Index: head/share/man/man4/ddb.4 =================================================================== --- head/share/man/man4/ddb.4 (revision 353693) +++ head/share/man/man4/ddb.4 (revision 353694) @@ -1,1617 +1,1617 @@ .\" .\" Mach Operating System .\" Copyright (c) 1991,1990 Carnegie Mellon University .\" Copyright (c) 2007 Robert N. M. Watson .\" All Rights Reserved. .\" .\" Permission to use, copy, modify and distribute this software and its .\" documentation is hereby granted, provided that both the copyright .\" notice and this permission notice appear in all copies of the .\" software, derivative works or modified versions, and any portions .\" thereof, and that both notices appear in supporting documentation. .\" .\" CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS" .\" CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR .\" ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE. .\" .\" Carnegie Mellon requests users of this software to return to .\" .\" Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU .\" School of Computer Science .\" Carnegie Mellon University .\" Pittsburgh PA 15213-3890 .\" .\" any improvements or extensions that they make and grant Carnegie Mellon .\" the rights to redistribute these changes. .\" .\" $FreeBSD$ .\" .Dd October 17, 2019 .Dt DDB 4 .Os .Sh NAME .Nm ddb .Nd interactive kernel debugger .Sh SYNOPSIS In order to enable kernel debugging facilities include: .Bd -ragged -offset indent .Cd options KDB .Cd options DDB .Ed .Pp To prevent activation of the debugger on kernel .Xr panic 9 : .Bd -ragged -offset indent .Cd options KDB_UNATTENDED .Ed .Pp In order to print a stack trace of the current thread on the console for a panic: .Bd -ragged -offset indent .Cd options KDB_TRACE .Ed .Pp To print the numerical value of symbols in addition to the symbolic representation, define: .Bd -ragged -offset indent .Cd options DDB_NUMSYM .Ed .Pp To enable the .Xr gdb 1 backend, so that remote debugging with .Xr kgdb 1 is possible, include: .Bd -ragged -offset indent .Cd options GDB .Ed .Sh DESCRIPTION The .Nm kernel debugger is an interactive debugger with a syntax inspired by .Xr gdb 1 . If linked into the running kernel, it can be invoked locally with the .Ql debug .Xr keymap 5 action, usually mapped to Ctrl+Alt+Esc, or by setting the .Va debug.kdb.enter sysctl to 1. The debugger is also invoked on kernel .Xr panic 9 if the .Va debug.debugger_on_panic .Xr sysctl 8 MIB variable is set non-zero, which is the default unless the .Dv KDB_UNATTENDED option is specified. .Pp The current location is called .Va dot . The .Va dot is displayed with a hexadecimal format at a prompt. The commands .Ic examine and .Ic write update .Va dot to the address of the last line examined or the last location modified, and set .Va next to the address of the next location to be examined or changed. Other commands do not change .Va dot , and set .Va next to be the same as .Va dot . .Pp The general command syntax is: .Ar command Ns Op Li / Ns Ar modifier .Oo Ar addr Oc Ns Op , Ns Ar count .Pp A blank line repeats the previous command from the address .Va next with count 1 and no modifiers. Specifying .Ar addr sets .Va dot to the address. Omitting .Ar addr uses .Va dot . A missing .Ar count is taken to be 1 for printing commands or infinity for stack traces. A .Ar count of -1 is equivalent to a missing .Ar count . Options that are supplied but not supported by the given .Ar command are usually ignored. .Pp The .Nm debugger has a pager feature (like the .Xr more 1 command) for the output. If an output line exceeds the number set in the .Va lines variable, it displays .Dq Li --More-- and waits for a response. The valid responses for it are: .Pp .Bl -tag -compact -width ".Li SPC" .It Li SPC one more page .It Li RET one more line .It Li q abort the current command, and return to the command input mode .El .Pp Finally, .Nm provides a small (currently 10 items) command history, and offers simple .Nm emacs Ns -style command line editing capabilities. In addition to the .Nm emacs control keys, the usual .Tn ANSI arrow keys may be used to browse through the history buffer, and move the cursor within the current line. .Sh COMMANDS .Ss COMMON DEBUGGER COMMANDS .Bl -tag -width indent -compact .It Ic help Print a short summary of the available commands and command abbreviations. .Pp .It Xo .Ic examine Ns Op Li / Ns Cm AISabcdghilmorsuxz ... .Oo Ar addr Oc Ns Op , Ns Ar count .Xc .It Xo .Ic x Ns Op Li / Ns Cm AISabcdghilmorsuxz ... .Oo Ar addr Oc Ns Op , Ns Ar count .Xc Display the addressed locations according to the formats in the modifier. Multiple modifier formats display multiple locations. If no format is specified, the last format specified for this command is used. .Pp The format characters are: .Bl -tag -compact -width indent .It Cm b look at by bytes (8 bits) .It Cm h look at by half words (16 bits) .It Cm l look at by long words (32 bits) .It Cm g look at by quad words (64 bits) .It Cm a print the location being displayed .It Cm A print the location with a line number if possible .It Cm x display in unsigned hex .It Cm z display in signed hex .It Cm o display in unsigned octal .It Cm d display in signed decimal .It Cm u display in unsigned decimal .It Cm r display in current radix, signed .It Cm c display low 8 bits as a character. Non-printing characters are displayed as an octal escape code (e.g., .Ql \e000 ) . .It Cm s display the null-terminated string at the location. Non-printing characters are displayed as octal escapes. .It Cm m display in unsigned hex with character dump at the end of each line. The location is also displayed in hex at the beginning of each line. .It Cm i display as a disassembled instruction .It Cm I display as an disassembled instruction with possible alternate formats depending on the machine. On i386, this selects the alternate format for the instruction decoding (16 bits in a 32-bit code segment and vice versa). .It Cm S display a symbol name for the pointer stored at the address .El .Pp .It Ic xf Examine forward: execute an .Ic examine command with the last specified parameters to it except that the next address displayed by it is used as the start address. .Pp .It Ic xb Examine backward: execute an .Ic examine command with the last specified parameters to it except that the last start address subtracted by the size displayed by it is used as the start address. .Pp .It Ic print Ns Op Li / Ns Cm acdoruxz .It Ic p Ns Op Li / Ns Cm acdoruxz Print .Ar addr Ns s according to the modifier character (as described above for .Cm examine ) . Valid formats are: .Cm a , x , z , o , d , u , r , and .Cm c . If no modifier is specified, the last one specified to it is used. The argument .Ar addr can be a string, in which case it is printed as it is. For example: .Bd -literal -offset indent print/x "eax = " $eax "\enecx = " $ecx "\en" .Ed .Pp will print like: .Bd -literal -offset indent eax = xxxxxx ecx = yyyyyy .Ed .Pp .It Xo .Ic write Ns Op Li / Ns Cm bhl .Ar addr expr1 Op Ar expr2 ... .Xc .It Xo .Ic w Ns Op Li / Ns Cm bhl .Ar addr expr1 Op Ar expr2 ... .Xc Write the expressions specified after .Ar addr on the command line at succeeding locations starting with .Ar addr . The write unit size can be specified in the modifier with a letter .Cm b (byte), .Cm h (half word) or .Cm l (long word) respectively. If omitted, long word is assumed. .Pp .Sy Warning : since there is no delimiter between expressions, strange things may happen. It is best to enclose each expression in parentheses. .Pp .It Ic set Li $ Ns Ar variable Oo Li = Oc Ar expr Set the named variable or register with the value of .Ar expr . Valid variable names are described below. .Pp .It Ic break Ns Oo Li / Ns Cm u Oc Oo Ar addr Oc Ns Op , Ns Ar count .It Ic b Ns Oo Li / Ns Cm u Oc Oo Ar addr Oc Ns Op , Ns Ar count Set a break point at .Ar addr . If .Ar count is supplied, the .Ic continue command will not stop at this break point on the first .Ar count \- 1 times that it is hit. If the break point is set, a break point number is printed with .Ql # . This number can be used in deleting the break point or adding conditions to it. .Pp If the .Cm u modifier is specified, this command sets a break point in user address space. Without the .Cm u option, the address is considered to be in the kernel space, and a wrong space address is rejected with an error message. This modifier can be used only if it is supported by machine dependent routines. .Pp .Sy Warning : If a user text is shadowed by a normal user space debugger, user space break points may not work correctly. Setting a break point at the low-level code paths may also cause strange behavior. .Pp .It Ic delete Op Ar addr .It Ic d Op Ar addr .It Ic delete Li # Ns Ar number .It Ic d Li # Ns Ar number Delete the specified break point. The break point can be specified by a break point number with .Ql # , or by using the same .Ar addr specified in the original .Ic break command, or by omitting .Ar addr to get the default address of .Va dot . .Pp .It Ic halt Halt the system. .Pp .It Ic watch Oo Ar addr Oc Ns Op , Ns Ar size Set a watchpoint for a region. Execution stops when an attempt to modify the region occurs. The .Ar size argument defaults to 4. If you specify a wrong space address, the request is rejected with an error message. .Pp .Sy Warning : Attempts to watch wired kernel memory may cause unrecoverable error in some systems such as i386. Watchpoints on user addresses work best. .Pp .It Ic hwatch Oo Ar addr Oc Ns Op , Ns Ar size Set a hardware watchpoint for a region if supported by the architecture. Execution stops when an attempt to modify the region occurs. The .Ar size argument defaults to 4. .Pp .Sy Warning : The hardware debug facilities do not have a concept of separate address spaces like the watch command does. Use .Ic hwatch for setting watchpoints on kernel address locations only, and avoid its use on user mode address spaces. .Pp .It Ic dhwatch Oo Ar addr Oc Ns Op , Ns Ar size Delete specified hardware watchpoint. .Pp .It Ic kill Ar sig pid Send signal .Ar sig to process .Ar pid . The signal is acted on upon returning from the debugger. This command can be used to kill a process causing resource contention in the case of a hung system. See .Xr signal 3 for a list of signals. Note that the arguments are reversed relative to .Xr kill 2 . .Pp .It Ic step Ns Oo Li / Ns Cm p Oc Ns Op , Ns Ar count .It Ic s Ns Oo Li / Ns Cm p Oc Ns Op , Ns Ar count Single step .Ar count times. If the .Cm p modifier is specified, print each instruction at each step. Otherwise, only print the last instruction. .Pp .Sy Warning : depending on machine type, it may not be possible to single-step through some low-level code paths or user space code. On machines with software-emulated single-stepping (e.g., pmax), stepping through code executed by interrupt handlers will probably do the wrong thing. .Pp .It Ic continue Ns Op Li / Ns Cm c .It Ic c Ns Op Li / Ns Cm c Continue execution until a breakpoint or watchpoint. If the .Cm c modifier is specified, count instructions while executing. Some machines (e.g., pmax) also count loads and stores. .Pp .Sy Warning : when counting, the debugger is really silently single-stepping. This means that single-stepping on low-level code may cause strange behavior. .Pp .It Ic until Ns Op Li / Ns Cm p Stop at the next call or return instruction. If the .Cm p modifier is specified, print the call nesting depth and the cumulative instruction count at each call or return. Otherwise, only print when the matching return is hit. .Pp .It Ic next Ns Op Li / Ns Cm p .It Ic match Ns Op Li / Ns Cm p Stop at the matching return instruction. If the .Cm p modifier is specified, print the call nesting depth and the cumulative instruction count at each call or return. Otherwise, only print when the matching return is hit. .Pp .It Xo .Ic trace Ns Op Li / Ns Cm u .Op Ar pid | tid Ns .Op , Ns Ar count .Xc .It Xo .Ic t Ns Op Li / Ns Cm u .Op Ar pid | tid Ns .Op , Ns Ar count .Xc .It Xo .Ic where Ns Op Li / Ns Cm u .Op Ar pid | tid Ns .Op , Ns Ar count .Xc .It Xo .Ic bt Ns Op Li / Ns Cm u .Op Ar pid | tid Ns .Op , Ns Ar count .Xc Stack trace. The .Cm u option traces user space; if omitted, .Ic trace only traces kernel space. The optional argument .Ar count is the number of frames to be traced. If .Ar count is omitted, all frames are printed. .Pp .Sy Warning : User space stack trace is valid only if the machine dependent code supports it. .Pp .It Xo .Ic search Ns Op Li / Ns Cm bhl .Ar addr .Ar value .Op Ar mask Ns .Op , Ns Ar count .Xc Search memory for .Ar value . The optional .Ar count argument limits the search. .\" .Pp .It Ic reboot Op Ar seconds .It Ic reset Op Ar seconds Hard reset the system. If the optional argument .Ar seconds is given, the debugger will wait for this long, at most a week, before rebooting. .Pp .It Ic thread Ar addr | tid Switch the debugger to the thread with ID .Ar tid , if the argument is a decimal number, or address .Ar addr , otherwise. .El .Pp .Ss SPECIALIZED HELPER COMMANDS .Pp .Bl -tag -width indent -compact .It Xo .Ic findstack .Ar addr .Xc Prints the thread address for a thread kernel-mode stack of which contains the specified address. If the thread is not found, search the thread stack cache and prints the cached stack address. Otherwise, prints nothing. .Pp .It Ic show Cm all procs Ns Op Li / Ns Cm a .It Ic ps Ns Op Li / Ns Cm a Display all process information. The process information may not be shown if it is not supported in the machine, or the bottom of the stack of the target process is not in the main memory at that time. The .Cm a modifier will print command line arguments for each process. .\" .Pp .It Ic show Cm all trace .It Ic alltrace Show a stack trace for every thread in the system. .Pp .It Ic show Cm all ttys Show all TTY's within the system. Output is similar to .Xr pstat 8 , but also includes the address of the TTY structure. .\" .Pp .It Ic show Cm all vnets Show the same output as "show vnet" does, but lists all virtualized network stacks within the system. .\" .Pp .It Ic show Cm allchains Show the same information like "show lockchain" does, but for every thread in the system. .\" .Pp .It Ic show Cm alllocks Show all locks that are currently held. This command is only available if .Xr witness 4 is included in the kernel. .\" .Pp .It Ic show Cm allpcpu The same as "show pcpu", but for every CPU present in the system. .\" .Pp .It Ic show Cm allrman Show information related with resource management, including interrupt request lines, DMA request lines, I/O ports, I/O memory addresses, and Resource IDs. .\" .Pp .It Ic show Cm apic Dump data about APIC IDT vector mappings. .\" .Pp .It Ic show Cm breaks Show breakpoints set with the "break" command. .\" .Pp .It Ic show Cm bio Ar addr Show information about the bio structure .Vt struct bio present at .Ar addr . See the .Pa sys/bio.h header file and .Xr g_bio 9 for more details on the exact meaning of the structure fields. .\" .Pp .It Ic show Cm buffer Ar addr Show information about the buf structure .Vt struct buf present at .Ar addr . See the .Pa sys/buf.h header file for more details on the exact meaning of the structure fields. .\" .Pp .It Ic show Cm callout Ar addr Show information about the callout structure .Vt struct callout present at .Ar addr . .\" .Pp .It Ic show Cm cbstat Show brief information about the TTY subsystem. .\" .Pp .It Ic show Cm cdev Without argument, show the list of all created cdev's, consisting of devfs node name and struct cdev address. When address of cdev is supplied, show some internal devfs state of the cdev. .\" .Pp .It Ic show Cm conifhk Lists hooks currently waiting for completion in run_interrupt_driven_config_hooks(). .\" .Pp .It Ic show Cm cpusets Print numbered root and assigned CPU affinity sets. See .Xr cpuset 2 for more details. .\" .Pp .It Ic show Cm cyrixreg Show registers specific to the Cyrix processor. .\" .Pp .It Ic show Cm devmap Prints the contents of the static device mapping table. Currently only available on the ARM architecture. .\" .Pp .It Ic show Cm domain Ar addr Print protocol domain structure .Vt struct domain at address .Ar addr . See the .Pa sys/domain.h header file for more details on the exact meaning of the structure fields. .\" .Pp .It Ic show Cm ffs Op Ar addr Show brief information about ffs mount at the address .Ar addr , if argument is given. Otherwise, provides the summary about each ffs mount. .\" .Pp .It Ic show Cm file Ar addr Show information about the file structure .Vt struct file present at address .Ar addr . .\" .Pp .It Ic show Cm files Show information about every file structure in the system. .\" .Pp .It Ic show Cm freepages Show the number of physical pages in each of the free lists. .\" .Pp .It Ic show Cm geom Op Ar addr If the .Ar addr argument is not given, displays the entire GEOM topology. If .Ar addr is given, displays details about the given GEOM object (class, geom, provider or consumer). .\" .Pp .It Ic show Cm idt Show IDT layout. The first column specifies the IDT vector. The second one is the name of the interrupt/trap handler. Those functions are machine dependent. .\" .Pp .It Ic show Cm igi_list Ar addr Show information about the IGMP structure .Vt struct igmp_ifsoftc present at .Ar addr . .\" .Pp .It Ic show Cm inodedeps Op Ar addr Show brief information about each inodedep structure. If .Ar addr is given, only inodedeps belonging to the fs located at the supplied address are shown. .\" .Pp .It Ic show Cm inpcb Ar addr Show information on IP Control Block .Vt struct in_pcb present at .Ar addr . .\" .Pp .It Ic show Cm intr Dump information about interrupt handlers. .\" .Pp .It Ic show Cm intrcnt Dump the interrupt statistics. .\" .Pp .It Ic show Cm irqs Show interrupt lines and their respective kernel threads. .\" .Pp .It Ic show Cm jails Show the list of .Xr jail 8 instances. In addition to what .Xr jls 8 shows, also list kernel internal details. .\" .Pp .It Ic show Cm lapic Show information from the local APIC registers for this CPU. .\" .Pp .It Ic show Cm lock Ar addr Show lock structure. The output format is as follows: .Bl -tag -width "flags" .It Ic class: Class of the lock. Possible types include .Xr mutex 9 , .Xr rmlock 9 , .Xr rwlock 9 , .Xr sx 9 . .It Ic name: Name of the lock. .It Ic flags: Flags passed to the lock initialization function. .Em flags values are lock class specific. .It Ic state: Current state of a lock. .Em state values are lock class specific. .It Ic owner: Lock owner. .El .\" .Pp .It Ic show Cm lockchain Ar addr Show all threads a particular thread at address .Ar addr is waiting on based on non-spin locks. .\" .Pp .It Ic show Cm lockedbufs Show the same information as "show buf", but for every locked .Vt struct buf object. .\" .Pp .It Ic show Cm lockedvnods List all locked vnodes in the system. .\" .Pp .It Ic show Cm locks Prints all locks that are currently acquired. This command is only available if .Xr witness 4 is included in the kernel. .\" .Pp .It Ic show Cm locktree .\" .Pp .It Ic show Cm malloc Ns Op Li / Ns Cm i Prints .Xr malloc 9 memory allocator statistics. If the .Cm i modifier is specified, format output as machine-parseable comma-separated values ("CSV"). The output columns are as follows: .Pp .Bl -tag -compact -offset indent -width "Requests" .It Ic Type Specifies a type of memory. It is the same as a description string used while defining the given memory type with .Xr MALLOC_DECLARE 9 . .It Ic InUse Number of memory allocations of the given type, for which .Xr free 9 has not been called yet. .It Ic MemUse Total memory consumed by the given allocation type. .It Ic Requests Number of memory allocation requests for the given memory type. .El .Pp The same information can be gathered in userspace with .Dq Nm vmstat Fl m . .\" .Pp .It Ic show Cm map Ns Oo Li / Ns Cm f Oc Ar addr Prints the VM map at .Ar addr . If the .Cm f modifier is specified the complete map is printed. .\" .Pp .It Ic show Cm msgbuf Print the system's message buffer. It is the same output as in the .Dq Nm dmesg case. It is useful if you got a kernel panic, attached a serial cable to the machine and want to get the boot messages from before the system hang. .\" .It Ic show Cm mount Displays short info about all currently mounted file systems. .Pp .It Ic show Cm mount Ar addr Displays details about the given mount point. .\" .Pp .It Ic show Cm object Ns Oo Li / Ns Cm f Oc Ar addr Prints the VM object at .Ar addr . If the .Cm f option is specified the complete object is printed. .\" .Pp .It Ic show Cm panic Print the panic message if set. .\" .Pp .It Ic show Cm page Show statistics on VM pages. .\" .Pp .It Ic show Cm pageq Show statistics on VM page queues. .\" .Pp .It Ic show Cm pciregs Print PCI bus registers. The same information can be gathered in userspace by running .Dq Nm pciconf Fl lv . .\" .Pp .It Ic show Cm pcpu Print current processor state. The output format is as follows: .Pp .Bl -tag -compact -offset indent -width "spin locks held:" .It Ic cpuid Processor identifier. .It Ic curthread Thread pointer, process identifier and the name of the process. .It Ic curpcb Control block pointer. .It Ic fpcurthread FPU thread pointer. .It Ic idlethread Idle thread pointer. .It Ic APIC ID CPU identifier coming from APIC. .It Ic currentldt LDT pointer. .It Ic spin locks held Names of spin locks held. .El .\" .Pp .It Ic show Cm pgrpdump Dump process groups present within the system. .\" .Pp .It Ic show Cm proc Op Ar addr If no .Op Ar addr is specified, print information about the current process. Otherwise, show information about the process at address .Ar addr . .\" .Pp .It Ic show Cm procvm Show process virtual memory layout. .\" .Pp .It Ic show Cm protosw Ar addr Print protocol switch structure .Vt struct protosw at address .Ar addr . .\" .Pp .It Ic show Cm registers Ns Op Li / Ns Cm u Display the register set. If the .Cm u modifier is specified, it displays user registers instead of kernel registers or the currently saved one. .Pp .Sy Warning : The support of the .Cm u modifier depends on the machine. If not supported, incorrect information will be displayed. .\" .Pp .It Ic show Cm rman Ar addr Show resource manager object .Vt struct rman at address .Ar addr . Addresses of particular pointers can be gathered with "show allrman" command. .\" .Pp .It Ic show Cm route Ar addr Show route table result for destination .Ar addr . At this time, INET and INET6 formatted addresses are supported. .\" .Pp .It Ic show Cm routetable Oo Ar af Oc Show full route table or tables. If .Ar af is specified, show only routes for the given numeric address family. If no argument is specified, dump the route table for all address families. .\" .Pp .It Ic show Cm rtc Show real time clock value. Useful for long debugging sessions. .\" .Pp .It Ic show Cm sleepchain Deprecated. Now an alias for .Ic show Cm lockchain . .\" .Pp .It Ic show Cm sleepq .It Ic show Cm sleepqueue Both commands provide the same functionality. They show sleepqueue .Vt struct sleepqueue structure. Sleepqueues are used within the .Fx kernel to implement sleepable synchronization primitives (thread holding a lock might sleep or be context switched), which at the time of writing are: .Xr condvar 9 , .Xr sx 9 and standard .Xr msleep 9 interface. .\" .Pp .It Ic show Cm sockbuf Ar addr .It Ic show Cm socket Ar addr Those commands print .Vt struct sockbuf and .Vt struct socket objects placed at .Ar addr . Output consists of all values present in structures mentioned. For exact interpretation and more details, visit .Pa sys/socket.h header file. .\" .Pp .It Ic show Cm sysregs Show system registers (e.g., .Li cr0-4 on i386.) Not present on some platforms. .\" .Pp .It Ic show Cm tcpcb Ar addr Print TCP control block .Vt struct tcpcb lying at address .Ar addr . For exact interpretation of output, visit .Pa netinet/tcp.h header file. .\" .Pp .It Ic show Cm thread Op Ar addr | tid If no .Ar addr or .Ar tid is specified, show detailed information about current thread. Otherwise, print information about the thread with ID .Ar tid or kernel address .Ar addr . (If the argument is a decimal number, it is assumed to be a tid.) .\" .Pp .It Ic show Cm threads Show all threads within the system. Output format is as follows: .Pp .Bl -tag -compact -offset indent -width "Second column" .It Ic First column Thread identifier (TID) .It Ic Second column Thread structure address .It Ic Third column Backtrace. .El .\" .Pp .It Ic show Cm tty Ar addr Display the contents of a TTY structure in a readable form. .\" .Pp .It Ic show Cm turnstile Ar addr Show turnstile .Vt struct turnstile structure at address .Ar addr . Turnstiles are structures used within the .Fx kernel to implement synchronization primitives which, while holding a specific type of lock, cannot sleep or context switch to another thread. Currently, those are: .Xr mutex 9 , .Xr rwlock 9 , .Xr rmlock 9 . .\" .Pp .It Ic show Cm uma Ns Op Li / Ns Cm i Show UMA allocator statistics. If the .Cm i modifier is specified, format output as machine-parseable comma-separated values ("CSV"). The output contains the following columns: .Pp .Bl -tag -compact -offset indent -width "Total Mem" .It Cm "Zone" Name of the UMA zone. The same string that was passed to .Xr uma_zcreate 9 as a first argument. .It Cm "Size" Size of a given memory object (slab). .It Cm "Used" Number of slabs being currently used. .It Cm "Free" Number of free slabs within the UMA zone. .It Cm "Requests" Number of allocations requests to the given zone. .It Cm "Total Mem" Total memory in use (either allocated or free) by a zone, in bytes. .It Cm "XFree" Number of free slabs within the UMA zone that were freed on a different NUMA domain than allocated. (The count in the .Cm "Free" column is inclusive of .Cm "XFree" . ) .El .Pp The same information might be gathered in the userspace with the help of .Dq Nm vmstat Fl z . .\" .Pp .It Ic show Cm unpcb Ar addr Shows UNIX domain socket private control block .Vt struct unpcb present at the address .Ar addr . .\" .Pp .It Ic show Cm vmochk Prints, whether the internal VM objects are in a map somewhere and none have zero ref counts. .\" .Pp .It Ic show Cm vmopag This is supposed to show physical addresses consumed by a VM object. Currently, it is not possible to use this command when .Xr witness 4 is compiled in the kernel. .\" .Pp .It Ic show Cm vnet Ar addr Prints virtualized network stack .Vt struct vnet structure present at the address .Ar addr . .\" .Pp .It Ic show Cm vnode Op Ar addr Prints vnode .Vt struct vnode structure lying at .Op Ar addr . For the exact interpretation of the output, look at the .Pa sys/vnode.h header file. .\" .Pp .It Ic show Cm vnodebufs Ar addr Shows clean/dirty buffer lists of the vnode located at .Ar addr . .\" .Pp .It Ic show Cm vpath Ar addr Walk the namecache to lookup the pathname of the vnode located at .Ar addr . .\" .Pp .It Ic show Cm watches Displays all watchpoints. Shows watchpoints set with "watch" command. .\" .Pp .It Ic show Cm witness Shows information about lock acquisition coming from the .Xr witness 4 subsystem. .El .Pp .Ss OFFLINE DEBUGGING COMMANDS .Bl -tag -width indent -compact .It Ic gdb Switches to remote GDB mode. In remote GDB mode, another machine is required that runs .Xr gdb 1 using the remote debug feature, with a connection to the serial console port on the target machine. .Pp -.It Ic netdump Fl s Ar server Oo Fl g Ar gateway Oc Fl c Ar client Fl i Ar iface +.It Ic netdump Fl s Ar server Oo Fl g Ar gateway Fl c Ar client Fl i Ar iface Oc Configure .Xr netdump 4 with the provided parameters, and immediately perform a netdump. .Pp There are some known limitations. Principally, .Xr netdump 4 only supports IPv4 at this time. The address arguments to the .Ic netdump command must be dotted decimal IPv4 addresses. (Hostnames are not supported.) At present, the command only works if the machine is in a panic state. Finally, the .Nm .Ic netdump command does not provide any way to configure compression or encryption. .Pp .It Ic capture on .It Ic capture off .It Ic capture reset .It Ic capture status .Nm supports a basic output capture facility, which can be used to retrieve the results of debugging commands from userspace using .Xr sysctl 3 . .Ic capture on enables output capture; .Ic capture off disables capture. .Ic capture reset will clear the capture buffer and disable capture. .Ic capture status will report current buffer use, buffer size, and disposition of output capture. .Pp Userspace processes may inspect and manage .Nm capture state using .Xr sysctl 8 : .Pp .Va debug.ddb.capture.bufsize may be used to query or set the current capture buffer size. .Pp .Va debug.ddb.capture.maxbufsize may be used to query the compile-time limit on the capture buffer size. .Pp .Va debug.ddb.capture.bytes may be used to query the number of bytes of output currently in the capture buffer. .Pp .Va debug.ddb.capture.data returns the contents of the buffer as a string to an appropriately privileged process. .Pp This facility is particularly useful in concert with the scripting and .Xr textdump 4 facilities, allowing scripted debugging output to be captured and committed to disk as part of a textdump for later analysis. The contents of the capture buffer may also be inspected in a kernel core dump using .Xr kgdb 1 . .Pp .It Ic run .It Ic script .It Ic scripts .It Ic unscript Run, define, list, and delete scripts. See the .Sx SCRIPTING section for more information on the scripting facility. .Pp .It Ic textdump dump .It Ic textdump set .It Ic textdump status .It Ic textdump unset Use the .Ic textdump dump command to immediately perform a textdump. More information may be found in .Xr textdump 4 . The .Ic textdump set command may be used to force the next kernel core dump to be a textdump rather than a traditional memory dump or minidump. .Ic textdump status reports whether a textdump has been scheduled. .Ic textdump unset cancels a request to perform a textdump as the next kernel core dump. .El .Sh VARIABLES The debugger accesses registers and variables as .Li $ Ns Ar name . Register names are as in the .Dq Ic show Cm registers command. Some variables are suffixed with numbers, and may have some modifier following a colon immediately after the variable name. For example, register variables can have a .Cm u modifier to indicate user register (e.g., .Dq Li $eax:u ) . .Pp Built-in variables currently supported are: .Pp .Bl -tag -width ".Va tabstops" -compact .It Va radix Input and output radix. .It Va maxoff Addresses are printed as .Dq Ar symbol Ns Li + Ns Ar offset unless .Ar offset is greater than .Va maxoff . .It Va maxwidth The width of the displayed line. .It Va lines The number of lines. It is used by the built-in pager. Setting it to 0 disables paging. .It Va tabstops Tab stop width. .It Va work Ns Ar xx Work variable; .Ar xx can take values from 0 to 31. .El .Sh EXPRESSIONS Most expression operators in C are supported except .Ql ~ , .Ql ^ , and unary .Ql & . Special rules in .Nm are: .Bl -tag -width ".No Identifiers" .It Identifiers The name of a symbol is translated to the value of the symbol, which is the address of the corresponding object. .Ql \&. and .Ql \&: can be used in the identifier. If supported by an object format dependent routine, .Sm off .Oo Ar filename : Oc Ar func : lineno , .Sm on .Oo Ar filename : Oc Ns Ar variable , and .Oo Ar filename : Oc Ns Ar lineno can be accepted as a symbol. .It Numbers Radix is determined by the first two letters: .Ql 0x : hex, .Ql 0o : octal, .Ql 0t : decimal; otherwise, follow current radix. .It Li \&. .Va dot .It Li + .Va next .It Li .. address of the start of the last line examined. Unlike .Va dot or .Va next , this is only changed by .Ic examine or .Ic write command. .It Li ' last address explicitly specified. .It Li $ Ns Ar variable Translated to the value of the specified variable. It may be followed by a .Ql \&: and modifiers as described above. .It Ar a Ns Li # Ns Ar b A binary operator which rounds up the left hand side to the next multiple of right hand side. .It Li * Ns Ar expr Indirection. It may be followed by a .Ql \&: and modifiers as described above. .El .Sh SCRIPTING .Nm supports a basic scripting facility to allow automating tasks or responses to specific events. Each script consists of a list of DDB commands to be executed sequentially, and is assigned a unique name. Certain script names have special meaning, and will be automatically run on various .Nm events if scripts by those names have been defined. .Pp The .Ic script command may be used to define a script by name. Scripts consist of a series of .Nm commands separated with the .Ql \&; character. For example: .Bd -literal -offset indent script kdb.enter.panic=bt; show pcpu script lockinfo=show alllocks; show lockedvnods .Ed .Pp The .Ic scripts command lists currently defined scripts. .Pp The .Ic run command execute a script by name. For example: .Bd -literal -offset indent run lockinfo .Ed .Pp The .Ic unscript command may be used to delete a script by name. For example: .Bd -literal -offset indent unscript kdb.enter.panic .Ed .Pp These functions may also be performed from userspace using the .Xr ddb 8 command. .Pp Certain scripts are run automatically, if defined, for specific .Nm events. The follow scripts are run when various events occur: .Bl -tag -width kdb.enter.powerfail .It Va kdb.enter.acpi The kernel debugger was entered as a result of an .Xr acpi 4 event. .It Va kdb.enter.bootflags The kernel debugger was entered at boot as a result of the debugger boot flag being set. .It Va kdb.enter.break The kernel debugger was entered as a result of a serial or console break. .It Va kdb.enter.cam The kernel debugger was entered as a result of a .Xr CAM 4 event. .It Va kdb.enter.mac The kernel debugger was entered as a result of an assertion failure in the .Xr mac_test 4 module of the TrustedBSD MAC Framework. .It Va kdb.enter.ndis The kernel debugger was entered as a result of an .Xr ndis 4 breakpoint event. .It Va kdb.enter.netgraph The kernel debugger was entered as a result of a .Xr netgraph 4 event. .It Va kdb.enter.panic .Xr panic 9 was called. .It Va kdb.enter.powerfail The kernel debugger was entered as a result of a powerfail NMI on the sparc64 platform. .It Va kdb.enter.powerpc The kernel debugger was entered as a result of an unimplemented interrupt type on the powerpc platform. .It Va kdb.enter.sysctl The kernel debugger was entered as a result of the .Va debug.kdb.enter sysctl being set. .It Va kdb.enter.trapsig The kernel debugger was entered as a result of a trapsig event on the sparc64 platform. .It Va kdb.enter.unionfs The kernel debugger was entered as a result of an assertion failure in the union file system. .It Va kdb.enter.unknown The kernel debugger was entered, but no reason has been set. .It Va kdb.enter.vfslock The kernel debugger was entered as a result of a VFS lock violation. .It Va kdb.enter.watchdog The kernel debugger was entered as a result of a watchdog firing. .It Va kdb.enter.witness The kernel debugger was entered as a result of a .Xr witness 4 violation. .El .Pp In the event that none of these scripts is found, .Nm will attempt to execute a default script: .Bl -tag -width kdb.enter.powerfail .It Va kdb.enter.default The kernel debugger was entered, but a script exactly matching the reason for entering was not defined. This can be used as a catch-all to handle cases not specifically of interest; for example, .Va kdb.enter.witness might be defined to have special handling, and .Va kdb.enter.default might be defined to simply panic and reboot. .El .Sh HINTS On machines with an ISA expansion bus, a simple NMI generation card can be constructed by connecting a push button between the A01 and B01 (CHCHK# and GND) card fingers. Momentarily shorting these two fingers together may cause the bridge chipset to generate an NMI, which causes the kernel to pass control to .Nm . Some bridge chipsets do not generate a NMI on CHCHK#, so your mileage may vary. The NMI allows one to break into the debugger on a wedged machine to diagnose problems. Other bus' bridge chipsets may be able to generate NMI using bus specific methods. There are many PCI and PCIe add-in cards which can generate NMI for debugging. Modern server systems typically use IPMI to generate signals to enter the debugger. The .Va devel/ipmitool port can be used to send the .Cd chassis power diag command which delivers an NMI to the processor. Embedded systems often use JTAG for debugging, but rarely use it in combination with .Nm . .Pp For serial consoles, you can enter the debugger by sending a BREAK condition on the serial line if .Cd options BREAK_TO_DEBUGGER is specified in the kernel. Most terminal emulation programs can send a break sequence with a special key sequence or via a menu item. However, in some setups, sending the break can be difficult to arrange or happens spuriously, so if the kernel contains .Cd options ALT_BREAK_TO_DEBUGGER then the sequence of CR TILDE CTRL-B enters the debugger; CR TILDE CTRL-P causes a panic instead of entering the debugger; and CR TILDE CTRL-R causes an immediate reboot. In all the above sequences, CR is a Carriage Return and is usually sent by hitting the Enter or Return key. TILDE is the ASCII tilde character (~). CTRL-x is Control x created by hitting the control key and then x and then releasing both. .Pp The break to enter the debugger behavior may be enabled at run-time by setting the .Xr sysctl 8 .Va debug.kdb.break_to_debugger to 1. The alternate sequence to enter the debugger behavior may be enabled at run-time by setting the .Xr sysctl 8 .Va debug.kdb.alt_break_to_debugger to 1. The debugger may be entered by setting the .Xr sysctl 8 .Va debug.kdb.enter to 1. .Sh FILES Header files mentioned in this manual page can be found below .Pa /usr/include directory. .Pp .Bl -dash -compact .It .Pa sys/buf.h .It .Pa sys/domain.h .It .Pa netinet/in_pcb.h .It .Pa sys/socket.h .It .Pa sys/vnode.h .El .Sh SEE ALSO .Xr gdb 1 , .Xr kgdb 1 , .Xr acpi 4 , .Xr CAM 4 , .Xr mac_test 4 , .Xr ndis 4 , .Xr netgraph 4 , .Xr textdump 4 , .Xr witness 4 , .Xr ddb 8 , .Xr sysctl 8 , .Xr panic 9 .Sh HISTORY The .Nm debugger was developed for Mach, and ported to .Bx 386 0.1 . This manual page translated from .Xr man 7 macros by .An Garrett Wollman . .Pp .An Robert N. M. Watson added support for .Nm output capture, .Xr textdump 4 and scripting in .Fx 7.1 . Index: head/sys/net/debugnet.c =================================================================== --- head/sys/net/debugnet.c (revision 353693) +++ head/sys/net/debugnet.c (revision 353694) @@ -1,882 +1,949 @@ /*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * * Copyright (c) 2019 Isilon Systems, LLC. * Copyright (c) 2005-2014 Sandvine Incorporated. All rights reserved. * Copyright (c) 2000 Darrell Anderson * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include "opt_ddb.h" #include "opt_inet.h" #include #include #include #include #include #include #ifdef DDB #include #include #endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #define DEBUGNET_INTERNAL #include FEATURE(debugnet, "Debugnet support"); SYSCTL_NODE(_net, OID_AUTO, debugnet, CTLFLAG_RD, NULL, "debugnet parameters"); unsigned debugnet_debug; SYSCTL_UINT(_net_debugnet, OID_AUTO, debug, CTLFLAG_RWTUN, &debugnet_debug, 0, "Debug message verbosity (0: off; 1: on; 2: verbose)"); int debugnet_npolls = 2000; SYSCTL_INT(_net_debugnet, OID_AUTO, npolls, CTLFLAG_RWTUN, &debugnet_npolls, 0, "Number of times to poll before assuming packet loss (0.5ms per poll)"); int debugnet_nretries = 10; SYSCTL_INT(_net_debugnet, OID_AUTO, nretries, CTLFLAG_RWTUN, &debugnet_nretries, 0, "Number of retransmit attempts before giving up"); static bool g_debugnet_pcb_inuse; static struct debugnet_pcb g_dnet_pcb; /* * Simple accessors for opaque PCB. */ const unsigned char * debugnet_get_gw_mac(const struct debugnet_pcb *pcb) { MPASS(g_debugnet_pcb_inuse && pcb == &g_dnet_pcb && pcb->dp_state >= DN_STATE_HAVE_GW_MAC); return (pcb->dp_gw_mac.octet); } /* * Start of network primitives, beginning with output primitives. */ /* * Handles creation of the ethernet header, then places outgoing packets into * the tx buffer for the NIC * * Parameters: * m The mbuf containing the packet to be sent (will be freed by * this function or the NIC driver) * ifp The interface to send on * dst The destination ethernet address (source address will be looked * up using ifp) * etype The ETHERTYPE_* value for the protocol that is being sent * * Returns: * int see errno.h, 0 for success */ int debugnet_ether_output(struct mbuf *m, struct ifnet *ifp, struct ether_addr dst, u_short etype) { struct ether_header *eh; if (((ifp->if_flags & (IFF_MONITOR | IFF_UP)) != IFF_UP) || (ifp->if_drv_flags & IFF_DRV_RUNNING) != IFF_DRV_RUNNING) { if_printf(ifp, "%s: interface isn't up\n", __func__); m_freem(m); return (ENETDOWN); } /* Fill in the ethernet header. */ M_PREPEND(m, ETHER_HDR_LEN, M_NOWAIT); if (m == NULL) { printf("%s: out of mbufs\n", __func__); return (ENOBUFS); } eh = mtod(m, struct ether_header *); memcpy(eh->ether_shost, IF_LLADDR(ifp), ETHER_ADDR_LEN); memcpy(eh->ether_dhost, dst.octet, ETHER_ADDR_LEN); eh->ether_type = htons(etype); return (ifp->if_debugnet_methods->dn_transmit(ifp, m)); } /* * Unreliable transmission of an mbuf chain to the debugnet server * Note: can't handle fragmentation; fails if the packet is larger than * ifp->if_mtu after adding the UDP/IP headers * * Parameters: * pcb The debugnet context block * m mbuf chain * * Returns: * int see errno.h, 0 for success */ static int debugnet_udp_output(struct debugnet_pcb *pcb, struct mbuf *m) { struct udphdr *udp; MPASS(pcb->dp_state >= DN_STATE_HAVE_GW_MAC); M_PREPEND(m, sizeof(*udp), M_NOWAIT); if (m == NULL) { printf("%s: out of mbufs\n", __func__); return (ENOBUFS); } udp = mtod(m, void *); udp->uh_ulen = htons(m->m_pkthdr.len); /* Use this src port so that the server can connect() the socket */ udp->uh_sport = htons(pcb->dp_client_ack_port); udp->uh_dport = htons(pcb->dp_server_port); /* Computed later (protocol-dependent). */ udp->uh_sum = 0; return (debugnet_ip_output(pcb, m)); } /* * Dummy free function for debugnet clusters. */ static void debugnet_mbuf_free(struct mbuf *m __unused) { } /* * Construct and reliably send a debugnet packet. May fail from a resource * shortage or extreme number of unacknowledged retransmissions. Wait for * an acknowledgement before returning. Splits packets into chunks small * enough to be sent without fragmentation (looks up the interface MTU) * * Parameters: * type debugnet packet type (HERALD, FINISHED, ...) * data data * datalen data size (bytes) * auxdata optional auxiliary information * * Returns: * int see errno.h, 0 for success */ int debugnet_send(struct debugnet_pcb *pcb, uint32_t type, const void *data, uint32_t datalen, const struct debugnet_proto_aux *auxdata) { struct debugnet_msg_hdr *dn_msg_hdr; struct mbuf *m, *m2; uint64_t want_acks; uint32_t i, pktlen, sent_so_far; int retries, polls, error; want_acks = 0; pcb->dp_rcvd_acks = 0; retries = 0; retransmit: /* Chunks can be too big to fit in packets. */ for (i = sent_so_far = 0; sent_so_far < datalen || (i == 0 && datalen == 0); i++) { pktlen = datalen - sent_so_far; /* Bound: the interface MTU (assume no IP options). */ pktlen = min(pktlen, pcb->dp_ifp->if_mtu - sizeof(struct udpiphdr) - sizeof(struct debugnet_msg_hdr)); /* * Check if it is retransmitting and this has been ACKed * already. */ if ((pcb->dp_rcvd_acks & (1 << i)) != 0) { sent_so_far += pktlen; continue; } /* * Get and fill a header mbuf, then chain data as an extended * mbuf. */ m = m_gethdr(M_NOWAIT, MT_DATA); if (m == NULL) { printf("%s: Out of mbufs\n", __func__); return (ENOBUFS); } m->m_len = sizeof(struct debugnet_msg_hdr); m->m_pkthdr.len = sizeof(struct debugnet_msg_hdr); MH_ALIGN(m, sizeof(struct debugnet_msg_hdr)); dn_msg_hdr = mtod(m, struct debugnet_msg_hdr *); dn_msg_hdr->mh_seqno = htonl(pcb->dp_seqno + i); dn_msg_hdr->mh_type = htonl(type); dn_msg_hdr->mh_len = htonl(pktlen); if (auxdata != NULL) { dn_msg_hdr->mh_offset = htobe64(auxdata->dp_offset_start + sent_so_far); dn_msg_hdr->mh_aux2 = htobe32(auxdata->dp_aux2); } else { dn_msg_hdr->mh_offset = htobe64(sent_so_far); dn_msg_hdr->mh_aux2 = 0; } if (pktlen != 0) { m2 = m_get(M_NOWAIT, MT_DATA); if (m2 == NULL) { m_freem(m); printf("%s: Out of mbufs\n", __func__); return (ENOBUFS); } MEXTADD(m2, __DECONST(char *, data) + sent_so_far, pktlen, debugnet_mbuf_free, NULL, NULL, 0, EXT_DISPOSABLE); m2->m_len = pktlen; m_cat(m, m2); m->m_pkthdr.len += pktlen; } error = debugnet_udp_output(pcb, m); if (error != 0) return (error); /* Note that we're waiting for this packet in the bitfield. */ want_acks |= (1 << i); sent_so_far += pktlen; } if (i >= DEBUGNET_MAX_IN_FLIGHT) printf("Warning: Sent more than %d packets (%d). " "Acknowledgements will fail unless the size of " "rcvd_acks/want_acks is increased.\n", DEBUGNET_MAX_IN_FLIGHT, i); /* * Wait for acks. A *real* window would speed things up considerably. */ polls = 0; while (pcb->dp_rcvd_acks != want_acks) { if (polls++ > debugnet_npolls) { if (retries++ > debugnet_nretries) return (ETIMEDOUT); printf(". "); goto retransmit; } debugnet_network_poll(pcb->dp_ifp); DELAY(500); } pcb->dp_seqno += i; return (0); } /* * Network input primitives. */ static void debugnet_handle_ack(struct debugnet_pcb *pcb, struct mbuf **mb, uint16_t sport) { const struct debugnet_ack *dn_ack; struct mbuf *m; uint32_t rcv_ackno; m = *mb; if (m->m_pkthdr.len < sizeof(*dn_ack)) { DNETDEBUG("ignoring small ACK packet\n"); return; } /* Get Ack. */ if (m->m_len < sizeof(*dn_ack)) { m = m_pullup(m, sizeof(*dn_ack)); *mb = m; if (m == NULL) { DNETDEBUG("m_pullup failed\n"); return; } } dn_ack = mtod(m, const void *); /* Debugnet processing. */ /* * Packet is meant for us. Extract the ack sequence number and the * port number if necessary. */ rcv_ackno = ntohl(dn_ack->da_seqno); if (pcb->dp_state < DN_STATE_GOT_HERALD_PORT) { pcb->dp_server_port = sport; pcb->dp_state = DN_STATE_GOT_HERALD_PORT; } if (rcv_ackno >= pcb->dp_seqno + DEBUGNET_MAX_IN_FLIGHT) printf("%s: ACK %u too far in future!\n", __func__, rcv_ackno); else if (rcv_ackno >= pcb->dp_seqno) { /* We're interested in this ack. Record it. */ pcb->dp_rcvd_acks |= 1 << (rcv_ackno - pcb->dp_seqno); } } void debugnet_handle_udp(struct debugnet_pcb *pcb, struct mbuf **mb) { const struct udphdr *udp; struct mbuf *m; uint16_t sport; /* UDP processing. */ m = *mb; if (m->m_pkthdr.len < sizeof(*udp)) { DNETDEBUG("ignoring small UDP packet\n"); return; } /* Get UDP headers. */ if (m->m_len < sizeof(*udp)) { m = m_pullup(m, sizeof(*udp)); *mb = m; if (m == NULL) { DNETDEBUG("m_pullup failed\n"); return; } } udp = mtod(m, const void *); /* For now, the only UDP packets we expect to receive are acks. */ if (ntohs(udp->uh_dport) != pcb->dp_client_ack_port) { DNETDEBUG("not on the expected ACK port.\n"); return; } sport = ntohs(udp->uh_sport); m_adj(m, sizeof(*udp)); debugnet_handle_ack(pcb, mb, sport); } /* * Handler for incoming packets directly from the network adapter * Identifies the packet type (IP or ARP) and passes it along to one of the * helper functions debugnet_handle_ip or debugnet_handle_arp. * * It needs to partially replicate the behaviour of ether_input() and * ether_demux(). * * Parameters: * ifp the interface the packet came from * m an mbuf containing the packet received */ static void debugnet_pkt_in(struct ifnet *ifp, struct mbuf *m) { struct ifreq ifr; struct ether_header *eh; u_short etype; /* Ethernet processing. */ if ((m->m_flags & M_PKTHDR) == 0) { DNETDEBUG_IF(ifp, "discard frame without packet header\n"); goto done; } if (m->m_len < ETHER_HDR_LEN) { DNETDEBUG_IF(ifp, "discard frame without leading eth header (len %u pktlen %u)\n", m->m_len, m->m_pkthdr.len); goto done; } if ((m->m_flags & M_HASFCS) != 0) { m_adj(m, -ETHER_CRC_LEN); m->m_flags &= ~M_HASFCS; } eh = mtod(m, struct ether_header *); etype = ntohs(eh->ether_type); if ((m->m_flags & M_VLANTAG) != 0 || etype == ETHERTYPE_VLAN) { DNETDEBUG_IF(ifp, "ignoring vlan packets\n"); goto done; } if (if_gethwaddr(ifp, &ifr) != 0) { DNETDEBUG_IF(ifp, "failed to get hw addr for interface\n"); goto done; } if (memcmp(ifr.ifr_addr.sa_data, eh->ether_dhost, ETHER_ADDR_LEN) != 0 && (etype != ETHERTYPE_ARP || !ETHER_IS_BROADCAST(eh->ether_dhost))) { DNETDEBUG_IF(ifp, "discard frame with incorrect destination addr\n"); goto done; } MPASS(g_debugnet_pcb_inuse); /* Done ethernet processing. Strip off the ethernet header. */ m_adj(m, ETHER_HDR_LEN); switch (etype) { case ETHERTYPE_ARP: debugnet_handle_arp(&g_dnet_pcb, &m); break; case ETHERTYPE_IP: debugnet_handle_ip(&g_dnet_pcb, &m); break; default: DNETDEBUG_IF(ifp, "dropping unknown ethertype %hu\n", etype); break; } done: if (m != NULL) m_freem(m); } /* * Network polling primitive. * * Instead of assuming that most of the network stack is sane, we just poll the * driver directly for packets. */ void debugnet_network_poll(struct ifnet *ifp) { ifp->if_debugnet_methods->dn_poll(ifp, 1000); } /* * Start of consumer API surface. */ void debugnet_free(struct debugnet_pcb *pcb) { struct ifnet *ifp; MPASS(g_debugnet_pcb_inuse); MPASS(pcb == &g_dnet_pcb); ifp = pcb->dp_ifp; - ifp->if_input = pcb->dp_drv_input; - ifp->if_debugnet_methods->dn_event(ifp, DEBUGNET_END); + if (ifp != NULL) { + if (pcb->dp_drv_input != NULL) + ifp->if_input = pcb->dp_drv_input; + if (pcb->dp_event_started) + ifp->if_debugnet_methods->dn_event(ifp, DEBUGNET_END); + } debugnet_mbuf_finish(); g_debugnet_pcb_inuse = false; memset(&g_dnet_pcb, 0xfd, sizeof(g_dnet_pcb)); } int debugnet_connect(const struct debugnet_conn_params *dcp, struct debugnet_pcb **pcb_out) { struct debugnet_pcb *pcb; struct ifnet *ifp; int error; if (g_debugnet_pcb_inuse) { printf("%s: Only one connection at a time.\n", __func__); return (EBUSY); } pcb = &g_dnet_pcb; *pcb = (struct debugnet_pcb) { .dp_state = DN_STATE_INIT, .dp_client = dcp->dc_client, .dp_server = dcp->dc_server, .dp_gateway = dcp->dc_gateway, .dp_server_port = dcp->dc_herald_port, /* Initially */ .dp_client_ack_port = dcp->dc_client_ack_port, .dp_seqno = 1, .dp_ifp = dcp->dc_ifp, }; /* Switch to the debugnet mbuf zones. */ debugnet_mbuf_start(); + /* At least one needed parameter is missing; infer it. */ + if (pcb->dp_client == INADDR_ANY || pcb->dp_gateway == INADDR_ANY || + pcb->dp_ifp == NULL) { + struct sockaddr_in dest_sin, *gw_sin, *local_sin; + struct rtentry *dest_rt; + struct ifnet *rt_ifp; + + memset(&dest_sin, 0, sizeof(dest_sin)); + dest_sin = (struct sockaddr_in) { + .sin_len = sizeof(dest_sin), + .sin_family = AF_INET, + .sin_addr.s_addr = pcb->dp_server, + }; + + CURVNET_SET(vnet0); + dest_rt = rtalloc1((struct sockaddr *)&dest_sin, 0, + RTF_RNH_LOCKED); + CURVNET_RESTORE(); + + if (dest_rt == NULL) { + db_printf("%s: Could not get route for that server.\n", + __func__); + error = ENOENT; + goto cleanup; + } + + if (dest_rt->rt_gateway->sa_family == AF_INET) + gw_sin = (struct sockaddr_in *)dest_rt->rt_gateway; + else { + if (dest_rt->rt_gateway->sa_family == AF_LINK) + DNETDEBUG("Destination address is on link.\n"); + gw_sin = NULL; + } + + MPASS(dest_rt->rt_ifa->ifa_addr->sa_family == AF_INET); + local_sin = (struct sockaddr_in *)dest_rt->rt_ifa->ifa_addr; + + rt_ifp = dest_rt->rt_ifp; + + if (pcb->dp_client == INADDR_ANY) + pcb->dp_client = local_sin->sin_addr.s_addr; + if (pcb->dp_gateway == INADDR_ANY && gw_sin != NULL) + pcb->dp_gateway = gw_sin->sin_addr.s_addr; + if (pcb->dp_ifp == NULL) + pcb->dp_ifp = rt_ifp; + + RTFREE_LOCKED(dest_rt); + } + ifp = pcb->dp_ifp; + + if (debugnet_debug > 0) { + char serbuf[INET_ADDRSTRLEN], clibuf[INET_ADDRSTRLEN], + gwbuf[INET_ADDRSTRLEN]; + inet_ntop(AF_INET, &pcb->dp_server, serbuf, sizeof(serbuf)); + inet_ntop(AF_INET, &pcb->dp_client, clibuf, sizeof(clibuf)); + if (pcb->dp_gateway != INADDR_ANY) + inet_ntop(AF_INET, &pcb->dp_gateway, gwbuf, sizeof(gwbuf)); + DNETDEBUG("Connecting to %s:%d%s%s from %s:%d on %s\n", + serbuf, pcb->dp_server_port, + (pcb->dp_gateway == INADDR_ANY) ? "" : " via ", + (pcb->dp_gateway == INADDR_ANY) ? "" : gwbuf, + clibuf, pcb->dp_client_ack_port, if_name(ifp)); + } + + /* Validate iface is online and supported. */ + if (!DEBUGNET_SUPPORTED_NIC(ifp)) { + printf("%s: interface '%s' does not support debugnet\n", + __func__, if_name(ifp)); + error = ENODEV; + goto cleanup; + } + if ((if_getflags(ifp) & IFF_UP) == 0) { + printf("%s: interface '%s' link is down\n", __func__, + if_name(ifp)); + error = ENXIO; + goto cleanup; + } + ifp->if_debugnet_methods->dn_event(ifp, DEBUGNET_START); + pcb->dp_event_started = true; /* * We maintain the invariant that g_debugnet_pcb_inuse is always true * while the debugnet ifp's if_input is overridden with * debugnet_pkt_in. */ g_debugnet_pcb_inuse = true; /* Make the card use *our* receive callback. */ pcb->dp_drv_input = ifp->if_input; ifp->if_input = debugnet_pkt_in; printf("%s: searching for %s MAC...\n", __func__, (dcp->dc_gateway == INADDR_ANY) ? "server" : "gateway"); error = debugnet_arp_gw(pcb); if (error != 0) { printf("%s: failed to locate MAC address\n", __func__); goto cleanup; } MPASS(pcb->dp_state == DN_STATE_HAVE_GW_MAC); error = debugnet_send(pcb, DEBUGNET_HERALD, dcp->dc_herald_data, dcp->dc_herald_datalen, NULL); if (error != 0) { printf("%s: failed to herald debugnet server\n", __func__); goto cleanup; } *pcb_out = pcb; return (0); cleanup: debugnet_free(pcb); return (error); } /* * Pre-allocated dump-time mbuf tracking. * * We just track the high water mark we've ever seen and allocate appropriately * for that iface/mtu combo. */ static struct { int nmbuf; int ncl; int clsize; } dn_hwm; static struct mtx dn_hwm_lk; MTX_SYSINIT(debugnet_hwm_lock, &dn_hwm_lk, "Debugnet HWM lock", MTX_DEF); static void dn_maybe_reinit_mbufs(int nmbuf, int ncl, int clsize) { bool any; any = false; mtx_lock(&dn_hwm_lk); if (nmbuf > dn_hwm.nmbuf) { any = true; dn_hwm.nmbuf = nmbuf; } else nmbuf = dn_hwm.nmbuf; if (ncl > dn_hwm.ncl) { any = true; dn_hwm.ncl = ncl; } else ncl = dn_hwm.ncl; if (clsize > dn_hwm.clsize) { any = true; dn_hwm.clsize = clsize; } else clsize = dn_hwm.clsize; mtx_unlock(&dn_hwm_lk); if (any) debugnet_mbuf_reinit(nmbuf, ncl, clsize); } void debugnet_any_ifnet_update(struct ifnet *ifp) { int clsize, nmbuf, ncl, nrxr; if (!DEBUGNET_SUPPORTED_NIC(ifp)) return; ifp->if_debugnet_methods->dn_init(ifp, &nrxr, &ncl, &clsize); KASSERT(nrxr > 0, ("invalid receive ring count %d", nrxr)); /* * We need two headers per message on the transmit side. Multiply by * four to give us some breathing room. */ nmbuf = ncl * (4 + nrxr); ncl *= nrxr; dn_maybe_reinit_mbufs(nmbuf, ncl, clsize); } /* * Unfortunately, the ifnet_arrival_event eventhandler hook is mostly useless * for us because drivers tend to if_attach before invoking DEBUGNET_SET(). * * On the other hand, hooking DEBUGNET_SET() itself may still be too early, * because the driver is still in attach. Since we cannot use down interfaces, * maybe hooking ifnet_event:IFNET_EVENT_UP is sufficient? ... Nope, at least * with vtnet and dhcpclient that event just never occurs. * * So that's how I've landed on the lower level ifnet_link_event. */ static void dn_ifnet_event(void *arg __unused, struct ifnet *ifp, int link_state) { if (link_state == LINK_STATE_UP) debugnet_any_ifnet_update(ifp); } static eventhandler_tag dn_attach_cookie; static void dn_evh_init(void *ctx __unused) { dn_attach_cookie = EVENTHANDLER_REGISTER(ifnet_link_event, dn_ifnet_event, NULL, EVENTHANDLER_PRI_ANY); } SYSINIT(dn_evh_init, SI_SUB_EVENTHANDLER + 1, SI_ORDER_ANY, dn_evh_init, NULL); /* * DDB parsing helpers for debugnet(4) consumers. */ #ifdef DDB struct my_inet_opt { bool has_opt; const char *printname; in_addr_t *result; }; static int dn_parse_optarg_ipv4(struct my_inet_opt *opt) { in_addr_t tmp; unsigned octet; int t; tmp = 0; for (octet = 0; octet < 4; octet++) { t = db_read_token_flags(DRT_WSPACE | DRT_DECIMAL); if (t != tNUMBER) { db_printf("%s:%s: octet %u expected number; found %d\n", __func__, opt->printname, octet, t); return (EINVAL); } /* * db_lex lexes '-' distinctly from the number itself, but * let's document that invariant. */ MPASS(db_tok_number >= 0); if (db_tok_number > UINT8_MAX) { db_printf("%s:%s: octet %u out of range: %jd\n", __func__, opt->printname, octet, (intmax_t)db_tok_number); return (EDOM); } /* Constructed host-endian and converted to network later. */ tmp = (tmp << 8) | db_tok_number; if (octet < 3) { t = db_read_token_flags(DRT_WSPACE); if (t != tDOT) { db_printf("%s:%s: octet %u expected '.'; found" " %d\n", __func__, opt->printname, octet, t); return (EINVAL); } } } *opt->result = htonl(tmp); opt->has_opt = true; return (0); } int debugnet_parse_ddb_cmd(const char *cmd, struct debugnet_ddb_config *result) { struct ifnet *ifp; int t, error; bool want_ifp; char ch; struct my_inet_opt opt_client = { .printname = "client", .result = &result->dd_client, }, opt_server = { .printname = "server", .result = &result->dd_server, }, opt_gateway = { .printname = "gateway", .result = &result->dd_gateway, }, *cur_inet_opt; ifp = NULL; memset(result, 0, sizeof(*result)); /* * command [space] [-] [opt] [[space] [optarg]] ... * * db_command has already lexed 'command' for us. */ t = db_read_token_flags(DRT_WSPACE); if (t == tWSPACE) t = db_read_token_flags(DRT_WSPACE); while (t != tEOL) { if (t != tMINUS) { db_printf("%s: Bad syntax; expected '-', got %d\n", cmd, t); goto usage; } t = db_read_token_flags(DRT_WSPACE); if (t != tIDENT) { db_printf("%s: Bad syntax; expected tIDENT, got %d\n", cmd, t); goto usage; } if (strlen(db_tok_string) > 1) { db_printf("%s: Bad syntax; expected single option " "flag, got '%s'\n", cmd, db_tok_string); goto usage; } want_ifp = false; cur_inet_opt = NULL; switch ((ch = db_tok_string[0])) { default: DNETDEBUG("Unexpected: '%c'\n", ch); /* FALLTHROUGH */ case 'h': goto usage; case 'c': cur_inet_opt = &opt_client; break; case 'g': cur_inet_opt = &opt_gateway; break; case 's': cur_inet_opt = &opt_server; break; case 'i': want_ifp = true; break; } t = db_read_token_flags(DRT_WSPACE); if (t != tWSPACE) { db_printf("%s: Bad syntax; expected space after " "flag %c, got %d\n", cmd, ch, t); goto usage; } if (want_ifp) { t = db_read_token_flags(DRT_WSPACE); if (t != tIDENT) { db_printf("%s: Expected interface but got %d\n", cmd, t); goto usage; } CURVNET_SET(vnet0); /* * We *don't* take a ref here because the only current * consumer, db_netdump_cmd, does not need it. It * (somewhat redundantly) extracts the if_name(), * re-lookups the ifp, and takes its own reference. */ ifp = ifunit(db_tok_string); CURVNET_RESTORE(); if (ifp == NULL) { db_printf("Could not locate interface %s\n", db_tok_string); goto cleanup; } } else { MPASS(cur_inet_opt != NULL); /* Assume IPv4 for now. */ error = dn_parse_optarg_ipv4(cur_inet_opt); if (error != 0) goto cleanup; } /* Skip (mandatory) whitespace after option, if not EOL. */ t = db_read_token_flags(DRT_WSPACE); if (t == tEOL) break; if (t != tWSPACE) { db_printf("%s: Bad syntax; expected space after " "flag %c option; got %d\n", cmd, ch, t); goto usage; } t = db_read_token_flags(DRT_WSPACE); } - /* Currently, all three are required. */ - if (!opt_client.has_opt || !opt_server.has_opt || ifp == NULL) { - db_printf("%s needs all of client, server, and interface " - "specified.\n", cmd); + if (!opt_server.has_opt) { + db_printf("%s: need a destination server address\n", cmd); goto usage; } + result->dd_has_client = opt_client.has_opt; result->dd_has_gateway = opt_gateway.has_opt; - - /* Iface validation stolen from netdump_configure. */ - if (!DEBUGNET_SUPPORTED_NIC(ifp)) { - db_printf("%s: interface '%s' does not support debugnet\n", - cmd, if_name(ifp)); - error = ENODEV; - goto cleanup; - } - if ((if_getflags(ifp) & IFF_UP) == 0) { - db_printf("%s: interface '%s' link is down\n", cmd, - if_name(ifp)); - error = ENXIO; - goto cleanup; - } - result->dd_ifp = ifp; /* We parsed the full line to tEOL already, or bailed with an error. */ return (0); usage: - db_printf("Usage: %s -s [-g ] -c " - "-i \n", cmd); + db_printf("Usage: %s -s [-g -c " + "-i ]\n", cmd); error = EINVAL; /* FALLTHROUGH */ cleanup: db_skip_to_eol(); return (error); } #endif /* DDB */ Index: head/sys/net/debugnet.h =================================================================== --- head/sys/net/debugnet.h (revision 353693) +++ head/sys/net/debugnet.h (revision 353694) @@ -1,234 +1,236 @@ /*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * * Copyright (c) 2019 Isilon Systems, LLC. * Copyright (c) 2005-2014 Sandvine Incorporated * Copyright (c) 2000 Darrell Anderson * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $FreeBSD$ */ /* * Debugnet provides a reliable, bidirectional, UDP-encapsulated datagram * transport while a machine is in a debug state. (N-1 CPUs stopped, * interrupts disabled, may or may not be in a panic(9) state.) Only one * stream may be active at a time. A dedicated server must be running to * accept connections. */ #pragma once #include #include /* * Debugnet protocol details. */ #define DEBUGNET_HERALD 1 /* Connection handshake. */ #define DEBUGNET_FINISHED 2 /* Close the connection. */ #define DEBUGNET_DATA 3 /* Contains data. */ struct debugnet_msg_hdr { uint32_t mh_type; /* Debugnet message type. */ uint32_t mh_seqno; /* Match acks with msgs. */ uint64_t mh_offset; /* Offset in fragment. */ uint32_t mh_len; /* Attached data (bytes). */ uint32_t mh_aux2; /* Consumer-specific. */ } __packed; struct debugnet_ack { uint32_t da_seqno; /* Match acks with msgs. */ } __packed; #define DEBUGNET_MAX_IN_FLIGHT 64 #ifdef _KERNEL /* * Hook API for network drivers. */ enum debugnet_ev { DEBUGNET_START, DEBUGNET_END, }; struct ifnet; struct mbuf; typedef void debugnet_init_t(struct ifnet *, int *nrxr, int *ncl, int *clsize); typedef void debugnet_event_t(struct ifnet *, enum debugnet_ev); typedef int debugnet_transmit_t(struct ifnet *, struct mbuf *); typedef int debugnet_poll_t(struct ifnet *, int); struct debugnet_methods { debugnet_init_t *dn_init; debugnet_event_t *dn_event; debugnet_transmit_t *dn_transmit; debugnet_poll_t *dn_poll; }; #define DEBUGNET_SUPPORTED_NIC(ifp) \ ((ifp)->if_debugnet_methods != NULL && (ifp)->if_type == IFT_ETHER) /* * Debugnet consumer API. */ struct debugnet_conn_params { struct ifnet *dc_ifp; in_addr_t dc_client; in_addr_t dc_server; in_addr_t dc_gateway; uint16_t dc_herald_port; uint16_t dc_client_ack_port; const void *dc_herald_data; uint32_t dc_herald_datalen; }; struct debugnet_pcb; /* opaque */ /* * Open a unidirectional stream to the specified server's herald port. * * If all goes well, the server will send ACK from a different port to our ack * port. This allows servers to somewhat gracefully handle multiple debugnet * clients. (Clients are limited to single connections.) * * Returns zero on success, or errno. */ int debugnet_connect(const struct debugnet_conn_params *, struct debugnet_pcb **pcb_out); /* * Free a debugnet stream that was previously successfully opened. * * No attempt is made to cleanly terminate communication with the remote * server. Consumers should first send an empty DEBUGNET_FINISHED message, or * otherwise let the remote know they are signing off. */ void debugnet_free(struct debugnet_pcb *); /* * Send a message, with common debugnet_msg_hdr header, to the connected remote * server. * * - mhtype translates directly to mh_type (e.g., DEBUGNET_DATA, or some other * protocol-specific type). * - Data and datalen describe the attached data; datalen may be zero. * - If auxdata is NULL, mh_offset's initial value and mh_aux2 will be zero. * Otherwise, mh_offset's initial value will be auxdata->dp_offset_start and * mh_aux2 will have the value of auxdata->dp_aux2. * * Returns zero on success, or an errno on failure. */ struct debugnet_proto_aux { uint64_t dp_offset_start; uint32_t dp_aux2; }; int debugnet_send(struct debugnet_pcb *, uint32_t mhtype, const void *data, uint32_t datalen, const struct debugnet_proto_aux *auxdata); /* * A simple wrapper around the above when no data or auxdata is needed. */ static inline int debugnet_sendempty(struct debugnet_pcb *pcb, uint32_t mhtype) { return (debugnet_send(pcb, mhtype, NULL, 0, NULL)); } /* * PCB accessors. */ /* * Get the 48-bit MAC address of the discovered next hop (gateway, or * destination server if it is on the same segment. */ const unsigned char *debugnet_get_gw_mac(const struct debugnet_pcb *); /* * Callbacks from core mbuf code. */ void debugnet_any_ifnet_update(struct ifnet *); /* * DDB parsing helper for common debugnet options. * - * -s [-g -i + * -s [-g -i ] * * Order is not significant. Interface is an online interface that supports * debugnet and can route to the debugnet server. The other parameters are all - * IP addresses. For now, all parameters are mandatory, except gateway. + * IP addresses. Only the server parameter is required. The others are + * inferred automatically from the routing table, if not explicitly provided. * * Provides basic '-h' using provided 'cmd' string. * * Returns zero on success, or errno. */ struct debugnet_ddb_config { struct ifnet *dd_ifp; /* not ref'd */ in_addr_t dd_client; in_addr_t dd_server; in_addr_t dd_gateway; + bool dd_has_client : 1; bool dd_has_gateway : 1; }; int debugnet_parse_ddb_cmd(const char *cmd, struct debugnet_ddb_config *result); /* Expose sysctl variables for netdump(4) to alias. */ extern int debugnet_npolls; extern int debugnet_nretries; extern int debugnet_arp_nretries; /* * Conditionally-defined macros for device drivers so we can avoid ifdef * wrappers in every single implementation. */ #ifdef DEBUGNET #define DEBUGNET_DEFINE(driver) \ static debugnet_init_t driver##_debugnet_init; \ static debugnet_event_t driver##_debugnet_event; \ static debugnet_transmit_t driver##_debugnet_transmit; \ static debugnet_poll_t driver##_debugnet_poll; \ \ static struct debugnet_methods driver##_debugnet_methods = { \ .dn_init = driver##_debugnet_init, \ .dn_event = driver##_debugnet_event, \ .dn_transmit = driver##_debugnet_transmit, \ .dn_poll = driver##_debugnet_poll, \ } #define DEBUGNET_NOTIFY_MTU(ifp) debugnet_any_ifnet_update(ifp) #define DEBUGNET_SET(ifp, driver) \ (ifp)->if_debugnet_methods = &driver##_debugnet_methods #else /* !DEBUGNET || !INET */ #define DEBUGNET_DEFINE(driver) #define DEBUGNET_NOTIFY_MTU(ifp) #define DEBUGNET_SET(ifp, driver) #endif /* DEBUGNET && INET */ #endif /* _KERNEL */ Index: head/sys/net/debugnet_int.h =================================================================== --- head/sys/net/debugnet_int.h (revision 353693) +++ head/sys/net/debugnet_int.h (revision 353694) @@ -1,91 +1,92 @@ /*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * * Copyright (c) 2019 Isilon Systems, LLC. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $FreeBSD$ */ #pragma once #ifndef DEBUGNET_INTERNAL #error "Don't include this" #endif #define DNETDEBUG(f, ...) do { \ if (debugnet_debug > 0) \ printf(("%s: " f), __func__, ## __VA_ARGS__); \ } while (0) #define DNETDEBUG_IF(i, f, ...) do { \ if (debugnet_debug > 0) \ if_printf((i), ("%s: " f), __func__, ## __VA_ARGS__); \ } while (0) #define DNETDEBUGV(f, ...) do { \ if (debugnet_debug > 1) \ printf(("%s: " f), __func__, ## __VA_ARGS__); \ } while (0) enum dnet_pcb_st { DN_STATE_INIT = 1, DN_STATE_HAVE_GW_MAC, DN_STATE_GOT_HERALD_PORT, }; struct debugnet_pcb { uint64_t dp_rcvd_acks; in_addr_t dp_client; in_addr_t dp_server; in_addr_t dp_gateway; uint32_t dp_seqno; struct ether_addr dp_gw_mac; uint16_t dp_server_port; struct ifnet *dp_ifp; /* Saved driver if_input to restore on close. */ void (*dp_drv_input)(struct ifnet *, struct mbuf *); enum dnet_pcb_st dp_state; uint16_t dp_client_ack_port; + bool dp_event_started; }; /* TODO(CEM): Obviate this assertion by using a BITSET(9) for acks. */ CTASSERT(sizeof(((struct debugnet_pcb *)0)->dp_rcvd_acks) * NBBY >= DEBUGNET_MAX_IN_FLIGHT); extern unsigned debugnet_debug; SYSCTL_DECL(_net_debugnet); int debugnet_ether_output(struct mbuf *, struct ifnet *, struct ether_addr, u_short); void debugnet_handle_udp(struct debugnet_pcb *, struct mbuf **); void debugnet_network_poll(struct ifnet *); #ifdef INET int debugnet_arp_gw(struct debugnet_pcb *); void debugnet_handle_arp(struct debugnet_pcb *, struct mbuf **); void debugnet_handle_ip(struct debugnet_pcb *, struct mbuf **); int debugnet_ip_output(struct debugnet_pcb *, struct mbuf *); #endif Index: head/sys/netinet/netdump/netdump_client.c =================================================================== --- head/sys/netinet/netdump/netdump_client.c (revision 353693) +++ head/sys/netinet/netdump/netdump_client.c (revision 353694) @@ -1,816 +1,824 @@ /*- * Copyright (c) 2005-2014 Sandvine Incorporated. All rights reserved. * Copyright (c) 2000 Darrell Anderson * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ /* * netdump_client.c * FreeBSD subsystem supporting netdump network dumps. * A dedicated server must be running to accept client dumps. */ #include __FBSDID("$FreeBSD$"); #include "opt_ddb.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef DDB #include #include #endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #define NETDDEBUGV(f, ...) do { \ if (nd_debug > 1) \ printf(("%s: " f), __func__, ## __VA_ARGS__); \ } while (0) static int netdump_configure(struct diocskerneldump_arg *, struct thread *); static int netdump_dumper(void *priv __unused, void *virtual, vm_offset_t physical __unused, off_t offset, size_t length); static bool netdump_enabled(void); static int netdump_enabled_sysctl(SYSCTL_HANDLER_ARGS); static int netdump_ioctl(struct cdev *dev __unused, u_long cmd, caddr_t addr, int flags __unused, struct thread *td); static int netdump_modevent(module_t mod, int type, void *priv); static int netdump_start(struct dumperinfo *di); static void netdump_unconfigure(void); /* Must be at least as big as the chunks dumpsys() gives us. */ static unsigned char nd_buf[MAXDUMPPGS * PAGE_SIZE]; static int dump_failed; /* Configuration parameters. */ static struct { char ndc_iface[IFNAMSIZ]; union kd_ip ndc_server; union kd_ip ndc_client; union kd_ip ndc_gateway; uint8_t ndc_af; /* Runtime State */ struct debugnet_pcb *nd_pcb; off_t nd_tx_off; size_t nd_buf_len; } nd_conf; #define nd_server nd_conf.ndc_server.in4 #define nd_client nd_conf.ndc_client.in4 #define nd_gateway nd_conf.ndc_gateway.in4 /* General dynamic settings. */ static struct sx nd_conf_lk; SX_SYSINIT(nd_conf, &nd_conf_lk, "netdump configuration lock"); #define NETDUMP_WLOCK() sx_xlock(&nd_conf_lk) #define NETDUMP_WUNLOCK() sx_xunlock(&nd_conf_lk) #define NETDUMP_RLOCK() sx_slock(&nd_conf_lk) #define NETDUMP_RUNLOCK() sx_sunlock(&nd_conf_lk) #define NETDUMP_ASSERT_WLOCKED() sx_assert(&nd_conf_lk, SA_XLOCKED) #define NETDUMP_ASSERT_LOCKED() sx_assert(&nd_conf_lk, SA_LOCKED) static struct ifnet *nd_ifp; static eventhandler_tag nd_detach_cookie; FEATURE(netdump, "Netdump client support"); static SYSCTL_NODE(_net, OID_AUTO, netdump, CTLFLAG_RD, NULL, "netdump parameters"); static int nd_debug; SYSCTL_INT(_net_netdump, OID_AUTO, debug, CTLFLAG_RWTUN, &nd_debug, 0, "Debug message verbosity"); -SYSCTL_PROC(_net_netdump, OID_AUTO, enabled, CTLFLAG_RD | CTLTYPE_INT, - &nd_ifp, 0, netdump_enabled_sysctl, "I", "netdump configuration status"); +SYSCTL_PROC(_net_netdump, OID_AUTO, enabled, CTLFLAG_RD | CTLTYPE_INT, NULL, 0, + netdump_enabled_sysctl, "I", "netdump configuration status"); static char nd_path[MAXPATHLEN]; SYSCTL_STRING(_net_netdump, OID_AUTO, path, CTLFLAG_RW, nd_path, sizeof(nd_path), "Server path for output files"); /* * The following three variables were moved to debugnet(4), but these knobs * were retained as aliases. */ SYSCTL_INT(_net_netdump, OID_AUTO, polls, CTLFLAG_RWTUN, &debugnet_npolls, 0, "Number of times to poll before assuming packet loss (0.5ms per poll)"); SYSCTL_INT(_net_netdump, OID_AUTO, retries, CTLFLAG_RWTUN, &debugnet_nretries, 0, "Number of retransmit attempts before giving up"); SYSCTL_INT(_net_netdump, OID_AUTO, arp_retries, CTLFLAG_RWTUN, &debugnet_arp_nretries, 0, "Number of ARP attempts before giving up"); +static bool nd_is_enabled; static bool netdump_enabled(void) { NETDUMP_ASSERT_LOCKED(); - return (nd_ifp != NULL); + return (nd_is_enabled); } +static void +netdump_set_enabled(bool status) +{ + + NETDUMP_ASSERT_LOCKED(); + nd_is_enabled = status; +} + static int netdump_enabled_sysctl(SYSCTL_HANDLER_ARGS) { int en, error; NETDUMP_RLOCK(); en = netdump_enabled(); NETDUMP_RUNLOCK(); error = SYSCTL_OUT(req, &en, sizeof(en)); if (error != 0 || req->newptr == NULL) return (error); return (EPERM); } /*- * Dumping specific primitives. */ /* * Flush any buffered vmcore data. */ static int netdump_flush_buf(void) { int error; error = 0; if (nd_conf.nd_buf_len != 0) { struct debugnet_proto_aux auxdata = { .dp_offset_start = nd_conf.nd_tx_off, }; error = debugnet_send(nd_conf.nd_pcb, DEBUGNET_DATA, nd_buf, nd_conf.nd_buf_len, &auxdata); if (error == 0) nd_conf.nd_buf_len = 0; } return (error); } /* * Callback from dumpsys() to dump a chunk of memory. * Copies it out to our static buffer then sends it across the network. * Detects the initial KDH and makes sure it is given a special packet type. * * Parameters: * priv Unused. Optional private pointer. * virtual Virtual address (where to read the data from) * physical Unused. Physical memory address. * offset Offset from start of core file * length Data length * * Return value: * 0 on success * errno on error */ static int netdump_dumper(void *priv __unused, void *virtual, vm_offset_t physical __unused, off_t offset, size_t length) { int error; NETDDEBUGV("netdump_dumper(NULL, %p, NULL, %ju, %zu)\n", virtual, (uintmax_t)offset, length); if (virtual == NULL) { error = netdump_flush_buf(); if (error != 0) dump_failed = 1; if (dump_failed != 0) printf("failed to dump the kernel core\n"); else if ( debugnet_sendempty(nd_conf.nd_pcb, DEBUGNET_FINISHED) != 0) printf("failed to close the transaction\n"); else printf("\nnetdump finished.\n"); debugnet_free(nd_conf.nd_pcb); nd_conf.nd_pcb = NULL; return (0); } if (length > sizeof(nd_buf)) return (ENOSPC); if (nd_conf.nd_buf_len + length > sizeof(nd_buf) || (nd_conf.nd_buf_len != 0 && nd_conf.nd_tx_off + nd_conf.nd_buf_len != offset)) { error = netdump_flush_buf(); if (error != 0) { dump_failed = 1; return (error); } nd_conf.nd_tx_off = offset; } memmove(nd_buf + nd_conf.nd_buf_len, virtual, length); nd_conf.nd_buf_len += length; return (0); } /* * Perform any initalization needed prior to transmitting the kernel core. */ static int netdump_start(struct dumperinfo *di) { struct debugnet_conn_params dcp; struct debugnet_pcb *pcb; char buf[INET_ADDRSTRLEN]; int error; error = 0; /* Check if the dumping is allowed to continue. */ if (!netdump_enabled()) return (EINVAL); if (panicstr == NULL) { printf( "netdump_start: netdump may only be used after a panic\n"); return (EINVAL); } memset(&dcp, 0, sizeof(dcp)); if (nd_server.s_addr == INADDR_ANY) { printf("netdump_start: can't netdump; no server IP given\n"); return (EINVAL); } - if (nd_client.s_addr == INADDR_ANY) { - printf("netdump_start: can't netdump; no client IP given\n"); - return (EINVAL); - } /* We start dumping at offset 0. */ di->dumpoff = 0; dcp.dc_ifp = nd_ifp; dcp.dc_client = nd_client.s_addr; dcp.dc_server = nd_server.s_addr; dcp.dc_gateway = nd_gateway.s_addr; dcp.dc_herald_port = NETDUMP_PORT; dcp.dc_client_ack_port = NETDUMP_ACKPORT; dcp.dc_herald_data = nd_path; dcp.dc_herald_datalen = (nd_path[0] == 0) ? 0 : strlen(nd_path) + 1; error = debugnet_connect(&dcp, &pcb); if (error != 0) { printf("failed to contact netdump server\n"); /* Squash debugnet to something the dumper code understands. */ return (EINVAL); } printf("netdumping to %s (%6D)\n", inet_ntoa_r(nd_server, buf), debugnet_get_gw_mac(pcb), ":"); nd_conf.nd_pcb = pcb; return (0); } static int netdump_write_headers(struct dumperinfo *di, struct kerneldumpheader *kdh, void *key, uint32_t keysize) { int error; error = netdump_flush_buf(); if (error != 0) return (error); memcpy(nd_buf, kdh, sizeof(*kdh)); error = debugnet_send(nd_conf.nd_pcb, NETDUMP_KDH, nd_buf, sizeof(*kdh), NULL); if (error == 0 && keysize > 0) { if (keysize > sizeof(nd_buf)) return (EINVAL); memcpy(nd_buf, key, keysize); error = debugnet_send(nd_conf.nd_pcb, NETDUMP_EKCD_KEY, nd_buf, keysize, NULL); } return (error); } /*- * KLD specific code. */ static struct cdevsw netdump_cdevsw = { .d_version = D_VERSION, .d_ioctl = netdump_ioctl, .d_name = "netdump", }; static struct cdev *netdump_cdev; static void netdump_unconfigure(void) { struct diocskerneldump_arg kda; NETDUMP_ASSERT_WLOCKED(); - KASSERT(netdump_enabled(), ("%s: nd_ifp NULL", __func__)); + KASSERT(netdump_enabled(), ("%s: not enabled", __func__)); bzero(&kda, sizeof(kda)); kda.kda_index = KDA_REMOVE_DEV; (void)dumper_remove(nd_conf.ndc_iface, &kda); - if_rele(nd_ifp); + if (nd_ifp != NULL) + if_rele(nd_ifp); nd_ifp = NULL; + netdump_set_enabled(false); log(LOG_WARNING, "netdump: Lost configured interface %s\n", nd_conf.ndc_iface); bzero(&nd_conf, sizeof(nd_conf)); } static void netdump_ifdetach(void *arg __unused, struct ifnet *ifp) { NETDUMP_WLOCK(); if (ifp == nd_ifp) netdump_unconfigure(); NETDUMP_WUNLOCK(); } /* * td of NULL is a sentinel value that indicates a kernel caller (ddb(4) or * modload-based tunable parameters). */ static int netdump_configure(struct diocskerneldump_arg *conf, struct thread *td) { struct ifnet *ifp; struct vnet *vnet; NETDUMP_ASSERT_WLOCKED(); - if (td != NULL) - vnet = TD_TO_VNET(td); - else - vnet = vnet0; - CURVNET_SET(vnet); - if (td != NULL && !IS_DEFAULT_VNET(curvnet)) { + if (conf->kda_iface[0] != 0) { + if (td != NULL) + vnet = TD_TO_VNET(td); + else + vnet = vnet0; + CURVNET_SET(vnet); + if (td != NULL && !IS_DEFAULT_VNET(curvnet)) { + CURVNET_RESTORE(); + return (EINVAL); + } + ifp = ifunit_ref(conf->kda_iface); CURVNET_RESTORE(); - return (EINVAL); - } - ifp = ifunit_ref(conf->kda_iface); - CURVNET_RESTORE(); + } else + ifp = NULL; - if (ifp == NULL) - return (ENOENT); - if ((if_getflags(ifp) & IFF_UP) == 0) { - if_rele(ifp); - return (ENXIO); - } - if (!DEBUGNET_SUPPORTED_NIC(ifp)) { - if_rele(ifp); - return (ENODEV); - } - - if (netdump_enabled()) + if (nd_ifp != NULL) if_rele(nd_ifp); nd_ifp = ifp; + netdump_set_enabled(true); #define COPY_SIZED(elm) do { \ _Static_assert(sizeof(nd_conf.ndc_ ## elm) == \ sizeof(conf->kda_ ## elm), "elm " __XSTRING(elm) " mismatch"); \ memcpy(&nd_conf.ndc_ ## elm, &conf->kda_ ## elm, \ sizeof(nd_conf.ndc_ ## elm)); \ } while (0) COPY_SIZED(iface); COPY_SIZED(server); COPY_SIZED(client); COPY_SIZED(gateway); COPY_SIZED(af); #undef COPY_SIZED return (0); } /* * ioctl(2) handler for the netdump device. This is currently only used to * register netdump as a dump device. * * Parameters: * dev, Unused. * cmd, The ioctl to be handled. * addr, The parameter for the ioctl. * flags, Unused. * td, The thread invoking this ioctl. * * Returns: * 0 on success, and an errno value on failure. */ static int netdump_ioctl(struct cdev *dev __unused, u_long cmd, caddr_t addr, int flags __unused, struct thread *td) { struct diocskerneldump_arg kda_copy, *conf; struct dumperinfo dumper; uint8_t *encryptedkey; int error; #ifdef COMPAT_FREEBSD11 u_int u; #endif #ifdef COMPAT_FREEBSD12 struct diocskerneldump_arg_freebsd12 *kda12; struct netdump_conf_freebsd12 *conf12; #endif conf = NULL; error = 0; NETDUMP_WLOCK(); switch (cmd) { #ifdef COMPAT_FREEBSD11 case DIOCSKERNELDUMP_FREEBSD11: gone_in(13, "11.x ABI compatibility"); u = *(u_int *)addr; if (u != 0) { error = ENXIO; break; } if (netdump_enabled()) netdump_unconfigure(); break; #endif #ifdef COMPAT_FREEBSD12 /* * Used by dumpon(8) in 12.x for clearing previous * configuration -- then NETDUMPSCONF_FREEBSD12 is used to * actually configure netdump. */ case DIOCSKERNELDUMP_FREEBSD12: gone_in(14, "12.x ABI compatibility"); kda12 = (void *)addr; if (kda12->kda12_enable) { error = ENXIO; break; } if (netdump_enabled()) netdump_unconfigure(); break; case NETDUMPGCONF_FREEBSD12: gone_in(14, "FreeBSD 12.x ABI compat"); conf12 = (void *)addr; if (!netdump_enabled()) { error = ENXIO; break; } if (nd_conf.ndc_af != AF_INET) { error = EOPNOTSUPP; break; } - strlcpy(conf12->ndc12_iface, nd_ifp->if_xname, - sizeof(conf12->ndc12_iface)); + if (nd_ifp != NULL) + strlcpy(conf12->ndc12_iface, nd_ifp->if_xname, + sizeof(conf12->ndc12_iface)); memcpy(&conf12->ndc12_server, &nd_server, sizeof(conf12->ndc12_server)); memcpy(&conf12->ndc12_client, &nd_client, sizeof(conf12->ndc12_client)); memcpy(&conf12->ndc12_gateway, &nd_gateway, sizeof(conf12->ndc12_gateway)); break; #endif case DIOCGKERNELDUMP: conf = (void *)addr; /* * For now, index is ignored; netdump doesn't support multiple * configurations (yet). */ if (!netdump_enabled()) { error = ENXIO; conf = NULL; break; } - strlcpy(conf->kda_iface, nd_ifp->if_xname, - sizeof(conf->kda_iface)); + if (nd_ifp != NULL) + strlcpy(conf->kda_iface, nd_ifp->if_xname, + sizeof(conf->kda_iface)); memcpy(&conf->kda_server, &nd_server, sizeof(nd_server)); memcpy(&conf->kda_client, &nd_client, sizeof(nd_client)); memcpy(&conf->kda_gateway, &nd_gateway, sizeof(nd_gateway)); conf->kda_af = nd_conf.ndc_af; conf = NULL; break; #ifdef COMPAT_FREEBSD12 case NETDUMPSCONF_FREEBSD12: gone_in(14, "FreeBSD 12.x ABI compat"); conf12 = (struct netdump_conf_freebsd12 *)addr; _Static_assert(offsetof(struct diocskerneldump_arg, kda_server) == offsetof(struct netdump_conf_freebsd12, ndc12_server), "simplifying assumption"); memset(&kda_copy, 0, sizeof(kda_copy)); memcpy(&kda_copy, conf12, offsetof(struct diocskerneldump_arg, kda_server)); /* 12.x ABI could only configure IPv4 (INET) netdump. */ kda_copy.kda_af = AF_INET; memcpy(&kda_copy.kda_server.in4, &conf12->ndc12_server, sizeof(struct in_addr)); memcpy(&kda_copy.kda_client.in4, &conf12->ndc12_client, sizeof(struct in_addr)); memcpy(&kda_copy.kda_gateway.in4, &conf12->ndc12_gateway, sizeof(struct in_addr)); kda_copy.kda_index = (conf12->ndc12_kda.kda12_enable ? 0 : KDA_REMOVE_ALL); conf = &kda_copy; explicit_bzero(conf12, sizeof(*conf12)); /* FALLTHROUGH */ #endif case DIOCSKERNELDUMP: encryptedkey = NULL; if (cmd == DIOCSKERNELDUMP) { conf = (void *)addr; memcpy(&kda_copy, conf, sizeof(kda_copy)); } /* Netdump only supports IP4 at this time. */ if (conf->kda_af != AF_INET) { error = EPROTONOSUPPORT; break; } conf->kda_iface[sizeof(conf->kda_iface) - 1] = '\0'; if (conf->kda_index == KDA_REMOVE || conf->kda_index == KDA_REMOVE_DEV || conf->kda_index == KDA_REMOVE_ALL) { if (netdump_enabled()) netdump_unconfigure(); if (conf->kda_index == KDA_REMOVE_ALL) error = dumper_remove(NULL, conf); break; } error = netdump_configure(conf, td); if (error != 0) break; if (conf->kda_encryption != KERNELDUMP_ENC_NONE) { if (conf->kda_encryptedkeysize <= 0 || conf->kda_encryptedkeysize > KERNELDUMP_ENCKEY_MAX_SIZE) { error = EINVAL; break; } encryptedkey = malloc(conf->kda_encryptedkeysize, M_TEMP, M_WAITOK); error = copyin(conf->kda_encryptedkey, encryptedkey, conf->kda_encryptedkeysize); if (error != 0) { free(encryptedkey, M_TEMP); break; } conf->kda_encryptedkey = encryptedkey; } memset(&dumper, 0, sizeof(dumper)); dumper.dumper_start = netdump_start; dumper.dumper_hdr = netdump_write_headers; dumper.dumper = netdump_dumper; dumper.priv = NULL; dumper.blocksize = NETDUMP_DATASIZE; dumper.maxiosize = MAXDUMPPGS * PAGE_SIZE; dumper.mediaoffset = 0; dumper.mediasize = 0; error = dumper_insert(&dumper, conf->kda_iface, conf); if (encryptedkey != NULL) { explicit_bzero(encryptedkey, conf->kda_encryptedkeysize); free(encryptedkey, M_TEMP); } if (error != 0) netdump_unconfigure(); break; default: error = ENOTTY; break; } explicit_bzero(&kda_copy, sizeof(kda_copy)); if (conf != NULL) explicit_bzero(conf, sizeof(*conf)); NETDUMP_WUNLOCK(); return (error); } /* * Called upon system init or kld load. Initializes the netdump parameters to * sane defaults (locates the first available NIC and uses the first IPv4 IP on * that card as the client IP). Leaves the server IP unconfigured. * * Parameters: * mod, Unused. * what, The module event type. * priv, Unused. * * Returns: * int, An errno value if an error occured, 0 otherwise. */ static int netdump_modevent(module_t mod __unused, int what, void *priv __unused) { struct diocskerneldump_arg conf; char *arg; int error; error = 0; switch (what) { case MOD_LOAD: error = make_dev_p(MAKEDEV_WAITOK, &netdump_cdev, &netdump_cdevsw, 0, UID_ROOT, GID_WHEEL, 0600, "netdump"); if (error != 0) return (error); nd_detach_cookie = EVENTHANDLER_REGISTER(ifnet_departure_event, netdump_ifdetach, NULL, EVENTHANDLER_PRI_ANY); if ((arg = kern_getenv("net.dump.iface")) != NULL) { strlcpy(conf.kda_iface, arg, sizeof(conf.kda_iface)); freeenv(arg); if ((arg = kern_getenv("net.dump.server")) != NULL) { inet_aton(arg, &conf.kda_server.in4); freeenv(arg); } if ((arg = kern_getenv("net.dump.client")) != NULL) { inet_aton(arg, &conf.kda_client.in4); freeenv(arg); } if ((arg = kern_getenv("net.dump.gateway")) != NULL) { inet_aton(arg, &conf.kda_gateway.in4); freeenv(arg); } conf.kda_af = AF_INET; /* Ignore errors; we print a message to the console. */ NETDUMP_WLOCK(); (void)netdump_configure(&conf, NULL); NETDUMP_WUNLOCK(); } break; case MOD_UNLOAD: NETDUMP_WLOCK(); if (netdump_enabled()) { printf("netdump: disabling dump device for unload\n"); netdump_unconfigure(); } NETDUMP_WUNLOCK(); destroy_dev(netdump_cdev); EVENTHANDLER_DEREGISTER(ifnet_departure_event, nd_detach_cookie); break; default: error = EOPNOTSUPP; break; } return (error); } static moduledata_t netdump_mod = { "netdump", netdump_modevent, NULL, }; MODULE_VERSION(netdump, 1); DECLARE_MODULE(netdump, netdump_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); #ifdef DDB /* * Usage: netdump -s [-g -i * * Order is not significant. * * Currently, this command does not support configuring encryption or * compression. */ DB_FUNC(netdump, db_netdump_cmd, db_cmd_table, CS_OWN, NULL) { static struct diocskerneldump_arg conf; static char blockbuf[NETDUMP_DATASIZE]; static union { struct dumperinfo di; /* For valid di_devname. */ char di_buf[sizeof(struct dumperinfo) + 1]; } u; struct debugnet_ddb_config params; int error; error = debugnet_parse_ddb_cmd("netdump", ¶ms); if (error != 0) { db_printf("Error configuring netdump: %d\n", error); return; } /* Translate to a netdump dumper config. */ memset(&conf, 0, sizeof(conf)); - strlcpy(conf.kda_iface, if_name(params.dd_ifp), sizeof(conf.kda_iface)); + if (params.dd_ifp != NULL) + strlcpy(conf.kda_iface, if_name(params.dd_ifp), + sizeof(conf.kda_iface)); + conf.kda_af = AF_INET; conf.kda_server.in4 = (struct in_addr) { params.dd_server }; - conf.kda_client.in4 = (struct in_addr) { params.dd_client }; + if (params.dd_has_client) + conf.kda_client.in4 = (struct in_addr) { params.dd_client }; + else + conf.kda_client.in4 = (struct in_addr) { INADDR_ANY }; if (params.dd_has_gateway) conf.kda_gateway.in4 = (struct in_addr) { params.dd_gateway }; else conf.kda_gateway.in4 = (struct in_addr) { INADDR_ANY }; /* Set the global netdump config to these options. */ error = netdump_configure(&conf, NULL); if (error != 0) { db_printf("Error enabling netdump: %d\n", error); return; } /* Fake the generic dump configuration list entry to avoid malloc. */ memset(&u.di_buf, 0, sizeof(u.di_buf)); u.di.dumper_start = netdump_start; u.di.dumper_hdr = netdump_write_headers; u.di.dumper = netdump_dumper; u.di.priv = NULL; u.di.blocksize = NETDUMP_DATASIZE; u.di.maxiosize = MAXDUMPPGS * PAGE_SIZE; u.di.mediaoffset = 0; u.di.mediasize = 0; u.di.blockbuf = blockbuf; dumper_ddb_insert(&u.di); error = doadump(false); dumper_ddb_remove(&u.di); if (error != 0) db_printf("Cannot dump: %d\n", error); } #endif /* DDB */