xref: /freebsd/sys/sys/ktrace.h (revision aa0a1e58) 
1 /*-
2  * Copyright (c) 1988, 1993
3  *	The Regents of the University of California.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  * 4. Neither the name of the University nor the names of its contributors
14  *    may be used to endorse or promote products derived from this software
15  *    without specific prior written permission.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  *
29  *	@(#)ktrace.h	8.1 (Berkeley) 6/2/93
30  * $FreeBSD$
31  */
32 
33 #ifndef _SYS_KTRACE_H_
34 #define _SYS_KTRACE_H_
35 
36 /*
37  * operations to ktrace system call  (KTROP(op))
38  */
39 #define KTROP_SET		0	/* set trace points */
40 #define KTROP_CLEAR		1	/* clear trace points */
41 #define KTROP_CLEARFILE		2	/* stop all tracing to file */
42 #define	KTROP(o)		((o)&3)	/* macro to extract operation */
43 /*
44  * flags (ORed in with operation)
45  */
46 #define KTRFLAG_DESCEND		4	/* perform op on all children too */
47 
48 /*
49  * ktrace record header
50  */
51 struct ktr_header {
52 	int	ktr_len;		/* length of buf */
53 	short	ktr_type;		/* trace record type */
54 	pid_t	ktr_pid;		/* process id */
55 	char	ktr_comm[MAXCOMLEN + 1];/* command name */
56 	struct	timeval ktr_time;	/* timestamp */
57 	intptr_t	ktr_tid;	/* was ktr_buffer */
58 };
59 
60 /*
61  * Test for kernel trace point (MP SAFE).
62  *
63  * KTRCHECK() just checks that the type is enabled and is only for
64  * internal use in the ktrace subsystem.  KTRPOINT() checks against
65  * ktrace recursion as well as checking that the type is enabled and
66  * is the public interface.
67  */
68 #define	KTRCHECK(td, type)	((td)->td_proc->p_traceflag & (1 << type))
69 #define KTRPOINT(td, type)						\
70 	(KTRCHECK((td), (type)) && !((td)->td_pflags & TDP_INKTRACE))
71 #define	KTRCHECKDRAIN(td)	(!(STAILQ_EMPTY(&(td)->td_proc->p_ktr)))
72 #define	KTRUSERRET(td) do {						\
73 	if (KTRCHECKDRAIN(td))						\
74 		ktruserret(td);						\
75 } while (0)
76 
77 /*
78  * ktrace record types
79  */
80 
81 /*
82  * KTR_SYSCALL - system call record
83  */
84 #define KTR_SYSCALL	1
85 struct ktr_syscall {
86 	short	ktr_code;		/* syscall number */
87 	short	ktr_narg;		/* number of arguments */
88 	/*
89 	 * followed by ktr_narg register_t
90 	 */
91 	register_t	ktr_args[1];
92 };
93 
94 /*
95  * KTR_SYSRET - return from system call record
96  */
97 #define KTR_SYSRET	2
98 struct ktr_sysret {
99 	short	ktr_code;
100 	short	ktr_eosys;
101 	int	ktr_error;
102 	register_t	ktr_retval;
103 };
104 
105 /*
106  * KTR_NAMEI - namei record
107  */
108 #define KTR_NAMEI	3
109 	/* record contains pathname */
110 
111 /*
112  * KTR_GENIO - trace generic process i/o
113  */
114 #define KTR_GENIO	4
115 struct ktr_genio {
116 	int	ktr_fd;
117 	enum	uio_rw ktr_rw;
118 	/*
119 	 * followed by data successfully read/written
120 	 */
121 };
122 
123 /*
124  * KTR_PSIG - trace processed signal
125  */
126 #define	KTR_PSIG	5
127 struct ktr_psig {
128 	int	signo;
129 	sig_t	action;
130 	int	code;
131 	sigset_t mask;
132 };
133 
134 /*
135  * KTR_CSW - trace context switches
136  */
137 #define KTR_CSW		6
138 struct ktr_csw {
139 	int	out;	/* 1 if switch out, 0 if switch in */
140 	int	user;	/* 1 if usermode (ivcsw), 0 if kernel (vcsw) */
141 };
142 
143 /*
144  * KTR_USER - data coming from userland
145  */
146 #define KTR_USER_MAXLEN	2048	/* maximum length of passed data */
147 #define KTR_USER	7
148 
149 /*
150  * KTR_STRUCT - misc. structs
151  */
152 #define KTR_STRUCT	8
153 	/*
154 	 * record contains null-terminated struct name followed by
155 	 * struct contents
156 	 */
157 struct sockaddr;
158 struct stat;
159 struct sysentvec;
160 
161 /*
162  * KTR_SYSCTL - name of a sysctl MIB
163  */
164 #define	KTR_SYSCTL	9
165 	/* record contains null-terminated MIB name */
166 
167 /*
168  * KTR_PROCCTOR - trace process creation (multiple ABI support)
169  */
170 #define KTR_PROCCTOR	10
171 struct ktr_proc_ctor {
172 	u_int	sv_flags;	/* struct sysentvec sv_flags copy */
173 };
174 
175 /*
176  * KTR_PROCDTOR - trace process destruction (multiple ABI support)
177  */
178 #define KTR_PROCDTOR	11
179 
180 /*
181  * KTR_DROP - If this bit is set in ktr_type, then at least one event
182  * between the previous record and this record was dropped.
183  */
184 #define	KTR_DROP	0x8000
185 
186 /*
187  * kernel trace points (in p_traceflag)
188  */
189 #define KTRFAC_MASK	0x00ffffff
190 #define KTRFAC_SYSCALL	(1<<KTR_SYSCALL)
191 #define KTRFAC_SYSRET	(1<<KTR_SYSRET)
192 #define KTRFAC_NAMEI	(1<<KTR_NAMEI)
193 #define KTRFAC_GENIO	(1<<KTR_GENIO)
194 #define	KTRFAC_PSIG	(1<<KTR_PSIG)
195 #define KTRFAC_CSW	(1<<KTR_CSW)
196 #define KTRFAC_USER	(1<<KTR_USER)
197 #define KTRFAC_STRUCT	(1<<KTR_STRUCT)
198 #define KTRFAC_SYSCTL	(1<<KTR_SYSCTL)
199 #define KTRFAC_PROCCTOR	(1<<KTR_PROCCTOR)
200 #define KTRFAC_PROCDTOR	(1<<KTR_PROCDTOR)
201 
202 /*
203  * trace flags (also in p_traceflags)
204  */
205 #define KTRFAC_ROOT	0x80000000	/* root set this trace */
206 #define KTRFAC_INHERIT	0x40000000	/* pass trace flags to children */
207 #define	KTRFAC_DROP	0x20000000	/* last event was dropped */
208 
209 #ifdef	_KERNEL
210 void	ktrnamei(char *);
211 void	ktrcsw(int, int);
212 void	ktrpsig(int, sig_t, sigset_t *, int);
213 void	ktrgenio(int, enum uio_rw, struct uio *, int);
214 void	ktrsyscall(int, int narg, register_t args[]);
215 void	ktrsysctl(int *name, u_int namelen);
216 void	ktrsysret(int, int, register_t);
217 void	ktrprocctor(struct proc *);
218 void	ktrprocexec(struct proc *, struct ucred **, struct vnode **);
219 void	ktrprocexit(struct thread *);
220 void	ktrprocfork(struct proc *, struct proc *);
221 void	ktruserret(struct thread *);
222 void	ktrstruct(const char *, void *, size_t);
223 #define ktrsockaddr(s) \
224 	ktrstruct("sockaddr", (s), ((struct sockaddr *)(s))->sa_len)
225 #define ktrstat(s) \
226 	ktrstruct("stat", (s), sizeof(struct stat))
227 
228 #else
229 
230 #include <sys/cdefs.h>
231 
232 __BEGIN_DECLS
233 int	ktrace(const char *, int, int, pid_t);
234 int	utrace(const void *, size_t);
235 __END_DECLS
236 
237 #endif
238 
239 #endif
240