1 /* $NetBSD: main.c,v 1.29 2020/11/04 01:37:55 chs Exp $ */ 2 3 /* 4 * Copyright (c) 2002, 2003, 2020 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Andrew Brown. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 #ifndef lint 34 __RCSID("$NetBSD: main.c,v 1.29 2020/11/04 01:37:55 chs Exp $"); 35 #endif 36 37 #include <sys/param.h> 38 39 #ifndef __NetBSD_Version__ 40 #error go away, you fool 41 #elif (__NetBSD_Version__ < 105000000) 42 #error only works with uvm 43 #endif 44 45 #include <fcntl.h> 46 #include <errno.h> 47 #include <unistd.h> 48 #include <limits.h> 49 #include <string.h> 50 #include <signal.h> 51 #include <util.h> 52 53 #include "pmap.h" 54 #include "main.h" 55 56 struct cache_head lcache; 57 void *uvm_vnodeops, *uvm_deviceops, *aobj_pager, *ubc_pager; 58 struct vm_map *kmem_map, *phys_map, *exec_map, *pager_map; 59 struct vm_map *st_map, *pt_map, *module_map, *buf_map; 60 u_long kernel_map_addr; 61 int debug, verbose, recurse, page_size; 62 int print_all, print_map, print_maps, print_solaris, print_ddb; 63 rlim_t maxssiz; 64 65 struct nlist ksyms[] = { 66 { "_maxsmap", 0, 0, 0, 0 }, 67 #define NL_MAXSSIZ 0 68 { "_uvm_vnodeops", 0, 0, 0, 0 }, 69 #define NL_UVM_VNODEOPS 1 70 { "_uvm_deviceops", 0, 0, 0, 0 }, 71 #define NL_UVM_DEVICEOPS 2 72 { "_aobj_pager", 0, 0, 0, 0 }, 73 #define NL_AOBJ_PAGER 3 74 { "_ubc_pager", 0, 0, 0, 0 }, 75 #define NL_UBC_PAGER 4 76 { "_kernel_map", 0, 0, 0, 0 }, 77 #define NL_KERNEL_MAP 5 78 { NULL, 0, 0, 0, 0 } 79 }; 80 81 struct nlist kmaps[] = { 82 { "_kmem_map", 0, 0, 0, 0 }, 83 #define NL_kmem_map 0 84 { "_phys_map", 0, 0, 0, 0 }, 85 #define NL_phys_map 1 86 { "_exec_map", 0, 0, 0, 0 }, 87 #define NL_exec_map 2 88 { "_pager_map", 0, 0, 0, 0 }, 89 #define NL_pager_map 3 90 { "_st_map", 0, 0, 0, 0 }, 91 #define NL_st_map 4 92 { "_pt_map", 0, 0, 0, 0 }, 93 #define NL_pt_map 5 94 { "_module_map", 0, 0, 0, 0 }, 95 #define NL_module_map 6 96 { "_buf_map", 0, 0, 0, 0 }, 97 #define NL_buf_map 7 98 { NULL, 0, 0, 0, 0 }, 99 }; 100 101 #define VMSPACE_ADDRESS 1 102 #define VM_MAP_ADDRESS 2 103 #define VM_MAP_ENTRY_ADDRESS 3 104 #define AMAP_ADDRESS 4 105 106 void check_fd(int); 107 void load_symbols(kvm_t *); 108 void cache_enter(u_long, struct namecache *); 109 110 int 111 main(int argc, char *argv[]) 112 { 113 kvm_t *kd; 114 pid_t pid; 115 uid_t uid; 116 int which, many, ch, rc; 117 char errbuf[_POSIX2_LINE_MAX + 1]; 118 struct kinfo_proc2 *kproc; 119 char *kmem, *kernel, *t; 120 gid_t egid; 121 struct kbit kbit, *vmspace; 122 u_long address; 123 124 uid = getuid(); 125 egid = getegid(); 126 if (setegid(getgid()) == -1) 127 err(1, "failed to reset privileges"); 128 129 check_fd(STDIN_FILENO); 130 check_fd(STDOUT_FILENO); 131 check_fd(STDERR_FILENO); 132 133 pid = -1; 134 which = verbose = debug = 0; 135 print_all = print_map = print_maps = print_solaris = print_ddb = 0; 136 recurse = 0; 137 kmem = kernel = NULL; 138 address = 0; 139 vmspace = &kbit; 140 141 while ((ch = getopt(argc, argv, "A:aD:dE:lM:mN:Pp:RrS:sV:vx")) != -1) { 142 switch (ch) { 143 case 'A': 144 case 'E': 145 case 'S': 146 case 'V': 147 if (which != 0) 148 errx(1, "use only one of -A, -E, -S, or -V"); 149 errno = 0; 150 address = strtoul(optarg, &t, 0); 151 if (*t != '\0') 152 errx(1, "%s is not a valid address", optarg); 153 if (errno != 0) 154 err(1, "%s is not a valid address", optarg); 155 switch (ch) { 156 case 'A': which = AMAP_ADDRESS; break; 157 case 'E': which = VM_MAP_ENTRY_ADDRESS; break; 158 case 'S': which = VMSPACE_ADDRESS; break; 159 case 'V': which = VM_MAP_ADDRESS; break; 160 } 161 break; 162 case 'a': 163 print_all = 1; 164 break; 165 case 'd': 166 print_ddb = 1; 167 break; 168 case 'D': 169 errno = 0; 170 debug = strtoul(optarg, &t, 0); 171 if (*t != '\0') 172 errx(1, "%s is not a valid number", optarg); 173 if (errno != 0) 174 err(1, "%s is not a valid number", optarg); 175 break; 176 case 'l': 177 print_maps = 1; 178 break; 179 case 'm': 180 print_map = 1; 181 break; 182 case 'M': 183 kmem = optarg; 184 break; 185 case 'N': 186 kernel = optarg; 187 break; 188 case 'p': 189 errno = 0; 190 pid = strtol(optarg, &t, 0); 191 if (pid < 0) 192 errno = EINVAL; 193 if (*t != '\0') 194 errx(1, "%s is not a valid pid", optarg); 195 if (errno != 0) 196 err(1, "%s is not a valid pid", optarg); 197 break; 198 case 'P': 199 pid = getpid(); 200 break; 201 case 'R': 202 recurse = 1; 203 break; 204 case 's': 205 print_solaris = 1; 206 break; 207 case 'v': 208 verbose++; 209 break; 210 case 'r': 211 case 'x': 212 errx(1, "-%c option not implemented, sorry", optopt); 213 /*NOTREACHED*/ 214 case '?': 215 default: 216 fprintf(stderr, "usage: %s [-adlmPRsv] [-A address] " 217 "[-D number] [-E address] [-M core]\n" 218 "\t[-N system] [-p pid] [-S address] " 219 "[-V address] [pid ...]\n", 220 getprogname()); 221 exit(1); 222 } 223 } 224 argc -= optind; 225 argv += optind; 226 227 /* more than one "process" to dump? */ 228 many = (argc > 1 - (pid == -1 ? 0 : 1)) ? 1 : 0; 229 230 /* apply default */ 231 if (print_all + print_map + print_maps + print_solaris + 232 print_ddb == 0) 233 print_solaris = 1; 234 235 if ((kernel != NULL || kmem != NULL || address != 0 || 236 print_ddb || debug) && uid != 0) 237 errx(1, "one or more options specified is restricted to root"); 238 239 /* get privs back since it appears to be safe. */ 240 rc = setegid(egid); 241 if (rc == -1) 242 err(1, "failed to reset privileges"); 243 244 /* start by opening libkvm */ 245 kd = kvm_openfiles(kernel, kmem, NULL, O_RDONLY, errbuf); 246 247 /* we're completely done with privileges now */ 248 rc = setgid(getgid()); 249 if (rc == -1) 250 err(1, "failed to reset privileges"); 251 252 /* print the kvm_open error, if any */ 253 errbuf[_POSIX2_LINE_MAX] = '\0'; 254 if (kd == NULL) 255 errx(1, "%s", errbuf); 256 257 /* get "bootstrap" addresses from kernel */ 258 load_symbols(kd); 259 260 if (address) { 261 struct kbit kbit2, *at = &kbit2; 262 263 memset(vmspace, 0, sizeof(*vmspace)); 264 A(at) = address; 265 S(at) = (size_t)-1; 266 267 switch (which) { 268 case VMSPACE_ADDRESS: 269 /* (kd, kproc, vmspace, thing) */ 270 (*process_map)(kd, NULL, at, "vm_map"); 271 break; 272 case VM_MAP_ADDRESS: 273 /* (kd, proc, vmspace, vm_map, thing) */ 274 (*dump_vm_map)(kd, NULL, vmspace, at, "vm_map"); 275 break; 276 case VM_MAP_ENTRY_ADDRESS: 277 /* (kd, proc, vmspace, vm_map_entry, 0) */ 278 (*dump_vm_map_entry)(kd, NULL, vmspace, at, 0); 279 break; 280 case AMAP_ADDRESS: 281 /* (kd, amap) */ 282 (*dump_amap)(kd, at); 283 break; 284 } 285 exit(0); 286 } 287 288 do { 289 if (pid == -1) { 290 if (argc == 0) 291 pid = getppid(); 292 else { 293 errno = 0; 294 pid = strtol(argv[0], &t, 0); 295 if (pid < 0) 296 errno = EINVAL; 297 if (*t != '\0') 298 errx(1, "%s is not a valid pid", 299 argv[0]); 300 if (errno != 0) 301 err(1, "%s is not a valid pid", 302 argv[0]); 303 argv++; 304 argc--; 305 } 306 } 307 308 errno = 0; 309 /* find the process id */ 310 if (pid == 0) { 311 kproc = NULL; 312 if (uid != 0) { 313 /* only root can print kernel mappings */ 314 errno = EPERM; 315 } 316 } else { 317 kproc = kvm_getproc2(kd, KERN_PROC_PID, pid, 318 sizeof(struct kinfo_proc2), &rc); 319 if (kproc == NULL || rc == 0) { 320 errno = ESRCH; 321 } else if (uid != 0 && uid != kproc->p_uid) { 322 /* 323 * only the real owner of the process and 324 * root can print process mappings 325 */ 326 errno = EPERM; 327 } 328 } 329 330 if (errno != 0) { 331 warn("%d", pid); 332 pid = -1; 333 continue; 334 } 335 336 /* dump it */ 337 if (many) { 338 if (kproc != NULL) 339 printf("process %d:\n", kproc->p_pid); 340 else 341 printf("kernel:\n"); 342 } 343 344 (*process_map)(kd, kproc, vmspace, NULL); 345 pid = -1; 346 } while (argc > 0); 347 348 /* done. go away. */ 349 rc = kvm_close(kd); 350 if (rc == -1) 351 err(1, "kvm_close"); 352 353 return (0); 354 } 355 356 void 357 check_fd(int fd) 358 { 359 struct stat st; 360 int n; 361 362 if (fstat(fd, &st) == -1) { 363 (void)close(fd); 364 n = open("/dev/null", O_RDWR); 365 if (n == fd || n == -1) 366 /* we're either done or we can do no more */ 367 return; 368 /* if either of these fail, there's not much we can do */ 369 (void)dup2(n, fd); 370 (void)close(n); 371 /* XXX should we exit if it fails? */ 372 } 373 } 374 375 void 376 load_symbols(kvm_t *kd) 377 { 378 int rc, i, mib[2]; 379 size_t sz; 380 381 rc = kvm_nlist(kd, &ksyms[0]); 382 if (rc != 0) { 383 for (i = 0; ksyms[i].n_name != NULL; i++) 384 if (ksyms[i].n_value == 0) 385 warnx("symbol %s: not found", ksyms[i].n_name); 386 exit(1); 387 } 388 389 uvm_vnodeops = (void*)ksyms[NL_UVM_VNODEOPS].n_value; 390 uvm_deviceops = (void*)ksyms[NL_UVM_DEVICEOPS].n_value; 391 aobj_pager = (void*)ksyms[NL_AOBJ_PAGER].n_value; 392 ubc_pager = (void*)ksyms[NL_UBC_PAGER].n_value; 393 394 _KDEREF(kd, ksyms[NL_MAXSSIZ].n_value, &maxssiz, 395 sizeof(maxssiz)); 396 _KDEREF(kd, ksyms[NL_KERNEL_MAP].n_value, &kernel_map_addr, 397 sizeof(kernel_map_addr)); 398 399 /* 400 * Some of these may be missing from some platforms, for 401 * example sparc, sh3, and most powerpc platforms don't 402 * have a "phys_map", etc. 403 */ 404 (void)kvm_nlist(kd, &kmaps[0]); 405 406 #define get_map_address(m) do {\ 407 if (kmaps[__CONCAT(NL_,m)].n_value != 0) \ 408 _KDEREF(kd, kmaps[__CONCAT(NL_,m)].n_value, &m, sizeof(m)); \ 409 } while (0/*CONSTCOND*/) 410 411 get_map_address(kmem_map); 412 get_map_address(phys_map); 413 get_map_address(exec_map); 414 get_map_address(pager_map); 415 get_map_address(st_map); 416 get_map_address(pt_map); 417 get_map_address(module_map); 418 get_map_address(buf_map); 419 420 mib[0] = CTL_HW; 421 mib[1] = HW_PAGESIZE; 422 sz = sizeof(page_size); 423 if (sysctl(&mib[0], 2, &page_size, &sz, NULL, 0) == -1) 424 err(1, "sysctl: hw.pagesize"); 425 } 426 427 const char * 428 mapname(void *addr) 429 { 430 431 if (addr == (void*)kernel_map_addr) 432 return ("kernel_map"); 433 else if (addr == kmem_map) 434 return ("kmem_map"); 435 else if (addr == phys_map) 436 return ("phys_map"); 437 else if (addr == exec_map) 438 return ("exec_map"); 439 else if (addr == pager_map) 440 return ("pager_map"); 441 else if (addr == st_map) 442 return ("st_map"); 443 else if (addr == pt_map) 444 return ("pt_map"); 445 else if (addr == module_map) 446 return ("module_map"); 447 else if (addr == buf_map) 448 return ("buf_map"); 449 else 450 return (NULL); 451 } 452