1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License, Version 1.0 only
6 * (the "License"). You may not use this file except in compliance
7 * with the License.
8 *
9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 * or http://www.opensolaris.org/os/licensing.
11 * See the License for the specific language governing permissions
12 * and limitations under the License.
13 *
14 * When distributing Covered Code, include this CDDL HEADER in each
15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 * If applicable, add the following below this CDDL HEADER, with the
17 * fields enclosed by brackets "[]" replaced with your own identifying
18 * information: Portions Copyright [yyyy] [name of copyright owner]
19 *
20 * CDDL HEADER END
21 */
22 /*
23 * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
26
27 /*
28 * Copyright 2012 DEY Storage Systems, Inc. All rights reserved.
29 * Copyright 2018 Joyent, Inc.
30 */
31
32 #include <sys/types.h>
33 #include <sys/param.h>
34 #include <sys/thread.h>
35 #include <sys/sysmacros.h>
36 #include <sys/signal.h>
37 #include <sys/cred.h>
38 #include <sys/priv.h>
39 #include <sys/user.h>
40 #include <sys/file.h>
41 #include <sys/errno.h>
42 #include <sys/vnode.h>
43 #include <sys/mode.h>
44 #include <sys/vfs.h>
45 #include <sys/mman.h>
46 #include <sys/kmem.h>
47 #include <sys/proc.h>
48 #include <sys/pathname.h>
49 #include <sys/cmn_err.h>
50 #include <sys/systm.h>
51 #include <sys/elf.h>
52 #include <sys/vmsystm.h>
53 #include <sys/debug.h>
54 #include <sys/procfs.h>
55 #include <sys/regset.h>
56 #include <sys/auxv.h>
57 #include <sys/exec.h>
58 #include <sys/prsystm.h>
59 #include <sys/utsname.h>
60 #include <sys/zone.h>
61 #include <vm/as.h>
62 #include <vm/rm.h>
63 #include <sys/modctl.h>
64 #include <sys/systeminfo.h>
65 #include <sys/machelf.h>
66 #include <sys/sunddi.h>
67 #include "elf_impl.h"
68 #if defined(__i386) || defined(__i386_COMPAT)
69 #include <sys/sysi86.h>
70 #endif
71
72 void
73 setup_note_header(Phdr *v, proc_t *p)
74 {
75 int nlwp = p->p_lwpcnt;
76 int nzomb = p->p_zombcnt;
77 int nfd;
78 size_t size;
79 prcred_t *pcrp;
80 uf_info_t *fip;
81 uf_entry_t *ufp;
82 int fd;
83
84 fip = P_FINFO(p);
85 nfd = 0;
86 mutex_enter(&fip->fi_lock);
87 for (fd = 0; fd < fip->fi_nfiles; fd++) {
88 UF_ENTER(ufp, fip, fd);
89 if ((ufp->uf_file != NULL) && (ufp->uf_file->f_count > 0))
90 nfd++;
91 UF_EXIT(ufp);
92 }
93 mutex_exit(&fip->fi_lock);
94
95 v[0].p_type = PT_NOTE;
96 v[0].p_flags = PF_R;
97 v[0].p_filesz = (sizeof (Note) * (10 + 3 * nlwp + nzomb + nfd))
98 + roundup(sizeof (psinfo_t), sizeof (Word))
99 + roundup(sizeof (pstatus_t), sizeof (Word))
100 + roundup(prgetprivsize(), sizeof (Word))
101 + roundup(priv_get_implinfo_size(), sizeof (Word))
102 + roundup(strlen(platform) + 1, sizeof (Word))
103 + roundup(strlen(p->p_zone->zone_name) + 1, sizeof (Word))
104 + roundup(__KERN_NAUXV_IMPL * sizeof (aux_entry_t), sizeof (Word))
105 + roundup(sizeof (utsname), sizeof (Word))
106 + roundup(sizeof (core_content_t), sizeof (Word))
107 + roundup(sizeof (prsecflags_t), sizeof (Word))
108 + (nlwp + nzomb) * roundup(sizeof (lwpsinfo_t), sizeof (Word))
109 + nlwp * roundup(sizeof (lwpstatus_t), sizeof (Word))
110 + nlwp * roundup(sizeof (prlwpname_t), sizeof (Word))
111 + nfd * roundup(sizeof (prfdinfov1_t), sizeof (Word));
112
113 if (curproc->p_agenttp != NULL) {
114 v[0].p_filesz += sizeof (Note) +
115 roundup(sizeof (psinfo_t), sizeof (Word));
116 }
117
118 size = sizeof (prcred_t) + sizeof (gid_t) * (ngroups_max - 1);
119 pcrp = kmem_alloc(size, KM_SLEEP);
120 prgetcred(p, pcrp);
121 if (pcrp->pr_ngroups != 0) {
122 v[0].p_filesz += sizeof (Note) + roundup(sizeof (prcred_t) +
123 sizeof (gid_t) * (pcrp->pr_ngroups - 1), sizeof (Word));
124 } else {
125 v[0].p_filesz += sizeof (Note) +
126 roundup(sizeof (prcred_t), sizeof (Word));
127 }
128 kmem_free(pcrp, size);
129
130
131 #if defined(__i386) || defined(__i386_COMPAT)
132 mutex_enter(&p->p_ldtlock);
133 size = prnldt(p) * sizeof (struct ssd);
134 mutex_exit(&p->p_ldtlock);
135 if (size != 0)
136 v[0].p_filesz += sizeof (Note) + roundup(size, sizeof (Word));
137 #endif /* __i386 || __i386_COMPAT */
138
139 if ((size = prhasx(p)? prgetprxregsize(p) : 0) != 0)
140 v[0].p_filesz += nlwp * sizeof (Note)
141 + nlwp * roundup(size, sizeof (Word));
142
143 #if defined(__sparc)
144 /*
145 * Figure out the number and sizes of register windows.
146 */
147 {
148 kthread_t *t = p->p_tlist;
149 do {
150 if ((size = prnwindows(ttolwp(t))) != 0) {
151 size = sizeof (gwindows_t) -
152 (SPARC_MAXREGWINDOW - size) *
153 sizeof (struct rwindow);
154 v[0].p_filesz += sizeof (Note) +
155 roundup(size, sizeof (Word));
156 }
157 } while ((t = t->t_forw) != p->p_tlist);
158 }
159 /*
160 * Space for the Ancillary State Registers.
161 */
162 if (p->p_model == DATAMODEL_LP64)
163 v[0].p_filesz += nlwp * sizeof (Note)
164 + nlwp * roundup(sizeof (asrset_t), sizeof (Word));
165 #endif /* __sparc */
166 }
167
168 int
169 write_elfnotes(proc_t *p, int sig, vnode_t *vp, offset_t offset,
170 rlim64_t rlimit, cred_t *credp, core_content_t content)
171 {
172 union {
173 psinfo_t psinfo;
174 pstatus_t pstatus;
175 lwpsinfo_t lwpsinfo;
176 lwpstatus_t lwpstatus;
177 #if defined(__sparc)
178 gwindows_t gwindows;
179 asrset_t asrset;
180 #endif /* __sparc */
181 char xregs[1];
182 aux_entry_t auxv[__KERN_NAUXV_IMPL];
183 prcred_t pcred;
184 prpriv_t ppriv;
185 priv_impl_info_t prinfo;
186 struct utsname uts;
187 prsecflags_t psecflags;
188 } *bigwad;
189
190 size_t xregsize = prhasx(p)? prgetprxregsize(p) : 0;
191 size_t crsize = sizeof (prcred_t) + sizeof (gid_t) * (ngroups_max - 1);
192 size_t psize = prgetprivsize();
193 size_t bigsize = MAX(psize, MAX(sizeof (*bigwad),
194 MAX(xregsize, crsize)));
195
196 priv_impl_info_t *prii;
197
198 lwpdir_t *ldp;
199 lwpent_t *lep;
200 kthread_t *t;
201 klwp_t *lwp;
202 user_t *up;
203 int i;
204 int nlwp;
205 int nzomb;
206 int error;
207 uchar_t oldsig;
208 uf_info_t *fip;
209 int fd;
210 vnode_t *vroot;
211
212 #if defined(__i386) || defined(__i386_COMPAT)
213 struct ssd *ssd;
214 size_t ssdsize;
215 #endif /* __i386 || __i386_COMPAT */
216
217 bigsize = MAX(bigsize, priv_get_implinfo_size());
218
219 bigwad = kmem_alloc(bigsize, KM_SLEEP);
220
221 /*
222 * The order of the elfnote entries should be same here
223 * and in the gcore(1) command. Synchronization is
224 * needed between the kernel and gcore(1).
225 */
226
227 /*
228 * Get the psinfo, and set the wait status to indicate that a core was
229 * dumped. We have to forge this since p->p_wcode is not set yet.
230 */
231 mutex_enter(&p->p_lock);
232 prgetpsinfo(p, &bigwad->psinfo);
233 mutex_exit(&p->p_lock);
234 bigwad->psinfo.pr_wstat = wstat(CLD_DUMPED, sig);
235
236 error = elfnote(vp, &offset, NT_PSINFO, sizeof (bigwad->psinfo),
237 (caddr_t)&bigwad->psinfo, rlimit, credp);
238 if (error)
239 goto done;
240
241 /*
242 * Modify t_whystop and lwp_cursig so it appears that the current LWP
243 * is stopped after faulting on the signal that caused the core dump.
244 * As a result, prgetstatus() will record that signal, the saved
245 * lwp_siginfo, and its signal handler in the core file status. We
246 * restore lwp_cursig in case a subsequent signal was received while
247 * dumping core.
248 */
249 mutex_enter(&p->p_lock);
250 lwp = ttolwp(curthread);
251
252 oldsig = lwp->lwp_cursig;
253 lwp->lwp_cursig = (uchar_t)sig;
254 curthread->t_whystop = PR_FAULTED;
255
256 prgetstatus(p, &bigwad->pstatus, p->p_zone);
257 bigwad->pstatus.pr_lwp.pr_why = 0;
258
259 curthread->t_whystop = 0;
260 lwp->lwp_cursig = oldsig;
261 mutex_exit(&p->p_lock);
262
263 error = elfnote(vp, &offset, NT_PSTATUS, sizeof (bigwad->pstatus),
264 (caddr_t)&bigwad->pstatus, rlimit, credp);
265 if (error)
266 goto done;
267
268 error = elfnote(vp, &offset, NT_PLATFORM, strlen(platform) + 1,
269 platform, rlimit, credp);
270 if (error)
271 goto done;
272
273 up = PTOU(p);
274 for (i = 0; i < __KERN_NAUXV_IMPL; i++) {
275 bigwad->auxv[i].a_type = up->u_auxv[i].a_type;
276 bigwad->auxv[i].a_un.a_val = up->u_auxv[i].a_un.a_val;
277 }
278 error = elfnote(vp, &offset, NT_AUXV, sizeof (bigwad->auxv),
279 (caddr_t)bigwad->auxv, rlimit, credp);
280 if (error)
281 goto done;
282
283 bcopy(&utsname, &bigwad->uts, sizeof (struct utsname));
284 if (!INGLOBALZONE(p)) {
285 bcopy(p->p_zone->zone_nodename, &bigwad->uts.nodename,
286 _SYS_NMLN);
287 }
288 error = elfnote(vp, &offset, NT_UTSNAME, sizeof (struct utsname),
289 (caddr_t)&bigwad->uts, rlimit, credp);
290 if (error)
291 goto done;
292
293 prgetsecflags(p, &bigwad->psecflags);
294 error = elfnote(vp, &offset, NT_SECFLAGS, sizeof (prsecflags_t),
295 (caddr_t)&bigwad->psecflags, rlimit, credp);
296 if (error)
297 goto done;
298
299 prgetcred(p, &bigwad->pcred);
300
301 if (bigwad->pcred.pr_ngroups != 0) {
302 crsize = sizeof (prcred_t) +
303 sizeof (gid_t) * (bigwad->pcred.pr_ngroups - 1);
304 } else
305 crsize = sizeof (prcred_t);
306
307 error = elfnote(vp, &offset, NT_PRCRED, crsize,
308 (caddr_t)&bigwad->pcred, rlimit, credp);
309 if (error)
310 goto done;
311
312 error = elfnote(vp, &offset, NT_CONTENT, sizeof (core_content_t),
313 (caddr_t)&content, rlimit, credp);
314 if (error)
315 goto done;
316
317 prgetpriv(p, &bigwad->ppriv);
318
319 error = elfnote(vp, &offset, NT_PRPRIV, psize,
320 (caddr_t)&bigwad->ppriv, rlimit, credp);
321 if (error)
322 goto done;
323
324 prii = priv_hold_implinfo();
325 error = elfnote(vp, &offset, NT_PRPRIVINFO, priv_get_implinfo_size(),
326 (caddr_t)prii, rlimit, credp);
327 priv_release_implinfo();
328 if (error)
329 goto done;
330
331 /* zone can't go away as long as process exists */
332 error = elfnote(vp, &offset, NT_ZONENAME,
333 strlen(p->p_zone->zone_name) + 1, p->p_zone->zone_name,
334 rlimit, credp);
335 if (error)
336 goto done;
337
338
339 /* open file table */
340 vroot = PTOU(p)->u_rdir;
341 if (vroot == NULL)
342 vroot = rootdir;
343
344 VN_HOLD(vroot);
345
346 fip = P_FINFO(p);
347
348 for (fd = 0; fd < fip->fi_nfiles; fd++) {
349 uf_entry_t *ufp;
350 vnode_t *fvp;
351 struct file *fp;
352 vattr_t vattr;
353 prfdinfov1_t fdinfo;
354
355 bzero(&fdinfo, sizeof (fdinfo));
356
357 mutex_enter(&fip->fi_lock);
358 UF_ENTER(ufp, fip, fd);
359 if (((fp = ufp->uf_file) == NULL) || (fp->f_count < 1)) {
360 UF_EXIT(ufp);
361 mutex_exit(&fip->fi_lock);
362 continue;
363 }
364
365 fdinfo.pr_fd = fd;
366 fdinfo.pr_fdflags = ufp->uf_flag;
367 fdinfo.pr_fileflags = fp->f_flag2;
368 fdinfo.pr_fileflags <<= 16;
369 fdinfo.pr_fileflags |= fp->f_flag;
370 if ((fdinfo.pr_fileflags & (FSEARCH | FEXEC)) == 0)
371 fdinfo.pr_fileflags += FOPEN;
372 fdinfo.pr_offset = fp->f_offset;
373
374
375 fvp = fp->f_vnode;
376 VN_HOLD(fvp);
377 UF_EXIT(ufp);
378 mutex_exit(&fip->fi_lock);
379
380 /*
381 * There are some vnodes that have no corresponding
382 * path. Its reasonable for this to fail, in which
383 * case the path will remain an empty string.
384 */
385 (void) vnodetopath(vroot, fvp, fdinfo.pr_path,
386 sizeof (fdinfo.pr_path), credp);
387
388 if (VOP_GETATTR(fvp, &vattr, 0, credp, NULL) != 0) {
389 /*
390 * Try to write at least a subset of information
391 */
392 fdinfo.pr_major = 0;
393 fdinfo.pr_minor = 0;
394 fdinfo.pr_ino = 0;
395 fdinfo.pr_mode = 0;
396 fdinfo.pr_uid = (uid_t)-1;
397 fdinfo.pr_gid = (gid_t)-1;
398 fdinfo.pr_rmajor = 0;
399 fdinfo.pr_rminor = 0;
400 fdinfo.pr_size = -1;
401
402 error = elfnote(vp, &offset, NT_FDINFO,
403 sizeof (fdinfo), &fdinfo, rlimit, credp);
404 VN_RELE(fvp);
405 if (error) {
406 VN_RELE(vroot);
407 goto done;
408 }
409 continue;
410 }
411
412 if (fvp->v_type == VSOCK)
413 fdinfo.pr_fileflags |= sock_getfasync(fvp);
414
415 VN_RELE(fvp);
416
417 /*
418 * This logic mirrors fstat(), which we cannot use
419 * directly, as it calls copyout().
420 */
421 fdinfo.pr_major = getmajor(vattr.va_fsid);
422 fdinfo.pr_minor = getminor(vattr.va_fsid);
423 fdinfo.pr_ino = (ino64_t)vattr.va_nodeid;
424 fdinfo.pr_mode = VTTOIF(vattr.va_type) | vattr.va_mode;
425 fdinfo.pr_uid = vattr.va_uid;
426 fdinfo.pr_gid = vattr.va_gid;
427 fdinfo.pr_rmajor = getmajor(vattr.va_rdev);
428 fdinfo.pr_rminor = getminor(vattr.va_rdev);
429 fdinfo.pr_size = (off64_t)vattr.va_size;
430
431 error = elfnote(vp, &offset, NT_FDINFO,
432 sizeof (fdinfo), &fdinfo, rlimit, credp);
433 if (error) {
434 VN_RELE(vroot);
435 goto done;
436 }
437 }
438
439 VN_RELE(vroot);
440
441 #if defined(__i386) || defined(__i386_COMPAT)
442 mutex_enter(&p->p_ldtlock);
443 ssdsize = prnldt(p) * sizeof (struct ssd);
444 if (ssdsize != 0) {
445 ssd = kmem_alloc(ssdsize, KM_SLEEP);
446 prgetldt(p, ssd);
447 error = elfnote(vp, &offset, NT_LDT, ssdsize,
448 (caddr_t)ssd, rlimit, credp);
449 kmem_free(ssd, ssdsize);
450 }
451 mutex_exit(&p->p_ldtlock);
452 if (error)
453 goto done;
454 #endif /* __i386 || defined(__i386_COMPAT) */
455
456 nlwp = p->p_lwpcnt;
457 nzomb = p->p_zombcnt;
458 /* for each entry in the lwp directory ... */
459 for (ldp = p->p_lwpdir; nlwp + nzomb != 0; ldp++) {
460 prlwpname_t name = { 0, };
461
462 if ((lep = ldp->ld_entry) == NULL) /* empty slot */
463 continue;
464
465 if ((t = lep->le_thread) != NULL) { /* active lwp */
466 ASSERT(nlwp != 0);
467 nlwp--;
468 lwp = ttolwp(t);
469 mutex_enter(&p->p_lock);
470 prgetlwpsinfo(t, &bigwad->lwpsinfo);
471 if (t->t_name != NULL) {
472 (void) strlcpy(name.pr_lwpname, t->t_name,
473 sizeof (name.pr_lwpname));
474 }
475 mutex_exit(&p->p_lock);
476 } else { /* zombie lwp */
477 ASSERT(nzomb != 0);
478 nzomb--;
479 bzero(&bigwad->lwpsinfo, sizeof (bigwad->lwpsinfo));
480 bigwad->lwpsinfo.pr_lwpid = lep->le_lwpid;
481 bigwad->lwpsinfo.pr_state = SZOMB;
482 bigwad->lwpsinfo.pr_sname = 'Z';
483 bigwad->lwpsinfo.pr_start.tv_sec = lep->le_start;
484 }
485
486 name.pr_lwpid = bigwad->lwpsinfo.pr_lwpid;
487
488 error = elfnote(vp, &offset, NT_LWPSINFO,
489 sizeof (bigwad->lwpsinfo), (caddr_t)&bigwad->lwpsinfo,
490 rlimit, credp);
491 if (error)
492 goto done;
493
494 if (t == NULL) /* nothing more to do for a zombie */
495 continue;
496
497 mutex_enter(&p->p_lock);
498 if (t == curthread) {
499 /*
500 * Modify t_whystop and lwp_cursig so it appears that
501 * the current LWP is stopped after faulting on the
502 * signal that caused the core dump. As a result,
503 * prgetlwpstatus() will record that signal, the saved
504 * lwp_siginfo, and its signal handler in the core file
505 * status. We restore lwp_cursig in case a subsequent
506 * signal was received while dumping core.
507 */
508 oldsig = lwp->lwp_cursig;
509 lwp->lwp_cursig = (uchar_t)sig;
510 t->t_whystop = PR_FAULTED;
511
512 prgetlwpstatus(t, &bigwad->lwpstatus, p->p_zone);
513 bigwad->lwpstatus.pr_why = 0;
514
515 t->t_whystop = 0;
516 lwp->lwp_cursig = oldsig;
517 } else {
518 prgetlwpstatus(t, &bigwad->lwpstatus, p->p_zone);
519 }
520 mutex_exit(&p->p_lock);
521 error = elfnote(vp, &offset, NT_LWPSTATUS,
522 sizeof (bigwad->lwpstatus), (caddr_t)&bigwad->lwpstatus,
523 rlimit, credp);
524 if (error)
525 goto done;
526
527 if ((error = elfnote(vp, &offset, NT_LWPNAME, sizeof (name),
528 (caddr_t)&name, rlimit, credp)) != 0)
529 goto done;
530
531
532 #if defined(__sparc)
533 /*
534 * Unspilled SPARC register windows.
535 */
536 {
537 size_t size = prnwindows(lwp);
538
539 if (size != 0) {
540 size = sizeof (gwindows_t) -
541 (SPARC_MAXREGWINDOW - size) *
542 sizeof (struct rwindow);
543 prgetwindows(lwp, &bigwad->gwindows);
544 error = elfnote(vp, &offset, NT_GWINDOWS,
545 size, (caddr_t)&bigwad->gwindows,
546 rlimit, credp);
547 if (error)
548 goto done;
549 }
550 }
551 /*
552 * Ancillary State Registers.
553 */
554 if (p->p_model == DATAMODEL_LP64) {
555 prgetasregs(lwp, bigwad->asrset);
556 error = elfnote(vp, &offset, NT_ASRS,
557 sizeof (asrset_t), (caddr_t)bigwad->asrset,
558 rlimit, credp);
559 if (error)
560 goto done;
561 }
562 #endif /* __sparc */
563
564 if (xregsize) {
565 prgetprxregs(lwp, bigwad->xregs);
566 error = elfnote(vp, &offset, NT_PRXREG,
567 xregsize, bigwad->xregs, rlimit, credp);
568 if (error)
569 goto done;
570 }
571
572 if (t->t_lwp->lwp_spymaster != NULL) {
573 void *psaddr = t->t_lwp->lwp_spymaster;
574 #ifdef _ELF32_COMPAT
575 /*
576 * On a 64-bit kernel with 32-bit ELF compatibility,
577 * this file is compiled into two different objects:
578 * one is compiled normally, and the other is compiled
579 * with _ELF32_COMPAT set -- and therefore with a
580 * psinfo_t defined to be a psinfo32_t. However, the
581 * psinfo_t denoting our spymaster is always of the
582 * native type; if we are in the _ELF32_COMPAT case,
583 * we need to explicitly convert it.
584 */
585 if (p->p_model == DATAMODEL_ILP32) {
586 psinfo_kto32(psaddr, &bigwad->psinfo);
587 psaddr = &bigwad->psinfo;
588 }
589 #endif
590
591 error = elfnote(vp, &offset, NT_SPYMASTER,
592 sizeof (psinfo_t), psaddr, rlimit, credp);
593 if (error)
594 goto done;
595 }
596 }
597 ASSERT(nlwp == 0);
598
599 done:
600 kmem_free(bigwad, bigsize);
601 return (error);
602 }