1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 *
26 * Portions Copyright 2007 Chad Mynhier
27 * Copyright 2012 DEY Storage Systems, Inc. All rights reserved.
28 * Copyright (c) 2013 by Delphix. All rights reserved.
29 * Copyright 2015, Joyent, Inc.
30 */
31
32 #include <assert.h>
33 #include <stdio.h>
34 #include <stdlib.h>
35 #include <unistd.h>
36 #include <ctype.h>
37 #include <fcntl.h>
38 #include <string.h>
39 #include <strings.h>
40 #include <memory.h>
41 #include <errno.h>
42 #include <dirent.h>
43 #include <limits.h>
44 #include <signal.h>
45 #include <atomic.h>
46 #include <zone.h>
47 #include <sys/types.h>
48 #include <sys/uio.h>
49 #include <sys/stat.h>
50 #include <sys/resource.h>
51 #include <sys/param.h>
52 #include <sys/stack.h>
53 #include <sys/fault.h>
54 #include <sys/syscall.h>
55 #include <sys/sysmacros.h>
56 #include <sys/systeminfo.h>
57 #include <sys/secflags.h>
58
59 #include "libproc.h"
60 #include "Pcontrol.h"
61 #include "Putil.h"
62 #include "P32ton.h"
63
64 int _libproc_debug; /* set non-zero to enable debugging printfs */
65 int _libproc_no_qsort; /* set non-zero to inhibit sorting */
66 /* of symbol tables */
67 int _libproc_incore_elf; /* only use in-core elf data */
68
69 sigset_t blockable_sigs; /* signals to block when we need to be safe */
70 static int minfd; /* minimum file descriptor returned by dupfd(fd, 0) */
71 char procfs_path[PATH_MAX] = "/proc";
72
73 /*
74 * Function prototypes for static routines in this module.
75 */
76 static void deadcheck(struct ps_prochandle *);
77 static void restore_tracing_flags(struct ps_prochandle *);
78 static void Lfree_internal(struct ps_prochandle *, struct ps_lwphandle *);
79 static prheader_t *read_lfile(struct ps_prochandle *, const char *);
80
81 /*
82 * Ops vector functions for live processes.
83 */
84
85 /*ARGSUSED*/
86 static ssize_t
87 Pread_live(struct ps_prochandle *P, void *buf, size_t n, uintptr_t addr,
88 void *data)
89 {
90 return (pread(P->asfd, buf, n, (off_t)addr));
91 }
92
93 /*ARGSUSED*/
94 static ssize_t
95 Pwrite_live(struct ps_prochandle *P, const void *buf, size_t n, uintptr_t addr,
96 void *data)
97 {
98 return (pwrite(P->asfd, buf, n, (off_t)addr));
99 }
100
101 /*ARGSUSED*/
102 static int
103 Pread_maps_live(struct ps_prochandle *P, prmap_t **Pmapp, ssize_t *nmapp,
104 void *data)
105 {
106 char mapfile[PATH_MAX];
107 int mapfd;
108 struct stat statb;
109 ssize_t nmap;
110 prmap_t *Pmap = NULL;
111
112 (void) snprintf(mapfile, sizeof (mapfile), "%s/%d/map",
113 procfs_path, (int)P->pid);
114 if ((mapfd = open(mapfile, O_RDONLY)) < 0 ||
115 fstat(mapfd, &statb) != 0 ||
116 statb.st_size < sizeof (prmap_t) ||
117 (Pmap = malloc(statb.st_size)) == NULL ||
118 (nmap = pread(mapfd, Pmap, statb.st_size, 0L)) <= 0 ||
119 (nmap /= sizeof (prmap_t)) == 0) {
120 if (Pmap != NULL)
121 free(Pmap);
122 if (mapfd >= 0)
123 (void) close(mapfd);
124 Preset_maps(P); /* utter failure; destroy tables */
125 return (-1);
126 }
127 (void) close(mapfd);
128
129 *Pmapp = Pmap;
130 *nmapp = nmap;
131
132 return (0);
133 }
134
135 /*ARGSUSED*/
136 static void
137 Pread_aux_live(struct ps_prochandle *P, auxv_t **auxvp, int *nauxp, void *data)
138 {
139 char auxfile[64];
140 int fd;
141 struct stat statb;
142 auxv_t *auxv;
143 ssize_t naux;
144
145 (void) snprintf(auxfile, sizeof (auxfile), "%s/%d/auxv",
146 procfs_path, (int)P->pid);
147 if ((fd = open(auxfile, O_RDONLY)) < 0) {
148 dprintf("%s: failed to open %s: %s\n",
149 __func__, auxfile, strerror(errno));
150 return;
151 }
152
153 if (fstat(fd, &statb) == 0 &&
154 statb.st_size >= sizeof (auxv_t) &&
155 (auxv = malloc(statb.st_size + sizeof (auxv_t))) != NULL) {
156 if ((naux = read(fd, auxv, statb.st_size)) < 0 ||
157 (naux /= sizeof (auxv_t)) < 1) {
158 dprintf("%s: read failed: %s\n",
159 __func__, strerror(errno));
160 free(auxv);
161 } else {
162 auxv[naux].a_type = AT_NULL;
163 auxv[naux].a_un.a_val = 0L;
164
165 *auxvp = auxv;
166 *nauxp = (int)naux;
167 }
168 }
169
170 (void) close(fd);
171 }
172
173 /*ARGSUSED*/
174 static int
175 Pcred_live(struct ps_prochandle *P, prcred_t *pcrp, int ngroups, void *data)
176 {
177 return (proc_get_cred(P->pid, pcrp, ngroups));
178 }
179
180 /* ARGSUSED */
181 static int
182 Psecflags_live(struct ps_prochandle *P, prsecflags_t **psf, void *data)
183 {
184 return (proc_get_secflags(P->pid, psf));
185 }
186
187 /*ARGSUSED*/
188 static int
189 Ppriv_live(struct ps_prochandle *P, prpriv_t **pprv, void *data)
190 {
191 prpriv_t *pp;
192
193 pp = proc_get_priv(P->pid);
194 if (pp == NULL) {
195 return (-1);
196 }
197
198 *pprv = pp;
199 return (0);
200 }
201
202 /*ARGSUSED*/
203 static const psinfo_t *
204 Ppsinfo_live(struct ps_prochandle *P, psinfo_t *psinfo, void *data)
205 {
206 if (proc_get_psinfo(P->pid, psinfo) == -1)
207 return (NULL);
208
209 return (psinfo);
210 }
211
212 /*ARGSUSED*/
213 static prheader_t *
214 Plstatus_live(struct ps_prochandle *P, void *data)
215 {
216 return (read_lfile(P, "lstatus"));
217 }
218
219 /*ARGSUSED*/
220 static prheader_t *
221 Plpsinfo_live(struct ps_prochandle *P, void *data)
222 {
223 return (read_lfile(P, "lpsinfo"));
224 }
225
226 /*ARGSUSED*/
227 static char *
228 Pplatform_live(struct ps_prochandle *P, char *s, size_t n, void *data)
229 {
230 if (sysinfo(SI_PLATFORM, s, n) == -1)
231 return (NULL);
232 return (s);
233 }
234
235 /*ARGSUSED*/
236 static int
237 Puname_live(struct ps_prochandle *P, struct utsname *u, void *data)
238 {
239 return (uname(u));
240 }
241
242 /*ARGSUSED*/
243 static char *
244 Pzonename_live(struct ps_prochandle *P, char *s, size_t n, void *data)
245 {
246 if (getzonenamebyid(P->status.pr_zoneid, s, n) < 0)
247 return (NULL);
248 s[n - 1] = '\0';
249 return (s);
250 }
251
252 /*
253 * Callback function for Pfindexec(). We return a match if we can stat the
254 * suggested pathname and confirm its device and inode number match our
255 * previous information about the /proc/<pid>/object/a.out file.
256 */
257 static int
258 stat_exec(const char *path, void *arg)
259 {
260 struct stat64 *stp = arg;
261 struct stat64 st;
262
263 return (stat64(path, &st) == 0 && S_ISREG(st.st_mode) &&
264 stp->st_dev == st.st_dev && stp->st_ino == st.st_ino);
265 }
266
267 /*ARGSUSED*/
268 static char *
269 Pexecname_live(struct ps_prochandle *P, char *buf, size_t buflen, void *data)
270 {
271 char exec_name[PATH_MAX];
272 char cwd[PATH_MAX];
273 char proc_cwd[64];
274 struct stat64 st;
275 int ret;
276
277 /*
278 * Try to get the path information first.
279 */
280 (void) snprintf(exec_name, sizeof (exec_name),
281 "%s/%d/path/a.out", procfs_path, (int)P->pid);
282 if ((ret = readlink(exec_name, buf, buflen - 1)) > 0) {
283 buf[ret] = '\0';
284 (void) Pfindobj(P, buf, buf, buflen);
285 return (buf);
286 }
287
288 /*
289 * Stat the executable file so we can compare Pfindexec's
290 * suggestions to the actual device and inode number.
291 */
292 (void) snprintf(exec_name, sizeof (exec_name),
293 "%s/%d/object/a.out", procfs_path, (int)P->pid);
294
295 if (stat64(exec_name, &st) != 0 || !S_ISREG(st.st_mode))
296 return (NULL);
297
298 /*
299 * Attempt to figure out the current working directory of the
300 * target process. This only works if the target process has
301 * not changed its current directory since it was exec'd.
302 */
303 (void) snprintf(proc_cwd, sizeof (proc_cwd),
304 "%s/%d/path/cwd", procfs_path, (int)P->pid);
305
306 if ((ret = readlink(proc_cwd, cwd, PATH_MAX - 1)) > 0)
307 cwd[ret] = '\0';
308
309 (void) Pfindexec(P, ret > 0 ? cwd : NULL, stat_exec, &st);
310
311 return (NULL);
312 }
313
314 #if defined(__i386) || defined(__amd64)
315 /*ARGSUSED*/
316 static int
317 Pldt_live(struct ps_prochandle *P, struct ssd *pldt, int nldt, void *data)
318 {
319 return (proc_get_ldt(P->pid, pldt, nldt));
320 }
321 #endif
322
323 static const ps_ops_t P_live_ops = {
324 .pop_pread = Pread_live,
325 .pop_pwrite = Pwrite_live,
326 .pop_read_maps = Pread_maps_live,
327 .pop_read_aux = Pread_aux_live,
328 .pop_cred = Pcred_live,
329 .pop_priv = Ppriv_live,
330 .pop_psinfo = Ppsinfo_live,
331 .pop_lstatus = Plstatus_live,
332 .pop_lpsinfo = Plpsinfo_live,
333 .pop_platform = Pplatform_live,
334 .pop_uname = Puname_live,
335 .pop_zonename = Pzonename_live,
336 .pop_execname = Pexecname_live,
337 .pop_secflags = Psecflags_live,
338 #if defined(__i386) || defined(__amd64)
339 .pop_ldt = Pldt_live
340 #endif
341 };
342
343 /*
344 * This is the library's .init handler.
345 */
346 #pragma init(_libproc_init)
347 void
348 _libproc_init(void)
349 {
350 _libproc_debug = getenv("LIBPROC_DEBUG") != NULL;
351 _libproc_no_qsort = getenv("LIBPROC_NO_QSORT") != NULL;
352 _libproc_incore_elf = getenv("LIBPROC_INCORE_ELF") != NULL;
353
354 (void) sigfillset(&blockable_sigs);
355 (void) sigdelset(&blockable_sigs, SIGKILL);
356 (void) sigdelset(&blockable_sigs, SIGSTOP);
357 }
358
359 void
360 Pset_procfs_path(const char *path)
361 {
362 (void) snprintf(procfs_path, sizeof (procfs_path), "%s", path);
363 }
364
365 /*
366 * Call set_minfd() once before calling dupfd() several times.
367 * We assume that the application will not reduce its current file
368 * descriptor limit lower than 512 once it has set at least that value.
369 */
370 int
371 set_minfd(void)
372 {
373 static mutex_t minfd_lock = DEFAULTMUTEX;
374 struct rlimit rlim;
375 int fd;
376
377 if ((fd = minfd) < 256) {
378 (void) mutex_lock(&minfd_lock);
379 if ((fd = minfd) < 256) {
380 if (getrlimit(RLIMIT_NOFILE, &rlim) != 0)
381 rlim.rlim_cur = rlim.rlim_max = 0;
382 if (rlim.rlim_cur >= 512)
383 fd = 256;
384 else if ((fd = rlim.rlim_cur / 2) < 3)
385 fd = 3;
386 membar_producer();
387 minfd = fd;
388 }
389 (void) mutex_unlock(&minfd_lock);
390 }
391 return (fd);
392 }
393
394 int
395 dupfd(int fd, int dfd)
396 {
397 int mfd;
398
399 /*
400 * Make fd be greater than 255 (the 32-bit stdio limit),
401 * or at least make it greater than 2 so that the
402 * program will work when spawned by init(1m).
403 * Also, if dfd is non-zero, dup the fd to be dfd.
404 */
405 if ((mfd = minfd) == 0)
406 mfd = set_minfd();
407 if (dfd > 0 || (0 <= fd && fd < mfd)) {
408 if (dfd <= 0)
409 dfd = mfd;
410 dfd = fcntl(fd, F_DUPFD, dfd);
411 (void) close(fd);
412 fd = dfd;
413 }
414 /*
415 * Mark it close-on-exec so any created process doesn't inherit it.
416 */
417 if (fd >= 0)
418 (void) fcntl(fd, F_SETFD, FD_CLOEXEC);
419 return (fd);
420 }
421
422 /*
423 * Create a new controlled process.
424 * Leave it stopped on successful exit from exec() or execve().
425 * Return an opaque pointer to its process control structure.
426 * Return NULL if process cannot be created (fork()/exec() not successful).
427 */
428 struct ps_prochandle *
429 Pxcreate(const char *file, /* executable file name */
430 char *const *argv, /* argument vector */
431 char *const *envp, /* environment */
432 int *perr, /* pointer to error return code */
433 char *path, /* if non-null, holds exec path name on return */
434 size_t len) /* size of the path buffer */
435 {
436 char execpath[PATH_MAX];
437 char procname[PATH_MAX];
438 struct ps_prochandle *P;
439 pid_t pid;
440 int fd;
441 char *fname;
442 int rc;
443 int lasterrno = 0;
444
445 if (len == 0) /* zero length, no path */
446 path = NULL;
447 if (path != NULL)
448 *path = '\0';
449
450 if ((P = malloc(sizeof (struct ps_prochandle))) == NULL) {
451 *perr = C_STRANGE;
452 return (NULL);
453 }
454
455 if ((pid = fork1()) == -1) {
456 free(P);
457 *perr = C_FORK;
458 return (NULL);
459 }
460
461 if (pid == 0) { /* child process */
462 id_t id;
463 extern char **environ;
464
465 /*
466 * If running setuid or setgid, reset credentials to normal.
467 */
468 if ((id = getgid()) != getegid())
469 (void) setgid(id);
470 if ((id = getuid()) != geteuid())
471 (void) setuid(id);
472
473 Pcreate_callback(P); /* execute callback (see below) */
474 (void) pause(); /* wait for PRSABORT from parent */
475
476 /*
477 * This is ugly. There is no execvep() function that takes a
478 * path and an environment. We cheat here by replacing the
479 * global 'environ' variable right before we call this.
480 */
481 if (envp)
482 environ = (char **)envp;
483
484 (void) execvp(file, argv); /* execute the program */
485 _exit(127);
486 }
487
488 /*
489 * Initialize the process structure.
490 */
491 (void) memset(P, 0, sizeof (*P));
492 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL);
493 P->flags |= CREATED;
494 P->state = PS_RUN;
495 P->pid = pid;
496 P->asfd = -1;
497 P->ctlfd = -1;
498 P->statfd = -1;
499 P->agentctlfd = -1;
500 P->agentstatfd = -1;
501 Pinit_ops(&P->ops, &P_live_ops);
502 Pinitsym(P);
503
504 /*
505 * Open the /proc/pid files.
506 */
507 (void) snprintf(procname, sizeof (procname), "%s/%d/",
508 procfs_path, (int)pid);
509 fname = procname + strlen(procname);
510 (void) set_minfd();
511
512 /*
513 * Exclusive write open advises others not to interfere.
514 * There is no reason for any of these open()s to fail.
515 */
516 (void) strcpy(fname, "as");
517 if ((fd = open(procname, (O_RDWR|O_EXCL))) < 0 ||
518 (fd = dupfd(fd, 0)) < 0) {
519 dprintf("Pcreate: failed to open %s: %s\n",
520 procname, strerror(errno));
521 rc = C_STRANGE;
522 goto bad;
523 }
524 P->asfd = fd;
525
526 (void) strcpy(fname, "status");
527 if ((fd = open(procname, O_RDONLY)) < 0 ||
528 (fd = dupfd(fd, 0)) < 0) {
529 dprintf("Pcreate: failed to open %s: %s\n",
530 procname, strerror(errno));
531 rc = C_STRANGE;
532 goto bad;
533 }
534 P->statfd = fd;
535
536 (void) strcpy(fname, "ctl");
537 if ((fd = open(procname, O_WRONLY)) < 0 ||
538 (fd = dupfd(fd, 0)) < 0) {
539 dprintf("Pcreate: failed to open %s: %s\n",
540 procname, strerror(errno));
541 rc = C_STRANGE;
542 goto bad;
543 }
544 P->ctlfd = fd;
545
546 (void) Pstop(P, 0); /* stop the controlled process */
547
548 /*
549 * Wait for process to sleep in pause().
550 * If the process has already called pause(), then it should be
551 * stopped (PR_REQUESTED) while asleep in pause and we are done.
552 * Else we set up to catch entry/exit to pause() and set the process
553 * running again, expecting it to stop when it reaches pause().
554 * There is no reason for this to fail other than an interrupt.
555 */
556 (void) Psysentry(P, SYS_pause, 1);
557 (void) Psysexit(P, SYS_pause, 1);
558 for (;;) {
559 if (P->state == PS_STOP &&
560 P->status.pr_lwp.pr_syscall == SYS_pause &&
561 (P->status.pr_lwp.pr_why == PR_REQUESTED ||
562 P->status.pr_lwp.pr_why == PR_SYSENTRY ||
563 P->status.pr_lwp.pr_why == PR_SYSEXIT))
564 break;
565
566 if (P->state != PS_STOP || /* interrupt or process died */
567 Psetrun(P, 0, 0) != 0) { /* can't restart */
568 if (errno == EINTR || errno == ERESTART)
569 rc = C_INTR;
570 else {
571 dprintf("Pcreate: Psetrun failed: %s\n",
572 strerror(errno));
573 rc = C_STRANGE;
574 }
575 goto bad;
576 }
577
578 (void) Pwait(P, 0);
579 }
580 (void) Psysentry(P, SYS_pause, 0);
581 (void) Psysexit(P, SYS_pause, 0);
582
583 /*
584 * Kick the process off the pause() and catch
585 * it again on entry to exec() or exit().
586 */
587 (void) Psysentry(P, SYS_exit, 1);
588 (void) Psysentry(P, SYS_execve, 1);
589 if (Psetrun(P, 0, PRSABORT) == -1) {
590 dprintf("Pcreate: Psetrun failed: %s\n", strerror(errno));
591 rc = C_STRANGE;
592 goto bad;
593 }
594 (void) Pwait(P, 0);
595 if (P->state != PS_STOP) {
596 dprintf("Pcreate: Pwait failed: %s\n", strerror(errno));
597 rc = C_STRANGE;
598 goto bad;
599 }
600
601 /*
602 * Move the process through instances of failed exec()s
603 * to reach the point of stopped on successful exec().
604 */
605 (void) Psysexit(P, SYS_execve, TRUE);
606
607 while (P->state == PS_STOP &&
608 P->status.pr_lwp.pr_why == PR_SYSENTRY &&
609 P->status.pr_lwp.pr_what == SYS_execve) {
610 /*
611 * Fetch the exec path name now, before we complete
612 * the exec(). We may lose the process and be unable
613 * to get the information later.
614 */
615 (void) Pread_string(P, execpath, sizeof (execpath),
616 (off_t)P->status.pr_lwp.pr_sysarg[0]);
617 if (path != NULL)
618 (void) strncpy(path, execpath, len);
619 /*
620 * Set the process running and wait for
621 * it to stop on exit from the exec().
622 */
623 (void) Psetrun(P, 0, 0);
624 (void) Pwait(P, 0);
625
626 if (P->state == PS_LOST && /* we lost control */
627 Preopen(P) != 0) { /* and we can't get it back */
628 rc = C_PERM;
629 goto bad;
630 }
631
632 /*
633 * If the exec() failed, continue the loop, expecting
634 * there to be more attempts to exec(), based on PATH.
635 */
636 if (P->state == PS_STOP &&
637 P->status.pr_lwp.pr_why == PR_SYSEXIT &&
638 P->status.pr_lwp.pr_what == SYS_execve &&
639 (lasterrno = P->status.pr_lwp.pr_errno) != 0) {
640 /*
641 * The exec() failed. Set the process running and
642 * wait for it to stop on entry to the next exec().
643 */
644 (void) Psetrun(P, 0, 0);
645 (void) Pwait(P, 0);
646
647 continue;
648 }
649 break;
650 }
651
652 if (P->state == PS_STOP &&
653 P->status.pr_lwp.pr_why == PR_SYSEXIT &&
654 P->status.pr_lwp.pr_what == SYS_execve &&
655 P->status.pr_lwp.pr_errno == 0) {
656 /*
657 * The process is stopped on successful exec() or execve().
658 * Turn off all tracing flags and return success.
659 */
660 restore_tracing_flags(P);
661 #ifndef _LP64
662 /* We must be a 64-bit process to deal with a 64-bit process */
663 if (P->status.pr_dmodel == PR_MODEL_LP64) {
664 rc = C_LP64;
665 goto bad;
666 }
667 #endif
668 /*
669 * Set run-on-last-close so the controlled process
670 * runs even if we die on a signal.
671 */
672 (void) Psetflags(P, PR_RLC);
673 *perr = 0;
674 return (P);
675 }
676
677 rc = lasterrno == ENOENT ? C_NOENT : C_NOEXEC;
678
679 bad:
680 (void) kill(pid, SIGKILL);
681 if (path != NULL && rc != C_PERM && rc != C_LP64)
682 *path = '\0';
683 Pfree(P);
684 *perr = rc;
685 return (NULL);
686 }
687
688 struct ps_prochandle *
689 Pcreate(
690 const char *file, /* executable file name */
691 char *const *argv, /* argument vector */
692 int *perr, /* pointer to error return code */
693 char *path, /* if non-null, holds exec path name on return */
694 size_t len) /* size of the path buffer */
695 {
696 return (Pxcreate(file, argv, NULL, perr, path, len));
697 }
698
699 /*
700 * Return a printable string corresponding to a Pcreate() error return.
701 */
702 const char *
703 Pcreate_error(int error)
704 {
705 const char *str;
706
707 switch (error) {
708 case C_FORK:
709 str = "cannot fork";
710 break;
711 case C_PERM:
712 str = "file is set-id or unreadable";
713 break;
714 case C_NOEXEC:
715 str = "cannot execute file";
716 break;
717 case C_INTR:
718 str = "operation interrupted";
719 break;
720 case C_LP64:
721 str = "program is _LP64, self is not";
722 break;
723 case C_STRANGE:
724 str = "unanticipated system error";
725 break;
726 case C_NOENT:
727 str = "cannot find executable file";
728 break;
729 default:
730 str = "unknown error";
731 break;
732 }
733
734 return (str);
735 }
736
737 /*
738 * Callback to execute in each child process created with Pcreate() after fork
739 * but before it execs the new process image. By default, we do nothing, but
740 * by calling this function we allow the client program to define its own
741 * version of the function which will interpose on our empty default. This
742 * may be useful for clients that need to modify signal dispositions, terminal
743 * attributes, or process group and session properties for each new victim.
744 */
745 /*ARGSUSED*/
746 void
747 Pcreate_callback(struct ps_prochandle *P)
748 {
749 /* nothing to do here */
750 }
751
752 /*
753 * Grab an existing process.
754 * Return an opaque pointer to its process control structure.
755 *
756 * pid: UNIX process ID.
757 * flags:
758 * PGRAB_RETAIN Retain tracing flags (default clears all tracing flags).
759 * PGRAB_FORCE Grab regardless of whether process is already traced.
760 * PGRAB_RDONLY Open the address space file O_RDONLY instead of O_RDWR,
761 * and do not open the process control file.
762 * PGRAB_NOSTOP Open the process but do not force it to stop.
763 * perr: pointer to error return code.
764 */
765 struct ps_prochandle *
766 Pgrab(pid_t pid, int flags, int *perr)
767 {
768 struct ps_prochandle *P;
769 int fd, omode;
770 char procname[PATH_MAX];
771 char *fname;
772 int rc = 0;
773
774 /*
775 * PGRAB_RDONLY means that we do not open the /proc/<pid>/control file,
776 * and so it implies RETAIN and NOSTOP since both require control.
777 */
778 if (flags & PGRAB_RDONLY)
779 flags |= PGRAB_RETAIN | PGRAB_NOSTOP;
780
781 if ((P = malloc(sizeof (struct ps_prochandle))) == NULL) {
782 *perr = G_STRANGE;
783 return (NULL);
784 }
785
786 P->asfd = -1;
787 P->ctlfd = -1;
788 P->statfd = -1;
789
790 again: /* Come back here if we lose it in the Window of Vulnerability */
791 if (P->ctlfd >= 0)
792 (void) close(P->ctlfd);
793 if (P->asfd >= 0)
794 (void) close(P->asfd);
795 if (P->statfd >= 0)
796 (void) close(P->statfd);
797 (void) memset(P, 0, sizeof (*P));
798 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL);
799 P->ctlfd = -1;
800 P->asfd = -1;
801 P->statfd = -1;
802 P->agentctlfd = -1;
803 P->agentstatfd = -1;
804 Pinit_ops(&P->ops, &P_live_ops);
805 Pinitsym(P);
806
807 /*
808 * Open the /proc/pid files
809 */
810 (void) snprintf(procname, sizeof (procname), "%s/%d/",
811 procfs_path, (int)pid);
812 fname = procname + strlen(procname);
813 (void) set_minfd();
814
815 /*
816 * Request exclusive open to avoid grabbing someone else's
817 * process and to prevent others from interfering afterwards.
818 * If this fails and the 'PGRAB_FORCE' flag is set, attempt to
819 * open non-exclusively.
820 */
821 (void) strcpy(fname, "as");
822 omode = (flags & PGRAB_RDONLY) ? O_RDONLY : O_RDWR;
823
824 if (((fd = open(procname, omode | O_EXCL)) < 0 &&
825 (fd = ((flags & PGRAB_FORCE)? open(procname, omode) : -1)) < 0) ||
826 (fd = dupfd(fd, 0)) < 0) {
827 switch (errno) {
828 case ENOENT:
829 rc = G_NOPROC;
830 break;
831 case EACCES:
832 case EPERM:
833 rc = G_PERM;
834 break;
835 case EMFILE:
836 rc = G_NOFD;
837 break;
838 case EBUSY:
839 if (!(flags & PGRAB_FORCE) || geteuid() != 0) {
840 rc = G_BUSY;
841 break;
842 }
843 /* FALLTHROUGH */
844 default:
845 dprintf("Pgrab: failed to open %s: %s\n",
846 procname, strerror(errno));
847 rc = G_STRANGE;
848 break;
849 }
850 goto err;
851 }
852 P->asfd = fd;
853
854 (void) strcpy(fname, "status");
855 if ((fd = open(procname, O_RDONLY)) < 0 ||
856 (fd = dupfd(fd, 0)) < 0) {
857 switch (errno) {
858 case ENOENT:
859 rc = G_NOPROC;
860 break;
861 case EMFILE:
862 rc = G_NOFD;
863 break;
864 default:
865 dprintf("Pgrab: failed to open %s: %s\n",
866 procname, strerror(errno));
867 rc = G_STRANGE;
868 break;
869 }
870 goto err;
871 }
872 P->statfd = fd;
873
874 if (!(flags & PGRAB_RDONLY)) {
875 (void) strcpy(fname, "ctl");
876 if ((fd = open(procname, O_WRONLY)) < 0 ||
877 (fd = dupfd(fd, 0)) < 0) {
878 switch (errno) {
879 case ENOENT:
880 rc = G_NOPROC;
881 break;
882 case EMFILE:
883 rc = G_NOFD;
884 break;
885 default:
886 dprintf("Pgrab: failed to open %s: %s\n",
887 procname, strerror(errno));
888 rc = G_STRANGE;
889 break;
890 }
891 goto err;
892 }
893 P->ctlfd = fd;
894 }
895
896 P->state = PS_RUN;
897 P->pid = pid;
898
899 /*
900 * We are now in the Window of Vulnerability (WoV). The process may
901 * exec() a setuid/setgid or unreadable object file between the open()
902 * and the PCSTOP. We will get EAGAIN in this case and must start over.
903 * As Pstopstatus will trigger the first read() from a /proc file,
904 * we also need to handle EOVERFLOW here when 32-bit as an indicator
905 * that this process is 64-bit. Finally, if the process has become
906 * a zombie (PS_UNDEAD) while we were trying to grab it, just remain
907 * silent about this and pretend there was no process.
908 */
909 if (Pstopstatus(P, PCNULL, 0) != 0) {
910 #ifndef _LP64
911 if (errno == EOVERFLOW) {
912 rc = G_LP64;
913 goto err;
914 }
915 #endif
916 if (P->state == PS_LOST) { /* WoV */
917 (void) mutex_destroy(&P->proc_lock);
918 goto again;
919 }
920
921 if (P->state == PS_UNDEAD)
922 rc = G_NOPROC;
923 else
924 rc = G_STRANGE;
925
926 goto err;
927 }
928
929 /*
930 * If the process is a system process, we can't control it even as root
931 */
932 if (P->status.pr_flags & PR_ISSYS) {
933 rc = G_SYS;
934 goto err;
935 }
936 #ifndef _LP64
937 /*
938 * We must be a 64-bit process to deal with a 64-bit process
939 */
940 if (P->status.pr_dmodel == PR_MODEL_LP64) {
941 rc = G_LP64;
942 goto err;
943 }
944 #endif
945
946 /*
947 * Remember the status for use by Prelease().
948 */
949 P->orig_status = P->status; /* structure copy */
950
951 /*
952 * Before stopping the process, make sure we are not grabbing ourselves.
953 * If we are, make sure we are doing it PGRAB_RDONLY.
954 */
955 if (pid == getpid()) {
956 /*
957 * Verify that the process is really ourself:
958 * Set a magic number, read it through the
959 * /proc file and see if the results match.
960 */
961 uint32_t magic1 = 0;
962 uint32_t magic2 = 2;
963
964 errno = 0;
965
966 if (Pread(P, &magic2, sizeof (magic2), (uintptr_t)&magic1)
967 == sizeof (magic2) &&
968 magic2 == 0 &&
969 (magic1 = 0xfeedbeef) &&
970 Pread(P, &magic2, sizeof (magic2), (uintptr_t)&magic1)
971 == sizeof (magic2) &&
972 magic2 == 0xfeedbeef &&
973 !(flags & PGRAB_RDONLY)) {
974 rc = G_SELF;
975 goto err;
976 }
977 }
978
979 /*
980 * If the process is already stopped or has been directed
981 * to stop via /proc, do not set run-on-last-close.
982 */
983 if (!(P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) &&
984 !(flags & PGRAB_RDONLY)) {
985 /*
986 * Mark the process run-on-last-close so
987 * it runs even if we die from SIGKILL.
988 */
989 if (Psetflags(P, PR_RLC) != 0) {
990 if (errno == EAGAIN) { /* WoV */
991 (void) mutex_destroy(&P->proc_lock);
992 goto again;
993 }
994 if (errno == ENOENT) /* No complaint about zombies */
995 rc = G_ZOMB;
996 else {
997 dprintf("Pgrab: failed to set RLC\n");
998 rc = G_STRANGE;
999 }
1000 goto err;
1001 }
1002 }
1003
1004 /*
1005 * If a stop directive is pending and the process has not yet stopped,
1006 * then synchronously wait for the stop directive to take effect.
1007 * Limit the time spent waiting for the process to stop by iterating
1008 * at most 10 times. The time-out of 20 ms corresponds to the time
1009 * between sending the stop directive and the process actually stopped
1010 * as measured by DTrace on a slow, busy system. If the process doesn't
1011 * stop voluntarily, clear the PR_DSTOP flag so that the code below
1012 * forces the process to stop.
1013 */
1014 if (!(flags & PGRAB_RDONLY)) {
1015 int niter = 0;
1016 while ((P->status.pr_lwp.pr_flags & (PR_STOPPED|PR_DSTOP)) ==
1017 PR_DSTOP && niter < 10 &&
1018 Pstopstatus(P, PCTWSTOP, 20) != 0) {
1019 niter++;
1020 if (flags & PGRAB_NOSTOP)
1021 break;
1022 }
1023 if (niter == 10 && !(flags & PGRAB_NOSTOP)) {
1024 /* Try it harder down below */
1025 P->status.pr_lwp.pr_flags &= ~PR_DSTOP;
1026 }
1027 }
1028
1029 /*
1030 * If the process is not already stopped or directed to stop
1031 * and PGRAB_NOSTOP was not specified, stop the process now.
1032 */
1033 if (!(P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) &&
1034 !(flags & PGRAB_NOSTOP)) {
1035 /*
1036 * Stop the process, get its status and signal/syscall masks.
1037 */
1038 if (((P->status.pr_lwp.pr_flags & PR_STOPPED) &&
1039 Pstopstatus(P, PCDSTOP, 0) != 0) ||
1040 Pstopstatus(P, PCSTOP, 2000) != 0) {
1041 #ifndef _LP64
1042 if (errno == EOVERFLOW) {
1043 rc = G_LP64;
1044 goto err;
1045 }
1046 #endif
1047 if (P->state == PS_LOST) { /* WoV */
1048 (void) mutex_destroy(&P->proc_lock);
1049 goto again;
1050 }
1051 if ((errno != EINTR && errno != ERESTART) ||
1052 (P->state != PS_STOP &&
1053 !(P->status.pr_flags & PR_DSTOP))) {
1054 if (P->state != PS_RUN && errno != ENOENT) {
1055 dprintf("Pgrab: failed to PCSTOP\n");
1056 rc = G_STRANGE;
1057 } else {
1058 rc = G_ZOMB;
1059 }
1060 goto err;
1061 }
1062 }
1063
1064 /*
1065 * Process should now either be stopped via /proc or there
1066 * should be an outstanding stop directive.
1067 */
1068 if (!(P->status.pr_flags & (PR_ISTOP|PR_DSTOP))) {
1069 dprintf("Pgrab: process is not stopped\n");
1070 rc = G_STRANGE;
1071 goto err;
1072 }
1073 #ifndef _LP64
1074 /*
1075 * Test this again now because the 32-bit victim process may
1076 * have exec'd a 64-bit process in the meantime.
1077 */
1078 if (P->status.pr_dmodel == PR_MODEL_LP64) {
1079 rc = G_LP64;
1080 goto err;
1081 }
1082 #endif
1083 }
1084
1085 /*
1086 * Cancel all tracing flags unless the PGRAB_RETAIN flag is set.
1087 */
1088 if (!(flags & PGRAB_RETAIN)) {
1089 (void) Psysentry(P, 0, FALSE);
1090 (void) Psysexit(P, 0, FALSE);
1091 (void) Psignal(P, 0, FALSE);
1092 (void) Pfault(P, 0, FALSE);
1093 Psync(P);
1094 }
1095
1096 *perr = 0;
1097 return (P);
1098
1099 err:
1100 Pfree(P);
1101 *perr = rc;
1102 return (NULL);
1103 }
1104
1105 /*
1106 * Return a printable string corresponding to a Pgrab() error return.
1107 */
1108 const char *
1109 Pgrab_error(int error)
1110 {
1111 const char *str;
1112
1113 switch (error) {
1114 case G_NOPROC:
1115 str = "no such process";
1116 break;
1117 case G_NOCORE:
1118 str = "no such core file";
1119 break;
1120 case G_NOPROCORCORE:
1121 str = "no such process or core file";
1122 break;
1123 case G_NOEXEC:
1124 str = "cannot find executable file";
1125 break;
1126 case G_ZOMB:
1127 str = "zombie process";
1128 break;
1129 case G_PERM:
1130 str = "permission denied";
1131 break;
1132 case G_BUSY:
1133 str = "process is traced";
1134 break;
1135 case G_SYS:
1136 str = "system process";
1137 break;
1138 case G_SELF:
1139 str = "attempt to grab self";
1140 break;
1141 case G_INTR:
1142 str = "operation interrupted";
1143 break;
1144 case G_LP64:
1145 str = "program is _LP64, self is not";
1146 break;
1147 case G_FORMAT:
1148 str = "file is not an ELF core file";
1149 break;
1150 case G_ELF:
1151 str = "libelf error";
1152 break;
1153 case G_NOTE:
1154 str = "core file is corrupt or missing required data";
1155 break;
1156 case G_STRANGE:
1157 str = "unanticipated system error";
1158 break;
1159 case G_ISAINVAL:
1160 str = "wrong ELF machine type";
1161 break;
1162 case G_BADLWPS:
1163 str = "bad lwp specification";
1164 break;
1165 case G_NOFD:
1166 str = "too many open files";
1167 break;
1168 default:
1169 str = "unknown error";
1170 break;
1171 }
1172
1173 return (str);
1174 }
1175
1176 /*
1177 * Free a process control structure.
1178 * Close the file descriptors but don't do the Prelease logic.
1179 */
1180 void
1181 Pfree(struct ps_prochandle *P)
1182 {
1183 uint_t i;
1184
1185 if (P->ucaddrs != NULL) {
1186 free(P->ucaddrs);
1187 P->ucaddrs = NULL;
1188 P->ucnelems = 0;
1189 }
1190
1191 (void) mutex_lock(&P->proc_lock);
1192 if (P->hashtab != NULL) {
1193 struct ps_lwphandle *L;
1194 for (i = 0; i < HASHSIZE; i++) {
1195 while ((L = P->hashtab[i]) != NULL)
1196 Lfree_internal(P, L);
1197 }
1198 free(P->hashtab);
1199 }
1200
1201 while (P->num_fd > 0) {
1202 fd_info_t *fip = list_next(&P->fd_head);
1203 list_unlink(fip);
1204 free(fip);
1205 P->num_fd--;
1206 }
1207 (void) mutex_unlock(&P->proc_lock);
1208 (void) mutex_destroy(&P->proc_lock);
1209
1210 if (P->agentctlfd >= 0)
1211 (void) close(P->agentctlfd);
1212 if (P->agentstatfd >= 0)
1213 (void) close(P->agentstatfd);
1214 if (P->ctlfd >= 0)
1215 (void) close(P->ctlfd);
1216 if (P->asfd >= 0)
1217 (void) close(P->asfd);
1218 if (P->statfd >= 0)
1219 (void) close(P->statfd);
1220 Preset_maps(P);
1221 P->ops.pop_fini(P, P->data);
1222
1223 /* clear out the structure as a precaution against reuse */
1224 (void) memset(P, 0, sizeof (*P));
1225 P->ctlfd = -1;
1226 P->asfd = -1;
1227 P->statfd = -1;
1228 P->agentctlfd = -1;
1229 P->agentstatfd = -1;
1230
1231 free(P);
1232 }
1233
1234 /*
1235 * Return the state of the process, one of the PS_* values.
1236 */
1237 int
1238 Pstate(struct ps_prochandle *P)
1239 {
1240 return (P->state);
1241 }
1242
1243 /*
1244 * Return the open address space file descriptor for the process.
1245 * Clients must not close this file descriptor, not use it
1246 * after the process is freed.
1247 */
1248 int
1249 Pasfd(struct ps_prochandle *P)
1250 {
1251 return (P->asfd);
1252 }
1253
1254 /*
1255 * Return the open control file descriptor for the process.
1256 * Clients must not close this file descriptor, not use it
1257 * after the process is freed.
1258 */
1259 int
1260 Pctlfd(struct ps_prochandle *P)
1261 {
1262 return (P->ctlfd);
1263 }
1264
1265 /*
1266 * Return a pointer to the process psinfo structure.
1267 * Clients should not hold on to this pointer indefinitely.
1268 * It will become invalid on Prelease().
1269 */
1270 const psinfo_t *
1271 Ppsinfo(struct ps_prochandle *P)
1272 {
1273 return (P->ops.pop_psinfo(P, &P->psinfo, P->data));
1274 }
1275
1276 /*
1277 * Return a pointer to the process status structure.
1278 * Clients should not hold on to this pointer indefinitely.
1279 * It will become invalid on Prelease().
1280 */
1281 const pstatus_t *
1282 Pstatus(struct ps_prochandle *P)
1283 {
1284 return (&P->status);
1285 }
1286
1287 static void
1288 Pread_status(struct ps_prochandle *P)
1289 {
1290 P->ops.pop_status(P, &P->status, P->data);
1291 }
1292
1293 /*
1294 * Fill in a pointer to a process credentials structure. The ngroups parameter
1295 * is the number of supplementary group entries allocated in the caller's cred
1296 * structure. It should equal zero or one unless extra space has been
1297 * allocated for the group list by the caller.
1298 */
1299 int
1300 Pcred(struct ps_prochandle *P, prcred_t *pcrp, int ngroups)
1301 {
1302 return (P->ops.pop_cred(P, pcrp, ngroups, P->data));
1303 }
1304
1305 /* Return an allocated prsecflags_t */
1306 int
1307 Psecflags(struct ps_prochandle *P, prsecflags_t **psf)
1308 {
1309 int ret;
1310
1311 if ((ret = P->ops.pop_secflags(P, psf, P->data)) == 0) {
1312 if ((*psf)->pr_version != PRSECFLAGS_VERSION_1) {
1313 errno = EINVAL;
1314 return (-1);
1315 }
1316 }
1317
1318 return (ret);
1319 }
1320
1321 void
1322 Psecflags_free(prsecflags_t *psf)
1323 {
1324 free(psf);
1325 }
1326
1327 static prheader_t *
1328 Plstatus(struct ps_prochandle *P)
1329 {
1330 return (P->ops.pop_lstatus(P, P->data));
1331 }
1332
1333 static prheader_t *
1334 Plpsinfo(struct ps_prochandle *P)
1335 {
1336 return (P->ops.pop_lpsinfo(P, P->data));
1337 }
1338
1339
1340 #if defined(__i386) || defined(__amd64)
1341 /*
1342 * Fill in a pointer to a process LDT structure.
1343 * The caller provides a buffer of size 'nldt * sizeof (struct ssd)';
1344 * If pldt == NULL or nldt == 0, we return the number of existing LDT entries.
1345 * Otherwise we return the actual number of LDT entries fetched (<= nldt).
1346 */
1347 int
1348 Pldt(struct ps_prochandle *P, struct ssd *pldt, int nldt)
1349 {
1350 return (P->ops.pop_ldt(P, pldt, nldt, P->data));
1351
1352 }
1353 #endif /* __i386 */
1354
1355 /* ARGSUSED */
1356 void
1357 Ppriv_free(struct ps_prochandle *P, prpriv_t *prv)
1358 {
1359 free(prv);
1360 }
1361
1362 /*
1363 * Return a malloced process privilege structure in *pprv.
1364 */
1365 int
1366 Ppriv(struct ps_prochandle *P, prpriv_t **pprv)
1367 {
1368 return (P->ops.pop_priv(P, pprv, P->data));
1369 }
1370
1371 int
1372 Psetpriv(struct ps_prochandle *P, prpriv_t *pprv)
1373 {
1374 int rc;
1375 long *ctl;
1376 size_t sz;
1377
1378 if (P->state == PS_DEAD) {
1379 errno = EBADF;
1380 return (-1);
1381 }
1382
1383 sz = PRIV_PRPRIV_SIZE(pprv) + sizeof (long);
1384
1385 sz = ((sz - 1) / sizeof (long) + 1) * sizeof (long);
1386
1387 ctl = malloc(sz);
1388 if (ctl == NULL)
1389 return (-1);
1390
1391 ctl[0] = PCSPRIV;
1392
1393 (void) memcpy(&ctl[1], pprv, PRIV_PRPRIV_SIZE(pprv));
1394
1395 if (write(P->ctlfd, ctl, sz) != sz)
1396 rc = -1;
1397 else
1398 rc = 0;
1399
1400 free(ctl);
1401
1402 return (rc);
1403 }
1404
1405 void *
1406 Pprivinfo(struct ps_prochandle *P)
1407 {
1408 core_info_t *core = P->data;
1409
1410 /* Use default from libc */
1411 if (P->state != PS_DEAD)
1412 return (NULL);
1413
1414 return (core->core_privinfo);
1415 }
1416
1417 /*
1418 * Ensure that all cached state is written to the process.
1419 * The cached state is the LWP's signal mask and registers
1420 * and the process's tracing flags.
1421 */
1422 void
1423 Psync(struct ps_prochandle *P)
1424 {
1425 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
1426 long cmd[6];
1427 iovec_t iov[12];
1428 int n = 0;
1429
1430 if (P->flags & SETHOLD) {
1431 cmd[0] = PCSHOLD;
1432 iov[n].iov_base = (caddr_t)&cmd[0];
1433 iov[n++].iov_len = sizeof (long);
1434 iov[n].iov_base = (caddr_t)&P->status.pr_lwp.pr_lwphold;
1435 iov[n++].iov_len = sizeof (P->status.pr_lwp.pr_lwphold);
1436 }
1437 if (P->flags & SETREGS) {
1438 cmd[1] = PCSREG;
1439 #ifdef __i386
1440 /* XX64 we should probably restore REG_GS after this */
1441 if (ctlfd == P->agentctlfd)
1442 P->status.pr_lwp.pr_reg[GS] = 0;
1443 #elif defined(__amd64)
1444 /* XX64 */
1445 #endif
1446 iov[n].iov_base = (caddr_t)&cmd[1];
1447 iov[n++].iov_len = sizeof (long);
1448 iov[n].iov_base = (caddr_t)&P->status.pr_lwp.pr_reg[0];
1449 iov[n++].iov_len = sizeof (P->status.pr_lwp.pr_reg);
1450 }
1451 if (P->flags & SETSIG) {
1452 cmd[2] = PCSTRACE;
1453 iov[n].iov_base = (caddr_t)&cmd[2];
1454 iov[n++].iov_len = sizeof (long);
1455 iov[n].iov_base = (caddr_t)&P->status.pr_sigtrace;
1456 iov[n++].iov_len = sizeof (P->status.pr_sigtrace);
1457 }
1458 if (P->flags & SETFAULT) {
1459 cmd[3] = PCSFAULT;
1460 iov[n].iov_base = (caddr_t)&cmd[3];
1461 iov[n++].iov_len = sizeof (long);
1462 iov[n].iov_base = (caddr_t)&P->status.pr_flttrace;
1463 iov[n++].iov_len = sizeof (P->status.pr_flttrace);
1464 }
1465 if (P->flags & SETENTRY) {
1466 cmd[4] = PCSENTRY;
1467 iov[n].iov_base = (caddr_t)&cmd[4];
1468 iov[n++].iov_len = sizeof (long);
1469 iov[n].iov_base = (caddr_t)&P->status.pr_sysentry;
1470 iov[n++].iov_len = sizeof (P->status.pr_sysentry);
1471 }
1472 if (P->flags & SETEXIT) {
1473 cmd[5] = PCSEXIT;
1474 iov[n].iov_base = (caddr_t)&cmd[5];
1475 iov[n++].iov_len = sizeof (long);
1476 iov[n].iov_base = (caddr_t)&P->status.pr_sysexit;
1477 iov[n++].iov_len = sizeof (P->status.pr_sysexit);
1478 }
1479
1480 if (n == 0 || writev(ctlfd, iov, n) < 0)
1481 return; /* nothing to do or write failed */
1482
1483 P->flags &= ~(SETSIG|SETFAULT|SETENTRY|SETEXIT|SETHOLD|SETREGS);
1484 }
1485
1486 /*
1487 * Reopen the /proc file (after PS_LOST).
1488 */
1489 int
1490 Preopen(struct ps_prochandle *P)
1491 {
1492 int fd;
1493 char procname[PATH_MAX];
1494 char *fname;
1495
1496 if (P->state == PS_DEAD || P->state == PS_IDLE)
1497 return (0);
1498
1499 if (P->agentcnt > 0) {
1500 P->agentcnt = 1;
1501 Pdestroy_agent(P);
1502 }
1503
1504 (void) snprintf(procname, sizeof (procname), "%s/%d/",
1505 procfs_path, (int)P->pid);
1506 fname = procname + strlen(procname);
1507
1508 (void) strcpy(fname, "as");
1509 if ((fd = open(procname, O_RDWR)) < 0 ||
1510 close(P->asfd) < 0 ||
1511 (fd = dupfd(fd, P->asfd)) != P->asfd) {
1512 dprintf("Preopen: failed to open %s: %s\n",
1513 procname, strerror(errno));
1514 if (fd >= 0)
1515 (void) close(fd);
1516 return (-1);
1517 }
1518 P->asfd = fd;
1519
1520 (void) strcpy(fname, "status");
1521 if ((fd = open(procname, O_RDONLY)) < 0 ||
1522 close(P->statfd) < 0 ||
1523 (fd = dupfd(fd, P->statfd)) != P->statfd) {
1524 dprintf("Preopen: failed to open %s: %s\n",
1525 procname, strerror(errno));
1526 if (fd >= 0)
1527 (void) close(fd);
1528 return (-1);
1529 }
1530 P->statfd = fd;
1531
1532 (void) strcpy(fname, "ctl");
1533 if ((fd = open(procname, O_WRONLY)) < 0 ||
1534 close(P->ctlfd) < 0 ||
1535 (fd = dupfd(fd, P->ctlfd)) != P->ctlfd) {
1536 dprintf("Preopen: failed to open %s: %s\n",
1537 procname, strerror(errno));
1538 if (fd >= 0)
1539 (void) close(fd);
1540 return (-1);
1541 }
1542 P->ctlfd = fd;
1543
1544 /*
1545 * Set the state to PS_RUN and wait for the process to stop so that
1546 * we re-read the status from the new P->statfd. If this fails, Pwait
1547 * will reset the state to PS_LOST and we fail the reopen. Before
1548 * returning, we also forge a bit of P->status to allow the debugger to
1549 * see that we are PS_LOST following a successful exec.
1550 */
1551 P->state = PS_RUN;
1552 if (Pwait(P, 0) == -1) {
1553 #ifdef _ILP32
1554 if (errno == EOVERFLOW)
1555 P->status.pr_dmodel = PR_MODEL_LP64;
1556 #endif
1557 P->status.pr_lwp.pr_why = PR_SYSEXIT;
1558 P->status.pr_lwp.pr_what = SYS_execve;
1559 P->status.pr_lwp.pr_errno = 0;
1560 return (-1);
1561 }
1562
1563 /*
1564 * The process should be stopped on exec (REQUESTED)
1565 * or else should be stopped on exit from exec() (SYSEXIT)
1566 */
1567 if (P->state == PS_STOP &&
1568 (P->status.pr_lwp.pr_why == PR_REQUESTED ||
1569 (P->status.pr_lwp.pr_why == PR_SYSEXIT &&
1570 P->status.pr_lwp.pr_what == SYS_execve))) {
1571 /* fake up stop-on-exit-from-execve */
1572 if (P->status.pr_lwp.pr_why == PR_REQUESTED) {
1573 P->status.pr_lwp.pr_why = PR_SYSEXIT;
1574 P->status.pr_lwp.pr_what = SYS_execve;
1575 P->status.pr_lwp.pr_errno = 0;
1576 }
1577 } else {
1578 dprintf("Preopen: expected REQUESTED or "
1579 "SYSEXIT(SYS_execve) stop\n");
1580 }
1581
1582 return (0);
1583 }
1584
1585 /*
1586 * Define all settable flags other than the microstate accounting flags.
1587 */
1588 #define ALL_SETTABLE_FLAGS (PR_FORK|PR_RLC|PR_KLC|PR_ASYNC|PR_BPTADJ|PR_PTRACE)
1589
1590 /*
1591 * Restore /proc tracing flags to their original values
1592 * in preparation for releasing the process.
1593 * Also called by Pcreate() to clear all tracing flags.
1594 */
1595 static void
1596 restore_tracing_flags(struct ps_prochandle *P)
1597 {
1598 long flags;
1599 long cmd[4];
1600 iovec_t iov[8];
1601
1602 if (P->flags & CREATED) {
1603 /* we created this process; clear all tracing flags */
1604 premptyset(&P->status.pr_sigtrace);
1605 premptyset(&P->status.pr_flttrace);
1606 premptyset(&P->status.pr_sysentry);
1607 premptyset(&P->status.pr_sysexit);
1608 if ((P->status.pr_flags & ALL_SETTABLE_FLAGS) != 0)
1609 (void) Punsetflags(P, ALL_SETTABLE_FLAGS);
1610 } else {
1611 /* we grabbed the process; restore its tracing flags */
1612 P->status.pr_sigtrace = P->orig_status.pr_sigtrace;
1613 P->status.pr_flttrace = P->orig_status.pr_flttrace;
1614 P->status.pr_sysentry = P->orig_status.pr_sysentry;
1615 P->status.pr_sysexit = P->orig_status.pr_sysexit;
1616 if ((P->status.pr_flags & ALL_SETTABLE_FLAGS) !=
1617 (flags = (P->orig_status.pr_flags & ALL_SETTABLE_FLAGS))) {
1618 (void) Punsetflags(P, ALL_SETTABLE_FLAGS);
1619 if (flags)
1620 (void) Psetflags(P, flags);
1621 }
1622 }
1623
1624 cmd[0] = PCSTRACE;
1625 iov[0].iov_base = (caddr_t)&cmd[0];
1626 iov[0].iov_len = sizeof (long);
1627 iov[1].iov_base = (caddr_t)&P->status.pr_sigtrace;
1628 iov[1].iov_len = sizeof (P->status.pr_sigtrace);
1629
1630 cmd[1] = PCSFAULT;
1631 iov[2].iov_base = (caddr_t)&cmd[1];
1632 iov[2].iov_len = sizeof (long);
1633 iov[3].iov_base = (caddr_t)&P->status.pr_flttrace;
1634 iov[3].iov_len = sizeof (P->status.pr_flttrace);
1635
1636 cmd[2] = PCSENTRY;
1637 iov[4].iov_base = (caddr_t)&cmd[2];
1638 iov[4].iov_len = sizeof (long);
1639 iov[5].iov_base = (caddr_t)&P->status.pr_sysentry;
1640 iov[5].iov_len = sizeof (P->status.pr_sysentry);
1641
1642 cmd[3] = PCSEXIT;
1643 iov[6].iov_base = (caddr_t)&cmd[3];
1644 iov[6].iov_len = sizeof (long);
1645 iov[7].iov_base = (caddr_t)&P->status.pr_sysexit;
1646 iov[7].iov_len = sizeof (P->status.pr_sysexit);
1647
1648 (void) writev(P->ctlfd, iov, 8);
1649
1650 P->flags &= ~(SETSIG|SETFAULT|SETENTRY|SETEXIT);
1651 }
1652
1653 /*
1654 * Release the process. Frees the process control structure.
1655 * flags:
1656 * PRELEASE_CLEAR Clear all tracing flags.
1657 * PRELEASE_RETAIN Retain current tracing flags.
1658 * PRELEASE_HANG Leave the process stopped and abandoned.
1659 * PRELEASE_KILL Terminate the process with SIGKILL.
1660 */
1661 void
1662 Prelease(struct ps_prochandle *P, int flags)
1663 {
1664 if (P->state == PS_DEAD) {
1665 dprintf("Prelease: releasing handle %p PS_DEAD of pid %d\n",
1666 (void *)P, (int)P->pid);
1667 Pfree(P);
1668 return;
1669 }
1670
1671 if (P->state == PS_IDLE) {
1672 file_info_t *fptr = list_next(&P->file_head);
1673 dprintf("Prelease: releasing handle %p PS_IDLE of file %s\n",
1674 (void *)P, fptr->file_pname);
1675 Pfree(P);
1676 return;
1677 }
1678
1679 dprintf("Prelease: releasing handle %p pid %d\n",
1680 (void *)P, (int)P->pid);
1681
1682 if (P->ctlfd == -1) {
1683 Pfree(P);
1684 return;
1685 }
1686
1687 if (P->agentcnt > 0) {
1688 P->agentcnt = 1;
1689 Pdestroy_agent(P);
1690 }
1691
1692 /*
1693 * Attempt to stop the process.
1694 */
1695 P->state = PS_RUN;
1696 (void) Pstop(P, 1000);
1697
1698 if (flags & PRELEASE_KILL) {
1699 if (P->state == PS_STOP)
1700 (void) Psetrun(P, SIGKILL, 0);
1701 (void) kill(P->pid, SIGKILL);
1702 Pfree(P);
1703 return;
1704 }
1705
1706 /*
1707 * If we lost control, all we can do now is close the files.
1708 * In this case, the last close sets the process running.
1709 */
1710 if (P->state != PS_STOP &&
1711 (P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) == 0) {
1712 Pfree(P);
1713 return;
1714 }
1715
1716 /*
1717 * We didn't lose control; we do more.
1718 */
1719 Psync(P);
1720
1721 if (flags & PRELEASE_CLEAR)
1722 P->flags |= CREATED;
1723
1724 if (!(flags & PRELEASE_RETAIN))
1725 restore_tracing_flags(P);
1726
1727 if (flags & PRELEASE_HANG) {
1728 /* Leave the process stopped and abandoned */
1729 (void) Punsetflags(P, PR_RLC|PR_KLC);
1730 Pfree(P);
1731 return;
1732 }
1733
1734 /*
1735 * Set the process running if we created it or if it was
1736 * not originally stopped or directed to stop via /proc
1737 * or if we were given the PRELEASE_CLEAR flag.
1738 */
1739 if ((P->flags & CREATED) ||
1740 (P->orig_status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) == 0) {
1741 (void) Psetflags(P, PR_RLC);
1742 /*
1743 * We do this repeatedly because the process may have
1744 * more than one LWP stopped on an event of interest.
1745 * This makes sure all of them are set running.
1746 */
1747 do {
1748 if (Psetrun(P, 0, 0) == -1 && errno == EBUSY)
1749 break; /* Agent LWP may be stuck */
1750 } while (Pstopstatus(P, PCNULL, 0) == 0 &&
1751 P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP));
1752
1753 if (P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP))
1754 dprintf("Prelease: failed to set process running\n");
1755 }
1756
1757 Pfree(P);
1758 }
1759
1760 /* debugging */
1761 void
1762 prldump(const char *caller, lwpstatus_t *lsp)
1763 {
1764 char name[32];
1765 uint32_t bits;
1766
1767 switch (lsp->pr_why) {
1768 case PR_REQUESTED:
1769 dprintf("%s: REQUESTED\n", caller);
1770 break;
1771 case PR_SIGNALLED:
1772 dprintf("%s: SIGNALLED %s\n", caller,
1773 proc_signame(lsp->pr_what, name, sizeof (name)));
1774 break;
1775 case PR_FAULTED:
1776 dprintf("%s: FAULTED %s\n", caller,
1777 proc_fltname(lsp->pr_what, name, sizeof (name)));
1778 break;
1779 case PR_SYSENTRY:
1780 dprintf("%s: SYSENTRY %s\n", caller,
1781 proc_sysname(lsp->pr_what, name, sizeof (name)));
1782 break;
1783 case PR_SYSEXIT:
1784 dprintf("%s: SYSEXIT %s\n", caller,
1785 proc_sysname(lsp->pr_what, name, sizeof (name)));
1786 break;
1787 case PR_JOBCONTROL:
1788 dprintf("%s: JOBCONTROL %s\n", caller,
1789 proc_signame(lsp->pr_what, name, sizeof (name)));
1790 break;
1791 case PR_SUSPENDED:
1792 dprintf("%s: SUSPENDED\n", caller);
1793 break;
1794 default:
1795 dprintf("%s: Unknown\n", caller);
1796 break;
1797 }
1798
1799 if (lsp->pr_cursig)
1800 dprintf("%s: p_cursig = %d\n", caller, lsp->pr_cursig);
1801
1802 bits = *((uint32_t *)&lsp->pr_lwppend);
1803 if (bits)
1804 dprintf("%s: pr_lwppend = 0x%.8X\n", caller, bits);
1805 }
1806
1807 /* debugging */
1808 static void
1809 prdump(struct ps_prochandle *P)
1810 {
1811 uint32_t bits;
1812
1813 prldump("Pstopstatus", &P->status.pr_lwp);
1814
1815 bits = *((uint32_t *)&P->status.pr_sigpend);
1816 if (bits)
1817 dprintf("Pstopstatus: pr_sigpend = 0x%.8X\n", bits);
1818 }
1819
1820 /*
1821 * Wait for the specified process to stop or terminate.
1822 * Or, just get the current status (PCNULL).
1823 * Or, direct it to stop and get the current status (PCDSTOP).
1824 * If the agent LWP exists, do these things to the agent,
1825 * else do these things to the process as a whole.
1826 */
1827 int
1828 Pstopstatus(struct ps_prochandle *P,
1829 long request, /* PCNULL, PCDSTOP, PCSTOP, PCWSTOP */
1830 uint_t msec) /* if non-zero, timeout in milliseconds */
1831 {
1832 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
1833 long ctl[3];
1834 ssize_t rc;
1835 int err;
1836 int old_state = P->state;
1837
1838 switch (P->state) {
1839 case PS_RUN:
1840 break;
1841 case PS_STOP:
1842 if (request != PCNULL && request != PCDSTOP)
1843 return (0);
1844 break;
1845 case PS_LOST:
1846 if (request != PCNULL) {
1847 errno = EAGAIN;
1848 return (-1);
1849 }
1850 break;
1851 case PS_UNDEAD:
1852 case PS_DEAD:
1853 case PS_IDLE:
1854 if (request != PCNULL) {
1855 errno = ENOENT;
1856 return (-1);
1857 }
1858 break;
1859 default: /* corrupted state */
1860 dprintf("Pstopstatus: corrupted state: %d\n", P->state);
1861 errno = EINVAL;
1862 return (-1);
1863 }
1864
1865 ctl[0] = PCDSTOP;
1866 ctl[1] = PCTWSTOP;
1867 ctl[2] = (long)msec;
1868 rc = 0;
1869 switch (request) {
1870 case PCSTOP:
1871 rc = write(ctlfd, &ctl[0], 3*sizeof (long));
1872 break;
1873 case PCWSTOP:
1874 rc = write(ctlfd, &ctl[1], 2*sizeof (long));
1875 break;
1876 case PCDSTOP:
1877 rc = write(ctlfd, &ctl[0], 1*sizeof (long));
1878 break;
1879 case PCNULL:
1880 if (P->state == PS_DEAD || P->state == PS_IDLE)
1881 return (0);
1882 break;
1883 default: /* programming error */
1884 errno = EINVAL;
1885 return (-1);
1886 }
1887 err = (rc < 0)? errno : 0;
1888 Psync(P);
1889
1890 if (P->agentstatfd < 0) {
1891 if (pread(P->statfd, &P->status,
1892 sizeof (P->status), (off_t)0) < 0)
1893 err = errno;
1894 } else {
1895 if (pread(P->agentstatfd, &P->status.pr_lwp,
1896 sizeof (P->status.pr_lwp), (off_t)0) < 0)
1897 err = errno;
1898 P->status.pr_flags = P->status.pr_lwp.pr_flags;
1899 }
1900
1901 if (err) {
1902 switch (err) {
1903 case EINTR: /* user typed ctl-C */
1904 case ERESTART:
1905 dprintf("Pstopstatus: EINTR\n");
1906 break;
1907 case EAGAIN: /* we lost control of the the process */
1908 case EOVERFLOW:
1909 dprintf("Pstopstatus: PS_LOST, errno=%d\n", err);
1910 P->state = PS_LOST;
1911 break;
1912 default: /* check for dead process */
1913 if (_libproc_debug) {
1914 const char *errstr;
1915
1916 switch (request) {
1917 case PCNULL:
1918 errstr = "Pstopstatus PCNULL"; break;
1919 case PCSTOP:
1920 errstr = "Pstopstatus PCSTOP"; break;
1921 case PCDSTOP:
1922 errstr = "Pstopstatus PCDSTOP"; break;
1923 case PCWSTOP:
1924 errstr = "Pstopstatus PCWSTOP"; break;
1925 default:
1926 errstr = "Pstopstatus PC???"; break;
1927 }
1928 dprintf("%s: %s\n", errstr, strerror(err));
1929 }
1930 deadcheck(P);
1931 break;
1932 }
1933 if (err != EINTR && err != ERESTART) {
1934 errno = err;
1935 return (-1);
1936 }
1937 }
1938
1939 if (!(P->status.pr_flags & PR_STOPPED)) {
1940 P->state = PS_RUN;
1941 if (request == PCNULL || request == PCDSTOP || msec != 0)
1942 return (0);
1943 dprintf("Pstopstatus: process is not stopped\n");
1944 errno = EPROTO;
1945 return (-1);
1946 }
1947
1948 P->state = PS_STOP;
1949
1950 if (_libproc_debug) /* debugging */
1951 prdump(P);
1952
1953 /*
1954 * If the process was already stopped coming into Pstopstatus(),
1955 * then don't use its PC to set P->sysaddr since it may have been
1956 * changed since the time the process originally stopped.
1957 */
1958 if (old_state == PS_STOP)
1959 return (0);
1960
1961 switch (P->status.pr_lwp.pr_why) {
1962 case PR_SYSENTRY:
1963 case PR_SYSEXIT:
1964 if (Pissyscall_prev(P, P->status.pr_lwp.pr_reg[R_PC],
1965 &P->sysaddr) == 0)
1966 P->sysaddr = P->status.pr_lwp.pr_reg[R_PC];
1967 break;
1968 case PR_REQUESTED:
1969 case PR_SIGNALLED:
1970 case PR_FAULTED:
1971 case PR_JOBCONTROL:
1972 case PR_SUSPENDED:
1973 break;
1974 default:
1975 errno = EPROTO;
1976 return (-1);
1977 }
1978
1979 return (0);
1980 }
1981
1982 /*
1983 * Wait for the process to stop for any reason.
1984 */
1985 int
1986 Pwait(struct ps_prochandle *P, uint_t msec)
1987 {
1988 return (Pstopstatus(P, PCWSTOP, msec));
1989 }
1990
1991 /*
1992 * Direct the process to stop; wait for it to stop.
1993 */
1994 int
1995 Pstop(struct ps_prochandle *P, uint_t msec)
1996 {
1997 return (Pstopstatus(P, PCSTOP, msec));
1998 }
1999
2000 /*
2001 * Direct the process to stop; don't wait.
2002 */
2003 int
2004 Pdstop(struct ps_prochandle *P)
2005 {
2006 return (Pstopstatus(P, PCDSTOP, 0));
2007 }
2008
2009 static void
2010 deadcheck(struct ps_prochandle *P)
2011 {
2012 int fd;
2013 void *buf;
2014 size_t size;
2015
2016 if (P->statfd < 0)
2017 P->state = PS_UNDEAD;
2018 else {
2019 if (P->agentstatfd < 0) {
2020 fd = P->statfd;
2021 buf = &P->status;
2022 size = sizeof (P->status);
2023 } else {
2024 fd = P->agentstatfd;
2025 buf = &P->status.pr_lwp;
2026 size = sizeof (P->status.pr_lwp);
2027 }
2028 while (pread(fd, buf, size, (off_t)0) != size) {
2029 switch (errno) {
2030 default:
2031 P->state = PS_UNDEAD;
2032 break;
2033 case EINTR:
2034 case ERESTART:
2035 continue;
2036 case EAGAIN:
2037 P->state = PS_LOST;
2038 break;
2039 }
2040 break;
2041 }
2042 P->status.pr_flags = P->status.pr_lwp.pr_flags;
2043 }
2044 }
2045
2046 /*
2047 * Get the value of one register from stopped process.
2048 */
2049 int
2050 Pgetareg(struct ps_prochandle *P, int regno, prgreg_t *preg)
2051 {
2052 if (regno < 0 || regno >= NPRGREG) {
2053 errno = EINVAL;
2054 return (-1);
2055 }
2056
2057 if (P->state == PS_IDLE) {
2058 errno = ENODATA;
2059 return (-1);
2060 }
2061
2062 if (P->state != PS_STOP && P->state != PS_DEAD) {
2063 errno = EBUSY;
2064 return (-1);
2065 }
2066
2067 *preg = P->status.pr_lwp.pr_reg[regno];
2068 return (0);
2069 }
2070
2071 /*
2072 * Put value of one register into stopped process.
2073 */
2074 int
2075 Pputareg(struct ps_prochandle *P, int regno, prgreg_t reg)
2076 {
2077 if (regno < 0 || regno >= NPRGREG) {
2078 errno = EINVAL;
2079 return (-1);
2080 }
2081
2082 if (P->state != PS_STOP) {
2083 errno = EBUSY;
2084 return (-1);
2085 }
2086
2087 P->status.pr_lwp.pr_reg[regno] = reg;
2088 P->flags |= SETREGS; /* set registers before continuing */
2089 return (0);
2090 }
2091
2092 int
2093 Psetrun(struct ps_prochandle *P,
2094 int sig, /* signal to pass to process */
2095 int flags) /* PRSTEP|PRSABORT|PRSTOP|PRCSIG|PRCFAULT */
2096 {
2097 int ctlfd = (P->agentctlfd >= 0) ? P->agentctlfd : P->ctlfd;
2098 int sbits = (PR_DSTOP | PR_ISTOP | PR_ASLEEP);
2099
2100 long ctl[1 + /* PCCFAULT */
2101 1 + sizeof (siginfo_t)/sizeof (long) + /* PCSSIG/PCCSIG */
2102 2 ]; /* PCRUN */
2103
2104 long *ctlp = ctl;
2105 size_t size;
2106
2107 if (P->state != PS_STOP && (P->status.pr_lwp.pr_flags & sbits) == 0) {
2108 errno = EBUSY;
2109 return (-1);
2110 }
2111
2112 Psync(P); /* flush tracing flags and registers */
2113
2114 if (flags & PRCFAULT) { /* clear current fault */
2115 *ctlp++ = PCCFAULT;
2116 flags &= ~PRCFAULT;
2117 }
2118
2119 if (flags & PRCSIG) { /* clear current signal */
2120 *ctlp++ = PCCSIG;
2121 flags &= ~PRCSIG;
2122 } else if (sig && sig != P->status.pr_lwp.pr_cursig) {
2123 /* make current signal */
2124 siginfo_t *infop;
2125
2126 *ctlp++ = PCSSIG;
2127 infop = (siginfo_t *)ctlp;
2128 (void) memset(infop, 0, sizeof (*infop));
2129 infop->si_signo = sig;
2130 ctlp += sizeof (siginfo_t) / sizeof (long);
2131 }
2132
2133 *ctlp++ = PCRUN;
2134 *ctlp++ = flags;
2135 size = (char *)ctlp - (char *)ctl;
2136
2137 P->info_valid = 0; /* will need to update map and file info */
2138
2139 /*
2140 * If we've cached ucontext-list information while we were stopped,
2141 * free it now.
2142 */
2143 if (P->ucaddrs != NULL) {
2144 free(P->ucaddrs);
2145 P->ucaddrs = NULL;
2146 P->ucnelems = 0;
2147 }
2148
2149 if (write(ctlfd, ctl, size) != size) {
2150 /* If it is dead or lost, return the real status, not PS_RUN */
2151 if (errno == ENOENT || errno == EAGAIN) {
2152 (void) Pstopstatus(P, PCNULL, 0);
2153 return (0);
2154 }
2155 /* If it is not in a jobcontrol stop, issue an error message */
2156 if (errno != EBUSY ||
2157 P->status.pr_lwp.pr_why != PR_JOBCONTROL) {
2158 dprintf("Psetrun: %s\n", strerror(errno));
2159 return (-1);
2160 }
2161 /* Otherwise pretend that the job-stopped process is running */
2162 }
2163
2164 P->state = PS_RUN;
2165 return (0);
2166 }
2167
2168 ssize_t
2169 Pread(struct ps_prochandle *P,
2170 void *buf, /* caller's buffer */
2171 size_t nbyte, /* number of bytes to read */
2172 uintptr_t address) /* address in process */
2173 {
2174 return (P->ops.pop_pread(P, buf, nbyte, address, P->data));
2175 }
2176
2177 ssize_t
2178 Pread_string(struct ps_prochandle *P,
2179 char *buf, /* caller's buffer */
2180 size_t size, /* upper limit on bytes to read */
2181 uintptr_t addr) /* address in process */
2182 {
2183 enum { STRSZ = 40 };
2184 char string[STRSZ + 1];
2185 ssize_t leng = 0;
2186 int nbyte;
2187
2188 if (size < 2) {
2189 errno = EINVAL;
2190 return (-1);
2191 }
2192
2193 size--; /* ensure trailing null fits in buffer */
2194
2195 *buf = '\0';
2196 string[STRSZ] = '\0';
2197
2198 for (nbyte = STRSZ; nbyte == STRSZ && leng < size; addr += STRSZ) {
2199 if ((nbyte = P->ops.pop_pread(P, string, STRSZ, addr,
2200 P->data)) <= 0) {
2201 buf[leng] = '\0';
2202 return (leng ? leng : -1);
2203 }
2204 if ((nbyte = strlen(string)) > 0) {
2205 if (leng + nbyte > size)
2206 nbyte = size - leng;
2207 (void) strncpy(buf + leng, string, nbyte);
2208 leng += nbyte;
2209 }
2210 }
2211 buf[leng] = '\0';
2212 return (leng);
2213 }
2214
2215 ssize_t
2216 Pwrite(struct ps_prochandle *P,
2217 const void *buf, /* caller's buffer */
2218 size_t nbyte, /* number of bytes to write */
2219 uintptr_t address) /* address in process */
2220 {
2221 return (P->ops.pop_pwrite(P, buf, nbyte, address, P->data));
2222 }
2223
2224 int
2225 Pclearsig(struct ps_prochandle *P)
2226 {
2227 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2228 long ctl = PCCSIG;
2229
2230 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
2231 return (-1);
2232 P->status.pr_lwp.pr_cursig = 0;
2233 return (0);
2234 }
2235
2236 int
2237 Pclearfault(struct ps_prochandle *P)
2238 {
2239 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2240 long ctl = PCCFAULT;
2241
2242 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
2243 return (-1);
2244 return (0);
2245 }
2246
2247 /*
2248 * Set a breakpoint trap, return original instruction.
2249 */
2250 int
2251 Psetbkpt(struct ps_prochandle *P, uintptr_t address, ulong_t *saved)
2252 {
2253 long ctl[1 + sizeof (priovec_t) / sizeof (long) + /* PCREAD */
2254 1 + sizeof (priovec_t) / sizeof (long)]; /* PCWRITE */
2255 long *ctlp = ctl;
2256 size_t size;
2257 priovec_t *iovp;
2258 instr_t bpt = BPT;
2259 instr_t old;
2260
2261 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2262 P->state == PS_IDLE) {
2263 errno = ENOENT;
2264 return (-1);
2265 }
2266
2267 /* fetch the old instruction */
2268 *ctlp++ = PCREAD;
2269 iovp = (priovec_t *)ctlp;
2270 iovp->pio_base = &old;
2271 iovp->pio_len = sizeof (old);
2272 iovp->pio_offset = address;
2273 ctlp += sizeof (priovec_t) / sizeof (long);
2274
2275 /* write the BPT instruction */
2276 *ctlp++ = PCWRITE;
2277 iovp = (priovec_t *)ctlp;
2278 iovp->pio_base = &bpt;
2279 iovp->pio_len = sizeof (bpt);
2280 iovp->pio_offset = address;
2281 ctlp += sizeof (priovec_t) / sizeof (long);
2282
2283 size = (char *)ctlp - (char *)ctl;
2284 if (write(P->ctlfd, ctl, size) != size)
2285 return (-1);
2286
2287 /*
2288 * Fail if there was already a breakpoint there from another debugger
2289 * or DTrace's user-level tracing on x86.
2290 */
2291 if (old == BPT) {
2292 errno = EBUSY;
2293 return (-1);
2294 }
2295
2296 *saved = (ulong_t)old;
2297 return (0);
2298 }
2299
2300 /*
2301 * Restore original instruction where a breakpoint was set.
2302 */
2303 int
2304 Pdelbkpt(struct ps_prochandle *P, uintptr_t address, ulong_t saved)
2305 {
2306 instr_t old = (instr_t)saved;
2307 instr_t cur;
2308
2309 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2310 P->state == PS_IDLE) {
2311 errno = ENOENT;
2312 return (-1);
2313 }
2314
2315 /*
2316 * If the breakpoint instruction we had placed has been overwritten
2317 * with a new instruction, then don't try to replace it with the
2318 * old instruction. Doing do can cause problems with self-modifying
2319 * code -- PLTs for example. If the Pread() fails, we assume that we
2320 * should proceed though most likely the Pwrite() will also fail.
2321 */
2322 if (Pread(P, &cur, sizeof (cur), address) == sizeof (cur) &&
2323 cur != BPT)
2324 return (0);
2325
2326 if (Pwrite(P, &old, sizeof (old), address) != sizeof (old))
2327 return (-1);
2328
2329 return (0);
2330 }
2331
2332 /*
2333 * Common code for Pxecbkpt() and Lxecbkpt().
2334 * Develop the array of requests that will do the job, then
2335 * write them to the specified control file descriptor.
2336 * Return the non-zero errno if the write fails.
2337 */
2338 static int
2339 execute_bkpt(
2340 int ctlfd, /* process or LWP control file descriptor */
2341 const fltset_t *faultset, /* current set of traced faults */
2342 const sigset_t *sigmask, /* current signal mask */
2343 uintptr_t address, /* address of breakpint */
2344 ulong_t saved) /* the saved instruction */
2345 {
2346 long ctl[
2347 1 + sizeof (sigset_t) / sizeof (long) + /* PCSHOLD */
2348 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2349 1 + sizeof (priovec_t) / sizeof (long) + /* PCWRITE */
2350 2 + /* PCRUN */
2351 1 + /* PCWSTOP */
2352 1 + /* PCCFAULT */
2353 1 + sizeof (priovec_t) / sizeof (long) + /* PCWRITE */
2354 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2355 1 + sizeof (sigset_t) / sizeof (long)]; /* PCSHOLD */
2356 long *ctlp = ctl;
2357 sigset_t unblock;
2358 size_t size;
2359 ssize_t ssize;
2360 priovec_t *iovp;
2361 sigset_t *holdp;
2362 fltset_t *faultp;
2363 instr_t old = (instr_t)saved;
2364 instr_t bpt = BPT;
2365 int error = 0;
2366
2367 /* block our signals for the duration */
2368 (void) sigprocmask(SIG_BLOCK, &blockable_sigs, &unblock);
2369
2370 /* hold posted signals */
2371 *ctlp++ = PCSHOLD;
2372 holdp = (sigset_t *)ctlp;
2373 prfillset(holdp);
2374 prdelset(holdp, SIGKILL);
2375 prdelset(holdp, SIGSTOP);
2376 ctlp += sizeof (sigset_t) / sizeof (long);
2377
2378 /* force tracing of FLTTRACE */
2379 if (!(prismember(faultset, FLTTRACE))) {
2380 *ctlp++ = PCSFAULT;
2381 faultp = (fltset_t *)ctlp;
2382 *faultp = *faultset;
2383 praddset(faultp, FLTTRACE);
2384 ctlp += sizeof (fltset_t) / sizeof (long);
2385 }
2386
2387 /* restore the old instruction */
2388 *ctlp++ = PCWRITE;
2389 iovp = (priovec_t *)ctlp;
2390 iovp->pio_base = &old;
2391 iovp->pio_len = sizeof (old);
2392 iovp->pio_offset = address;
2393 ctlp += sizeof (priovec_t) / sizeof (long);
2394
2395 /* clear current signal and fault; set running w/ single-step */
2396 *ctlp++ = PCRUN;
2397 *ctlp++ = PRCSIG | PRCFAULT | PRSTEP;
2398
2399 /* wait for stop, cancel the fault */
2400 *ctlp++ = PCWSTOP;
2401 *ctlp++ = PCCFAULT;
2402
2403 /* restore the breakpoint trap */
2404 *ctlp++ = PCWRITE;
2405 iovp = (priovec_t *)ctlp;
2406 iovp->pio_base = &bpt;
2407 iovp->pio_len = sizeof (bpt);
2408 iovp->pio_offset = address;
2409 ctlp += sizeof (priovec_t) / sizeof (long);
2410
2411 /* restore fault tracing set */
2412 if (!(prismember(faultset, FLTTRACE))) {
2413 *ctlp++ = PCSFAULT;
2414 *(fltset_t *)ctlp = *faultset;
2415 ctlp += sizeof (fltset_t) / sizeof (long);
2416 }
2417
2418 /* restore the hold mask */
2419 *ctlp++ = PCSHOLD;
2420 *(sigset_t *)ctlp = *sigmask;
2421 ctlp += sizeof (sigset_t) / sizeof (long);
2422
2423 size = (char *)ctlp - (char *)ctl;
2424 if ((ssize = write(ctlfd, ctl, size)) != size)
2425 error = (ssize == -1)? errno : EINTR;
2426 (void) sigprocmask(SIG_SETMASK, &unblock, NULL);
2427 return (error);
2428 }
2429
2430 /*
2431 * Step over a breakpoint, i.e., execute the instruction that
2432 * really belongs at the breakpoint location (the current %pc)
2433 * and leave the process stopped at the next instruction.
2434 */
2435 int
2436 Pxecbkpt(struct ps_prochandle *P, ulong_t saved)
2437 {
2438 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2439 int rv, error;
2440
2441 if (P->state != PS_STOP) {
2442 errno = EBUSY;
2443 return (-1);
2444 }
2445
2446 Psync(P);
2447
2448 error = execute_bkpt(ctlfd,
2449 &P->status.pr_flttrace, &P->status.pr_lwp.pr_lwphold,
2450 P->status.pr_lwp.pr_reg[R_PC], saved);
2451 rv = Pstopstatus(P, PCNULL, 0);
2452
2453 if (error != 0) {
2454 if (P->status.pr_lwp.pr_why == PR_JOBCONTROL &&
2455 error == EBUSY) { /* jobcontrol stop -- back off */
2456 P->state = PS_RUN;
2457 return (0);
2458 }
2459 if (error == ENOENT)
2460 return (0);
2461 errno = error;
2462 return (-1);
2463 }
2464
2465 return (rv);
2466 }
2467
2468 /*
2469 * Install the watchpoint described by wp.
2470 */
2471 int
2472 Psetwapt(struct ps_prochandle *P, const prwatch_t *wp)
2473 {
2474 long ctl[1 + sizeof (prwatch_t) / sizeof (long)];
2475 prwatch_t *cwp = (prwatch_t *)&ctl[1];
2476
2477 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2478 P->state == PS_IDLE) {
2479 errno = ENOENT;
2480 return (-1);
2481 }
2482
2483 ctl[0] = PCWATCH;
2484 cwp->pr_vaddr = wp->pr_vaddr;
2485 cwp->pr_size = wp->pr_size;
2486 cwp->pr_wflags = wp->pr_wflags;
2487
2488 if (write(P->ctlfd, ctl, sizeof (ctl)) != sizeof (ctl))
2489 return (-1);
2490
2491 return (0);
2492 }
2493
2494 /*
2495 * Remove the watchpoint described by wp.
2496 */
2497 int
2498 Pdelwapt(struct ps_prochandle *P, const prwatch_t *wp)
2499 {
2500 long ctl[1 + sizeof (prwatch_t) / sizeof (long)];
2501 prwatch_t *cwp = (prwatch_t *)&ctl[1];
2502
2503 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2504 P->state == PS_IDLE) {
2505 errno = ENOENT;
2506 return (-1);
2507 }
2508
2509 ctl[0] = PCWATCH;
2510 cwp->pr_vaddr = wp->pr_vaddr;
2511 cwp->pr_size = wp->pr_size;
2512 cwp->pr_wflags = 0;
2513
2514 if (write(P->ctlfd, ctl, sizeof (ctl)) != sizeof (ctl))
2515 return (-1);
2516
2517 return (0);
2518 }
2519
2520 /*
2521 * Common code for Pxecwapt() and Lxecwapt(). Develop the array of requests
2522 * that will do the job, then write them to the specified control file
2523 * descriptor. Return the non-zero errno if the write fails.
2524 */
2525 static int
2526 execute_wapt(
2527 int ctlfd, /* process or LWP control file descriptor */
2528 const fltset_t *faultset, /* current set of traced faults */
2529 const sigset_t *sigmask, /* current signal mask */
2530 const prwatch_t *wp) /* watchpoint descriptor */
2531 {
2532 long ctl[
2533 1 + sizeof (sigset_t) / sizeof (long) + /* PCSHOLD */
2534 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2535 1 + sizeof (prwatch_t) / sizeof (long) + /* PCWATCH */
2536 2 + /* PCRUN */
2537 1 + /* PCWSTOP */
2538 1 + /* PCCFAULT */
2539 1 + sizeof (prwatch_t) / sizeof (long) + /* PCWATCH */
2540 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2541 1 + sizeof (sigset_t) / sizeof (long)]; /* PCSHOLD */
2542
2543 long *ctlp = ctl;
2544 int error = 0;
2545
2546 sigset_t unblock;
2547 sigset_t *holdp;
2548 fltset_t *faultp;
2549 prwatch_t *prw;
2550 ssize_t ssize;
2551 size_t size;
2552
2553 (void) sigprocmask(SIG_BLOCK, &blockable_sigs, &unblock);
2554
2555 /*
2556 * Hold all posted signals in the victim process prior to stepping.
2557 */
2558 *ctlp++ = PCSHOLD;
2559 holdp = (sigset_t *)ctlp;
2560 prfillset(holdp);
2561 prdelset(holdp, SIGKILL);
2562 prdelset(holdp, SIGSTOP);
2563 ctlp += sizeof (sigset_t) / sizeof (long);
2564
2565 /*
2566 * Force tracing of FLTTRACE since we need to single step.
2567 */
2568 if (!(prismember(faultset, FLTTRACE))) {
2569 *ctlp++ = PCSFAULT;
2570 faultp = (fltset_t *)ctlp;
2571 *faultp = *faultset;
2572 praddset(faultp, FLTTRACE);
2573 ctlp += sizeof (fltset_t) / sizeof (long);
2574 }
2575
2576 /*
2577 * Clear only the current watchpoint by setting pr_wflags to zero.
2578 */
2579 *ctlp++ = PCWATCH;
2580 prw = (prwatch_t *)ctlp;
2581 prw->pr_vaddr = wp->pr_vaddr;
2582 prw->pr_size = wp->pr_size;
2583 prw->pr_wflags = 0;
2584 ctlp += sizeof (prwatch_t) / sizeof (long);
2585
2586 /*
2587 * Clear the current signal and fault; set running with single-step.
2588 * Then wait for the victim to stop and cancel the FLTTRACE.
2589 */
2590 *ctlp++ = PCRUN;
2591 *ctlp++ = PRCSIG | PRCFAULT | PRSTEP;
2592 *ctlp++ = PCWSTOP;
2593 *ctlp++ = PCCFAULT;
2594
2595 /*
2596 * Restore the current watchpoint.
2597 */
2598 *ctlp++ = PCWATCH;
2599 (void) memcpy(ctlp, wp, sizeof (prwatch_t));
2600 ctlp += sizeof (prwatch_t) / sizeof (long);
2601
2602 /*
2603 * Restore fault tracing set if we modified it.
2604 */
2605 if (!(prismember(faultset, FLTTRACE))) {
2606 *ctlp++ = PCSFAULT;
2607 *(fltset_t *)ctlp = *faultset;
2608 ctlp += sizeof (fltset_t) / sizeof (long);
2609 }
2610
2611 /*
2612 * Restore the hold mask to the current hold mask (i.e. the one
2613 * before we executed any of the previous operations).
2614 */
2615 *ctlp++ = PCSHOLD;
2616 *(sigset_t *)ctlp = *sigmask;
2617 ctlp += sizeof (sigset_t) / sizeof (long);
2618
2619 size = (char *)ctlp - (char *)ctl;
2620 if ((ssize = write(ctlfd, ctl, size)) != size)
2621 error = (ssize == -1)? errno : EINTR;
2622 (void) sigprocmask(SIG_SETMASK, &unblock, NULL);
2623 return (error);
2624 }
2625
2626 /*
2627 * Step over a watchpoint, i.e., execute the instruction that was stopped by
2628 * the watchpoint, and then leave the LWP stopped at the next instruction.
2629 */
2630 int
2631 Pxecwapt(struct ps_prochandle *P, const prwatch_t *wp)
2632 {
2633 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2634 int rv, error;
2635
2636 if (P->state != PS_STOP) {
2637 errno = EBUSY;
2638 return (-1);
2639 }
2640
2641 Psync(P);
2642 error = execute_wapt(ctlfd,
2643 &P->status.pr_flttrace, &P->status.pr_lwp.pr_lwphold, wp);
2644 rv = Pstopstatus(P, PCNULL, 0);
2645
2646 if (error != 0) {
2647 if (P->status.pr_lwp.pr_why == PR_JOBCONTROL &&
2648 error == EBUSY) { /* jobcontrol stop -- back off */
2649 P->state = PS_RUN;
2650 return (0);
2651 }
2652 if (error == ENOENT)
2653 return (0);
2654 errno = error;
2655 return (-1);
2656 }
2657
2658 return (rv);
2659 }
2660
2661 int
2662 Psetflags(struct ps_prochandle *P, long flags)
2663 {
2664 int rc;
2665 long ctl[2];
2666
2667 ctl[0] = PCSET;
2668 ctl[1] = flags;
2669
2670 if (write(P->ctlfd, ctl, 2*sizeof (long)) != 2*sizeof (long)) {
2671 rc = -1;
2672 } else {
2673 P->status.pr_flags |= flags;
2674 P->status.pr_lwp.pr_flags |= flags;
2675 rc = 0;
2676 }
2677
2678 return (rc);
2679 }
2680
2681 int
2682 Punsetflags(struct ps_prochandle *P, long flags)
2683 {
2684 int rc;
2685 long ctl[2];
2686
2687 ctl[0] = PCUNSET;
2688 ctl[1] = flags;
2689
2690 if (write(P->ctlfd, ctl, 2*sizeof (long)) != 2*sizeof (long)) {
2691 rc = -1;
2692 } else {
2693 P->status.pr_flags &= ~flags;
2694 P->status.pr_lwp.pr_flags &= ~flags;
2695 rc = 0;
2696 }
2697
2698 return (rc);
2699 }
2700
2701 /*
2702 * Common function to allow clients to manipulate the action to be taken
2703 * on receipt of a signal, receipt of machine fault, entry to a system call,
2704 * or exit from a system call. We make use of our private prset_* functions
2705 * in order to make this code be common. The 'which' parameter identifies
2706 * the code for the event of interest (0 means change the entire set), and
2707 * the 'stop' parameter is a boolean indicating whether the process should
2708 * stop when the event of interest occurs. The previous value is returned
2709 * to the caller; -1 is returned if an error occurred.
2710 */
2711 static int
2712 Psetaction(struct ps_prochandle *P, void *sp, size_t size,
2713 uint_t flag, int max, int which, int stop)
2714 {
2715 int oldval;
2716
2717 if (which < 0 || which > max) {
2718 errno = EINVAL;
2719 return (-1);
2720 }
2721
2722 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2723 P->state == PS_IDLE) {
2724 errno = ENOENT;
2725 return (-1);
2726 }
2727
2728 oldval = prset_ismember(sp, size, which) ? TRUE : FALSE;
2729
2730 if (stop) {
2731 if (which == 0) {
2732 prset_fill(sp, size);
2733 P->flags |= flag;
2734 } else if (!oldval) {
2735 prset_add(sp, size, which);
2736 P->flags |= flag;
2737 }
2738 } else {
2739 if (which == 0) {
2740 prset_empty(sp, size);
2741 P->flags |= flag;
2742 } else if (oldval) {
2743 prset_del(sp, size, which);
2744 P->flags |= flag;
2745 }
2746 }
2747
2748 if (P->state == PS_RUN)
2749 Psync(P);
2750
2751 return (oldval);
2752 }
2753
2754 /*
2755 * Set action on specified signal.
2756 */
2757 int
2758 Psignal(struct ps_prochandle *P, int which, int stop)
2759 {
2760 int oldval;
2761
2762 if (which == SIGKILL && stop != 0) {
2763 errno = EINVAL;
2764 return (-1);
2765 }
2766
2767 oldval = Psetaction(P, &P->status.pr_sigtrace, sizeof (sigset_t),
2768 SETSIG, PRMAXSIG, which, stop);
2769
2770 if (oldval != -1 && which == 0 && stop != 0)
2771 prdelset(&P->status.pr_sigtrace, SIGKILL);
2772
2773 return (oldval);
2774 }
2775
2776 /*
2777 * Set all signal tracing flags.
2778 */
2779 void
2780 Psetsignal(struct ps_prochandle *P, const sigset_t *set)
2781 {
2782 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2783 P->state == PS_IDLE)
2784 return;
2785
2786 P->status.pr_sigtrace = *set;
2787 P->flags |= SETSIG;
2788
2789 if (P->state == PS_RUN)
2790 Psync(P);
2791 }
2792
2793 /*
2794 * Set action on specified fault.
2795 */
2796 int
2797 Pfault(struct ps_prochandle *P, int which, int stop)
2798 {
2799 return (Psetaction(P, &P->status.pr_flttrace, sizeof (fltset_t),
2800 SETFAULT, PRMAXFAULT, which, stop));
2801 }
2802
2803 /*
2804 * Set all machine fault tracing flags.
2805 */
2806 void
2807 Psetfault(struct ps_prochandle *P, const fltset_t *set)
2808 {
2809 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2810 P->state == PS_IDLE)
2811 return;
2812
2813 P->status.pr_flttrace = *set;
2814 P->flags |= SETFAULT;
2815
2816 if (P->state == PS_RUN)
2817 Psync(P);
2818 }
2819
2820 /*
2821 * Set action on specified system call entry.
2822 */
2823 int
2824 Psysentry(struct ps_prochandle *P, int which, int stop)
2825 {
2826 return (Psetaction(P, &P->status.pr_sysentry, sizeof (sysset_t),
2827 SETENTRY, PRMAXSYS, which, stop));
2828 }
2829
2830 /*
2831 * Set all system call entry tracing flags.
2832 */
2833 void
2834 Psetsysentry(struct ps_prochandle *P, const sysset_t *set)
2835 {
2836 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2837 P->state == PS_IDLE)
2838 return;
2839
2840 P->status.pr_sysentry = *set;
2841 P->flags |= SETENTRY;
2842
2843 if (P->state == PS_RUN)
2844 Psync(P);
2845 }
2846
2847 /*
2848 * Set action on specified system call exit.
2849 */
2850 int
2851 Psysexit(struct ps_prochandle *P, int which, int stop)
2852 {
2853 return (Psetaction(P, &P->status.pr_sysexit, sizeof (sysset_t),
2854 SETEXIT, PRMAXSYS, which, stop));
2855 }
2856
2857 /*
2858 * Set all system call exit tracing flags.
2859 */
2860 void
2861 Psetsysexit(struct ps_prochandle *P, const sysset_t *set)
2862 {
2863 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2864 P->state == PS_IDLE)
2865 return;
2866
2867 P->status.pr_sysexit = *set;
2868 P->flags |= SETEXIT;
2869
2870 if (P->state == PS_RUN)
2871 Psync(P);
2872 }
2873
2874 /*
2875 * Utility function to read the contents of a file that contains a
2876 * prheader_t at the start (/proc/pid/lstatus or /proc/pid/lpsinfo).
2877 * Returns a malloc()d buffer or NULL on failure.
2878 */
2879 static prheader_t *
2880 read_lfile(struct ps_prochandle *P, const char *lname)
2881 {
2882 prheader_t *Lhp;
2883 char lpath[PATH_MAX];
2884 struct stat64 statb;
2885 int fd;
2886 size_t size;
2887 ssize_t rval;
2888
2889 (void) snprintf(lpath, sizeof (lpath), "%s/%d/%s", procfs_path,
2890 (int)P->status.pr_pid, lname);
2891 if ((fd = open(lpath, O_RDONLY)) < 0 || fstat64(fd, &statb) != 0) {
2892 if (fd >= 0)
2893 (void) close(fd);
2894 return (NULL);
2895 }
2896
2897 /*
2898 * 'size' is just the initial guess at the buffer size.
2899 * It will have to grow if the number of lwps increases
2900 * while we are looking at the process.
2901 * 'size' must be larger than the actual file size.
2902 */
2903 size = statb.st_size + 32;
2904
2905 for (;;) {
2906 if ((Lhp = malloc(size)) == NULL)
2907 break;
2908 if ((rval = pread(fd, Lhp, size, 0)) < 0 ||
2909 rval <= sizeof (prheader_t)) {
2910 free(Lhp);
2911 Lhp = NULL;
2912 break;
2913 }
2914 if (rval < size)
2915 break;
2916 /* need a bigger buffer */
2917 free(Lhp);
2918 size *= 2;
2919 }
2920
2921 (void) close(fd);
2922 return (Lhp);
2923 }
2924
2925 /*
2926 * LWP iteration interface.
2927 */
2928 int
2929 Plwp_iter(struct ps_prochandle *P, proc_lwp_f *func, void *cd)
2930 {
2931 prheader_t *Lhp;
2932 lwpstatus_t *Lsp;
2933 long nlwp;
2934 int rv;
2935
2936 switch (P->state) {
2937 case PS_RUN:
2938 (void) Pstopstatus(P, PCNULL, 0);
2939 break;
2940
2941 case PS_STOP:
2942 Psync(P);
2943 break;
2944
2945 case PS_IDLE:
2946 errno = ENODATA;
2947 return (-1);
2948 }
2949
2950 /*
2951 * For either live processes or cores, the single LWP case is easy:
2952 * the pstatus_t contains the lwpstatus_t for the only LWP.
2953 */
2954 if (P->status.pr_nlwp <= 1)
2955 return (func(cd, &P->status.pr_lwp));
2956
2957 /*
2958 * For the core file multi-LWP case, we just iterate through the
2959 * list of LWP structs we read in from the core file.
2960 */
2961 if (P->state == PS_DEAD) {
2962 core_info_t *core = P->data;
2963 lwp_info_t *lwp = list_prev(&core->core_lwp_head);
2964 uint_t i;
2965
2966 for (i = 0; i < core->core_nlwp; i++, lwp = list_prev(lwp)) {
2967 if (lwp->lwp_psinfo.pr_sname != 'Z' &&
2968 (rv = func(cd, &lwp->lwp_status)) != 0)
2969 break;
2970 }
2971
2972 return (rv);
2973 }
2974
2975 /*
2976 * For the live process multi-LWP case, we have to work a little
2977 * harder: the /proc/pid/lstatus file has the array of LWP structs.
2978 */
2979 if ((Lhp = Plstatus(P)) == NULL)
2980 return (-1);
2981
2982 for (nlwp = Lhp->pr_nent, Lsp = (lwpstatus_t *)(uintptr_t)(Lhp + 1);
2983 nlwp > 0;
2984 nlwp--, Lsp = (lwpstatus_t *)((uintptr_t)Lsp + Lhp->pr_entsize)) {
2985 if ((rv = func(cd, Lsp)) != 0)
2986 break;
2987 }
2988
2989 free(Lhp);
2990 return (rv);
2991 }
2992
2993 /*
2994 * Extended LWP iteration interface.
2995 * Iterate over all LWPs, active and zombie.
2996 */
2997 int
2998 Plwp_iter_all(struct ps_prochandle *P, proc_lwp_all_f *func, void *cd)
2999 {
3000 prheader_t *Lhp = NULL;
3001 lwpstatus_t *Lsp;
3002 lwpstatus_t *sp;
3003 prheader_t *Lphp = NULL;
3004 lwpsinfo_t *Lpsp;
3005 long nstat;
3006 long ninfo;
3007 int rv;
3008
3009 retry:
3010 if (Lhp != NULL)
3011 free(Lhp);
3012 if (Lphp != NULL)
3013 free(Lphp);
3014 if (P->state == PS_RUN)
3015 (void) Pstopstatus(P, PCNULL, 0);
3016 (void) Ppsinfo(P);
3017
3018 if (P->state == PS_STOP)
3019 Psync(P);
3020
3021 /*
3022 * For either live processes or cores, the single LWP case is easy:
3023 * the pstatus_t contains the lwpstatus_t for the only LWP and
3024 * the psinfo_t contains the lwpsinfo_t for the only LWP.
3025 */
3026 if (P->status.pr_nlwp + P->status.pr_nzomb <= 1)
3027 return (func(cd, &P->status.pr_lwp, &P->psinfo.pr_lwp));
3028
3029 /*
3030 * For the core file multi-LWP case, we just iterate through the
3031 * list of LWP structs we read in from the core file.
3032 */
3033 if (P->state == PS_DEAD) {
3034 core_info_t *core = P->data;
3035 lwp_info_t *lwp = list_prev(&core->core_lwp_head);
3036 uint_t i;
3037
3038 for (i = 0; i < core->core_nlwp; i++, lwp = list_prev(lwp)) {
3039 sp = (lwp->lwp_psinfo.pr_sname == 'Z')? NULL :
3040 &lwp->lwp_status;
3041 if ((rv = func(cd, sp, &lwp->lwp_psinfo)) != 0)
3042 break;
3043 }
3044
3045 return (rv);
3046 }
3047
3048 /*
3049 * For all other cases retrieve the array of lwpstatus_t's and
3050 * lwpsinfo_t's.
3051 */
3052 if ((Lhp = Plstatus(P)) == NULL)
3053 return (-1);
3054 if ((Lphp = Plpsinfo(P)) == NULL) {
3055 free(Lhp);
3056 return (-1);
3057 }
3058
3059 /*
3060 * If we are looking at a running process, or one we do not control,
3061 * the active and zombie lwps in the process may have changed since
3062 * we read the process status structure. If so, just start over.
3063 */
3064 if (Lhp->pr_nent != P->status.pr_nlwp ||
3065 Lphp->pr_nent != P->status.pr_nlwp + P->status.pr_nzomb)
3066 goto retry;
3067
3068 /*
3069 * To be perfectly safe, prescan the two arrays, checking consistency.
3070 * We rely on /proc giving us lwpstatus_t's and lwpsinfo_t's in the
3071 * same order (the lwp directory order) in their respective files.
3072 * We also rely on there being (possibly) more lwpsinfo_t's than
3073 * lwpstatus_t's (the extra lwpsinfo_t's are for zombie lwps).
3074 */
3075 Lsp = (lwpstatus_t *)(uintptr_t)(Lhp + 1);
3076 Lpsp = (lwpsinfo_t *)(uintptr_t)(Lphp + 1);
3077 nstat = Lhp->pr_nent;
3078 for (ninfo = Lphp->pr_nent; ninfo != 0; ninfo--) {
3079 if (Lpsp->pr_sname != 'Z') {
3080 /*
3081 * Not a zombie lwp; check for matching lwpids.
3082 */
3083 if (nstat == 0 || Lsp->pr_lwpid != Lpsp->pr_lwpid)
3084 goto retry;
3085 Lsp = (lwpstatus_t *)((uintptr_t)Lsp + Lhp->pr_entsize);
3086 nstat--;
3087 }
3088 Lpsp = (lwpsinfo_t *)((uintptr_t)Lpsp + Lphp->pr_entsize);
3089 }
3090 if (nstat != 0)
3091 goto retry;
3092
3093 /*
3094 * Rescan, this time for real.
3095 */
3096 Lsp = (lwpstatus_t *)(uintptr_t)(Lhp + 1);
3097 Lpsp = (lwpsinfo_t *)(uintptr_t)(Lphp + 1);
3098 for (ninfo = Lphp->pr_nent; ninfo != 0; ninfo--) {
3099 if (Lpsp->pr_sname != 'Z') {
3100 sp = Lsp;
3101 Lsp = (lwpstatus_t *)((uintptr_t)Lsp + Lhp->pr_entsize);
3102 } else {
3103 sp = NULL;
3104 }
3105 if ((rv = func(cd, sp, Lpsp)) != 0)
3106 break;
3107 Lpsp = (lwpsinfo_t *)((uintptr_t)Lpsp + Lphp->pr_entsize);
3108 }
3109
3110 free(Lhp);
3111 free(Lphp);
3112 return (rv);
3113 }
3114
3115 core_content_t
3116 Pcontent(struct ps_prochandle *P)
3117 {
3118 core_info_t *core = P->data;
3119
3120 if (P->state == PS_DEAD)
3121 return (core->core_content);
3122 if (P->state == PS_IDLE)
3123 return (CC_CONTENT_TEXT | CC_CONTENT_DATA | CC_CONTENT_CTF);
3124
3125 return (CC_CONTENT_ALL);
3126 }
3127
3128 /*
3129 * =================================================================
3130 * The remainder of the functions in this file are for the
3131 * control of individual LWPs in the controlled process.
3132 * =================================================================
3133 */
3134
3135 /*
3136 * Find an entry in the process hash table for the specified lwpid.
3137 * The entry will either point to an existing struct ps_lwphandle
3138 * or it will point to an empty slot for a new struct ps_lwphandle.
3139 */
3140 static struct ps_lwphandle **
3141 Lfind(struct ps_prochandle *P, lwpid_t lwpid)
3142 {
3143 struct ps_lwphandle **Lp;
3144 struct ps_lwphandle *L;
3145
3146 for (Lp = &P->hashtab[lwpid % (HASHSIZE - 1)];
3147 (L = *Lp) != NULL; Lp = &L->lwp_hash)
3148 if (L->lwp_id == lwpid)
3149 break;
3150 return (Lp);
3151 }
3152
3153 /*
3154 * Grab an LWP contained within the controlled process.
3155 * Return an opaque pointer to its LWP control structure.
3156 * perr: pointer to error return code.
3157 */
3158 struct ps_lwphandle *
3159 Lgrab(struct ps_prochandle *P, lwpid_t lwpid, int *perr)
3160 {
3161 struct ps_lwphandle **Lp;
3162 struct ps_lwphandle *L;
3163 int fd;
3164 char procname[PATH_MAX];
3165 char *fname;
3166 int rc = 0;
3167
3168 (void) mutex_lock(&P->proc_lock);
3169
3170 if (P->state == PS_UNDEAD || P->state == PS_IDLE)
3171 rc = G_NOPROC;
3172 else if (P->hashtab == NULL &&
3173 (P->hashtab = calloc(HASHSIZE, sizeof (struct ps_lwphandle *)))
3174 == NULL)
3175 rc = G_STRANGE;
3176 else if (*(Lp = Lfind(P, lwpid)) != NULL)
3177 rc = G_BUSY;
3178 else if ((L = malloc(sizeof (struct ps_lwphandle))) == NULL)
3179 rc = G_STRANGE;
3180 if (rc) {
3181 *perr = rc;
3182 (void) mutex_unlock(&P->proc_lock);
3183 return (NULL);
3184 }
3185
3186 (void) memset(L, 0, sizeof (*L));
3187 L->lwp_ctlfd = -1;
3188 L->lwp_statfd = -1;
3189 L->lwp_proc = P;
3190 L->lwp_id = lwpid;
3191 *Lp = L; /* insert into the hash table */
3192
3193 if (P->state == PS_DEAD) { /* core file */
3194 if (getlwpstatus(P, lwpid, &L->lwp_status) == -1) {
3195 rc = G_NOPROC;
3196 goto err;
3197 }
3198 L->lwp_state = PS_DEAD;
3199 *perr = 0;
3200 (void) mutex_unlock(&P->proc_lock);
3201 return (L);
3202 }
3203
3204 /*
3205 * Open the /proc/<pid>/lwp/<lwpid> files
3206 */
3207 (void) snprintf(procname, sizeof (procname), "%s/%d/lwp/%d/",
3208 procfs_path, (int)P->pid, (int)lwpid);
3209 fname = procname + strlen(procname);
3210 (void) set_minfd();
3211
3212 (void) strcpy(fname, "lwpstatus");
3213 if ((fd = open(procname, O_RDONLY)) < 0 ||
3214 (fd = dupfd(fd, 0)) < 0) {
3215 switch (errno) {
3216 case ENOENT:
3217 rc = G_NOPROC;
3218 break;
3219 default:
3220 dprintf("Lgrab: failed to open %s: %s\n",
3221 procname, strerror(errno));
3222 rc = G_STRANGE;
3223 break;
3224 }
3225 goto err;
3226 }
3227 L->lwp_statfd = fd;
3228
3229 if (pread(fd, &L->lwp_status, sizeof (L->lwp_status), (off_t)0) < 0) {
3230 switch (errno) {
3231 case ENOENT:
3232 rc = G_NOPROC;
3233 break;
3234 default:
3235 dprintf("Lgrab: failed to read %s: %s\n",
3236 procname, strerror(errno));
3237 rc = G_STRANGE;
3238 break;
3239 }
3240 goto err;
3241 }
3242
3243 (void) strcpy(fname, "lwpctl");
3244 if ((fd = open(procname, O_WRONLY)) < 0 ||
3245 (fd = dupfd(fd, 0)) < 0) {
3246 switch (errno) {
3247 case ENOENT:
3248 rc = G_NOPROC;
3249 break;
3250 default:
3251 dprintf("Lgrab: failed to open %s: %s\n",
3252 procname, strerror(errno));
3253 rc = G_STRANGE;
3254 break;
3255 }
3256 goto err;
3257 }
3258 L->lwp_ctlfd = fd;
3259
3260 L->lwp_state =
3261 ((L->lwp_status.pr_flags & (PR_STOPPED|PR_ISTOP))
3262 == (PR_STOPPED|PR_ISTOP))?
3263 PS_STOP : PS_RUN;
3264
3265 *perr = 0;
3266 (void) mutex_unlock(&P->proc_lock);
3267 return (L);
3268
3269 err:
3270 Lfree_internal(P, L);
3271 *perr = rc;
3272 (void) mutex_unlock(&P->proc_lock);
3273 return (NULL);
3274 }
3275
3276 /*
3277 * Return a printable string corresponding to an Lgrab() error return.
3278 */
3279 const char *
3280 Lgrab_error(int error)
3281 {
3282 const char *str;
3283
3284 switch (error) {
3285 case G_NOPROC:
3286 str = "no such LWP";
3287 break;
3288 case G_BUSY:
3289 str = "LWP already grabbed";
3290 break;
3291 case G_STRANGE:
3292 str = "unanticipated system error";
3293 break;
3294 default:
3295 str = "unknown error";
3296 break;
3297 }
3298
3299 return (str);
3300 }
3301
3302 /*
3303 * Free an LWP control structure.
3304 */
3305 void
3306 Lfree(struct ps_lwphandle *L)
3307 {
3308 struct ps_prochandle *P = L->lwp_proc;
3309
3310 (void) mutex_lock(&P->proc_lock);
3311 Lfree_internal(P, L);
3312 (void) mutex_unlock(&P->proc_lock);
3313 }
3314
3315 static void
3316 Lfree_internal(struct ps_prochandle *P, struct ps_lwphandle *L)
3317 {
3318 *Lfind(P, L->lwp_id) = L->lwp_hash; /* delete from hash table */
3319 if (L->lwp_ctlfd >= 0)
3320 (void) close(L->lwp_ctlfd);
3321 if (L->lwp_statfd >= 0)
3322 (void) close(L->lwp_statfd);
3323
3324 /* clear out the structure as a precaution against reuse */
3325 (void) memset(L, 0, sizeof (*L));
3326 L->lwp_ctlfd = -1;
3327 L->lwp_statfd = -1;
3328
3329 free(L);
3330 }
3331
3332 /*
3333 * Return the state of the process, one of the PS_* values.
3334 */
3335 int
3336 Lstate(struct ps_lwphandle *L)
3337 {
3338 return (L->lwp_state);
3339 }
3340
3341 /*
3342 * Return the open control file descriptor for the LWP.
3343 * Clients must not close this file descriptor, nor use it
3344 * after the LWP is freed.
3345 */
3346 int
3347 Lctlfd(struct ps_lwphandle *L)
3348 {
3349 return (L->lwp_ctlfd);
3350 }
3351
3352 /*
3353 * Return a pointer to the LWP lwpsinfo structure.
3354 * Clients should not hold on to this pointer indefinitely.
3355 * It will become invalid on Lfree().
3356 */
3357 const lwpsinfo_t *
3358 Lpsinfo(struct ps_lwphandle *L)
3359 {
3360 if (Plwp_getpsinfo(L->lwp_proc, L->lwp_id, &L->lwp_psinfo) == -1)
3361 return (NULL);
3362
3363 return (&L->lwp_psinfo);
3364 }
3365
3366 /*
3367 * Return a pointer to the LWP status structure.
3368 * Clients should not hold on to this pointer indefinitely.
3369 * It will become invalid on Lfree().
3370 */
3371 const lwpstatus_t *
3372 Lstatus(struct ps_lwphandle *L)
3373 {
3374 return (&L->lwp_status);
3375 }
3376
3377 /*
3378 * Given an LWP handle, return the process handle.
3379 */
3380 struct ps_prochandle *
3381 Lprochandle(struct ps_lwphandle *L)
3382 {
3383 return (L->lwp_proc);
3384 }
3385
3386 /*
3387 * Ensure that all cached state is written to the LWP.
3388 * The cached state is the LWP's signal mask and registers.
3389 */
3390 void
3391 Lsync(struct ps_lwphandle *L)
3392 {
3393 int ctlfd = L->lwp_ctlfd;
3394 long cmd[2];
3395 iovec_t iov[4];
3396 int n = 0;
3397
3398 if (L->lwp_flags & SETHOLD) {
3399 cmd[0] = PCSHOLD;
3400 iov[n].iov_base = (caddr_t)&cmd[0];
3401 iov[n++].iov_len = sizeof (long);
3402 iov[n].iov_base = (caddr_t)&L->lwp_status.pr_lwphold;
3403 iov[n++].iov_len = sizeof (L->lwp_status.pr_lwphold);
3404 }
3405 if (L->lwp_flags & SETREGS) {
3406 cmd[1] = PCSREG;
3407 iov[n].iov_base = (caddr_t)&cmd[1];
3408 iov[n++].iov_len = sizeof (long);
3409 iov[n].iov_base = (caddr_t)&L->lwp_status.pr_reg[0];
3410 iov[n++].iov_len = sizeof (L->lwp_status.pr_reg);
3411 }
3412
3413 if (n == 0 || writev(ctlfd, iov, n) < 0)
3414 return; /* nothing to do or write failed */
3415
3416 L->lwp_flags &= ~(SETHOLD|SETREGS);
3417 }
3418
3419 /*
3420 * Wait for the specified LWP to stop or terminate.
3421 * Or, just get the current status (PCNULL).
3422 * Or, direct it to stop and get the current status (PCDSTOP).
3423 */
3424 static int
3425 Lstopstatus(struct ps_lwphandle *L,
3426 long request, /* PCNULL, PCDSTOP, PCSTOP, PCWSTOP */
3427 uint_t msec) /* if non-zero, timeout in milliseconds */
3428 {
3429 int ctlfd = L->lwp_ctlfd;
3430 long ctl[3];
3431 ssize_t rc;
3432 int err;
3433
3434 switch (L->lwp_state) {
3435 case PS_RUN:
3436 break;
3437 case PS_STOP:
3438 if (request != PCNULL && request != PCDSTOP)
3439 return (0);
3440 break;
3441 case PS_LOST:
3442 if (request != PCNULL) {
3443 errno = EAGAIN;
3444 return (-1);
3445 }
3446 break;
3447 case PS_UNDEAD:
3448 case PS_DEAD:
3449 if (request != PCNULL) {
3450 errno = ENOENT;
3451 return (-1);
3452 }
3453 break;
3454 default: /* corrupted state */
3455 dprintf("Lstopstatus: corrupted state: %d\n", L->lwp_state);
3456 errno = EINVAL;
3457 return (-1);
3458 }
3459
3460 ctl[0] = PCDSTOP;
3461 ctl[1] = PCTWSTOP;
3462 ctl[2] = (long)msec;
3463 rc = 0;
3464 switch (request) {
3465 case PCSTOP:
3466 rc = write(ctlfd, &ctl[0], 3*sizeof (long));
3467 break;
3468 case PCWSTOP:
3469 rc = write(ctlfd, &ctl[1], 2*sizeof (long));
3470 break;
3471 case PCDSTOP:
3472 rc = write(ctlfd, &ctl[0], 1*sizeof (long));
3473 break;
3474 case PCNULL:
3475 if (L->lwp_state == PS_DEAD)
3476 return (0); /* Nothing else to do for cores */
3477 break;
3478 default: /* programming error */
3479 errno = EINVAL;
3480 return (-1);
3481 }
3482 err = (rc < 0)? errno : 0;
3483 Lsync(L);
3484
3485 if (pread(L->lwp_statfd, &L->lwp_status,
3486 sizeof (L->lwp_status), (off_t)0) < 0)
3487 err = errno;
3488
3489 if (err) {
3490 switch (err) {
3491 case EINTR: /* user typed ctl-C */
3492 case ERESTART:
3493 dprintf("Lstopstatus: EINTR\n");
3494 break;
3495 case EAGAIN: /* we lost control of the the process */
3496 dprintf("Lstopstatus: EAGAIN\n");
3497 L->lwp_state = PS_LOST;
3498 errno = err;
3499 return (-1);
3500 default:
3501 if (_libproc_debug) {
3502 const char *errstr;
3503
3504 switch (request) {
3505 case PCNULL:
3506 errstr = "Lstopstatus PCNULL"; break;
3507 case PCSTOP:
3508 errstr = "Lstopstatus PCSTOP"; break;
3509 case PCDSTOP:
3510 errstr = "Lstopstatus PCDSTOP"; break;
3511 case PCWSTOP:
3512 errstr = "Lstopstatus PCWSTOP"; break;
3513 default:
3514 errstr = "Lstopstatus PC???"; break;
3515 }
3516 dprintf("%s: %s\n", errstr, strerror(err));
3517 }
3518 L->lwp_state = PS_UNDEAD;
3519 errno = err;
3520 return (-1);
3521 }
3522 }
3523
3524 if ((L->lwp_status.pr_flags & (PR_STOPPED|PR_ISTOP))
3525 != (PR_STOPPED|PR_ISTOP)) {
3526 L->lwp_state = PS_RUN;
3527 if (request == PCNULL || request == PCDSTOP || msec != 0)
3528 return (0);
3529 dprintf("Lstopstatus: LWP is not stopped\n");
3530 errno = EPROTO;
3531 return (-1);
3532 }
3533
3534 L->lwp_state = PS_STOP;
3535
3536 if (_libproc_debug) /* debugging */
3537 prldump("Lstopstatus", &L->lwp_status);
3538
3539 switch (L->lwp_status.pr_why) {
3540 case PR_SYSENTRY:
3541 case PR_SYSEXIT:
3542 case PR_REQUESTED:
3543 case PR_SIGNALLED:
3544 case PR_FAULTED:
3545 case PR_JOBCONTROL:
3546 case PR_SUSPENDED:
3547 break;
3548 default:
3549 errno = EPROTO;
3550 return (-1);
3551 }
3552
3553 return (0);
3554 }
3555
3556 /*
3557 * Wait for the LWP to stop for any reason.
3558 */
3559 int
3560 Lwait(struct ps_lwphandle *L, uint_t msec)
3561 {
3562 return (Lstopstatus(L, PCWSTOP, msec));
3563 }
3564
3565 /*
3566 * Direct the LWP to stop; wait for it to stop.
3567 */
3568 int
3569 Lstop(struct ps_lwphandle *L, uint_t msec)
3570 {
3571 return (Lstopstatus(L, PCSTOP, msec));
3572 }
3573
3574 /*
3575 * Direct the LWP to stop; don't wait.
3576 */
3577 int
3578 Ldstop(struct ps_lwphandle *L)
3579 {
3580 return (Lstopstatus(L, PCDSTOP, 0));
3581 }
3582
3583 /*
3584 * Get the value of one register from stopped LWP.
3585 */
3586 int
3587 Lgetareg(struct ps_lwphandle *L, int regno, prgreg_t *preg)
3588 {
3589 if (regno < 0 || regno >= NPRGREG) {
3590 errno = EINVAL;
3591 return (-1);
3592 }
3593
3594 if (L->lwp_state != PS_STOP) {
3595 errno = EBUSY;
3596 return (-1);
3597 }
3598
3599 *preg = L->lwp_status.pr_reg[regno];
3600 return (0);
3601 }
3602
3603 /*
3604 * Put value of one register into stopped LWP.
3605 */
3606 int
3607 Lputareg(struct ps_lwphandle *L, int regno, prgreg_t reg)
3608 {
3609 if (regno < 0 || regno >= NPRGREG) {
3610 errno = EINVAL;
3611 return (-1);
3612 }
3613
3614 if (L->lwp_state != PS_STOP) {
3615 errno = EBUSY;
3616 return (-1);
3617 }
3618
3619 L->lwp_status.pr_reg[regno] = reg;
3620 L->lwp_flags |= SETREGS; /* set registers before continuing */
3621 return (0);
3622 }
3623
3624 int
3625 Lsetrun(struct ps_lwphandle *L,
3626 int sig, /* signal to pass to LWP */
3627 int flags) /* PRSTEP|PRSABORT|PRSTOP|PRCSIG|PRCFAULT */
3628 {
3629 int ctlfd = L->lwp_ctlfd;
3630 int sbits = (PR_DSTOP | PR_ISTOP | PR_ASLEEP);
3631
3632 long ctl[1 + /* PCCFAULT */
3633 1 + sizeof (siginfo_t)/sizeof (long) + /* PCSSIG/PCCSIG */
3634 2 ]; /* PCRUN */
3635
3636 long *ctlp = ctl;
3637 size_t size;
3638
3639 if (L->lwp_state != PS_STOP &&
3640 (L->lwp_status.pr_flags & sbits) == 0) {
3641 errno = EBUSY;
3642 return (-1);
3643 }
3644
3645 Lsync(L); /* flush registers */
3646
3647 if (flags & PRCFAULT) { /* clear current fault */
3648 *ctlp++ = PCCFAULT;
3649 flags &= ~PRCFAULT;
3650 }
3651
3652 if (flags & PRCSIG) { /* clear current signal */
3653 *ctlp++ = PCCSIG;
3654 flags &= ~PRCSIG;
3655 } else if (sig && sig != L->lwp_status.pr_cursig) {
3656 /* make current signal */
3657 siginfo_t *infop;
3658
3659 *ctlp++ = PCSSIG;
3660 infop = (siginfo_t *)ctlp;
3661 (void) memset(infop, 0, sizeof (*infop));
3662 infop->si_signo = sig;
3663 ctlp += sizeof (siginfo_t) / sizeof (long);
3664 }
3665
3666 *ctlp++ = PCRUN;
3667 *ctlp++ = flags;
3668 size = (char *)ctlp - (char *)ctl;
3669
3670 L->lwp_proc->info_valid = 0; /* will need to update map and file info */
3671 L->lwp_proc->state = PS_RUN;
3672 L->lwp_state = PS_RUN;
3673
3674 if (write(ctlfd, ctl, size) != size) {
3675 /* Pretend that a job-stopped LWP is running */
3676 if (errno != EBUSY || L->lwp_status.pr_why != PR_JOBCONTROL)
3677 return (Lstopstatus(L, PCNULL, 0));
3678 }
3679
3680 return (0);
3681 }
3682
3683 int
3684 Lclearsig(struct ps_lwphandle *L)
3685 {
3686 int ctlfd = L->lwp_ctlfd;
3687 long ctl = PCCSIG;
3688
3689 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
3690 return (-1);
3691 L->lwp_status.pr_cursig = 0;
3692 return (0);
3693 }
3694
3695 int
3696 Lclearfault(struct ps_lwphandle *L)
3697 {
3698 int ctlfd = L->lwp_ctlfd;
3699 long ctl = PCCFAULT;
3700
3701 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
3702 return (-1);
3703 return (0);
3704 }
3705
3706 /*
3707 * Step over a breakpoint, i.e., execute the instruction that
3708 * really belongs at the breakpoint location (the current %pc)
3709 * and leave the LWP stopped at the next instruction.
3710 */
3711 int
3712 Lxecbkpt(struct ps_lwphandle *L, ulong_t saved)
3713 {
3714 struct ps_prochandle *P = L->lwp_proc;
3715 int rv, error;
3716
3717 if (L->lwp_state != PS_STOP) {
3718 errno = EBUSY;
3719 return (-1);
3720 }
3721
3722 Lsync(L);
3723 error = execute_bkpt(L->lwp_ctlfd,
3724 &P->status.pr_flttrace, &L->lwp_status.pr_lwphold,
3725 L->lwp_status.pr_reg[R_PC], saved);
3726 rv = Lstopstatus(L, PCNULL, 0);
3727
3728 if (error != 0) {
3729 if (L->lwp_status.pr_why == PR_JOBCONTROL &&
3730 error == EBUSY) { /* jobcontrol stop -- back off */
3731 L->lwp_state = PS_RUN;
3732 return (0);
3733 }
3734 if (error == ENOENT)
3735 return (0);
3736 errno = error;
3737 return (-1);
3738 }
3739
3740 return (rv);
3741 }
3742
3743 /*
3744 * Step over a watchpoint, i.e., execute the instruction that was stopped by
3745 * the watchpoint, and then leave the LWP stopped at the next instruction.
3746 */
3747 int
3748 Lxecwapt(struct ps_lwphandle *L, const prwatch_t *wp)
3749 {
3750 struct ps_prochandle *P = L->lwp_proc;
3751 int rv, error;
3752
3753 if (L->lwp_state != PS_STOP) {
3754 errno = EBUSY;
3755 return (-1);
3756 }
3757
3758 Lsync(L);
3759 error = execute_wapt(L->lwp_ctlfd,
3760 &P->status.pr_flttrace, &L->lwp_status.pr_lwphold, wp);
3761 rv = Lstopstatus(L, PCNULL, 0);
3762
3763 if (error != 0) {
3764 if (L->lwp_status.pr_why == PR_JOBCONTROL &&
3765 error == EBUSY) { /* jobcontrol stop -- back off */
3766 L->lwp_state = PS_RUN;
3767 return (0);
3768 }
3769 if (error == ENOENT)
3770 return (0);
3771 errno = error;
3772 return (-1);
3773 }
3774
3775 return (rv);
3776 }
3777
3778 int
3779 Lstack(struct ps_lwphandle *L, stack_t *stkp)
3780 {
3781 struct ps_prochandle *P = L->lwp_proc;
3782 uintptr_t addr = L->lwp_status.pr_ustack;
3783
3784 if (P->status.pr_dmodel == PR_MODEL_NATIVE) {
3785 if (Pread(P, stkp, sizeof (*stkp), addr) != sizeof (*stkp))
3786 return (-1);
3787 #ifdef _LP64
3788 } else {
3789 stack32_t stk32;
3790
3791 if (Pread(P, &stk32, sizeof (stk32), addr) != sizeof (stk32))
3792 return (-1);
3793
3794 stack_32_to_n(&stk32, stkp);
3795 #endif
3796 }
3797
3798 return (0);
3799 }
3800
3801 int
3802 Lmain_stack(struct ps_lwphandle *L, stack_t *stkp)
3803 {
3804 struct ps_prochandle *P = L->lwp_proc;
3805
3806 if (Lstack(L, stkp) != 0)
3807 return (-1);
3808
3809 /*
3810 * If the SS_ONSTACK flag is set then this LWP is operating on the
3811 * alternate signal stack. We can recover the original stack from
3812 * pr_oldcontext.
3813 */
3814 if (!(stkp->ss_flags & SS_ONSTACK))
3815 return (0);
3816
3817 if (P->status.pr_dmodel == PR_MODEL_NATIVE) {
3818 ucontext_t *ctxp = (void *)L->lwp_status.pr_oldcontext;
3819
3820 if (Pread(P, stkp, sizeof (*stkp),
3821 (uintptr_t)&ctxp->uc_stack) != sizeof (*stkp))
3822 return (-1);
3823 #ifdef _LP64
3824 } else {
3825 ucontext32_t *ctxp = (void *)L->lwp_status.pr_oldcontext;
3826 stack32_t stk32;
3827
3828 if (Pread(P, &stk32, sizeof (stk32),
3829 (uintptr_t)&ctxp->uc_stack) != sizeof (stk32))
3830 return (-1);
3831
3832 stack_32_to_n(&stk32, stkp);
3833 #endif
3834 }
3835
3836 return (0);
3837 }
3838
3839 int
3840 Lalt_stack(struct ps_lwphandle *L, stack_t *stkp)
3841 {
3842 if (L->lwp_status.pr_altstack.ss_flags & SS_DISABLE) {
3843 errno = ENODATA;
3844 return (-1);
3845 }
3846
3847 *stkp = L->lwp_status.pr_altstack;
3848
3849 return (0);
3850 }
3851
3852 /*
3853 * Add a mapping to the given proc handle. Resizes the array as appropriate and
3854 * manages reference counts on the given file_info_t.
3855 *
3856 * The 'map_relocate' member is used to tell Psort_mappings() that the
3857 * associated file_map pointer needs to be relocated after the mappings have
3858 * been sorted. It is only set for the first mapping, and has no meaning
3859 * outside these two functions.
3860 */
3861 int
3862 Padd_mapping(struct ps_prochandle *P, off64_t off, file_info_t *fp,
3863 prmap_t *pmap)
3864 {
3865 map_info_t *mp;
3866
3867 if (P->map_count == P->map_alloc) {
3868 size_t next = P->map_alloc ? P->map_alloc * 2 : 16;
3869
3870 if ((P->mappings = realloc(P->mappings,
3871 next * sizeof (map_info_t))) == NULL)
3872 return (-1);
3873
3874 P->map_alloc = next;
3875 }
3876
3877 mp = &P->mappings[P->map_count++];
3878
3879 mp->map_offset = off;
3880 mp->map_pmap = *pmap;
3881 mp->map_relocate = 0;
3882 if ((mp->map_file = fp) != NULL) {
3883 if (fp->file_map == NULL) {
3884 fp->file_map = mp;
3885 mp->map_relocate = 1;
3886 }
3887 fp->file_ref++;
3888 }
3889
3890 return (0);
3891 }
3892
3893 static int
3894 map_sort(const void *a, const void *b)
3895 {
3896 const map_info_t *ap = a, *bp = b;
3897
3898 if (ap->map_pmap.pr_vaddr < bp->map_pmap.pr_vaddr)
3899 return (-1);
3900 else if (ap->map_pmap.pr_vaddr > bp->map_pmap.pr_vaddr)
3901 return (1);
3902 else
3903 return (0);
3904 }
3905
3906 /*
3907 * Sort the current set of mappings. Should be called during target
3908 * initialization after all calls to Padd_mapping() have been made.
3909 */
3910 void
3911 Psort_mappings(struct ps_prochandle *P)
3912 {
3913 int i;
3914 map_info_t *mp;
3915
3916 qsort(P->mappings, P->map_count, sizeof (map_info_t), map_sort);
3917
3918 /*
3919 * Update all the file_map pointers to refer to the new locations.
3920 */
3921 for (i = 0; i < P->map_count; i++) {
3922 mp = &P->mappings[i];
3923 if (mp->map_relocate)
3924 mp->map_file->file_map = mp;
3925 mp->map_relocate = 0;
3926 }
3927 }
3928
3929 struct ps_prochandle *
3930 Pgrab_ops(pid_t pid, void *data, const ps_ops_t *ops, int flags)
3931 {
3932 struct ps_prochandle *P;
3933
3934 if ((P = calloc(1, sizeof (*P))) == NULL) {
3935 return (NULL);
3936 }
3937
3938 Pinit_ops(&P->ops, ops);
3939 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL);
3940 P->pid = pid;
3941 P->state = PS_STOP;
3942 P->asfd = -1;
3943 P->ctlfd = -1;
3944 P->statfd = -1;
3945 P->agentctlfd = -1;
3946 P->agentstatfd = -1;
3947 Pinitsym(P);
3948 P->data = data;
3949 Pread_status(P);
3950
3951 if (flags & PGRAB_INCORE) {
3952 P->flags |= INCORE;
3953 }
3954
3955 return (P);
3956 }