1 /* $OpenBSD: ktrace.h,v 1.40 2021/03/10 10:21:47 jsg Exp $ */ 2 /* $NetBSD: ktrace.h,v 1.12 1996/02/04 02:12:29 christos Exp $ */ 3 4 /* 5 * Copyright (c) 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * @(#)ktrace.h 8.1 (Berkeley) 6/2/93 33 */ 34 35 #include <sys/uio.h> 36 37 /* 38 * operations to ktrace system call (KTROP(op)) 39 */ 40 #define KTROP_SET 0 /* set trace points */ 41 #define KTROP_CLEAR 1 /* clear trace points */ 42 #define KTROP_CLEARFILE 2 /* stop all tracing to file */ 43 #define KTROP(o) ((o)&3) /* macro to extract operation */ 44 /* 45 * flags (ORed in with operation) 46 */ 47 #define KTRFLAG_DESCEND 4 /* perform op on all children too */ 48 49 /* 50 * ktrace record header 51 */ 52 struct ktr_header { 53 uint ktr_type; /* trace record type */ 54 pid_t ktr_pid; /* process id */ 55 pid_t ktr_tid; /* thread id */ 56 struct timespec ktr_time; /* timestamp */ 57 char ktr_comm[MAXCOMLEN+1]; /* command name */ 58 size_t ktr_len; /* length of buf */ 59 }; 60 61 /* 62 * ktrace record types 63 */ 64 65 /* 66 * KTR_START - start of trace record, one per ktrace(KTROP_SET) syscall 67 */ 68 #define KTR_START 0x4b545200 /* "KTR" */ 69 70 /* 71 * KTR_SYSCALL - system call record 72 */ 73 #define KTR_SYSCALL 1 74 struct ktr_syscall { 75 int ktr_code; /* syscall number */ 76 int ktr_argsize; /* size of arguments */ 77 /* 78 * followed by ktr_argsize/sizeof(register_t) "register_t"s 79 */ 80 }; 81 82 /* 83 * KTR_SYSRET - return from system call record 84 */ 85 #define KTR_SYSRET 2 86 struct ktr_sysret { 87 int ktr_code; 88 int ktr_error; 89 /* 90 * If ktr_error is zero, then followed by retval: register_t for 91 * all syscalls except lseek(), which uses long long 92 */ 93 }; 94 95 /* 96 * KTR_NAMEI - namei record 97 */ 98 #define KTR_NAMEI 3 99 /* record contains pathname */ 100 101 /* 102 * KTR_GENIO - trace generic process i/o 103 */ 104 #define KTR_GENIO 4 105 struct ktr_genio { 106 int ktr_fd; 107 enum uio_rw ktr_rw; 108 /* 109 * followed by data successfully read/written 110 */ 111 }; 112 113 /* 114 * KTR_PSIG - trace processed signal 115 */ 116 #define KTR_PSIG 5 117 struct ktr_psig { 118 int signo; 119 sig_t action; 120 int mask; 121 int code; 122 siginfo_t si; 123 }; 124 125 /* 126 * KTR_STRUCT - misc. structs 127 */ 128 #define KTR_STRUCT 8 129 /* 130 * record contains null-terminated struct name followed by 131 * struct contents 132 */ 133 struct sockaddr; 134 struct stat; 135 136 /* 137 * KTR_USER - user record 138 */ 139 #define KTR_USER 9 140 #define KTR_USER_MAXIDLEN 20 141 #define KTR_USER_MAXLEN 2048 /* maximum length of passed data */ 142 struct ktr_user { 143 char ktr_id[KTR_USER_MAXIDLEN]; /* string id of caller */ 144 /* 145 * Followed by ktr_len - sizeof(struct ktr_user) of user data. 146 */ 147 }; 148 149 /* 150 * KTR_EXECARGS and KTR_EXECENV - args and environment records 151 */ 152 #define KTR_EXECARGS 10 153 #define KTR_EXECENV 11 154 155 156 /* 157 * KTR_PLEDGE - details of pledge violation 158 */ 159 #define KTR_PLEDGE 12 160 struct ktr_pledge { 161 int error; 162 int syscall; 163 uint64_t code; 164 }; 165 166 /* 167 * kernel trace points (in ps_traceflag) 168 */ 169 #define KTRFAC_MASK 0x00ffffff 170 #define KTRFAC_SYSCALL (1<<KTR_SYSCALL) 171 #define KTRFAC_SYSRET (1<<KTR_SYSRET) 172 #define KTRFAC_NAMEI (1<<KTR_NAMEI) 173 #define KTRFAC_GENIO (1<<KTR_GENIO) 174 #define KTRFAC_PSIG (1<<KTR_PSIG) 175 #define KTRFAC_STRUCT (1<<KTR_STRUCT) 176 #define KTRFAC_USER (1<<KTR_USER) 177 #define KTRFAC_EXECARGS (1<<KTR_EXECARGS) 178 #define KTRFAC_EXECENV (1<<KTR_EXECENV) 179 #define KTRFAC_PLEDGE (1<<KTR_PLEDGE) 180 181 /* 182 * trace flags (also in ps_traceflag) 183 */ 184 #define KTRFAC_ROOT 0x80000000U /* root set this trace */ 185 #define KTRFAC_INHERIT 0x40000000 /* pass trace flags to children */ 186 187 #ifndef _KERNEL 188 189 #include <sys/cdefs.h> 190 191 __BEGIN_DECLS 192 int ktrace(const char *, int, int, pid_t); 193 int utrace(const char *, const void *, size_t); 194 __END_DECLS 195 196 #else 197 198 /* 199 * Test for kernel trace point 200 */ 201 #define KTRPOINT(p, type) \ 202 ((p)->p_p->ps_traceflag & (1<<(type)) && ((p)->p_flag & P_INKTR) == 0) 203 204 void ktrgenio(struct proc *, int, enum uio_rw, struct iovec *, ssize_t); 205 void ktrnamei(struct proc *, char *); 206 void ktrpsig(struct proc *, int, sig_t, int, int, siginfo_t *); 207 void ktrsyscall(struct proc *, register_t, size_t, register_t []); 208 void ktrsysret(struct proc *, register_t, int, const register_t [2]); 209 int ktruser(struct proc *, const char *, const void *, size_t); 210 void ktrexec(struct proc *, int, const char *, ssize_t); 211 void ktrpledge(struct proc *, int, uint64_t, int); 212 213 void ktrcleartrace(struct process *); 214 void ktrsettrace(struct process *, int, struct vnode *, struct ucred *); 215 216 void ktrstruct(struct proc *, const char *, const void *, size_t); 217 #define ktrsockaddr(p, s, l) \ 218 ktrstruct((p), "sockaddr", (s), (l)) 219 #define ktrstat(p, s) \ 220 ktrstruct((p), "stat", (s), sizeof(struct stat)) 221 #define ktrabstimespec(p, s) \ 222 ktrstruct((p), "abstimespec", (s), sizeof(struct timespec)) 223 #define ktrreltimespec(p, s) \ 224 ktrstruct((p), "reltimespec", (s), sizeof(struct timespec)) 225 #define ktrabstimeval(p, s) \ 226 ktrstruct((p), "abstimeval", (s), sizeof(struct timeval)) 227 #define ktrreltimeval(p, s) \ 228 ktrstruct((p), "reltimeval", (s), sizeof(struct timeval)) 229 #define ktrsigaction(p, s) \ 230 ktrstruct((p), "sigaction", (s), sizeof(struct sigaction)) 231 #define ktrrlimit(p, s) \ 232 ktrstruct((p), "rlimit", (s), sizeof(struct rlimit)) 233 #define ktrrusage(p, s) \ 234 ktrstruct((p), "rusage", (s), sizeof(struct rusage)) 235 #define ktrfdset(p, s, l) \ 236 ktrstruct((p), "fdset", (s), l) 237 #define ktrquota(p, s) \ 238 ktrstruct((p), "quota", (s), sizeof(struct dqblk)) 239 #define ktrmsghdr(p, s) \ 240 ktrstruct(p, "msghdr", s, sizeof(struct msghdr)) 241 #define ktriovec(p, s, count) \ 242 ktrstruct(p, "iovec", s, (count) * sizeof(struct iovec)) 243 #define ktrcmsghdr(p, c, len) \ 244 ktrstruct(p, "cmsghdr", c, len) 245 #define ktrevent(p, kev, count) \ 246 ktrstruct(p, "kevent", kev, (count) * sizeof(struct kevent)) 247 #define ktrpollfd(p, pfd, count) \ 248 ktrstruct(p, "pollfd", pfd, (count) * sizeof(struct pollfd)) 249 #define ktrfds(p, fds, count) \ 250 ktrstruct(p, "fds", fds, (count) * sizeof(int)) 251 #define ktrflock(p, fl) \ 252 ktrstruct(p, "flock", (fl), sizeof(struct flock)) 253 254 #endif /* !_KERNEL */ 255