1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 *
26 * Portions Copyright 2007 Chad Mynhier
27 * Copyright 2012 DEY Storage Systems, Inc. All rights reserved.
28 * Copyright (c) 2013 by Delphix. All rights reserved.
29 * Copyright 2015, Joyent, Inc.
30 * Copyright 2020 OmniOS Community Edition (OmniOSce) Association.
31 * Copyright 2023 Oxide Computer Company
32 */
33
34 #include <assert.h>
35 #include <stdio.h>
36 #include <stdlib.h>
37 #include <unistd.h>
38 #include <ctype.h>
39 #include <fcntl.h>
40 #include <string.h>
41 #include <strings.h>
42 #include <memory.h>
43 #include <errno.h>
44 #include <dirent.h>
45 #include <limits.h>
46 #include <signal.h>
47 #include <atomic.h>
48 #include <zone.h>
49 #include <sys/types.h>
50 #include <sys/uio.h>
51 #include <sys/stat.h>
52 #include <sys/resource.h>
53 #include <sys/param.h>
54 #include <sys/stack.h>
55 #include <sys/fault.h>
56 #include <sys/syscall.h>
57 #include <sys/sysmacros.h>
58 #include <sys/systeminfo.h>
59 #include <sys/secflags.h>
60
61 #include "libproc.h"
62 #include "Pcontrol.h"
63 #include "Putil.h"
64 #include "P32ton.h"
65
66 int _libproc_debug; /* set non-zero to enable debugging printfs */
67 int _libproc_no_qsort; /* set non-zero to inhibit sorting */
68 /* of symbol tables */
69 int _libproc_incore_elf; /* only use in-core elf data */
70
71 sigset_t blockable_sigs; /* signals to block when we need to be safe */
72 static int minfd; /* minimum file descriptor returned by dupfd(fd, 0) */
73 char procfs_path[PATH_MAX] = "/proc";
74
75 /*
76 * Function prototypes for static routines in this module.
77 */
78 static void deadcheck(struct ps_prochandle *);
79 static void restore_tracing_flags(struct ps_prochandle *);
80 static void Lfree_internal(struct ps_prochandle *, struct ps_lwphandle *);
81 static prheader_t *read_lfile(struct ps_prochandle *, const char *);
82
83 /*
84 * Ops vector functions for live processes.
85 */
86
87 /*ARGSUSED*/
88 static ssize_t
89 Pread_live(struct ps_prochandle *P, void *buf, size_t n, uintptr_t addr,
90 void *data)
91 {
92 return (pread(P->asfd, buf, n, (off_t)addr));
93 }
94
95 /*ARGSUSED*/
96 static ssize_t
97 Pwrite_live(struct ps_prochandle *P, const void *buf, size_t n, uintptr_t addr,
98 void *data)
99 {
100 return (pwrite(P->asfd, buf, n, (off_t)addr));
101 }
102
103 /*ARGSUSED*/
104 static int
105 Pread_maps_live(struct ps_prochandle *P, prmap_t **Pmapp, ssize_t *nmapp,
106 void *data)
107 {
108 char mapfile[PATH_MAX];
109 int mapfd;
110 struct stat statb;
111 ssize_t nmap;
112 prmap_t *Pmap = NULL;
113
114 (void) snprintf(mapfile, sizeof (mapfile), "%s/%d/map",
115 procfs_path, (int)P->pid);
116 if ((mapfd = open(mapfile, O_RDONLY)) < 0 ||
117 fstat(mapfd, &statb) != 0 ||
118 statb.st_size < sizeof (prmap_t) ||
119 (Pmap = malloc(statb.st_size)) == NULL ||
120 (nmap = pread(mapfd, Pmap, statb.st_size, 0L)) <= 0 ||
121 (nmap /= sizeof (prmap_t)) == 0) {
122 if (Pmap != NULL)
123 free(Pmap);
124 if (mapfd >= 0)
125 (void) close(mapfd);
126 Preset_maps(P); /* utter failure; destroy tables */
127 return (-1);
128 }
129 (void) close(mapfd);
130
131 *Pmapp = Pmap;
132 *nmapp = nmap;
133
134 return (0);
135 }
136
137 /*ARGSUSED*/
138 static void
139 Pread_aux_live(struct ps_prochandle *P, auxv_t **auxvp, int *nauxp, void *data)
140 {
141 char auxfile[64];
142 int fd;
143 struct stat statb;
144 auxv_t *auxv;
145 ssize_t naux;
146
147 (void) snprintf(auxfile, sizeof (auxfile), "%s/%d/auxv",
148 procfs_path, (int)P->pid);
149 if ((fd = open(auxfile, O_RDONLY)) < 0) {
150 dprintf("%s: failed to open %s: %s\n",
151 __func__, auxfile, strerror(errno));
152 return;
153 }
154
155 if (fstat(fd, &statb) == 0 &&
156 statb.st_size >= sizeof (auxv_t) &&
157 (auxv = malloc(statb.st_size + sizeof (auxv_t))) != NULL) {
158 if ((naux = read(fd, auxv, statb.st_size)) < 0 ||
159 (naux /= sizeof (auxv_t)) < 1) {
160 dprintf("%s: read failed: %s\n",
161 __func__, strerror(errno));
162 free(auxv);
163 } else {
164 auxv[naux].a_type = AT_NULL;
165 auxv[naux].a_un.a_val = 0L;
166
167 *auxvp = auxv;
168 *nauxp = (int)naux;
169 }
170 }
171
172 (void) close(fd);
173 }
174
175 /*ARGSUSED*/
176 static int
177 Pcred_live(struct ps_prochandle *P, prcred_t *pcrp, int ngroups, void *data)
178 {
179 return (proc_get_cred(P->pid, pcrp, ngroups));
180 }
181
182 /* ARGSUSED */
183 static int
184 Psecflags_live(struct ps_prochandle *P, prsecflags_t **psf, void *data)
185 {
186 return (proc_get_secflags(P->pid, psf));
187 }
188
189 /*ARGSUSED*/
190 static int
191 Ppriv_live(struct ps_prochandle *P, prpriv_t **pprv, void *data)
192 {
193 prpriv_t *pp;
194
195 pp = proc_get_priv(P->pid);
196 if (pp == NULL) {
197 return (-1);
198 }
199
200 *pprv = pp;
201 return (0);
202 }
203
204 /*ARGSUSED*/
205 static const psinfo_t *
206 Ppsinfo_live(struct ps_prochandle *P, psinfo_t *psinfo, void *data)
207 {
208 if (proc_get_psinfo(P->pid, psinfo) == -1)
209 return (NULL);
210
211 return (psinfo);
212 }
213
214 /*ARGSUSED*/
215 static prheader_t *
216 Plstatus_live(struct ps_prochandle *P, void *data)
217 {
218 return (read_lfile(P, "lstatus"));
219 }
220
221 /*ARGSUSED*/
222 static prheader_t *
223 Plpsinfo_live(struct ps_prochandle *P, void *data)
224 {
225 return (read_lfile(P, "lpsinfo"));
226 }
227
228 /*ARGSUSED*/
229 static char *
230 Pplatform_live(struct ps_prochandle *P, char *s, size_t n, void *data)
231 {
232 if (sysinfo(SI_PLATFORM, s, n) == -1)
233 return (NULL);
234 return (s);
235 }
236
237 /*ARGSUSED*/
238 static int
239 Puname_live(struct ps_prochandle *P, struct utsname *u, void *data)
240 {
241 return (uname(u));
242 }
243
244 /*ARGSUSED*/
245 static char *
246 Pzonename_live(struct ps_prochandle *P, char *s, size_t n, void *data)
247 {
248 if (getzonenamebyid(P->status.pr_zoneid, s, n) < 0)
249 return (NULL);
250 s[n - 1] = '\0';
251 return (s);
252 }
253
254 /*
255 * Callback function for Pfindexec(). We return a match if we can stat the
256 * suggested pathname and confirm its device and inode number match our
257 * previous information about the /proc/<pid>/object/a.out file.
258 */
259 static int
260 stat_exec(const char *path, void *arg)
261 {
262 struct stat64 *stp = arg;
263 struct stat64 st;
264
265 return (stat64(path, &st) == 0 && S_ISREG(st.st_mode) &&
266 stp->st_dev == st.st_dev && stp->st_ino == st.st_ino);
267 }
268
269 /*ARGSUSED*/
270 static char *
271 Pexecname_live(struct ps_prochandle *P, char *buf, size_t buflen, void *data)
272 {
273 char exec_name[PATH_MAX];
274 char cwd[PATH_MAX];
275 char proc_cwd[64];
276 struct stat64 st;
277 int ret;
278
279 /*
280 * Try to get the path information first.
281 */
282 (void) snprintf(exec_name, sizeof (exec_name),
283 "%s/%d/path/a.out", procfs_path, (int)P->pid);
284 if ((ret = readlink(exec_name, buf, buflen - 1)) > 0) {
285 buf[ret] = '\0';
286 (void) Pfindobj(P, buf, buf, buflen);
287 return (buf);
288 }
289
290 /*
291 * Stat the executable file so we can compare Pfindexec's
292 * suggestions to the actual device and inode number.
293 */
294 (void) snprintf(exec_name, sizeof (exec_name),
295 "%s/%d/object/a.out", procfs_path, (int)P->pid);
296
297 if (stat64(exec_name, &st) != 0 || !S_ISREG(st.st_mode))
298 return (NULL);
299
300 /*
301 * Attempt to figure out the current working directory of the
302 * target process. This only works if the target process has
303 * not changed its current directory since it was exec'd.
304 */
305 (void) snprintf(proc_cwd, sizeof (proc_cwd),
306 "%s/%d/path/cwd", procfs_path, (int)P->pid);
307
308 if ((ret = readlink(proc_cwd, cwd, PATH_MAX - 1)) > 0)
309 cwd[ret] = '\0';
310
311 (void) Pfindexec(P, ret > 0 ? cwd : NULL, stat_exec, &st);
312
313 return (NULL);
314 }
315
316 #if defined(__i386) || defined(__amd64)
317 /*ARGSUSED*/
318 static int
319 Pldt_live(struct ps_prochandle *P, struct ssd *pldt, int nldt, void *data)
320 {
321 return (proc_get_ldt(P->pid, pldt, nldt));
322 }
323 #endif
324
325 static const ps_ops_t P_live_ops = {
326 .pop_pread = Pread_live,
327 .pop_pwrite = Pwrite_live,
328 .pop_read_maps = Pread_maps_live,
329 .pop_read_aux = Pread_aux_live,
330 .pop_cred = Pcred_live,
331 .pop_priv = Ppriv_live,
332 .pop_psinfo = Ppsinfo_live,
333 .pop_lstatus = Plstatus_live,
334 .pop_lpsinfo = Plpsinfo_live,
335 .pop_platform = Pplatform_live,
336 .pop_uname = Puname_live,
337 .pop_zonename = Pzonename_live,
338 .pop_execname = Pexecname_live,
339 .pop_secflags = Psecflags_live,
340 #if defined(__i386) || defined(__amd64)
341 .pop_ldt = Pldt_live
342 #endif
343 };
344
345 /*
346 * This is the library's .init handler.
347 */
348 #pragma init(_libproc_init)
349 void
350 _libproc_init(void)
351 {
352 const char *root;
353
354 _libproc_debug = getenv("LIBPROC_DEBUG") != NULL;
355 _libproc_no_qsort = getenv("LIBPROC_NO_QSORT") != NULL;
356 _libproc_incore_elf = getenv("LIBPROC_INCORE_ELF") != NULL;
357
358 if ((root = zone_get_nroot()) != NULL)
359 (void) snprintf(procfs_path, sizeof (procfs_path), "%s/proc",
360 root);
361
362 (void) sigfillset(&blockable_sigs);
363 (void) sigdelset(&blockable_sigs, SIGKILL);
364 (void) sigdelset(&blockable_sigs, SIGSTOP);
365 }
366
367 void
368 Pset_procfs_path(const char *path)
369 {
370 (void) snprintf(procfs_path, sizeof (procfs_path), "%s", path);
371 }
372
373 /*
374 * Call set_minfd() once before calling dupfd() several times.
375 * We assume that the application will not reduce its current file
376 * descriptor limit lower than 512 once it has set at least that value.
377 */
378 int
379 set_minfd(void)
380 {
381 static mutex_t minfd_lock = DEFAULTMUTEX;
382 struct rlimit rlim;
383 int fd;
384
385 if ((fd = minfd) < 256) {
386 (void) mutex_lock(&minfd_lock);
387 if ((fd = minfd) < 256) {
388 if (getrlimit(RLIMIT_NOFILE, &rlim) != 0)
389 rlim.rlim_cur = rlim.rlim_max = 0;
390 if (rlim.rlim_cur >= 512)
391 fd = 256;
392 else if ((fd = rlim.rlim_cur / 2) < 3)
393 fd = 3;
394 membar_producer();
395 minfd = fd;
396 }
397 (void) mutex_unlock(&minfd_lock);
398 }
399 return (fd);
400 }
401
402 int
403 dupfd(int fd, int dfd)
404 {
405 int mfd;
406
407 /*
408 * Make fd be greater than 255 (the 32-bit stdio limit),
409 * or at least make it greater than 2 so that the
410 * program will work when spawned by init(8).
411 * Also, if dfd is non-zero, dup the fd to be dfd.
412 */
413 if ((mfd = minfd) == 0)
414 mfd = set_minfd();
415 if (dfd > 0 || (0 <= fd && fd < mfd)) {
416 if (dfd <= 0)
417 dfd = mfd;
418 dfd = fcntl(fd, F_DUPFD, dfd);
419 (void) close(fd);
420 fd = dfd;
421 }
422 /*
423 * Mark it close-on-exec so any created process doesn't inherit it.
424 */
425 if (fd >= 0)
426 (void) fcntl(fd, F_SETFD, FD_CLOEXEC);
427 return (fd);
428 }
429
430 /*
431 * Create a new controlled process.
432 * Leave it stopped on successful exit from exec() or execve().
433 * Return an opaque pointer to its process control structure.
434 * Return NULL if process cannot be created (fork()/exec() not successful).
435 */
436 struct ps_prochandle *
437 Pxcreate(const char *file, /* executable file name */
438 char *const *argv, /* argument vector */
439 char *const *envp, /* environment */
440 int *perr, /* pointer to error return code */
441 char *path, /* if non-null, holds exec path name on return */
442 size_t len) /* size of the path buffer */
443 {
444 char execpath[PATH_MAX];
445 char procname[PATH_MAX];
446 struct ps_prochandle *P;
447 pid_t pid;
448 int fd;
449 char *fname;
450 int rc;
451 int lasterrno = 0;
452
453 if (len == 0) /* zero length, no path */
454 path = NULL;
455 if (path != NULL)
456 *path = '\0';
457
458 if ((P = malloc(sizeof (struct ps_prochandle))) == NULL) {
459 *perr = C_STRANGE;
460 return (NULL);
461 }
462
463 if ((pid = fork1()) == -1) {
464 free(P);
465 *perr = C_FORK;
466 return (NULL);
467 }
468
469 if (pid == 0) { /* child process */
470 id_t id;
471 extern char **environ;
472
473 /*
474 * If running setuid or setgid, reset credentials to normal.
475 */
476 if ((id = getgid()) != getegid())
477 (void) setgid(id);
478 if ((id = getuid()) != geteuid())
479 (void) setuid(id);
480
481 Pcreate_callback(P); /* execute callback (see below) */
482 (void) pause(); /* wait for PRSABORT from parent */
483
484 /*
485 * This is ugly. There is no execvep() function that takes a
486 * path and an environment. We cheat here by replacing the
487 * global 'environ' variable right before we call this.
488 */
489 if (envp)
490 environ = (char **)envp;
491
492 (void) execvp(file, argv); /* execute the program */
493 _exit(127);
494 }
495
496 /*
497 * Initialize the process structure.
498 */
499 (void) memset(P, 0, sizeof (*P));
500 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL);
501 P->flags |= CREATED;
502 P->state = PS_RUN;
503 P->pid = pid;
504 P->asfd = -1;
505 P->ctlfd = -1;
506 P->statfd = -1;
507 P->agentctlfd = -1;
508 P->agentstatfd = -1;
509 Pinit_ops(&P->ops, &P_live_ops);
510 Pinitsym(P);
511 Pinitfd(P);
512
513 /*
514 * Open the /proc/pid files.
515 */
516 (void) snprintf(procname, sizeof (procname), "%s/%d/",
517 procfs_path, (int)pid);
518 fname = procname + strlen(procname);
519 (void) set_minfd();
520
521 /*
522 * Exclusive write open advises others not to interfere.
523 * There is no reason for any of these open()s to fail.
524 */
525 (void) strcpy(fname, "as");
526 if ((fd = open(procname, (O_RDWR|O_EXCL))) < 0 ||
527 (fd = dupfd(fd, 0)) < 0) {
528 dprintf("Pcreate: failed to open %s: %s\n",
529 procname, strerror(errno));
530 rc = C_STRANGE;
531 goto bad;
532 }
533 P->asfd = fd;
534
535 (void) strcpy(fname, "status");
536 if ((fd = open(procname, O_RDONLY)) < 0 ||
537 (fd = dupfd(fd, 0)) < 0) {
538 dprintf("Pcreate: failed to open %s: %s\n",
539 procname, strerror(errno));
540 rc = C_STRANGE;
541 goto bad;
542 }
543 P->statfd = fd;
544
545 (void) strcpy(fname, "ctl");
546 if ((fd = open(procname, O_WRONLY)) < 0 ||
547 (fd = dupfd(fd, 0)) < 0) {
548 dprintf("Pcreate: failed to open %s: %s\n",
549 procname, strerror(errno));
550 rc = C_STRANGE;
551 goto bad;
552 }
553 P->ctlfd = fd;
554
555 (void) Pstop(P, 0); /* stop the controlled process */
556
557 /*
558 * Wait for process to sleep in pause().
559 * If the process has already called pause(), then it should be
560 * stopped (PR_REQUESTED) while asleep in pause and we are done.
561 * Else we set up to catch entry/exit to pause() and set the process
562 * running again, expecting it to stop when it reaches pause().
563 * There is no reason for this to fail other than an interrupt.
564 */
565 (void) Psysentry(P, SYS_pause, 1);
566 (void) Psysexit(P, SYS_pause, 1);
567 for (;;) {
568 if (P->state == PS_STOP &&
569 P->status.pr_lwp.pr_syscall == SYS_pause &&
570 (P->status.pr_lwp.pr_why == PR_REQUESTED ||
571 P->status.pr_lwp.pr_why == PR_SYSENTRY ||
572 P->status.pr_lwp.pr_why == PR_SYSEXIT))
573 break;
574
575 if (P->state != PS_STOP || /* interrupt or process died */
576 Psetrun(P, 0, 0) != 0) { /* can't restart */
577 if (errno == EINTR || errno == ERESTART)
578 rc = C_INTR;
579 else {
580 dprintf("Pcreate: Psetrun failed: %s\n",
581 strerror(errno));
582 rc = C_STRANGE;
583 }
584 goto bad;
585 }
586
587 (void) Pwait(P, 0);
588 }
589 (void) Psysentry(P, SYS_pause, 0);
590 (void) Psysexit(P, SYS_pause, 0);
591
592 /*
593 * Kick the process off the pause() and catch
594 * it again on entry to exec() or exit().
595 */
596 (void) Psysentry(P, SYS_exit, 1);
597 (void) Psysentry(P, SYS_execve, 1);
598 if (Psetrun(P, 0, PRSABORT) == -1) {
599 dprintf("Pcreate: Psetrun failed: %s\n", strerror(errno));
600 rc = C_STRANGE;
601 goto bad;
602 }
603 (void) Pwait(P, 0);
604 if (P->state != PS_STOP) {
605 dprintf("Pcreate: Pwait failed: %s\n", strerror(errno));
606 rc = C_STRANGE;
607 goto bad;
608 }
609
610 /*
611 * Move the process through instances of failed exec()s
612 * to reach the point of stopped on successful exec().
613 */
614 (void) Psysexit(P, SYS_execve, TRUE);
615
616 while (P->state == PS_STOP &&
617 P->status.pr_lwp.pr_why == PR_SYSENTRY &&
618 P->status.pr_lwp.pr_what == SYS_execve) {
619 /*
620 * Fetch the exec path name now, before we complete
621 * the exec(). We may lose the process and be unable
622 * to get the information later.
623 */
624 (void) Pread_string(P, execpath, sizeof (execpath),
625 (off_t)P->status.pr_lwp.pr_sysarg[0]);
626 if (path != NULL)
627 (void) strncpy(path, execpath, len);
628 /*
629 * Set the process running and wait for
630 * it to stop on exit from the exec().
631 */
632 (void) Psetrun(P, 0, 0);
633 (void) Pwait(P, 0);
634
635 if (P->state == PS_LOST && /* we lost control */
636 Preopen(P) != 0) { /* and we can't get it back */
637 rc = C_PERM;
638 goto bad;
639 }
640
641 /*
642 * If the exec() failed, continue the loop, expecting
643 * there to be more attempts to exec(), based on PATH.
644 */
645 if (P->state == PS_STOP &&
646 P->status.pr_lwp.pr_why == PR_SYSEXIT &&
647 P->status.pr_lwp.pr_what == SYS_execve &&
648 (lasterrno = P->status.pr_lwp.pr_errno) != 0) {
649 /*
650 * The exec() failed. Set the process running and
651 * wait for it to stop on entry to the next exec().
652 */
653 (void) Psetrun(P, 0, 0);
654 (void) Pwait(P, 0);
655
656 continue;
657 }
658 break;
659 }
660
661 if (P->state == PS_STOP &&
662 P->status.pr_lwp.pr_why == PR_SYSEXIT &&
663 P->status.pr_lwp.pr_what == SYS_execve &&
664 P->status.pr_lwp.pr_errno == 0) {
665 /*
666 * The process is stopped on successful exec() or execve().
667 * Turn off all tracing flags and return success.
668 */
669 restore_tracing_flags(P);
670 #ifndef _LP64
671 /* We must be a 64-bit process to deal with a 64-bit process */
672 if (P->status.pr_dmodel == PR_MODEL_LP64) {
673 rc = C_LP64;
674 goto bad;
675 }
676 #endif
677 /*
678 * Set run-on-last-close so the controlled process
679 * runs even if we die on a signal.
680 */
681 (void) Psetflags(P, PR_RLC);
682 *perr = 0;
683 return (P);
684 }
685
686 rc = lasterrno == ENOENT ? C_NOENT : C_NOEXEC;
687
688 bad:
689 (void) kill(pid, SIGKILL);
690 if (path != NULL && rc != C_PERM && rc != C_LP64)
691 *path = '\0';
692 Pfree(P);
693 *perr = rc;
694 return (NULL);
695 }
696
697 struct ps_prochandle *
698 Pcreate(
699 const char *file, /* executable file name */
700 char *const *argv, /* argument vector */
701 int *perr, /* pointer to error return code */
702 char *path, /* if non-null, holds exec path name on return */
703 size_t len) /* size of the path buffer */
704 {
705 return (Pxcreate(file, argv, NULL, perr, path, len));
706 }
707
708 /*
709 * Return a printable string corresponding to a Pcreate() error return.
710 */
711 const char *
712 Pcreate_error(int error)
713 {
714 const char *str;
715
716 switch (error) {
717 case C_FORK:
718 str = "cannot fork";
719 break;
720 case C_PERM:
721 str = "file is set-id or unreadable";
722 break;
723 case C_NOEXEC:
724 str = "cannot execute file";
725 break;
726 case C_INTR:
727 str = "operation interrupted";
728 break;
729 case C_LP64:
730 str = "program is _LP64, self is not";
731 break;
732 case C_STRANGE:
733 str = "unanticipated system error";
734 break;
735 case C_NOENT:
736 str = "cannot find executable file";
737 break;
738 default:
739 str = "unknown error";
740 break;
741 }
742
743 return (str);
744 }
745
746 /*
747 * Callback to execute in each child process created with Pcreate() after fork
748 * but before it execs the new process image. By default, we do nothing, but
749 * by calling this function we allow the client program to define its own
750 * version of the function which will interpose on our empty default. This
751 * may be useful for clients that need to modify signal dispositions, terminal
752 * attributes, or process group and session properties for each new victim.
753 */
754 /*ARGSUSED*/
755 void
756 Pcreate_callback(struct ps_prochandle *P)
757 {
758 /* nothing to do here */
759 }
760
761 /*
762 * Grab an existing process.
763 * Return an opaque pointer to its process control structure.
764 *
765 * pid: UNIX process ID.
766 * flags:
767 * PGRAB_RETAIN Retain tracing flags (default clears all tracing flags).
768 * PGRAB_FORCE Grab regardless of whether process is already traced.
769 * PGRAB_RDONLY Open the address space file O_RDONLY instead of O_RDWR,
770 * and do not open the process control file.
771 * PGRAB_NOSTOP Open the process but do not force it to stop.
772 * perr: pointer to error return code.
773 */
774 struct ps_prochandle *
775 Pgrab(pid_t pid, int flags, int *perr)
776 {
777 struct ps_prochandle *P;
778 int fd, omode;
779 char procname[PATH_MAX];
780 char *fname;
781 int rc = 0;
782
783 /*
784 * PGRAB_RDONLY means that we do not open the /proc/<pid>/control file,
785 * and so it implies RETAIN and NOSTOP since both require control.
786 */
787 if (flags & PGRAB_RDONLY)
788 flags |= PGRAB_RETAIN | PGRAB_NOSTOP;
789
790 if ((P = malloc(sizeof (struct ps_prochandle))) == NULL) {
791 *perr = G_STRANGE;
792 return (NULL);
793 }
794
795 P->asfd = -1;
796 P->ctlfd = -1;
797 P->statfd = -1;
798
799 again: /* Come back here if we lose it in the Window of Vulnerability */
800 if (P->ctlfd >= 0)
801 (void) close(P->ctlfd);
802 if (P->asfd >= 0)
803 (void) close(P->asfd);
804 if (P->statfd >= 0)
805 (void) close(P->statfd);
806 (void) memset(P, 0, sizeof (*P));
807 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL);
808 P->ctlfd = -1;
809 P->asfd = -1;
810 P->statfd = -1;
811 P->agentctlfd = -1;
812 P->agentstatfd = -1;
813 Pinit_ops(&P->ops, &P_live_ops);
814 Pinitsym(P);
815 Pinitfd(P);
816
817 /*
818 * Open the /proc/pid files
819 */
820 (void) snprintf(procname, sizeof (procname), "%s/%d/",
821 procfs_path, (int)pid);
822 fname = procname + strlen(procname);
823 (void) set_minfd();
824
825 /*
826 * Request exclusive open to avoid grabbing someone else's
827 * process and to prevent others from interfering afterwards.
828 * If this fails and the 'PGRAB_FORCE' flag is set, attempt to
829 * open non-exclusively.
830 */
831 (void) strcpy(fname, "as");
832 omode = (flags & PGRAB_RDONLY) ? O_RDONLY : O_RDWR;
833
834 if (((fd = open(procname, omode | O_EXCL)) < 0 &&
835 (fd = ((flags & PGRAB_FORCE)? open(procname, omode) : -1)) < 0) ||
836 (fd = dupfd(fd, 0)) < 0) {
837 switch (errno) {
838 case ENOENT:
839 rc = G_NOPROC;
840 break;
841 case EACCES:
842 case EPERM:
843 rc = G_PERM;
844 break;
845 case EMFILE:
846 rc = G_NOFD;
847 break;
848 case EBUSY:
849 if (!(flags & PGRAB_FORCE) || geteuid() != 0) {
850 rc = G_BUSY;
851 break;
852 }
853 /* FALLTHROUGH */
854 default:
855 dprintf("Pgrab: failed to open %s: %s\n",
856 procname, strerror(errno));
857 rc = G_STRANGE;
858 break;
859 }
860 goto err;
861 }
862 P->asfd = fd;
863
864 (void) strcpy(fname, "status");
865 if ((fd = open(procname, O_RDONLY)) < 0 ||
866 (fd = dupfd(fd, 0)) < 0) {
867 switch (errno) {
868 case ENOENT:
869 rc = G_NOPROC;
870 break;
871 case EMFILE:
872 rc = G_NOFD;
873 break;
874 default:
875 dprintf("Pgrab: failed to open %s: %s\n",
876 procname, strerror(errno));
877 rc = G_STRANGE;
878 break;
879 }
880 goto err;
881 }
882 P->statfd = fd;
883
884 if (!(flags & PGRAB_RDONLY)) {
885 (void) strcpy(fname, "ctl");
886 if ((fd = open(procname, O_WRONLY)) < 0 ||
887 (fd = dupfd(fd, 0)) < 0) {
888 switch (errno) {
889 case ENOENT:
890 rc = G_NOPROC;
891 break;
892 case EMFILE:
893 rc = G_NOFD;
894 break;
895 default:
896 dprintf("Pgrab: failed to open %s: %s\n",
897 procname, strerror(errno));
898 rc = G_STRANGE;
899 break;
900 }
901 goto err;
902 }
903 P->ctlfd = fd;
904 }
905
906 P->state = PS_RUN;
907 P->pid = pid;
908
909 /*
910 * We are now in the Window of Vulnerability (WoV). The process may
911 * exec() a setuid/setgid or unreadable object file between the open()
912 * and the PCSTOP. We will get EAGAIN in this case and must start over.
913 * As Pstopstatus will trigger the first read() from a /proc file,
914 * we also need to handle EOVERFLOW here when 32-bit as an indicator
915 * that this process is 64-bit. Finally, if the process has become
916 * a zombie (PS_UNDEAD) while we were trying to grab it, just remain
917 * silent about this and pretend there was no process.
918 */
919 if (Pstopstatus(P, PCNULL, 0) != 0) {
920 #ifndef _LP64
921 if (errno == EOVERFLOW) {
922 rc = G_LP64;
923 goto err;
924 }
925 #endif
926 if (P->state == PS_LOST) { /* WoV */
927 (void) mutex_destroy(&P->proc_lock);
928 goto again;
929 }
930
931 if (P->state == PS_UNDEAD)
932 rc = G_NOPROC;
933 else
934 rc = G_STRANGE;
935
936 goto err;
937 }
938
939 /*
940 * If the process is a system process, we can't control it even as root
941 */
942 if (P->status.pr_flags & PR_ISSYS) {
943 rc = G_SYS;
944 goto err;
945 }
946 #ifndef _LP64
947 /*
948 * We must be a 64-bit process to deal with a 64-bit process
949 */
950 if (P->status.pr_dmodel == PR_MODEL_LP64) {
951 rc = G_LP64;
952 goto err;
953 }
954 #endif
955
956 /*
957 * Remember the status for use by Prelease().
958 */
959 P->orig_status = P->status; /* structure copy */
960
961 /*
962 * Before stopping the process, make sure we are not grabbing ourselves.
963 * If we are, make sure we are doing it PGRAB_RDONLY.
964 */
965 if (pid == getpid()) {
966 /*
967 * Verify that the process is really ourself:
968 * Set a magic number, read it through the
969 * /proc file and see if the results match.
970 */
971 uint32_t magic1 = 0;
972 uint32_t magic2 = 2;
973
974 errno = 0;
975
976 if (Pread(P, &magic2, sizeof (magic2), (uintptr_t)&magic1)
977 == sizeof (magic2) &&
978 magic2 == 0 &&
979 (magic1 = 0xfeedbeef) &&
980 Pread(P, &magic2, sizeof (magic2), (uintptr_t)&magic1)
981 == sizeof (magic2) &&
982 magic2 == 0xfeedbeef &&
983 !(flags & PGRAB_RDONLY)) {
984 rc = G_SELF;
985 goto err;
986 }
987 }
988
989 /*
990 * If the process is already stopped or has been directed
991 * to stop via /proc, do not set run-on-last-close.
992 */
993 if (!(P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) &&
994 !(flags & PGRAB_RDONLY)) {
995 /*
996 * Mark the process run-on-last-close so
997 * it runs even if we die from SIGKILL.
998 */
999 if (Psetflags(P, PR_RLC) != 0) {
1000 if (errno == EAGAIN) { /* WoV */
1001 (void) mutex_destroy(&P->proc_lock);
1002 goto again;
1003 }
1004 if (errno == ENOENT) /* No complaint about zombies */
1005 rc = G_ZOMB;
1006 else {
1007 dprintf("Pgrab: failed to set RLC\n");
1008 rc = G_STRANGE;
1009 }
1010 goto err;
1011 }
1012 }
1013
1014 /*
1015 * If a stop directive is pending and the process has not yet stopped,
1016 * then synchronously wait for the stop directive to take effect.
1017 * Limit the time spent waiting for the process to stop by iterating
1018 * at most 10 times. The time-out of 20 ms corresponds to the time
1019 * between sending the stop directive and the process actually stopped
1020 * as measured by DTrace on a slow, busy system. If the process doesn't
1021 * stop voluntarily, clear the PR_DSTOP flag so that the code below
1022 * forces the process to stop.
1023 */
1024 if (!(flags & PGRAB_RDONLY)) {
1025 int niter = 0;
1026 while ((P->status.pr_lwp.pr_flags & (PR_STOPPED|PR_DSTOP)) ==
1027 PR_DSTOP && niter < 10 &&
1028 Pstopstatus(P, PCTWSTOP, 20) != 0) {
1029 niter++;
1030 if (flags & PGRAB_NOSTOP)
1031 break;
1032 }
1033 if (niter == 10 && !(flags & PGRAB_NOSTOP)) {
1034 /* Try it harder down below */
1035 P->status.pr_lwp.pr_flags &= ~PR_DSTOP;
1036 }
1037 }
1038
1039 /*
1040 * If the process is not already stopped or directed to stop
1041 * and PGRAB_NOSTOP was not specified, stop the process now.
1042 */
1043 if (!(P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) &&
1044 !(flags & PGRAB_NOSTOP)) {
1045 /*
1046 * Stop the process, get its status and signal/syscall masks.
1047 */
1048 if (((P->status.pr_lwp.pr_flags & PR_STOPPED) &&
1049 Pstopstatus(P, PCDSTOP, 0) != 0) ||
1050 Pstopstatus(P, PCSTOP, 2000) != 0) {
1051 #ifndef _LP64
1052 if (errno == EOVERFLOW) {
1053 rc = G_LP64;
1054 goto err;
1055 }
1056 #endif
1057 if (P->state == PS_LOST) { /* WoV */
1058 (void) mutex_destroy(&P->proc_lock);
1059 goto again;
1060 }
1061 if ((errno != EINTR && errno != ERESTART) ||
1062 (P->state != PS_STOP &&
1063 !(P->status.pr_flags & PR_DSTOP))) {
1064 if (P->state != PS_RUN && errno != ENOENT) {
1065 dprintf("Pgrab: failed to PCSTOP\n");
1066 rc = G_STRANGE;
1067 } else {
1068 rc = G_ZOMB;
1069 }
1070 goto err;
1071 }
1072 }
1073
1074 /*
1075 * Process should now either be stopped via /proc or there
1076 * should be an outstanding stop directive.
1077 */
1078 if (!(P->status.pr_flags & (PR_ISTOP|PR_DSTOP))) {
1079 dprintf("Pgrab: process is not stopped\n");
1080 rc = G_STRANGE;
1081 goto err;
1082 }
1083 #ifndef _LP64
1084 /*
1085 * Test this again now because the 32-bit victim process may
1086 * have exec'd a 64-bit process in the meantime.
1087 */
1088 if (P->status.pr_dmodel == PR_MODEL_LP64) {
1089 rc = G_LP64;
1090 goto err;
1091 }
1092 #endif
1093 }
1094
1095 /*
1096 * Cancel all tracing flags unless the PGRAB_RETAIN flag is set.
1097 */
1098 if (!(flags & PGRAB_RETAIN)) {
1099 (void) Psysentry(P, 0, FALSE);
1100 (void) Psysexit(P, 0, FALSE);
1101 (void) Psignal(P, 0, FALSE);
1102 (void) Pfault(P, 0, FALSE);
1103 Psync(P);
1104 }
1105
1106 *perr = 0;
1107 return (P);
1108
1109 err:
1110 Pfree(P);
1111 *perr = rc;
1112 return (NULL);
1113 }
1114
1115 /*
1116 * Return a printable string corresponding to a Pgrab() error return.
1117 */
1118 const char *
1119 Pgrab_error(int error)
1120 {
1121 const char *str;
1122
1123 switch (error) {
1124 case G_NOPROC:
1125 str = "no such process";
1126 break;
1127 case G_NOCORE:
1128 str = "no such core file";
1129 break;
1130 case G_NOPROCORCORE:
1131 str = "no such process or core file";
1132 break;
1133 case G_NOEXEC:
1134 str = "cannot find executable file";
1135 break;
1136 case G_ZOMB:
1137 str = "zombie process";
1138 break;
1139 case G_PERM:
1140 str = "permission denied";
1141 break;
1142 case G_BUSY:
1143 str = "process is traced";
1144 break;
1145 case G_SYS:
1146 str = "system process";
1147 break;
1148 case G_SELF:
1149 str = "attempt to grab self";
1150 break;
1151 case G_INTR:
1152 str = "operation interrupted";
1153 break;
1154 case G_LP64:
1155 str = "program is _LP64, self is not";
1156 break;
1157 case G_FORMAT:
1158 str = "file is not an ELF core file";
1159 break;
1160 case G_ELF:
1161 str = "libelf error";
1162 break;
1163 case G_NOTE:
1164 str = "core file is corrupt or missing required data";
1165 break;
1166 case G_STRANGE:
1167 str = "unanticipated system error";
1168 break;
1169 case G_ISAINVAL:
1170 str = "wrong ELF machine type";
1171 break;
1172 case G_BADLWPS:
1173 str = "bad lwp specification";
1174 break;
1175 case G_NOFD:
1176 str = "too many open files";
1177 break;
1178 default:
1179 str = "unknown error";
1180 break;
1181 }
1182
1183 return (str);
1184 }
1185
1186 /*
1187 * Free a process control structure.
1188 * Close the file descriptors but don't do the Prelease logic.
1189 */
1190 void
1191 Pfree(struct ps_prochandle *P)
1192 {
1193 uint_t i;
1194 fd_info_t *fip;
1195
1196 if (P->ucaddrs != NULL) {
1197 free(P->ucaddrs);
1198 P->ucaddrs = NULL;
1199 P->ucnelems = 0;
1200 }
1201
1202 (void) mutex_lock(&P->proc_lock);
1203 if (P->hashtab != NULL) {
1204 struct ps_lwphandle *L;
1205 for (i = 0; i < HASHSIZE; i++) {
1206 while ((L = P->hashtab[i]) != NULL)
1207 Lfree_internal(P, L);
1208 }
1209 free(P->hashtab);
1210 }
1211
1212 while ((fip = list_remove_head(&P->fd_head)) != NULL) {
1213 proc_fdinfo_free(fip->fd_info);
1214 free(fip);
1215 }
1216 (void) mutex_unlock(&P->proc_lock);
1217 (void) mutex_destroy(&P->proc_lock);
1218
1219 free(P->zoneroot);
1220
1221 if (P->agentctlfd >= 0)
1222 (void) close(P->agentctlfd);
1223 if (P->agentstatfd >= 0)
1224 (void) close(P->agentstatfd);
1225 if (P->ctlfd >= 0)
1226 (void) close(P->ctlfd);
1227 if (P->asfd >= 0)
1228 (void) close(P->asfd);
1229 if (P->statfd >= 0)
1230 (void) close(P->statfd);
1231 Preset_maps(P);
1232 P->ops.pop_fini(P, P->data);
1233
1234 /* clear out the structure as a precaution against reuse */
1235 (void) memset(P, 0, sizeof (*P));
1236 P->ctlfd = -1;
1237 P->asfd = -1;
1238 P->statfd = -1;
1239 P->agentctlfd = -1;
1240 P->agentstatfd = -1;
1241
1242 free(P);
1243 }
1244
1245 /*
1246 * Return the state of the process, one of the PS_* values.
1247 */
1248 int
1249 Pstate(struct ps_prochandle *P)
1250 {
1251 return (P->state);
1252 }
1253
1254 /*
1255 * Return the open address space file descriptor for the process.
1256 * Clients must not close this file descriptor, not use it
1257 * after the process is freed.
1258 */
1259 int
1260 Pasfd(struct ps_prochandle *P)
1261 {
1262 return (P->asfd);
1263 }
1264
1265 /*
1266 * Return the open control file descriptor for the process.
1267 * Clients must not close this file descriptor, not use it
1268 * after the process is freed.
1269 */
1270 int
1271 Pctlfd(struct ps_prochandle *P)
1272 {
1273 return (P->ctlfd);
1274 }
1275
1276 /*
1277 * Return a pointer to the process psinfo structure.
1278 * Clients should not hold on to this pointer indefinitely.
1279 * It will become invalid on Prelease().
1280 */
1281 const psinfo_t *
1282 Ppsinfo(struct ps_prochandle *P)
1283 {
1284 return (P->ops.pop_psinfo(P, &P->psinfo, P->data));
1285 }
1286
1287 /*
1288 * Return a pointer to the process status structure.
1289 * Clients should not hold on to this pointer indefinitely.
1290 * It will become invalid on Prelease().
1291 */
1292 const pstatus_t *
1293 Pstatus(struct ps_prochandle *P)
1294 {
1295 return (&P->status);
1296 }
1297
1298 static void
1299 Pread_status(struct ps_prochandle *P)
1300 {
1301 P->ops.pop_status(P, &P->status, P->data);
1302 }
1303
1304 /*
1305 * Fill in a pointer to a process credentials structure. The ngroups parameter
1306 * is the number of supplementary group entries allocated in the caller's cred
1307 * structure. It should equal zero or one unless extra space has been
1308 * allocated for the group list by the caller.
1309 */
1310 int
1311 Pcred(struct ps_prochandle *P, prcred_t *pcrp, int ngroups)
1312 {
1313 return (P->ops.pop_cred(P, pcrp, ngroups, P->data));
1314 }
1315
1316 /* Return an allocated prsecflags_t */
1317 int
1318 Psecflags(struct ps_prochandle *P, prsecflags_t **psf)
1319 {
1320 int ret;
1321
1322 if ((ret = P->ops.pop_secflags(P, psf, P->data)) == 0) {
1323 if ((*psf)->pr_version != PRSECFLAGS_VERSION_1) {
1324 free(*psf);
1325 *psf = NULL;
1326 errno = EINVAL;
1327 return (-1);
1328 }
1329 }
1330
1331 return (ret);
1332 }
1333
1334 void
1335 Psecflags_free(prsecflags_t *psf)
1336 {
1337 free(psf);
1338 }
1339
1340 static prheader_t *
1341 Plstatus(struct ps_prochandle *P)
1342 {
1343 return (P->ops.pop_lstatus(P, P->data));
1344 }
1345
1346 static prheader_t *
1347 Plpsinfo(struct ps_prochandle *P)
1348 {
1349 return (P->ops.pop_lpsinfo(P, P->data));
1350 }
1351
1352
1353 #if defined(__i386) || defined(__amd64)
1354 /*
1355 * Fill in a pointer to a process LDT structure.
1356 * The caller provides a buffer of size 'nldt * sizeof (struct ssd)';
1357 * If pldt == NULL or nldt == 0, we return the number of existing LDT entries.
1358 * Otherwise we return the actual number of LDT entries fetched (<= nldt).
1359 */
1360 int
1361 Pldt(struct ps_prochandle *P, struct ssd *pldt, int nldt)
1362 {
1363 return (P->ops.pop_ldt(P, pldt, nldt, P->data));
1364
1365 }
1366 #endif /* __i386 */
1367
1368 /* ARGSUSED */
1369 void
1370 Ppriv_free(struct ps_prochandle *P, prpriv_t *prv)
1371 {
1372 free(prv);
1373 }
1374
1375 /*
1376 * Return a malloced process privilege structure in *pprv.
1377 */
1378 int
1379 Ppriv(struct ps_prochandle *P, prpriv_t **pprv)
1380 {
1381 return (P->ops.pop_priv(P, pprv, P->data));
1382 }
1383
1384 int
1385 Psetpriv(struct ps_prochandle *P, prpriv_t *pprv)
1386 {
1387 int rc;
1388 long *ctl;
1389 size_t sz;
1390
1391 if (P->state == PS_DEAD) {
1392 errno = EBADF;
1393 return (-1);
1394 }
1395
1396 sz = PRIV_PRPRIV_SIZE(pprv) + sizeof (long);
1397
1398 sz = ((sz - 1) / sizeof (long) + 1) * sizeof (long);
1399
1400 ctl = malloc(sz);
1401 if (ctl == NULL)
1402 return (-1);
1403
1404 ctl[0] = PCSPRIV;
1405
1406 (void) memcpy(&ctl[1], pprv, PRIV_PRPRIV_SIZE(pprv));
1407
1408 if (write(P->ctlfd, ctl, sz) != sz)
1409 rc = -1;
1410 else
1411 rc = 0;
1412
1413 free(ctl);
1414
1415 return (rc);
1416 }
1417
1418 void *
1419 Pprivinfo(struct ps_prochandle *P)
1420 {
1421 core_info_t *core = P->data;
1422
1423 /* Use default from libc */
1424 if (P->state != PS_DEAD)
1425 return (NULL);
1426
1427 return (core->core_privinfo);
1428 }
1429
1430 /*
1431 * Ensure that all cached state is written to the process.
1432 * The cached state is the LWP's signal mask and registers
1433 * and the process's tracing flags.
1434 */
1435 void
1436 Psync(struct ps_prochandle *P)
1437 {
1438 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
1439 long cmd[6];
1440 iovec_t iov[12];
1441 int n = 0;
1442
1443 if (P->flags & SETHOLD) {
1444 cmd[0] = PCSHOLD;
1445 iov[n].iov_base = (caddr_t)&cmd[0];
1446 iov[n++].iov_len = sizeof (long);
1447 iov[n].iov_base = (caddr_t)&P->status.pr_lwp.pr_lwphold;
1448 iov[n++].iov_len = sizeof (P->status.pr_lwp.pr_lwphold);
1449 }
1450 if (P->flags & SETREGS) {
1451 cmd[1] = PCSREG;
1452 #ifdef __i386
1453 /* XX64 we should probably restore REG_GS after this */
1454 if (ctlfd == P->agentctlfd)
1455 P->status.pr_lwp.pr_reg[GS] = 0;
1456 #elif defined(__amd64)
1457 /* XX64 */
1458 #endif
1459 iov[n].iov_base = (caddr_t)&cmd[1];
1460 iov[n++].iov_len = sizeof (long);
1461 iov[n].iov_base = (caddr_t)&P->status.pr_lwp.pr_reg[0];
1462 iov[n++].iov_len = sizeof (P->status.pr_lwp.pr_reg);
1463 }
1464 if (P->flags & SETSIG) {
1465 cmd[2] = PCSTRACE;
1466 iov[n].iov_base = (caddr_t)&cmd[2];
1467 iov[n++].iov_len = sizeof (long);
1468 iov[n].iov_base = (caddr_t)&P->status.pr_sigtrace;
1469 iov[n++].iov_len = sizeof (P->status.pr_sigtrace);
1470 }
1471 if (P->flags & SETFAULT) {
1472 cmd[3] = PCSFAULT;
1473 iov[n].iov_base = (caddr_t)&cmd[3];
1474 iov[n++].iov_len = sizeof (long);
1475 iov[n].iov_base = (caddr_t)&P->status.pr_flttrace;
1476 iov[n++].iov_len = sizeof (P->status.pr_flttrace);
1477 }
1478 if (P->flags & SETENTRY) {
1479 cmd[4] = PCSENTRY;
1480 iov[n].iov_base = (caddr_t)&cmd[4];
1481 iov[n++].iov_len = sizeof (long);
1482 iov[n].iov_base = (caddr_t)&P->status.pr_sysentry;
1483 iov[n++].iov_len = sizeof (P->status.pr_sysentry);
1484 }
1485 if (P->flags & SETEXIT) {
1486 cmd[5] = PCSEXIT;
1487 iov[n].iov_base = (caddr_t)&cmd[5];
1488 iov[n++].iov_len = sizeof (long);
1489 iov[n].iov_base = (caddr_t)&P->status.pr_sysexit;
1490 iov[n++].iov_len = sizeof (P->status.pr_sysexit);
1491 }
1492
1493 if (n == 0 || writev(ctlfd, iov, n) < 0)
1494 return; /* nothing to do or write failed */
1495
1496 P->flags &= ~(SETSIG|SETFAULT|SETENTRY|SETEXIT|SETHOLD|SETREGS);
1497 }
1498
1499 /*
1500 * Reopen the /proc file (after PS_LOST).
1501 */
1502 int
1503 Preopen(struct ps_prochandle *P)
1504 {
1505 int fd;
1506 char procname[PATH_MAX];
1507 char *fname;
1508
1509 if (P->state == PS_DEAD || P->state == PS_IDLE)
1510 return (0);
1511
1512 if (P->agentcnt > 0) {
1513 P->agentcnt = 1;
1514 Pdestroy_agent(P);
1515 }
1516
1517 (void) snprintf(procname, sizeof (procname), "%s/%d/",
1518 procfs_path, (int)P->pid);
1519 fname = procname + strlen(procname);
1520
1521 (void) strcpy(fname, "as");
1522 if ((fd = open(procname, O_RDWR)) < 0 ||
1523 close(P->asfd) < 0 ||
1524 (fd = dupfd(fd, P->asfd)) != P->asfd) {
1525 dprintf("Preopen: failed to open %s: %s\n",
1526 procname, strerror(errno));
1527 if (fd >= 0)
1528 (void) close(fd);
1529 return (-1);
1530 }
1531 P->asfd = fd;
1532
1533 (void) strcpy(fname, "status");
1534 if ((fd = open(procname, O_RDONLY)) < 0 ||
1535 close(P->statfd) < 0 ||
1536 (fd = dupfd(fd, P->statfd)) != P->statfd) {
1537 dprintf("Preopen: failed to open %s: %s\n",
1538 procname, strerror(errno));
1539 if (fd >= 0)
1540 (void) close(fd);
1541 return (-1);
1542 }
1543 P->statfd = fd;
1544
1545 (void) strcpy(fname, "ctl");
1546 if ((fd = open(procname, O_WRONLY)) < 0 ||
1547 close(P->ctlfd) < 0 ||
1548 (fd = dupfd(fd, P->ctlfd)) != P->ctlfd) {
1549 dprintf("Preopen: failed to open %s: %s\n",
1550 procname, strerror(errno));
1551 if (fd >= 0)
1552 (void) close(fd);
1553 return (-1);
1554 }
1555 P->ctlfd = fd;
1556
1557 /*
1558 * Set the state to PS_RUN and wait for the process to stop so that
1559 * we re-read the status from the new P->statfd. If this fails, Pwait
1560 * will reset the state to PS_LOST and we fail the reopen. Before
1561 * returning, we also forge a bit of P->status to allow the debugger to
1562 * see that we are PS_LOST following a successful exec.
1563 */
1564 P->state = PS_RUN;
1565 if (Pwait(P, 0) == -1) {
1566 #ifdef _ILP32
1567 if (errno == EOVERFLOW)
1568 P->status.pr_dmodel = PR_MODEL_LP64;
1569 #endif
1570 P->status.pr_lwp.pr_why = PR_SYSEXIT;
1571 P->status.pr_lwp.pr_what = SYS_execve;
1572 P->status.pr_lwp.pr_errno = 0;
1573 return (-1);
1574 }
1575
1576 /*
1577 * The process should be stopped on exec (REQUESTED)
1578 * or else should be stopped on exit from exec() (SYSEXIT)
1579 */
1580 if (P->state == PS_STOP &&
1581 (P->status.pr_lwp.pr_why == PR_REQUESTED ||
1582 (P->status.pr_lwp.pr_why == PR_SYSEXIT &&
1583 P->status.pr_lwp.pr_what == SYS_execve))) {
1584 /* fake up stop-on-exit-from-execve */
1585 if (P->status.pr_lwp.pr_why == PR_REQUESTED) {
1586 P->status.pr_lwp.pr_why = PR_SYSEXIT;
1587 P->status.pr_lwp.pr_what = SYS_execve;
1588 P->status.pr_lwp.pr_errno = 0;
1589 }
1590 } else {
1591 dprintf("Preopen: expected REQUESTED or "
1592 "SYSEXIT(SYS_execve) stop\n");
1593 }
1594
1595 return (0);
1596 }
1597
1598 /*
1599 * Define all settable flags other than the microstate accounting flags.
1600 */
1601 #define ALL_SETTABLE_FLAGS (PR_FORK|PR_RLC|PR_KLC|PR_ASYNC|PR_BPTADJ|PR_PTRACE)
1602
1603 /*
1604 * Restore /proc tracing flags to their original values
1605 * in preparation for releasing the process.
1606 * Also called by Pcreate() to clear all tracing flags.
1607 */
1608 static void
1609 restore_tracing_flags(struct ps_prochandle *P)
1610 {
1611 long flags;
1612 long cmd[4];
1613 iovec_t iov[8];
1614
1615 if (P->flags & CREATED) {
1616 /* we created this process; clear all tracing flags */
1617 premptyset(&P->status.pr_sigtrace);
1618 premptyset(&P->status.pr_flttrace);
1619 premptyset(&P->status.pr_sysentry);
1620 premptyset(&P->status.pr_sysexit);
1621 if ((P->status.pr_flags & ALL_SETTABLE_FLAGS) != 0)
1622 (void) Punsetflags(P, ALL_SETTABLE_FLAGS);
1623 } else {
1624 /* we grabbed the process; restore its tracing flags */
1625 P->status.pr_sigtrace = P->orig_status.pr_sigtrace;
1626 P->status.pr_flttrace = P->orig_status.pr_flttrace;
1627 P->status.pr_sysentry = P->orig_status.pr_sysentry;
1628 P->status.pr_sysexit = P->orig_status.pr_sysexit;
1629 if ((P->status.pr_flags & ALL_SETTABLE_FLAGS) !=
1630 (flags = (P->orig_status.pr_flags & ALL_SETTABLE_FLAGS))) {
1631 (void) Punsetflags(P, ALL_SETTABLE_FLAGS);
1632 if (flags)
1633 (void) Psetflags(P, flags);
1634 }
1635 }
1636
1637 cmd[0] = PCSTRACE;
1638 iov[0].iov_base = (caddr_t)&cmd[0];
1639 iov[0].iov_len = sizeof (long);
1640 iov[1].iov_base = (caddr_t)&P->status.pr_sigtrace;
1641 iov[1].iov_len = sizeof (P->status.pr_sigtrace);
1642
1643 cmd[1] = PCSFAULT;
1644 iov[2].iov_base = (caddr_t)&cmd[1];
1645 iov[2].iov_len = sizeof (long);
1646 iov[3].iov_base = (caddr_t)&P->status.pr_flttrace;
1647 iov[3].iov_len = sizeof (P->status.pr_flttrace);
1648
1649 cmd[2] = PCSENTRY;
1650 iov[4].iov_base = (caddr_t)&cmd[2];
1651 iov[4].iov_len = sizeof (long);
1652 iov[5].iov_base = (caddr_t)&P->status.pr_sysentry;
1653 iov[5].iov_len = sizeof (P->status.pr_sysentry);
1654
1655 cmd[3] = PCSEXIT;
1656 iov[6].iov_base = (caddr_t)&cmd[3];
1657 iov[6].iov_len = sizeof (long);
1658 iov[7].iov_base = (caddr_t)&P->status.pr_sysexit;
1659 iov[7].iov_len = sizeof (P->status.pr_sysexit);
1660
1661 (void) writev(P->ctlfd, iov, 8);
1662
1663 P->flags &= ~(SETSIG|SETFAULT|SETENTRY|SETEXIT);
1664 }
1665
1666 /*
1667 * Release the process. Frees the process control structure.
1668 * flags:
1669 * PRELEASE_CLEAR Clear all tracing flags.
1670 * PRELEASE_RETAIN Retain current tracing flags.
1671 * PRELEASE_HANG Leave the process stopped and abandoned.
1672 * PRELEASE_KILL Terminate the process with SIGKILL.
1673 */
1674 void
1675 Prelease(struct ps_prochandle *P, int flags)
1676 {
1677 if (P->state == PS_DEAD) {
1678 dprintf("Prelease: releasing handle %p PS_DEAD of pid %d\n",
1679 (void *)P, (int)P->pid);
1680 Pfree(P);
1681 return;
1682 }
1683
1684 if (P->state == PS_IDLE) {
1685 file_info_t *fptr = list_head(&P->file_head);
1686 dprintf("Prelease: releasing handle %p PS_IDLE of file %s\n",
1687 (void *)P, fptr->file_pname);
1688 Pfree(P);
1689 return;
1690 }
1691
1692 dprintf("Prelease: releasing handle %p pid %d\n",
1693 (void *)P, (int)P->pid);
1694
1695 if (P->ctlfd == -1) {
1696 Pfree(P);
1697 return;
1698 }
1699
1700 if (P->agentcnt > 0) {
1701 P->agentcnt = 1;
1702 Pdestroy_agent(P);
1703 }
1704
1705 /*
1706 * Attempt to stop the process.
1707 */
1708 P->state = PS_RUN;
1709 (void) Pstop(P, 1000);
1710
1711 if (flags & PRELEASE_KILL) {
1712 if (P->state == PS_STOP)
1713 (void) Psetrun(P, SIGKILL, 0);
1714 (void) kill(P->pid, SIGKILL);
1715 Pfree(P);
1716 return;
1717 }
1718
1719 /*
1720 * If we lost control, all we can do now is close the files.
1721 * In this case, the last close sets the process running.
1722 */
1723 if (P->state != PS_STOP &&
1724 (P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) == 0) {
1725 Pfree(P);
1726 return;
1727 }
1728
1729 /*
1730 * We didn't lose control; we do more.
1731 */
1732 Psync(P);
1733
1734 if (flags & PRELEASE_CLEAR)
1735 P->flags |= CREATED;
1736
1737 if (!(flags & PRELEASE_RETAIN))
1738 restore_tracing_flags(P);
1739
1740 if (flags & PRELEASE_HANG) {
1741 /* Leave the process stopped and abandoned */
1742 (void) Punsetflags(P, PR_RLC|PR_KLC);
1743 Pfree(P);
1744 return;
1745 }
1746
1747 /*
1748 * Set the process running if we created it or if it was
1749 * not originally stopped or directed to stop via /proc
1750 * or if we were given the PRELEASE_CLEAR flag.
1751 */
1752 if ((P->flags & CREATED) ||
1753 (P->orig_status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP)) == 0) {
1754 (void) Psetflags(P, PR_RLC);
1755 /*
1756 * We do this repeatedly because the process may have
1757 * more than one LWP stopped on an event of interest.
1758 * This makes sure all of them are set running.
1759 */
1760 do {
1761 if (Psetrun(P, 0, 0) == -1 && errno == EBUSY)
1762 break; /* Agent LWP may be stuck */
1763 } while (Pstopstatus(P, PCNULL, 0) == 0 &&
1764 P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP));
1765
1766 if (P->status.pr_lwp.pr_flags & (PR_ISTOP|PR_DSTOP))
1767 dprintf("Prelease: failed to set process running\n");
1768 }
1769
1770 Pfree(P);
1771 }
1772
1773 /* debugging */
1774 void
1775 prldump(const char *caller, lwpstatus_t *lsp)
1776 {
1777 char name[32];
1778 uint32_t bits;
1779
1780 switch (lsp->pr_why) {
1781 case PR_REQUESTED:
1782 dprintf("%s: REQUESTED\n", caller);
1783 break;
1784 case PR_SIGNALLED:
1785 dprintf("%s: SIGNALLED %s\n", caller,
1786 proc_signame(lsp->pr_what, name, sizeof (name)));
1787 break;
1788 case PR_FAULTED:
1789 dprintf("%s: FAULTED %s\n", caller,
1790 proc_fltname(lsp->pr_what, name, sizeof (name)));
1791 break;
1792 case PR_SYSENTRY:
1793 dprintf("%s: SYSENTRY %s\n", caller,
1794 proc_sysname(lsp->pr_what, name, sizeof (name)));
1795 break;
1796 case PR_SYSEXIT:
1797 dprintf("%s: SYSEXIT %s\n", caller,
1798 proc_sysname(lsp->pr_what, name, sizeof (name)));
1799 break;
1800 case PR_JOBCONTROL:
1801 dprintf("%s: JOBCONTROL %s\n", caller,
1802 proc_signame(lsp->pr_what, name, sizeof (name)));
1803 break;
1804 case PR_SUSPENDED:
1805 dprintf("%s: SUSPENDED\n", caller);
1806 break;
1807 case PR_BRAND:
1808 dprintf("%s: BRANDPRIVATE (%d)\n", caller, lsp->pr_what);
1809 break;
1810 default:
1811 dprintf("%s: Unknown\n", caller);
1812 break;
1813 }
1814
1815 if (lsp->pr_cursig)
1816 dprintf("%s: p_cursig = %d\n", caller, lsp->pr_cursig);
1817
1818 bits = *((uint32_t *)&lsp->pr_lwppend);
1819 if (bits)
1820 dprintf("%s: pr_lwppend = 0x%.8X\n", caller, bits);
1821 }
1822
1823 /* debugging */
1824 static void
1825 prdump(struct ps_prochandle *P)
1826 {
1827 uint32_t bits;
1828
1829 prldump("Pstopstatus", &P->status.pr_lwp);
1830
1831 bits = *((uint32_t *)&P->status.pr_sigpend);
1832 if (bits)
1833 dprintf("Pstopstatus: pr_sigpend = 0x%.8X\n", bits);
1834 }
1835
1836 /*
1837 * Wait for the specified process to stop or terminate.
1838 * Or, just get the current status (PCNULL).
1839 * Or, direct it to stop and get the current status (PCDSTOP).
1840 * If the agent LWP exists, do these things to the agent,
1841 * else do these things to the process as a whole.
1842 */
1843 int
1844 Pstopstatus(struct ps_prochandle *P,
1845 long request, /* PCNULL, PCDSTOP, PCSTOP, PCWSTOP */
1846 uint_t msec) /* if non-zero, timeout in milliseconds */
1847 {
1848 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
1849 long ctl[3];
1850 ssize_t rc;
1851 int err;
1852 int old_state = P->state;
1853
1854 switch (P->state) {
1855 case PS_RUN:
1856 break;
1857 case PS_STOP:
1858 if (request != PCNULL && request != PCDSTOP)
1859 return (0);
1860 break;
1861 case PS_LOST:
1862 if (request != PCNULL) {
1863 errno = EAGAIN;
1864 return (-1);
1865 }
1866 break;
1867 case PS_UNDEAD:
1868 case PS_DEAD:
1869 case PS_IDLE:
1870 if (request != PCNULL) {
1871 errno = ENOENT;
1872 return (-1);
1873 }
1874 break;
1875 default: /* corrupted state */
1876 dprintf("Pstopstatus: corrupted state: %d\n", P->state);
1877 errno = EINVAL;
1878 return (-1);
1879 }
1880
1881 ctl[0] = PCDSTOP;
1882 ctl[1] = PCTWSTOP;
1883 ctl[2] = (long)msec;
1884 rc = 0;
1885 switch (request) {
1886 case PCSTOP:
1887 rc = write(ctlfd, &ctl[0], 3*sizeof (long));
1888 break;
1889 case PCWSTOP:
1890 rc = write(ctlfd, &ctl[1], 2*sizeof (long));
1891 break;
1892 case PCDSTOP:
1893 rc = write(ctlfd, &ctl[0], 1*sizeof (long));
1894 break;
1895 case PCNULL:
1896 if (P->state == PS_DEAD || P->state == PS_IDLE)
1897 return (0);
1898 break;
1899 default: /* programming error */
1900 errno = EINVAL;
1901 return (-1);
1902 }
1903 err = (rc < 0)? errno : 0;
1904 Psync(P);
1905
1906 if (P->agentstatfd < 0) {
1907 if (pread(P->statfd, &P->status,
1908 sizeof (P->status), (off_t)0) < 0)
1909 err = errno;
1910 } else {
1911 if (pread(P->agentstatfd, &P->status.pr_lwp,
1912 sizeof (P->status.pr_lwp), (off_t)0) < 0)
1913 err = errno;
1914 P->status.pr_flags = P->status.pr_lwp.pr_flags;
1915 }
1916
1917 if (err) {
1918 switch (err) {
1919 case EINTR: /* user typed ctl-C */
1920 case ERESTART:
1921 dprintf("Pstopstatus: EINTR\n");
1922 break;
1923 case EAGAIN: /* we lost control of the the process */
1924 case EOVERFLOW:
1925 dprintf("Pstopstatus: PS_LOST, errno=%d\n", err);
1926 P->state = PS_LOST;
1927 break;
1928 default: /* check for dead process */
1929 if (_libproc_debug) {
1930 const char *errstr;
1931
1932 switch (request) {
1933 case PCNULL:
1934 errstr = "Pstopstatus PCNULL"; break;
1935 case PCSTOP:
1936 errstr = "Pstopstatus PCSTOP"; break;
1937 case PCDSTOP:
1938 errstr = "Pstopstatus PCDSTOP"; break;
1939 case PCWSTOP:
1940 errstr = "Pstopstatus PCWSTOP"; break;
1941 default:
1942 errstr = "Pstopstatus PC???"; break;
1943 }
1944 dprintf("%s: %s\n", errstr, strerror(err));
1945 }
1946 deadcheck(P);
1947 break;
1948 }
1949 if (err != EINTR && err != ERESTART) {
1950 errno = err;
1951 return (-1);
1952 }
1953 }
1954
1955 if (!(P->status.pr_flags & PR_STOPPED)) {
1956 P->state = PS_RUN;
1957 if (request == PCNULL || request == PCDSTOP || msec != 0)
1958 return (0);
1959 dprintf("Pstopstatus: process is not stopped\n");
1960 errno = EPROTO;
1961 return (-1);
1962 }
1963
1964 P->state = PS_STOP;
1965
1966 if (_libproc_debug) /* debugging */
1967 prdump(P);
1968
1969 /*
1970 * If the process was already stopped coming into Pstopstatus(),
1971 * then don't use its PC to set P->sysaddr since it may have been
1972 * changed since the time the process originally stopped.
1973 */
1974 if (old_state == PS_STOP)
1975 return (0);
1976
1977 switch (P->status.pr_lwp.pr_why) {
1978 case PR_SYSENTRY:
1979 case PR_SYSEXIT:
1980 if (Pissyscall_prev(P, P->status.pr_lwp.pr_reg[R_PC],
1981 &P->sysaddr) == 0)
1982 P->sysaddr = P->status.pr_lwp.pr_reg[R_PC];
1983 break;
1984 case PR_REQUESTED:
1985 case PR_SIGNALLED:
1986 case PR_FAULTED:
1987 case PR_JOBCONTROL:
1988 case PR_SUSPENDED:
1989 case PR_BRAND:
1990 break;
1991 default:
1992 errno = EPROTO;
1993 return (-1);
1994 }
1995
1996 return (0);
1997 }
1998
1999 /*
2000 * Wait for the process to stop for any reason.
2001 */
2002 int
2003 Pwait(struct ps_prochandle *P, uint_t msec)
2004 {
2005 return (Pstopstatus(P, PCWSTOP, msec));
2006 }
2007
2008 /*
2009 * Direct the process to stop; wait for it to stop.
2010 */
2011 int
2012 Pstop(struct ps_prochandle *P, uint_t msec)
2013 {
2014 return (Pstopstatus(P, PCSTOP, msec));
2015 }
2016
2017 /*
2018 * Direct the process to stop; don't wait.
2019 */
2020 int
2021 Pdstop(struct ps_prochandle *P)
2022 {
2023 return (Pstopstatus(P, PCDSTOP, 0));
2024 }
2025
2026 static void
2027 deadcheck(struct ps_prochandle *P)
2028 {
2029 int fd;
2030 void *buf;
2031 size_t size;
2032
2033 if (P->statfd < 0)
2034 P->state = PS_UNDEAD;
2035 else {
2036 if (P->agentstatfd < 0) {
2037 fd = P->statfd;
2038 buf = &P->status;
2039 size = sizeof (P->status);
2040 } else {
2041 fd = P->agentstatfd;
2042 buf = &P->status.pr_lwp;
2043 size = sizeof (P->status.pr_lwp);
2044 }
2045 while (pread(fd, buf, size, (off_t)0) != size) {
2046 switch (errno) {
2047 default:
2048 P->state = PS_UNDEAD;
2049 break;
2050 case EINTR:
2051 case ERESTART:
2052 continue;
2053 case EAGAIN:
2054 P->state = PS_LOST;
2055 break;
2056 }
2057 break;
2058 }
2059 P->status.pr_flags = P->status.pr_lwp.pr_flags;
2060 }
2061 }
2062
2063 /*
2064 * Get the value of one register from stopped process.
2065 */
2066 int
2067 Pgetareg(struct ps_prochandle *P, int regno, prgreg_t *preg)
2068 {
2069 if (regno < 0 || regno >= NPRGREG) {
2070 errno = EINVAL;
2071 return (-1);
2072 }
2073
2074 if (P->state == PS_IDLE) {
2075 errno = ENODATA;
2076 return (-1);
2077 }
2078
2079 if (P->state != PS_STOP && P->state != PS_DEAD) {
2080 errno = EBUSY;
2081 return (-1);
2082 }
2083
2084 *preg = P->status.pr_lwp.pr_reg[regno];
2085 return (0);
2086 }
2087
2088 /*
2089 * Put value of one register into stopped process.
2090 */
2091 int
2092 Pputareg(struct ps_prochandle *P, int regno, prgreg_t reg)
2093 {
2094 if (regno < 0 || regno >= NPRGREG) {
2095 errno = EINVAL;
2096 return (-1);
2097 }
2098
2099 if (P->state != PS_STOP) {
2100 errno = EBUSY;
2101 return (-1);
2102 }
2103
2104 P->status.pr_lwp.pr_reg[regno] = reg;
2105 P->flags |= SETREGS; /* set registers before continuing */
2106 return (0);
2107 }
2108
2109 int
2110 Psetrun(struct ps_prochandle *P,
2111 int sig, /* signal to pass to process */
2112 int flags) /* PRSTEP|PRSABORT|PRSTOP|PRCSIG|PRCFAULT */
2113 {
2114 int ctlfd = (P->agentctlfd >= 0) ? P->agentctlfd : P->ctlfd;
2115 int sbits = (PR_DSTOP | PR_ISTOP | PR_ASLEEP);
2116
2117 long ctl[1 + /* PCCFAULT */
2118 1 + sizeof (siginfo_t)/sizeof (long) + /* PCSSIG/PCCSIG */
2119 2 ]; /* PCRUN */
2120
2121 long *ctlp = ctl;
2122 size_t size;
2123
2124 if (P->state != PS_STOP && (P->status.pr_lwp.pr_flags & sbits) == 0) {
2125 errno = EBUSY;
2126 return (-1);
2127 }
2128
2129 Psync(P); /* flush tracing flags and registers */
2130
2131 if (flags & PRCFAULT) { /* clear current fault */
2132 *ctlp++ = PCCFAULT;
2133 flags &= ~PRCFAULT;
2134 }
2135
2136 if (flags & PRCSIG) { /* clear current signal */
2137 *ctlp++ = PCCSIG;
2138 flags &= ~PRCSIG;
2139 } else if (sig && sig != P->status.pr_lwp.pr_cursig) {
2140 /* make current signal */
2141 siginfo_t *infop;
2142
2143 *ctlp++ = PCSSIG;
2144 infop = (siginfo_t *)ctlp;
2145 (void) memset(infop, 0, sizeof (*infop));
2146 infop->si_signo = sig;
2147 ctlp += sizeof (siginfo_t) / sizeof (long);
2148 }
2149
2150 *ctlp++ = PCRUN;
2151 *ctlp++ = flags;
2152 size = (char *)ctlp - (char *)ctl;
2153
2154 P->info_valid = 0; /* will need to update map and file info */
2155
2156 /*
2157 * If we've cached ucontext-list information while we were stopped,
2158 * free it now.
2159 */
2160 if (P->ucaddrs != NULL) {
2161 free(P->ucaddrs);
2162 P->ucaddrs = NULL;
2163 P->ucnelems = 0;
2164 }
2165
2166 if (write(ctlfd, ctl, size) != size) {
2167 /* If it is dead or lost, return the real status, not PS_RUN */
2168 if (errno == ENOENT || errno == EAGAIN) {
2169 (void) Pstopstatus(P, PCNULL, 0);
2170 return (0);
2171 }
2172 /* If it is not in a jobcontrol stop, issue an error message */
2173 if (errno != EBUSY ||
2174 P->status.pr_lwp.pr_why != PR_JOBCONTROL) {
2175 dprintf("Psetrun: %s\n", strerror(errno));
2176 return (-1);
2177 }
2178 /* Otherwise pretend that the job-stopped process is running */
2179 }
2180
2181 P->state = PS_RUN;
2182 return (0);
2183 }
2184
2185 ssize_t
2186 Pread(struct ps_prochandle *P,
2187 void *buf, /* caller's buffer */
2188 size_t nbyte, /* number of bytes to read */
2189 uintptr_t address) /* address in process */
2190 {
2191 return (P->ops.pop_pread(P, buf, nbyte, address, P->data));
2192 }
2193
2194 ssize_t
2195 Pread_string(struct ps_prochandle *P,
2196 char *buf, /* caller's buffer */
2197 size_t size, /* upper limit on bytes to read */
2198 uintptr_t addr) /* address in process */
2199 {
2200 enum { STRSZ = 40 };
2201 char string[STRSZ + 1];
2202 ssize_t leng = 0;
2203 int nbyte;
2204
2205 if (size < 2) {
2206 errno = EINVAL;
2207 return (-1);
2208 }
2209
2210 size--; /* ensure trailing null fits in buffer */
2211
2212 *buf = '\0';
2213 string[STRSZ] = '\0';
2214
2215 for (nbyte = STRSZ; nbyte == STRSZ && leng < size; addr += STRSZ) {
2216 if ((nbyte = P->ops.pop_pread(P, string, STRSZ, addr,
2217 P->data)) <= 0) {
2218 buf[leng] = '\0';
2219 return (leng ? leng : -1);
2220 }
2221 if ((nbyte = strlen(string)) > 0) {
2222 if (leng + nbyte > size)
2223 nbyte = size - leng;
2224 (void) strncpy(buf + leng, string, nbyte);
2225 leng += nbyte;
2226 }
2227 }
2228 buf[leng] = '\0';
2229 return (leng);
2230 }
2231
2232 ssize_t
2233 Pwrite(struct ps_prochandle *P,
2234 const void *buf, /* caller's buffer */
2235 size_t nbyte, /* number of bytes to write */
2236 uintptr_t address) /* address in process */
2237 {
2238 return (P->ops.pop_pwrite(P, buf, nbyte, address, P->data));
2239 }
2240
2241 int
2242 Pclearsig(struct ps_prochandle *P)
2243 {
2244 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2245 long ctl = PCCSIG;
2246
2247 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
2248 return (-1);
2249 P->status.pr_lwp.pr_cursig = 0;
2250 return (0);
2251 }
2252
2253 int
2254 Pclearfault(struct ps_prochandle *P)
2255 {
2256 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2257 long ctl = PCCFAULT;
2258
2259 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
2260 return (-1);
2261 return (0);
2262 }
2263
2264 /*
2265 * Set a breakpoint trap, return original instruction.
2266 */
2267 int
2268 Psetbkpt(struct ps_prochandle *P, uintptr_t address, ulong_t *saved)
2269 {
2270 long ctl[1 + sizeof (priovec_t) / sizeof (long) + /* PCREAD */
2271 1 + sizeof (priovec_t) / sizeof (long)]; /* PCWRITE */
2272 long *ctlp = ctl;
2273 size_t size;
2274 priovec_t *iovp;
2275 instr_t bpt = BPT;
2276 instr_t old;
2277
2278 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2279 P->state == PS_IDLE) {
2280 errno = ENOENT;
2281 return (-1);
2282 }
2283
2284 /* fetch the old instruction */
2285 *ctlp++ = PCREAD;
2286 iovp = (priovec_t *)ctlp;
2287 iovp->pio_base = &old;
2288 iovp->pio_len = sizeof (old);
2289 iovp->pio_offset = address;
2290 ctlp += sizeof (priovec_t) / sizeof (long);
2291
2292 /* write the BPT instruction */
2293 *ctlp++ = PCWRITE;
2294 iovp = (priovec_t *)ctlp;
2295 iovp->pio_base = &bpt;
2296 iovp->pio_len = sizeof (bpt);
2297 iovp->pio_offset = address;
2298 ctlp += sizeof (priovec_t) / sizeof (long);
2299
2300 size = (char *)ctlp - (char *)ctl;
2301 if (write(P->ctlfd, ctl, size) != size)
2302 return (-1);
2303
2304 /*
2305 * Fail if there was already a breakpoint there from another debugger
2306 * or DTrace's user-level tracing on x86.
2307 */
2308 if (old == BPT) {
2309 errno = EBUSY;
2310 return (-1);
2311 }
2312
2313 *saved = (ulong_t)old;
2314 return (0);
2315 }
2316
2317 /*
2318 * Restore original instruction where a breakpoint was set.
2319 */
2320 int
2321 Pdelbkpt(struct ps_prochandle *P, uintptr_t address, ulong_t saved)
2322 {
2323 instr_t old = (instr_t)saved;
2324 instr_t cur;
2325
2326 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2327 P->state == PS_IDLE) {
2328 errno = ENOENT;
2329 return (-1);
2330 }
2331
2332 /*
2333 * If the breakpoint instruction we had placed has been overwritten
2334 * with a new instruction, then don't try to replace it with the
2335 * old instruction. Doing do can cause problems with self-modifying
2336 * code -- PLTs for example. If the Pread() fails, we assume that we
2337 * should proceed though most likely the Pwrite() will also fail.
2338 */
2339 if (Pread(P, &cur, sizeof (cur), address) == sizeof (cur) &&
2340 cur != BPT)
2341 return (0);
2342
2343 if (Pwrite(P, &old, sizeof (old), address) != sizeof (old))
2344 return (-1);
2345
2346 return (0);
2347 }
2348
2349 /*
2350 * Common code for Pxecbkpt() and Lxecbkpt().
2351 * Develop the array of requests that will do the job, then
2352 * write them to the specified control file descriptor.
2353 * Return the non-zero errno if the write fails.
2354 */
2355 static int
2356 execute_bkpt(
2357 int ctlfd, /* process or LWP control file descriptor */
2358 const fltset_t *faultset, /* current set of traced faults */
2359 const sigset_t *sigmask, /* current signal mask */
2360 uintptr_t address, /* address of breakpint */
2361 ulong_t saved) /* the saved instruction */
2362 {
2363 long ctl[
2364 1 + sizeof (sigset_t) / sizeof (long) + /* PCSHOLD */
2365 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2366 1 + sizeof (priovec_t) / sizeof (long) + /* PCWRITE */
2367 2 + /* PCRUN */
2368 1 + /* PCWSTOP */
2369 1 + /* PCCFAULT */
2370 1 + sizeof (priovec_t) / sizeof (long) + /* PCWRITE */
2371 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2372 1 + sizeof (sigset_t) / sizeof (long)]; /* PCSHOLD */
2373 long *ctlp = ctl;
2374 sigset_t unblock;
2375 size_t size;
2376 ssize_t ssize;
2377 priovec_t *iovp;
2378 sigset_t *holdp;
2379 fltset_t *faultp;
2380 instr_t old = (instr_t)saved;
2381 instr_t bpt = BPT;
2382 int error = 0;
2383
2384 /* block our signals for the duration */
2385 (void) sigprocmask(SIG_BLOCK, &blockable_sigs, &unblock);
2386
2387 /* hold posted signals */
2388 *ctlp++ = PCSHOLD;
2389 holdp = (sigset_t *)ctlp;
2390 prfillset(holdp);
2391 prdelset(holdp, SIGKILL);
2392 prdelset(holdp, SIGSTOP);
2393 ctlp += sizeof (sigset_t) / sizeof (long);
2394
2395 /* force tracing of FLTTRACE */
2396 if (!(prismember(faultset, FLTTRACE))) {
2397 *ctlp++ = PCSFAULT;
2398 faultp = (fltset_t *)ctlp;
2399 *faultp = *faultset;
2400 praddset(faultp, FLTTRACE);
2401 ctlp += sizeof (fltset_t) / sizeof (long);
2402 }
2403
2404 /* restore the old instruction */
2405 *ctlp++ = PCWRITE;
2406 iovp = (priovec_t *)ctlp;
2407 iovp->pio_base = &old;
2408 iovp->pio_len = sizeof (old);
2409 iovp->pio_offset = address;
2410 ctlp += sizeof (priovec_t) / sizeof (long);
2411
2412 /* clear current signal and fault; set running w/ single-step */
2413 *ctlp++ = PCRUN;
2414 *ctlp++ = PRCSIG | PRCFAULT | PRSTEP;
2415
2416 /* wait for stop, cancel the fault */
2417 *ctlp++ = PCWSTOP;
2418 *ctlp++ = PCCFAULT;
2419
2420 /* restore the breakpoint trap */
2421 *ctlp++ = PCWRITE;
2422 iovp = (priovec_t *)ctlp;
2423 iovp->pio_base = &bpt;
2424 iovp->pio_len = sizeof (bpt);
2425 iovp->pio_offset = address;
2426 ctlp += sizeof (priovec_t) / sizeof (long);
2427
2428 /* restore fault tracing set */
2429 if (!(prismember(faultset, FLTTRACE))) {
2430 *ctlp++ = PCSFAULT;
2431 *(fltset_t *)ctlp = *faultset;
2432 ctlp += sizeof (fltset_t) / sizeof (long);
2433 }
2434
2435 /* restore the hold mask */
2436 *ctlp++ = PCSHOLD;
2437 *(sigset_t *)ctlp = *sigmask;
2438 ctlp += sizeof (sigset_t) / sizeof (long);
2439
2440 size = (char *)ctlp - (char *)ctl;
2441 if ((ssize = write(ctlfd, ctl, size)) != size)
2442 error = (ssize == -1)? errno : EINTR;
2443 (void) sigprocmask(SIG_SETMASK, &unblock, NULL);
2444 return (error);
2445 }
2446
2447 /*
2448 * Step over a breakpoint, i.e., execute the instruction that
2449 * really belongs at the breakpoint location (the current %pc)
2450 * and leave the process stopped at the next instruction.
2451 */
2452 int
2453 Pxecbkpt(struct ps_prochandle *P, ulong_t saved)
2454 {
2455 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2456 int rv, error;
2457
2458 if (P->state != PS_STOP) {
2459 errno = EBUSY;
2460 return (-1);
2461 }
2462
2463 Psync(P);
2464
2465 error = execute_bkpt(ctlfd,
2466 &P->status.pr_flttrace, &P->status.pr_lwp.pr_lwphold,
2467 P->status.pr_lwp.pr_reg[R_PC], saved);
2468 rv = Pstopstatus(P, PCNULL, 0);
2469
2470 if (error != 0) {
2471 if (P->status.pr_lwp.pr_why == PR_JOBCONTROL &&
2472 error == EBUSY) { /* jobcontrol stop -- back off */
2473 P->state = PS_RUN;
2474 return (0);
2475 }
2476 if (error == ENOENT)
2477 return (0);
2478 errno = error;
2479 return (-1);
2480 }
2481
2482 return (rv);
2483 }
2484
2485 /*
2486 * Install the watchpoint described by wp.
2487 */
2488 int
2489 Psetwapt(struct ps_prochandle *P, const prwatch_t *wp)
2490 {
2491 long ctl[1 + sizeof (prwatch_t) / sizeof (long)];
2492 prwatch_t *cwp = (prwatch_t *)&ctl[1];
2493
2494 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2495 P->state == PS_IDLE) {
2496 errno = ENOENT;
2497 return (-1);
2498 }
2499
2500 ctl[0] = PCWATCH;
2501 cwp->pr_vaddr = wp->pr_vaddr;
2502 cwp->pr_size = wp->pr_size;
2503 cwp->pr_wflags = wp->pr_wflags;
2504
2505 if (write(P->ctlfd, ctl, sizeof (ctl)) != sizeof (ctl))
2506 return (-1);
2507
2508 return (0);
2509 }
2510
2511 /*
2512 * Remove the watchpoint described by wp.
2513 */
2514 int
2515 Pdelwapt(struct ps_prochandle *P, const prwatch_t *wp)
2516 {
2517 long ctl[1 + sizeof (prwatch_t) / sizeof (long)];
2518 prwatch_t *cwp = (prwatch_t *)&ctl[1];
2519
2520 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2521 P->state == PS_IDLE) {
2522 errno = ENOENT;
2523 return (-1);
2524 }
2525
2526 ctl[0] = PCWATCH;
2527 cwp->pr_vaddr = wp->pr_vaddr;
2528 cwp->pr_size = wp->pr_size;
2529 cwp->pr_wflags = 0;
2530
2531 if (write(P->ctlfd, ctl, sizeof (ctl)) != sizeof (ctl))
2532 return (-1);
2533
2534 return (0);
2535 }
2536
2537 /*
2538 * Common code for Pxecwapt() and Lxecwapt(). Develop the array of requests
2539 * that will do the job, then write them to the specified control file
2540 * descriptor. Return the non-zero errno if the write fails.
2541 */
2542 static int
2543 execute_wapt(
2544 int ctlfd, /* process or LWP control file descriptor */
2545 const fltset_t *faultset, /* current set of traced faults */
2546 const sigset_t *sigmask, /* current signal mask */
2547 const prwatch_t *wp) /* watchpoint descriptor */
2548 {
2549 long ctl[
2550 1 + sizeof (sigset_t) / sizeof (long) + /* PCSHOLD */
2551 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2552 1 + sizeof (prwatch_t) / sizeof (long) + /* PCWATCH */
2553 2 + /* PCRUN */
2554 1 + /* PCWSTOP */
2555 1 + /* PCCFAULT */
2556 1 + sizeof (prwatch_t) / sizeof (long) + /* PCWATCH */
2557 1 + sizeof (fltset_t) / sizeof (long) + /* PCSFAULT */
2558 1 + sizeof (sigset_t) / sizeof (long)]; /* PCSHOLD */
2559
2560 long *ctlp = ctl;
2561 int error = 0;
2562
2563 sigset_t unblock;
2564 sigset_t *holdp;
2565 fltset_t *faultp;
2566 prwatch_t *prw;
2567 ssize_t ssize;
2568 size_t size;
2569
2570 (void) sigprocmask(SIG_BLOCK, &blockable_sigs, &unblock);
2571
2572 /*
2573 * Hold all posted signals in the victim process prior to stepping.
2574 */
2575 *ctlp++ = PCSHOLD;
2576 holdp = (sigset_t *)ctlp;
2577 prfillset(holdp);
2578 prdelset(holdp, SIGKILL);
2579 prdelset(holdp, SIGSTOP);
2580 ctlp += sizeof (sigset_t) / sizeof (long);
2581
2582 /*
2583 * Force tracing of FLTTRACE since we need to single step.
2584 */
2585 if (!(prismember(faultset, FLTTRACE))) {
2586 *ctlp++ = PCSFAULT;
2587 faultp = (fltset_t *)ctlp;
2588 *faultp = *faultset;
2589 praddset(faultp, FLTTRACE);
2590 ctlp += sizeof (fltset_t) / sizeof (long);
2591 }
2592
2593 /*
2594 * Clear only the current watchpoint by setting pr_wflags to zero.
2595 */
2596 *ctlp++ = PCWATCH;
2597 prw = (prwatch_t *)ctlp;
2598 prw->pr_vaddr = wp->pr_vaddr;
2599 prw->pr_size = wp->pr_size;
2600 prw->pr_wflags = 0;
2601 ctlp += sizeof (prwatch_t) / sizeof (long);
2602
2603 /*
2604 * Clear the current signal and fault; set running with single-step.
2605 * Then wait for the victim to stop and cancel the FLTTRACE.
2606 */
2607 *ctlp++ = PCRUN;
2608 *ctlp++ = PRCSIG | PRCFAULT | PRSTEP;
2609 *ctlp++ = PCWSTOP;
2610 *ctlp++ = PCCFAULT;
2611
2612 /*
2613 * Restore the current watchpoint.
2614 */
2615 *ctlp++ = PCWATCH;
2616 (void) memcpy(ctlp, wp, sizeof (prwatch_t));
2617 ctlp += sizeof (prwatch_t) / sizeof (long);
2618
2619 /*
2620 * Restore fault tracing set if we modified it.
2621 */
2622 if (!(prismember(faultset, FLTTRACE))) {
2623 *ctlp++ = PCSFAULT;
2624 *(fltset_t *)ctlp = *faultset;
2625 ctlp += sizeof (fltset_t) / sizeof (long);
2626 }
2627
2628 /*
2629 * Restore the hold mask to the current hold mask (i.e. the one
2630 * before we executed any of the previous operations).
2631 */
2632 *ctlp++ = PCSHOLD;
2633 *(sigset_t *)ctlp = *sigmask;
2634 ctlp += sizeof (sigset_t) / sizeof (long);
2635
2636 size = (char *)ctlp - (char *)ctl;
2637 if ((ssize = write(ctlfd, ctl, size)) != size)
2638 error = (ssize == -1)? errno : EINTR;
2639 (void) sigprocmask(SIG_SETMASK, &unblock, NULL);
2640 return (error);
2641 }
2642
2643 /*
2644 * Step over a watchpoint, i.e., execute the instruction that was stopped by
2645 * the watchpoint, and then leave the LWP stopped at the next instruction.
2646 */
2647 int
2648 Pxecwapt(struct ps_prochandle *P, const prwatch_t *wp)
2649 {
2650 int ctlfd = (P->agentctlfd >= 0)? P->agentctlfd : P->ctlfd;
2651 int rv, error;
2652
2653 if (P->state != PS_STOP) {
2654 errno = EBUSY;
2655 return (-1);
2656 }
2657
2658 Psync(P);
2659 error = execute_wapt(ctlfd,
2660 &P->status.pr_flttrace, &P->status.pr_lwp.pr_lwphold, wp);
2661 rv = Pstopstatus(P, PCNULL, 0);
2662
2663 if (error != 0) {
2664 if (P->status.pr_lwp.pr_why == PR_JOBCONTROL &&
2665 error == EBUSY) { /* jobcontrol stop -- back off */
2666 P->state = PS_RUN;
2667 return (0);
2668 }
2669 if (error == ENOENT)
2670 return (0);
2671 errno = error;
2672 return (-1);
2673 }
2674
2675 return (rv);
2676 }
2677
2678 int
2679 Psetflags(struct ps_prochandle *P, long flags)
2680 {
2681 int rc;
2682 long ctl[2];
2683
2684 ctl[0] = PCSET;
2685 ctl[1] = flags;
2686
2687 if (write(P->ctlfd, ctl, 2*sizeof (long)) != 2*sizeof (long)) {
2688 rc = -1;
2689 } else {
2690 P->status.pr_flags |= flags;
2691 P->status.pr_lwp.pr_flags |= flags;
2692 rc = 0;
2693 }
2694
2695 return (rc);
2696 }
2697
2698 int
2699 Punsetflags(struct ps_prochandle *P, long flags)
2700 {
2701 int rc;
2702 long ctl[2];
2703
2704 ctl[0] = PCUNSET;
2705 ctl[1] = flags;
2706
2707 if (write(P->ctlfd, ctl, 2*sizeof (long)) != 2*sizeof (long)) {
2708 rc = -1;
2709 } else {
2710 P->status.pr_flags &= ~flags;
2711 P->status.pr_lwp.pr_flags &= ~flags;
2712 rc = 0;
2713 }
2714
2715 return (rc);
2716 }
2717
2718 /*
2719 * Common function to allow clients to manipulate the action to be taken
2720 * on receipt of a signal, receipt of machine fault, entry to a system call,
2721 * or exit from a system call. We make use of our private prset_* functions
2722 * in order to make this code be common. The 'which' parameter identifies
2723 * the code for the event of interest (0 means change the entire set), and
2724 * the 'stop' parameter is a boolean indicating whether the process should
2725 * stop when the event of interest occurs. The previous value is returned
2726 * to the caller; -1 is returned if an error occurred.
2727 */
2728 static int
2729 Psetaction(struct ps_prochandle *P, void *sp, size_t size,
2730 uint_t flag, int max, int which, int stop)
2731 {
2732 int oldval;
2733
2734 if (which < 0 || which > max) {
2735 errno = EINVAL;
2736 return (-1);
2737 }
2738
2739 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2740 P->state == PS_IDLE) {
2741 errno = ENOENT;
2742 return (-1);
2743 }
2744
2745 oldval = prset_ismember(sp, size, which) ? TRUE : FALSE;
2746
2747 if (stop) {
2748 if (which == 0) {
2749 prset_fill(sp, size);
2750 P->flags |= flag;
2751 } else if (!oldval) {
2752 prset_add(sp, size, which);
2753 P->flags |= flag;
2754 }
2755 } else {
2756 if (which == 0) {
2757 prset_empty(sp, size);
2758 P->flags |= flag;
2759 } else if (oldval) {
2760 prset_del(sp, size, which);
2761 P->flags |= flag;
2762 }
2763 }
2764
2765 if (P->state == PS_RUN)
2766 Psync(P);
2767
2768 return (oldval);
2769 }
2770
2771 /*
2772 * Set action on specified signal.
2773 */
2774 int
2775 Psignal(struct ps_prochandle *P, int which, int stop)
2776 {
2777 int oldval;
2778
2779 if (which == SIGKILL && stop != 0) {
2780 errno = EINVAL;
2781 return (-1);
2782 }
2783
2784 oldval = Psetaction(P, &P->status.pr_sigtrace, sizeof (sigset_t),
2785 SETSIG, PRMAXSIG, which, stop);
2786
2787 if (oldval != -1 && which == 0 && stop != 0)
2788 prdelset(&P->status.pr_sigtrace, SIGKILL);
2789
2790 return (oldval);
2791 }
2792
2793 /*
2794 * Set all signal tracing flags.
2795 */
2796 void
2797 Psetsignal(struct ps_prochandle *P, const sigset_t *set)
2798 {
2799 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2800 P->state == PS_IDLE)
2801 return;
2802
2803 P->status.pr_sigtrace = *set;
2804 P->flags |= SETSIG;
2805
2806 if (P->state == PS_RUN)
2807 Psync(P);
2808 }
2809
2810 /*
2811 * Set action on specified fault.
2812 */
2813 int
2814 Pfault(struct ps_prochandle *P, int which, int stop)
2815 {
2816 return (Psetaction(P, &P->status.pr_flttrace, sizeof (fltset_t),
2817 SETFAULT, PRMAXFAULT, which, stop));
2818 }
2819
2820 /*
2821 * Set all machine fault tracing flags.
2822 */
2823 void
2824 Psetfault(struct ps_prochandle *P, const fltset_t *set)
2825 {
2826 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2827 P->state == PS_IDLE)
2828 return;
2829
2830 P->status.pr_flttrace = *set;
2831 P->flags |= SETFAULT;
2832
2833 if (P->state == PS_RUN)
2834 Psync(P);
2835 }
2836
2837 /*
2838 * Set action on specified system call entry.
2839 */
2840 int
2841 Psysentry(struct ps_prochandle *P, int which, int stop)
2842 {
2843 return (Psetaction(P, &P->status.pr_sysentry, sizeof (sysset_t),
2844 SETENTRY, PRMAXSYS, which, stop));
2845 }
2846
2847 /*
2848 * Set all system call entry tracing flags.
2849 */
2850 void
2851 Psetsysentry(struct ps_prochandle *P, const sysset_t *set)
2852 {
2853 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2854 P->state == PS_IDLE)
2855 return;
2856
2857 P->status.pr_sysentry = *set;
2858 P->flags |= SETENTRY;
2859
2860 if (P->state == PS_RUN)
2861 Psync(P);
2862 }
2863
2864 /*
2865 * Set action on specified system call exit.
2866 */
2867 int
2868 Psysexit(struct ps_prochandle *P, int which, int stop)
2869 {
2870 return (Psetaction(P, &P->status.pr_sysexit, sizeof (sysset_t),
2871 SETEXIT, PRMAXSYS, which, stop));
2872 }
2873
2874 /*
2875 * Set all system call exit tracing flags.
2876 */
2877 void
2878 Psetsysexit(struct ps_prochandle *P, const sysset_t *set)
2879 {
2880 if (P->state == PS_DEAD || P->state == PS_UNDEAD ||
2881 P->state == PS_IDLE)
2882 return;
2883
2884 P->status.pr_sysexit = *set;
2885 P->flags |= SETEXIT;
2886
2887 if (P->state == PS_RUN)
2888 Psync(P);
2889 }
2890
2891 /*
2892 * Utility function to read the contents of a file that contains a
2893 * prheader_t at the start (/proc/pid/lstatus or /proc/pid/lpsinfo).
2894 * Returns a malloc()d buffer or NULL on failure.
2895 */
2896 static prheader_t *
2897 read_lfile(struct ps_prochandle *P, const char *lname)
2898 {
2899 prheader_t *Lhp;
2900 char lpath[PATH_MAX];
2901 struct stat64 statb;
2902 int fd;
2903 size_t size;
2904 ssize_t rval;
2905
2906 (void) snprintf(lpath, sizeof (lpath), "%s/%d/%s", procfs_path,
2907 (int)P->status.pr_pid, lname);
2908 if ((fd = open(lpath, O_RDONLY)) < 0 || fstat64(fd, &statb) != 0) {
2909 if (fd >= 0)
2910 (void) close(fd);
2911 return (NULL);
2912 }
2913
2914 /*
2915 * 'size' is just the initial guess at the buffer size.
2916 * It will have to grow if the number of lwps increases
2917 * while we are looking at the process.
2918 * 'size' must be larger than the actual file size.
2919 */
2920 size = statb.st_size + 32;
2921
2922 for (;;) {
2923 if ((Lhp = malloc(size)) == NULL)
2924 break;
2925 if ((rval = pread(fd, Lhp, size, 0)) < 0 ||
2926 rval <= sizeof (prheader_t)) {
2927 free(Lhp);
2928 Lhp = NULL;
2929 break;
2930 }
2931 if (rval < size)
2932 break;
2933 /* need a bigger buffer */
2934 free(Lhp);
2935 size *= 2;
2936 }
2937
2938 (void) close(fd);
2939 return (Lhp);
2940 }
2941
2942 /*
2943 * LWP iteration interface.
2944 */
2945 int
2946 Plwp_iter(struct ps_prochandle *P, proc_lwp_f *func, void *cd)
2947 {
2948 prheader_t *Lhp;
2949 lwpstatus_t *Lsp;
2950 long nlwp;
2951 int rv;
2952
2953 switch (P->state) {
2954 case PS_RUN:
2955 (void) Pstopstatus(P, PCNULL, 0);
2956 break;
2957
2958 case PS_STOP:
2959 Psync(P);
2960 break;
2961
2962 case PS_IDLE:
2963 errno = ENODATA;
2964 return (-1);
2965 }
2966
2967 /*
2968 * For either live processes or cores, the single LWP case is easy:
2969 * the pstatus_t contains the lwpstatus_t for the only LWP.
2970 */
2971 if (P->status.pr_nlwp <= 1)
2972 return (func(cd, &P->status.pr_lwp));
2973
2974 /*
2975 * For the core file multi-LWP case, we just iterate through the
2976 * list of LWP structs we read in from the core file.
2977 */
2978 if (P->state == PS_DEAD) {
2979 core_info_t *core = P->data;
2980 lwp_info_t *lwp;
2981
2982 for (lwp = list_tail(&core->core_lwp_head); lwp != NULL;
2983 lwp = list_prev(&core->core_lwp_head, lwp)) {
2984 if (lwp->lwp_psinfo.pr_sname != 'Z' &&
2985 (rv = func(cd, &lwp->lwp_status)) != 0)
2986 break;
2987 }
2988
2989 return (rv);
2990 }
2991
2992 /*
2993 * For the live process multi-LWP case, we have to work a little
2994 * harder: the /proc/pid/lstatus file has the array of LWP structs.
2995 */
2996 if ((Lhp = Plstatus(P)) == NULL)
2997 return (-1);
2998
2999 for (nlwp = Lhp->pr_nent, Lsp = (lwpstatus_t *)(uintptr_t)(Lhp + 1);
3000 nlwp > 0;
3001 nlwp--, Lsp = (lwpstatus_t *)((uintptr_t)Lsp + Lhp->pr_entsize)) {
3002 if ((rv = func(cd, Lsp)) != 0)
3003 break;
3004 }
3005
3006 free(Lhp);
3007 return (rv);
3008 }
3009
3010 /*
3011 * Extended LWP iteration interface.
3012 * Iterate over all LWPs, active and zombie.
3013 */
3014 int
3015 Plwp_iter_all(struct ps_prochandle *P, proc_lwp_all_f *func, void *cd)
3016 {
3017 prheader_t *Lhp = NULL;
3018 lwpstatus_t *Lsp;
3019 lwpstatus_t *sp;
3020 prheader_t *Lphp = NULL;
3021 lwpsinfo_t *Lpsp;
3022 long nstat;
3023 long ninfo;
3024 int rv;
3025
3026 retry:
3027 if (Lhp != NULL)
3028 free(Lhp);
3029 if (Lphp != NULL)
3030 free(Lphp);
3031 if (P->state == PS_RUN)
3032 (void) Pstopstatus(P, PCNULL, 0);
3033 (void) Ppsinfo(P);
3034
3035 if (P->state == PS_STOP)
3036 Psync(P);
3037
3038 /*
3039 * For either live processes or cores, the single LWP case is easy:
3040 * the pstatus_t contains the lwpstatus_t for the only LWP and
3041 * the psinfo_t contains the lwpsinfo_t for the only LWP.
3042 */
3043 if (P->status.pr_nlwp + P->status.pr_nzomb <= 1)
3044 return (func(cd, &P->status.pr_lwp, &P->psinfo.pr_lwp));
3045
3046 /*
3047 * For the core file multi-LWP case, we just iterate through the
3048 * list of LWP structs we read in from the core file.
3049 */
3050 if (P->state == PS_DEAD) {
3051 core_info_t *core = P->data;
3052 lwp_info_t *lwp;
3053
3054 for (lwp = list_tail(&core->core_lwp_head); lwp != NULL;
3055 lwp = list_prev(&core->core_lwp_head, lwp)) {
3056 sp = (lwp->lwp_psinfo.pr_sname == 'Z')? NULL :
3057 &lwp->lwp_status;
3058 if ((rv = func(cd, sp, &lwp->lwp_psinfo)) != 0)
3059 break;
3060 }
3061
3062 return (rv);
3063 }
3064
3065 /*
3066 * For all other cases retrieve the array of lwpstatus_t's and
3067 * lwpsinfo_t's.
3068 */
3069 if ((Lhp = Plstatus(P)) == NULL)
3070 return (-1);
3071 if ((Lphp = Plpsinfo(P)) == NULL) {
3072 free(Lhp);
3073 return (-1);
3074 }
3075
3076 /*
3077 * If we are looking at a running process, or one we do not control,
3078 * the active and zombie lwps in the process may have changed since
3079 * we read the process status structure. If so, just start over.
3080 */
3081 if (Lhp->pr_nent != P->status.pr_nlwp ||
3082 Lphp->pr_nent != P->status.pr_nlwp + P->status.pr_nzomb)
3083 goto retry;
3084
3085 /*
3086 * To be perfectly safe, prescan the two arrays, checking consistency.
3087 * We rely on /proc giving us lwpstatus_t's and lwpsinfo_t's in the
3088 * same order (the lwp directory order) in their respective files.
3089 * We also rely on there being (possibly) more lwpsinfo_t's than
3090 * lwpstatus_t's (the extra lwpsinfo_t's are for zombie lwps).
3091 */
3092 Lsp = (lwpstatus_t *)(uintptr_t)(Lhp + 1);
3093 Lpsp = (lwpsinfo_t *)(uintptr_t)(Lphp + 1);
3094 nstat = Lhp->pr_nent;
3095 for (ninfo = Lphp->pr_nent; ninfo != 0; ninfo--) {
3096 if (Lpsp->pr_sname != 'Z') {
3097 /*
3098 * Not a zombie lwp; check for matching lwpids.
3099 */
3100 if (nstat == 0 || Lsp->pr_lwpid != Lpsp->pr_lwpid)
3101 goto retry;
3102 Lsp = (lwpstatus_t *)((uintptr_t)Lsp + Lhp->pr_entsize);
3103 nstat--;
3104 }
3105 Lpsp = (lwpsinfo_t *)((uintptr_t)Lpsp + Lphp->pr_entsize);
3106 }
3107 if (nstat != 0)
3108 goto retry;
3109
3110 /*
3111 * Rescan, this time for real.
3112 */
3113 Lsp = (lwpstatus_t *)(uintptr_t)(Lhp + 1);
3114 Lpsp = (lwpsinfo_t *)(uintptr_t)(Lphp + 1);
3115 for (ninfo = Lphp->pr_nent; ninfo != 0; ninfo--) {
3116 if (Lpsp->pr_sname != 'Z') {
3117 sp = Lsp;
3118 Lsp = (lwpstatus_t *)((uintptr_t)Lsp + Lhp->pr_entsize);
3119 } else {
3120 sp = NULL;
3121 }
3122 if ((rv = func(cd, sp, Lpsp)) != 0)
3123 break;
3124 Lpsp = (lwpsinfo_t *)((uintptr_t)Lpsp + Lphp->pr_entsize);
3125 }
3126
3127 free(Lhp);
3128 free(Lphp);
3129 return (rv);
3130 }
3131
3132 core_content_t
3133 Pcontent(struct ps_prochandle *P)
3134 {
3135 core_info_t *core = P->data;
3136
3137 if (P->state == PS_DEAD)
3138 return (core->core_content);
3139 if (P->state == PS_IDLE)
3140 return (CC_CONTENT_TEXT | CC_CONTENT_DATA | CC_CONTENT_CTF);
3141
3142 return (CC_CONTENT_ALL);
3143 }
3144
3145 /*
3146 * =================================================================
3147 * The remainder of the functions in this file are for the
3148 * control of individual LWPs in the controlled process.
3149 * =================================================================
3150 */
3151
3152 /*
3153 * Find an entry in the process hash table for the specified lwpid.
3154 * The entry will either point to an existing struct ps_lwphandle
3155 * or it will point to an empty slot for a new struct ps_lwphandle.
3156 */
3157 static struct ps_lwphandle **
3158 Lfind_slot(struct ps_prochandle *P, lwpid_t lwpid)
3159 {
3160 struct ps_lwphandle **Lp;
3161 struct ps_lwphandle *L;
3162
3163 for (Lp = &P->hashtab[lwpid % (HASHSIZE - 1)];
3164 (L = *Lp) != NULL; Lp = &L->lwp_hash)
3165 if (L->lwp_id == lwpid)
3166 break;
3167 return (Lp);
3168 }
3169
3170 /*
3171 * A wrapper around Lfind_slot() that is suitable for the rest of the internal
3172 * consumers who don't care about a slot, merely existence.
3173 */
3174 struct ps_lwphandle *
3175 Lfind(struct ps_prochandle *P, lwpid_t lwpid)
3176 {
3177 if (P->hashtab == NULL) {
3178 return (NULL);
3179 }
3180
3181 return (*Lfind_slot(P, lwpid));
3182 }
3183
3184 /*
3185 * Grab an LWP contained within the controlled process.
3186 * Return an opaque pointer to its LWP control structure.
3187 * perr: pointer to error return code.
3188 */
3189 struct ps_lwphandle *
3190 Lgrab(struct ps_prochandle *P, lwpid_t lwpid, int *perr)
3191 {
3192 struct ps_lwphandle **Lp;
3193 struct ps_lwphandle *L;
3194 int fd;
3195 char procname[PATH_MAX];
3196 char *fname;
3197 int rc = 0;
3198
3199 (void) mutex_lock(&P->proc_lock);
3200
3201 if (P->state == PS_UNDEAD || P->state == PS_IDLE)
3202 rc = G_NOPROC;
3203 else if (P->hashtab == NULL &&
3204 (P->hashtab = calloc(HASHSIZE, sizeof (struct ps_lwphandle *)))
3205 == NULL)
3206 rc = G_STRANGE;
3207 else if (*(Lp = Lfind_slot(P, lwpid)) != NULL)
3208 rc = G_BUSY;
3209 else if ((L = malloc(sizeof (struct ps_lwphandle))) == NULL)
3210 rc = G_STRANGE;
3211 if (rc) {
3212 *perr = rc;
3213 (void) mutex_unlock(&P->proc_lock);
3214 return (NULL);
3215 }
3216
3217 (void) memset(L, 0, sizeof (*L));
3218 L->lwp_ctlfd = -1;
3219 L->lwp_statfd = -1;
3220 L->lwp_proc = P;
3221 L->lwp_id = lwpid;
3222 *Lp = L; /* insert into the hash table */
3223
3224 if (P->state == PS_DEAD) { /* core file */
3225 if (getlwpstatus(P, lwpid, &L->lwp_status) == -1) {
3226 rc = G_NOPROC;
3227 goto err;
3228 }
3229 L->lwp_state = PS_DEAD;
3230 *perr = 0;
3231 (void) mutex_unlock(&P->proc_lock);
3232 return (L);
3233 }
3234
3235 /*
3236 * Open the /proc/<pid>/lwp/<lwpid> files
3237 */
3238 (void) snprintf(procname, sizeof (procname), "%s/%d/lwp/%d/",
3239 procfs_path, (int)P->pid, (int)lwpid);
3240 fname = procname + strlen(procname);
3241 (void) set_minfd();
3242
3243 (void) strcpy(fname, "lwpstatus");
3244 if ((fd = open(procname, O_RDONLY)) < 0 ||
3245 (fd = dupfd(fd, 0)) < 0) {
3246 switch (errno) {
3247 case ENOENT:
3248 rc = G_NOPROC;
3249 break;
3250 default:
3251 dprintf("Lgrab: failed to open %s: %s\n",
3252 procname, strerror(errno));
3253 rc = G_STRANGE;
3254 break;
3255 }
3256 goto err;
3257 }
3258 L->lwp_statfd = fd;
3259
3260 if (pread(fd, &L->lwp_status, sizeof (L->lwp_status), (off_t)0) < 0) {
3261 switch (errno) {
3262 case ENOENT:
3263 rc = G_NOPROC;
3264 break;
3265 default:
3266 dprintf("Lgrab: failed to read %s: %s\n",
3267 procname, strerror(errno));
3268 rc = G_STRANGE;
3269 break;
3270 }
3271 goto err;
3272 }
3273
3274 (void) strcpy(fname, "lwpctl");
3275 if ((fd = open(procname, O_WRONLY)) < 0 ||
3276 (fd = dupfd(fd, 0)) < 0) {
3277 switch (errno) {
3278 case ENOENT:
3279 rc = G_NOPROC;
3280 break;
3281 default:
3282 dprintf("Lgrab: failed to open %s: %s\n",
3283 procname, strerror(errno));
3284 rc = G_STRANGE;
3285 break;
3286 }
3287 goto err;
3288 }
3289 L->lwp_ctlfd = fd;
3290
3291 L->lwp_state =
3292 ((L->lwp_status.pr_flags & (PR_STOPPED|PR_ISTOP))
3293 == (PR_STOPPED|PR_ISTOP))?
3294 PS_STOP : PS_RUN;
3295
3296 *perr = 0;
3297 (void) mutex_unlock(&P->proc_lock);
3298 return (L);
3299
3300 err:
3301 Lfree_internal(P, L);
3302 *perr = rc;
3303 (void) mutex_unlock(&P->proc_lock);
3304 return (NULL);
3305 }
3306
3307 /*
3308 * Return a printable string corresponding to an Lgrab() error return.
3309 */
3310 const char *
3311 Lgrab_error(int error)
3312 {
3313 const char *str;
3314
3315 switch (error) {
3316 case G_NOPROC:
3317 str = "no such LWP";
3318 break;
3319 case G_BUSY:
3320 str = "LWP already grabbed";
3321 break;
3322 case G_STRANGE:
3323 str = "unanticipated system error";
3324 break;
3325 default:
3326 str = "unknown error";
3327 break;
3328 }
3329
3330 return (str);
3331 }
3332
3333 /*
3334 * Free an LWP control structure.
3335 */
3336 void
3337 Lfree(struct ps_lwphandle *L)
3338 {
3339 struct ps_prochandle *P = L->lwp_proc;
3340
3341 (void) mutex_lock(&P->proc_lock);
3342 Lfree_internal(P, L);
3343 (void) mutex_unlock(&P->proc_lock);
3344 }
3345
3346 static void
3347 Lfree_internal(struct ps_prochandle *P, struct ps_lwphandle *L)
3348 {
3349 *Lfind_slot(P, L->lwp_id) = L->lwp_hash; /* delete from hash table */
3350 if (L->lwp_ctlfd >= 0)
3351 (void) close(L->lwp_ctlfd);
3352 if (L->lwp_statfd >= 0)
3353 (void) close(L->lwp_statfd);
3354
3355 /* clear out the structure as a precaution against reuse */
3356 (void) memset(L, 0, sizeof (*L));
3357 L->lwp_ctlfd = -1;
3358 L->lwp_statfd = -1;
3359
3360 free(L);
3361 }
3362
3363 /*
3364 * Return the state of the process, one of the PS_* values.
3365 */
3366 int
3367 Lstate(struct ps_lwphandle *L)
3368 {
3369 return (L->lwp_state);
3370 }
3371
3372 /*
3373 * Return the open control file descriptor for the LWP.
3374 * Clients must not close this file descriptor, nor use it
3375 * after the LWP is freed.
3376 */
3377 int
3378 Lctlfd(struct ps_lwphandle *L)
3379 {
3380 return (L->lwp_ctlfd);
3381 }
3382
3383 /*
3384 * Return a pointer to the LWP lwpsinfo structure.
3385 * Clients should not hold on to this pointer indefinitely.
3386 * It will become invalid on Lfree().
3387 */
3388 const lwpsinfo_t *
3389 Lpsinfo(struct ps_lwphandle *L)
3390 {
3391 if (Plwp_getpsinfo(L->lwp_proc, L->lwp_id, &L->lwp_psinfo) == -1)
3392 return (NULL);
3393
3394 return (&L->lwp_psinfo);
3395 }
3396
3397 /*
3398 * Return a pointer to the LWP status structure.
3399 * Clients should not hold on to this pointer indefinitely.
3400 * It will become invalid on Lfree().
3401 */
3402 const lwpstatus_t *
3403 Lstatus(struct ps_lwphandle *L)
3404 {
3405 return (&L->lwp_status);
3406 }
3407
3408 /*
3409 * Given an LWP handle, return the process handle.
3410 */
3411 struct ps_prochandle *
3412 Lprochandle(struct ps_lwphandle *L)
3413 {
3414 return (L->lwp_proc);
3415 }
3416
3417 /*
3418 * Ensure that all cached state is written to the LWP.
3419 * The cached state is the LWP's signal mask and registers.
3420 */
3421 void
3422 Lsync(struct ps_lwphandle *L)
3423 {
3424 int ctlfd = L->lwp_ctlfd;
3425 long cmd[2];
3426 iovec_t iov[4];
3427 int n = 0;
3428
3429 if (L->lwp_flags & SETHOLD) {
3430 cmd[0] = PCSHOLD;
3431 iov[n].iov_base = (caddr_t)&cmd[0];
3432 iov[n++].iov_len = sizeof (long);
3433 iov[n].iov_base = (caddr_t)&L->lwp_status.pr_lwphold;
3434 iov[n++].iov_len = sizeof (L->lwp_status.pr_lwphold);
3435 }
3436 if (L->lwp_flags & SETREGS) {
3437 cmd[1] = PCSREG;
3438 iov[n].iov_base = (caddr_t)&cmd[1];
3439 iov[n++].iov_len = sizeof (long);
3440 iov[n].iov_base = (caddr_t)&L->lwp_status.pr_reg[0];
3441 iov[n++].iov_len = sizeof (L->lwp_status.pr_reg);
3442 }
3443
3444 if (n == 0 || writev(ctlfd, iov, n) < 0)
3445 return; /* nothing to do or write failed */
3446
3447 L->lwp_flags &= ~(SETHOLD|SETREGS);
3448 }
3449
3450 /*
3451 * Wait for the specified LWP to stop or terminate.
3452 * Or, just get the current status (PCNULL).
3453 * Or, direct it to stop and get the current status (PCDSTOP).
3454 */
3455 int
3456 Lstopstatus(struct ps_lwphandle *L,
3457 long request, /* PCNULL, PCDSTOP, PCSTOP, PCWSTOP */
3458 uint_t msec) /* if non-zero, timeout in milliseconds */
3459 {
3460 int ctlfd = L->lwp_ctlfd;
3461 long ctl[3];
3462 ssize_t rc;
3463 int err;
3464
3465 switch (L->lwp_state) {
3466 case PS_RUN:
3467 break;
3468 case PS_STOP:
3469 if (request != PCNULL && request != PCDSTOP)
3470 return (0);
3471 break;
3472 case PS_LOST:
3473 if (request != PCNULL) {
3474 errno = EAGAIN;
3475 return (-1);
3476 }
3477 break;
3478 case PS_UNDEAD:
3479 case PS_DEAD:
3480 if (request != PCNULL) {
3481 errno = ENOENT;
3482 return (-1);
3483 }
3484 break;
3485 default: /* corrupted state */
3486 dprintf("Lstopstatus: corrupted state: %d\n", L->lwp_state);
3487 errno = EINVAL;
3488 return (-1);
3489 }
3490
3491 ctl[0] = PCDSTOP;
3492 ctl[1] = PCTWSTOP;
3493 ctl[2] = (long)msec;
3494 rc = 0;
3495 switch (request) {
3496 case PCSTOP:
3497 rc = write(ctlfd, &ctl[0], 3*sizeof (long));
3498 break;
3499 case PCWSTOP:
3500 rc = write(ctlfd, &ctl[1], 2*sizeof (long));
3501 break;
3502 case PCDSTOP:
3503 rc = write(ctlfd, &ctl[0], 1*sizeof (long));
3504 break;
3505 case PCNULL:
3506 if (L->lwp_state == PS_DEAD)
3507 return (0); /* Nothing else to do for cores */
3508 break;
3509 default: /* programming error */
3510 errno = EINVAL;
3511 return (-1);
3512 }
3513 err = (rc < 0)? errno : 0;
3514 Lsync(L);
3515
3516 if (pread(L->lwp_statfd, &L->lwp_status,
3517 sizeof (L->lwp_status), (off_t)0) < 0)
3518 err = errno;
3519
3520 if (err) {
3521 switch (err) {
3522 case EINTR: /* user typed ctl-C */
3523 case ERESTART:
3524 dprintf("Lstopstatus: EINTR\n");
3525 break;
3526 case EAGAIN: /* we lost control of the the process */
3527 dprintf("Lstopstatus: EAGAIN\n");
3528 L->lwp_state = PS_LOST;
3529 errno = err;
3530 return (-1);
3531 default:
3532 if (_libproc_debug) {
3533 const char *errstr;
3534
3535 switch (request) {
3536 case PCNULL:
3537 errstr = "Lstopstatus PCNULL"; break;
3538 case PCSTOP:
3539 errstr = "Lstopstatus PCSTOP"; break;
3540 case PCDSTOP:
3541 errstr = "Lstopstatus PCDSTOP"; break;
3542 case PCWSTOP:
3543 errstr = "Lstopstatus PCWSTOP"; break;
3544 default:
3545 errstr = "Lstopstatus PC???"; break;
3546 }
3547 dprintf("%s: %s\n", errstr, strerror(err));
3548 }
3549 L->lwp_state = PS_UNDEAD;
3550 errno = err;
3551 return (-1);
3552 }
3553 }
3554
3555 if ((L->lwp_status.pr_flags & (PR_STOPPED|PR_ISTOP))
3556 != (PR_STOPPED|PR_ISTOP)) {
3557 L->lwp_state = PS_RUN;
3558 if (request == PCNULL || request == PCDSTOP || msec != 0)
3559 return (0);
3560 dprintf("Lstopstatus: LWP is not stopped\n");
3561 errno = EPROTO;
3562 return (-1);
3563 }
3564
3565 L->lwp_state = PS_STOP;
3566
3567 if (_libproc_debug) /* debugging */
3568 prldump("Lstopstatus", &L->lwp_status);
3569
3570 switch (L->lwp_status.pr_why) {
3571 case PR_SYSENTRY:
3572 case PR_SYSEXIT:
3573 case PR_REQUESTED:
3574 case PR_SIGNALLED:
3575 case PR_FAULTED:
3576 case PR_JOBCONTROL:
3577 case PR_SUSPENDED:
3578 case PR_BRAND:
3579 break;
3580 default:
3581 errno = EPROTO;
3582 return (-1);
3583 }
3584
3585 return (0);
3586 }
3587
3588 /*
3589 * Wait for the LWP to stop for any reason.
3590 */
3591 int
3592 Lwait(struct ps_lwphandle *L, uint_t msec)
3593 {
3594 return (Lstopstatus(L, PCWSTOP, msec));
3595 }
3596
3597 /*
3598 * Direct the LWP to stop; wait for it to stop.
3599 */
3600 int
3601 Lstop(struct ps_lwphandle *L, uint_t msec)
3602 {
3603 return (Lstopstatus(L, PCSTOP, msec));
3604 }
3605
3606 /*
3607 * Direct the LWP to stop; don't wait.
3608 */
3609 int
3610 Ldstop(struct ps_lwphandle *L)
3611 {
3612 return (Lstopstatus(L, PCDSTOP, 0));
3613 }
3614
3615 /*
3616 * Get the value of one register from stopped LWP.
3617 */
3618 int
3619 Lgetareg(struct ps_lwphandle *L, int regno, prgreg_t *preg)
3620 {
3621 if (regno < 0 || regno >= NPRGREG) {
3622 errno = EINVAL;
3623 return (-1);
3624 }
3625
3626 if (L->lwp_state != PS_STOP) {
3627 errno = EBUSY;
3628 return (-1);
3629 }
3630
3631 *preg = L->lwp_status.pr_reg[regno];
3632 return (0);
3633 }
3634
3635 /*
3636 * Put value of one register into stopped LWP.
3637 */
3638 int
3639 Lputareg(struct ps_lwphandle *L, int regno, prgreg_t reg)
3640 {
3641 if (regno < 0 || regno >= NPRGREG) {
3642 errno = EINVAL;
3643 return (-1);
3644 }
3645
3646 if (L->lwp_state != PS_STOP) {
3647 errno = EBUSY;
3648 return (-1);
3649 }
3650
3651 L->lwp_status.pr_reg[regno] = reg;
3652 L->lwp_flags |= SETREGS; /* set registers before continuing */
3653 return (0);
3654 }
3655
3656 int
3657 Lsetrun(struct ps_lwphandle *L,
3658 int sig, /* signal to pass to LWP */
3659 int flags) /* PRSTEP|PRSABORT|PRSTOP|PRCSIG|PRCFAULT */
3660 {
3661 int ctlfd = L->lwp_ctlfd;
3662 int sbits = (PR_DSTOP | PR_ISTOP | PR_ASLEEP);
3663
3664 long ctl[1 + /* PCCFAULT */
3665 1 + sizeof (siginfo_t)/sizeof (long) + /* PCSSIG/PCCSIG */
3666 2 ]; /* PCRUN */
3667
3668 long *ctlp = ctl;
3669 size_t size;
3670
3671 if (L->lwp_state != PS_STOP &&
3672 (L->lwp_status.pr_flags & sbits) == 0) {
3673 errno = EBUSY;
3674 return (-1);
3675 }
3676
3677 Lsync(L); /* flush registers */
3678
3679 if (flags & PRCFAULT) { /* clear current fault */
3680 *ctlp++ = PCCFAULT;
3681 flags &= ~PRCFAULT;
3682 }
3683
3684 if (flags & PRCSIG) { /* clear current signal */
3685 *ctlp++ = PCCSIG;
3686 flags &= ~PRCSIG;
3687 } else if (sig && sig != L->lwp_status.pr_cursig) {
3688 /* make current signal */
3689 siginfo_t *infop;
3690
3691 *ctlp++ = PCSSIG;
3692 infop = (siginfo_t *)ctlp;
3693 (void) memset(infop, 0, sizeof (*infop));
3694 infop->si_signo = sig;
3695 ctlp += sizeof (siginfo_t) / sizeof (long);
3696 }
3697
3698 *ctlp++ = PCRUN;
3699 *ctlp++ = flags;
3700 size = (char *)ctlp - (char *)ctl;
3701
3702 L->lwp_proc->info_valid = 0; /* will need to update map and file info */
3703 L->lwp_proc->state = PS_RUN;
3704 L->lwp_state = PS_RUN;
3705
3706 if (write(ctlfd, ctl, size) != size) {
3707 /* Pretend that a job-stopped LWP is running */
3708 if (errno != EBUSY || L->lwp_status.pr_why != PR_JOBCONTROL)
3709 return (Lstopstatus(L, PCNULL, 0));
3710 }
3711
3712 return (0);
3713 }
3714
3715 int
3716 Lclearsig(struct ps_lwphandle *L)
3717 {
3718 int ctlfd = L->lwp_ctlfd;
3719 long ctl = PCCSIG;
3720
3721 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
3722 return (-1);
3723 L->lwp_status.pr_cursig = 0;
3724 return (0);
3725 }
3726
3727 int
3728 Lclearfault(struct ps_lwphandle *L)
3729 {
3730 int ctlfd = L->lwp_ctlfd;
3731 long ctl = PCCFAULT;
3732
3733 if (write(ctlfd, &ctl, sizeof (ctl)) != sizeof (ctl))
3734 return (-1);
3735 return (0);
3736 }
3737
3738 /*
3739 * Step over a breakpoint, i.e., execute the instruction that
3740 * really belongs at the breakpoint location (the current %pc)
3741 * and leave the LWP stopped at the next instruction.
3742 */
3743 int
3744 Lxecbkpt(struct ps_lwphandle *L, ulong_t saved)
3745 {
3746 struct ps_prochandle *P = L->lwp_proc;
3747 int rv, error;
3748
3749 if (L->lwp_state != PS_STOP) {
3750 errno = EBUSY;
3751 return (-1);
3752 }
3753
3754 Lsync(L);
3755 error = execute_bkpt(L->lwp_ctlfd,
3756 &P->status.pr_flttrace, &L->lwp_status.pr_lwphold,
3757 L->lwp_status.pr_reg[R_PC], saved);
3758 rv = Lstopstatus(L, PCNULL, 0);
3759
3760 if (error != 0) {
3761 if (L->lwp_status.pr_why == PR_JOBCONTROL &&
3762 error == EBUSY) { /* jobcontrol stop -- back off */
3763 L->lwp_state = PS_RUN;
3764 return (0);
3765 }
3766 if (error == ENOENT)
3767 return (0);
3768 errno = error;
3769 return (-1);
3770 }
3771
3772 return (rv);
3773 }
3774
3775 /*
3776 * Step over a watchpoint, i.e., execute the instruction that was stopped by
3777 * the watchpoint, and then leave the LWP stopped at the next instruction.
3778 */
3779 int
3780 Lxecwapt(struct ps_lwphandle *L, const prwatch_t *wp)
3781 {
3782 struct ps_prochandle *P = L->lwp_proc;
3783 int rv, error;
3784
3785 if (L->lwp_state != PS_STOP) {
3786 errno = EBUSY;
3787 return (-1);
3788 }
3789
3790 Lsync(L);
3791 error = execute_wapt(L->lwp_ctlfd,
3792 &P->status.pr_flttrace, &L->lwp_status.pr_lwphold, wp);
3793 rv = Lstopstatus(L, PCNULL, 0);
3794
3795 if (error != 0) {
3796 if (L->lwp_status.pr_why == PR_JOBCONTROL &&
3797 error == EBUSY) { /* jobcontrol stop -- back off */
3798 L->lwp_state = PS_RUN;
3799 return (0);
3800 }
3801 if (error == ENOENT)
3802 return (0);
3803 errno = error;
3804 return (-1);
3805 }
3806
3807 return (rv);
3808 }
3809
3810 int
3811 Lstack(struct ps_lwphandle *L, stack_t *stkp)
3812 {
3813 struct ps_prochandle *P = L->lwp_proc;
3814 uintptr_t addr = L->lwp_status.pr_ustack;
3815
3816 if (P->status.pr_dmodel == PR_MODEL_NATIVE) {
3817 if (Pread(P, stkp, sizeof (*stkp), addr) != sizeof (*stkp))
3818 return (-1);
3819 #ifdef _LP64
3820 } else {
3821 stack32_t stk32;
3822
3823 if (Pread(P, &stk32, sizeof (stk32), addr) != sizeof (stk32))
3824 return (-1);
3825
3826 stack_32_to_n(&stk32, stkp);
3827 #endif
3828 }
3829
3830 return (0);
3831 }
3832
3833 int
3834 Lmain_stack(struct ps_lwphandle *L, stack_t *stkp)
3835 {
3836 struct ps_prochandle *P = L->lwp_proc;
3837
3838 if (Lstack(L, stkp) != 0)
3839 return (-1);
3840
3841 /*
3842 * If the SS_ONSTACK flag is set then this LWP is operating on the
3843 * alternate signal stack. We can recover the original stack from
3844 * pr_oldcontext.
3845 */
3846 if (!(stkp->ss_flags & SS_ONSTACK))
3847 return (0);
3848
3849 if (P->status.pr_dmodel == PR_MODEL_NATIVE) {
3850 ucontext_t *ctxp = (void *)L->lwp_status.pr_oldcontext;
3851
3852 if (Pread(P, stkp, sizeof (*stkp),
3853 (uintptr_t)&ctxp->uc_stack) != sizeof (*stkp))
3854 return (-1);
3855 #ifdef _LP64
3856 } else {
3857 ucontext32_t *ctxp = (void *)L->lwp_status.pr_oldcontext;
3858 stack32_t stk32;
3859
3860 if (Pread(P, &stk32, sizeof (stk32),
3861 (uintptr_t)&ctxp->uc_stack) != sizeof (stk32))
3862 return (-1);
3863
3864 stack_32_to_n(&stk32, stkp);
3865 #endif
3866 }
3867
3868 return (0);
3869 }
3870
3871 int
3872 Lalt_stack(struct ps_lwphandle *L, stack_t *stkp)
3873 {
3874 if (L->lwp_status.pr_altstack.ss_flags & SS_DISABLE) {
3875 errno = ENODATA;
3876 return (-1);
3877 }
3878
3879 *stkp = L->lwp_status.pr_altstack;
3880
3881 return (0);
3882 }
3883
3884 /*
3885 * Add a mapping to the given proc handle. Resizes the array as appropriate and
3886 * manages reference counts on the given file_info_t.
3887 *
3888 * The 'map_relocate' member is used to tell Psort_mappings() that the
3889 * associated file_map pointer needs to be relocated after the mappings have
3890 * been sorted. It is only set for the first mapping, and has no meaning
3891 * outside these two functions.
3892 */
3893 int
3894 Padd_mapping(struct ps_prochandle *P, off64_t off, file_info_t *fp,
3895 prmap_t *pmap)
3896 {
3897 map_info_t *mp;
3898
3899 if (P->map_count == P->map_alloc) {
3900 size_t next = P->map_alloc ? P->map_alloc * 2 : 16;
3901
3902 if ((P->mappings = realloc(P->mappings,
3903 next * sizeof (map_info_t))) == NULL)
3904 return (-1);
3905
3906 P->map_alloc = next;
3907 }
3908
3909 mp = &P->mappings[P->map_count++];
3910
3911 mp->map_offset = off;
3912 mp->map_pmap = *pmap;
3913 mp->map_relocate = 0;
3914 if ((mp->map_file = fp) != NULL) {
3915 if (fp->file_map == NULL) {
3916 fp->file_map = mp;
3917 mp->map_relocate = 1;
3918 }
3919 fp->file_ref++;
3920 }
3921
3922 return (0);
3923 }
3924
3925 static int
3926 map_sort(const void *a, const void *b)
3927 {
3928 const map_info_t *ap = a, *bp = b;
3929
3930 if (ap->map_pmap.pr_vaddr < bp->map_pmap.pr_vaddr)
3931 return (-1);
3932 else if (ap->map_pmap.pr_vaddr > bp->map_pmap.pr_vaddr)
3933 return (1);
3934 else
3935 return (0);
3936 }
3937
3938 /*
3939 * Sort the current set of mappings. Should be called during target
3940 * initialization after all calls to Padd_mapping() have been made.
3941 */
3942 void
3943 Psort_mappings(struct ps_prochandle *P)
3944 {
3945 int i;
3946 map_info_t *mp;
3947
3948 qsort(P->mappings, P->map_count, sizeof (map_info_t), map_sort);
3949
3950 /*
3951 * Update all the file_map pointers to refer to the new locations.
3952 */
3953 for (i = 0; i < P->map_count; i++) {
3954 mp = &P->mappings[i];
3955 if (mp->map_relocate)
3956 mp->map_file->file_map = mp;
3957 mp->map_relocate = 0;
3958 }
3959 }
3960
3961 struct ps_prochandle *
3962 Pgrab_ops(pid_t pid, void *data, const ps_ops_t *ops, int flags)
3963 {
3964 struct ps_prochandle *P;
3965
3966 if ((P = calloc(1, sizeof (*P))) == NULL) {
3967 return (NULL);
3968 }
3969
3970 Pinit_ops(&P->ops, ops);
3971 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL);
3972 P->pid = pid;
3973 P->state = PS_STOP;
3974 P->asfd = -1;
3975 P->ctlfd = -1;
3976 P->statfd = -1;
3977 P->agentctlfd = -1;
3978 P->agentstatfd = -1;
3979 Pinitsym(P);
3980 Pinitfd(P);
3981 P->data = data;
3982 Pread_status(P);
3983
3984 if (flags & PGRAB_INCORE) {
3985 P->flags |= INCORE;
3986 }
3987
3988 return (P);
3989 }