1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 *
26 * Portions Copyright 2007 Chad Mynhier
27 * Copyright 2012 DEY Storage Systems, Inc. All rights reserved.
28 * Copyright (c) 2013 by Delphix. All rights reserved.
29 * Copyright 2015, Joyent, Inc.
30 * Copyright 2020 OmniOS Community Edition (OmniOSce) Association.
31 * Copyright 2024 Oxide Computer Company
32 */
33
34 #include <assert.h>
35 #include <stdio.h>
36 #include <stdlib.h>
37 #include <unistd.h>
38 #include <ctype.h>
39 #include <fcntl.h>
40 #include <string.h>
41 #include <strings.h>
42 #include <memory.h>
43 #include <errno.h>
44 #include <dirent.h>
45 #include <limits.h>
46 #include <signal.h>
47 #include <atomic.h>
48 #include <zone.h>
49 #include <sys/types.h>
50 #include <sys/uio.h>
51 #include <sys/stat.h>
52 #include <sys/resource.h>
53 #include <sys/param.h>
54 #include <sys/stack.h>
55 #include <sys/fault.h>
56 #include <sys/syscall.h>
57 #include <sys/sysmacros.h>
58 #include <sys/systeminfo.h>
59 #include <sys/secflags.h>
60 #include <sys/mnttab.h>
61 #include <sys/mkdev.h>
62
63 #include "libproc.h"
64 #include "Pcontrol.h"
65 #include "Putil.h"
66 #include "P32ton.h"
67
68 int _libproc_debug; /* set non-zero to enable debugging printfs */
69 int _libproc_no_qsort; /* set non-zero to inhibit sorting */
70 /* of symbol tables */
71 int _libproc_incore_elf; /* only use in-core elf data */
72
73 sigset_t blockable_sigs; /* signals to block when we need to be safe */
74 static int minfd; /* minimum file descriptor returned by dupfd(fd, 0) */
75 char procfs_path[PATH_MAX] = "/proc";
76
77 /*
78 * Function prototypes for static routines in this module.
79 */
80 static void deadcheck(struct ps_prochandle *);
81 static void restore_tracing_flags(struct ps_prochandle *);
82 static void Lfree_internal(struct ps_prochandle *, struct ps_lwphandle *);
83 static prheader_t *read_lfile(struct ps_prochandle *, const char *);
84
85 /*
86 * Ops vector functions for live processes.
87 */
88
89 static ssize_t
Pread_live(struct ps_prochandle * P,void * buf,size_t n,uintptr_t addr,void * data)90 Pread_live(struct ps_prochandle *P, void *buf, size_t n, uintptr_t addr,
91 void *data)
92 {
93 return (pread(P->asfd, buf, n, (off_t)addr));
94 }
95
96 static ssize_t
Pwrite_live(struct ps_prochandle * P,const void * buf,size_t n,uintptr_t addr,void * data)97 Pwrite_live(struct ps_prochandle *P, const void *buf, size_t n, uintptr_t addr,
98 void *data)
99 {
100 return (pwrite(P->asfd, buf, n, (off_t)addr));
101 }
102
103 static int
Pread_maps_live(struct ps_prochandle * P,prmap_t ** Pmapp,ssize_t * nmapp,void * data)104 Pread_maps_live(struct ps_prochandle *P, prmap_t **Pmapp, ssize_t *nmapp,
105 void *data)
106 {
107 char mapfile[PATH_MAX];
108 int mapfd;
109 struct stat statb;
110 ssize_t nmap;
111 prmap_t *Pmap = NULL;
112
113 (void) snprintf(mapfile, sizeof (mapfile), "%s/%d/map",
114 procfs_path, (int)P->pid);
115 if ((mapfd = open(mapfile, O_RDONLY)) < 0 ||
116 fstat(mapfd, &statb) != 0 ||
117 statb.st_size < sizeof (prmap_t) ||
118 (Pmap = malloc(statb.st_size)) == NULL ||
119 (nmap = pread(mapfd, Pmap, statb.st_size, 0L)) <= 0 ||
120 (nmap /= sizeof (prmap_t)) == 0) {
121 if (Pmap != NULL)
122 free(Pmap);
123 if (mapfd >= 0)
124 (void) close(mapfd);
125 Preset_maps(P); /* utter failure; destroy tables */
126 return (-1);
127 }
128 (void) close(mapfd);
129
130 *Pmapp = Pmap;
131 *nmapp = nmap;
132
133 return (0);
134 }
135
136 static void
Pread_aux_live(struct ps_prochandle * P,auxv_t ** auxvp,int * nauxp,void * data)137 Pread_aux_live(struct ps_prochandle *P, auxv_t **auxvp, int *nauxp, void *data)
138 {
139 char auxfile[64];
140 int fd;
141 struct stat statb;
142 auxv_t *auxv;
143 ssize_t naux;
144
145 (void) snprintf(auxfile, sizeof (auxfile), "%s/%d/auxv",
146 procfs_path, (int)P->pid);
147 if ((fd = open(auxfile, O_RDONLY)) < 0) {
148 dprintf("%s: failed to open %s: %s\n",
149 __func__, auxfile, strerror(errno));
150 return;
151 }
152
153 if (fstat(fd, &statb) == 0 &&
154 statb.st_size >= sizeof (auxv_t) &&
155 (auxv = malloc(statb.st_size + sizeof (auxv_t))) != NULL) {
156 if ((naux = read(fd, auxv, statb.st_size)) < 0 ||
157 (naux /= sizeof (auxv_t)) < 1) {
158 dprintf("%s: read failed: %s\n",
159 __func__, strerror(errno));
160 free(auxv);
161 } else {
162 auxv[naux].a_type = AT_NULL;
163 auxv[naux].a_un.a_val = 0L;
164
165 *auxvp = auxv;
166 *nauxp = (int)naux;
167 }
168 }
169
170 (void) close(fd);
171 }
172
173 static int
Pcred_live(struct ps_prochandle * P,prcred_t * pcrp,int ngroups,void * data)174 Pcred_live(struct ps_prochandle *P, prcred_t *pcrp, int ngroups, void *data)
175 {
176 return (proc_get_cred(P->pid, pcrp, ngroups));
177 }
178
179 static int
Psecflags_live(struct ps_prochandle * P,prsecflags_t ** psf,void * data)180 Psecflags_live(struct ps_prochandle *P, prsecflags_t **psf, void *data)
181 {
182 return (proc_get_secflags(P->pid, psf));
183 }
184
185 static int
Ppriv_live(struct ps_prochandle * P,prpriv_t ** pprv,void * data)186 Ppriv_live(struct ps_prochandle *P, prpriv_t **pprv, void *data)
187 {
188 prpriv_t *pp;
189
190 pp = proc_get_priv(P->pid);
191 if (pp == NULL) {
192 return (-1);
193 }
194
195 *pprv = pp;
196 return (0);
197 }
198
199 static const psinfo_t *
Ppsinfo_live(struct ps_prochandle * P,psinfo_t * psinfo,void * data)200 Ppsinfo_live(struct ps_prochandle *P, psinfo_t *psinfo, void *data)
201 {
202 if (proc_get_psinfo(P->pid, psinfo) == -1)
203 return (NULL);
204
205 return (psinfo);
206 }
207
208 static prheader_t *
Plstatus_live(struct ps_prochandle * P,void * data)209 Plstatus_live(struct ps_prochandle *P, void *data)
210 {
211 return (read_lfile(P, "lstatus"));
212 }
213
214 static prheader_t *
Plpsinfo_live(struct ps_prochandle * P,void * data)215 Plpsinfo_live(struct ps_prochandle *P, void *data)
216 {
217 return (read_lfile(P, "lpsinfo"));
218 }
219
220 static char *
Pplatform_live(struct ps_prochandle * P,char * s,size_t n,void * data)221 Pplatform_live(struct ps_prochandle *P, char *s, size_t n, void *data)
222 {
223 if (sysinfo(SI_PLATFORM, s, n) == -1)
224 return (NULL);
225 return (s);
226 }
227
228 static int
Puname_live(struct ps_prochandle * P,struct utsname * u,void * data)229 Puname_live(struct ps_prochandle *P, struct utsname *u, void *data)
230 {
231 return (uname(u));
232 }
233
234 static char *
Pzonename_live(struct ps_prochandle * P,char * s,size_t n,void * data)235 Pzonename_live(struct ps_prochandle *P, char *s, size_t n, void *data)
236 {
237 if (getzonenamebyid(P->status.pr_zoneid, s, n) < 0)
238 return (NULL);
239 s[n - 1] = '\0';
240 return (s);
241 }
242
243 /*
244 * Callback function for Pfindexec(). We return a match if we can stat the
245 * suggested pathname and confirm its device and inode number match our
246 * previous information about the /proc/<pid>/object/a.out file.
247 */
248 static int
stat_exec(const char * path,void * arg)249 stat_exec(const char *path, void *arg)
250 {
251 struct stat64 *stp = arg;
252 struct stat64 st;
253
254 return (stat64(path, &st) == 0 && S_ISREG(st.st_mode) &&
255 stp->st_dev == st.st_dev && stp->st_ino == st.st_ino);
256 }
257
258 static char *
Pexecname_live(struct ps_prochandle * P,char * buf,size_t buflen,void * data)259 Pexecname_live(struct ps_prochandle *P, char *buf, size_t buflen, void *data)
260 {
261 char exec_name[PATH_MAX];
262 char cwd[PATH_MAX], *cwdp = NULL;
263 struct stat64 st;
264 int ret;
265
266 /*
267 * Try to get the path information first.
268 */
269 (void) snprintf(exec_name, sizeof (exec_name),
270 "%s/%d/path/a.out", procfs_path, (int)P->pid);
271 if ((ret = readlink(exec_name, buf, buflen - 1)) > 0) {
272 buf[ret] = '\0';
273 (void) Pfindobj(P, buf, buf, buflen);
274 return (buf);
275 }
276
277 /*
278 * Stat the executable file so we can compare Pfindexec's
279 * suggestions to the actual device and inode number.
280 */
281 (void) snprintf(exec_name, sizeof (exec_name),
282 "%s/%d/object/a.out", procfs_path, (int)P->pid);
283
284 if (stat64(exec_name, &st) != 0 || !S_ISREG(st.st_mode))
285 return (NULL);
286
287 /*
288 * Attempt to figure out the current working directory of the
289 * target process. This only works if the target process has
290 * not changed its current directory since it was exec'd.
291 */
292 if (proc_get_cwd(P->pid, cwd, sizeof (cwd)) > 0)
293 cwdp = cwd;
294
295 (void) Pfindexec(P, cwdp, stat_exec, &st);
296
297 return (NULL);
298 }
299
300 /*
301 * Snapshot the cwd for a process. Note, we assume that we do not have the
302 * process held per se (pwdx does not grab the process). If our caller wants to
303 * guarantee this, they are responsible for getting a hold.
304 */
305 static int
Pcwd_live(struct ps_prochandle * P,prcwd_t ** cwdp,void * data)306 Pcwd_live(struct ps_prochandle *P, prcwd_t **cwdp, void *data)
307 {
308 prcwd_t *cwd = NULL;
309 struct statvfs st;
310 FILE *tab = NULL;
311 struct extmnttab ent;
312 int ret;
313
314 cwd = calloc(1, sizeof (prcwd_t));
315 if (cwd == NULL)
316 goto err;
317
318 if (proc_get_cwd(P->pid, cwd->prcwd_cwd, sizeof (cwd->prcwd_cwd)) < 0)
319 goto err;
320
321 if (statvfs(cwd->prcwd_cwd, &st) != 0)
322 goto err;
323
324 cwd->prcwd_fsid = st.f_fsid;
325 (void) memcpy(cwd->prcwd_fsname, st.f_basetype, FSTYPSZ);
326
327 /*
328 * Find the corresponding mountpoint based on the fsid. If we don't find
329 * a match, that's weird, but we'll try to get folks something. There's
330 * always a possibility of a race going on as we can't stop file system
331 * mount points from changing during this operation. Similarly, in lieu
332 * of erorring on overflow we opt to truncate as tihs would again be a
333 * surprising situation based on system limits.
334 */
335 if ((tab = fopen(MNTTAB, "r")) == NULL)
336 goto err;
337 resetmnttab(tab);
338 dprintf("found fsid %llx\n", cwd->prcwd_fsid);
339 while ((ret = getextmntent(tab, &ent, sizeof (struct extmnttab))) ==
340 0) {
341 /*
342 * statvfs(2) always returns the compressed 32-bit compatible
343 * dev, even in an LP64 environment. We must explicitly attempt
344 * to convert things as a result to this format as the normal
345 * makedev() doesn't quite do the right thing.
346 */
347 if (__makedev(COMPATDEV, ent.mnt_major, ent.mnt_minor) ==
348 st.f_fsid) {
349 (void) strlcpy(cwd->prcwd_mntpt, ent.mnt_mountp,
350 sizeof (cwd->prcwd_mntpt));
351 (void) strlcpy(cwd->prcwd_mntspec, ent.mnt_special,
352 sizeof (cwd->prcwd_mntspec));
353 break;
354 }
355 }
356
357 if (ret > 0) {
358 errno = EIO;
359 goto err;
360 }
361
362 (void) fclose(tab);
363 *cwdp = cwd;
364 return (0);
365
366 err:
367 (void) fclose(tab);
368 free(cwd);
369 return (-1);
370 }
371
372 #if defined(__i386) || defined(__amd64)
373 static int
Pldt_live(struct ps_prochandle * P,struct ssd * pldt,int nldt,void * data)374 Pldt_live(struct ps_prochandle *P, struct ssd *pldt, int nldt, void *data)
375 {
376 return (proc_get_ldt(P->pid, pldt, nldt));
377 }
378 #endif
379
380 static const ps_ops_t P_live_ops = {
381 .pop_pread = Pread_live,
382 .pop_pwrite = Pwrite_live,
383 .pop_read_maps = Pread_maps_live,
384 .pop_read_aux = Pread_aux_live,
385 .pop_cred = Pcred_live,
386 .pop_priv = Ppriv_live,
387 .pop_psinfo = Ppsinfo_live,
388 .pop_lstatus = Plstatus_live,
389 .pop_lpsinfo = Plpsinfo_live,
390 .pop_platform = Pplatform_live,
391 .pop_uname = Puname_live,
392 .pop_zonename = Pzonename_live,
393 .pop_execname = Pexecname_live,
394 .pop_secflags = Psecflags_live,
395 .pop_cwd = Pcwd_live,
396 #if defined(__i386) || defined(__amd64)
397 .pop_ldt = Pldt_live
398 #endif
399 };
400
401 /*
402 * This is the library's .init handler.
403 */
404 #pragma init(_libproc_init)
405 void
_libproc_init(void)406 _libproc_init(void)
407 {
408 _libproc_debug = getenv("LIBPROC_DEBUG") != NULL;
409 _libproc_no_qsort = getenv("LIBPROC_NO_QSORT") != NULL;
410 _libproc_incore_elf = getenv("LIBPROC_INCORE_ELF") != NULL;
411
412 (void) sigfillset(&blockable_sigs);
413 (void) sigdelset(&blockable_sigs, SIGKILL);
414 (void) sigdelset(&blockable_sigs, SIGSTOP);
415 }
416
417 void
Pset_procfs_path(const char * path)418 Pset_procfs_path(const char *path)
419 {
420 (void) snprintf(procfs_path, sizeof (procfs_path), "%s", path);
421 }
422
423 /*
424 * Call set_minfd() once before calling dupfd() several times.
425 * We assume that the application will not reduce its current file
426 * descriptor limit lower than 512 once it has set at least that value.
427 */
428 int
set_minfd(void)429 set_minfd(void)
430 {
431 static mutex_t minfd_lock = DEFAULTMUTEX;
432 struct rlimit rlim;
433 int fd;
434
435 if ((fd = minfd) < 256) {
436 (void) mutex_lock(&minfd_lock);
437 if ((fd = minfd) < 256) {
438 if (getrlimit(RLIMIT_NOFILE, &rlim) != 0)
439 rlim.rlim_cur = rlim.rlim_max = 0;
440 if (rlim.rlim_cur >= 512)
441 fd = 256;
442 else if ((fd = rlim.rlim_cur / 2) < 3)
443 fd = 3;
444 membar_producer();
445 minfd = fd;
446 }
447 (void) mutex_unlock(&minfd_lock);
448 }
449 return (fd);
450 }
451
452 int
dupfd(int fd,int dfd)453 dupfd(int fd, int dfd)
454 {
455 int mfd;
456
457 /*
458 * Make fd be greater than 255 (the 32-bit stdio limit),
459 * or at least make it greater than 2 so that the
460 * program will work when spawned by init(8).
461 * Also, if dfd is non-zero, dup the fd to be dfd.
462 */
463 if ((mfd = minfd) == 0)
464 mfd = set_minfd();
465 if (dfd > 0 || (0 <= fd && fd < mfd)) {
466 if (dfd <= 0)
467 dfd = mfd;
468 dfd = fcntl(fd, F_DUPFD, dfd);
469 (void) close(fd);
470 fd = dfd;
471 }
472 /*
473 * Mark it close-on-exec so any created process doesn't inherit it.
474 */
475 if (fd >= 0)
476 (void) fcntl(fd, F_SETFD, FD_CLOEXEC);
477 return (fd);
478 }
479
480 /*
481 * Create a new controlled process.
482 * Leave it stopped on successful exit from exec() or execve().
483 * Return an opaque pointer to its process control structure.
484 * Return NULL if process cannot be created (fork()/exec() not successful).
485 */
486 struct ps_prochandle *
Pxcreate(const char * file,char * const * argv,char * const * envp,int * perr,char * path,size_t len)487 Pxcreate(const char *file, /* executable file name */
488 char *const *argv, /* argument vector */
489 char *const *envp, /* environment */
490 int *perr, /* pointer to error return code */
491 char *path, /* if non-null, holds exec path name on return */
492 size_t len) /* size of the path buffer */
493 {
494 char execpath[PATH_MAX];
495 char procname[PATH_MAX];
496 struct ps_prochandle *P;
497 pid_t pid;
498 int fd;
499 char *fname;
500 int rc;
501 int lasterrno = 0;
502
503 if (len == 0) /* zero length, no path */
504 path = NULL;
505 if (path != NULL)
506 *path = '\0';
507
508 if ((P = malloc(sizeof (struct ps_prochandle))) == NULL) {
509 *perr = C_STRANGE;
510 return (NULL);
511 }
512
513 if ((pid = fork1()) == -1) {
514 free(P);
515 *perr = C_FORK;
516 return (NULL);
517 }
518
519 if (pid == 0) { /* child process */
520 id_t id;
521 extern char **environ;
522
523 /*
524 * If running setuid or setgid, reset credentials to normal.
525 */
526 if ((id = getgid()) != getegid())
527 (void) setgid(id);
528 if ((id = getuid()) != geteuid())
529 (void) setuid(id);
530
531 Pcreate_callback(P); /* execute callback (see below) */
532 (void) pause(); /* wait for PRSABORT from parent */
533
534 /*
535 * This is ugly. There is no execvep() function that takes a
536 * path and an environment. We cheat here by replacing the
537 * global 'environ' variable right before we call this.
538 */
539 if (envp)
540 environ = (char **)envp;
541
542 (void) execvp(file, argv); /* execute the program */
543 _exit(127);
544 }
545
546 /*
547 * Initialize the process structure.
548 */
549 (void) memset(P, 0, sizeof (*P));
550 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL);
551 P->flags |= CREATED;
552 P->state = PS_RUN;
553 P->pid = pid;
554 P->asfd = -1;
555 P->ctlfd = -1;
556 P->statfd = -1;
557 P->agentctlfd = -1;
558 P->agentstatfd = -1;
559 Pinit_ops(&P->ops, &P_live_ops);
560 Pinitsym(P);
561 Pinitfd(P);
562
563 /*
564 * Open the /proc/pid files.
565 */
566 (void) snprintf(procname, sizeof (procname), "%s/%d/",
567 procfs_path, (int)pid);
568 fname = procname + strlen(procname);
569 (void) set_minfd();
570
571 /*
572 * Exclusive write open advises others not to interfere.
573 * There is no reason for any of these open()s to fail.
574 */
575 (void) strcpy(fname, "as");
576 if ((fd = open(procname, (O_RDWR|O_EXCL))) < 0 ||
577 (fd = dupfd(fd, 0)) < 0) {
578 dprintf("Pcreate: failed to open %s: %s\n",
579 procname, strerror(errno));
580 rc = C_STRANGE;
581 goto bad;
582 }
583 P->asfd = fd;
584
585 (void) strcpy(fname, "status");
586 if ((fd = open(procname, O_RDONLY)) < 0 ||
587 (fd = dupfd(fd, 0)) < 0) {
588 dprintf("Pcreate: failed to open %s: %s\n",
589 procname, strerror(errno));
590 rc = C_STRANGE;
591 goto bad;
592 }
593 P->statfd = fd;
594
595 (void) strcpy(fname, "ctl");
596 if ((fd = open(procname, O_WRONLY)) < 0 ||
597 (fd = dupfd(fd, 0)) < 0) {
598 dprintf("Pcreate: failed to open %s: %s\n",
599 procname, strerror(errno));
600 rc = C_STRANGE;
601 goto bad;
602 }
603 P->ctlfd = fd;
604
605 (void) Pstop(P, 0); /* stop the controlled process */
606
607 /*
608 * Wait for process to sleep in pause().
609 * If the process has already called pause(), then it should be
610 * stopped (PR_REQUESTED) while asleep in pause and we are done.
611 * Else we set up to catch entry/exit to pause() and set the process
612 * running again, expecting it to stop when it reaches pause().
613 * There is no reason for this to fail other than an interrupt.
614 */
615 (void) Psysentry(P, SYS_pause, 1);
616 (void) Psysexit(P, SYS_pause, 1);
617 for (;;) {
618 if (P->state == PS_STOP &&
619 P->status.pr_lwp.pr_syscall == SYS_pause &&
620 (P->status.pr_lwp.pr_why == PR_REQUESTED ||
621 P->status.pr_lwp.pr_why == PR_SYSENTRY ||
622 P->status.pr_lwp.pr_why == PR_SYSEXIT))
623 break;
624
625 if (P->state != PS_STOP || /* interrupt or process died */
626 Psetrun(P, 0, 0) != 0) { /* can't restart */
627 if (errno == EINTR || errno == ERESTART)
628 rc = C_INTR;
629 else {
630 dprintf("Pcreate: Psetrun failed: %s\n",
631 strerror(errno));
632 rc = C_STRANGE;
633 }
634 goto bad;
635 }
636
637 (void) Pwait(P, 0);
638 }
639 (void) Psysentry(P, SYS_pause, 0);
640 (void) Psysexit(P, SYS_pause, 0);
641
642 /*
643 * Kick the process off the pause() and catch
644 * it again on entry to exec() or exit().
645 */
646 (void) Psysentry(P, SYS_exit, 1);
647 (void) Psysentry(P, SYS_execve, 1);
648 if (Psetrun(P, 0, PRSABORT) == -1) {
649 dprintf("Pcreate: Psetrun failed: %s\n", strerror(errno));
650 rc = C_STRANGE;
651 goto bad;
652 }
653 (void) Pwait(P, 0);
654 if (P->state != PS_STOP) {
655 dprintf("Pcreate: Pwait failed: %s\n", strerror(errno));
656 rc = C_STRANGE;
657 goto bad;
658 }
659
660 /*
661 * Move the process through instances of failed exec()s
662 * to reach the point of stopped on successful exec().
663 */
664 (void) Psysexit(P, SYS_execve, TRUE);
665
666 while (P->state == PS_STOP &&
667 P->status.pr_lwp.pr_why == PR_SYSENTRY &&
668 P->status.pr_lwp.pr_what == SYS_execve) {
669 /*
670 * Fetch the exec path name now, before we complete
671 * the exec(). We may lose the process and be unable
672 * to get the information later.
673 */
674 (void) Pread_string(P, execpath, sizeof (execpath),
675 (off_t)P->status.pr_lwp.pr_sysarg[0]);
676 if (path != NULL)
677 (void) strncpy(path, execpath, len);
678 /*
679 * Set the process running and wait for
680 * it to stop on exit from the exec().
681 */
682 (void) Psetrun(P, 0, 0);
683 (void) Pwait(P, 0);
684
685 if (P->state == PS_LOST && /* we lost control */
686 Preopen(P) != 0) { /* and we can't get it back */
687 rc = C_PERM;
688 goto bad;
689 }
690
691 /*
692 * If the exec() failed, continue the loop, expecting
693 * there to be more attempts to exec(), based on PATH.
694 */
695 if (P->state == PS_STOP &&
696 P->status.pr_lwp.pr_why == PR_SYSEXIT &&
697 P->status.pr_lwp.pr_what == SYS_execve &&
698 (lasterrno = P->status.pr_lwp.pr_errno) != 0) {
699 /*
700 * The exec() failed. Set the process running and
701 * wait for it to stop on entry to the next exec().
702 */
703 (void) Psetrun(P, 0, 0);
704 (void) Pwait(P, 0);
705
706 continue;
707 }
708 break;
709 }
710
711 if (P->state == PS_STOP &&
712 P->status.pr_lwp.pr_why == PR_SYSEXIT &&
713 P->status.pr_lwp.pr_what == SYS_execve &&
714 P->status.pr_lwp.pr_errno == 0) {
715 /*
716 * The process is stopped on successful exec() or execve().
717 * Turn off all tracing flags and return success.
718 */
719 restore_tracing_flags(P);
720 #ifndef _LP64
721 /* We must be a 64-bit process to deal with a 64-bit process */
722 if (P->status.pr_dmodel == PR_MODEL_LP64) {
723 rc = C_LP64;
724 goto bad;
725 }
726 #endif
727 /*
728 * Set run-on-last-close so the controlled process
729 * runs even if we die on a signal.
730 */
731 (void) Psetflags(P, PR_RLC);
732 *perr = 0;
733 return (P);
734 }
735
736 rc = lasterrno == ENOENT ? C_NOENT : C_NOEXEC;
737
738 bad:
739 (void) kill(pid, SIGKILL);
740 if (path != NULL && rc != C_PERM && rc != C_LP64)
741 *path = '\0';
742 Pfree(P);
743 *perr = rc;
744 return (NULL);
745 }
746
747 struct ps_prochandle *
Pcreate(const char * file,char * const * argv,int * perr,char * path,size_t len)748 Pcreate(
749 const char *file, /* executable file name */
750 char *const *argv, /* argument vector */
751 int *perr, /* pointer to error return code */
752 char *path, /* if non-null, holds exec path name on return */
753 size_t len) /* size of the path buffer */
754 {
755 return (Pxcreate(file, argv, NULL, perr, path, len));
756 }
757
758 /*
759 * Return a printable string corresponding to a Pcreate() error return.
760 */
761 const char *
Pcreate_error(int error)762 Pcreate_error(int error)
763 {
764 const char *str;
765
766 switch (error) {
767 case C_FORK:
768 str = "cannot fork";
769 break;
770 case C_PERM:
771 str = "file is set-id or unreadable";
772 break;
773 case C_NOEXEC:
774 str = "cannot execute file";
775 break;
776 case C_INTR:
777 str = "operation interrupted";
778 break;
779 case C_LP64:
780 str = "program is _LP64, self is not";
781 break;
782 case C_STRANGE:
783 str = "unanticipated system error";
784 break;
785 case C_NOENT:
786 str = "cannot find executable file";
787 break;
788 default:
789 str = "unknown error";
790 break;
791 }
792
793 return (str);
794 }
795
796 /*
797 * Callback to execute in each child process created with Pcreate() after fork
798 * but before it execs the new process image. By default, we do nothing, but
799 * by calling this function we allow the client program to define its own
800 * version of the function which will interpose on our empty default. This
801 * may be useful for clients that need to modify signal dispositions, terminal
802 * attributes, or process group and session properties for each new victim.
803 */
804 void
Pcreate_callback(struct ps_prochandle * P)805 Pcreate_callback(struct ps_prochandle *P)
806 {
807 /* nothing to do here */
808 }
809
810 /*
811 * Grab an existing process.
812 * Return an opaque pointer to its process control structure.
813 *
814 * pid: UNIX process ID.
815 * flags:
816 * PGRAB_RETAIN Retain tracing flags (default clears all tracing flags).
817 * PGRAB_FORCE Grab regardless of whether process is already traced.
818 * PGRAB_RDONLY Open the address space file O_RDONLY instead of O_RDWR,
819 * and do not open the process control file.
820 * PGRAB_NOSTOP Open the process but do not force it to stop.
821 * perr: pointer to error return code.
822 */
823 struct ps_prochandle *
Pgrab(pid_t pid,int flags,int * perr)824 Pgrab(pid_t pid, int flags, int *perr)
825 {
826 struct ps_prochandle *P;
827 int fd, omode;
828 char procname[PATH_MAX];
829 char *fname;
830 int rc = 0;
831
832 /*
833 * PGRAB_RDONLY means that we do not open the /proc/<pid>/control file,
834 * and so it implies RETAIN and NOSTOP since both require control.
835 */
836 if (flags & PGRAB_RDONLY)
837 flags |= PGRAB_RETAIN | PGRAB_NOSTOP;
838
839 if ((P = malloc(sizeof (struct ps_prochandle))) == NULL) {
840 *perr = G_STRANGE;
841 return (NULL);
842 }
843
844 P->asfd = -1;
845 P->ctlfd = -1;
846 P->statfd = -1;
847
848 again: /* Come back here if we lose it in the Window of Vulnerability */
849 if (P->ctlfd >= 0)
850 (void) close(P->ctlfd);
851 if (P->asfd >= 0)
852 (void) close(P->asfd);
853 if (P->statfd >= 0)
854 (void) close(P->statfd);
855 (void) memset(P, 0, sizeof (*P));
856 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL);
857 P->ctlfd = -1;
858 P->asfd = -1;
859 P->statfd = -1;
860 P->agentctlfd = -1;
861 P->agentstatfd = -1;
862 Pinit_ops(&P->ops, &P_live_ops);
863 Pinitsym(P);
864 Pinitfd(P);
865
866 /*
867 * Open the /proc/pid files
868 */
869 (void) snprintf(procname, sizeof (procname), "%s/%d/",
870 procfs_path, (int)pid);
871 fname = procname + strlen(procname);
872 (void) set_minfd();
873
874 /*
875 * Request exclusive open to avoid grabbing someone else's
876 * process and to prevent others from interfering afterwards.
877 * If this fails and the 'PGRAB_FORCE' flag is set, attempt to
878 * open non-exclusively.
879 */
880 (void) strcpy(fname, "as");
881 omode = (flags & PGRAB_RDONLY) ? O_RDONLY : O_RDWR;
882
883 if (((fd = open(procname, omode | O_EXCL)) < 0 &&
884 (fd = ((flags & PGRAB_FORCE)? open(procname, omode) : -1)) < 0) ||
885 (fd = dupfd(fd, 0)) < 0) {
886 switch (errno) {
887 case ENOENT:
888 rc = G_NOPROC;
889 break;
890 case EACCES:
891 case EPERM:
892 rc = G_PERM;
893 break;
894 case EMFILE:
895 rc = G_NOFD;
896 break;
897 case EBUSY:
898 if (!(flags & PGRAB_FORCE) || geteuid() != 0) {
899 rc = G_BUSY;
900 break;
901 }
902 /* FALLTHROUGH */
903 default:
904 dprintf("Pgrab: failed to open %s: %s\n",
905 procname, strerror(errno));
906 rc = G_STRANGE;
907 break;
908 }
909 goto err;
910 }
911 P->asfd = fd;
912
913 (void) strcpy(fname, "status");
914 if ((fd = open(procname, O_RDONLY)) < 0 ||
915 (fd = dupfd(fd, 0)) < 0) {
916 switch (errno) {
917 case ENOENT:
918 rc = G_NOPROC;
919 break;
920 case EMFILE:
921 rc = G_NOFD;
922 break;
923 default:
924 dprintf("Pgrab: failed to open %s: %s\n",
925 procname, strerror(errno));
926 rc = G_STRANGE;
927 break;
928 }
929 goto err;
930 }
931 P->statfd = fd;
932
933 if (!(flags & PGRAB_RDONLY)) {
934 (void) strcpy(fname, "ctl");
935 if ((fd = open(procname, O_WRONLY)) < 0 ||
936 (fd = dupfd(fd, 0)) < 0) {
937 switch (errno) {
938 case ENOENT:
939 rc = G_NOPROC;
940 break;
941 case EMFILE:
942 rc = G_NOFD;
943 break;
944 default:
945 dprintf("Pgrab: failed to open %s: %s\n",
946 procname, strerror(errno));
947 rc = G_STRANGE;
948 break;
949 }
950 goto err;
951 }
952 P->ctlfd = fd;
953 }
954
955 P->state = PS_RUN;
956 P->pid = pid;
957
958 /*
959 * We are now in the Window of Vulnerability (WoV). The process may
960 * exec() a setuid/setgid or unreadable object file between the open()
961 * and the PCSTOP. We will get EAGAIN in this case and must start over.
962 * As Pstopstatus will trigger the first read() from a /proc file,
963 * we also need to handle EOVERFLOW here when 32-bit as an indicator
964 * that this process is 64-bit. Finally, if the process has become
965 * a zombie (PS_UNDEAD) while we were trying to grab it, just remain
966 * silent about this and pretend there was no process.
967 */
968 if (Pstopstatus(P, PCNULL, 0) != 0) {
969 #ifndef _LP64
970 if (errno == EOVERFLOW) {
971 rc = G_LP64;
972 goto err;
973 }
974 #endif
975 if (P->state == PS_LOST) { /* WoV */
976 (void) mutex_destroy(&P->proc_lock);
977 goto again;
978 }
979
980 if (P->state == PS_UNDEAD)
981 rc = G_NOPROC;
982 else
983 rc = G_STRANGE;
984
985 goto err;
986 }
987
988 /*
989 * If the process is a system process, we can't control it even as root
990 */
991 if (P->status.pr_flags & PR_ISSYS) {
992 rc = G_SYS;
993 goto err;
994 }
995 #ifndef _LP64
996 /*
997 * We must be a 64-bit process to deal with a 64-bit process
998 */
999 if (P->status.pr_dmodel == PR_MODEL_LP64) {
1000 rc = G_LP64;
1001 goto err;
1002 }
1003 #endif
1004
1005 /*
1006 * Remember the status for use by Prelease().
1007 */
1008 P->orig_status = P->status; /* structure copy */
1009
1010 /*
1011 * Before stopping the process, make sure we are not grabbing ourselves.
1012 * If we are, make sure we are doing it PGRAB_RDONLY.
1013 */
1014 if (pid == getpid()) {
1015 /*
1016 * Verify that the process is really ourself:
1017 * Set a magic number, read it through the
1018 * /proc file and see if the results match.
1019 */
1020 uint32_t magic1 = 0;
1021 uint32_t magic2 = 2;
1022
1023 errno = 0;
1024
1025 if (Pread(P, &magic2, sizeof (magic2), (uintptr_t)&magic1)
1026 == sizeof (magic2) &&
1027 magic2 == 0 &&
1028 (magic1 = 0xfeedbeef) &&
1029 Pread(P, &magic2, sizeof (magic2), (uintptr_t)&magic1)
1030 == sizeof (magic2) &&
1031 magic2 == 0xfeedbeef &&
1032 !(flags & PGRAB_RDONLY)) {
1033 rc = G_SELF;
1034 goto err;
1035 }
1036 }
1037
1038 /*
1039 * If the process is already stopped or has been directed
1040 * to stop via /proc, do not set run-on-last-close.
1041 */
1042 if (!(P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) &&
1043 !(flags & PGRAB_RDONLY)) {
1044 /*
1045 * Mark the process run-on-last-close so
1046 * it runs even if we die from SIGKILL.
1047 */
1048 if (Psetflags(P, PR_RLC) != 0) {
1049 if (errno == EAGAIN) { /* WoV */
1050 (void) mutex_destroy(&P->proc_lock);
1051 goto again;
1052 }
1053 if (errno == ENOENT) /* No complaint about zombies */
1054 rc = G_ZOMB;
1055 else {
1056 dprintf("Pgrab: failed to set RLC\n");
1057 rc = G_STRANGE;
1058 }
1059 goto err;
1060 }
1061 }
1062
1063 /*
1064 * If a stop directive is pending and the process has not yet stopped,
1065 * then synchronously wait for the stop directive to take effect.
1066 * Limit the time spent waiting for the process to stop by iterating
1067 * at most 10 times. The time-out of 20 ms corresponds to the time
1068 * between sending the stop directive and the process actually stopped
1069 * as measured by DTrace on a slow, busy system. If the process doesn't
1070 * stop voluntarily, clear the PR_DSTOP flag so that the code below
1071 * forces the process to stop.
1072 */
1073 if (!(flags & PGRAB_RDONLY)) {
1074 int niter = 0;
1075 while ((P->status.pr_lwp.pr_flags & (PR_STOPPED|PR_DSTOP)) ==
1076 PR_DSTOP && niter < 10 &&
1077 Pstopstatus(P, PCTWSTOP, 20) != 0) {
1078 niter++;
1079 if (flags & PGRAB_NOSTOP)
1080 break;
1081 }
1082 if (niter == 10 && !(flags & PGRAB_NOSTOP)) {
1083 /* Try it harder down below */
1084 P->status.pr_lwp.pr_flags &= ~PR_DSTOP;
1085 }
1086 }
1087
1088 /*
1089 * If the process is not already stopped or directed to stop
1090 * and PGRAB_NOSTOP was not specified, stop the process now.
1091 */
1092 if (!(P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) &&
1093 !(flags & PGRAB_NOSTOP)) {
1094 /*
1095 * Stop the process, get its status and signal/syscall masks.
1096 */
1097 if (((P->status.pr_lwp.pr_flags & PR_STOPPED) &&
1098 Pstopstatus(P, PCDSTOP, 0) != 0) ||
1099 Pstopstatus(P, PCSTOP, 2000) != 0) {
1100 #ifndef _LP64
1101 if (errno == EOVERFLOW) {
1102 rc = G_LP64;
1103 goto err;
1104 }
1105 #endif
1106 if (P->state == PS_LOST) { /* WoV */
1107 (void) mutex_destroy(&P->proc_lock);
1108 goto again;
1109 }
1110 if ((errno != EINTR && errno != ERESTART) ||
1111 (P->state != PS_STOP &&
1112 !(P->status.pr_flags & PR_DSTOP))) {
1113 if (P->state != PS_RUN && errno != ENOENT) {
1114 dprintf("Pgrab: failed to PCSTOP\n");
1115 rc = G_STRANGE;
1116 } else {
1117 rc = G_ZOMB;
1118 }
1119 goto err;
1120 }
1121 }
1122
1123 /*
1124 * Process should now either be stopped via /proc or there
1125 * should be an outstanding stop directive.
1126 */
1127 if (!(P->status.pr_flags & (PR_ISTOP|PR_DSTOP))) {
1128 dprintf("Pgrab: process is not stopped\n");
1129 rc = G_STRANGE;
1130 goto err;
1131 }
1132 #ifndef _LP64
1133 /*
1134 * Test this again now because the 32-bit victim process may
1135 * have exec'd a 64-bit process in the meantime.
1136 */
1137 if (P->status.pr_dmodel == PR_MODEL_LP64) {
1138 rc = G_LP64;
1139 goto err;
1140 }
1141 #endif
1142 }
1143
1144 /*
1145 * Cancel all tracing flags unless the PGRAB_RETAIN flag is set.
1146 */
1147 if (!(flags & PGRAB_RETAIN)) {
1148 (void) Psysentry(P, 0, FALSE);
1149 (void) Psysexit(P, 0, FALSE);
1150 (void) Psignal(P, 0, FALSE);
1151 (void) Pfault(P, 0, FALSE);
1152 Psync(P);
1153 }
1154
1155 *perr = 0;
1156 return (P);
1157
1158 err:
1159 Pfree(P);
1160 *perr = rc;
1161 return (NULL);
1162 }
1163
1164 /*
1165 * Return a printable string corresponding to a Pgrab() error return.
1166 */
1167 const char *
Pgrab_error(int error)1168 Pgrab_error(int error)
1169 {
1170 const char *str;
1171
1172 switch (error) {
1173 case G_NOPROC:
1174 str = "no such process";
1175 break;
1176 case G_NOCORE:
1177 str = "no such core file";
1178 break;
1179 case G_NOPROCORCORE:
1180 str = "no such process or core file";
1181 break;
1182 case G_NOEXEC:
1183 str = "cannot find executable file";
1184 break;
1185 case G_ZOMB:
1186 str = "zombie process";
1187 break;
1188 case G_PERM:
1189 str = "permission denied";
1190 break;
1191 case G_BUSY:
1192 str = "process is traced";
1193 break;
1194 case G_SYS:
1195 str = "system process";
1196 break;
1197 case G_SELF:
1198 str = "attempt to grab self";
1199 break;
1200 case G_INTR:
1201 str = "operation interrupted";
1202 break;
1203 case G_LP64:
1204 str = "program is _LP64, self is not";
1205 break;
1206 case G_FORMAT:
1207 str = "file is not an ELF core file";
1208 break;
1209 case G_ELF:
1210 str = "libelf error";
1211 break;
1212 case G_NOTE:
1213 str = "core file is corrupt or missing required data";
1214 break;
1215 case G_STRANGE:
1216 str = "unanticipated system error";
1217 break;
1218 case G_ISAINVAL:
1219 str = "wrong ELF machine type";
1220 break;
1221 case G_BADLWPS:
1222 str = "bad lwp specification";
1223 break;
1224 case G_NOFD:
1225 str = "too many open files";
1226 break;
1227 default:
1228 str = "unknown error";
1229 break;
1230 }
1231
1232 return (str);
1233 }
1234
1235 /*
1236 * Free a process control structure.
1237 * Close the file descriptors but don't do the Prelease logic.
1238 */
1239 void
Pfree(struct ps_prochandle * P)1240 Pfree(struct ps_prochandle *P)
1241 {
1242 uint_t i;
1243 fd_info_t *fip;
1244
1245 if (P->ucaddrs != NULL) {
1246 free(P->ucaddrs);
1247 P->ucaddrs = NULL;
1248 P->ucnelems = 0;
1249 }
1250
1251 (void) mutex_lock(&P->proc_lock);
1252 if (P->hashtab != NULL) {
1253 struct ps_lwphandle *L;
1254 for (i = 0; i < HASHSIZE; i++) {
1255 while ((L = P->hashtab[i]) != NULL)
1256 Lfree_internal(P, L);
1257 }
1258 free(P->hashtab);
1259 }
1260
1261 while ((fip = list_remove_head(&P->fd_head)) != NULL) {
1262 proc_fdinfo_free(fip->fd_info);
1263 free(fip);
1264 }
1265 (void) mutex_unlock(&P->proc_lock);
1266 (void) mutex_destroy(&P->proc_lock);
1267
1268 free(P->zoneroot);
1269
1270 if (P->agentctlfd >= 0)
1271 (void) close(P->agentctlfd);
1272 if (P->agentstatfd >= 0)
1273 (void) close(P->agentstatfd);
1274 if (P->ctlfd >= 0)
1275 (void) close(P->ctlfd);
1276 if (P->asfd >= 0)
1277 (void) close(P->asfd);
1278 if (P->statfd >= 0)
1279 (void) close(P->statfd);
1280 Preset_maps(P);
1281 P->ops.pop_fini(P, P->data);
1282
1283 /* clear out the structure as a precaution against reuse */
1284 (void) memset(P, 0, sizeof (*P));
1285 P->ctlfd = -1;
1286 P->asfd = -1;
1287 P->statfd = -1;
1288 P->agentctlfd = -1;
1289 P->agentstatfd = -1;
1290
1291 free(P);
1292 }
1293
1294 /*
1295 * Return the state of the process, one of the PS_* values.
1296 */
1297 int
Pstate(struct ps_prochandle * P)1298 Pstate(struct ps_prochandle *P)
1299 {
1300 return (P->state);
1301 }
1302
1303 /*
1304 * Return the open address space file descriptor for the process.
1305 * Clients must not close this file descriptor, not use it
1306 * after the process is freed.
1307 */
1308 int
Pasfd(struct ps_prochandle * P)1309 Pasfd(struct ps_prochandle *P)
1310 {
1311 return (P->asfd);
1312 }
1313
1314 /*
1315 * Return the open control file descriptor for the process.
1316 * Clients must not close this file descriptor, not use it
1317 * after the process is freed.
1318 */
1319 int
Pctlfd(struct ps_prochandle * P)1320 Pctlfd(struct ps_prochandle *P)
1321 {
1322 return (P->ctlfd);
1323 }
1324
1325 /*
1326 * Return a pointer to the process psinfo structure.
1327 * Clients should not hold on to this pointer indefinitely.
1328 * It will become invalid on Prelease().
1329 */
1330 const psinfo_t *
Ppsinfo(struct ps_prochandle * P)1331 Ppsinfo(struct ps_prochandle *P)
1332 {
1333 return (P->ops.pop_psinfo(P, &P->psinfo, P->data));
1334 }
1335
1336 /*
1337 * Return a pointer to the process status structure.
1338 * Clients should not hold on to this pointer indefinitely.
1339 * It will become invalid on Prelease().
1340 */
1341 const pstatus_t *
Pstatus(struct ps_prochandle * P)1342 Pstatus(struct ps_prochandle *P)
1343 {
1344 return (&P->status);
1345 }
1346
1347 static void
Pread_status(struct ps_prochandle * P)1348 Pread_status(struct ps_prochandle *P)
1349 {
1350 P->ops.pop_status(P, &P->status, P->data);
1351 }
1352
1353 /*
1354 * Fill in a pointer to a process credentials structure. The ngroups parameter
1355 * is the number of supplementary group entries allocated in the caller's cred
1356 * structure. It should equal zero or one unless extra space has been
1357 * allocated for the group list by the caller.
1358 */
1359 int
Pcred(struct ps_prochandle * P,prcred_t * pcrp,int ngroups)1360 Pcred(struct ps_prochandle *P, prcred_t *pcrp, int ngroups)
1361 {
1362 return (P->ops.pop_cred(P, pcrp, ngroups, P->data));
1363 }
1364
1365 /* Return an allocated prsecflags_t */
1366 int
Psecflags(struct ps_prochandle * P,prsecflags_t ** psf)1367 Psecflags(struct ps_prochandle *P, prsecflags_t **psf)
1368 {
1369 int ret;
1370
1371 if ((ret = P->ops.pop_secflags(P, psf, P->data)) == 0) {
1372 if ((*psf)->pr_version != PRSECFLAGS_VERSION_1) {
1373 free(*psf);
1374 *psf = NULL;
1375 errno = EINVAL;
1376 return (-1);
1377 }
1378 }
1379
1380 return (ret);
1381 }
1382
1383 void
Psecflags_free(prsecflags_t * psf)1384 Psecflags_free(prsecflags_t *psf)
1385 {
1386 free(psf);
1387 }
1388
1389 int
Pcwd(struct ps_prochandle * P,prcwd_t ** cwd)1390 Pcwd(struct ps_prochandle *P, prcwd_t **cwd)
1391 {
1392 return (P->ops.pop_cwd(P, cwd, P->data));
1393 }
1394
1395 void
Pcwd_free(prcwd_t * cwd)1396 Pcwd_free(prcwd_t *cwd)
1397 {
1398 free(cwd);
1399 }
1400
1401 static prheader_t *
Plstatus(struct ps_prochandle * P)1402 Plstatus(struct ps_prochandle *P)
1403 {
1404 return (P->ops.pop_lstatus(P, P->data));
1405 }
1406
1407 static prheader_t *
Plpsinfo(struct ps_prochandle * P)1408 Plpsinfo(struct ps_prochandle *P)
1409 {
1410 return (P->ops.pop_lpsinfo(P, P->data));
1411 }
1412
1413
1414 #if defined(__i386) || defined(__amd64)
1415 /*
1416 * Fill in a pointer to a process LDT structure.
1417 * The caller provides a buffer of size 'nldt * sizeof (struct ssd)';
1418 * If pldt == NULL or nldt == 0, we return the number of existing LDT entries.
1419 * Otherwise we return the actual number of LDT entries fetched (<= nldt).
1420 */
1421 int
Pldt(struct ps_prochandle * P,struct ssd * pldt,int nldt)1422 Pldt(struct ps_prochandle *P, struct ssd *pldt, int nldt)
1423 {
1424 return (P->ops.pop_ldt(P, pldt, nldt, P->data));
1425
1426 }
1427 #endif /* __i386 */
1428
1429 void
Ppriv_free(struct ps_prochandle * P,prpriv_t * prv)1430 Ppriv_free(struct ps_prochandle *P, prpriv_t *prv)
1431 {
1432 free(prv);
1433 }
1434
1435 /*
1436 * Return a malloced process privilege structure in *pprv.
1437 */
1438 int
Ppriv(struct ps_prochandle * P,prpriv_t ** pprv)1439 Ppriv(struct ps_prochandle *P, prpriv_t **pprv)
1440 {
1441 return (P->ops.pop_priv(P, pprv, P->data));
1442 }
1443
1444 int
Psetpriv(struct ps_prochandle * P,prpriv_t * pprv)1445 Psetpriv(struct ps_prochandle *P, prpriv_t *pprv)
1446 {
1447 int rc;
1448 long *ctl;
1449 size_t sz;
1450
1451 if (P->state == PS_DEAD) {
1452 errno = EBADF;
1453 return (-1);
1454 }
1455
1456 sz = PRIV_PRPRIV_SIZE(pprv) + sizeof (long);
1457
1458 sz = ((sz - 1) / sizeof (long) + 1) * sizeof (long);
1459
1460 ctl = malloc(sz);
1461 if (ctl == NULL)
1462 return (-1);
1463
1464 ctl[0] = PCSPRIV;
1465
1466 (void) memcpy(&ctl[1], pprv, PRIV_PRPRIV_SIZE(pprv));
1467
1468 if (write(P->ctlfd, ctl, sz) != sz)
1469 rc = -1;
1470 else
1471 rc = 0;
1472
1473 free(ctl);
1474
1475 return (rc);
1476 }
1477
1478 void *
Pprivinfo(struct ps_prochandle * P)1479 Pprivinfo(struct ps_prochandle *P)
1480 {
1481 core_info_t *core = P->data;
1482
1483 /* Use default from libc */
1484 if (P->state != PS_DEAD)
1485 return (NULL);
1486
1487 return (core->core_privinfo);
1488 }
1489
1490 /*
1491 * Ensure that all cached state is written to the process.
1492 * The cached state is the LWP's signal mask and registers
1493 * and the process's tracing flags.
1494 */
1495 void
Psync(struct ps_prochandle * P)1496 Psync(struct ps_prochandle *P)
1497 {
1498 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
1499 long cmd[6];
1500 iovec_t iov[12];
1501 int n = 0;
1502
1503 if (P->flags & SETHOLD) {
1504 cmd[0] = PCSHOLD;
1505 iov[n].iov_base = (caddr_t)&cmd[0];
1506 iov[n++].iov_len = sizeof (long);
1507 iov[n].iov_base = (caddr_t)&P->status.pr_lwp.pr_lwphold;
1508 iov[n++].iov_len = sizeof (P->status.pr_lwp.pr_lwphold);
1509 }
1510 if (P->flags & SETREGS) {
1511 cmd[1] = PCSREG;
1512 #ifdef __i386
1513 /* XX64 we should probably restore REG_GS after this */
1514 if (ctlfd == P->agentctlfd)
1515 P->status.pr_lwp.pr_reg[GS] = 0;
1516 #elif defined(__amd64)
1517 /* XX64 */
1518 #endif
1519 iov[n].iov_base = (caddr_t)&cmd[1];
1520 iov[n++].iov_len = sizeof (long);
1521 iov[n].iov_base = (caddr_t)&P->status.pr_lwp.pr_reg[0];
1522 iov[n++].iov_len = sizeof (P->status.pr_lwp.pr_reg);
1523 }
1524 if (P->flags & SETSIG) {
1525 cmd[2] = PCSTRACE;
1526 iov[n].iov_base = (caddr_t)&cmd[2];
1527 iov[n++].iov_len = sizeof (long);
1528 iov[n].iov_base = (caddr_t)&P->status.pr_sigtrace;
1529 iov[n++].iov_len = sizeof (P->status.pr_sigtrace);
1530 }
1531 if (P->flags & SETFAULT) {
1532 cmd[3] = PCSFAULT;
1533 iov[n].iov_base = (caddr_t)&cmd[3];
1534 iov[n++].iov_len = sizeof (long);
1535 iov[n].iov_base = (caddr_t)&P->status.pr_flttrace;
1536 iov[n++].iov_len = sizeof (P->status.pr_flttrace);
1537 }
1538 if (P->flags & SETENTRY) {
1539 cmd[4] = PCSENTRY;
1540 iov[n].iov_base = (caddr_t)&cmd[4];
1541 iov[n++].iov_len = sizeof (long);
1542 iov[n].iov_base = (caddr_t)&P->status.pr_sysentry;
1543 iov[n++].iov_len = sizeof (P->status.pr_sysentry);
1544 }
1545 if (P->flags & SETEXIT) {
1546 cmd[5] = PCSEXIT;
1547 iov[n].iov_base = (caddr_t)&cmd[5];
1548 iov[n++].iov_len = sizeof (long);
1549 iov[n].iov_base = (caddr_t)&P->status.pr_sysexit;
1550 iov[n++].iov_len = sizeof (P->status.pr_sysexit);
1551 }
1552
1553 if (n == 0 || writev(ctlfd, iov, n) < 0)
1554 return; /* nothing to do or write failed */
1555
1556 P->flags &= ~(SETSIG|SETFAULT|SETENTRY|SETEXIT|SETHOLD|SETREGS);
1557 }
1558
1559 /*
1560 * Reopen the /proc file (after PS_LOST).
1561 */
1562 int
Preopen(struct ps_prochandle * P)1563 Preopen(struct ps_prochandle *P)
1564 {
1565 int fd;
1566 char procname[PATH_MAX];
1567 char *fname;
1568
1569 if (P->state == PS_DEAD || P->state == PS_IDLE)
1570 return (0);
1571
1572 if (P->agentcnt > 0) {
1573 P->agentcnt = 1;
1574 Pdestroy_agent(P);
1575 }
1576
1577 (void) snprintf(procname, sizeof (procname), "%s/%d/",
1578 procfs_path, (int)P->pid);
1579 fname = procname + strlen(procname);
1580
1581 (void) strcpy(fname, "as");
1582 if ((fd = open(procname, O_RDWR)) < 0 ||
1583 close(P->asfd) < 0 ||
1584 (fd = dupfd(fd, P->asfd)) != P->asfd) {
1585 dprintf("Preopen: failed to open %s: %s\n",
1586 procname, strerror(errno));
1587 if (fd >= 0)
1588 (void) close(fd);
1589 return (-1);
1590 }
1591 P->asfd = fd;
1592
1593 (void) strcpy(fname, "status");
1594 if ((fd = open(procname, O_RDONLY)) < 0 ||
1595 close(P->statfd) < 0 ||
1596 (fd = dupfd(fd, P->statfd)) != P->statfd) {
1597 dprintf("Preopen: failed to open %s: %s\n",
1598 procname, strerror(errno));
1599 if (fd >= 0)
1600 (void) close(fd);
1601 return (-1);
1602 }
1603 P->statfd = fd;
1604
1605 (void) strcpy(fname, "ctl");
1606 if ((fd = open(procname, O_WRONLY)) < 0 ||
1607 close(P->ctlfd) < 0 ||
1608 (fd = dupfd(fd, P->ctlfd)) != P->ctlfd) {
1609 dprintf("Preopen: failed to open %s: %s\n",
1610 procname, strerror(errno));
1611 if (fd >= 0)
1612 (void) close(fd);
1613 return (-1);
1614 }
1615 P->ctlfd = fd;
1616
1617 /*
1618 * Set the state to PS_RUN and wait for the process to stop so that
1619 * we re-read the status from the new P->statfd. If this fails, Pwait
1620 * will reset the state to PS_LOST and we fail the reopen. Before
1621 * returning, we also forge a bit of P->status to allow the debugger to
1622 * see that we are PS_LOST following a successful exec.
1623 */
1624 P->state = PS_RUN;
1625 if (Pwait(P, 0) == -1) {
1626 #ifdef _ILP32
1627 if (errno == EOVERFLOW)
1628 P->status.pr_dmodel = PR_MODEL_LP64;
1629 #endif
1630 P->status.pr_lwp.pr_why = PR_SYSEXIT;
1631 P->status.pr_lwp.pr_what = SYS_execve;
1632 P->status.pr_lwp.pr_errno = 0;
1633 return (-1);
1634 }
1635
1636 /*
1637 * The process should be stopped on exec (REQUESTED)
1638 * or else should be stopped on exit from exec() (SYSEXIT)
1639 */
1640 if (P->state == PS_STOP &&
1641 (P->status.pr_lwp.pr_why == PR_REQUESTED ||
1642 (P->status.pr_lwp.pr_why == PR_SYSEXIT &&
1643 P->status.pr_lwp.pr_what == SYS_execve))) {
1644 /* fake up stop-on-exit-from-execve */
1645 if (P->status.pr_lwp.pr_why == PR_REQUESTED) {
1646 P->status.pr_lwp.pr_why = PR_SYSEXIT;
1647 P->status.pr_lwp.pr_what = SYS_execve;
1648 P->status.pr_lwp.pr_errno = 0;
1649 }
1650 } else {
1651 dprintf("Preopen: expected REQUESTED or "
1652 "SYSEXIT(SYS_execve) stop\n");
1653 }
1654
1655 return (0);
1656 }
1657
1658 /*
1659 * Define all settable flags other than the microstate accounting flags.
1660 */
1661 #define ALL_SETTABLE_FLAGS (PR_FORK|PR_RLC|PR_KLC|PR_ASYNC|PR_BPTADJ|PR_PTRACE)
1662
1663 /*
1664 * Restore /proc tracing flags to their original values
1665 * in preparation for releasing the process.
1666 * Also called by Pcreate() to clear all tracing flags.
1667 */
1668 static void
restore_tracing_flags(struct ps_prochandle * P)1669 restore_tracing_flags(struct ps_prochandle *P)
1670 {
1671 long flags;
1672 long cmd[4];
1673 iovec_t iov[8];
1674
1675 if (P->flags & CREATED) {
1676 /* we created this process; clear all tracing flags */
1677 premptyset(&P->status.pr_sigtrace);
1678 premptyset(&P->status.pr_flttrace);
1679 premptyset(&P->status.pr_sysentry);
1680 premptyset(&P->status.pr_sysexit);
1681 if ((P->status.pr_flags & ALL_SETTABLE_FLAGS) != 0)
1682 (void) Punsetflags(P, ALL_SETTABLE_FLAGS);
1683 } else {
1684 /* we grabbed the process; restore its tracing flags */
1685 P->status.pr_sigtrace = P->orig_status.pr_sigtrace;
1686 P->status.pr_flttrace = P->orig_status.pr_flttrace;
1687 P->status.pr_sysentry = P->orig_status.pr_sysentry;
1688 P->status.pr_sysexit = P->orig_status.pr_sysexit;
1689 if ((P->status.pr_flags & ALL_SETTABLE_FLAGS) !=
1690 (flags = (P->orig_status.pr_flags & ALL_SETTABLE_FLAGS))) {
1691 (void) Punsetflags(P, ALL_SETTABLE_FLAGS);
1692 if (flags)
1693 (void) Psetflags(P, flags);
1694 }
1695 }
1696
1697 cmd[0] = PCSTRACE;
1698 iov[0].iov_base = (caddr_t)&cmd[0];
1699 iov[0].iov_len = sizeof (long);
1700 iov[1].iov_base = (caddr_t)&P->status.pr_sigtrace;
1701 iov[1].iov_len = sizeof (P->status.pr_sigtrace);
1702
1703 cmd[1] = PCSFAULT;
1704 iov[2].iov_base = (caddr_t)&cmd[1];
1705 iov[2].iov_len = sizeof (long);
1706 iov[3].iov_base = (caddr_t)&P->status.pr_flttrace;
1707 iov[3].iov_len = sizeof (P->status.pr_flttrace);
1708
1709 cmd[2] = PCSENTRY;
1710 iov[4].iov_base = (caddr_t)&cmd[2];
1711 iov[4].iov_len = sizeof (long);
1712 iov[5].iov_base = (caddr_t)&P->status.pr_sysentry;
1713 iov[5].iov_len = sizeof (P->status.pr_sysentry);
1714
1715 cmd[3] = PCSEXIT;
1716 iov[6].iov_base = (caddr_t)&cmd[3];
1717 iov[6].iov_len = sizeof (long);
1718 iov[7].iov_base = (caddr_t)&P->status.pr_sysexit;
1719 iov[7].iov_len = sizeof (P->status.pr_sysexit);
1720
1721 (void) writev(P->ctlfd, iov, 8);
1722
1723 P->flags &= ~(SETSIG|SETFAULT|SETENTRY|SETEXIT);
1724 }
1725
1726 /*
1727 * Release the process. Frees the process control structure.
1728 * flags:
1729 * PRELEASE_CLEAR Clear all tracing flags.
1730 * PRELEASE_RETAIN Retain current tracing flags.
1731 * PRELEASE_HANG Leave the process stopped and abandoned.
1732 * PRELEASE_KILL Terminate the process with SIGKILL.
1733 */
1734 void
Prelease(struct ps_prochandle * P,int flags)1735 Prelease(struct ps_prochandle *P, int flags)
1736 {
1737 if (P->state == PS_DEAD) {
1738 dprintf("Prelease: releasing handle %p PS_DEAD of pid %d\n",
1739 (void *)P, (int)P->pid);
1740 Pfree(P);
1741 return;
1742 }
1743
1744 if (P->state == PS_IDLE) {
1745 file_info_t *fptr = list_head(&P->file_head);
1746 dprintf("Prelease: releasing handle %p PS_IDLE of file %s\n",
1747 (void *)P, fptr->file_pname);
1748 Pfree(P);
1749 return;
1750 }
1751
1752 dprintf("Prelease: releasing handle %p pid %d\n",
1753 (void *)P, (int)P->pid);
1754
1755 if (P->ctlfd == -1) {
1756 Pfree(P);
1757 return;
1758 }
1759
1760 if (P->agentcnt > 0) {
1761 P->agentcnt = 1;
1762 Pdestroy_agent(P);
1763 }
1764
1765 /*
1766 * Attempt to stop the process.
1767 */
1768 P->state = PS_RUN;
1769 (void) Pstop(P, 1000);
1770
1771 if (flags & PRELEASE_KILL) {
1772 if (P->state == PS_STOP)
1773 (void) Psetrun(P, SIGKILL, 0);
1774 (void) kill(P->pid, SIGKILL);
1775 Pfree(P);
1776 return;
1777 }
1778
1779 /*
1780 * If we lost control, all we can do now is close the files.
1781 * In this case, the last close sets the process running.
1782 */
1783 if (P->state != PS_STOP &&
1784 (P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) == 0) {
1785 Pfree(P);
1786 return;
1787 }
1788
1789 /*
1790 * We didn't lose control; we do more.
1791 */
1792 Psync(P);
1793
1794 if (flags & PRELEASE_CLEAR)
1795 P->flags |= CREATED;
1796
1797 if (!(flags & PRELEASE_RETAIN))
1798 restore_tracing_flags(P);
1799
1800 if (flags & PRELEASE_HANG) {
1801 /* Leave the process stopped and abandoned */
1802 (void) Punsetflags(P, PR_RLC|PR_KLC);
1803 Pfree(P);
1804 return;
1805 }
1806
1807 /*
1808 * Set the process running if we created it or if it was
1809 * not originally stopped or directed to stop via /proc
1810 * or if we were given the PRELEASE_CLEAR flag.
1811 */
1812 if ((P->flags & CREATED) ||
1813 (P->orig_status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) == 0) {
1814 (void) Psetflags(P, PR_RLC);
1815 /*
1816 * We do this repeatedly because the process may have
1817 * more than one LWP stopped on an event of interest.
1818 * This makes sure all of them are set running.
1819 */
1820 do {
1821 if (Psetrun(P, 0, 0) == -1 && errno == EBUSY)
1822 break; /* Agent LWP may be stuck */
1823 } while (Pstopstatus(P, PCNULL, 0) == 0 &&
1824 P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP));
1825
1826 if (P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP))
1827 dprintf("Prelease: failed to set process running\n");
1828 }
1829
1830 Pfree(P);
1831 }
1832
1833 /* debugging */
1834 void
prldump(const char * caller,lwpstatus_t * lsp)1835 prldump(const char *caller, lwpstatus_t *lsp)
1836 {
1837 char name[32];
1838 uint32_t bits;
1839
1840 switch (lsp->pr_why) {
1841 case PR_REQUESTED:
1842 dprintf("%s: REQUESTED\n", caller);
1843 break;
1844 case PR_SIGNALLED:
1845 dprintf("%s: SIGNALLED %s\n", caller,
1846 proc_signame(lsp->pr_what, name, sizeof (name)));
1847 break;
1848 case PR_FAULTED:
1849 dprintf("%s: FAULTED %s\n", caller,
1850 proc_fltname(lsp->pr_what, name, sizeof (name)));
1851 break;
1852 case PR_SYSENTRY:
1853 dprintf("%s: SYSENTRY %s\n", caller,
1854 proc_sysname(lsp->pr_what, name, sizeof (name)));
1855 break;
1856 case PR_SYSEXIT:
1857 dprintf("%s: SYSEXIT %s\n", caller,
1858 proc_sysname(lsp->pr_what, name, sizeof (name)));
1859 break;
1860 case PR_JOBCONTROL:
1861 dprintf("%s: JOBCONTROL %s\n", caller,
1862 proc_signame(lsp->pr_what, name, sizeof (name)));
1863 break;
1864 case PR_SUSPENDED:
1865 dprintf("%s: SUSPENDED\n", caller);
1866 break;
1867 default:
1868 dprintf("%s: Unknown\n", caller);
1869 break;
1870 }
1871
1872 if (lsp->pr_cursig)
1873 dprintf("%s: p_cursig = %d\n", caller, lsp->pr_cursig);
1874
1875 bits = *((uint32_t *)&lsp->pr_lwppend);
1876 if (bits)
1877 dprintf("%s: pr_lwppend = 0x%.8X\n", caller, bits);
1878 }
1879
1880 /* debugging */
1881 static void
prdump(struct ps_prochandle * P)1882 prdump(struct ps_prochandle *P)
1883 {
1884 uint32_t bits;
1885
1886 prldump("Pstopstatus", &P->status.pr_lwp);
1887
1888 bits = *((uint32_t *)&P->status.pr_sigpend);
1889 if (bits)
1890 dprintf("Pstopstatus: pr_sigpend = 0x%.8X\n", bits);
1891 }
1892
1893 /*
1894 * Wait for the specified process to stop or terminate.
1895 * Or, just get the current status (PCNULL).
1896 * Or, direct it to stop and get the current status (PCDSTOP).
1897 * If the agent LWP exists, do these things to the agent,
1898 * else do these things to the process as a whole.
1899 */
1900 int
Pstopstatus(struct ps_prochandle * P,long request,uint_t msec)1901 Pstopstatus(struct ps_prochandle *P,
1902 long request, /* PCNULL, PCDSTOP, PCSTOP, PCWSTOP */
1903 uint_t msec) /* if non-zero, timeout in milliseconds */
1904 {
1905 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
1906 long ctl[3];
1907 ssize_t rc;
1908 int err;
1909 int old_state = P->state;
1910
1911 switch (P->state) {
1912 case PS_RUN:
1913 break;
1914 case PS_STOP:
1915 if (request != PCNULL && request != PCDSTOP)
1916 return (0);
1917 break;
1918 case PS_LOST:
1919 if (request != PCNULL) {
1920 errno = EAGAIN;
1921 return (-1);
1922 }
1923 break;
1924 case PS_UNDEAD:
1925 case PS_DEAD:
1926 case PS_IDLE:
1927 if (request != PCNULL) {
1928 errno = ENOENT;
1929 return (-1);
1930 }
1931 break;
1932 default: /* corrupted state */
1933 dprintf("Pstopstatus: corrupted state: %d\n", P->state);
1934 errno = EINVAL;
1935 return (-1);
1936 }
1937
1938 ctl[0] = PCDSTOP;
1939 ctl[1] = PCTWSTOP;
1940 ctl[2] = (long)msec;
1941 rc = 0;
1942 switch (request) {
1943 case PCSTOP:
1944 rc = write(ctlfd, &ctl[0], 3*sizeof (long));
1945 break;
1946 case PCWSTOP:
1947 rc = write(ctlfd, &ctl[1], 2*sizeof (long));
1948 break;
1949 case PCDSTOP:
1950 rc = write(ctlfd, &ctl[0], 1*sizeof (long));
1951 break;
1952 case PCNULL:
1953 if (P->state == PS_DEAD || P->state == PS_IDLE)
1954 return (0);
1955 break;
1956 default: /* programming error */
1957 errno = EINVAL;
1958 return (-1);
1959 }
1960 err = (rc < 0)? errno : 0;
1961 Psync(P);
1962
1963 if (P->agentstatfd < 0) {
1964 if (pread(P->statfd, &P->status,
1965 sizeof (P->status), (off_t)0) < 0)
1966 err = errno;
1967 } else {
1968 if (pread(P->agentstatfd, &P->status.pr_lwp,
1969 sizeof (P->status.pr_lwp), (off_t)0) < 0)
1970 err = errno;
1971 P->status.pr_flags = P->status.pr_lwp.pr_flags;
1972 }
1973
1974 if (err) {
1975 switch (err) {
1976 case EINTR: /* user typed ctl-C */
1977 case ERESTART:
1978 dprintf("Pstopstatus: EINTR\n");
1979 break;
1980 case EAGAIN: /* we lost control of the the process */
1981 case EOVERFLOW:
1982 dprintf("Pstopstatus: PS_LOST, errno=%d\n", err);
1983 P->state = PS_LOST;
1984 break;
1985 default: /* check for dead process */
1986 if (_libproc_debug) {
1987 const char *errstr;
1988
1989 switch (request) {
1990 case PCNULL:
1991 errstr = "Pstopstatus PCNULL"; break;
1992 case PCSTOP:
1993 errstr = "Pstopstatus PCSTOP"; break;
1994 case PCDSTOP:
1995 errstr = "Pstopstatus PCDSTOP"; break;
1996 case PCWSTOP:
1997 errstr = "Pstopstatus PCWSTOP"; break;
1998 default:
1999 errstr = "Pstopstatus PC???"; break;
2000 }
2001 dprintf("%s: %s\n", errstr, strerror(err));
2002 }
2003 deadcheck(P);
2004 break;
2005 }
2006 if (err != EINTR && err != ERESTART) {
2007 errno = err;
2008 return (-1);
2009 }
2010 }
2011
2012 if (!(P->status.pr_flags & PR_STOPPED)) {
2013 P->state = PS_RUN;
2014 if (request == PCNULL || request == PCDSTOP || msec != 0)
2015 return (0);
2016 dprintf("Pstopstatus: process is not stopped\n");
2017 errno = EPROTO;
2018 return (-1);
2019 }
2020
2021 P->state = PS_STOP;
2022
2023 if (_libproc_debug) /* debugging */
2024 prdump(P);
2025
2026 /*
2027 * If the process was already stopped coming into Pstopstatus(),
2028 * then don't use its PC to set P->sysaddr since it may have been
2029 * changed since the time the process originally stopped.
2030 */
2031 if (old_state == PS_STOP)
2032 return (0);
2033
2034 switch (P->status.pr_lwp.pr_why) {
2035 case PR_SYSENTRY:
2036 case PR_SYSEXIT:
2037 if (Pissyscall_prev(P, P->status.pr_lwp.pr_reg[R_PC],
2038 &P->sysaddr) == 0)
2039 P->sysaddr = P->status.pr_lwp.pr_reg[R_PC];
2040 break;
2041 case PR_REQUESTED:
2042 case PR_SIGNALLED:
2043 case PR_FAULTED:
2044 case PR_JOBCONTROL:
2045 case PR_SUSPENDED:
2046 break;
2047 default:
2048 errno = EPROTO;
2049 return (-1);
2050 }
2051
2052 return (0);
2053 }
2054
2055 /*
2056 * Wait for the process to stop for any reason.
2057 */
2058 int
Pwait(struct ps_prochandle * P,uint_t msec)2059 Pwait(struct ps_prochandle *P, uint_t msec)
2060 {
2061 return (Pstopstatus(P, PCWSTOP, msec));
2062 }
2063
2064 /*
2065 * Direct the process to stop; wait for it to stop.
2066 */
2067 int
Pstop(struct ps_prochandle * P,uint_t msec)2068 Pstop(struct ps_prochandle *P, uint_t msec)
2069 {
2070 return (Pstopstatus(P, PCSTOP, msec));
2071 }
2072
2073 /*
2074 * Direct the process to stop; don't wait.
2075 */
2076 int
Pdstop(struct ps_prochandle * P)2077 Pdstop(struct ps_prochandle *P)
2078 {
2079 return (Pstopstatus(P, PCDSTOP, 0));
2080 }
2081
2082 static void
deadcheck(struct ps_prochandle * P)2083 deadcheck(struct ps_prochandle *P)
2084 {
2085 int fd;
2086 void *buf;
2087 size_t size;
2088
2089 if (P->statfd < 0)
2090 P->state = PS_UNDEAD;
2091 else {
2092 if (P->agentstatfd < 0) {
2093 fd = P->statfd;
2094 buf = &P->status;
2095 size = sizeof (P->status);
2096 } else {
2097 fd = P->agentstatfd;
2098 buf = &P->status.pr_lwp;
2099 size = sizeof (P->status.pr_lwp);
2100 }
2101 while (pread(fd, buf, size, (off_t)0) != size) {
2102 switch (errno) {
2103 default:
2104 P->state = PS_UNDEAD;
2105 break;
2106 case EINTR:
2107 case ERESTART:
2108 continue;
2109 case EAGAIN:
2110 P->state = PS_LOST;
2111 break;
2112 }
2113 break;
2114 }
2115 P->status.pr_flags = P->status.pr_lwp.pr_flags;
2116 }
2117 }
2118
2119 /*
2120 * Get the value of one register from stopped process.
2121 */
2122 int
Pgetareg(struct ps_prochandle * P,int regno,prgreg_t * preg)2123 Pgetareg(struct ps_prochandle *P, int regno, prgreg_t *preg)
2124 {
2125 if (regno < 0 || regno >= NPRGREG) {
2126 errno = EINVAL;
2127 return (-1);
2128 }
2129
2130 if (P->state == PS_IDLE) {
2131 errno = ENODATA;
2132 return (-1);
2133 }
2134
2135 if (P->state != PS_STOP && P->state != PS_DEAD) {
2136 errno = EBUSY;
2137 return (-1);
2138 }
2139
2140 *preg = P->status.pr_lwp.pr_reg[regno];
2141 return (0);
2142 }
2143
2144 /*
2145 * Put value of one register into stopped process.
2146 */
2147 int
Pputareg(struct ps_prochandle * P,int regno,prgreg_t reg)2148 Pputareg(struct ps_prochandle *P, int regno, prgreg_t reg)
2149 {
2150 if (regno < 0 || regno >= NPRGREG) {
2151 errno = EINVAL;
2152 return (-1);
2153 }
2154
2155 if (P->state != PS_STOP) {
2156 errno = EBUSY;
2157 return (-1);
2158 }
2159
2160 P->status.pr_lwp.pr_reg[regno] = reg;
2161 P->flags |= SETREGS; /* set registers before continuing */
2162 return (0);
2163 }
2164
2165 int
Psetrun(struct ps_prochandle * P,int sig,int flags)2166 Psetrun(struct ps_prochandle *P,
2167 int sig, /* signal to pass to process */
2168 int flags) /* PRSTEP|PRSABORT|PRSTOP|PRCSIG|PRCFAULT */
2169 {
2170 int ctlfd = (P->agentctlfd >= 0) ? P->agentctlfd : P->ctlfd;
2171 int sbits = (PR_DSTOP | PR_ISTOP | PR_ASLEEP);
2172
2173 long ctl[1 + /* PCCFAULT */
2174 1 + sizeof (siginfo_t)/sizeof (long) + /* PCSSIG/PCCSIG */
2175 2 ]; /* PCRUN */
2176
2177 long *ctlp = ctl;
2178 size_t size;
2179
2180 if (P->state != PS_STOP && (P->status.pr_lwp.pr_flags & sbits) == 0) {
2181 errno = EBUSY;
2182 return (-1);
2183 }
2184
2185 Psync(P); /* flush tracing flags and registers */
2186
2187 if (flags & PRCFAULT) { /* clear current fault */
2188 *ctlp++ = PCCFAULT;
2189 flags &= ~PRCFAULT;
2190 }
2191
2192 if (flags & PRCSIG) { /* clear current signal */
2193 *ctlp++ = PCCSIG;
2194 flags &= ~PRCSIG;
2195 } else if (sig && sig != P->status.pr_lwp.pr_cursig) {
2196 /* make current signal */
2197 siginfo_t *infop;
2198
2199 *ctlp++ = PCSSIG;
2200 infop = (siginfo_t *)ctlp;
2201 (void) memset(infop, 0, sizeof (*infop));
2202 infop->si_signo = sig;
2203 ctlp += sizeof (siginfo_t) / sizeof (long);
2204 }
2205
2206 *ctlp++ = PCRUN;
2207 *ctlp++ = flags;
2208 size = (char *)ctlp - (char *)ctl;
2209
2210 P->info_valid = 0; /* will need to update map and file info */
2211
2212 /*
2213 * If we've cached ucontext-list information while we were stopped,
2214 * free it now.
2215 */
2216 if (P->ucaddrs != NULL) {
2217 free(P->ucaddrs);
2218 P->ucaddrs = NULL;
2219 P->ucnelems = 0;
2220 }
2221
2222 if (write(ctlfd, ctl, size) != size) {
2223 /* If it is dead or lost, return the real status, not PS_RUN */
2224 if (errno == ENOENT || errno == EAGAIN) {
2225 (void) Pstopstatus(P, PCNULL, 0);
2226 return (0);
2227 }
2228 /* If it is not in a jobcontrol stop, issue an error message */
2229 if (errno != EBUSY ||
2230 P->status.pr_lwp.pr_why != PR_JOBCONTROL) {
2231 dprintf("Psetrun: %s\n", strerror(errno));
2232 return (-1);
2233 }
2234 /* Otherwise pretend that the job-stopped process is running */
2235 }
2236
2237 P->state = PS_RUN;
2238 return (0);
2239 }
2240
2241 ssize_t
Pread(struct ps_prochandle * P,void * buf,size_t nbyte,uintptr_t address)2242 Pread(struct ps_prochandle *P,
2243 void *buf, /* caller's buffer */
2244 size_t nbyte, /* number of bytes to read */
2245 uintptr_t address) /* address in process */
2246 {
2247 return (P->ops.pop_pread(P, buf, nbyte, address, P->data));
2248 }
2249
2250 ssize_t
Pread_string(struct ps_prochandle * P,char * buf,size_t size,uintptr_t addr)2251 Pread_string(struct ps_prochandle *P,
2252 char *buf, /* caller's buffer */
2253 size_t size, /* upper limit on bytes to read */
2254 uintptr_t addr) /* address in process */
2255 {
2256 enum { STRSZ = 40 };
2257 char string[STRSZ + 1];
2258 ssize_t leng = 0;
2259 int nbyte;
2260
2261 if (size < 2) {
2262 errno = EINVAL;
2263 return (-1);
2264 }
2265
2266 size--; /* ensure trailing null fits in buffer */
2267
2268 *buf = '\0';
2269 string[STRSZ] = '\0';
2270
2271 for (nbyte = STRSZ; nbyte == STRSZ && leng < size; addr += STRSZ) {
2272 if ((nbyte = P->ops.pop_pread(P, string, STRSZ, addr,
2273 P->data)) <= 0) {
2274 buf[leng] = '\0';
2275 return (leng ? leng : -1);
2276 }
2277 if ((nbyte = strlen(string)) > 0) {
2278 if (leng + nbyte > size)
2279 nbyte = size - leng;
2280 (void) strncpy(buf + leng, string, nbyte);
2281 leng += nbyte;
2282 }
2283 }
2284 buf[leng] = '\0';
2285 return (leng);
2286 }
2287
2288 ssize_t
Pwrite(struct ps_prochandle * P,const void * buf,size_t nbyte,uintptr_t address)2289 Pwrite(struct ps_prochandle *P,
2290 const void *buf, /* caller's buffer */
2291 size_t nbyte, /* number of bytes to write */
2292 uintptr_t address) /* address in process */
2293 {
2294 return (P->ops.pop_pwrite(P, buf, nbyte, address, P->data));
2295 }
2296
2297 int
Pclearsig(struct ps_prochandle * P)2298 Pclearsig(struct ps_prochandle *P)
2299 {
2300 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2301 long ctl = PCCSIG;
2302
2303 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
2304 return (-1);
2305 P->status.pr_lwp.pr_cursig = 0;
2306 return (0);
2307 }
2308
2309 int
Pclearfault(struct ps_prochandle * P)2310 Pclearfault(struct ps_prochandle *P)
2311 {
2312 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2313 long ctl = PCCFAULT;
2314
2315 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
2316 return (-1);
2317 return (0);
2318 }
2319
2320 /*
2321 * Set a breakpoint trap, return original instruction.
2322 */
2323 int
Psetbkpt(struct ps_prochandle * P,uintptr_t address,ulong_t * saved)2324 Psetbkpt(struct ps_prochandle *P, uintptr_t address, ulong_t *saved)
2325 {
2326 long ctl[1 + sizeof (priovec_t) / sizeof (long) + /* PCREAD */
2327 1 + sizeof (priovec_t) / sizeof (long)]; /* PCWRITE */
2328 long *ctlp = ctl;
2329 size_t size;
2330 priovec_t *iovp;
2331 instr_t bpt = BPT;
2332 instr_t old;
2333
2334 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2335 P->state == PS_IDLE) {
2336 errno = ENOENT;
2337 return (-1);
2338 }
2339
2340 /* fetch the old instruction */
2341 *ctlp++ = PCREAD;
2342 iovp = (priovec_t *)ctlp;
2343 iovp->pio_base = &old;
2344 iovp->pio_len = sizeof (old);
2345 iovp->pio_offset = address;
2346 ctlp += sizeof (priovec_t) / sizeof (long);
2347
2348 /* write the BPT instruction */
2349 *ctlp++ = PCWRITE;
2350 iovp = (priovec_t *)ctlp;
2351 iovp->pio_base = &bpt;
2352 iovp->pio_len = sizeof (bpt);
2353 iovp->pio_offset = address;
2354 ctlp += sizeof (priovec_t) / sizeof (long);
2355
2356 size = (char *)ctlp - (char *)ctl;
2357 if (write(P->ctlfd, ctl, size) != size)
2358 return (-1);
2359
2360 /*
2361 * Fail if there was already a breakpoint there from another debugger
2362 * or DTrace's user-level tracing on x86.
2363 */
2364 if (old == BPT) {
2365 errno = EBUSY;
2366 return (-1);
2367 }
2368
2369 *saved = (ulong_t)old;
2370 return (0);
2371 }
2372
2373 /*
2374 * Restore original instruction where a breakpoint was set.
2375 */
2376 int
Pdelbkpt(struct ps_prochandle * P,uintptr_t address,ulong_t saved)2377 Pdelbkpt(struct ps_prochandle *P, uintptr_t address, ulong_t saved)
2378 {
2379 instr_t old = (instr_t)saved;
2380 instr_t cur;
2381
2382 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2383 P->state == PS_IDLE) {
2384 errno = ENOENT;
2385 return (-1);
2386 }
2387
2388 /*
2389 * If the breakpoint instruction we had placed has been overwritten
2390 * with a new instruction, then don't try to replace it with the
2391 * old instruction. Doing do can cause problems with self-modifying
2392 * code -- PLTs for example. If the Pread() fails, we assume that we
2393 * should proceed though most likely the Pwrite() will also fail.
2394 */
2395 if (Pread(P, &cur, sizeof (cur), address) == sizeof (cur) &&
2396 cur != BPT)
2397 return (0);
2398
2399 if (Pwrite(P, &old, sizeof (old), address) != sizeof (old))
2400 return (-1);
2401
2402 return (0);
2403 }
2404
2405 /*
2406 * Common code for Pxecbkpt() and Lxecbkpt().
2407 * Develop the array of requests that will do the job, then
2408 * write them to the specified control file descriptor.
2409 * Return the non-zero errno if the write fails.
2410 */
2411 static int
execute_bkpt(int ctlfd,const fltset_t * faultset,const sigset_t * sigmask,uintptr_t address,ulong_t saved)2412 execute_bkpt(
2413 int ctlfd, /* process or LWP control file descriptor */
2414 const fltset_t *faultset, /* current set of traced faults */
2415 const sigset_t *sigmask, /* current signal mask */
2416 uintptr_t address, /* address of breakpint */
2417 ulong_t saved) /* the saved instruction */
2418 {
2419 long ctl[
2420 1 + sizeof (sigset_t) / sizeof (long) + /* PCSHOLD */
2421 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2422 1 + sizeof (priovec_t) / sizeof (long) + /* PCWRITE */
2423 2 + /* PCRUN */
2424 1 + /* PCWSTOP */
2425 1 + /* PCCFAULT */
2426 1 + sizeof (priovec_t) / sizeof (long) + /* PCWRITE */
2427 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2428 1 + sizeof (sigset_t) / sizeof (long)]; /* PCSHOLD */
2429 long *ctlp = ctl;
2430 sigset_t unblock;
2431 size_t size;
2432 ssize_t ssize;
2433 priovec_t *iovp;
2434 sigset_t *holdp;
2435 fltset_t *faultp;
2436 instr_t old = (instr_t)saved;
2437 instr_t bpt = BPT;
2438 int error = 0;
2439
2440 /* block our signals for the duration */
2441 (void) sigprocmask(SIG_BLOCK, &blockable_sigs, &unblock);
2442
2443 /* hold posted signals */
2444 *ctlp++ = PCSHOLD;
2445 holdp = (sigset_t *)ctlp;
2446 prfillset(holdp);
2447 prdelset(holdp, SIGKILL);
2448 prdelset(holdp, SIGSTOP);
2449 ctlp += sizeof (sigset_t) / sizeof (long);
2450
2451 /* force tracing of FLTTRACE */
2452 if (!(prismember(faultset, FLTTRACE))) {
2453 *ctlp++ = PCSFAULT;
2454 faultp = (fltset_t *)ctlp;
2455 *faultp = *faultset;
2456 praddset(faultp, FLTTRACE);
2457 ctlp += sizeof (fltset_t) / sizeof (long);
2458 }
2459
2460 /* restore the old instruction */
2461 *ctlp++ = PCWRITE;
2462 iovp = (priovec_t *)ctlp;
2463 iovp->pio_base = &old;
2464 iovp->pio_len = sizeof (old);
2465 iovp->pio_offset = address;
2466 ctlp += sizeof (priovec_t) / sizeof (long);
2467
2468 /* clear current signal and fault; set running w/ single-step */
2469 *ctlp++ = PCRUN;
2470 *ctlp++ = PRCSIG | PRCFAULT | PRSTEP;
2471
2472 /* wait for stop, cancel the fault */
2473 *ctlp++ = PCWSTOP;
2474 *ctlp++ = PCCFAULT;
2475
2476 /* restore the breakpoint trap */
2477 *ctlp++ = PCWRITE;
2478 iovp = (priovec_t *)ctlp;
2479 iovp->pio_base = &bpt;
2480 iovp->pio_len = sizeof (bpt);
2481 iovp->pio_offset = address;
2482 ctlp += sizeof (priovec_t) / sizeof (long);
2483
2484 /* restore fault tracing set */
2485 if (!(prismember(faultset, FLTTRACE))) {
2486 *ctlp++ = PCSFAULT;
2487 *(fltset_t *)ctlp = *faultset;
2488 ctlp += sizeof (fltset_t) / sizeof (long);
2489 }
2490
2491 /* restore the hold mask */
2492 *ctlp++ = PCSHOLD;
2493 *(sigset_t *)ctlp = *sigmask;
2494 ctlp += sizeof (sigset_t) / sizeof (long);
2495
2496 size = (char *)ctlp - (char *)ctl;
2497 if ((ssize = write(ctlfd, ctl, size)) != size)
2498 error = (ssize == -1)? errno : EINTR;
2499 (void) sigprocmask(SIG_SETMASK, &unblock, NULL);
2500 return (error);
2501 }
2502
2503 /*
2504 * Step over a breakpoint, i.e., execute the instruction that
2505 * really belongs at the breakpoint location (the current %pc)
2506 * and leave the process stopped at the next instruction.
2507 */
2508 int
Pxecbkpt(struct ps_prochandle * P,ulong_t saved)2509 Pxecbkpt(struct ps_prochandle *P, ulong_t saved)
2510 {
2511 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2512 int rv, error;
2513
2514 if (P->state != PS_STOP) {
2515 errno = EBUSY;
2516 return (-1);
2517 }
2518
2519 Psync(P);
2520
2521 error = execute_bkpt(ctlfd,
2522 &P->status.pr_flttrace, &P->status.pr_lwp.pr_lwphold,
2523 P->status.pr_lwp.pr_reg[R_PC], saved);
2524 rv = Pstopstatus(P, PCNULL, 0);
2525
2526 if (error != 0) {
2527 if (P->status.pr_lwp.pr_why == PR_JOBCONTROL &&
2528 error == EBUSY) { /* jobcontrol stop -- back off */
2529 P->state = PS_RUN;
2530 return (0);
2531 }
2532 if (error == ENOENT)
2533 return (0);
2534 errno = error;
2535 return (-1);
2536 }
2537
2538 return (rv);
2539 }
2540
2541 /*
2542 * Install the watchpoint described by wp.
2543 */
2544 int
Psetwapt(struct ps_prochandle * P,const prwatch_t * wp)2545 Psetwapt(struct ps_prochandle *P, const prwatch_t *wp)
2546 {
2547 long ctl[1 + sizeof (prwatch_t) / sizeof (long)];
2548 prwatch_t *cwp = (prwatch_t *)&ctl[1];
2549
2550 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2551 P->state == PS_IDLE) {
2552 errno = ENOENT;
2553 return (-1);
2554 }
2555
2556 ctl[0] = PCWATCH;
2557 cwp->pr_vaddr = wp->pr_vaddr;
2558 cwp->pr_size = wp->pr_size;
2559 cwp->pr_wflags = wp->pr_wflags;
2560
2561 if (write(P->ctlfd, ctl, sizeof (ctl)) != sizeof (ctl))
2562 return (-1);
2563
2564 return (0);
2565 }
2566
2567 /*
2568 * Remove the watchpoint described by wp.
2569 */
2570 int
Pdelwapt(struct ps_prochandle * P,const prwatch_t * wp)2571 Pdelwapt(struct ps_prochandle *P, const prwatch_t *wp)
2572 {
2573 long ctl[1 + sizeof (prwatch_t) / sizeof (long)];
2574 prwatch_t *cwp = (prwatch_t *)&ctl[1];
2575
2576 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2577 P->state == PS_IDLE) {
2578 errno = ENOENT;
2579 return (-1);
2580 }
2581
2582 ctl[0] = PCWATCH;
2583 cwp->pr_vaddr = wp->pr_vaddr;
2584 cwp->pr_size = wp->pr_size;
2585 cwp->pr_wflags = 0;
2586
2587 if (write(P->ctlfd, ctl, sizeof (ctl)) != sizeof (ctl))
2588 return (-1);
2589
2590 return (0);
2591 }
2592
2593 /*
2594 * Common code for Pxecwapt() and Lxecwapt(). Develop the array of requests
2595 * that will do the job, then write them to the specified control file
2596 * descriptor. Return the non-zero errno if the write fails.
2597 */
2598 static int
execute_wapt(int ctlfd,const fltset_t * faultset,const sigset_t * sigmask,const prwatch_t * wp)2599 execute_wapt(
2600 int ctlfd, /* process or LWP control file descriptor */
2601 const fltset_t *faultset, /* current set of traced faults */
2602 const sigset_t *sigmask, /* current signal mask */
2603 const prwatch_t *wp) /* watchpoint descriptor */
2604 {
2605 long ctl[
2606 1 + sizeof (sigset_t) / sizeof (long) + /* PCSHOLD */
2607 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2608 1 + sizeof (prwatch_t) / sizeof (long) + /* PCWATCH */
2609 2 + /* PCRUN */
2610 1 + /* PCWSTOP */
2611 1 + /* PCCFAULT */
2612 1 + sizeof (prwatch_t) / sizeof (long) + /* PCWATCH */
2613 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2614 1 + sizeof (sigset_t) / sizeof (long)]; /* PCSHOLD */
2615
2616 long *ctlp = ctl;
2617 int error = 0;
2618
2619 sigset_t unblock;
2620 sigset_t *holdp;
2621 fltset_t *faultp;
2622 prwatch_t *prw;
2623 ssize_t ssize;
2624 size_t size;
2625
2626 (void) sigprocmask(SIG_BLOCK, &blockable_sigs, &unblock);
2627
2628 /*
2629 * Hold all posted signals in the victim process prior to stepping.
2630 */
2631 *ctlp++ = PCSHOLD;
2632 holdp = (sigset_t *)ctlp;
2633 prfillset(holdp);
2634 prdelset(holdp, SIGKILL);
2635 prdelset(holdp, SIGSTOP);
2636 ctlp += sizeof (sigset_t) / sizeof (long);
2637
2638 /*
2639 * Force tracing of FLTTRACE since we need to single step.
2640 */
2641 if (!(prismember(faultset, FLTTRACE))) {
2642 *ctlp++ = PCSFAULT;
2643 faultp = (fltset_t *)ctlp;
2644 *faultp = *faultset;
2645 praddset(faultp, FLTTRACE);
2646 ctlp += sizeof (fltset_t) / sizeof (long);
2647 }
2648
2649 /*
2650 * Clear only the current watchpoint by setting pr_wflags to zero.
2651 */
2652 *ctlp++ = PCWATCH;
2653 prw = (prwatch_t *)ctlp;
2654 prw->pr_vaddr = wp->pr_vaddr;
2655 prw->pr_size = wp->pr_size;
2656 prw->pr_wflags = 0;
2657 ctlp += sizeof (prwatch_t) / sizeof (long);
2658
2659 /*
2660 * Clear the current signal and fault; set running with single-step.
2661 * Then wait for the victim to stop and cancel the FLTTRACE.
2662 */
2663 *ctlp++ = PCRUN;
2664 *ctlp++ = PRCSIG | PRCFAULT | PRSTEP;
2665 *ctlp++ = PCWSTOP;
2666 *ctlp++ = PCCFAULT;
2667
2668 /*
2669 * Restore the current watchpoint.
2670 */
2671 *ctlp++ = PCWATCH;
2672 (void) memcpy(ctlp, wp, sizeof (prwatch_t));
2673 ctlp += sizeof (prwatch_t) / sizeof (long);
2674
2675 /*
2676 * Restore fault tracing set if we modified it.
2677 */
2678 if (!(prismember(faultset, FLTTRACE))) {
2679 *ctlp++ = PCSFAULT;
2680 *(fltset_t *)ctlp = *faultset;
2681 ctlp += sizeof (fltset_t) / sizeof (long);
2682 }
2683
2684 /*
2685 * Restore the hold mask to the current hold mask (i.e. the one
2686 * before we executed any of the previous operations).
2687 */
2688 *ctlp++ = PCSHOLD;
2689 *(sigset_t *)ctlp = *sigmask;
2690 ctlp += sizeof (sigset_t) / sizeof (long);
2691
2692 size = (char *)ctlp - (char *)ctl;
2693 if ((ssize = write(ctlfd, ctl, size)) != size)
2694 error = (ssize == -1)? errno : EINTR;
2695 (void) sigprocmask(SIG_SETMASK, &unblock, NULL);
2696 return (error);
2697 }
2698
2699 /*
2700 * Step over a watchpoint, i.e., execute the instruction that was stopped by
2701 * the watchpoint, and then leave the LWP stopped at the next instruction.
2702 */
2703 int
Pxecwapt(struct ps_prochandle * P,const prwatch_t * wp)2704 Pxecwapt(struct ps_prochandle *P, const prwatch_t *wp)
2705 {
2706 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2707 int rv, error;
2708
2709 if (P->state != PS_STOP) {
2710 errno = EBUSY;
2711 return (-1);
2712 }
2713
2714 Psync(P);
2715 error = execute_wapt(ctlfd,
2716 &P->status.pr_flttrace, &P->status.pr_lwp.pr_lwphold, wp);
2717 rv = Pstopstatus(P, PCNULL, 0);
2718
2719 if (error != 0) {
2720 if (P->status.pr_lwp.pr_why == PR_JOBCONTROL &&
2721 error == EBUSY) { /* jobcontrol stop -- back off */
2722 P->state = PS_RUN;
2723 return (0);
2724 }
2725 if (error == ENOENT)
2726 return (0);
2727 errno = error;
2728 return (-1);
2729 }
2730
2731 return (rv);
2732 }
2733
2734 int
Psetflags(struct ps_prochandle * P,long flags)2735 Psetflags(struct ps_prochandle *P, long flags)
2736 {
2737 int rc;
2738 long ctl[2];
2739
2740 ctl[0] = PCSET;
2741 ctl[1] = flags;
2742
2743 if (write(P->ctlfd, ctl, 2*sizeof (long)) != 2*sizeof (long)) {
2744 rc = -1;
2745 } else {
2746 P->status.pr_flags |= flags;
2747 P->status.pr_lwp.pr_flags |= flags;
2748 rc = 0;
2749 }
2750
2751 return (rc);
2752 }
2753
2754 int
Punsetflags(struct ps_prochandle * P,long flags)2755 Punsetflags(struct ps_prochandle *P, long flags)
2756 {
2757 int rc;
2758 long ctl[2];
2759
2760 ctl[0] = PCUNSET;
2761 ctl[1] = flags;
2762
2763 if (write(P->ctlfd, ctl, 2*sizeof (long)) != 2*sizeof (long)) {
2764 rc = -1;
2765 } else {
2766 P->status.pr_flags &= ~flags;
2767 P->status.pr_lwp.pr_flags &= ~flags;
2768 rc = 0;
2769 }
2770
2771 return (rc);
2772 }
2773
2774 /*
2775 * Common function to allow clients to manipulate the action to be taken
2776 * on receipt of a signal, receipt of machine fault, entry to a system call,
2777 * or exit from a system call. We make use of our private prset_* functions
2778 * in order to make this code be common. The 'which' parameter identifies
2779 * the code for the event of interest (0 means change the entire set), and
2780 * the 'stop' parameter is a boolean indicating whether the process should
2781 * stop when the event of interest occurs. The previous value is returned
2782 * to the caller; -1 is returned if an error occurred.
2783 */
2784 static int
Psetaction(struct ps_prochandle * P,void * sp,size_t size,uint_t flag,int max,int which,int stop)2785 Psetaction(struct ps_prochandle *P, void *sp, size_t size,
2786 uint_t flag, int max, int which, int stop)
2787 {
2788 int oldval;
2789
2790 if (which < 0 || which > max) {
2791 errno = EINVAL;
2792 return (-1);
2793 }
2794
2795 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2796 P->state == PS_IDLE) {
2797 errno = ENOENT;
2798 return (-1);
2799 }
2800
2801 oldval = prset_ismember(sp, size, which) ? TRUE : FALSE;
2802
2803 if (stop) {
2804 if (which == 0) {
2805 prset_fill(sp, size);
2806 P->flags |= flag;
2807 } else if (!oldval) {
2808 prset_add(sp, size, which);
2809 P->flags |= flag;
2810 }
2811 } else {
2812 if (which == 0) {
2813 prset_empty(sp, size);
2814 P->flags |= flag;
2815 } else if (oldval) {
2816 prset_del(sp, size, which);
2817 P->flags |= flag;
2818 }
2819 }
2820
2821 if (P->state == PS_RUN)
2822 Psync(P);
2823
2824 return (oldval);
2825 }
2826
2827 /*
2828 * Set action on specified signal.
2829 */
2830 int
Psignal(struct ps_prochandle * P,int which,int stop)2831 Psignal(struct ps_prochandle *P, int which, int stop)
2832 {
2833 int oldval;
2834
2835 if (which == SIGKILL && stop != 0) {
2836 errno = EINVAL;
2837 return (-1);
2838 }
2839
2840 oldval = Psetaction(P, &P->status.pr_sigtrace, sizeof (sigset_t),
2841 SETSIG, PRMAXSIG, which, stop);
2842
2843 if (oldval != -1 && which == 0 && stop != 0)
2844 prdelset(&P->status.pr_sigtrace, SIGKILL);
2845
2846 return (oldval);
2847 }
2848
2849 /*
2850 * Set all signal tracing flags.
2851 */
2852 void
Psetsignal(struct ps_prochandle * P,const sigset_t * set)2853 Psetsignal(struct ps_prochandle *P, const sigset_t *set)
2854 {
2855 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2856 P->state == PS_IDLE)
2857 return;
2858
2859 P->status.pr_sigtrace = *set;
2860 P->flags |= SETSIG;
2861
2862 if (P->state == PS_RUN)
2863 Psync(P);
2864 }
2865
2866 /*
2867 * Set action on specified fault.
2868 */
2869 int
Pfault(struct ps_prochandle * P,int which,int stop)2870 Pfault(struct ps_prochandle *P, int which, int stop)
2871 {
2872 return (Psetaction(P, &P->status.pr_flttrace, sizeof (fltset_t),
2873 SETFAULT, PRMAXFAULT, which, stop));
2874 }
2875
2876 /*
2877 * Set all machine fault tracing flags.
2878 */
2879 void
Psetfault(struct ps_prochandle * P,const fltset_t * set)2880 Psetfault(struct ps_prochandle *P, const fltset_t *set)
2881 {
2882 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2883 P->state == PS_IDLE)
2884 return;
2885
2886 P->status.pr_flttrace = *set;
2887 P->flags |= SETFAULT;
2888
2889 if (P->state == PS_RUN)
2890 Psync(P);
2891 }
2892
2893 /*
2894 * Set action on specified system call entry.
2895 */
2896 int
Psysentry(struct ps_prochandle * P,int which,int stop)2897 Psysentry(struct ps_prochandle *P, int which, int stop)
2898 {
2899 return (Psetaction(P, &P->status.pr_sysentry, sizeof (sysset_t),
2900 SETENTRY, PRMAXSYS, which, stop));
2901 }
2902
2903 /*
2904 * Set all system call entry tracing flags.
2905 */
2906 void
Psetsysentry(struct ps_prochandle * P,const sysset_t * set)2907 Psetsysentry(struct ps_prochandle *P, const sysset_t *set)
2908 {
2909 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2910 P->state == PS_IDLE)
2911 return;
2912
2913 P->status.pr_sysentry = *set;
2914 P->flags |= SETENTRY;
2915
2916 if (P->state == PS_RUN)
2917 Psync(P);
2918 }
2919
2920 /*
2921 * Set action on specified system call exit.
2922 */
2923 int
Psysexit(struct ps_prochandle * P,int which,int stop)2924 Psysexit(struct ps_prochandle *P, int which, int stop)
2925 {
2926 return (Psetaction(P, &P->status.pr_sysexit, sizeof (sysset_t),
2927 SETEXIT, PRMAXSYS, which, stop));
2928 }
2929
2930 /*
2931 * Set all system call exit tracing flags.
2932 */
2933 void
Psetsysexit(struct ps_prochandle * P,const sysset_t * set)2934 Psetsysexit(struct ps_prochandle *P, const sysset_t *set)
2935 {
2936 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2937 P->state == PS_IDLE)
2938 return;
2939
2940 P->status.pr_sysexit = *set;
2941 P->flags |= SETEXIT;
2942
2943 if (P->state == PS_RUN)
2944 Psync(P);
2945 }
2946
2947 /*
2948 * Utility function to read the contents of a file that contains a
2949 * prheader_t at the start (/proc/pid/lstatus or /proc/pid/lpsinfo).
2950 * Returns a malloc()d buffer or NULL on failure.
2951 */
2952 static prheader_t *
read_lfile(struct ps_prochandle * P,const char * lname)2953 read_lfile(struct ps_prochandle *P, const char *lname)
2954 {
2955 prheader_t *Lhp;
2956 char lpath[PATH_MAX];
2957 struct stat64 statb;
2958 int fd;
2959 size_t size;
2960 ssize_t rval;
2961
2962 (void) snprintf(lpath, sizeof (lpath), "%s/%d/%s", procfs_path,
2963 (int)P->status.pr_pid, lname);
2964 if ((fd = open(lpath, O_RDONLY)) < 0 || fstat64(fd, &statb) != 0) {
2965 if (fd >= 0)
2966 (void) close(fd);
2967 return (NULL);
2968 }
2969
2970 /*
2971 * 'size' is just the initial guess at the buffer size.
2972 * It will have to grow if the number of lwps increases
2973 * while we are looking at the process.
2974 * 'size' must be larger than the actual file size.
2975 */
2976 size = statb.st_size + 32;
2977
2978 for (;;) {
2979 if ((Lhp = malloc(size)) == NULL)
2980 break;
2981 if ((rval = pread(fd, Lhp, size, 0)) < 0 ||
2982 rval <= sizeof (prheader_t)) {
2983 free(Lhp);
2984 Lhp = NULL;
2985 break;
2986 }
2987 if (rval < size)
2988 break;
2989 /* need a bigger buffer */
2990 free(Lhp);
2991 size *= 2;
2992 }
2993
2994 (void) close(fd);
2995 return (Lhp);
2996 }
2997
2998 /*
2999 * LWP iteration interface.
3000 */
3001 int
Plwp_iter(struct ps_prochandle * P,proc_lwp_f * func,void * cd)3002 Plwp_iter(struct ps_prochandle *P, proc_lwp_f *func, void *cd)
3003 {
3004 prheader_t *Lhp;
3005 lwpstatus_t *Lsp;
3006 long nlwp;
3007 int rv;
3008
3009 switch (P->state) {
3010 case PS_RUN:
3011 (void) Pstopstatus(P, PCNULL, 0);
3012 break;
3013
3014 case PS_STOP:
3015 Psync(P);
3016 break;
3017
3018 case PS_IDLE:
3019 errno = ENODATA;
3020 return (-1);
3021 }
3022
3023 /*
3024 * For either live processes or cores, the single LWP case is easy:
3025 * the pstatus_t contains the lwpstatus_t for the only LWP.
3026 */
3027 if (P->status.pr_nlwp <= 1)
3028 return (func(cd, &P->status.pr_lwp));
3029
3030 /*
3031 * For the core file multi-LWP case, we just iterate through the
3032 * list of LWP structs we read in from the core file.
3033 */
3034 if (P->state == PS_DEAD) {
3035 core_info_t *core = P->data;
3036 lwp_info_t *lwp;
3037
3038 for (lwp = list_tail(&core->core_lwp_head); lwp != NULL;
3039 lwp = list_prev(&core->core_lwp_head, lwp)) {
3040 if (lwp->lwp_psinfo.pr_sname != 'Z' &&
3041 (rv = func(cd, &lwp->lwp_status)) != 0)
3042 break;
3043 }
3044
3045 return (rv);
3046 }
3047
3048 /*
3049 * For the live process multi-LWP case, we have to work a little
3050 * harder: the /proc/pid/lstatus file has the array of LWP structs.
3051 */
3052 if ((Lhp = Plstatus(P)) == NULL)
3053 return (-1);
3054
3055 for (nlwp = Lhp->pr_nent, Lsp = (lwpstatus_t *)(uintptr_t)(Lhp + 1);
3056 nlwp > 0;
3057 nlwp--, Lsp = (lwpstatus_t *)((uintptr_t)Lsp + Lhp->pr_entsize)) {
3058 if ((rv = func(cd, Lsp)) != 0)
3059 break;
3060 }
3061
3062 free(Lhp);
3063 return (rv);
3064 }
3065
3066 /*
3067 * Extended LWP iteration interface.
3068 * Iterate over all LWPs, active and zombie.
3069 */
3070 int
Plwp_iter_all(struct ps_prochandle * P,proc_lwp_all_f * func,void * cd)3071 Plwp_iter_all(struct ps_prochandle *P, proc_lwp_all_f *func, void *cd)
3072 {
3073 prheader_t *Lhp = NULL;
3074 lwpstatus_t *Lsp;
3075 lwpstatus_t *sp;
3076 prheader_t *Lphp = NULL;
3077 lwpsinfo_t *Lpsp;
3078 long nstat;
3079 long ninfo;
3080 int rv;
3081
3082 retry:
3083 if (Lhp != NULL)
3084 free(Lhp);
3085 if (Lphp != NULL)
3086 free(Lphp);
3087 if (P->state == PS_RUN)
3088 (void) Pstopstatus(P, PCNULL, 0);
3089 (void) Ppsinfo(P);
3090
3091 if (P->state == PS_STOP)
3092 Psync(P);
3093
3094 /*
3095 * For either live processes or cores, the single LWP case is easy:
3096 * the pstatus_t contains the lwpstatus_t for the only LWP and
3097 * the psinfo_t contains the lwpsinfo_t for the only LWP.
3098 */
3099 if (P->status.pr_nlwp + P->status.pr_nzomb <= 1)
3100 return (func(cd, &P->status.pr_lwp, &P->psinfo.pr_lwp));
3101
3102 /*
3103 * For the core file multi-LWP case, we just iterate through the
3104 * list of LWP structs we read in from the core file.
3105 */
3106 if (P->state == PS_DEAD) {
3107 core_info_t *core = P->data;
3108 lwp_info_t *lwp;
3109
3110 for (lwp = list_tail(&core->core_lwp_head); lwp != NULL;
3111 lwp = list_prev(&core->core_lwp_head, lwp)) {
3112 sp = (lwp->lwp_psinfo.pr_sname == 'Z')? NULL :
3113 &lwp->lwp_status;
3114 if ((rv = func(cd, sp, &lwp->lwp_psinfo)) != 0)
3115 break;
3116 }
3117
3118 return (rv);
3119 }
3120
3121 /*
3122 * For all other cases retrieve the array of lwpstatus_t's and
3123 * lwpsinfo_t's.
3124 */
3125 if ((Lhp = Plstatus(P)) == NULL)
3126 return (-1);
3127 if ((Lphp = Plpsinfo(P)) == NULL) {
3128 free(Lhp);
3129 return (-1);
3130 }
3131
3132 /*
3133 * If we are looking at a running process, or one we do not control,
3134 * the active and zombie lwps in the process may have changed since
3135 * we read the process status structure. If so, just start over.
3136 */
3137 if (Lhp->pr_nent != P->status.pr_nlwp ||
3138 Lphp->pr_nent != P->status.pr_nlwp + P->status.pr_nzomb)
3139 goto retry;
3140
3141 /*
3142 * To be perfectly safe, prescan the two arrays, checking consistency.
3143 * We rely on /proc giving us lwpstatus_t's and lwpsinfo_t's in the
3144 * same order (the lwp directory order) in their respective files.
3145 * We also rely on there being (possibly) more lwpsinfo_t's than
3146 * lwpstatus_t's (the extra lwpsinfo_t's are for zombie lwps).
3147 */
3148 Lsp = (lwpstatus_t *)(uintptr_t)(Lhp + 1);
3149 Lpsp = (lwpsinfo_t *)(uintptr_t)(Lphp + 1);
3150 nstat = Lhp->pr_nent;
3151 for (ninfo = Lphp->pr_nent; ninfo != 0; ninfo--) {
3152 if (Lpsp->pr_sname != 'Z') {
3153 /*
3154 * Not a zombie lwp; check for matching lwpids.
3155 */
3156 if (nstat == 0 || Lsp->pr_lwpid != Lpsp->pr_lwpid)
3157 goto retry;
3158 Lsp = (lwpstatus_t *)((uintptr_t)Lsp + Lhp->pr_entsize);
3159 nstat--;
3160 }
3161 Lpsp = (lwpsinfo_t *)((uintptr_t)Lpsp + Lphp->pr_entsize);
3162 }
3163 if (nstat != 0)
3164 goto retry;
3165
3166 /*
3167 * Rescan, this time for real.
3168 */
3169 Lsp = (lwpstatus_t *)(uintptr_t)(Lhp + 1);
3170 Lpsp = (lwpsinfo_t *)(uintptr_t)(Lphp + 1);
3171 for (ninfo = Lphp->pr_nent; ninfo != 0; ninfo--) {
3172 if (Lpsp->pr_sname != 'Z') {
3173 sp = Lsp;
3174 Lsp = (lwpstatus_t *)((uintptr_t)Lsp + Lhp->pr_entsize);
3175 } else {
3176 sp = NULL;
3177 }
3178 if ((rv = func(cd, sp, Lpsp)) != 0)
3179 break;
3180 Lpsp = (lwpsinfo_t *)((uintptr_t)Lpsp + Lphp->pr_entsize);
3181 }
3182
3183 free(Lhp);
3184 free(Lphp);
3185 return (rv);
3186 }
3187
3188 core_content_t
Pcontent(struct ps_prochandle * P)3189 Pcontent(struct ps_prochandle *P)
3190 {
3191 core_info_t *core = P->data;
3192
3193 if (P->state == PS_DEAD)
3194 return (core->core_content);
3195 if (P->state == PS_IDLE)
3196 return (CC_CONTENT_TEXT | CC_CONTENT_DATA | CC_CONTENT_CTF);
3197
3198 return (CC_CONTENT_ALL);
3199 }
3200
3201 /*
3202 * =================================================================
3203 * The remainder of the functions in this file are for the
3204 * control of individual LWPs in the controlled process.
3205 * =================================================================
3206 */
3207
3208 /*
3209 * Find an entry in the process hash table for the specified lwpid.
3210 * The entry will either point to an existing struct ps_lwphandle
3211 * or it will point to an empty slot for a new struct ps_lwphandle.
3212 */
3213 static struct ps_lwphandle **
Lfind_slot(struct ps_prochandle * P,lwpid_t lwpid)3214 Lfind_slot(struct ps_prochandle *P, lwpid_t lwpid)
3215 {
3216 struct ps_lwphandle **Lp;
3217 struct ps_lwphandle *L;
3218
3219 for (Lp = &P->hashtab[lwpid % (HASHSIZE - 1)];
3220 (L = *Lp) != NULL; Lp = &L->lwp_hash)
3221 if (L->lwp_id == lwpid)
3222 break;
3223 return (Lp);
3224 }
3225
3226 /*
3227 * A wrapper around Lfind_slot() that is suitable for the rest of the internal
3228 * consumers who don't care about a slot, merely existence.
3229 */
3230 struct ps_lwphandle *
Lfind(struct ps_prochandle * P,lwpid_t lwpid)3231 Lfind(struct ps_prochandle *P, lwpid_t lwpid)
3232 {
3233 if (P->hashtab == NULL) {
3234 return (NULL);
3235 }
3236
3237 return (*Lfind_slot(P, lwpid));
3238 }
3239
3240 /*
3241 * Grab an LWP contained within the controlled process.
3242 * Return an opaque pointer to its LWP control structure.
3243 * perr: pointer to error return code.
3244 */
3245 struct ps_lwphandle *
Lgrab(struct ps_prochandle * P,lwpid_t lwpid,int * perr)3246 Lgrab(struct ps_prochandle *P, lwpid_t lwpid, int *perr)
3247 {
3248 struct ps_lwphandle **Lp;
3249 struct ps_lwphandle *L;
3250 int fd;
3251 char procname[PATH_MAX];
3252 char *fname;
3253 int rc = 0;
3254
3255 (void) mutex_lock(&P->proc_lock);
3256
3257 if (P->state == PS_UNDEAD || P->state == PS_IDLE)
3258 rc = G_NOPROC;
3259 else if (P->hashtab == NULL &&
3260 (P->hashtab = calloc(HASHSIZE, sizeof (struct ps_lwphandle *)))
3261 == NULL)
3262 rc = G_STRANGE;
3263 else if (*(Lp = Lfind_slot(P, lwpid)) != NULL)
3264 rc = G_BUSY;
3265 else if ((L = malloc(sizeof (struct ps_lwphandle))) == NULL)
3266 rc = G_STRANGE;
3267 if (rc) {
3268 *perr = rc;
3269 (void) mutex_unlock(&P->proc_lock);
3270 return (NULL);
3271 }
3272
3273 (void) memset(L, 0, sizeof (*L));
3274 L->lwp_ctlfd = -1;
3275 L->lwp_statfd = -1;
3276 L->lwp_proc = P;
3277 L->lwp_id = lwpid;
3278 *Lp = L; /* insert into the hash table */
3279
3280 if (P->state == PS_DEAD) { /* core file */
3281 if (getlwpstatus(P, lwpid, &L->lwp_status) == -1) {
3282 rc = G_NOPROC;
3283 goto err;
3284 }
3285 L->lwp_state = PS_DEAD;
3286 *perr = 0;
3287 (void) mutex_unlock(&P->proc_lock);
3288 return (L);
3289 }
3290
3291 /*
3292 * Open the /proc/<pid>/lwp/<lwpid> files
3293 */
3294 (void) snprintf(procname, sizeof (procname), "%s/%d/lwp/%d/",
3295 procfs_path, (int)P->pid, (int)lwpid);
3296 fname = procname + strlen(procname);
3297 (void) set_minfd();
3298
3299 (void) strcpy(fname, "lwpstatus");
3300 if ((fd = open(procname, O_RDONLY)) < 0 ||
3301 (fd = dupfd(fd, 0)) < 0) {
3302 switch (errno) {
3303 case ENOENT:
3304 rc = G_NOPROC;
3305 break;
3306 default:
3307 dprintf("Lgrab: failed to open %s: %s\n",
3308 procname, strerror(errno));
3309 rc = G_STRANGE;
3310 break;
3311 }
3312 goto err;
3313 }
3314 L->lwp_statfd = fd;
3315
3316 if (pread(fd, &L->lwp_status, sizeof (L->lwp_status), (off_t)0) < 0) {
3317 switch (errno) {
3318 case ENOENT:
3319 rc = G_NOPROC;
3320 break;
3321 default:
3322 dprintf("Lgrab: failed to read %s: %s\n",
3323 procname, strerror(errno));
3324 rc = G_STRANGE;
3325 break;
3326 }
3327 goto err;
3328 }
3329
3330 (void) strcpy(fname, "lwpctl");
3331 if ((fd = open(procname, O_WRONLY)) < 0 ||
3332 (fd = dupfd(fd, 0)) < 0) {
3333 switch (errno) {
3334 case ENOENT:
3335 rc = G_NOPROC;
3336 break;
3337 default:
3338 dprintf("Lgrab: failed to open %s: %s\n",
3339 procname, strerror(errno));
3340 rc = G_STRANGE;
3341 break;
3342 }
3343 goto err;
3344 }
3345 L->lwp_ctlfd = fd;
3346
3347 L->lwp_state =
3348 ((L->lwp_status.pr_flags & (PR_STOPPED|PR_ISTOP))
3349 == (PR_STOPPED|PR_ISTOP))?
3350 PS_STOP : PS_RUN;
3351
3352 *perr = 0;
3353 (void) mutex_unlock(&P->proc_lock);
3354 return (L);
3355
3356 err:
3357 Lfree_internal(P, L);
3358 *perr = rc;
3359 (void) mutex_unlock(&P->proc_lock);
3360 return (NULL);
3361 }
3362
3363 /*
3364 * Return a printable string corresponding to an Lgrab() error return.
3365 */
3366 const char *
Lgrab_error(int error)3367 Lgrab_error(int error)
3368 {
3369 const char *str;
3370
3371 switch (error) {
3372 case G_NOPROC:
3373 str = "no such LWP";
3374 break;
3375 case G_BUSY:
3376 str = "LWP already grabbed";
3377 break;
3378 case G_STRANGE:
3379 str = "unanticipated system error";
3380 break;
3381 default:
3382 str = "unknown error";
3383 break;
3384 }
3385
3386 return (str);
3387 }
3388
3389 /*
3390 * Free an LWP control structure.
3391 */
3392 void
Lfree(struct ps_lwphandle * L)3393 Lfree(struct ps_lwphandle *L)
3394 {
3395 struct ps_prochandle *P = L->lwp_proc;
3396
3397 (void) mutex_lock(&P->proc_lock);
3398 Lfree_internal(P, L);
3399 (void) mutex_unlock(&P->proc_lock);
3400 }
3401
3402 static void
Lfree_internal(struct ps_prochandle * P,struct ps_lwphandle * L)3403 Lfree_internal(struct ps_prochandle *P, struct ps_lwphandle *L)
3404 {
3405 *Lfind_slot(P, L->lwp_id) = L->lwp_hash; /* delete from hash table */
3406 if (L->lwp_ctlfd >= 0)
3407 (void) close(L->lwp_ctlfd);
3408 if (L->lwp_statfd >= 0)
3409 (void) close(L->lwp_statfd);
3410
3411 /* clear out the structure as a precaution against reuse */
3412 (void) memset(L, 0, sizeof (*L));
3413 L->lwp_ctlfd = -1;
3414 L->lwp_statfd = -1;
3415
3416 free(L);
3417 }
3418
3419 /*
3420 * Return the state of the process, one of the PS_* values.
3421 */
3422 int
Lstate(struct ps_lwphandle * L)3423 Lstate(struct ps_lwphandle *L)
3424 {
3425 return (L->lwp_state);
3426 }
3427
3428 /*
3429 * Return the open control file descriptor for the LWP.
3430 * Clients must not close this file descriptor, nor use it
3431 * after the LWP is freed.
3432 */
3433 int
Lctlfd(struct ps_lwphandle * L)3434 Lctlfd(struct ps_lwphandle *L)
3435 {
3436 return (L->lwp_ctlfd);
3437 }
3438
3439 /*
3440 * Return a pointer to the LWP lwpsinfo structure.
3441 * Clients should not hold on to this pointer indefinitely.
3442 * It will become invalid on Lfree().
3443 */
3444 const lwpsinfo_t *
Lpsinfo(struct ps_lwphandle * L)3445 Lpsinfo(struct ps_lwphandle *L)
3446 {
3447 if (Plwp_getpsinfo(L->lwp_proc, L->lwp_id, &L->lwp_psinfo) == -1)
3448 return (NULL);
3449
3450 return (&L->lwp_psinfo);
3451 }
3452
3453 /*
3454 * Return a pointer to the LWP status structure.
3455 * Clients should not hold on to this pointer indefinitely.
3456 * It will become invalid on Lfree().
3457 */
3458 const lwpstatus_t *
Lstatus(struct ps_lwphandle * L)3459 Lstatus(struct ps_lwphandle *L)
3460 {
3461 return (&L->lwp_status);
3462 }
3463
3464 /*
3465 * Given an LWP handle, return the process handle.
3466 */
3467 struct ps_prochandle *
Lprochandle(struct ps_lwphandle * L)3468 Lprochandle(struct ps_lwphandle *L)
3469 {
3470 return (L->lwp_proc);
3471 }
3472
3473 /*
3474 * Ensure that all cached state is written to the LWP.
3475 * The cached state is the LWP's signal mask and registers.
3476 */
3477 void
Lsync(struct ps_lwphandle * L)3478 Lsync(struct ps_lwphandle *L)
3479 {
3480 int ctlfd = L->lwp_ctlfd;
3481 long cmd[2];
3482 iovec_t iov[4];
3483 int n = 0;
3484
3485 if (L->lwp_flags & SETHOLD) {
3486 cmd[0] = PCSHOLD;
3487 iov[n].iov_base = (caddr_t)&cmd[0];
3488 iov[n++].iov_len = sizeof (long);
3489 iov[n].iov_base = (caddr_t)&L->lwp_status.pr_lwphold;
3490 iov[n++].iov_len = sizeof (L->lwp_status.pr_lwphold);
3491 }
3492 if (L->lwp_flags & SETREGS) {
3493 cmd[1] = PCSREG;
3494 iov[n].iov_base = (caddr_t)&cmd[1];
3495 iov[n++].iov_len = sizeof (long);
3496 iov[n].iov_base = (caddr_t)&L->lwp_status.pr_reg[0];
3497 iov[n++].iov_len = sizeof (L->lwp_status.pr_reg);
3498 }
3499
3500 if (n == 0 || writev(ctlfd, iov, n) < 0)
3501 return; /* nothing to do or write failed */
3502
3503 L->lwp_flags &= ~(SETHOLD|SETREGS);
3504 }
3505
3506 /*
3507 * Wait for the specified LWP to stop or terminate.
3508 * Or, just get the current status (PCNULL).
3509 * Or, direct it to stop and get the current status (PCDSTOP).
3510 */
3511 int
Lstopstatus(struct ps_lwphandle * L,long request,uint_t msec)3512 Lstopstatus(struct ps_lwphandle *L,
3513 long request, /* PCNULL, PCDSTOP, PCSTOP, PCWSTOP */
3514 uint_t msec) /* if non-zero, timeout in milliseconds */
3515 {
3516 int ctlfd = L->lwp_ctlfd;
3517 long ctl[3];
3518 ssize_t rc;
3519 int err;
3520
3521 switch (L->lwp_state) {
3522 case PS_RUN:
3523 break;
3524 case PS_STOP:
3525 if (request != PCNULL && request != PCDSTOP)
3526 return (0);
3527 break;
3528 case PS_LOST:
3529 if (request != PCNULL) {
3530 errno = EAGAIN;
3531 return (-1);
3532 }
3533 break;
3534 case PS_UNDEAD:
3535 case PS_DEAD:
3536 if (request != PCNULL) {
3537 errno = ENOENT;
3538 return (-1);
3539 }
3540 break;
3541 default: /* corrupted state */
3542 dprintf("Lstopstatus: corrupted state: %d\n", L->lwp_state);
3543 errno = EINVAL;
3544 return (-1);
3545 }
3546
3547 ctl[0] = PCDSTOP;
3548 ctl[1] = PCTWSTOP;
3549 ctl[2] = (long)msec;
3550 rc = 0;
3551 switch (request) {
3552 case PCSTOP:
3553 rc = write(ctlfd, &ctl[0], 3*sizeof (long));
3554 break;
3555 case PCWSTOP:
3556 rc = write(ctlfd, &ctl[1], 2*sizeof (long));
3557 break;
3558 case PCDSTOP:
3559 rc = write(ctlfd, &ctl[0], 1*sizeof (long));
3560 break;
3561 case PCNULL:
3562 if (L->lwp_state == PS_DEAD)
3563 return (0); /* Nothing else to do for cores */
3564 break;
3565 default: /* programming error */
3566 errno = EINVAL;
3567 return (-1);
3568 }
3569 err = (rc < 0)? errno : 0;
3570 Lsync(L);
3571
3572 if (pread(L->lwp_statfd, &L->lwp_status,
3573 sizeof (L->lwp_status), (off_t)0) < 0)
3574 err = errno;
3575
3576 if (err) {
3577 switch (err) {
3578 case EINTR: /* user typed ctl-C */
3579 case ERESTART:
3580 dprintf("Lstopstatus: EINTR\n");
3581 break;
3582 case EAGAIN: /* we lost control of the the process */
3583 dprintf("Lstopstatus: EAGAIN\n");
3584 L->lwp_state = PS_LOST;
3585 errno = err;
3586 return (-1);
3587 default:
3588 if (_libproc_debug) {
3589 const char *errstr;
3590
3591 switch (request) {
3592 case PCNULL:
3593 errstr = "Lstopstatus PCNULL"; break;
3594 case PCSTOP:
3595 errstr = "Lstopstatus PCSTOP"; break;
3596 case PCDSTOP:
3597 errstr = "Lstopstatus PCDSTOP"; break;
3598 case PCWSTOP:
3599 errstr = "Lstopstatus PCWSTOP"; break;
3600 default:
3601 errstr = "Lstopstatus PC???"; break;
3602 }
3603 dprintf("%s: %s\n", errstr, strerror(err));
3604 }
3605 L->lwp_state = PS_UNDEAD;
3606 errno = err;
3607 return (-1);
3608 }
3609 }
3610
3611 if ((L->lwp_status.pr_flags & (PR_STOPPED|PR_ISTOP))
3612 != (PR_STOPPED|PR_ISTOP)) {
3613 L->lwp_state = PS_RUN;
3614 if (request == PCNULL || request == PCDSTOP || msec != 0)
3615 return (0);
3616 dprintf("Lstopstatus: LWP is not stopped\n");
3617 errno = EPROTO;
3618 return (-1);
3619 }
3620
3621 L->lwp_state = PS_STOP;
3622
3623 if (_libproc_debug) /* debugging */
3624 prldump("Lstopstatus", &L->lwp_status);
3625
3626 switch (L->lwp_status.pr_why) {
3627 case PR_SYSENTRY:
3628 case PR_SYSEXIT:
3629 case PR_REQUESTED:
3630 case PR_SIGNALLED:
3631 case PR_FAULTED:
3632 case PR_JOBCONTROL:
3633 case PR_SUSPENDED:
3634 break;
3635 default:
3636 errno = EPROTO;
3637 return (-1);
3638 }
3639
3640 return (0);
3641 }
3642
3643 /*
3644 * Wait for the LWP to stop for any reason.
3645 */
3646 int
Lwait(struct ps_lwphandle * L,uint_t msec)3647 Lwait(struct ps_lwphandle *L, uint_t msec)
3648 {
3649 return (Lstopstatus(L, PCWSTOP, msec));
3650 }
3651
3652 /*
3653 * Direct the LWP to stop; wait for it to stop.
3654 */
3655 int
Lstop(struct ps_lwphandle * L,uint_t msec)3656 Lstop(struct ps_lwphandle *L, uint_t msec)
3657 {
3658 return (Lstopstatus(L, PCSTOP, msec));
3659 }
3660
3661 /*
3662 * Direct the LWP to stop; don't wait.
3663 */
3664 int
Ldstop(struct ps_lwphandle * L)3665 Ldstop(struct ps_lwphandle *L)
3666 {
3667 return (Lstopstatus(L, PCDSTOP, 0));
3668 }
3669
3670 /*
3671 * Get the value of one register from stopped LWP.
3672 */
3673 int
Lgetareg(struct ps_lwphandle * L,int regno,prgreg_t * preg)3674 Lgetareg(struct ps_lwphandle *L, int regno, prgreg_t *preg)
3675 {
3676 if (regno < 0 || regno >= NPRGREG) {
3677 errno = EINVAL;
3678 return (-1);
3679 }
3680
3681 if (L->lwp_state != PS_STOP) {
3682 errno = EBUSY;
3683 return (-1);
3684 }
3685
3686 *preg = L->lwp_status.pr_reg[regno];
3687 return (0);
3688 }
3689
3690 /*
3691 * Put value of one register into stopped LWP.
3692 */
3693 int
Lputareg(struct ps_lwphandle * L,int regno,prgreg_t reg)3694 Lputareg(struct ps_lwphandle *L, int regno, prgreg_t reg)
3695 {
3696 if (regno < 0 || regno >= NPRGREG) {
3697 errno = EINVAL;
3698 return (-1);
3699 }
3700
3701 if (L->lwp_state != PS_STOP) {
3702 errno = EBUSY;
3703 return (-1);
3704 }
3705
3706 L->lwp_status.pr_reg[regno] = reg;
3707 L->lwp_flags |= SETREGS; /* set registers before continuing */
3708 return (0);
3709 }
3710
3711 int
Lsetrun(struct ps_lwphandle * L,int sig,int flags)3712 Lsetrun(struct ps_lwphandle *L,
3713 int sig, /* signal to pass to LWP */
3714 int flags) /* PRSTEP|PRSABORT|PRSTOP|PRCSIG|PRCFAULT */
3715 {
3716 int ctlfd = L->lwp_ctlfd;
3717 int sbits = (PR_DSTOP | PR_ISTOP | PR_ASLEEP);
3718
3719 long ctl[1 + /* PCCFAULT */
3720 1 + sizeof (siginfo_t)/sizeof (long) + /* PCSSIG/PCCSIG */
3721 2 ]; /* PCRUN */
3722
3723 long *ctlp = ctl;
3724 size_t size;
3725
3726 if (L->lwp_state != PS_STOP &&
3727 (L->lwp_status.pr_flags & sbits) == 0) {
3728 errno = EBUSY;
3729 return (-1);
3730 }
3731
3732 Lsync(L); /* flush registers */
3733
3734 if (flags & PRCFAULT) { /* clear current fault */
3735 *ctlp++ = PCCFAULT;
3736 flags &= ~PRCFAULT;
3737 }
3738
3739 if (flags & PRCSIG) { /* clear current signal */
3740 *ctlp++ = PCCSIG;
3741 flags &= ~PRCSIG;
3742 } else if (sig && sig != L->lwp_status.pr_cursig) {
3743 /* make current signal */
3744 siginfo_t *infop;
3745
3746 *ctlp++ = PCSSIG;
3747 infop = (siginfo_t *)ctlp;
3748 (void) memset(infop, 0, sizeof (*infop));
3749 infop->si_signo = sig;
3750 ctlp += sizeof (siginfo_t) / sizeof (long);
3751 }
3752
3753 *ctlp++ = PCRUN;
3754 *ctlp++ = flags;
3755 size = (char *)ctlp - (char *)ctl;
3756
3757 L->lwp_proc->info_valid = 0; /* will need to update map and file info */
3758 L->lwp_proc->state = PS_RUN;
3759 L->lwp_state = PS_RUN;
3760
3761 if (write(ctlfd, ctl, size) != size) {
3762 /* Pretend that a job-stopped LWP is running */
3763 if (errno != EBUSY || L->lwp_status.pr_why != PR_JOBCONTROL)
3764 return (Lstopstatus(L, PCNULL, 0));
3765 }
3766
3767 return (0);
3768 }
3769
3770 int
Lclearsig(struct ps_lwphandle * L)3771 Lclearsig(struct ps_lwphandle *L)
3772 {
3773 int ctlfd = L->lwp_ctlfd;
3774 long ctl = PCCSIG;
3775
3776 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
3777 return (-1);
3778 L->lwp_status.pr_cursig = 0;
3779 return (0);
3780 }
3781
3782 int
Lclearfault(struct ps_lwphandle * L)3783 Lclearfault(struct ps_lwphandle *L)
3784 {
3785 int ctlfd = L->lwp_ctlfd;
3786 long ctl = PCCFAULT;
3787
3788 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
3789 return (-1);
3790 return (0);
3791 }
3792
3793 /*
3794 * Step over a breakpoint, i.e., execute the instruction that
3795 * really belongs at the breakpoint location (the current %pc)
3796 * and leave the LWP stopped at the next instruction.
3797 */
3798 int
Lxecbkpt(struct ps_lwphandle * L,ulong_t saved)3799 Lxecbkpt(struct ps_lwphandle *L, ulong_t saved)
3800 {
3801 struct ps_prochandle *P = L->lwp_proc;
3802 int rv, error;
3803
3804 if (L->lwp_state != PS_STOP) {
3805 errno = EBUSY;
3806 return (-1);
3807 }
3808
3809 Lsync(L);
3810 error = execute_bkpt(L->lwp_ctlfd,
3811 &P->status.pr_flttrace, &L->lwp_status.pr_lwphold,
3812 L->lwp_status.pr_reg[R_PC], saved);
3813 rv = Lstopstatus(L, PCNULL, 0);
3814
3815 if (error != 0) {
3816 if (L->lwp_status.pr_why == PR_JOBCONTROL &&
3817 error == EBUSY) { /* jobcontrol stop -- back off */
3818 L->lwp_state = PS_RUN;
3819 return (0);
3820 }
3821 if (error == ENOENT)
3822 return (0);
3823 errno = error;
3824 return (-1);
3825 }
3826
3827 return (rv);
3828 }
3829
3830 /*
3831 * Step over a watchpoint, i.e., execute the instruction that was stopped by
3832 * the watchpoint, and then leave the LWP stopped at the next instruction.
3833 */
3834 int
Lxecwapt(struct ps_lwphandle * L,const prwatch_t * wp)3835 Lxecwapt(struct ps_lwphandle *L, const prwatch_t *wp)
3836 {
3837 struct ps_prochandle *P = L->lwp_proc;
3838 int rv, error;
3839
3840 if (L->lwp_state != PS_STOP) {
3841 errno = EBUSY;
3842 return (-1);
3843 }
3844
3845 Lsync(L);
3846 error = execute_wapt(L->lwp_ctlfd,
3847 &P->status.pr_flttrace, &L->lwp_status.pr_lwphold, wp);
3848 rv = Lstopstatus(L, PCNULL, 0);
3849
3850 if (error != 0) {
3851 if (L->lwp_status.pr_why == PR_JOBCONTROL &&
3852 error == EBUSY) { /* jobcontrol stop -- back off */
3853 L->lwp_state = PS_RUN;
3854 return (0);
3855 }
3856 if (error == ENOENT)
3857 return (0);
3858 errno = error;
3859 return (-1);
3860 }
3861
3862 return (rv);
3863 }
3864
3865 int
Lstack(struct ps_lwphandle * L,stack_t * stkp)3866 Lstack(struct ps_lwphandle *L, stack_t *stkp)
3867 {
3868 struct ps_prochandle *P = L->lwp_proc;
3869 uintptr_t addr = L->lwp_status.pr_ustack;
3870
3871 if (P->status.pr_dmodel == PR_MODEL_NATIVE) {
3872 if (Pread(P, stkp, sizeof (*stkp), addr) != sizeof (*stkp))
3873 return (-1);
3874 #ifdef _LP64
3875 } else {
3876 stack32_t stk32;
3877
3878 if (Pread(P, &stk32, sizeof (stk32), addr) != sizeof (stk32))
3879 return (-1);
3880
3881 stack_32_to_n(&stk32, stkp);
3882 #endif
3883 }
3884
3885 return (0);
3886 }
3887
3888 int
Lmain_stack(struct ps_lwphandle * L,stack_t * stkp)3889 Lmain_stack(struct ps_lwphandle *L, stack_t *stkp)
3890 {
3891 struct ps_prochandle *P = L->lwp_proc;
3892
3893 if (Lstack(L, stkp) != 0)
3894 return (-1);
3895
3896 /*
3897 * If the SS_ONSTACK flag is set then this LWP is operating on the
3898 * alternate signal stack. We can recover the original stack from
3899 * pr_oldcontext.
3900 */
3901 if (!(stkp->ss_flags & SS_ONSTACK))
3902 return (0);
3903
3904 if (P->status.pr_dmodel == PR_MODEL_NATIVE) {
3905 ucontext_t *ctxp = (void *)L->lwp_status.pr_oldcontext;
3906
3907 if (Pread(P, stkp, sizeof (*stkp),
3908 (uintptr_t)&ctxp->uc_stack) != sizeof (*stkp))
3909 return (-1);
3910 #ifdef _LP64
3911 } else {
3912 ucontext32_t *ctxp = (void *)L->lwp_status.pr_oldcontext;
3913 stack32_t stk32;
3914
3915 if (Pread(P, &stk32, sizeof (stk32),
3916 (uintptr_t)&ctxp->uc_stack) != sizeof (stk32))
3917 return (-1);
3918
3919 stack_32_to_n(&stk32, stkp);
3920 #endif
3921 }
3922
3923 return (0);
3924 }
3925
3926 int
Lalt_stack(struct ps_lwphandle * L,stack_t * stkp)3927 Lalt_stack(struct ps_lwphandle *L, stack_t *stkp)
3928 {
3929 if (L->lwp_status.pr_altstack.ss_flags & SS_DISABLE) {
3930 errno = ENODATA;
3931 return (-1);
3932 }
3933
3934 *stkp = L->lwp_status.pr_altstack;
3935
3936 return (0);
3937 }
3938
3939 /*
3940 * Add a mapping to the given proc handle. Resizes the array as appropriate and
3941 * manages reference counts on the given file_info_t.
3942 *
3943 * The 'map_relocate' member is used to tell Psort_mappings() that the
3944 * associated file_map pointer needs to be relocated after the mappings have
3945 * been sorted. It is only set for the first mapping, and has no meaning
3946 * outside these two functions.
3947 */
3948 int
Padd_mapping(struct ps_prochandle * P,off64_t off,file_info_t * fp,prmap_t * pmap)3949 Padd_mapping(struct ps_prochandle *P, off64_t off, file_info_t *fp,
3950 prmap_t *pmap)
3951 {
3952 map_info_t *mp;
3953
3954 if (P->map_count == P->map_alloc) {
3955 size_t next = P->map_alloc ? P->map_alloc * 2 : 16;
3956
3957 if ((P->mappings = realloc(P->mappings,
3958 next * sizeof (map_info_t))) == NULL)
3959 return (-1);
3960
3961 P->map_alloc = next;
3962 }
3963
3964 mp = &P->mappings[P->map_count++];
3965
3966 mp->map_offset = off;
3967 mp->map_pmap = *pmap;
3968 mp->map_relocate = 0;
3969 if ((mp->map_file = fp) != NULL) {
3970 if (fp->file_map == NULL) {
3971 fp->file_map = mp;
3972 mp->map_relocate = 1;
3973 }
3974 fp->file_ref++;
3975 }
3976
3977 return (0);
3978 }
3979
3980 static int
map_sort(const void * a,const void * b)3981 map_sort(const void *a, const void *b)
3982 {
3983 const map_info_t *ap = a, *bp = b;
3984
3985 if (ap->map_pmap.pr_vaddr < bp->map_pmap.pr_vaddr)
3986 return (-1);
3987 else if (ap->map_pmap.pr_vaddr > bp->map_pmap.pr_vaddr)
3988 return (1);
3989 else
3990 return (0);
3991 }
3992
3993 /*
3994 * Sort the current set of mappings. Should be called during target
3995 * initialization after all calls to Padd_mapping() have been made.
3996 */
3997 void
Psort_mappings(struct ps_prochandle * P)3998 Psort_mappings(struct ps_prochandle *P)
3999 {
4000 int i;
4001 map_info_t *mp;
4002
4003 qsort(P->mappings, P->map_count, sizeof (map_info_t), map_sort);
4004
4005 /*
4006 * Update all the file_map pointers to refer to the new locations.
4007 */
4008 for (i = 0; i < P->map_count; i++) {
4009 mp = &P->mappings[i];
4010 if (mp->map_relocate)
4011 mp->map_file->file_map = mp;
4012 mp->map_relocate = 0;
4013 }
4014 }
4015
4016 struct ps_prochandle *
Pgrab_ops(pid_t pid,void * data,const ps_ops_t * ops,int flags)4017 Pgrab_ops(pid_t pid, void *data, const ps_ops_t *ops, int flags)
4018 {
4019 struct ps_prochandle *P;
4020
4021 if ((P = calloc(1, sizeof (*P))) == NULL) {
4022 return (NULL);
4023 }
4024
4025 Pinit_ops(&P->ops, ops);
4026 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL);
4027 P->pid = pid;
4028 P->state = PS_STOP;
4029 P->asfd = -1;
4030 P->ctlfd = -1;
4031 P->statfd = -1;
4032 P->agentctlfd = -1;
4033 P->agentstatfd = -1;
4034 Pinitsym(P);
4035 Pinitfd(P);
4036 P->data = data;
4037 Pread_status(P);
4038
4039 if (flags & PGRAB_INCORE) {
4040 P->flags |= INCORE;
4041 }
4042
4043 return (P);
4044 }
4045