 nsignals = nsignals0; 275 printers = &printers0; 276 break; 277 278 case 1: 279 errnoent = errnoent1; 280 nerrnos = nerrnos1; 281 ioctlent = ioctlent1; 282 nioctlents = nioctlents1; 283 signalent = signalent1; 284 nsignals = nsignals1; 285 printers = &printers1; 286 break; 287 288 # if SUPPORTED_PERSONALITIES > 2 289 case 2: 290 errnoent = errnoent2; 291 nerrnos = nerrnos2; 292 ioctlent = ioctlent2; 293 nioctlents = nioctlents2; 294 signalent = signalent2; 295 nsignals = nsignals2; 296 printers = &printers2; 297 break; 298 # endif 299 } 300 301 current_personality = personality; 302 # ifndef current_wordsize 303 current_wordsize = personality_wordsize[personality]; 304 # endif 305 # ifndef current_klongsize 306 current_klongsize = personality_klongsize[personality]; 307 # endif 308 } 309 310 static void 311 update_personality(struct tcb *tcp, unsigned int personality) 312 { 313 static bool need_mpers_warning[] = 314 { false, !HAVE_PERSONALITY_1_MPERS, !HAVE_PERSONALITY_2_MPERS }; 315 316 set_personality(personality); 317 318 if (personality == tcp->currpers) 319 return; 320 tcp->currpers = personality; 321 322 if (!qflag) { 323 error_msg("[ Process PID=%d runs in %s mode. ]", 324 tcp->pid, personality_names[personality]); 325 } 326 327 if (need_mpers_warning[personality]) { 328 error_msg("WARNING: Proper structure decoding for this " 329 "personality is not supported, please consider " 330 "building strace with mpers support enabled."); 331 need_mpers_warning[personality] = false; 332 } 333 } 334 #endif 335 336 #ifdef SYS_socket_subcall 337 static void 338 decode_socket_subcall(struct tcb *tcp) 339 { 340 const int call = tcp->u_arg[0]; 341 342 if (call < 1 || call >= SYS_socket_nsubcalls) 343 return; 344 345 const kernel_ulong_t scno = SYS_socket_subcall + call; 346 const unsigned int nargs = sysent[scno].nargs; 347 uint64_t buf[nargs]; 348 349 if (umoven(tcp, tcp->u_arg[1], nargs * current_wordsize, buf) < 0) 350 return; 351 352 tcp->scno = scno; 353 tcp->qual_flg = qual_flags(scno); 354 tcp->s_ent = &sysent[scno]; 355 356 unsigned int i; 357 for (i = 0; i < nargs; ++i) 358 tcp->u_arg[i] = (sizeof(uint32_t) == current_wordsize) 359 ? ((uint32_t *) (void *) buf)[i] : buf[i]; 360 } 361 #endif /* SYS_socket_subcall */ 362 363 #ifdef SYS_ipc_subcall 364 static void 365 decode_ipc_subcall(struct tcb *tcp) 366 { 367 unsigned int call = tcp->u_arg[0]; 368 const unsigned int version = call >> 16; 369 370 if (version) { 371 # if defined S390 || defined S390X 372 return; 373 # else 374 # ifdef SPARC64 375 if (current_wordsize == 8) 376 return; 377 # endif 378 set_tcb_priv_ulong(tcp, version); 379 call &= 0xffff; 380 # endif 381 } 382 383 switch (call) { 384 case 1: case 2: case 3: case 4: 385 case 11: case 12: case 13: case 14: 386 case 21: case 22: case 23: case 24: 387 break; 388 default: 389 return; 390 } 391 392 tcp->scno = SYS_ipc_subcall + call; 393 tcp->qual_flg = qual_flags(tcp->scno); 394 tcp->s_ent = &sysent[tcp->scno]; 395 396 const unsigned int n = tcp->s_ent->nargs; 397 unsigned int i; 398 for (i = 0; i < n; i++) 399 tcp->u_arg[i] = tcp->u_arg[i + 1]; 400 } 401 #endif /* SYS_ipc_subcall */ 402 403 #ifdef SYS_syscall_subcall 404 static void 405 decode_syscall_subcall(struct tcb *tcp) 406 { 407 if (!scno_is_valid(tcp->u_arg[0])) 408 return; 409 tcp->scno = tcp->u_arg[0]; 410 tcp->qual_flg = qual_flags(tcp->scno); 411 tcp->s_ent = &sysent[tcp->scno]; 412 memmove(&tcp->u_arg[0], &tcp->u_arg[1], 413 sizeof(tcp->u_arg) - sizeof(tcp->u_arg[0])); 414 # ifdef LINUX_MIPSO32 415 /* 416 * Fetching the last arg of 7-arg syscalls (fadvise64_64 417 * and sync_file_range) requires additional code, 418 * see linux/mips/get_syscall_args.c 419 */ 420 if (tcp->s_ent->nargs == MAX_ARGS) { 421 if (umoven(tcp, 422 mips_REG_SP + MAX_ARGS * sizeof(tcp->u_arg[0]), 423 sizeof(tcp->u_arg[0]), 424 &tcp->u_arg[MAX_ARGS - 1]) < 0) 425 tcp->u_arg[MAX_ARGS - 1] = 0; 426 } 427 # endif /* LINUX_MIPSO32 */ 428 } 429 #endif /* SYS_syscall_subcall */ 430 431 static void 432 dumpio(struct tcb *tcp) 433 { 434 if (syserror(tcp)) 435 return; 436 437 int fd = tcp->u_arg[0]; 438 if (fd < 0) 439 return; 440 441 if (is_number_in_set(fd, read_set)) { 442 switch (tcp->s_ent->sen) { 443 case SEN_read: 444 case SEN_pread: 445 case SEN_recv: 446 case SEN_recvfrom: 447 case SEN_mq_timedreceive: 448 dumpstr(tcp, tcp->u_arg[1], tcp->u_rval); 449 return; 450 case SEN_readv: 451 case SEN_preadv: 452 case SEN_preadv2: 453 dumpiov_upto(tcp, tcp->u_arg[2], tcp->u_arg[1], 454 tcp->u_rval); 455 return; 456 case SEN_recvmsg: 457 dumpiov_in_msghdr(tcp, tcp->u_arg[1], tcp->u_rval); 458 return; 459 case SEN_recvmmsg: 460 dumpiov_in_mmsghdr(tcp, tcp->u_arg[1]); 461 return; 462 } 463 } 464 if (is_number_in_set(fd, write_set)) { 465 switch (tcp->s_ent->sen) { 466 case SEN_write: 467 case SEN_pwrite: 468 case SEN_send: 469 case SEN_sendto: 470 case SEN_mq_timedsend: 471 dumpstr(tcp, tcp->u_arg[1], tcp->u_arg[2]); 472 break; 473 case SEN_writev: 474 case SEN_pwritev: 475 case SEN_pwritev2: 476 case SEN_vmsplice: 477 dumpiov_upto(tcp, tcp->u_arg[2], tcp->u_arg[1], -1); 478 break; 479 case SEN_sendmsg: 480 dumpiov_in_msghdr(tcp, tcp->u_arg[1], -1); 481 break; 482 case SEN_sendmmsg: 483 dumpiov_in_mmsghdr(tcp, tcp->u_arg[1]); 484 break; 485 } 486 } 487 } 488 489 const char * 490 err_name(unsigned long err) 491 { 492 if ((err < nerrnos) && errnoent[err]) 493 return errnoent[err]; 494 495 return NULL; 496 } 497 498 static long get_regs(struct tcb *); 499 static int get_syscall_args(struct tcb *); 500 static int get_syscall_result(struct tcb *); 501 static int arch_get_scno(struct tcb *tcp); 502 static int arch_set_scno(struct tcb *, kernel_ulong_t); 503 static void get_error(struct tcb *, const bool); 504 static int arch_set_error(struct tcb *); 505 static int arch_set_success(struct tcb *); 506 507 struct inject_opts *inject_vec[SUPPORTED_PERSONALITIES]; 508 509 static struct inject_opts * 510 tcb_inject_opts(struct tcb *tcp) 511 { 512 return (scno_in_range(tcp->scno) && tcp->inject_vec[current_personality]) 513 ? &tcp->inject_vec[current_personality][tcp->scno] : NULL; 514 } 515 516 517 static long 518 tamper_with_syscall_entering(struct tcb *tcp, unsigned int *signo) 519 { 520 if (!tcp->inject_vec[current_personality]) { 521 tcp->inject_vec[current_personality] = 522 xcalloc(nsyscalls, sizeof(**inject_vec)); 523 memcpy(tcp->inject_vec[current_personality], 524 inject_vec[current_personality], 525 nsyscalls * sizeof(**inject_vec)); 526 } 527 528 struct inject_opts *opts = tcb_inject_opts(tcp); 529 530 if (!opts || opts->first == 0) 531 return 0; 532 533 --opts->first; 534 535 if (opts->first != 0) 536 return 0; 537 538 opts->first = opts->step; 539 540 if (!recovering(tcp)) { 541 if (opts->data.flags & INJECT_F_SIGNAL) 542 *signo = opts->data.signo; 543 if (opts->data.flags & INJECT_F_RETVAL && 544 !arch_set_scno(tcp, -1)) 545 tcp->flags |= TCB_TAMPERED; 546 } 547 548 return 0; 549 } 550 551 static long 552 tamper_with_syscall_exiting(struct tcb *tcp) 553 { 554 if (!syserror(tcp)) { 555 error_msg("Failed to tamper with process %d: got no error " 556 "(return value %#" PRI_klx ")", 557 tcp->pid, tcp->u_rval); 558 559 return 1; 560 } 561 562 struct inject_opts *opts = tcb_inject_opts(tcp); 563 bool update_tcb = false; 564 565 if (!opts) 566 return 0; 567 568 if (opts->data.rval >= 0) { 569 kernel_long_t u_rval = tcp->u_rval; 570 571 tcp->u_rval = opts->data.rval; 572 if (arch_set_success(tcp)) { 573 tcp->u_rval = u_rval; 574 } else { 575 update_tcb = true; 576 tcp->u_error = 0; 577 } 578 } else { 579 unsigned long new_error = -opts->data.rval; 580 581 if (new_error != tcp->u_error && new_error <= MAX_ERRNO_VALUE) { 582 unsigned long u_error = tcp->u_error; 583 584 tcp->u_error = new_error; 585 if (arch_set_error(tcp)) { 586 tcp->u_error = u_error; 587 } else { 588 update_tcb = true; 589 } 590 } 591 } 592 593 if (update_tcb) { 594 tcp->u_error = 0; 595 get_error(tcp, !(tcp->s_ent->sys_flags & SYSCALL_NEVER_FAILS)); 596 } 597 598 return 0; 599 } 600 601 /* 602 * Returns: 603 * 0: "ignore this ptrace stop", bail out silently. 604 * 1: ok, decoded; call 605 * syscall_entering_finish(tcp, syscall_entering_trace(tcp, ...)). 606 * other: error; call syscall_entering_finish(tcp, res), where res is the value 607 * returned. 608 */ 609 int 610 syscall_entering_decode(struct tcb *tcp) 611 { 612 int res = get_scno(tcp); 613 if (res == 0) 614 return res; 615 int scno_good = res; 616 if (res != 1 || (res = get_syscall_args(tcp)) != 1) { 617 printleader(tcp); 618 tprintf("%s(", scno_good == 1 ? tcp->s_ent->sys_name : "????"); 619 /* 620 * " <unavailable>" will be added later by the code which 621 * detects ptrace errors. 622 */ 623 return res; 624 } 625 626 #if defined SYS_ipc_subcall \ 627 || defined SYS_socket_subcall \ 628 || defined SYS_syscall_subcall 629 for (;;) { 630 switch (tcp->s_ent->sen) { 631 # ifdef SYS_ipc_subcall 632 case SEN_ipc: 633 decode_ipc_subcall(tcp); 634 break; 635 # endif 636 # ifdef SYS_socket_subcall 637 case SEN_socketcall: 638 decode_socket_subcall(tcp); 639 break; 640 # endif 641 # ifdef SYS_syscall_subcall 642 case SEN_syscall: 643 decode_syscall_subcall(tcp); 644 if (tcp->s_ent->sen != SEN_syscall) 645 continue; 646 break; 647 # endif 648 } 649 break; 650 } 651 #endif 652 653 return 1; 654 } 655 656 int 657 syscall_entering_trace(struct tcb *tcp, unsigned int *sig) 658 { 659 /* Restrain from fault injection while the trace executes strace code. */ 660 if (hide_log(tcp)) { 661 tcp->qual_flg &= ~QUAL_INJECT; 662 } 663 664 switch (tcp->s_ent->sen) { 665 case SEN_execve: 666 case SEN_execveat: 667 #if defined SPARC || defined SPARC64 668 case SEN_execv: 669 #endif 670 tcp->flags &= ~TCB_HIDE_LOG; 671 break; 672 } 673 674 if (!traced(tcp) || (tracing_paths && !pathtrace_match(tcp))) { 675 tcp->flags |= TCB_FILTERED; 676 return 0; 677 } 678 679 tcp->flags &= ~TCB_FILTERED; 680 681 if (hide_log(tcp)) { 682 return 0; 683 } 684 685 if (inject(tcp)) 686 tamper_with_syscall_entering(tcp, sig); 687 688 if (cflag == CFLAG_ONLY_STATS) { 689 return 0; 690 } 691 692 #ifdef USE_LIBUNWIND 693 if (stack_trace_enabled) { 694 if (tcp->s_ent->sys_flags & STACKTRACE_CAPTURE_ON_ENTER) 695 unwind_capture_stacktrace(tcp); 696 } 697 #endif 698 699 printleader(tcp); 700 tprintf("%s(", tcp->s_ent->sys_name); 701 int res = raw(tcp) ? printargs(tcp) : tcp->s_ent->sys_func(tcp); 702 fflush(tcp->outf); 703 return res; 704 } 705 706 void 707 syscall_entering_finish(struct tcb *tcp, int res) 708 { 709 tcp->flags |= TCB_INSYSCALL; 710 tcp->sys_func_rval = res; 711 /* Measure the entrance time as late as possible to avoid errors. */ 712 if ((Tflag || cflag) && !filtered(tcp)) 713 gettimeofday(&tcp->etime, NULL); 714 } 715 716 /* Returns: 717 * 0: "bail out". 718 * 1: ok. 719 * -1: error in one of ptrace ops. 720 * 721 * If not 0, call syscall_exiting_trace(tcp, res), where res is the return 722 * value. Anyway, call syscall_exiting_finish(tcp) then. 723 */ 724 int 725 syscall_exiting_decode(struct tcb *tcp, struct timeval *ptv) 726 { 727 /* Measure the exit time as early as possible to avoid errors. */ 728 if ((Tflag || cflag) && !(filtered(tcp) || hide_log(tcp))) 729 gettimeofday(ptv, NULL); 730 731 #ifdef USE_LIBUNWIND 732 if (stack_trace_enabled) { 733 if (tcp->s_ent->sys_flags & STACKTRACE_INVALIDATE_CACHE) 734 unwind_cache_invalidate(tcp); 735 } 736 #endif 737 738 if (filtered(tcp) || hide_log(tcp)) 739 return 0; 740 741 #if SUPPORTED_PERSONALITIES > 1 742 update_personality(tcp, tcp->currpers); 743 #endif 744 745 return get_syscall_result(tcp); 746 } 747 748 int 749 syscall_exiting_trace(struct tcb *tcp, struct timeval tv, int res) 750 { 751 if (syscall_tampered(tcp)) 752 tamper_with_syscall_exiting(tcp); 753 754 if (cflag) { 755 count_syscall(tcp, &tv); 756 if (cflag == CFLAG_ONLY_STATS) { 757 return 0; 758 } 759 } 760 761 /* If not in -ff mode, and printing_tcp != tcp, 762 * then the log currently does not end with output 763 * of _our syscall entry_, but with something else. 764 * We need to say which syscall's return is this. 765 * 766 * Forced reprinting via TCB_REPRINT is used only by 767 * "strace -ff -oLOG test/threaded_execve" corner case. 768 * It's the only case when -ff mode needs reprinting. 769 */ 770 if ((followfork < 2 && printing_tcp != tcp) || (tcp->flags & TCB_REPRINT)) { 771 tcp->flags &= ~TCB_REPRINT; 772 printleader(tcp); 773 tprintf("<... %s resumed> ", tcp->s_ent->sys_name); 774 } 775 printing_tcp = tcp; 776 777 tcp->s_prev_ent = NULL; 778 if (res != 1) { 779 /* There was error in one of prior ptrace ops */ 780 tprints(") "); 781 tabto(); 782 tprints("= ? <unavailable>\n"); 783 line_ended(); 784 return res; 785 } 786 tcp->s_prev_ent = tcp->s_ent; 787 788 int sys_res = 0; 789 if (raw(tcp)) { 790 /* sys_res = printargs(tcp); - but it's nop on sysexit */ 791 } else { 792 /* FIXME: not_failing_only (IOW, option -z) is broken: 793 * failure of syscall is known only after syscall return. 794 * Thus we end up with something like this on, say, ENOENT: 795 * open("does_not_exist", O_RDONLY <unfinished ...> 796 * {next syscall decode} 797 * whereas the intended result is that open(...) line 798 * is not shown at all. 799 */ 800 if (not_failing_only && tcp->u_error) 801 return 0; /* ignore failed syscalls */ 802 if (tcp->sys_func_rval & RVAL_DECODED) 803 sys_res = tcp->sys_func_rval; 804 else 805 sys_res = tcp->s_ent->sys_func(tcp); 806 } 807 808 tprints(") "); 809 tabto(); 810 unsigned long u_error = tcp->u_error; 811 kernel_long_t u_rval; 812 813 if (raw(tcp)) { 814 if (u_error) { 815 tprintf("= -1 (errno %lu)", u_error); 816 } else { 817 tprintf("= %#" PRI_klx, tcp->u_rval); 818 } 819 if (syscall_tampered(tcp)) 820 tprints(" (INJECTED)"); 821 } else if (!(sys_res & RVAL_NONE) && u_error) { 822 const char *u_error_str; 823 824 switch (u_error) { 825 /* Blocked signals do not interrupt any syscalls. 826 * In this case syscalls don't return ERESTARTfoo codes. 827 * 828 * Deadly signals set to SIG_DFL interrupt syscalls 829 * and kill the process regardless of which of the codes below 830 * is returned by the interrupted syscall. 831 * In some cases, kernel forces a kernel-generated deadly 832 * signal to be unblocked and set to SIG_DFL (and thus cause 833 * death) if it is blocked or SIG_IGNed: for example, SIGSEGV 834 * or SIGILL. (The alternative is to leave process spinning 835 * forever on the faulty instruction - not useful). 836 * 837 * SIG_IGNed signals and non-deadly signals set to SIG_DFL 838 * (for example, SIGCHLD, SIGWINCH) interrupt syscalls, 839 * but kernel will always restart them. 840 */ 841 case ERESTARTSYS: 842 /* Most common type of signal-interrupted syscall exit code. 843 * The system call will be restarted with the same arguments 844 * if SA_RESTART is set; otherwise, it will fail with EINTR. 845 */ 846 tprints("= ? ERESTARTSYS (To be restarted if SA_RESTART is set)"); 847 break; 848 case ERESTARTNOINTR: 849 /* Rare. For example, fork() returns this if interrupted. 850 * SA_RESTART is ignored (assumed set): the restart is unconditional. 851 */ 852 tprints("= ? ERESTARTNOINTR (To be restarted)"); 853 break; 854 case ERESTARTNOHAND: 855 /* pause(), rt_sigsuspend() etc use this code. 856 * SA_RESTART is ignored (assumed not set): 857 * syscall won't restart (will return EINTR instead) 858 * even after signal with SA_RESTART set. However, 859 * after SIG_IGN or SIG_DFL signal it will restart 860 * (thus the name "restart only if has no handler"). 861 */ 862 tprints("= ? ERESTARTNOHAND (To be restarted if no handler)"); 863 break; 864 case ERESTART_RESTARTBLOCK: 865 /* Syscalls like nanosleep(), poll() which can't be 866 * restarted with their original arguments use this 867 * code. Kernel will execute restart_syscall() instead, 868 * which changes arguments before restarting syscall. 869 * SA_RESTART is ignored (assumed not set) similarly 870 * to ERESTARTNOHAND. (Kernel can't honor SA_RESTART 871 * since restart data is saved in "restart block" 872 * in task struct, and if signal handler uses a syscall 873 * which in turn saves another such restart block, 874 * old data is lost and restart becomes impossible) 875 */ 876 tprints("= ? ERESTART_RESTARTBLOCK (Interrupted by signal)"); 877 break; 878 default: 879 u_rval = sys_res & RVAL_PRINT_ERR_VAL ? 880 tcp->u_rval : -1; 881 u_error_str = err_name(u_error); 882 if (u_error_str) 883 tprintf("= %" PRI_kld " %s (%s)", 884 u_rval, u_error_str, strerror(u_error)); 885 else 886 tprintf("= %" PRI_kld " %lu (%s)", 887 u_rval, u_error, strerror(u_error)); 888 break; 889 } 890 if (syscall_tampered(tcp)) 891 tprints(" (INJECTED)"); 892 if ((sys_res & RVAL_STR) && tcp->auxstr) 893 tprintf(" (%s)", tcp->auxstr); 894 } else { 895 if (sys_res & RVAL_NONE) 896 tprints("= ?"); 897 else { 898 switch (sys_res & RVAL_MASK) { 899 case RVAL_HEX: 900 #if ANY_WORDSIZE_LESS_THAN_KERNEL_LONG 901 if (current_klongsize < sizeof(tcp->u_rval)) { 902 tprintf("= %#x", 903 (unsigned int) tcp->u_rval); 904 } else 905 #endif 906 { 907 tprintf("= %#" PRI_klx, tcp->u_rval); 908 } 909 break; 910 case RVAL_OCTAL: 911 tprints("= "); 912 print_numeric_long_umask(tcp->u_rval); 913 break; 914 case RVAL_UDECIMAL: 915 #if ANY_WORDSIZE_LESS_THAN_KERNEL_LONG 916 if (current_klongsize < sizeof(tcp->u_rval)) { 917 tprintf("= %u", 918 (unsigned int) tcp->u_rval); 919 } else 920 #endif 921 { 922 tprintf("= %" PRI_klu, tcp->u_rval); 923 } 924 break; 925 case RVAL_DECIMAL: 926 tprintf("= %" PRI_kld, tcp->u_rval); 927 break; 928 case RVAL_FD: 929 if (show_fd_path) { 930 tprints("= "); 931 printfd(tcp, tcp->u_rval); 932 } else 933 tprintf("= %" PRI_kld, tcp->u_rval); 934 break; 935 default: 936 error_msg("invalid rval format"); 937 break; 938 } 939 } 940 if ((sys_res & RVAL_STR) && tcp->auxstr) 941 tprintf(" (%s)", tcp->auxstr); 942 if (syscall_tampered(tcp)) 943 tprints(" (INJECTED)"); 944 } 945 if (Tflag) { 946 tv_sub(&tv, &tv, &tcp->etime); 947 tprintf(" <%ld.%06ld>", 948 (long) tv.tv_sec, (long) tv.tv_usec); 949 } 950 tprints("\n"); 951 dumpio(tcp); 952 line_ended(); 953 954 #ifdef USE_LIBUNWIND 955 if (stack_trace_enabled) 956 unwind_print_stacktrace(tcp); 957 #endif 958 return 0; 959 } 960 961 void 962 syscall_exiting_finish(struct tcb *tcp) 963 { 964 tcp->flags &= ~(TCB_INSYSCALL | TCB_TAMPERED); 965 tcp->sys_func_rval = 0; 966 free_tcb_priv_data(tcp); 967 } 968 969 bool 970 is_erestart(struct tcb *tcp) 971 { 972 switch (tcp->u_error) { 973 case ERESTARTSYS: 974 case ERESTARTNOINTR: 975 case ERESTARTNOHAND: 976 case ERESTART_RESTARTBLOCK: 977 return true; 978 default: 979 return false; 980 } 981 } 982 983 static unsigned long saved_u_error; 984 985 void 986 temporarily_clear_syserror(struct tcb *tcp) 987 { 988 saved_u_error = tcp->u_error; 989 tcp->u_error = 0; 990 } 991 992 void 993 restore_cleared_syserror(struct tcb *tcp) 994 { 995 tcp->u_error = saved_u_error; 996 } 997 998 #include "arch_regs.c" 999 1000 #if HAVE_ARCH_GETRVAL2 1001 # include "arch_getrval2.c" 1002 #endif 1003 1004 void 1005 print_pc(struct tcb *tcp) 1006 { 1007 #if defined ARCH_PC_REG 1008 # define ARCH_GET_PC 0 1009 #elif defined ARCH_PC_PEEK_ADDR 1010 kernel_ulong_t pc; 1011 # define ARCH_PC_REG pc 1012 # define ARCH_GET_PC upeek(tcp, ARCH_PC_PEEK_ADDR, &pc) 1013 #else 1014 # error Neither ARCH_PC_REG nor ARCH_PC_PEEK_ADDR is defined 1015 #endif 1016 if (get_regs(tcp) < 0 || ARCH_GET_PC) 1017 tprints(current_wordsize == 4 ? "[????????] " 1018 : "[????????????????] "); 1019 else 1020 tprintf(current_wordsize == 4 1021 ? "[%08" PRI_klx "] " : "[%016" PRI_klx "] ", 1022 (kernel_ulong_t) ARCH_PC_REG); 1023 } 1024 1025 #include "getregs_old.h" 1026 1027 #undef ptrace_getregset_or_getregs 1028 #undef ptrace_setregset_or_setregs 1029 #ifdef ARCH_REGS_FOR_GETREGSET 1030 1031 # define ptrace_getregset_or_getregs ptrace_getregset 1032 static long 1033 ptrace_getregset(pid_t pid) 1034 { 1035 # ifdef ARCH_IOVEC_FOR_GETREGSET 1036 /* variable iovec */ 1037 ARCH_IOVEC_FOR_GETREGSET.iov_len = sizeof(ARCH_REGS_FOR_GETREGSET); 1038 return ptrace(PTRACE_GETREGSET, pid, NT_PRSTATUS, 1039 &ARCH_IOVEC_FOR_GETREGSET); 1040 # else 1041 /* constant iovec */ 1042 static struct iovec io = { 1043 .iov_base = &ARCH_REGS_FOR_GETREGSET, 1044 .iov_len = sizeof(ARCH_REGS_FOR_GETREGSET) 1045 }; 1046 return ptrace(PTRACE_GETREGSET, pid, NT_PRSTATUS, &io); 1047 1048 # endif 1049 } 1050 1051 # ifndef HAVE_GETREGS_OLD 1052 # define ptrace_setregset_or_setregs ptrace_setregset 1053 static int 1054 ptrace_setregset(pid_t pid) 1055 { 1056 # ifdef ARCH_IOVEC_FOR_GETREGSET 1057 /* variable iovec */ 1058 return ptrace(PTRACE_SETREGSET, pid, NT_PRSTATUS, 1059 &ARCH_IOVEC_FOR_GETREGSET); 1060 # else 1061 /* constant iovec */ 1062 static struct iovec io = { 1063 .iov_base = &ARCH_REGS_FOR_GETREGSET, 1064 .iov_len = sizeof(ARCH_REGS_FOR_GETREGSET) 1065 }; 1066 return ptrace(PTRACE_SETREGSET, pid, NT_PRSTATUS, &io); 1067 # endif 1068 } 1069 # endif /* !HAVE_GETREGS_OLD */ 1070 1071 #elif defined ARCH_REGS_FOR_GETREGS 1072 1073 # define ptrace_getregset_or_getregs ptrace_getregs 1074 static long 1075 ptrace_getregs(pid_t pid) 1076 { 1077 # if defined SPARC || defined SPARC64 1078 /* SPARC systems have the meaning of data and addr reversed */ 1079 return ptrace(PTRACE_GETREGS, pid, (void *) &ARCH_REGS_FOR_GETREGS, 0); 1080 # else 1081 return ptrace(PTRACE_GETREGS, pid, NULL, &ARCH_REGS_FOR_GETREGS); 1082 # endif 1083 } 1084 1085 # ifndef HAVE_GETREGS_OLD 1086 # define ptrace_setregset_or_setregs ptrace_setregs 1087 static int 1088 ptrace_setregs(pid_t pid) 1089 { 1090 # if defined SPARC || defined SPARC64 1091 /* SPARC systems have the meaning of data and addr reversed */ 1092 return ptrace(PTRACE_SETREGS, pid, (void *) &ARCH_REGS_FOR_GETREGS, 0); 1093 # else 1094 return ptrace(PTRACE_SETREGS, pid, NULL, &ARCH_REGS_FOR_GETREGS); 1095 # endif 1096 } 1097 # endif /* !HAVE_GETREGS_OLD */ 1098 1099 #endif /* ARCH_REGS_FOR_GETREGSET || ARCH_REGS_FOR_GETREGS */ 1100 1101 #ifdef ptrace_getregset_or_getregs 1102 static long get_regs_error; 1103 #endif 1104 1105 void 1106 clear_regs(struct tcb *tcp) 1107 { 1108 #ifdef ptrace_getregset_or_getregs 1109 get_regs_error = -1; 1110 #endif 1111 } 1112 1113 static long 1114 get_regs(struct tcb *const tcp) 1115 { 1116 #ifdef ptrace_getregset_or_getregs 1117 1118 if (get_regs_error != -1) 1119 return get_regs_error; 1120 1121 # ifdef HAVE_GETREGS_OLD 1122 /* 1123 * Try PTRACE_GETREGSET/PTRACE_GETREGS first, 1124 * fallback to getregs_old. 1125 */ 1126 static int use_getregs_old; 1127 if (use_getregs_old < 0) { 1128 return get_regs_error = ptrace_getregset_or_getregs(tcp->pid); 1129 } else if (use_getregs_old == 0) { 1130 get_regs_error = ptrace_getregset_or_getregs(tcp->pid); 1131 if (get_regs_error >= 0) { 1132 use_getregs_old = -1; 1133 return get_regs_error; 1134 } 1135 if (errno == EPERM || errno == ESRCH) 1136 return get_regs_error; 1137 use_getregs_old = 1; 1138 } 1139 return get_regs_error = getregs_old(tcp); 1140 # else /* !HAVE_GETREGS_OLD */ 1141 /* Assume that PTRACE_GETREGSET/PTRACE_GETREGS works. */ 1142 get_regs_error = ptrace_getregset_or_getregs(tcp->pid); 1143 1144 # if defined ARCH_PERSONALITY_0_IOV_SIZE 1145 if (get_regs_error) 1146 return get_regs_error; 1147 1148 switch (ARCH_IOVEC_FOR_GETREGSET.iov_len) { 1149 case ARCH_PERSONALITY_0_IOV_SIZE: 1150 update_personality(tcp, 0); 1151 break; 1152 case ARCH_PERSONALITY_1_IOV_SIZE: 1153 update_personality(tcp, 1); 1154 break; 1155 default: { 1156 static bool printed = false; 1157 1158 if (!printed) { 1159 error_msg("Unsupported regset size returned by " 1160 "PTRACE_GETREGSET: %zu", 1161 ARCH_IOVEC_FOR_GETREGSET.iov_len); 1162 1163 printed = true; 1164 } 1165 1166 update_personality(tcp, 0); 1167 } 1168 } 1169 # endif /* ARCH_PERSONALITY_0_IOV_SIZE */ 1170 1171 return get_regs_error; 1172 1173 # endif /* !HAVE_GETREGS_OLD */ 1174 1175 #else /* !ptrace_getregset_or_getregs */ 1176 1177 # warning get_regs is not implemented for this architecture yet 1178 return 0; 1179 1180 #endif /* !ptrace_getregset_or_getregs */ 1181 } 1182 1183 #ifdef ptrace_setregset_or_setregs 1184 static int 1185 set_regs(pid_t pid) 1186 { 1187 return ptrace_setregset_or_setregs(pid); 1188 } 1189 #endif /* ptrace_setregset_or_setregs */ 1190 1191 struct sysent_buf { 1192 struct tcb *tcp; 1193 struct_sysent ent; 1194 char buf[sizeof("syscall_0x") + sizeof(kernel_ulong_t) * 2]; 1195 }; 1196 1197 static void 1198 free_sysent_buf(void *ptr) 1199 { 1200 struct sysent_buf *s = ptr; 1201 s->tcp->s_prev_ent = s->tcp->s_ent = NULL; 1202 free(ptr); 1203 } 1204 1205 /* 1206 * Returns: 1207 * 0: "ignore this ptrace stop", syscall_entering_decode() should return a "bail 1208 * out silently" code. 1209 * 1: ok, continue in syscall_entering_decode(). 1210 * other: error, syscall_entering_decode() should print error indicator 1211 * ("????" etc) and return an appropriate code. 1212 */ 1213 int 1214 get_scno(struct tcb *tcp) 1215 { 1216 if (get_regs(tcp) < 0) 1217 return -1; 1218 1219 int rc = arch_get_scno(tcp); 1220 if (rc != 1) 1221 return rc; 1222 1223 tcp->scno = shuffle_scno(tcp->scno); 1224 1225 if (scno_is_valid(tcp->scno)) { 1226 tcp->s_ent = &sysent[tcp->scno]; 1227 tcp->qual_flg = qual_flags(tcp->scno); 1228 } else { 1229 struct sysent_buf *s = xcalloc(1, sizeof(*s)); 1230 1231 s->tcp = tcp; 1232 s->ent.nargs = MAX_ARGS; 1233 s->ent.sen = SEN_printargs; 1234 s->ent.sys_func = printargs; 1235 s->ent.sys_name = s->buf; 1236 xsprintf(s->buf, "syscall_%#" PRI_klx, shuffle_scno(tcp->scno)); 1237 1238 tcp->s_ent = &s->ent; 1239 tcp->qual_flg = QUAL_RAW | DEFAULT_QUAL_FLAGS; 1240 1241 set_tcb_priv_data(tcp, s, free_sysent_buf); 1242 1243 debug_msg("pid %d invalid syscall %#" PRI_klx, 1244 tcp->pid, shuffle_scno(tcp->scno)); 1245 } 1246 1247 /* 1248 * We refrain from argument decoding during recovering 1249 * as tracee memory mappings has changed and the registers 1250 * are very likely pointing to garbage already. 1251 */ 1252 if (recovering(tcp)) 1253 tcp->qual_flg |= QUAL_RAW; 1254 1255 return 1; 1256 } 1257 1258 #ifdef ptrace_getregset_or_getregs 1259 # define get_syscall_result_regs get_regs 1260 #else 1261 static int get_syscall_result_regs(struct tcb *); 1262 #endif 1263 1264 /* Returns: 1265 * 1: ok, continue in syscall_exiting_trace(). 1266 * -1: error, syscall_exiting_trace() should print error indicator 1267 * ("????" etc) and bail out. 1268 */ 1269 static int 1270 get_syscall_result(struct tcb *tcp) 1271 { 1272 if (get_syscall_result_regs(tcp) < 0) 1273 return -1; 1274 tcp->u_error = 0; 1275 get_error(tcp, 1276 !(tcp->s_ent->sys_flags & SYSCALL_NEVER_FAILS) 1277 || syscall_tampered(tcp)); 1278 1279 return 1; 1280 } 1281 1282 #include "get_scno.c" 1283 #include "set_scno.c" 1284 #include "get_syscall_args.c" 1285 #ifndef ptrace_getregset_or_getregs 1286 # include "get_syscall_result.c" 1287 #endif 1288 #include "get_error.c" 1289 #include "set_error.c" 1290 #ifdef HAVE_GETREGS_OLD 1291 # include "getregs_old.c" 1292 #endif 1293 #include "shuffle_scno.c" 1294 1295 const char * 1296 syscall_name(kernel_ulong_t scno) 1297 { 1298 return scno_is_valid(scno) ? sysent[scno].sys_name : NULL; 1299 } 1300
