]> git.saurik.com Git - apple/xnu.git/blob - bsd/kern/kdebug.c
projects / apple / xnu.git / blob
? search:


27ad69aa124ec8db87621a4548411e6b707dfb63
[apple/xnu.git] / bsd / kern / kdebug.c
1 /*
2 * Copyright (c) 2000-2013 Apple Inc. All rights reserved.
3 *
4 * @Apple_LICENSE_HEADER_START@
5 *
6 * The contents of this file constitute Original Code as defined in and
7 * are subject to the Apple Public Source License Version 1.1 (the
8 * "License"). You may not use this file except in compliance with the
9 * License. Please obtain a copy of the License at
10 * http://www.apple.com/publicsource and read it before using this file.
11 *
12 * This Original Code and all software distributed under the License are
13 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17 * License for the specific language governing rights and limitations
18 * under the License.
19 *
20 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
21 */
22
23
24 #include <machine/spl.h>
25
26 #include <sys/errno.h>
27 #include <sys/param.h>
28 #include <sys/systm.h>
29 #include <sys/proc_internal.h>
30 #include <sys/vm.h>
31 #include <sys/sysctl.h>
32 #include <sys/kdebug.h>
33 #include <sys/sysproto.h>
34 #include <sys/bsdtask_info.h>
35 #include <sys/random.h>
36 #include <sys/stackshot.h>
37
38 #define HZ 100
39 #include <mach/clock_types.h>
40 #include <mach/mach_types.h>
41 #include <mach/mach_time.h>
42 #include <machine/machine_routines.h>
43
44 #if defined(__i386__) || defined(__x86_64__)
45 #include <i386/rtclock_protos.h>
46 #include <i386/mp.h>
47 #include <i386/machine_routines.h>
48 #endif
49
50 #include <kern/clock.h>
51
52 #include <kern/thread.h>
53 #include <kern/task.h>
54 #include <kern/debug.h>
55 #include <kern/kalloc.h>
56 #include <kern/cpu_data.h>
57 #include <kern/assert.h>
58 #include <kern/telemetry.h>
59 #include <kern/sched_prim.h>
60 #include <vm/vm_kern.h>
61 #include <sys/lock.h>
62
63 #include <sys/malloc.h>
64 #include <sys/mcache.h>
65 #include <sys/kauth.h>
66
67 #include <sys/vnode.h>
68 #include <sys/vnode_internal.h>
69 #include <sys/fcntl.h>
70 #include <sys/file_internal.h>
71 #include <sys/ubc.h>
72 #include <sys/param.h> /* for isset() */
73
74 #include <mach/mach_host.h> /* for host_info() */
75 #include <libkern/OSAtomic.h>
76
77 #include <machine/pal_routines.h>
78
79 extern boolean_t kdebug_serial;
80 #if KDEBUG_MOJO_TRACE
81 #include <sys/kdebugevents.h>
82 static void kdebug_serial_print( /* forward */
83 uint32_t, uint32_t, uint64_t,
84 uintptr_t, uintptr_t, uintptr_t, uintptr_t, uintptr_t);
85 #endif
86
87 /*
88 * IOP(s)
89 *
90 * https://coreoswiki.apple.com/wiki/pages/U6z3i0q9/Consistent_Logging_Implementers_Guide.html
91 *
92 * IOP(s) are auxiliary cores that want to participate in kdebug event logging.
93 * They are registered dynamically. Each is assigned a cpu_id at registration.
94 *
95 * NOTE: IOP trace events may not use the same clock hardware as "normal"
96 * cpus. There is an effort made to synchronize the IOP timebase with the
97 * AP, but it should be understood that there may be discrepancies.
98 *
99 * Once registered, an IOP is permanent, it cannot be unloaded/unregistered.
100 * The current implementation depends on this for thread safety.
101 *
102 * New registrations occur by allocating an kd_iop struct and assigning
103 * a provisional cpu_id of list_head->cpu_id + 1. Then a CAS to claim the
104 * list_head pointer resolves any races.
105 *
106 * You may safely walk the kd_iops list at any time, without holding locks.
107 *
108 * When allocating buffers, the current kd_iops head is captured. Any operations
109 * that depend on the buffer state (such as flushing IOP traces on reads,
110 * etc.) should use the captured list head. This will allow registrations to
111 * take place while trace is in use.
112 */
113
114 typedef struct kd_iop {
115 kd_callback_t callback;
116 uint32_t cpu_id;
117 uint64_t last_timestamp; /* Prevent timer rollback */
118 struct kd_iop* next;
119 } kd_iop_t;
120
121 static kd_iop_t* kd_iops = NULL;
122
123 /* XXX should have prototypes, but Mach does not provide one */
124 void task_act_iterate_wth_args(task_t, void(*)(thread_t, void *), void *);
125 int cpu_number(void); /* XXX <machine/...> include path broken */
126 void commpage_update_kdebug_enable(void); /* XXX sign */
127
128 /* XXX should probably be static, but it's debugging code... */
129 int kdbg_read(user_addr_t, size_t *, vnode_t, vfs_context_t, uint32_t);
130 void kdbg_control_chud(int, void *);
131 int kdbg_control(int *, u_int, user_addr_t, size_t *);
132 int kdbg_readcpumap(user_addr_t, size_t *);
133 int kdbg_readcurcpumap(user_addr_t, size_t *);
134 int kdbg_readthrmap(user_addr_t, size_t *, vnode_t, vfs_context_t);
135 int kdbg_readthrmap_v3(user_addr_t, size_t *, int);
136 int kdbg_readcurthrmap(user_addr_t, size_t *);
137 int kdbg_getreg(kd_regtype *);
138 int kdbg_setreg(kd_regtype *);
139 int kdbg_setrtcdec(kd_regtype *);
140 int kdbg_setpidex(kd_regtype *);
141 int kdbg_setpid(kd_regtype *);
142 void kdbg_thrmap_init(void);
143 int kdbg_reinit(boolean_t);
144 int kdbg_bootstrap(boolean_t);
145
146 int kdbg_cpumap_init_internal(kd_iop_t* iops, uint32_t cpu_count,
147 uint8_t** cpumap, uint32_t* cpumap_size);
148
149 kd_threadmap* kdbg_thrmap_init_internal(unsigned int count,
150 unsigned int *mapsize,
151 unsigned int *mapcount);
152
153 static boolean_t kdebug_current_proc_enabled(uint32_t debugid);
154 static boolean_t kdebug_debugid_enabled(uint32_t debugid);
155 static errno_t kdebug_check_trace_string(uint32_t debugid, uint64_t str_id);
156
157 int kdbg_write_v3_header(user_addr_t, size_t *, int);
158 int kdbg_write_v3_chunk_header(user_addr_t buffer, uint32_t tag,
159 uint32_t sub_tag, uint64_t length,
160 vnode_t vp, vfs_context_t ctx);
161
162 user_addr_t kdbg_write_v3_event_chunk_header(user_addr_t buffer, uint32_t tag,
163 uint64_t length, vnode_t vp,
164 vfs_context_t ctx);
165
166 static int kdbg_enable_typefilter(void);
167 static int kdbg_disable_typefilter(void);
168 static int kdbg_allocate_typefilter(void);
169 static int kdbg_deallocate_typefilter(void);
170
171 static int create_buffers(boolean_t);
172 static void delete_buffers(void);
173
174 extern void IOSleep(int);
175
176 /* trace enable status */
177 unsigned int kdebug_enable = 0;
178
179 /* A static buffer to record events prior to the start of regular logging */
180 #define KD_EARLY_BUFFER_MAX 64
181 static kd_buf kd_early_buffer[KD_EARLY_BUFFER_MAX];
182 static int kd_early_index = 0;
183 static boolean_t kd_early_overflow = FALSE;
184
185 #define SLOW_NOLOG 0x01
186 #define SLOW_CHECKS 0x02
187 #define SLOW_CHUD 0x08
188
189 #define EVENTS_PER_STORAGE_UNIT 2048
190 #define MIN_STORAGE_UNITS_PER_CPU 4
191
192 #define POINTER_FROM_KDS_PTR(x) (&kd_bufs[x.buffer_index].kdsb_addr[x.offset])
193
194 union kds_ptr {
195 struct {
196 uint32_t buffer_index:21;
197 uint16_t offset:11;
198 };
199 uint32_t raw;
200 };
201
202 struct kd_storage {
203 union kds_ptr kds_next;
204 uint32_t kds_bufindx;
205 uint32_t kds_bufcnt;
206 uint32_t kds_readlast;
207 boolean_t kds_lostevents;
208 uint64_t kds_timestamp;
209
210 kd_buf kds_records[EVENTS_PER_STORAGE_UNIT];
211 };
212
213 #define MAX_BUFFER_SIZE (1024 * 1024 * 128)
214 #define N_STORAGE_UNITS_PER_BUFFER (MAX_BUFFER_SIZE / sizeof(struct kd_storage))
215
216 struct kd_storage_buffers {
217 struct kd_storage *kdsb_addr;
218 uint32_t kdsb_size;
219 };
220
221 #define KDS_PTR_NULL 0xffffffff
222 struct kd_storage_buffers *kd_bufs = NULL;
223 int n_storage_units = 0;
224 int n_storage_buffers = 0;
225 int n_storage_threshold = 0;
226 int kds_waiter = 0;
227
228 #pragma pack(0)
229 struct kd_bufinfo {
230 union kds_ptr kd_list_head;
231 union kds_ptr kd_list_tail;
232 boolean_t kd_lostevents;
233 uint32_t _pad;
234 uint64_t kd_prev_timebase;
235 uint32_t num_bufs;
236 } __attribute__(( aligned(MAX_CPU_CACHE_LINE_SIZE) ));
237
238
239 /*
240 * In principle, this control block can be shared in DRAM with other
241 * coprocessors and runtimes, for configuring what tracing is enabled.
242 */
243 struct kd_ctrl_page_t {
244 union kds_ptr kds_free_list;
245 uint32_t enabled :1;
246 uint32_t _pad0 :31;
247 int kds_inuse_count;
248 uint32_t kdebug_flags;
249 uint32_t kdebug_slowcheck;
250 /*
251 * The number of kd_bufinfo structs allocated may not match the current
252 * number of active cpus. We capture the iops list head at initialization
253 * which we could use to calculate the number of cpus we allocated data for,
254 * unless it happens to be null. To avoid that case, we explicitly also
255 * capture a cpu count.
256 */
257 kd_iop_t* kdebug_iops;
258 uint32_t kdebug_cpus;
259 } kd_ctrl_page = { .kds_free_list = {.raw = KDS_PTR_NULL}, .kdebug_slowcheck = SLOW_NOLOG };
260
261 #pragma pack()
262
263 struct kd_bufinfo *kdbip = NULL;
264
265 #define KDCOPYBUF_COUNT 8192
266 #define KDCOPYBUF_SIZE (KDCOPYBUF_COUNT * sizeof(kd_buf))
267
268 #define PAGE_4KB 4096
269 #define PAGE_16KB 16384
270
271 kd_buf *kdcopybuf = NULL;
272
273 boolean_t kdlog_bg_trace = FALSE;
274 boolean_t kdlog_bg_trace_running = FALSE;
275 unsigned int bg_nkdbufs = 0;
276
277 unsigned int nkdbufs = 0;
278 unsigned int kdlog_beg=0;
279 unsigned int kdlog_end=0;
280 unsigned int kdlog_value1=0;
281 unsigned int kdlog_value2=0;
282 unsigned int kdlog_value3=0;
283 unsigned int kdlog_value4=0;
284
285 static lck_spin_t * kdw_spin_lock;
286 static lck_spin_t * kds_spin_lock;
287 static lck_mtx_t * kd_trace_mtx_sysctl;
288 static lck_grp_t * kd_trace_mtx_sysctl_grp;
289 static lck_attr_t * kd_trace_mtx_sysctl_attr;
290 static lck_grp_attr_t *kd_trace_mtx_sysctl_grp_attr;
291
292 extern kern_return_t stack_snapshot2(int pid, user_addr_t tracebuf, uint32_t tracebuf_size, uint32_t flags, int32_t *retval);
293
294 #if CONFIG_TELEMETRY
295 extern kern_return_t stack_microstackshot(user_addr_t tracebuf, uint32_t tracebuf_size, uint32_t flags, int32_t *retval);
296 #endif /* CONFIG_TELEMETRY */
297
298 extern kern_return_t kern_stack_snapshot_with_reason(char* reason);
299
300 extern kern_return_t kern_stack_snapshot_internal(int stackshot_config_version, void *stackshot_config, size_t stackshot_config_size, boolean_t stackshot_from_user);
301
302 extern kern_return_t stack_snapshot_from_kernel_internal(int pid, void *buf, uint32_t size, uint32_t flags, unsigned *bytes_traced);
303
304 int stack_snapshot_from_kernel(pid_t pid, void *buf, uint32_t size, uint32_t flags, unsigned *bytes_traced);
305
306 kd_threadmap *kd_mapptr = 0;
307 unsigned int kd_mapsize = 0;
308 unsigned int kd_mapcount = 0;
309
310 off_t RAW_file_offset = 0;
311 int RAW_file_written = 0;
312
313 #define RAW_FLUSH_SIZE (2 * 1024 * 1024)
314
315 pid_t global_state_pid = -1; /* Used to control exclusive use of kd_buffer */
316
317 /*
318 * A globally increasing counter for identifying strings in trace. Starts at
319 * 1 because 0 is a reserved return value.
320 */
321 __attribute__((aligned(MAX_CPU_CACHE_LINE_SIZE)))
322 static uint64_t g_curr_str_id = 1;
323
324 #define STR_ID_SIG_OFFSET (48)
325 #define STR_ID_MASK ((1ULL << STR_ID_SIG_OFFSET) - 1)
326 #define STR_ID_SIG_MASK (~STR_ID_MASK)
327
328 /*
329 * A bit pattern for identifying string IDs generated by
330 * kdebug_trace_string(2).
331 */
332 static uint64_t g_str_id_signature = (0x70acULL << STR_ID_SIG_OFFSET);
333
334 #define INTERRUPT 0x01050000
335 #define MACH_vmfault 0x01300008
336 #define BSC_SysCall 0x040c0000
337 #define MACH_SysCall 0x010c0000
338
339 /* task to string structure */
340 struct tts
341 {
342 task_t task; /* from procs task */
343 pid_t pid; /* from procs p_pid */
344 char task_comm[20]; /* from procs p_comm */
345 };
346
347 typedef struct tts tts_t;
348
349 struct krt
350 {
351 kd_threadmap *map; /* pointer to the map buffer */
352 int count;
353 int maxcount;
354 struct tts *atts;
355 };
356
357 typedef struct krt krt_t;
358
359 /* This is for the CHUD toolkit call */
360 typedef void (*kd_chudhook_fn) (uint32_t debugid, uintptr_t arg1,
361 uintptr_t arg2, uintptr_t arg3,
362 uintptr_t arg4, uintptr_t arg5);
363
364 volatile kd_chudhook_fn kdebug_chudhook = 0; /* pointer to CHUD toolkit function */
365
366 static uint8_t *type_filter_bitmap;
367
368 /*
369 * This allows kperf to swap out the global state pid when kperf ownership is
370 * passed from one process to another. It checks the old global state pid so
371 * that kperf can't accidentally steal control of trace when a non-kperf trace user has
372 * control of trace.
373 */
374 void
375 kdbg_swap_global_state_pid(pid_t old_pid, pid_t new_pid);
376
377 void
378 kdbg_swap_global_state_pid(pid_t old_pid, pid_t new_pid)
379 {
380 if (!(kd_ctrl_page.kdebug_flags & KDBG_LOCKINIT))
381 return;
382
383 lck_mtx_lock(kd_trace_mtx_sysctl);
384
385 if (old_pid == global_state_pid)
386 global_state_pid = new_pid;
387
388 lck_mtx_unlock(kd_trace_mtx_sysctl);
389 }
390
391 static uint32_t
392 kdbg_cpu_count(boolean_t early_trace)
393 {
394 if (early_trace) {
395 /*
396 * we've started tracing before the IOKit has even
397 * started running... just use the static max value
398 */
399 return max_ncpus;
400 }
401
402 host_basic_info_data_t hinfo;
403 mach_msg_type_number_t count = HOST_BASIC_INFO_COUNT;
404 host_info((host_t)1 /* BSD_HOST */, HOST_BASIC_INFO, (host_info_t)&hinfo, &count);
405 assert(hinfo.logical_cpu_max > 0);
406 return hinfo.logical_cpu_max;
407 }
408
409 #if MACH_ASSERT
410 #endif /* MACH_ASSERT */
411
412 static void
413 kdbg_iop_list_callback(kd_iop_t* iop, kd_callback_type type, void* arg)
414 {
415 while (iop) {
416 iop->callback.func(iop->callback.context, type, arg);
417 iop = iop->next;
418 }
419 }
420
421 static void
422 kdbg_set_tracing_enabled(boolean_t enabled, uint32_t trace_type)
423 {
424 int s = ml_set_interrupts_enabled(FALSE);
425 lck_spin_lock(kds_spin_lock);
426 if (enabled) {
427 kdebug_enable |= trace_type;
428 kd_ctrl_page.kdebug_slowcheck &= ~SLOW_NOLOG;
429 kd_ctrl_page.enabled = 1;
430 commpage_update_kdebug_enable();
431 } else {
432 kdebug_enable &= ~(KDEBUG_ENABLE_TRACE|KDEBUG_ENABLE_PPT);
433 kd_ctrl_page.kdebug_slowcheck |= SLOW_NOLOG;
434 kd_ctrl_page.enabled = 0;
435 commpage_update_kdebug_enable();
436 }
437 lck_spin_unlock(kds_spin_lock);
438 ml_set_interrupts_enabled(s);
439
440 if (enabled) {
441 kdbg_iop_list_callback(kd_ctrl_page.kdebug_iops, KD_CALLBACK_KDEBUG_ENABLED, NULL);
442 } else {
443 /*
444 * If you do not flush the IOP trace buffers, they can linger
445 * for a considerable period; consider code which disables and
446 * deallocates without a final sync flush.
447 */
448 kdbg_iop_list_callback(kd_ctrl_page.kdebug_iops, KD_CALLBACK_KDEBUG_DISABLED, NULL);
449 kdbg_iop_list_callback(kd_ctrl_page.kdebug_iops, KD_CALLBACK_SYNC_FLUSH, NULL);
450 }
451 }
452
453 static void
454 kdbg_set_flags(int slowflag, int enableflag, boolean_t enabled)
455 {
456 int s = ml_set_interrupts_enabled(FALSE);
457 lck_spin_lock(kds_spin_lock);
458
459 if (enabled) {
460 kd_ctrl_page.kdebug_slowcheck |= slowflag;
461 kdebug_enable |= enableflag;
462 } else {
463 kd_ctrl_page.kdebug_slowcheck &= ~slowflag;
464 kdebug_enable &= ~enableflag;
465 }
466
467 lck_spin_unlock(kds_spin_lock);
468 ml_set_interrupts_enabled(s);
469 }
470
471 void
472 disable_wrap(uint32_t *old_slowcheck, uint32_t *old_flags)
473 {
474 int s = ml_set_interrupts_enabled(FALSE);
475 lck_spin_lock(kds_spin_lock);
476
477 *old_slowcheck = kd_ctrl_page.kdebug_slowcheck;
478 *old_flags = kd_ctrl_page.kdebug_flags;
479
480 kd_ctrl_page.kdebug_flags &= ~KDBG_WRAPPED;
481 kd_ctrl_page.kdebug_flags |= KDBG_NOWRAP;
482
483 lck_spin_unlock(kds_spin_lock);
484 ml_set_interrupts_enabled(s);
485 }
486
487 void
488 enable_wrap(uint32_t old_slowcheck, boolean_t lostevents)
489 {
490 int s = ml_set_interrupts_enabled(FALSE);
491 lck_spin_lock(kds_spin_lock);
492
493 kd_ctrl_page.kdebug_flags &= ~KDBG_NOWRAP;
494
495 if ( !(old_slowcheck & SLOW_NOLOG))
496 kd_ctrl_page.kdebug_slowcheck &= ~SLOW_NOLOG;
497
498 if (lostevents == TRUE)
499 kd_ctrl_page.kdebug_flags |= KDBG_WRAPPED;
500
501 lck_spin_unlock(kds_spin_lock);
502 ml_set_interrupts_enabled(s);
503 }
504
505 static int
506 create_buffers(boolean_t early_trace)
507 {
508 int i;
509 int p_buffer_size;
510 int f_buffer_size;
511 int f_buffers;
512 int error = 0;
513
514 /*
515 * For the duration of this allocation, trace code will only reference
516 * kdebug_iops. Any iops registered after this enabling will not be
517 * messaged until the buffers are reallocated.
518 *
519 * TLDR; Must read kd_iops once and only once!
520 */
521 kd_ctrl_page.kdebug_iops = kd_iops;
522
523
524 /*
525 * If the list is valid, it is sorted, newest -> oldest. Each iop entry
526 * has a cpu_id of "the older entry + 1", so the highest cpu_id will
527 * be the list head + 1.
528 */
529
530 kd_ctrl_page.kdebug_cpus = kd_ctrl_page.kdebug_iops ? kd_ctrl_page.kdebug_iops->cpu_id + 1 : kdbg_cpu_count(early_trace);
531
532 if (kmem_alloc(kernel_map, (vm_offset_t *)&kdbip, sizeof(struct kd_bufinfo) * kd_ctrl_page.kdebug_cpus, VM_KERN_MEMORY_DIAG) != KERN_SUCCESS) {
533 error = ENOSPC;
534 goto out;
535 }
536
537 if (nkdbufs < (kd_ctrl_page.kdebug_cpus * EVENTS_PER_STORAGE_UNIT * MIN_STORAGE_UNITS_PER_CPU))
538 n_storage_units = kd_ctrl_page.kdebug_cpus * MIN_STORAGE_UNITS_PER_CPU;
539 else
540 n_storage_units = nkdbufs / EVENTS_PER_STORAGE_UNIT;
541
542 nkdbufs = n_storage_units * EVENTS_PER_STORAGE_UNIT;
543
544 f_buffers = n_storage_units / N_STORAGE_UNITS_PER_BUFFER;
545 n_storage_buffers = f_buffers;
546
547 f_buffer_size = N_STORAGE_UNITS_PER_BUFFER * sizeof(struct kd_storage);
548 p_buffer_size = (n_storage_units % N_STORAGE_UNITS_PER_BUFFER) * sizeof(struct kd_storage);
549
550 if (p_buffer_size)
551 n_storage_buffers++;
552
553 kd_bufs = NULL;
554
555 if (kdcopybuf == 0) {
556 if (kmem_alloc(kernel_map, (vm_offset_t *)&kdcopybuf, (vm_size_t)KDCOPYBUF_SIZE, VM_KERN_MEMORY_DIAG) != KERN_SUCCESS) {
557 error = ENOSPC;
558 goto out;
559 }
560 }
561 if (kmem_alloc(kernel_map, (vm_offset_t *)&kd_bufs, (vm_size_t)(n_storage_buffers * sizeof(struct kd_storage_buffers)), VM_KERN_MEMORY_DIAG) != KERN_SUCCESS) {
562 error = ENOSPC;
563 goto out;
564 }
565 bzero(kd_bufs, n_storage_buffers * sizeof(struct kd_storage_buffers));
566
567 for (i = 0; i < f_buffers; i++) {
568 if (kmem_alloc(kernel_map, (vm_offset_t *)&kd_bufs[i].kdsb_addr, (vm_size_t)f_buffer_size, VM_KERN_MEMORY_DIAG) != KERN_SUCCESS) {
569 error = ENOSPC;
570 goto out;
571 }
572 bzero(kd_bufs[i].kdsb_addr, f_buffer_size);
573
574 kd_bufs[i].kdsb_size = f_buffer_size;
575 }
576 if (p_buffer_size) {
577 if (kmem_alloc(kernel_map, (vm_offset_t *)&kd_bufs[i].kdsb_addr, (vm_size_t)p_buffer_size, VM_KERN_MEMORY_DIAG) != KERN_SUCCESS) {
578 error = ENOSPC;
579 goto out;
580 }
581 bzero(kd_bufs[i].kdsb_addr, p_buffer_size);
582
583 kd_bufs[i].kdsb_size = p_buffer_size;
584 }
585 n_storage_units = 0;
586
587 for (i = 0; i < n_storage_buffers; i++) {
588 struct kd_storage *kds;
589 int n_elements;
590 int n;
591
592 n_elements = kd_bufs[i].kdsb_size / sizeof(struct kd_storage);
593 kds = kd_bufs[i].kdsb_addr;
594
595 for (n = 0; n < n_elements; n++) {
596 kds[n].kds_next.buffer_index = kd_ctrl_page.kds_free_list.buffer_index;
597 kds[n].kds_next.offset = kd_ctrl_page.kds_free_list.offset;
598
599 kd_ctrl_page.kds_free_list.buffer_index = i;
600 kd_ctrl_page.kds_free_list.offset = n;
601 }
602 n_storage_units += n_elements;
603 }
604
605 bzero((char *)kdbip, sizeof(struct kd_bufinfo) * kd_ctrl_page.kdebug_cpus);
606
607 for (i = 0; i < (int)kd_ctrl_page.kdebug_cpus; i++) {
608 kdbip[i].kd_list_head.raw = KDS_PTR_NULL;
609 kdbip[i].kd_list_tail.raw = KDS_PTR_NULL;
610 kdbip[i].kd_lostevents = FALSE;
611 kdbip[i].num_bufs = 0;
612 }
613
614 kd_ctrl_page.kdebug_flags |= KDBG_BUFINIT;
615
616 kd_ctrl_page.kds_inuse_count = 0;
617 n_storage_threshold = n_storage_units / 2;
618 out:
619 if (error)
620 delete_buffers();
621
622 return(error);
623 }
624
625 static void
626 delete_buffers(void)
627 {
628 int i;
629
630 if (kd_bufs) {
631 for (i = 0; i < n_storage_buffers; i++) {
632 if (kd_bufs[i].kdsb_addr) {
633 kmem_free(kernel_map, (vm_offset_t)kd_bufs[i].kdsb_addr, (vm_size_t)kd_bufs[i].kdsb_size);
634 }
635 }
636 kmem_free(kernel_map, (vm_offset_t)kd_bufs, (vm_size_t)(n_storage_buffers * sizeof(struct kd_storage_buffers)));
637
638 kd_bufs = NULL;
639 n_storage_buffers = 0;
640 }
641 if (kdcopybuf) {
642 kmem_free(kernel_map, (vm_offset_t)kdcopybuf, KDCOPYBUF_SIZE);
643
644 kdcopybuf = NULL;
645 }
646 kd_ctrl_page.kds_free_list.raw = KDS_PTR_NULL;
647
648 if (kdbip) {
649 kmem_free(kernel_map, (vm_offset_t)kdbip, sizeof(struct kd_bufinfo) * kd_ctrl_page.kdebug_cpus);
650
651 kdbip = NULL;
652 }
653 kd_ctrl_page.kdebug_iops = NULL;
654 kd_ctrl_page.kdebug_cpus = 0;
655 kd_ctrl_page.kdebug_flags &= ~KDBG_BUFINIT;
656 }
657
658 void
659 release_storage_unit(int cpu, uint32_t kdsp_raw)
660 {
661 int s = 0;
662 struct kd_storage *kdsp_actual;
663 struct kd_bufinfo *kdbp;
664 union kds_ptr kdsp;
665
666 kdsp.raw = kdsp_raw;
667
668 s = ml_set_interrupts_enabled(FALSE);
669 lck_spin_lock(kds_spin_lock);
670
671 kdbp = &kdbip[cpu];
672
673 if (kdsp.raw == kdbp->kd_list_head.raw) {
674 /*
675 * it's possible for the storage unit pointed to
676 * by kdsp to have already been stolen... so
677 * check to see if it's still the head of the list
678 * now that we're behind the lock that protects
679 * adding and removing from the queue...
680 * since we only ever release and steal units from
681 * that position, if it's no longer the head
682 * we having nothing to do in this context
683 */
684 kdsp_actual = POINTER_FROM_KDS_PTR(kdsp);
685 kdbp->kd_list_head = kdsp_actual->kds_next;
686
687 kdsp_actual->kds_next = kd_ctrl_page.kds_free_list;
688 kd_ctrl_page.kds_free_list = kdsp;
689
690 kd_ctrl_page.kds_inuse_count--;
691 }
692 lck_spin_unlock(kds_spin_lock);
693 ml_set_interrupts_enabled(s);
694 }
695
696
697 boolean_t
698 allocate_storage_unit(int cpu)
699 {
700 union kds_ptr kdsp;
701 struct kd_storage *kdsp_actual, *kdsp_next_actual;
702 struct kd_bufinfo *kdbp, *kdbp_vict, *kdbp_try;
703 uint64_t oldest_ts, ts;
704 boolean_t retval = TRUE;
705 int s = 0;
706
707 s = ml_set_interrupts_enabled(FALSE);
708 lck_spin_lock(kds_spin_lock);
709
710 kdbp = &kdbip[cpu];
711
712 /* If someone beat us to the allocate, return success */
713 if (kdbp->kd_list_tail.raw != KDS_PTR_NULL) {
714 kdsp_actual = POINTER_FROM_KDS_PTR(kdbp->kd_list_tail);
715
716 if (kdsp_actual->kds_bufindx < EVENTS_PER_STORAGE_UNIT)
717 goto out;
718 }
719
720 if ((kdsp = kd_ctrl_page.kds_free_list).raw != KDS_PTR_NULL) {
721 kdsp_actual = POINTER_FROM_KDS_PTR(kdsp);
722 kd_ctrl_page.kds_free_list = kdsp_actual->kds_next;
723
724 kd_ctrl_page.kds_inuse_count++;
725 } else {
726 if (kd_ctrl_page.kdebug_flags & KDBG_NOWRAP) {
727 kd_ctrl_page.kdebug_slowcheck |= SLOW_NOLOG;
728 kdbp->kd_lostevents = TRUE;
729 retval = FALSE;
730 goto out;
731 }
732 kdbp_vict = NULL;
733 oldest_ts = (uint64_t)-1;
734
735 for (kdbp_try = &kdbip[0]; kdbp_try < &kdbip[kd_ctrl_page.kdebug_cpus]; kdbp_try++) {
736
737 if (kdbp_try->kd_list_head.raw == KDS_PTR_NULL) {
738 /*
739 * no storage unit to steal
740 */
741 continue;
742 }
743
744 kdsp_actual = POINTER_FROM_KDS_PTR(kdbp_try->kd_list_head);
745
746 if (kdsp_actual->kds_bufcnt < EVENTS_PER_STORAGE_UNIT) {
747 /*
748 * make sure we don't steal the storage unit
749 * being actively recorded to... need to
750 * move on because we don't want an out-of-order
751 * set of events showing up later
752 */
753 continue;
754 }
755 ts = kdbg_get_timestamp(&kdsp_actual->kds_records[0]);
756
757 if (ts < oldest_ts) {
758 /*
759 * when 'wrapping', we want to steal the
760 * storage unit that has the 'earliest' time
761 * associated with it (first event time)
762 */
763 oldest_ts = ts;
764 kdbp_vict = kdbp_try;
765 }
766 }
767 if (kdbp_vict == NULL) {
768 kdebug_enable = 0;
769 kd_ctrl_page.enabled = 0;
770 commpage_update_kdebug_enable();
771 retval = FALSE;
772 goto out;
773 }
774 kdsp = kdbp_vict->kd_list_head;
775 kdsp_actual = POINTER_FROM_KDS_PTR(kdsp);
776 kdbp_vict->kd_list_head = kdsp_actual->kds_next;
777
778 if (kdbp_vict->kd_list_head.raw != KDS_PTR_NULL) {
779 kdsp_next_actual = POINTER_FROM_KDS_PTR(kdbp_vict->kd_list_head);
780 kdsp_next_actual->kds_lostevents = TRUE;
781 } else
782 kdbp_vict->kd_lostevents = TRUE;
783
784 kd_ctrl_page.kdebug_flags |= KDBG_WRAPPED;
785 }
786 kdsp_actual->kds_timestamp = mach_absolute_time();
787 kdsp_actual->kds_next.raw = KDS_PTR_NULL;
788 kdsp_actual->kds_bufcnt = 0;
789 kdsp_actual->kds_readlast = 0;
790
791 kdsp_actual->kds_lostevents = kdbp->kd_lostevents;
792 kdbp->kd_lostevents = FALSE;
793 kdsp_actual->kds_bufindx = 0;
794
795 if (kdbp->kd_list_head.raw == KDS_PTR_NULL)
796 kdbp->kd_list_head = kdsp;
797 else
798 POINTER_FROM_KDS_PTR(kdbp->kd_list_tail)->kds_next = kdsp;
799 kdbp->kd_list_tail = kdsp;
800 out:
801 lck_spin_unlock(kds_spin_lock);
802 ml_set_interrupts_enabled(s);
803
804 return (retval);
805 }
806
807 int
808 kernel_debug_register_callback(kd_callback_t callback)
809 {
810 kd_iop_t* iop;
811 if (kmem_alloc(kernel_map, (vm_offset_t *)&iop, sizeof(kd_iop_t), VM_KERN_MEMORY_DIAG) == KERN_SUCCESS) {
812 memcpy(&iop->callback, &callback, sizeof(kd_callback_t));
813
814 /*
815 * <rdar://problem/13351477> Some IOP clients are not providing a name.
816 *
817 * Remove when fixed.
818 */
819 {
820 boolean_t is_valid_name = FALSE;
821 for (uint32_t length=0; length<sizeof(callback.iop_name); ++length) {
822 /* This is roughly isprintable(c) */
823 if (callback.iop_name[length] > 0x20 && callback.iop_name[length] < 0x7F)
824 continue;
825 if (callback.iop_name[length] == 0) {
826 if (length)
827 is_valid_name = TRUE;
828 break;
829 }
830 }
831
832 if (!is_valid_name) {
833 strlcpy(iop->callback.iop_name, "IOP-???", sizeof(iop->callback.iop_name));
834 }
835 }
836
837 iop->last_timestamp = 0;
838
839 do {
840 /*
841 * We use two pieces of state, the old list head
842 * pointer, and the value of old_list_head->cpu_id.
843 * If we read kd_iops more than once, it can change
844 * between reads.
845 *
846 * TLDR; Must not read kd_iops more than once per loop.
847 */
848 iop->next = kd_iops;
849 iop->cpu_id = iop->next ? (iop->next->cpu_id+1) : kdbg_cpu_count(FALSE);
850
851 /*
852 * Header says OSCompareAndSwapPtr has a memory barrier
853 */
854 } while (!OSCompareAndSwapPtr(iop->next, iop, (void* volatile*)&kd_iops));
855
856 return iop->cpu_id;
857 }
858
859 return 0;
860 }
861
862 void
863 kernel_debug_enter(
864 uint32_t coreid,
865 uint32_t debugid,
866 uint64_t timestamp,
867 uintptr_t arg1,
868 uintptr_t arg2,
869 uintptr_t arg3,
870 uintptr_t arg4,
871 uintptr_t threadid
872 )
873 {
874 uint32_t bindx;
875 kd_buf *kd;
876 struct kd_bufinfo *kdbp;
877 struct kd_storage *kdsp_actual;
878 union kds_ptr kds_raw;
879
880 if (kd_ctrl_page.kdebug_slowcheck) {
881
882 if ( (kd_ctrl_page.kdebug_slowcheck & SLOW_NOLOG) || !(kdebug_enable & (KDEBUG_ENABLE_TRACE|KDEBUG_ENABLE_PPT)))
883 goto out1;
884
885 if (kd_ctrl_page.kdebug_flags & KDBG_TYPEFILTER_CHECK) {
886 /*
887 * Recheck if TYPEFILTER is being used, and if so,
888 * dereference bitmap. If the trace facility is being
889 * disabled, we have ~100ms of preemption-free CPU
890 * usage to access the bitmap.
891 */
892 disable_preemption();
893 if (kd_ctrl_page.kdebug_flags & KDBG_TYPEFILTER_CHECK) {
894 if (isset(type_filter_bitmap, KDBG_EXTRACT_CSC(debugid)))
895 goto record_event_preempt_disabled;
896 }
897 enable_preemption();
898 goto out1;
899 }
900 else if (kd_ctrl_page.kdebug_flags & KDBG_RANGECHECK) {
901 if (debugid >= kdlog_beg && debugid <= kdlog_end)
902 goto record_event;
903 goto out1;
904 }
905 else if (kd_ctrl_page.kdebug_flags & KDBG_VALCHECK) {
906 if ((debugid & KDBG_EVENTID_MASK) != kdlog_value1 &&
907 (debugid & KDBG_EVENTID_MASK) != kdlog_value2 &&
908 (debugid & KDBG_EVENTID_MASK) != kdlog_value3 &&
909 (debugid & KDBG_EVENTID_MASK) != kdlog_value4)
910 goto out1;
911 }
912 }
913
914 record_event:
915
916 disable_preemption();
917
918 record_event_preempt_disabled:
919 if (kd_ctrl_page.enabled == 0)
920 goto out;
921
922 kdbp = &kdbip[coreid];
923 timestamp &= KDBG_TIMESTAMP_MASK;
924
925 #if KDEBUG_MOJO_TRACE
926 if (kdebug_enable & KDEBUG_ENABLE_SERIAL)
927 kdebug_serial_print(coreid, debugid, timestamp,
928 arg1, arg2, arg3, arg4, threadid);
929 #endif
930
931 retry_q:
932 kds_raw = kdbp->kd_list_tail;
933
934 if (kds_raw.raw != KDS_PTR_NULL) {
935 kdsp_actual = POINTER_FROM_KDS_PTR(kds_raw);
936 bindx = kdsp_actual->kds_bufindx;
937 } else
938 kdsp_actual = NULL;
939
940 if (kdsp_actual == NULL || bindx >= EVENTS_PER_STORAGE_UNIT) {
941 if (allocate_storage_unit(coreid) == FALSE) {
942 /*
943 * this can only happen if wrapping
944 * has been disabled
945 */
946 goto out;
947 }
948 goto retry_q;
949 }
950 if ( !OSCompareAndSwap(bindx, bindx + 1, &kdsp_actual->kds_bufindx))
951 goto retry_q;
952
953 // IOP entries can be allocated before xnu allocates and inits the buffer
954 if (timestamp < kdsp_actual->kds_timestamp)
955 kdsp_actual->kds_timestamp = timestamp;
956
957 kd = &kdsp_actual->kds_records[bindx];
958
959 kd->debugid = debugid;
960 kd->arg1 = arg1;
961 kd->arg2 = arg2;
962 kd->arg3 = arg3;
963 kd->arg4 = arg4;
964 kd->arg5 = threadid;
965
966 kdbg_set_timestamp_and_cpu(kd, timestamp, coreid);
967
968 OSAddAtomic(1, &kdsp_actual->kds_bufcnt);
969 out:
970 enable_preemption();
971 out1:
972 if ((kds_waiter && kd_ctrl_page.kds_inuse_count >= n_storage_threshold)) {
973 boolean_t need_kds_wakeup = FALSE;
974 int s;
975
976 /*
977 * try to take the lock here to synchronize with the
978 * waiter entering the blocked state... use the try
979 * mode to prevent deadlocks caused by re-entering this
980 * routine due to various trace points triggered in the
981 * lck_spin_sleep_xxxx routines used to actually enter
982 * our wait condition... no problem if we fail,
983 * there will be lots of additional events coming in that
984 * will eventually succeed in grabbing this lock
985 */
986 s = ml_set_interrupts_enabled(FALSE);
987
988 if (lck_spin_try_lock(kdw_spin_lock)) {
989
990 if (kds_waiter && kd_ctrl_page.kds_inuse_count >= n_storage_threshold) {
991 kds_waiter = 0;
992 need_kds_wakeup = TRUE;
993 }
994 lck_spin_unlock(kdw_spin_lock);
995
996 ml_set_interrupts_enabled(s);
997
998 if (need_kds_wakeup == TRUE)
999 wakeup(&kds_waiter);
1000 }
1001 }
1002 }
1003
1004
1005
1006 static void
1007 kernel_debug_internal(
1008 uint32_t debugid,
1009 uintptr_t arg1,
1010 uintptr_t arg2,
1011 uintptr_t arg3,
1012 uintptr_t arg4,
1013 uintptr_t arg5)
1014 {
1015 struct proc *curproc;
1016 uint64_t now;
1017 uint32_t bindx;
1018 boolean_t s;
1019 kd_buf *kd;
1020 int cpu;
1021 struct kd_bufinfo *kdbp;
1022 struct kd_storage *kdsp_actual;
1023 union kds_ptr kds_raw;
1024
1025
1026
1027 if (kd_ctrl_page.kdebug_slowcheck) {
1028
1029 if (kdebug_enable & KDEBUG_ENABLE_CHUD) {
1030 kd_chudhook_fn chudhook;
1031 /*
1032 * Mask interrupts to minimize the interval across
1033 * which the driver providing the hook could be
1034 * unloaded.
1035 */
1036 s = ml_set_interrupts_enabled(FALSE);
1037 chudhook = kdebug_chudhook;
1038 if (chudhook)
1039 chudhook(debugid, arg1, arg2, arg3, arg4, arg5);
1040 ml_set_interrupts_enabled(s);
1041 }
1042 if ( (kd_ctrl_page.kdebug_slowcheck & SLOW_NOLOG) || !(kdebug_enable & (KDEBUG_ENABLE_TRACE|KDEBUG_ENABLE_PPT)))
1043 goto out1;
1044
1045 if ( !ml_at_interrupt_context()) {
1046 if (kd_ctrl_page.kdebug_flags & KDBG_PIDCHECK) {
1047 /*
1048 * If kdebug flag is not set for current proc, return
1049 */
1050 curproc = current_proc();
1051
1052 if ((curproc && !(curproc->p_kdebug)) &&
1053 ((debugid & 0xffff0000) != (MACHDBG_CODE(DBG_MACH_SCHED, 0) | DBG_FUNC_NONE)) &&
1054 (debugid >> 24 != DBG_TRACE))
1055 goto out1;
1056 }
1057 else if (kd_ctrl_page.kdebug_flags & KDBG_PIDEXCLUDE) {
1058 /*
1059 * If kdebug flag is set for current proc, return
1060 */
1061 curproc = current_proc();
1062
1063 if ((curproc && curproc->p_kdebug) &&
1064 ((debugid & 0xffff0000) != (MACHDBG_CODE(DBG_MACH_SCHED, 0) | DBG_FUNC_NONE)) &&
1065 (debugid >> 24 != DBG_TRACE))
1066 goto out1;
1067 }
1068 }
1069
1070 if (kd_ctrl_page.kdebug_flags & KDBG_TYPEFILTER_CHECK) {
1071 /* Always record trace system info */
1072 if (KDBG_EXTRACT_CLASS(debugid) == DBG_TRACE)
1073 goto record_event;
1074
1075 /*
1076 * Recheck if TYPEFILTER is being used, and if so,
1077 * dereference bitmap. If the trace facility is being
1078 * disabled, we have ~100ms of preemption-free CPU
1079 * usage to access the bitmap.
1080 */
1081 disable_preemption();
1082 if (kd_ctrl_page.kdebug_flags & KDBG_TYPEFILTER_CHECK) {
1083 if (isset(type_filter_bitmap, KDBG_EXTRACT_CSC(debugid)))
1084 goto record_event_preempt_disabled;
1085 }
1086 enable_preemption();
1087 goto out1;
1088 }
1089 else if (kd_ctrl_page.kdebug_flags & KDBG_RANGECHECK) {
1090 /* Always record trace system info */
1091 if (KDBG_EXTRACT_CLASS(debugid) == DBG_TRACE)
1092 goto record_event;
1093
1094 if (debugid < kdlog_beg || debugid > kdlog_end)
1095 goto out1;
1096 }
1097 else if (kd_ctrl_page.kdebug_flags & KDBG_VALCHECK) {
1098 /* Always record trace system info */
1099 if (KDBG_EXTRACT_CLASS(debugid) == DBG_TRACE)
1100 goto record_event;
1101
1102 if ((debugid & KDBG_EVENTID_MASK) != kdlog_value1 &&
1103 (debugid & KDBG_EVENTID_MASK) != kdlog_value2 &&
1104 (debugid & KDBG_EVENTID_MASK) != kdlog_value3 &&
1105 (debugid & KDBG_EVENTID_MASK) != kdlog_value4)
1106 goto out1;
1107 }
1108 }
1109 record_event:
1110 disable_preemption();
1111
1112 record_event_preempt_disabled:
1113 if (kd_ctrl_page.enabled == 0)
1114 goto out;
1115
1116 cpu = cpu_number();
1117 kdbp = &kdbip[cpu];
1118
1119 #if KDEBUG_MOJO_TRACE
1120 if (kdebug_enable & KDEBUG_ENABLE_SERIAL)
1121 kdebug_serial_print(cpu, debugid,
1122 mach_absolute_time() & KDBG_TIMESTAMP_MASK,
1123 arg1, arg2, arg3, arg4, arg5);
1124 #endif
1125
1126 retry_q:
1127 kds_raw = kdbp->kd_list_tail;
1128
1129 if (kds_raw.raw != KDS_PTR_NULL) {
1130 kdsp_actual = POINTER_FROM_KDS_PTR(kds_raw);
1131 bindx = kdsp_actual->kds_bufindx;
1132 } else
1133 kdsp_actual = NULL;
1134
1135 if (kdsp_actual == NULL || bindx >= EVENTS_PER_STORAGE_UNIT) {
1136 if (allocate_storage_unit(cpu) == FALSE) {
1137 /*
1138 * this can only happen if wrapping
1139 * has been disabled
1140 */
1141 goto out;
1142 }
1143 goto retry_q;
1144 }
1145 now = mach_absolute_time() & KDBG_TIMESTAMP_MASK;
1146
1147 if ( !OSCompareAndSwap(bindx, bindx + 1, &kdsp_actual->kds_bufindx))
1148 goto retry_q;
1149
1150 kd = &kdsp_actual->kds_records[bindx];
1151
1152 kd->debugid = debugid;
1153 kd->arg1 = arg1;
1154 kd->arg2 = arg2;
1155 kd->arg3 = arg3;
1156 kd->arg4 = arg4;
1157 kd->arg5 = arg5;
1158
1159 kdbg_set_timestamp_and_cpu(kd, now, cpu);
1160
1161 OSAddAtomic(1, &kdsp_actual->kds_bufcnt);
1162 out:
1163 enable_preemption();
1164 out1:
1165 if (kds_waiter && kd_ctrl_page.kds_inuse_count >= n_storage_threshold) {
1166 uint32_t etype;
1167 uint32_t stype;
1168
1169 etype = debugid & KDBG_EVENTID_MASK;
1170 stype = debugid & KDBG_CSC_MASK;
1171
1172 if (etype == INTERRUPT || etype == MACH_vmfault ||
1173 stype == BSC_SysCall || stype == MACH_SysCall) {
1174
1175 boolean_t need_kds_wakeup = FALSE;
1176
1177 /*
1178 * try to take the lock here to synchronize with the
1179 * waiter entering the blocked state... use the try
1180 * mode to prevent deadlocks caused by re-entering this
1181 * routine due to various trace points triggered in the
1182 * lck_spin_sleep_xxxx routines used to actually enter
1183 * one of our 2 wait conditions... no problem if we fail,
1184 * there will be lots of additional events coming in that
1185 * will eventually succeed in grabbing this lock
1186 */
1187 s = ml_set_interrupts_enabled(FALSE);
1188
1189 if (lck_spin_try_lock(kdw_spin_lock)) {
1190
1191 if (kds_waiter && kd_ctrl_page.kds_inuse_count >= n_storage_threshold) {
1192 kds_waiter = 0;
1193 need_kds_wakeup = TRUE;
1194 }
1195 lck_spin_unlock(kdw_spin_lock);
1196 }
1197 ml_set_interrupts_enabled(s);
1198
1199 if (need_kds_wakeup == TRUE)
1200 wakeup(&kds_waiter);
1201 }
1202 }
1203 }
1204
1205 void
1206 kernel_debug(
1207 uint32_t debugid,
1208 uintptr_t arg1,
1209 uintptr_t arg2,
1210 uintptr_t arg3,
1211 uintptr_t arg4,
1212 __unused uintptr_t arg5)
1213 {
1214 kernel_debug_internal(debugid, arg1, arg2, arg3, arg4, (uintptr_t)thread_tid(current_thread()));
1215 }
1216
1217 void
1218 kernel_debug1(
1219 uint32_t debugid,
1220 uintptr_t arg1,
1221 uintptr_t arg2,
1222 uintptr_t arg3,
1223 uintptr_t arg4,
1224 uintptr_t arg5)
1225 {
1226 kernel_debug_internal(debugid, arg1, arg2, arg3, arg4, arg5);
1227 }
1228
1229 void
1230 kernel_debug_string_simple(const char *message)
1231 {
1232 uintptr_t arg[4] = {0, 0, 0, 0};
1233
1234 /* Stuff the message string in the args and log it. */
1235 strncpy((char *)arg, message, MIN(sizeof(arg), strlen(message)));
1236 KERNEL_DEBUG_EARLY(
1237 TRACE_INFO_STRING,
1238 arg[0], arg[1], arg[2], arg[3]);
1239 }
1240
1241 extern int master_cpu; /* MACH_KERNEL_PRIVATE */
1242 /*
1243 * Used prior to start_kern_tracing() being called.
1244 * Log temporarily into a static buffer.
1245 */
1246 void
1247 kernel_debug_early(
1248 uint32_t debugid,
1249 uintptr_t arg1,
1250 uintptr_t arg2,
1251 uintptr_t arg3,
1252 uintptr_t arg4)
1253 {
1254 /* If tracing is already initialized, use it */
1255 if (nkdbufs) {
1256 KERNEL_DEBUG_CONSTANT(debugid, arg1, arg2, arg3, arg4, 0);
1257 return;
1258 }
1259
1260 /* Do nothing if the buffer is full or we're not on the boot cpu */
1261 kd_early_overflow = kd_early_index >= KD_EARLY_BUFFER_MAX;
1262 if (kd_early_overflow ||
1263 cpu_number() != master_cpu)
1264 return;
1265
1266 kd_early_buffer[kd_early_index].debugid = debugid;
1267 kd_early_buffer[kd_early_index].timestamp = mach_absolute_time();
1268 kd_early_buffer[kd_early_index].arg1 = arg1;
1269 kd_early_buffer[kd_early_index].arg2 = arg2;
1270 kd_early_buffer[kd_early_index].arg3 = arg3;
1271 kd_early_buffer[kd_early_index].arg4 = arg4;
1272 kd_early_buffer[kd_early_index].arg5 = 0;
1273 kd_early_index++;
1274 }
1275
1276 /*
1277 * Transfen the contents of the temporary buffer into the trace buffers.
1278 * Precede that by logging the rebase time (offset) - the TSC-based time (in ns)
1279 * when mach_absolute_time is set to 0.
1280 */
1281 static void
1282 kernel_debug_early_end(void)
1283 {
1284 int i;
1285
1286 if (cpu_number() != master_cpu)
1287 panic("kernel_debug_early_end() not call on boot processor");
1288
1289 /* Fake sentinel marking the start of kernel time relative to TSC */
1290 kernel_debug_enter(
1291 0,
1292 TRACE_TIMESTAMPS,
1293 0,
1294 (uint32_t)(tsc_rebase_abs_time >> 32),
1295 (uint32_t)tsc_rebase_abs_time,
1296 0,
1297 0,
1298 0);
1299 for (i = 0; i < kd_early_index; i++) {
1300 kernel_debug_enter(
1301 0,
1302 kd_early_buffer[i].debugid,
1303 kd_early_buffer[i].timestamp,
1304 kd_early_buffer[i].arg1,
1305 kd_early_buffer[i].arg2,
1306 kd_early_buffer[i].arg3,
1307 kd_early_buffer[i].arg4,
1308 0);
1309 }
1310
1311 /* Cut events-lost event on overflow */
1312 if (kd_early_overflow)
1313 KERNEL_DEBUG_CONSTANT(
1314 TRACE_LOST_EVENTS, 0, 0, 0, 0, 0);
1315
1316 /* This trace marks the start of kernel tracing */
1317 kernel_debug_string_simple("early trace done");
1318 }
1319
1320 /*
1321 * Returns non-zero if debugid is in a reserved class.
1322 */
1323 static int
1324 kdebug_validate_debugid(uint32_t debugid)
1325 {
1326 uint8_t debugid_class;
1327
1328 debugid_class = KDBG_EXTRACT_CLASS(debugid);
1329 switch (debugid_class) {
1330 case DBG_TRACE:
1331 return EPERM;
1332 }
1333
1334 return 0;
1335 }
1336
1337 /*
1338 * Support syscall SYS_kdebug_trace. U64->K32 args may get truncated in kdebug_trace64
1339 */
1340 int
1341 kdebug_trace(struct proc *p, struct kdebug_trace_args *uap, int32_t *retval)
1342 {
1343 struct kdebug_trace64_args uap64;
1344
1345 uap64.code = uap->code;
1346 uap64.arg1 = uap->arg1;
1347 uap64.arg2 = uap->arg2;
1348 uap64.arg3 = uap->arg3;
1349 uap64.arg4 = uap->arg4;
1350
1351 return kdebug_trace64(p, &uap64, retval);
1352 }
1353
1354 /*
1355 * Support syscall SYS_kdebug_trace64. 64-bit args on K32 will get truncated to fit in 32-bit record format.
1356 */
1357 int kdebug_trace64(__unused struct proc *p, struct kdebug_trace64_args *uap, __unused int32_t *retval)
1358 {
1359 int err;
1360
1361 if ((err = kdebug_validate_debugid(uap->code)) != 0) {
1362 return err;
1363 }
1364
1365 if ( __probable(kdebug_enable == 0) )
1366 return(0);
1367
1368 kernel_debug_internal(uap->code, (uintptr_t)uap->arg1, (uintptr_t)uap->arg2, (uintptr_t)uap->arg3, (uintptr_t)uap->arg4, (uintptr_t)thread_tid(current_thread()));
1369
1370 return(0);
1371 }
1372
1373 /*
1374 * Adding enough padding to contain a full tracepoint for the last
1375 * portion of the string greatly simplifies the logic of splitting the
1376 * string between tracepoints. Full tracepoints can be generated using
1377 * the buffer itself, without having to manually add zeros to pad the
1378 * arguments.
1379 */
1380
1381 /* 2 string args in first tracepoint and 9 string data tracepoints */
1382 #define STR_BUF_ARGS (2 + (9 * 4))
1383 /* times the size of each arg on K64 */
1384 #define MAX_STR_LEN (STR_BUF_ARGS * sizeof(uint64_t))
1385 /* on K32, ending straddles a tracepoint, so reserve blanks */
1386 #define STR_BUF_SIZE (MAX_STR_LEN + (2 * sizeof(uint32_t)))
1387
1388 /*
1389 * This function does no error checking and assumes that it is called with
1390 * the correct arguments, including that the buffer pointed to by str is at
1391 * least STR_BUF_SIZE bytes. However, str must be aligned to word-size and
1392 * be NUL-terminated. In cases where a string can fit evenly into a final
1393 * tracepoint without its NUL-terminator, this function will not end those
1394 * strings with a NUL in trace. It's up to clients to look at the function
1395 * qualifier for DBG_FUNC_END in this case, to end the string.
1396 */
1397 static uint64_t
1398 kernel_debug_string_internal(uint32_t debugid, uint64_t str_id, void *vstr,
1399 size_t str_len)
1400 {
1401 /* str must be word-aligned */
1402 uintptr_t *str = vstr;
1403 size_t written = 0;
1404 uintptr_t thread_id;
1405 int i;
1406 uint32_t trace_debugid = TRACEDBG_CODE(DBG_TRACE_STRING,
1407 TRACE_STRING_GLOBAL);
1408
1409 thread_id = (uintptr_t)thread_tid(current_thread());
1410
1411 /* if the ID is being invalidated, just emit that */
1412 if (str_id != 0 && str_len == 0) {
1413 kernel_debug_internal(trace_debugid | DBG_FUNC_START | DBG_FUNC_END,
1414 (uintptr_t)debugid, (uintptr_t)str_id, 0, 0,
1415 thread_id);
1416 return str_id;
1417 }
1418
1419 /* generate an ID, if necessary */
1420 if (str_id == 0) {
1421 str_id = OSIncrementAtomic64((SInt64 *)&g_curr_str_id);
1422 str_id = (str_id & STR_ID_MASK) | g_str_id_signature;
1423 }
1424
1425 trace_debugid |= DBG_FUNC_START;
1426 /* string can fit in a single tracepoint */
1427 if (str_len <= (2 * sizeof(uintptr_t))) {
1428 trace_debugid |= DBG_FUNC_END;
1429 }
1430
1431 kernel_debug_internal(trace_debugid, (uintptr_t)debugid,
1432 (uintptr_t)str_id, str[0],
1433 str[1], thread_id);
1434
1435 trace_debugid &= KDBG_EVENTID_MASK;
1436 i = 2;
1437 written += 2 * sizeof(uintptr_t);
1438
1439 for (; written < str_len; i += 4, written += 4 * sizeof(uintptr_t)) {
1440 if ((written + (4 * sizeof(uintptr_t))) >= str_len) {
1441 trace_debugid |= DBG_FUNC_END;
1442 }
1443 kernel_debug_internal(trace_debugid, str[i],
1444 str[i + 1],
1445 str[i + 2],
1446 str[i + 3], thread_id);
1447 }
1448
1449 return str_id;
1450 }
1451
1452 /*
1453 * Returns true if the current process can emit events, and false otherwise.
1454 * Trace system and scheduling events circumvent this check, as do events
1455 * emitted in interrupt context.
1456 */
1457 static boolean_t
1458 kdebug_current_proc_enabled(uint32_t debugid)
1459 {
1460 /* can't determine current process in interrupt context */
1461 if (ml_at_interrupt_context()) {
1462 return TRUE;
1463 }
1464
1465 /* always emit trace system and scheduling events */
1466 if ((KDBG_EXTRACT_CLASS(debugid) == DBG_TRACE ||
1467 (debugid & KDBG_CSC_MASK) == MACHDBG_CODE(DBG_MACH_SCHED, 0)))
1468 {
1469 return TRUE;
1470 }
1471
1472 if (kd_ctrl_page.kdebug_flags & KDBG_PIDCHECK) {
1473 proc_t cur_proc = current_proc();
1474
1475 /* only the process with the kdebug bit set is allowed */
1476 if (cur_proc && !(cur_proc->p_kdebug)) {
1477 return FALSE;
1478 }
1479 } else if (kd_ctrl_page.kdebug_flags & KDBG_PIDEXCLUDE) {
1480 proc_t cur_proc = current_proc();
1481
1482 /* every process except the one with the kdebug bit set is allowed */
1483 if (cur_proc && cur_proc->p_kdebug) {
1484 return FALSE;
1485 }
1486 }
1487
1488 return TRUE;
1489 }
1490
1491 /*
1492 * Returns true if the debugid is disabled by filters, and false if the
1493 * debugid is allowed to be traced. A debugid may not be traced if the
1494 * typefilter disables its class and subclass, it's outside a range
1495 * check, or if it's not an allowed debugid in a value check. Trace
1496 * system events bypass this check.
1497 */
1498 static boolean_t
1499 kdebug_debugid_enabled(uint32_t debugid)
1500 {
1501 boolean_t is_enabled = TRUE;
1502
1503 /* if no filtering is enabled */
1504 if (!kd_ctrl_page.kdebug_slowcheck) {
1505 return TRUE;
1506 }
1507
1508 if (KDBG_EXTRACT_CLASS(debugid) == DBG_TRACE) {
1509 return TRUE;
1510 }
1511
1512 if (kd_ctrl_page.kdebug_flags & KDBG_TYPEFILTER_CHECK) {
1513 disable_preemption();
1514
1515 /*
1516 * Recheck if typefilter is still being used. If tracing is being
1517 * disabled, there's a 100ms sleep on the other end to keep the
1518 * bitmap around for this check.
1519 */
1520 if (kd_ctrl_page.kdebug_flags & KDBG_TYPEFILTER_CHECK) {
1521 if (!(isset(type_filter_bitmap, KDBG_EXTRACT_CSC(debugid)))) {
1522 is_enabled = FALSE;
1523 }
1524 }
1525
1526 enable_preemption();
1527 } else if (kd_ctrl_page.kdebug_flags & KDBG_RANGECHECK) {
1528 if (debugid < kdlog_beg || debugid > kdlog_end) {
1529 is_enabled = FALSE;
1530 }
1531 } else if (kd_ctrl_page.kdebug_flags & KDBG_VALCHECK) {
1532 if ((debugid & KDBG_EVENTID_MASK) != kdlog_value1 &&
1533 (debugid & KDBG_EVENTID_MASK) != kdlog_value2 &&
1534 (debugid & KDBG_EVENTID_MASK) != kdlog_value3 &&
1535 (debugid & KDBG_EVENTID_MASK) != kdlog_value4)
1536 {
1537 is_enabled = FALSE;
1538 }
1539 }
1540
1541 return is_enabled;
1542 }
1543
1544 /*
1545 * Returns 0 if a string can be traced with these arguments. Returns errno
1546 * value if error occurred.
1547 */
1548 static errno_t
1549 kdebug_check_trace_string(uint32_t debugid, uint64_t str_id)
1550 {
1551 /* if there are function qualifiers on the debugid */
1552 if (debugid & ~KDBG_EVENTID_MASK) {
1553 return EINVAL;
1554 }
1555
1556 if (kdebug_validate_debugid(debugid)) {
1557 return EPERM;
1558 }
1559
1560 if (str_id != 0 && (str_id & STR_ID_SIG_MASK) != g_str_id_signature) {
1561 return EINVAL;
1562 }
1563
1564 return 0;
1565 }
1566
1567 /*
1568 * Implementation of KPI kernel_debug_string.
1569 */
1570 int
1571 kernel_debug_string(uint32_t debugid, uint64_t *str_id, const char *str)
1572 {
1573 /* arguments to tracepoints must be word-aligned */
1574 __attribute__((aligned(sizeof(uintptr_t)))) char str_buf[STR_BUF_SIZE];
1575 assert_static(sizeof(str_buf) > MAX_STR_LEN);
1576 vm_size_t len_copied;
1577 int err;
1578
1579 assert(str_id);
1580
1581 if (__probable(kdebug_enable == 0)) {
1582 return 0;
1583 }
1584
1585 if (!kdebug_current_proc_enabled(debugid)) {
1586 return 0;
1587 }
1588
1589 if (!kdebug_debugid_enabled(debugid)) {
1590 return 0;
1591 }
1592
1593 if ((err = kdebug_check_trace_string(debugid, *str_id)) != 0) {
1594 return err;
1595 }
1596
1597 if (str == NULL) {
1598 if (str_id == 0) {
1599 return EINVAL;
1600 }
1601
1602 *str_id = kernel_debug_string_internal(debugid, *str_id, NULL, 0);
1603 return 0;
1604 }
1605
1606 memset(str_buf, 0, sizeof(str_buf));
1607 len_copied = strlcpy(str_buf, str, MAX_STR_LEN + 1);
1608 *str_id = kernel_debug_string_internal(debugid, *str_id, str_buf,
1609 len_copied);
1610 return 0;
1611 }
1612
1613 /*
1614 * Support syscall kdebug_trace_string.
1615 */
1616 int
1617 kdebug_trace_string(__unused struct proc *p,
1618 struct kdebug_trace_string_args *uap,
1619 uint64_t *retval)
1620 {
1621 __attribute__((aligned(sizeof(uintptr_t)))) char str_buf[STR_BUF_SIZE];
1622 assert_static(sizeof(str_buf) > MAX_STR_LEN);
1623 size_t len_copied;
1624 int err;
1625
1626 if (__probable(kdebug_enable == 0)) {
1627 return 0;
1628 }
1629
1630 if (!kdebug_current_proc_enabled(uap->debugid)) {
1631 return 0;
1632 }
1633
1634 if (!kdebug_debugid_enabled(uap->debugid)) {
1635 return 0;
1636 }
1637
1638 if ((err = kdebug_check_trace_string(uap->debugid, uap->str_id)) != 0) {
1639 return err;
1640 }
1641
1642 if (uap->str == USER_ADDR_NULL) {
1643 if (uap->str_id == 0) {
1644 return EINVAL;
1645 }
1646
1647 *retval = kernel_debug_string_internal(uap->debugid, uap->str_id,
1648 NULL, 0);
1649 return 0;
1650 }
1651
1652 memset(str_buf, 0, sizeof(str_buf));
1653 err = copyinstr(uap->str, str_buf, MAX_STR_LEN + 1, &len_copied);
1654
1655 /* it's alright to truncate the string, so allow ENAMETOOLONG */
1656 if (err == ENAMETOOLONG) {
1657 str_buf[MAX_STR_LEN] = '\0';
1658 } else if (err) {
1659 return err;
1660 }
1661
1662 if (len_copied <= 1) {
1663 return EINVAL;
1664 }
1665
1666 /* convert back to a length */
1667 len_copied--;
1668
1669 *retval = kernel_debug_string_internal(uap->debugid, uap->str_id, str_buf,
1670 len_copied);
1671 return 0;
1672 }
1673
1674 static void
1675 kdbg_lock_init(void)
1676 {
1677 if (kd_ctrl_page.kdebug_flags & KDBG_LOCKINIT)
1678 return;
1679
1680 /*
1681 * allocate lock group attribute and group
1682 */
1683 kd_trace_mtx_sysctl_grp_attr = lck_grp_attr_alloc_init();
1684 kd_trace_mtx_sysctl_grp = lck_grp_alloc_init("kdebug", kd_trace_mtx_sysctl_grp_attr);
1685
1686 /*
1687 * allocate the lock attribute
1688 */
1689 kd_trace_mtx_sysctl_attr = lck_attr_alloc_init();
1690
1691
1692 /*
1693 * allocate and initialize mutex's
1694 */
1695 kd_trace_mtx_sysctl = lck_mtx_alloc_init(kd_trace_mtx_sysctl_grp, kd_trace_mtx_sysctl_attr);
1696 kds_spin_lock = lck_spin_alloc_init(kd_trace_mtx_sysctl_grp, kd_trace_mtx_sysctl_attr);
1697 kdw_spin_lock = lck_spin_alloc_init(kd_trace_mtx_sysctl_grp, kd_trace_mtx_sysctl_attr);
1698
1699 kd_ctrl_page.kdebug_flags |= KDBG_LOCKINIT;
1700 }
1701
1702
1703 int
1704 kdbg_bootstrap(boolean_t early_trace)
1705 {
1706 kd_ctrl_page.kdebug_flags &= ~KDBG_WRAPPED;
1707
1708 return (create_buffers(early_trace));
1709 }
1710
1711 int
1712 kdbg_reinit(boolean_t early_trace)
1713 {
1714 int ret = 0;
1715
1716 /*
1717 * Disable trace collecting
1718 * First make sure we're not in
1719 * the middle of cutting a trace
1720 */
1721 kdbg_set_tracing_enabled(FALSE, KDEBUG_ENABLE_TRACE);
1722
1723 /*
1724 * make sure the SLOW_NOLOG is seen
1725 * by everyone that might be trying
1726 * to cut a trace..
1727 */
1728 IOSleep(100);
1729
1730 delete_buffers();
1731
1732 if ((kd_ctrl_page.kdebug_flags & KDBG_MAPINIT) && kd_mapsize && kd_mapptr) {
1733 kmem_free(kernel_map, (vm_offset_t)kd_mapptr, kd_mapsize);
1734 kd_ctrl_page.kdebug_flags &= ~KDBG_MAPINIT;
1735 kd_mapsize = 0;
1736 kd_mapptr = NULL;
1737 kd_mapcount = 0;
1738 }
1739 ret = kdbg_bootstrap(early_trace);
1740
1741 RAW_file_offset = 0;
1742 RAW_file_written = 0;
1743
1744 return(ret);
1745 }
1746
1747 void
1748 kdbg_trace_data(struct proc *proc, long *arg_pid)
1749 {
1750 if (!proc)
1751 *arg_pid = 0;
1752 else
1753 *arg_pid = proc->p_pid;
1754 }
1755
1756
1757 void
1758 kdbg_trace_string(struct proc *proc, long *arg1, long *arg2, long *arg3, long *arg4)
1759 {
1760 char *dbg_nameptr;
1761 int dbg_namelen;
1762 long dbg_parms[4];
1763
1764 if (!proc) {
1765 *arg1 = 0;
1766 *arg2 = 0;
1767 *arg3 = 0;
1768 *arg4 = 0;
1769 return;
1770 }
1771 /*
1772 * Collect the pathname for tracing
1773 */
1774 dbg_nameptr = proc->p_comm;
1775 dbg_namelen = (int)strlen(proc->p_comm);
1776 dbg_parms[0]=0L;
1777 dbg_parms[1]=0L;
1778 dbg_parms[2]=0L;
1779 dbg_parms[3]=0L;
1780
1781 if(dbg_namelen > (int)sizeof(dbg_parms))
1782 dbg_namelen = (int)sizeof(dbg_parms);
1783
1784 strncpy((char *)dbg_parms, dbg_nameptr, dbg_namelen);
1785
1786 *arg1=dbg_parms[0];
1787 *arg2=dbg_parms[1];
1788 *arg3=dbg_parms[2];
1789 *arg4=dbg_parms[3];
1790 }
1791
1792 static void
1793 kdbg_resolve_map(thread_t th_act, void *opaque)
1794 {
1795 kd_threadmap *mapptr;
1796 krt_t *t = (krt_t *)opaque;
1797
1798 if (t->count < t->maxcount) {
1799 mapptr = &t->map[t->count];
1800 mapptr->thread = (uintptr_t)thread_tid(th_act);
1801
1802 (void) strlcpy (mapptr->command, t->atts->task_comm,
1803 sizeof(t->atts->task_comm));
1804 /*
1805 * Some kernel threads have no associated pid.
1806 * We still need to mark the entry as valid.
1807 */
1808 if (t->atts->pid)
1809 mapptr->valid = t->atts->pid;
1810 else
1811 mapptr->valid = 1;
1812
1813 t->count++;
1814 }
1815 }
1816
1817 /*
1818 *
1819 * Writes a cpumap for the given iops_list/cpu_count to the provided buffer.
1820 *
1821 * You may provide a buffer and size, or if you set the buffer to NULL, a
1822 * buffer of sufficient size will be allocated.
1823 *
1824 * If you provide a buffer and it is too small, sets cpumap_size to the number
1825 * of bytes required and returns EINVAL.
1826 *
1827 * On success, if you provided a buffer, cpumap_size is set to the number of
1828 * bytes written. If you did not provide a buffer, cpumap is set to the newly
1829 * allocated buffer and cpumap_size is set to the number of bytes allocated.
1830 *
1831 * NOTE: It may seem redundant to pass both iops and a cpu_count.
1832 *
1833 * We may be reporting data from "now", or from the "past".
1834 *
1835 * The "now" data would be for something like kdbg_readcurcpumap().
1836 * The "past" data would be for kdbg_readcpumap().
1837 *
1838 * If we do not pass both iops and cpu_count, and iops is NULL, this function
1839 * will need to read "now" state to get the number of cpus, which would be in
1840 * error if we were reporting "past" state.
1841 */
1842
1843 int
1844 kdbg_cpumap_init_internal(kd_iop_t* iops, uint32_t cpu_count, uint8_t** cpumap, uint32_t* cpumap_size)
1845 {
1846 assert(cpumap);
1847 assert(cpumap_size);
1848 assert(cpu_count);
1849 assert(!iops || iops->cpu_id + 1 == cpu_count);
1850
1851 uint32_t bytes_needed = sizeof(kd_cpumap_header) + cpu_count * sizeof(kd_cpumap);
1852 uint32_t bytes_available = *cpumap_size;
1853 *cpumap_size = bytes_needed;
1854
1855 if (*cpumap == NULL) {
1856 if (kmem_alloc(kernel_map, (vm_offset_t*)cpumap, (vm_size_t)*cpumap_size, VM_KERN_MEMORY_DIAG) != KERN_SUCCESS) {
1857 return ENOMEM;
1858 }
1859 } else if (bytes_available < bytes_needed) {
1860 return EINVAL;
1861 }
1862
1863 kd_cpumap_header* header = (kd_cpumap_header*)(uintptr_t)*cpumap;
1864
1865 header->version_no = RAW_VERSION1;
1866 header->cpu_count = cpu_count;
1867
1868 kd_cpumap* cpus = (kd_cpumap*)&header[1];
1869
1870 int32_t index = cpu_count - 1;
1871 while (iops) {
1872 cpus[index].cpu_id = iops->cpu_id;
1873 cpus[index].flags = KDBG_CPUMAP_IS_IOP;
1874 bzero(cpus[index].name, sizeof(cpus->name));
1875 strlcpy(cpus[index].name, iops->callback.iop_name, sizeof(cpus->name));
1876
1877 iops = iops->next;
1878 index--;
1879 }
1880
1881 while (index >= 0) {
1882 cpus[index].cpu_id = index;
1883 cpus[index].flags = 0;
1884 bzero(cpus[index].name, sizeof(cpus->name));
1885 strlcpy(cpus[index].name, "AP", sizeof(cpus->name));
1886
1887 index--;
1888 }
1889
1890 return KERN_SUCCESS;
1891 }
1892
1893 void
1894 kdbg_thrmap_init(void)
1895 {
1896 if (kd_ctrl_page.kdebug_flags & KDBG_MAPINIT)
1897 return;
1898
1899 kd_mapptr = kdbg_thrmap_init_internal(0, &kd_mapsize, &kd_mapcount);
1900
1901 if (kd_mapptr)
1902 kd_ctrl_page.kdebug_flags |= KDBG_MAPINIT;
1903 }
1904
1905
1906 kd_threadmap* kdbg_thrmap_init_internal(unsigned int count, unsigned int *mapsize, unsigned int *mapcount)
1907 {
1908 kd_threadmap *mapptr;
1909 struct proc *p;
1910 struct krt akrt;
1911 int tts_count; /* number of task-to-string structures */
1912 struct tts *tts_mapptr;
1913 unsigned int tts_mapsize = 0;
1914 int i;
1915 vm_offset_t kaddr;
1916
1917 /*
1918 * need to use PROC_SCANPROCLIST with proc_iterate
1919 */
1920 proc_list_lock();
1921
1922 /*
1923 * Calculate the sizes of map buffers
1924 */
1925 for (p = allproc.lh_first, *mapcount=0, tts_count=0; p; p = p->p_list.le_next) {
1926 *mapcount += get_task_numacts((task_t)p->task);
1927 tts_count++;
1928 }
1929 proc_list_unlock();
1930
1931 /*
1932 * The proc count could change during buffer allocation,
1933 * so introduce a small fudge factor to bump up the
1934 * buffer sizes. This gives new tasks some chance of
1935 * making into the tables. Bump up by 25%.
1936 */
1937 *mapcount += *mapcount/4;
1938 tts_count += tts_count/4;
1939
1940 *mapsize = *mapcount * sizeof(kd_threadmap);
1941
1942 if (count && count < *mapcount)
1943 return (0);
1944
1945 if ((kmem_alloc(kernel_map, &kaddr, (vm_size_t)*mapsize, VM_KERN_MEMORY_DIAG) == KERN_SUCCESS)) {
1946 bzero((void *)kaddr, *mapsize);
1947 mapptr = (kd_threadmap *)kaddr;
1948 } else
1949 return (0);
1950
1951 tts_mapsize = tts_count * sizeof(struct tts);
1952
1953 if ((kmem_alloc(kernel_map, &kaddr, (vm_size_t)tts_mapsize, VM_KERN_MEMORY_DIAG) == KERN_SUCCESS)) {
1954 bzero((void *)kaddr, tts_mapsize);
1955 tts_mapptr = (struct tts *)kaddr;
1956 } else {
1957 kmem_free(kernel_map, (vm_offset_t)mapptr, *mapsize);
1958
1959 return (0);
1960 }
1961 /*
1962 * We need to save the procs command string
1963 * and take a reference for each task associated
1964 * with a valid process
1965 */
1966
1967 proc_list_lock();
1968
1969 /*
1970 * should use proc_iterate
1971 */
1972 for (p = allproc.lh_first, i=0; p && i < tts_count; p = p->p_list.le_next) {
1973 if (p->p_lflag & P_LEXIT)
1974 continue;
1975
1976 if (p->task) {
1977 task_reference(p->task);
1978 tts_mapptr[i].task = p->task;
1979 tts_mapptr[i].pid = p->p_pid;
1980 (void)strlcpy(tts_mapptr[i].task_comm, p->p_comm, sizeof(tts_mapptr[i].task_comm));
1981 i++;
1982 }
1983 }
1984 tts_count = i;
1985
1986 proc_list_unlock();
1987
1988 /*
1989 * Initialize thread map data
1990 */
1991 akrt.map = mapptr;
1992 akrt.count = 0;
1993 akrt.maxcount = *mapcount;
1994
1995 for (i = 0; i < tts_count; i++) {
1996 akrt.atts = &tts_mapptr[i];
1997 task_act_iterate_wth_args(tts_mapptr[i].task, kdbg_resolve_map, &akrt);
1998 task_deallocate((task_t) tts_mapptr[i].task);
1999 }
2000 kmem_free(kernel_map, (vm_offset_t)tts_mapptr, tts_mapsize);
2001
2002 *mapcount = akrt.count;
2003
2004 return (mapptr);
2005 }
2006
2007 static void
2008 kdbg_clear(void)
2009 {
2010 /*
2011 * Clean up the trace buffer
2012 * First make sure we're not in
2013 * the middle of cutting a trace
2014 */
2015 kdbg_set_tracing_enabled(FALSE, KDEBUG_ENABLE_TRACE);
2016 kdbg_disable_typefilter();
2017
2018 /*
2019 * make sure the SLOW_NOLOG is seen
2020 * by everyone that might be trying
2021 * to cut a trace..
2022 */
2023 IOSleep(100);
2024
2025 global_state_pid = -1;
2026 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
2027 kd_ctrl_page.kdebug_flags &= ~(KDBG_NOWRAP | KDBG_RANGECHECK | KDBG_VALCHECK);
2028 kd_ctrl_page.kdebug_flags &= ~(KDBG_PIDCHECK | KDBG_PIDEXCLUDE);
2029
2030 kdbg_deallocate_typefilter();
2031 delete_buffers();
2032 nkdbufs = 0;
2033
2034 /* Clean up the thread map buffer */
2035 kd_ctrl_page.kdebug_flags &= ~KDBG_MAPINIT;
2036 if (kd_mapptr) {
2037 kmem_free(kernel_map, (vm_offset_t)kd_mapptr, kd_mapsize);
2038 kd_mapptr = (kd_threadmap *) 0;
2039 }
2040 kd_mapsize = 0;
2041 kd_mapcount = 0;
2042
2043 RAW_file_offset = 0;
2044 RAW_file_written = 0;
2045 }
2046
2047 int
2048 kdbg_setpid(kd_regtype *kdr)
2049 {
2050 pid_t pid;
2051 int flag, ret=0;
2052 struct proc *p;
2053
2054 pid = (pid_t)kdr->value1;
2055 flag = (int)kdr->value2;
2056
2057 if (pid > 0) {
2058 if ((p = proc_find(pid)) == NULL)
2059 ret = ESRCH;
2060 else {
2061 if (flag == 1) {
2062 /*
2063 * turn on pid check for this and all pids
2064 */
2065 kd_ctrl_page.kdebug_flags |= KDBG_PIDCHECK;
2066 kd_ctrl_page.kdebug_flags &= ~KDBG_PIDEXCLUDE;
2067 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
2068
2069 p->p_kdebug = 1;
2070 } else {
2071 /*
2072 * turn off pid check for this pid value
2073 * Don't turn off all pid checking though
2074 *
2075 * kd_ctrl_page.kdebug_flags &= ~KDBG_PIDCHECK;
2076 */
2077 p->p_kdebug = 0;
2078 }
2079 proc_rele(p);
2080 }
2081 }
2082 else
2083 ret = EINVAL;
2084
2085 return(ret);
2086 }
2087
2088 /* This is for pid exclusion in the trace buffer */
2089 int
2090 kdbg_setpidex(kd_regtype *kdr)
2091 {
2092 pid_t pid;
2093 int flag, ret=0;
2094 struct proc *p;
2095
2096 pid = (pid_t)kdr->value1;
2097 flag = (int)kdr->value2;
2098
2099 if (pid > 0) {
2100 if ((p = proc_find(pid)) == NULL)
2101 ret = ESRCH;
2102 else {
2103 if (flag == 1) {
2104 /*
2105 * turn on pid exclusion
2106 */
2107 kd_ctrl_page.kdebug_flags |= KDBG_PIDEXCLUDE;
2108 kd_ctrl_page.kdebug_flags &= ~KDBG_PIDCHECK;
2109 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
2110
2111 p->p_kdebug = 1;
2112 }
2113 else {
2114 /*
2115 * turn off pid exclusion for this pid value
2116 * Don't turn off all pid exclusion though
2117 *
2118 * kd_ctrl_page.kdebug_flags &= ~KDBG_PIDEXCLUDE;
2119 */
2120 p->p_kdebug = 0;
2121 }
2122 proc_rele(p);
2123 }
2124 } else
2125 ret = EINVAL;
2126
2127 return(ret);
2128 }
2129
2130
2131 /*
2132 * This is for setting a maximum decrementer value
2133 */
2134 int
2135 kdbg_setrtcdec(kd_regtype *kdr)
2136 {
2137 int ret = 0;
2138 natural_t decval;
2139
2140 decval = (natural_t)kdr->value1;
2141
2142 if (decval && decval < KDBG_MINRTCDEC)
2143 ret = EINVAL;
2144 else
2145 ret = ENOTSUP;
2146
2147 return(ret);
2148 }
2149
2150 int
2151 kdbg_enable_typefilter(void)
2152 {
2153 int ret;
2154
2155 /* Allocate memory for bitmap if not already allocated */
2156 ret = kdbg_allocate_typefilter();
2157 if (ret) {
2158 return ret;
2159 }
2160
2161 /* Turn off range and value checks */
2162 kd_ctrl_page.kdebug_flags &= ~(KDBG_RANGECHECK | KDBG_VALCHECK);
2163
2164 /* Enable filter checking */
2165 kd_ctrl_page.kdebug_flags |= KDBG_TYPEFILTER_CHECK;
2166 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
2167 return 0;
2168 }
2169
2170 int
2171 kdbg_disable_typefilter(void)
2172 {
2173 /* Disable filter checking */
2174 kd_ctrl_page.kdebug_flags &= ~KDBG_TYPEFILTER_CHECK;
2175
2176 /* Turn off slow checks unless pid checks are using them */
2177 if ( (kd_ctrl_page.kdebug_flags & (KDBG_PIDCHECK | KDBG_PIDEXCLUDE)) )
2178 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
2179 else
2180 kdbg_set_flags(SLOW_CHECKS, 0, FALSE);
2181
2182 /* typefilter bitmap will be deallocated later */
2183
2184 return 0;
2185 }
2186
2187 static int
2188 kdbg_allocate_typefilter(void)
2189 {
2190 if (type_filter_bitmap == NULL) {
2191 vm_offset_t bitmap = 0;
2192
2193 if (kmem_alloc(kernel_map, &bitmap, KDBG_TYPEFILTER_BITMAP_SIZE, VM_KERN_MEMORY_DIAG) != KERN_SUCCESS) {
2194 return ENOSPC;
2195 }
2196
2197 bzero((void *)bitmap, KDBG_TYPEFILTER_BITMAP_SIZE);
2198
2199 if (!OSCompareAndSwapPtr(NULL, (void *)bitmap, &type_filter_bitmap)) {
2200 kmem_free(kernel_map, bitmap, KDBG_TYPEFILTER_BITMAP_SIZE);
2201 return 0; /* someone assigned a buffer */
2202 }
2203 } else {
2204 bzero(type_filter_bitmap, KDBG_TYPEFILTER_BITMAP_SIZE);
2205 }
2206
2207 return 0;
2208 }
2209
2210 static int
2211 kdbg_deallocate_typefilter(void)
2212 {
2213 if(type_filter_bitmap) {
2214 vm_offset_t bitmap = (vm_offset_t)type_filter_bitmap;
2215
2216 if (OSCompareAndSwapPtr((void *)bitmap, NULL, &type_filter_bitmap)) {
2217 kmem_free(kernel_map, bitmap, KDBG_TYPEFILTER_BITMAP_SIZE);
2218 return 0;
2219 } else {
2220 /* already swapped */
2221 }
2222 }
2223
2224 return 0;
2225 }
2226
2227 int
2228 kdbg_setreg(kd_regtype * kdr)
2229 {
2230 int ret=0;
2231 unsigned int val_1, val_2, val;
2232 switch (kdr->type) {
2233
2234 case KDBG_CLASSTYPE :
2235 val_1 = (kdr->value1 & 0xff);
2236 val_2 = (kdr->value2 & 0xff);
2237 kdlog_beg = (val_1<<24);
2238 kdlog_end = (val_2<<24);
2239 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
2240 kd_ctrl_page.kdebug_flags &= ~KDBG_VALCHECK; /* Turn off specific value check */
2241 kd_ctrl_page.kdebug_flags |= (KDBG_RANGECHECK | KDBG_CLASSTYPE);
2242 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
2243 break;
2244 case KDBG_SUBCLSTYPE :
2245 val_1 = (kdr->value1 & 0xff);
2246 val_2 = (kdr->value2 & 0xff);
2247 val = val_2 + 1;
2248 kdlog_beg = ((val_1<<24) | (val_2 << 16));
2249 kdlog_end = ((val_1<<24) | (val << 16));
2250 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
2251 kd_ctrl_page.kdebug_flags &= ~KDBG_VALCHECK; /* Turn off specific value check */
2252 kd_ctrl_page.kdebug_flags |= (KDBG_RANGECHECK | KDBG_SUBCLSTYPE);
2253 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
2254 break;
2255 case KDBG_RANGETYPE :
2256 kdlog_beg = (kdr->value1);
2257 kdlog_end = (kdr->value2);
2258 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
2259 kd_ctrl_page.kdebug_flags &= ~KDBG_VALCHECK; /* Turn off specific value check */
2260 kd_ctrl_page.kdebug_flags |= (KDBG_RANGECHECK | KDBG_RANGETYPE);
2261 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
2262 break;
2263 case KDBG_VALCHECK:
2264 kdlog_value1 = (kdr->value1);
2265 kdlog_value2 = (kdr->value2);
2266 kdlog_value3 = (kdr->value3);
2267 kdlog_value4 = (kdr->value4);
2268 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
2269 kd_ctrl_page.kdebug_flags &= ~KDBG_RANGECHECK; /* Turn off range check */
2270 kd_ctrl_page.kdebug_flags |= KDBG_VALCHECK; /* Turn on specific value check */
2271 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
2272 break;
2273 case KDBG_TYPENONE :
2274 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
2275
2276 if ( (kd_ctrl_page.kdebug_flags & (KDBG_RANGECHECK | KDBG_VALCHECK |
2277 KDBG_PIDCHECK | KDBG_PIDEXCLUDE |
2278 KDBG_TYPEFILTER_CHECK)) )
2279 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
2280 else
2281 kdbg_set_flags(SLOW_CHECKS, 0, FALSE);
2282
2283 kdlog_beg = 0;
2284 kdlog_end = 0;
2285 break;
2286 default :
2287 ret = EINVAL;
2288 break;
2289 }
2290 return(ret);
2291 }
2292
2293 int
2294 kdbg_getreg(__unused kd_regtype * kdr)
2295 {
2296 #if 0
2297 int i,j, ret=0;
2298 unsigned int val_1, val_2, val;
2299
2300 switch (kdr->type) {
2301 case KDBG_CLASSTYPE :
2302 val_1 = (kdr->value1 & 0xff);
2303 val_2 = val_1 + 1;
2304 kdlog_beg = (val_1<<24);
2305 kdlog_end = (val_2<<24);
2306 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
2307 kd_ctrl_page.kdebug_flags |= (KDBG_RANGECHECK | KDBG_CLASSTYPE);
2308 break;
2309 case KDBG_SUBCLSTYPE :
2310 val_1 = (kdr->value1 & 0xff);
2311 val_2 = (kdr->value2 & 0xff);
2312 val = val_2 + 1;
2313 kdlog_beg = ((val_1<<24) | (val_2 << 16));
2314 kdlog_end = ((val_1<<24) | (val << 16));
2315 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
2316 kd_ctrl_page.kdebug_flags |= (KDBG_RANGECHECK | KDBG_SUBCLSTYPE);
2317 break;
2318 case KDBG_RANGETYPE :
2319 kdlog_beg = (kdr->value1);
2320 kdlog_end = (kdr->value2);
2321 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
2322 kd_ctrl_page.kdebug_flags |= (KDBG_RANGECHECK | KDBG_RANGETYPE);
2323 break;
2324 case KDBG_TYPENONE :
2325 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
2326 kdlog_beg = 0;
2327 kdlog_end = 0;
2328 break;
2329 default :
2330 ret = EINVAL;
2331 break;
2332 }
2333 #endif /* 0 */
2334 return(EINVAL);
2335 }
2336
2337 static int
2338 kdbg_write_to_vnode(caddr_t buffer, size_t size, vnode_t vp, vfs_context_t ctx, off_t file_offset)
2339 {
2340 return vn_rdwr(UIO_WRITE, vp, buffer, size, file_offset, UIO_SYSSPACE, IO_NODELOCKED|IO_UNIT,
2341 vfs_context_ucred(ctx), (int *) 0, vfs_context_proc(ctx));
2342 }
2343
2344 int
2345 kdbg_write_v3_chunk_header(user_addr_t buffer, uint32_t tag, uint32_t sub_tag, uint64_t length, vnode_t vp, vfs_context_t ctx)
2346 {
2347 int ret = KERN_SUCCESS;
2348 kd_chunk_header_v3 header;
2349
2350 header.tag = tag;
2351 header.sub_tag = sub_tag;
2352 header.length = length;
2353
2354 // Check that only one of them is valid
2355 assert(!buffer ^ !vp);
2356 assert((vp == NULL) || (ctx != NULL));
2357
2358 // Write the 8-byte future_chunk_timestamp field in the payload
2359 if (buffer || vp) {
2360 if (vp) {
2361 ret = kdbg_write_to_vnode((caddr_t)&header, sizeof(kd_chunk_header_v3), vp, ctx, RAW_file_offset);
2362 if (ret) {
2363 goto write_error;
2364 }
2365 RAW_file_offset += (sizeof(kd_chunk_header_v3));
2366 }
2367 else {
2368 ret = copyout(&header, buffer, sizeof(kd_chunk_header_v3));
2369 if (ret) {
2370 goto write_error;
2371 }
2372 }
2373 }
2374 write_error:
2375 return ret;
2376 }
2377
2378 int
2379 kdbg_write_v3_chunk_header_to_buffer(void * buffer, uint32_t tag, uint32_t sub_tag, uint64_t length)
2380 {
2381 kd_chunk_header_v3 header;
2382
2383 header.tag = tag;
2384 header.sub_tag = sub_tag;
2385 header.length = length;
2386
2387 if (!buffer) {
2388 return 0;
2389 }
2390
2391 memcpy(buffer, &header, sizeof(kd_chunk_header_v3));
2392
2393 return (sizeof(kd_chunk_header_v3));
2394 }
2395
2396 int
2397 kdbg_write_v3_chunk_to_fd(uint32_t tag, uint32_t sub_tag, uint64_t length, void *payload, uint64_t payload_size, int fd)
2398 {
2399 proc_t p;
2400 struct vfs_context context;
2401 struct fileproc *fp;
2402 vnode_t vp;
2403 p = current_proc();
2404
2405 proc_fdlock(p);
2406 if ( (fp_lookup(p, fd, &fp, 1)) ) {
2407 proc_fdunlock(p);
2408 return EFAULT;
2409 }
2410
2411 context.vc_thread = current_thread();
2412 context.vc_ucred = fp->f_fglob->fg_cred;
2413
2414 if (FILEGLOB_DTYPE(fp->f_fglob) != DTYPE_VNODE) {
2415 fp_drop(p, fd, fp, 1);
2416 proc_fdunlock(p);
2417 return EBADF;
2418 }
2419 vp = (struct vnode *) fp->f_fglob->fg_data;
2420 proc_fdunlock(p);
2421
2422 if ( (vnode_getwithref(vp)) == 0 ) {
2423 RAW_file_offset = fp->f_fglob->fg_offset;
2424
2425 kd_chunk_header_v3 chunk_header = { .tag = tag, .sub_tag = sub_tag, .length = length };
2426
2427 int ret = kdbg_write_to_vnode((caddr_t) &chunk_header, sizeof(kd_chunk_header_v3), vp, &context, RAW_file_offset);
2428 if (!ret) {
2429 RAW_file_offset += sizeof(kd_chunk_header_v3);
2430 }
2431
2432 ret = kdbg_write_to_vnode((caddr_t) payload, (size_t) payload_size, vp, &context, RAW_file_offset);
2433 if (!ret) {
2434 RAW_file_offset += payload_size;
2435 }
2436
2437 fp->f_fglob->fg_offset = RAW_file_offset;
2438 vnode_put(vp);
2439 }
2440
2441 fp_drop(p, fd, fp, 0);
2442 return KERN_SUCCESS;
2443 }
2444
2445 user_addr_t
2446 kdbg_write_v3_event_chunk_header(user_addr_t buffer, uint32_t tag, uint64_t length, vnode_t vp, vfs_context_t ctx)
2447 {
2448 uint64_t future_chunk_timestamp = 0;
2449 length += sizeof(uint64_t);
2450
2451 if (kdbg_write_v3_chunk_header(buffer, tag, V3_EVENT_DATA_VERSION, length, vp, ctx)) {
2452 return 0;
2453 }
2454 if (buffer) {
2455 buffer += sizeof(kd_chunk_header_v3);
2456 }
2457
2458 // Check that only one of them is valid
2459 assert(!buffer ^ !vp);
2460 assert((vp == NULL) || (ctx != NULL));
2461
2462 // Write the 8-byte future_chunk_timestamp field in the payload
2463 if (buffer || vp) {
2464 if (vp) {
2465 int ret = kdbg_write_to_vnode((caddr_t)&future_chunk_timestamp, sizeof(uint64_t), vp, ctx, RAW_file_offset);
2466 if (!ret) {
2467 RAW_file_offset += (sizeof(uint64_t));
2468 }
2469 }
2470 else {
2471 if (copyout(&future_chunk_timestamp, buffer, sizeof(uint64_t))) {
2472 return 0;
2473 }
2474 }
2475 }
2476
2477 return (buffer + sizeof(uint64_t));
2478 }
2479
2480 int
2481 kdbg_write_v3_header(user_addr_t user_header, size_t *user_header_size, int fd)
2482 {
2483 int ret = KERN_SUCCESS;
2484 kd_header_v3 header;
2485
2486 uint8_t* cpumap = 0;
2487 uint32_t cpumap_size = 0;
2488 uint32_t thrmap_size = 0;
2489
2490 size_t bytes_needed = 0;
2491
2492 // Check that only one of them is valid
2493 assert(!user_header ^ !fd);
2494 assert(user_header_size);
2495
2496 if ( !(kd_ctrl_page.kdebug_flags & KDBG_BUFINIT) ) {
2497 ret = EINVAL;
2498 goto bail;
2499 }
2500
2501 if ( !(user_header || fd) ) {
2502 ret = EINVAL;
2503 goto bail;
2504 }
2505
2506 // Initialize the cpu map
2507 ret = kdbg_cpumap_init_internal(kd_ctrl_page.kdebug_iops, kd_ctrl_page.kdebug_cpus, &cpumap, &cpumap_size);
2508 if (ret != KERN_SUCCESS) {
2509 goto bail;
2510 }
2511
2512 // Check if a thread map is initialized
2513 if ( !kd_mapptr ) {
2514 ret = EINVAL;
2515 goto bail;
2516 }
2517 thrmap_size = kd_mapcount * sizeof(kd_threadmap);
2518
2519 // Setup the header.
2520 // See v3 header description in sys/kdebug.h for more inforamtion.
2521
2522 header.tag = RAW_VERSION3;
2523 header.sub_tag = V3_HEADER_VERSION;
2524 header.length = ( sizeof(kd_header_v3) + cpumap_size - sizeof(kd_cpumap_header));
2525
2526 mach_timebase_info_data_t timebase = {0, 0};
2527 clock_timebase_info(&timebase);
2528 header.timebase_numer = timebase.numer;
2529 header.timebase_denom = timebase.denom;
2530 header.timestamp = 0;
2531 header.walltime_secs = 0;
2532 header.walltime_usecs = 0;
2533 header.timezone_minuteswest = 0;
2534 header.timezone_dst = 0;
2535
2536 #if defined __LP64__
2537 header.flags = 1;
2538 #else
2539 header.flags = 0;
2540 #endif
2541
2542 // If its a buffer, check if we have enough space to copy the header and the maps.
2543 if (user_header) {
2544 bytes_needed = header.length + thrmap_size + (2 * sizeof(kd_chunk_header_v3));
2545 if ( !user_header_size ) {
2546 ret = EINVAL;
2547 goto bail;
2548 }
2549 if (*user_header_size < bytes_needed) {
2550 ret = EINVAL;
2551 goto bail;
2552 }
2553 }
2554
2555 // Start writing the header
2556 if (fd) {
2557 void *hdr_ptr = (void *)(((uintptr_t) &header) + sizeof(kd_chunk_header_v3));
2558 size_t payload_size = (sizeof(kd_header_v3) - sizeof(kd_chunk_header_v3));
2559
2560 ret = kdbg_write_v3_chunk_to_fd(RAW_VERSION3, V3_HEADER_VERSION, header.length, hdr_ptr, payload_size, fd);
2561 if (ret) {
2562 goto bail;
2563 }
2564 }
2565 else {
2566 if (copyout(&header, user_header, sizeof(kd_header_v3))) {
2567 ret = EFAULT;
2568 goto bail;
2569 }
2570 // Update the user pointer
2571 user_header += sizeof(kd_header_v3);
2572 }
2573
2574 // Write a cpu map. This is a sub chunk of the header
2575 cpumap = (uint8_t*)((uintptr_t) cpumap + sizeof(kd_cpumap_header));
2576 size_t payload_size = (size_t)(cpumap_size - sizeof(kd_cpumap_header));
2577 if (fd) {
2578 ret = kdbg_write_v3_chunk_to_fd(V3_CPU_MAP, V3_CPUMAP_VERSION, payload_size, (void *)cpumap, payload_size, fd);
2579 if (ret) {
2580 goto bail;
2581 }
2582 }
2583 else {
2584 ret = kdbg_write_v3_chunk_header(user_header, V3_CPU_MAP, V3_CPUMAP_VERSION, payload_size, NULL, NULL);
2585 if (ret) {
2586 goto bail;
2587 }
2588 user_header += sizeof(kd_chunk_header_v3);
2589 if (copyout(cpumap, user_header, payload_size)) {
2590 ret = EFAULT;
2591 goto bail;
2592 }
2593 // Update the user pointer
2594 user_header += payload_size;
2595 }
2596
2597 // Write a thread map
2598 if (fd) {
2599 ret = kdbg_write_v3_chunk_to_fd(V3_THREAD_MAP, V3_THRMAP_VERSION, thrmap_size, (void *)kd_mapptr, thrmap_size, fd);
2600 if (ret) {
2601 goto bail;
2602 }
2603 }
2604 else {
2605 ret = kdbg_write_v3_chunk_header(user_header, V3_THREAD_MAP, V3_THRMAP_VERSION, thrmap_size, NULL, NULL);
2606 if (ret) {
2607 goto bail;
2608 }
2609 user_header += sizeof(kd_chunk_header_v3);
2610 if (copyout(kd_mapptr, user_header, thrmap_size)) {
2611 ret = EFAULT;
2612 goto bail;
2613 }
2614 user_header += thrmap_size;
2615 }
2616
2617 if (fd) {
2618 RAW_file_written += bytes_needed;
2619 }
2620
2621 *user_header_size = bytes_needed;
2622 bail:
2623 if (cpumap) {
2624 kmem_free(kernel_map, (vm_offset_t)cpumap, cpumap_size);
2625 }
2626 return (ret);
2627 }
2628
2629 int
2630 kdbg_readcpumap(user_addr_t user_cpumap, size_t *user_cpumap_size)
2631 {
2632 uint8_t* cpumap = NULL;
2633 uint32_t cpumap_size = 0;
2634 int ret = KERN_SUCCESS;
2635
2636 if (kd_ctrl_page.kdebug_flags & KDBG_BUFINIT) {
2637 if (kdbg_cpumap_init_internal(kd_ctrl_page.kdebug_iops, kd_ctrl_page.kdebug_cpus, &cpumap, &cpumap_size) == KERN_SUCCESS) {
2638 if (user_cpumap) {
2639 size_t bytes_to_copy = (*user_cpumap_size >= cpumap_size) ? cpumap_size : *user_cpumap_size;
2640 if (copyout(cpumap, user_cpumap, (size_t)bytes_to_copy)) {
2641 ret = EFAULT;
2642 }
2643 }
2644 *user_cpumap_size = cpumap_size;
2645 kmem_free(kernel_map, (vm_offset_t)cpumap, cpumap_size);
2646 } else
2647 ret = EINVAL;
2648 } else
2649 ret = EINVAL;
2650
2651 return (ret);
2652 }
2653
2654 int
2655 kdbg_readcurthrmap(user_addr_t buffer, size_t *bufsize)
2656 {
2657 kd_threadmap *mapptr;
2658 unsigned int mapsize;
2659 unsigned int mapcount;
2660 unsigned int count = 0;
2661 int ret = 0;
2662
2663 count = *bufsize/sizeof(kd_threadmap);
2664 *bufsize = 0;
2665
2666 if ( (mapptr = kdbg_thrmap_init_internal(count, &mapsize, &mapcount)) ) {
2667 if (copyout(mapptr, buffer, mapcount * sizeof(kd_threadmap)))
2668 ret = EFAULT;
2669 else
2670 *bufsize = (mapcount * sizeof(kd_threadmap));
2671
2672 kmem_free(kernel_map, (vm_offset_t)mapptr, mapsize);
2673 } else
2674 ret = EINVAL;
2675
2676 return (ret);
2677 }
2678
2679 static int
2680 kdbg_write_v1_plus_header(uint32_t count, vnode_t vp, vfs_context_t ctx)
2681 {
2682 int ret = 0;
2683 RAW_header header;
2684 clock_sec_t secs;
2685 clock_usec_t usecs;
2686 char *pad_buf;
2687 uint32_t pad_size;
2688 uint32_t extra_thread_count = 0;
2689 uint32_t cpumap_size;
2690 unsigned int mapsize = kd_mapcount * sizeof(kd_threadmap);
2691
2692 /*
2693 * To write a RAW_VERSION1+ file, we
2694 * must embed a cpumap in the "padding"
2695 * used to page align the events following
2696 * the threadmap. If the threadmap happens
2697 * to not require enough padding, we
2698 * artificially increase its footprint
2699 * until it needs enough padding.
2700 */
2701
2702 assert(vp);
2703 assert(ctx);
2704
2705 pad_size = PAGE_16KB - ((sizeof(RAW_header) + (count * sizeof(kd_threadmap))) & PAGE_MASK_64);
2706 cpumap_size = sizeof(kd_cpumap_header) + kd_ctrl_page.kdebug_cpus * sizeof(kd_cpumap);
2707
2708 if (cpumap_size > pad_size) {
2709 /* If the cpu map doesn't fit in the current available pad_size,
2710 * we increase the pad_size by 16K. We do this so that the event
2711 * data is always available on a page aligned boundary for both
2712 * 4k and 16k systems. We enforce this alignment for the event
2713 * data so that we can take advantage of optimized file/disk writes.*/
2714 pad_size += PAGE_16KB;
2715 }
2716
2717 /* The way we are silently embedding a cpumap in the "padding" is by artificially
2718 * increasing the number of thread entries. However, we'll also need to ensure that
2719 * the cpumap is embedded in the last 4K page before when the event data is expected.
2720 * This way the tools can read the data starting the next page boundary on both
2721 * 4K and 16K systems preserving compatibility with older versions of the tools
2722 */
2723 if (pad_size > PAGE_4KB) {
2724 pad_size -= PAGE_4KB;
2725 extra_thread_count = (pad_size / sizeof(kd_threadmap)) + 1;
2726 }
2727
2728 header.version_no = RAW_VERSION1;
2729 header.thread_count = count + extra_thread_count;
2730
2731 clock_get_calendar_microtime(&secs, &usecs);
2732 header.TOD_secs = secs;
2733 header.TOD_usecs = usecs;
2734
2735 ret = vn_rdwr(UIO_WRITE, vp, (caddr_t)&header, sizeof(RAW_header), RAW_file_offset,
2736 UIO_SYSSPACE, IO_NODELOCKED|IO_UNIT, vfs_context_ucred(ctx), (int *) 0, vfs_context_proc(ctx));
2737 if (ret)
2738 goto write_error;
2739 RAW_file_offset += sizeof(RAW_header);
2740
2741 ret = vn_rdwr(UIO_WRITE, vp, (caddr_t)kd_mapptr, mapsize, RAW_file_offset,
2742 UIO_SYSSPACE, IO_NODELOCKED|IO_UNIT, vfs_context_ucred(ctx), (int *) 0, vfs_context_proc(ctx));
2743 if (ret)
2744 goto write_error;
2745 RAW_file_offset += mapsize;
2746
2747 if (extra_thread_count) {
2748 pad_size = extra_thread_count * sizeof(kd_threadmap);
2749 pad_buf = (char *)kalloc(pad_size);
2750 if (!pad_buf) {
2751 ret = ENOMEM;
2752 goto write_error;
2753 }
2754 memset(pad_buf, 0, pad_size);
2755
2756 ret = vn_rdwr(UIO_WRITE, vp, (caddr_t)pad_buf, pad_size, RAW_file_offset,
2757 UIO_SYSSPACE, IO_NODELOCKED|IO_UNIT, vfs_context_ucred(ctx), (int *) 0, vfs_context_proc(ctx));
2758 kfree(pad_buf, pad_size);
2759
2760 if (ret)
2761 goto write_error;
2762 RAW_file_offset += pad_size;
2763
2764 }
2765
2766 pad_size = PAGE_SIZE - (RAW_file_offset & PAGE_MASK_64);
2767 if (pad_size) {
2768 pad_buf = (char *)kalloc(pad_size);
2769 if (!pad_buf) {
2770 ret = ENOMEM;
2771 goto write_error;
2772 }
2773 memset(pad_buf, 0, pad_size);
2774
2775 /*
2776 * embed a cpumap in the padding bytes.
2777 * older code will skip this.
2778 * newer code will know how to read it.
2779 */
2780 uint32_t temp = pad_size;
2781 if (kdbg_cpumap_init_internal(kd_ctrl_page.kdebug_iops, kd_ctrl_page.kdebug_cpus, (uint8_t**)&pad_buf, &temp) != KERN_SUCCESS) {
2782 memset(pad_buf, 0, pad_size);
2783 }
2784
2785 ret = vn_rdwr(UIO_WRITE, vp, (caddr_t)pad_buf, pad_size, RAW_file_offset,
2786 UIO_SYSSPACE, IO_NODELOCKED|IO_UNIT, vfs_context_ucred(ctx), (int *) 0, vfs_context_proc(ctx));
2787 kfree(pad_buf, pad_size);
2788
2789 if (ret)
2790 goto write_error;
2791 RAW_file_offset += pad_size;
2792 }
2793 RAW_file_written += sizeof(RAW_header) + mapsize + pad_size;
2794
2795 write_error:
2796 return ret;
2797 }
2798
2799 int
2800 kdbg_readthrmap(user_addr_t buffer, size_t *number, vnode_t vp, vfs_context_t ctx)
2801 {
2802
2803 int avail = 0;
2804 int ret = 0;
2805 uint32_t count = 0;
2806 unsigned int mapsize;
2807
2808 if ((!vp && !buffer) || (vp && buffer)) {
2809 return EINVAL;
2810 }
2811
2812 assert(number);
2813 assert((vp == NULL) || (ctx != NULL));
2814
2815 avail = *number;
2816 count = avail/sizeof (kd_threadmap);
2817 mapsize = kd_mapcount * sizeof(kd_threadmap);
2818
2819 if (count && (count <= kd_mapcount)) {
2820 if ((kd_ctrl_page.kdebug_flags & KDBG_MAPINIT) && kd_mapsize && kd_mapptr) {
2821 if (*number < mapsize)
2822 ret = EINVAL;
2823 else {
2824 if (vp) {
2825 ret = kdbg_write_v1_plus_header(count, vp, ctx);
2826 if (ret)
2827 goto write_error;
2828 }
2829 else {
2830 if (copyout(kd_mapptr, buffer, mapsize))
2831 ret = EINVAL;
2832 }
2833 }
2834 }
2835 else
2836 ret = EINVAL;
2837 }
2838 else
2839 ret = EINVAL;
2840
2841 if (ret && vp)
2842 {
2843 count = 0;
2844
2845 ret = kdbg_write_to_vnode((caddr_t)&count, sizeof(uint32_t), vp, ctx, RAW_file_offset);
2846 if (!ret) {
2847 RAW_file_offset += sizeof(uint32_t);
2848 RAW_file_written += sizeof(uint32_t);
2849 }
2850 }
2851 write_error:
2852 if ((kd_ctrl_page.kdebug_flags & KDBG_MAPINIT) && kd_mapsize && kd_mapptr)
2853 {
2854 kmem_free(kernel_map, (vm_offset_t)kd_mapptr, kd_mapsize);
2855 kd_ctrl_page.kdebug_flags &= ~KDBG_MAPINIT;
2856 kd_mapsize = 0;
2857 kd_mapptr = (kd_threadmap *) 0;
2858 kd_mapcount = 0;
2859 }
2860 return(ret);
2861 }
2862
2863 int
2864 kdbg_readthrmap_v3(user_addr_t buffer, size_t *number, int fd)
2865 {
2866 int avail = 0;
2867 int ret = 0;
2868 uint32_t count = 0;
2869 unsigned int mapsize;
2870
2871 if ((!fd && !buffer) || (fd && buffer)) {
2872 return EINVAL;
2873 }
2874
2875 assert(number);
2876
2877 avail = *number;
2878 count = avail/sizeof (kd_threadmap);
2879 mapsize = kd_mapcount * sizeof(kd_threadmap);
2880
2881 if (count && (count <= kd_mapcount)) {
2882 if ((kd_ctrl_page.kdebug_flags & KDBG_MAPINIT) && kd_mapsize && kd_mapptr) {
2883 if (*number < mapsize) {
2884 ret = EINVAL;
2885 }
2886 else {
2887 ret = kdbg_write_v3_header(buffer, number, fd);
2888 if (ret) {
2889 goto write_error;
2890 }
2891 }
2892 }
2893 else {
2894 ret = EINVAL;
2895 }
2896 }
2897 else {
2898 ret = EINVAL;
2899 }
2900 write_error:
2901 if ((kd_ctrl_page.kdebug_flags & KDBG_MAPINIT) && kd_mapsize && kd_mapptr) {
2902 kmem_free(kernel_map, (vm_offset_t)kd_mapptr, kd_mapsize);
2903 kd_ctrl_page.kdebug_flags &= ~KDBG_MAPINIT;
2904 kd_mapsize = 0;
2905 kd_mapptr = (kd_threadmap *) 0;
2906 kd_mapcount = 0;
2907 }
2908 return(ret);
2909 }
2910
2911
2912 static int
2913 kdbg_set_nkdbufs(unsigned int value)
2914 {
2915 /*
2916 * We allow a maximum buffer size of 50% of either ram or max mapped address, whichever is smaller
2917 * 'value' is the desired number of trace entries
2918 */
2919 unsigned int max_entries = (sane_size/2) / sizeof(kd_buf);
2920
2921 if (value <= max_entries)
2922 return (value);
2923 else
2924 return (max_entries);
2925 }
2926
2927
2928 static int
2929 kdbg_enable_bg_trace(void)
2930 {
2931 int ret = 0;
2932
2933 if (kdlog_bg_trace == TRUE && kdlog_bg_trace_running == FALSE && n_storage_buffers == 0) {
2934 nkdbufs = bg_nkdbufs;
2935 ret = kdbg_reinit(FALSE);
2936 if (0 == ret) {
2937 kdbg_set_tracing_enabled(TRUE, KDEBUG_ENABLE_TRACE);
2938 kdlog_bg_trace_running = TRUE;
2939 }
2940 wakeup(&kdlog_bg_trace);
2941 }
2942 return ret;
2943 }
2944
2945 static void
2946 kdbg_disable_bg_trace(void)
2947 {
2948 if (kdlog_bg_trace_running == TRUE) {
2949 kdlog_bg_trace_running = FALSE;
2950 kdbg_clear();
2951 }
2952 }
2953
2954
2955
2956 /*
2957 * This function is provided for the CHUD toolkit only.
2958 * int val:
2959 * zero disables kdebug_chudhook function call
2960 * non-zero enables kdebug_chudhook function call
2961 * char *fn:
2962 * address of the enabled kdebug_chudhook function
2963 */
2964
2965 void
2966 kdbg_control_chud(int val, void *fn)
2967 {
2968 kdbg_lock_init();
2969
2970 if (val) {
2971 /* enable chudhook */
2972 kdebug_chudhook = fn;
2973 kdbg_set_flags(SLOW_CHUD, KDEBUG_ENABLE_CHUD, TRUE);
2974 }
2975 else {
2976 /* disable chudhook */
2977 kdbg_set_flags(SLOW_CHUD, KDEBUG_ENABLE_CHUD, FALSE);
2978 kdebug_chudhook = 0;
2979 }
2980 }
2981
2982
2983 int
2984 kdbg_control(int *name, u_int namelen, user_addr_t where, size_t *sizep)
2985 {
2986 int ret = 0;
2987 size_t size = *sizep;
2988 unsigned int value = 0;
2989 kd_regtype kd_Reg;
2990 kbufinfo_t kd_bufinfo;
2991 pid_t curpid;
2992 proc_t p, curproc;
2993
2994 if (name[0] == KERN_KDGETENTROPY ||
2995 name[0] == KERN_KDWRITETR ||
2996 name[0] == KERN_KDWRITETR_V3 ||
2997 name[0] == KERN_KDWRITEMAP ||
2998 name[0] == KERN_KDWRITEMAP_V3 ||
2999 name[0] == KERN_KDEFLAGS ||
3000 name[0] == KERN_KDDFLAGS ||
3001 name[0] == KERN_KDENABLE ||
3002 name[0] == KERN_KDENABLE_BG_TRACE ||
3003 name[0] == KERN_KDSETBUF) {
3004
3005 if ( namelen < 2 )
3006 return(EINVAL);
3007 value = name[1];
3008 }
3009
3010 kdbg_lock_init();
3011
3012 if ( !(kd_ctrl_page.kdebug_flags & KDBG_LOCKINIT))
3013 return(ENOSPC);
3014
3015 lck_mtx_lock(kd_trace_mtx_sysctl);
3016
3017 switch(name[0]) {
3018 case KERN_KDGETBUF:
3019 /*
3020 * Does not alter the global_state_pid
3021 * This is a passive request.
3022 */
3023 if (size < sizeof(kd_bufinfo.nkdbufs)) {
3024 /*
3025 * There is not enough room to return even
3026 * the first element of the info structure.
3027 */
3028 ret = EINVAL;
3029 goto out;
3030 }
3031 kd_bufinfo.nkdbufs = nkdbufs;
3032 kd_bufinfo.nkdthreads = kd_mapcount;
3033
3034 if ( (kd_ctrl_page.kdebug_slowcheck & SLOW_NOLOG) )
3035 kd_bufinfo.nolog = 1;
3036 else
3037 kd_bufinfo.nolog = 0;
3038
3039 kd_bufinfo.flags = kd_ctrl_page.kdebug_flags;
3040 #if defined(__LP64__)
3041 kd_bufinfo.flags |= KDBG_LP64;
3042 #endif
3043 kd_bufinfo.bufid = global_state_pid;
3044
3045 if (size >= sizeof(kd_bufinfo)) {
3046 /*
3047 * Provide all the info we have
3048 */
3049 if (copyout(&kd_bufinfo, where, sizeof(kd_bufinfo)))
3050 ret = EINVAL;
3051 } else {
3052 /*
3053 * For backwards compatibility, only provide
3054 * as much info as there is room for.
3055 */
3056 if (copyout(&kd_bufinfo, where, size))
3057 ret = EINVAL;
3058 }
3059 goto out;
3060 case KERN_KDGETENTROPY: {
3061 /* Obsolescent - just fake with a random buffer */
3062 char *buffer = (char *) kalloc(size);
3063 read_frandom((void *) buffer, size);
3064 ret = copyout(buffer, where, size);
3065 kfree(buffer, size);
3066 goto out;
3067 }
3068
3069 case KERN_KDENABLE_BG_TRACE:
3070 bg_nkdbufs = kdbg_set_nkdbufs(value);
3071 kdlog_bg_trace = TRUE;
3072 ret = kdbg_enable_bg_trace();
3073 goto out;
3074
3075 case KERN_KDDISABLE_BG_TRACE:
3076 kdlog_bg_trace = FALSE;
3077 kdbg_disable_bg_trace();
3078 goto out;
3079
3080 case KERN_KDWAIT_BG_TRACE_RESET:
3081 if (!kdlog_bg_trace){
3082 ret = EINVAL;
3083 goto out;
3084 }
3085 wait_result_t wait_result = assert_wait(&kdlog_bg_trace, THREAD_ABORTSAFE);
3086 lck_mtx_unlock(kd_trace_mtx_sysctl);
3087 if (wait_result == THREAD_WAITING)
3088 wait_result = thread_block(THREAD_CONTINUE_NULL);
3089 if (wait_result == THREAD_INTERRUPTED)
3090 ret = EINTR;
3091 lck_mtx_lock(kd_trace_mtx_sysctl);
3092 goto out;
3093
3094 case KERN_KDSET_BG_TYPEFILTER:
3095 if (!kdlog_bg_trace || !kdlog_bg_trace_running){
3096 ret = EINVAL;
3097 goto out;
3098 }
3099
3100 if (size != KDBG_TYPEFILTER_BITMAP_SIZE) {
3101 ret = EINVAL;
3102 goto out;
3103 }
3104
3105 if ((kd_ctrl_page.kdebug_flags & KDBG_TYPEFILTER_CHECK) == 0){
3106 if ((ret = kdbg_enable_typefilter()))
3107 goto out;
3108 }
3109
3110 if (copyin(where, type_filter_bitmap, KDBG_TYPEFILTER_BITMAP_SIZE)) {
3111 ret = EINVAL;
3112 goto out;
3113 }
3114 kdbg_iop_list_callback(kd_ctrl_page.kdebug_iops, KD_CALLBACK_TYPEFILTER_CHANGED, type_filter_bitmap);
3115 goto out;
3116 }
3117
3118 if ((curproc = current_proc()) != NULL)
3119 curpid = curproc->p_pid;
3120 else {
3121 ret = ESRCH;
3122 goto out;
3123 }
3124 if (global_state_pid == -1)
3125 global_state_pid = curpid;
3126 else if (global_state_pid != curpid) {
3127 if ((p = proc_find(global_state_pid)) == NULL) {
3128 /*
3129 * The global pid no longer exists
3130 */
3131 global_state_pid = curpid;
3132 } else {
3133 /*
3134 * The global pid exists, deny this request
3135 */
3136 proc_rele(p);
3137
3138 ret = EBUSY;
3139 goto out;
3140 }
3141 }
3142
3143 switch(name[0]) {
3144 case KERN_KDEFLAGS:
3145 kdbg_disable_bg_trace();
3146
3147 value &= KDBG_USERFLAGS;
3148 kd_ctrl_page.kdebug_flags |= value;
3149 break;
3150 case KERN_KDDFLAGS:
3151 kdbg_disable_bg_trace();
3152
3153 value &= KDBG_USERFLAGS;
3154 kd_ctrl_page.kdebug_flags &= ~value;
3155 break;
3156 case KERN_KDENABLE:
3157 /*
3158 * Enable tracing mechanism. Two types:
3159 * KDEBUG_TRACE is the standard one,
3160 * and KDEBUG_PPT which is a carefully
3161 * chosen subset to avoid performance impact.
3162 */
3163 if (value) {
3164 /*
3165 * enable only if buffer is initialized
3166 */
3167 if (!(kd_ctrl_page.kdebug_flags & KDBG_BUFINIT) ||
3168 !(value == KDEBUG_ENABLE_TRACE || value == KDEBUG_ENABLE_PPT)) {
3169 ret = EINVAL;
3170 break;
3171 }
3172 kdbg_thrmap_init();
3173
3174 kdbg_set_tracing_enabled(TRUE, value);
3175 }
3176 else
3177 {
3178 kdbg_set_tracing_enabled(FALSE, 0);
3179 }
3180 break;
3181 case KERN_KDSETBUF:
3182 kdbg_disable_bg_trace();
3183
3184 nkdbufs = kdbg_set_nkdbufs(value);
3185 break;
3186 case KERN_KDSETUP:
3187 kdbg_disable_bg_trace();
3188
3189 ret = kdbg_reinit(FALSE);
3190 break;
3191 case KERN_KDREMOVE:
3192 kdbg_clear();
3193 ret = kdbg_enable_bg_trace();
3194 break;
3195 case KERN_KDSETREG:
3196 if(size < sizeof(kd_regtype)) {
3197 ret = EINVAL;
3198 break;
3199 }
3200 if (copyin(where, &kd_Reg, sizeof(kd_regtype))) {
3201 ret = EINVAL;
3202 break;
3203 }
3204 kdbg_disable_bg_trace();
3205
3206 ret = kdbg_setreg(&kd_Reg);
3207 break;
3208 case KERN_KDGETREG:
3209 if (size < sizeof(kd_regtype)) {
3210 ret = EINVAL;
3211 break;
3212 }
3213 ret = kdbg_getreg(&kd_Reg);
3214 if (copyout(&kd_Reg, where, sizeof(kd_regtype))) {
3215 ret = EINVAL;
3216 }
3217 kdbg_disable_bg_trace();
3218
3219 break;
3220 case KERN_KDREADTR:
3221 ret = kdbg_read(where, sizep, NULL, NULL, RAW_VERSION1);
3222 break;
3223 case KERN_KDWRITETR:
3224 case KERN_KDWRITETR_V3:
3225 case KERN_KDWRITEMAP:
3226 case KERN_KDWRITEMAP_V3:
3227 {
3228 struct vfs_context context;
3229 struct fileproc *fp;
3230 size_t number;
3231 vnode_t vp;
3232 int fd;
3233
3234 if (name[0] == KERN_KDWRITETR || name[0] == KERN_KDWRITETR_V3) {
3235 int s;
3236 int wait_result = THREAD_AWAKENED;
3237 u_int64_t abstime;
3238 u_int64_t ns;
3239
3240 if (*sizep) {
3241 ns = ((u_int64_t)*sizep) * (u_int64_t)(1000 * 1000);
3242 nanoseconds_to_absolutetime(ns, &abstime );
3243 clock_absolutetime_interval_to_deadline( abstime, &abstime );
3244 } else
3245 abstime = 0;
3246
3247 s = ml_set_interrupts_enabled(FALSE);
3248 lck_spin_lock(kdw_spin_lock);
3249
3250 while (wait_result == THREAD_AWAKENED && kd_ctrl_page.kds_inuse_count < n_storage_threshold) {
3251
3252 kds_waiter = 1;
3253
3254 if (abstime)
3255 wait_result = lck_spin_sleep_deadline(kdw_spin_lock, 0, &kds_waiter, THREAD_ABORTSAFE, abstime);
3256 else
3257 wait_result = lck_spin_sleep(kdw_spin_lock, 0, &kds_waiter, THREAD_ABORTSAFE);
3258
3259 kds_waiter = 0;
3260 }
3261 lck_spin_unlock(kdw_spin_lock);
3262 ml_set_interrupts_enabled(s);
3263 }
3264 p = current_proc();
3265 fd = value;
3266
3267 proc_fdlock(p);
3268 if ( (ret = fp_lookup(p, fd, &fp, 1)) ) {
3269 proc_fdunlock(p);
3270 break;
3271 }
3272 context.vc_thread = current_thread();
3273 context.vc_ucred = fp->f_fglob->fg_cred;
3274
3275 if (FILEGLOB_DTYPE(fp->f_fglob) != DTYPE_VNODE) {
3276 fp_drop(p, fd, fp, 1);
3277 proc_fdunlock(p);
3278
3279 ret = EBADF;
3280 break;
3281 }
3282 vp = (struct vnode *)fp->f_fglob->fg_data;
3283 proc_fdunlock(p);
3284
3285 if ((ret = vnode_getwithref(vp)) == 0) {
3286 RAW_file_offset = fp->f_fglob->fg_offset;
3287 if (name[0] == KERN_KDWRITETR || name[0] == KERN_KDWRITETR_V3) {
3288 number = nkdbufs * sizeof(kd_buf);
3289
3290 KERNEL_DEBUG_CONSTANT(TRACE_WRITING_EVENTS | DBG_FUNC_START, 0, 0, 0, 0, 0);
3291 if (name[0] == KERN_KDWRITETR_V3)
3292 ret = kdbg_read(0, &number, vp, &context, RAW_VERSION3);
3293 else
3294 ret = kdbg_read(0, &number, vp, &context, RAW_VERSION1);
3295 KERNEL_DEBUG_CONSTANT(TRACE_WRITING_EVENTS | DBG_FUNC_END, number, 0, 0, 0, 0);
3296
3297 *sizep = number;
3298 } else {
3299 number = kd_mapcount * sizeof(kd_threadmap);
3300 if (name[0] == KERN_KDWRITEMAP_V3)
3301 kdbg_readthrmap_v3(0, &number, fd);
3302 else
3303 kdbg_readthrmap(0, &number, vp, &context);
3304 }
3305 fp->f_fglob->fg_offset = RAW_file_offset;
3306 vnode_put(vp);
3307 }
3308 fp_drop(p, fd, fp, 0);
3309
3310 break;
3311 }
3312 case KERN_KDBUFWAIT:
3313 {
3314 /* WRITETR lite -- just block until there's data */
3315 int s;
3316 int wait_result = THREAD_AWAKENED;
3317 u_int64_t abstime;
3318 u_int64_t ns;
3319 size_t number = 0;
3320
3321 kdbg_disable_bg_trace();
3322
3323
3324 if (*sizep) {
3325 ns = ((u_int64_t)*sizep) * (u_int64_t)(1000 * 1000);
3326 nanoseconds_to_absolutetime(ns, &abstime );
3327 clock_absolutetime_interval_to_deadline( abstime, &abstime );
3328 } else
3329 abstime = 0;
3330
3331 s = ml_set_interrupts_enabled(FALSE);
3332 if( !s )
3333 panic("trying to wait with interrupts off");
3334 lck_spin_lock(kdw_spin_lock);
3335
3336 /* drop the mutex so don't exclude others from
3337 * accessing trace
3338 */
3339 lck_mtx_unlock(kd_trace_mtx_sysctl);
3340
3341 while (wait_result == THREAD_AWAKENED &&
3342 kd_ctrl_page.kds_inuse_count < n_storage_threshold) {
3343
3344 kds_waiter = 1;
3345
3346 if (abstime)
3347 wait_result = lck_spin_sleep_deadline(kdw_spin_lock, 0, &kds_waiter, THREAD_ABORTSAFE, abstime);
3348 else
3349 wait_result = lck_spin_sleep(kdw_spin_lock, 0, &kds_waiter, THREAD_ABORTSAFE);
3350
3351 kds_waiter = 0;
3352 }
3353
3354 /* check the count under the spinlock */
3355 number = (kd_ctrl_page.kds_inuse_count >= n_storage_threshold);
3356
3357 lck_spin_unlock(kdw_spin_lock);
3358 ml_set_interrupts_enabled(s);
3359
3360 /* pick the mutex back up again */
3361 lck_mtx_lock(kd_trace_mtx_sysctl);
3362
3363 /* write out whether we've exceeded the threshold */
3364 *sizep = number;
3365 break;
3366 }
3367 case KERN_KDPIDTR:
3368 if (size < sizeof(kd_regtype)) {
3369 ret = EINVAL;
3370 break;
3371 }
3372 if (copyin(where, &kd_Reg, sizeof(kd_regtype))) {
3373 ret = EINVAL;
3374 break;
3375 }
3376 kdbg_disable_bg_trace();
3377
3378 ret = kdbg_setpid(&kd_Reg);
3379 break;
3380 case KERN_KDPIDEX:
3381 if (size < sizeof(kd_regtype)) {
3382 ret = EINVAL;
3383 break;
3384 }
3385 if (copyin(where, &kd_Reg, sizeof(kd_regtype))) {
3386 ret = EINVAL;
3387 break;
3388 }
3389 kdbg_disable_bg_trace();
3390
3391 ret = kdbg_setpidex(&kd_Reg);
3392 break;
3393 case KERN_KDCPUMAP:
3394 ret = kdbg_readcpumap(where, sizep);
3395 break;
3396 case KERN_KDTHRMAP:
3397 ret = kdbg_readthrmap(where, sizep, NULL, NULL);
3398 break;
3399 case KERN_KDREADCURTHRMAP:
3400 ret = kdbg_readcurthrmap(where, sizep);
3401 break;
3402 case KERN_KDSETRTCDEC:
3403 if (size < sizeof(kd_regtype)) {
3404 ret = EINVAL;
3405 break;
3406 }
3407 if (copyin(where, &kd_Reg, sizeof(kd_regtype))) {
3408 ret = EINVAL;
3409 break;
3410 }
3411 kdbg_disable_bg_trace();
3412
3413 ret = kdbg_setrtcdec(&kd_Reg);
3414 break;
3415 case KERN_KDSET_TYPEFILTER:
3416 kdbg_disable_bg_trace();
3417
3418 if (size != KDBG_TYPEFILTER_BITMAP_SIZE) {
3419 ret = EINVAL;
3420 break;
3421 }
3422
3423 if ((kd_ctrl_page.kdebug_flags & KDBG_TYPEFILTER_CHECK) == 0){
3424 if ((ret = kdbg_enable_typefilter()))
3425 break;
3426 }
3427
3428 if (copyin(where, type_filter_bitmap, KDBG_TYPEFILTER_BITMAP_SIZE)) {
3429 ret = EINVAL;
3430 break;
3431 }
3432 kdbg_iop_list_callback(kd_ctrl_page.kdebug_iops, KD_CALLBACK_TYPEFILTER_CHANGED, type_filter_bitmap);
3433 break;
3434 default:
3435 ret = EINVAL;
3436 }
3437 out:
3438 lck_mtx_unlock(kd_trace_mtx_sysctl);
3439
3440 return(ret);
3441 }
3442
3443
3444 /*
3445 * This code can run for the most part concurrently with kernel_debug_internal()...
3446 * 'release_storage_unit' will take the kds_spin_lock which may cause us to briefly
3447 * synchronize with the recording side of this puzzle... otherwise, we are able to
3448 * move through the lists w/o use of any locks
3449 */
3450 int
3451 kdbg_read(user_addr_t buffer, size_t *number, vnode_t vp, vfs_context_t ctx, uint32_t file_version)
3452 {
3453 unsigned int count;
3454 unsigned int cpu, min_cpu;
3455 uint64_t mintime, t, barrier = 0;
3456 int error = 0;
3457 kd_buf *tempbuf;
3458 uint32_t rcursor;
3459 kd_buf lostevent;
3460 union kds_ptr kdsp;
3461 struct kd_storage *kdsp_actual;
3462 struct kd_bufinfo *kdbp;
3463 struct kd_bufinfo *min_kdbp;
3464 uint32_t tempbuf_count;
3465 uint32_t tempbuf_number;
3466 uint32_t old_kdebug_flags;
3467 uint32_t old_kdebug_slowcheck;
3468 boolean_t lostevents = FALSE;
3469 boolean_t out_of_events = FALSE;
3470
3471 assert(number);
3472 count = *number/sizeof(kd_buf);
3473 *number = 0;
3474
3475 if (count == 0 || !(kd_ctrl_page.kdebug_flags & KDBG_BUFINIT) || kdcopybuf == 0)
3476 return EINVAL;
3477
3478 memset(&lostevent, 0, sizeof(lostevent));
3479 lostevent.debugid = TRACE_LOST_EVENTS;
3480
3481 /* Capture timestamp. Only sort events that have occured before the timestamp.
3482 * Since the iop is being flushed here, its possible that events occur on the AP
3483 * while running live tracing. If we are disabled, no new events should
3484 * occur on the AP.
3485 */
3486
3487 if (kd_ctrl_page.enabled)
3488 {
3489 // timestamp is non-zero value
3490 barrier = mach_absolute_time() & KDBG_TIMESTAMP_MASK;
3491 }
3492
3493 // Request each IOP to provide us with up to date entries before merging buffers together.
3494 kdbg_iop_list_callback(kd_ctrl_page.kdebug_iops, KD_CALLBACK_SYNC_FLUSH, NULL);
3495
3496 /*
3497 * because we hold kd_trace_mtx_sysctl, no other control threads can
3498 * be playing with kdebug_flags... the code that cuts new events could
3499 * be running, but it grabs kds_spin_lock if it needs to acquire a new
3500 * storage chunk which is where it examines kdebug_flags... it its adding
3501 * to the same chunk we're reading from, no problem...
3502 */
3503
3504 disable_wrap(&old_kdebug_slowcheck, &old_kdebug_flags);
3505
3506 if (count > nkdbufs)
3507 count = nkdbufs;
3508
3509 if ((tempbuf_count = count) > KDCOPYBUF_COUNT)
3510 tempbuf_count = KDCOPYBUF_COUNT;
3511
3512 while (count) {
3513 tempbuf = kdcopybuf;
3514 tempbuf_number = 0;
3515
3516 // While space
3517 while (tempbuf_count) {
3518 mintime = 0xffffffffffffffffULL;
3519 min_kdbp = NULL;
3520 min_cpu = 0;
3521
3522 // Check all CPUs
3523 for (cpu = 0, kdbp = &kdbip[0]; cpu < kd_ctrl_page.kdebug_cpus; cpu++, kdbp++) {
3524
3525 // Find one with raw data
3526 if ((kdsp = kdbp->kd_list_head).raw == KDS_PTR_NULL)
3527 continue;
3528 /* Debugging aid: maintain a copy of the "kdsp"
3529 * index.
3530 */
3531 volatile union kds_ptr kdsp_shadow;
3532
3533 kdsp_shadow = kdsp;
3534
3535 // Get from cpu data to buffer header to buffer
3536 kdsp_actual = POINTER_FROM_KDS_PTR(kdsp);
3537
3538 volatile struct kd_storage *kdsp_actual_shadow;
3539
3540 kdsp_actual_shadow = kdsp_actual;
3541
3542 // See if there are actual data left in this buffer
3543 rcursor = kdsp_actual->kds_readlast;
3544
3545 if (rcursor == kdsp_actual->kds_bufindx)
3546 continue;
3547
3548 t = kdbg_get_timestamp(&kdsp_actual->kds_records[rcursor]);
3549
3550 if ((t > barrier) && (barrier > 0)) {
3551 /*
3552 * Need to wait to flush iop again before we
3553 * sort any more data from the buffers
3554 */
3555 out_of_events = TRUE;
3556 break;
3557 }
3558 if (t < kdsp_actual->kds_timestamp) {
3559 /*
3560 * indicates we've not yet completed filling
3561 * in this event...
3562 * this should only occur when we're looking
3563 * at the buf that the record head is utilizing
3564 * we'll pick these events up on the next
3565 * call to kdbg_read
3566 * we bail at this point so that we don't
3567 * get an out-of-order timestream by continuing
3568 * to read events from the other CPUs' timestream(s)
3569 */
3570 out_of_events = TRUE;
3571 break;
3572 }
3573 if (t < mintime) {
3574 mintime = t;
3575 min_kdbp = kdbp;
3576 min_cpu = cpu;
3577 }
3578 }
3579 if (min_kdbp == NULL || out_of_events == TRUE) {
3580 /*
3581 * all buffers ran empty
3582 */
3583 out_of_events = TRUE;
3584 break;
3585 }
3586
3587 // Get data
3588 kdsp = min_kdbp->kd_list_head;
3589 kdsp_actual = POINTER_FROM_KDS_PTR(kdsp);
3590
3591 if (kdsp_actual->kds_lostevents == TRUE) {
3592 kdbg_set_timestamp_and_cpu(&lostevent, kdsp_actual->kds_records[kdsp_actual->kds_readlast].timestamp, min_cpu);
3593 *tempbuf = lostevent;
3594
3595 kdsp_actual->kds_lostevents = FALSE;
3596 lostevents = TRUE;
3597
3598 goto nextevent;
3599 }
3600
3601 // Copy into buffer
3602 *tempbuf = kdsp_actual->kds_records[kdsp_actual->kds_readlast++];
3603
3604 if (kdsp_actual->kds_readlast == EVENTS_PER_STORAGE_UNIT)
3605 release_storage_unit(min_cpu, kdsp.raw);
3606
3607 /*
3608 * Watch for out of order timestamps
3609 */
3610 if (mintime < min_kdbp->kd_prev_timebase) {
3611 /*
3612 * if so, use the previous timestamp + 1 cycle
3613 */
3614 min_kdbp->kd_prev_timebase++;
3615 kdbg_set_timestamp_and_cpu(tempbuf, min_kdbp->kd_prev_timebase, kdbg_get_cpu(tempbuf));
3616 } else
3617 min_kdbp->kd_prev_timebase = mintime;
3618 nextevent:
3619 tempbuf_count--;
3620 tempbuf_number++;
3621 tempbuf++;
3622
3623 if ((RAW_file_written += sizeof(kd_buf)) >= RAW_FLUSH_SIZE)
3624 break;
3625 }
3626 if (tempbuf_number) {
3627 if (file_version == RAW_VERSION3) {
3628 if ( !(kdbg_write_v3_event_chunk_header(buffer, V3_RAW_EVENTS, (tempbuf_number * sizeof(kd_buf)), vp, ctx))) {
3629 error = EFAULT;
3630 goto check_error;
3631 }
3632 if (buffer)
3633 buffer += (sizeof(kd_chunk_header_v3) + sizeof(uint64_t));
3634
3635 assert(count >= (sizeof(kd_chunk_header_v3) + sizeof(uint64_t)));
3636 count -= (sizeof(kd_chunk_header_v3) + sizeof(uint64_t));
3637 *number += (sizeof(kd_chunk_header_v3) + sizeof(uint64_t));
3638 }
3639 if (vp) {
3640 size_t write_size = tempbuf_number * sizeof(kd_buf);
3641 error = kdbg_write_to_vnode((caddr_t)kdcopybuf, write_size, vp, ctx, RAW_file_offset);
3642 if (!error)
3643 RAW_file_offset += write_size;
3644
3645 if (RAW_file_written >= RAW_FLUSH_SIZE) {
3646 cluster_push(vp, 0);
3647
3648 RAW_file_written = 0;
3649 }
3650 } else {
3651 error = copyout(kdcopybuf, buffer, tempbuf_number * sizeof(kd_buf));
3652 buffer += (tempbuf_number * sizeof(kd_buf));
3653 }
3654 check_error:
3655 if (error) {
3656 *number = 0;
3657 error = EINVAL;
3658 break;
3659 }
3660 count -= tempbuf_number;
3661 *number += tempbuf_number;
3662 }
3663 if (out_of_events == TRUE)
3664 /*
3665 * all trace buffers are empty
3666 */
3667 break;
3668
3669 if ((tempbuf_count = count) > KDCOPYBUF_COUNT)
3670 tempbuf_count = KDCOPYBUF_COUNT;
3671 }
3672 if ( !(old_kdebug_flags & KDBG_NOWRAP)) {
3673 enable_wrap(old_kdebug_slowcheck, lostevents);
3674 }
3675 return (error);
3676 }
3677
3678
3679 unsigned char *getProcName(struct proc *proc);
3680 unsigned char *getProcName(struct proc *proc) {
3681
3682 return (unsigned char *) &proc->p_comm; /* Return pointer to the proc name */
3683
3684 }
3685
3686 static int
3687 stackshot_kern_return_to_bsd_error(kern_return_t kr)
3688 {
3689 switch (kr) {
3690 case KERN_SUCCESS:
3691 return 0;
3692 case KERN_RESOURCE_SHORTAGE:
3693 return ENOMEM;
3694 case KERN_NO_SPACE:
3695 return ENOSPC;
3696 case KERN_NO_ACCESS:
3697 return EPERM;
3698 case KERN_MEMORY_PRESENT:
3699 return EEXIST;
3700 case KERN_NOT_SUPPORTED:
3701 return ENOTSUP;
3702 case KERN_NOT_IN_SET:
3703 return ENOENT;
3704 default:
3705 return EINVAL;
3706 }
3707 }
3708
3709
3710 /*
3711 * DEPRECATION WARNING: THIS SYSCALL IS BEING REPLACED WITH SYS_stack_snapshot_with_config and SYS_microstackshot.
3712 *
3713 * stack_snapshot: Obtains a coherent set of stack traces for all threads
3714 * on the system, tracing both kernel and user stacks
3715 * where available. Uses machine specific trace routines
3716 * for ppc, ppc64 and x86.
3717 * Inputs: uap->pid - process id of process to be traced, or -1
3718 * for the entire system
3719 * uap->tracebuf - address of the user space destination
3720 * buffer
3721 * uap->tracebuf_size - size of the user space trace buffer
3722 * uap->options - various options, including the maximum
3723 * number of frames to trace.
3724 * Outputs: EPERM if the caller is not privileged
3725 * EINVAL if the supplied trace buffer isn't sanely sized
3726 * ENOMEM if we don't have enough memory to satisfy the
3727 * request
3728 * ENOENT if the target pid isn't found
3729 * ENOSPC if the supplied buffer is insufficient
3730 * *retval contains the number of bytes traced, if successful
3731 * and -1 otherwise. If the request failed due to
3732 * tracebuffer exhaustion, we copyout as much as possible.
3733 */
3734 int
3735 stack_snapshot(struct proc *p, register struct stack_snapshot_args *uap, int32_t *retval) {
3736 int error = 0;
3737 kern_return_t kr;
3738
3739 if ((error = suser(kauth_cred_get(), &p->p_acflag)))
3740 return(error);
3741
3742 kr = stack_snapshot2(uap->pid, uap->tracebuf, uap->tracebuf_size, uap->flags, retval);
3743 return stackshot_kern_return_to_bsd_error(kr);
3744 }
3745
3746 /*
3747 * stack_snapshot_with_config: Obtains a coherent set of stack traces for specified threads on the sysem,
3748 * tracing both kernel and user stacks where available. Allocates a buffer from the
3749 * kernel and maps the buffer into the calling task's address space.
3750 *
3751 * Inputs: uap->stackshot_config_version - version of the stackshot config that is being passed
3752 * uap->stackshot_config - pointer to the stackshot config
3753 * uap->stackshot_config_size- size of the stackshot config being passed
3754 * Outputs: EINVAL if there is a problem with the arguments
3755 * EFAULT if we failed to copy in the arguments succesfully
3756 * EPERM if the caller is not privileged
3757 * ENOTSUP if the caller is passing a version of arguments that is not supported by the kernel
3758 * (indicates libsyscall:kernel mismatch) or if the caller is requesting unsupported flags
3759 * ENOENT if the caller is requesting an existing buffer that doesn't exist or if the
3760 * requested PID isn't found
3761 * ENOMEM if the kernel is unable to allocate enough memory to serve the request
3762 * ENOSPC if there isn't enough space in the caller's address space to remap the buffer
3763 * ESRCH if the target PID isn't found
3764 * returns KERN_SUCCESS on success
3765 */
3766 int
3767 stack_snapshot_with_config(struct proc *p, struct stack_snapshot_with_config_args *uap, __unused int *retval)
3768 {
3769 int error = 0;
3770 kern_return_t kr;
3771
3772 if ((error = suser(kauth_cred_get(), &p->p_acflag)))
3773 return(error);
3774
3775 if((void*)uap->stackshot_config == NULL) {
3776 return EINVAL;
3777 }
3778
3779 switch (uap->stackshot_config_version) {
3780 case STACKSHOT_CONFIG_TYPE:
3781 if (uap->stackshot_config_size != sizeof(stackshot_config_t)) {
3782 return EINVAL;
3783 }
3784 stackshot_config_t config;
3785 error = copyin(uap->stackshot_config, &config, sizeof(stackshot_config_t));
3786 if (error != KERN_SUCCESS)
3787 {
3788 return EFAULT;
3789 }
3790 kr = kern_stack_snapshot_internal(uap->stackshot_config_version, &config, sizeof(stackshot_config_t), TRUE);
3791 return stackshot_kern_return_to_bsd_error(kr);
3792 default:
3793 return ENOTSUP;
3794 }
3795 }
3796
3797 #if CONFIG_TELEMETRY
3798 /*
3799 * microstackshot: Catch all system call for microstackshot related operations, including
3800 * enabling/disabling both global and windowed microstackshots as well
3801 * as retrieving windowed or global stackshots and the boot profile.
3802 * Inputs: uap->tracebuf - address of the user space destination
3803 * buffer
3804 * uap->tracebuf_size - size of the user space trace buffer
3805 * uap->flags - various flags
3806 * Outputs: EPERM if the caller is not privileged
3807 * EINVAL if the supplied mss_args is NULL, mss_args.tracebuf is NULL or mss_args.tracebuf_size is not sane
3808 * ENOMEM if we don't have enough memory to satisfy the request
3809 * *retval contains the number of bytes traced, if successful
3810 * and -1 otherwise.
3811 */
3812 int
3813 microstackshot(struct proc *p, struct microstackshot_args *uap, int32_t *retval)
3814 {
3815 int error = 0;
3816 kern_return_t kr;
3817
3818 if ((error = suser(kauth_cred_get(), &p->p_acflag)))
3819 return(error);
3820
3821 kr = stack_microstackshot(uap->tracebuf, uap->tracebuf_size, uap->flags, retval);
3822 return stackshot_kern_return_to_bsd_error(kr);
3823 }
3824 #endif /* CONFIG_TELEMETRY */
3825
3826 /*
3827 * kern_stack_snapshot_with_reason: Obtains a coherent set of stack traces for specified threads on the sysem,
3828 * tracing both kernel and user stacks where available. Allocates a buffer from the
3829 * kernel and stores the address of this buffer.
3830 *
3831 * Inputs: reason - the reason for triggering a stackshot (unused at the moment, but in the
3832 * future will be saved in the stackshot)
3833 * Outputs: EINVAL/ENOTSUP if there is a problem with the arguments
3834 * EPERM if the caller doesn't pass at least one KERNEL stackshot flag
3835 * ENOMEM if the kernel is unable to allocate enough memory to serve the request
3836 * ESRCH if the target PID isn't found
3837 * returns KERN_SUCCESS on success
3838 */
3839 int
3840 kern_stack_snapshot_with_reason(__unused char *reason)
3841 {
3842 stackshot_config_t config;
3843 kern_return_t kr;
3844
3845 config.sc_pid = -1;
3846 config.sc_flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_GET_GLOBAL_MEM_STATS | STACKSHOT_SAVE_IN_KERNEL_BUFFER |
3847 STACKSHOT_KCDATA_FORMAT);
3848 config.sc_since_timestamp = 0;
3849 config.sc_out_buffer_addr = 0;
3850 config.sc_out_size_addr = 0;
3851
3852 kr = kern_stack_snapshot_internal(STACKSHOT_CONFIG_TYPE, &config, sizeof(stackshot_config_t), FALSE);
3853 return stackshot_kern_return_to_bsd_error(kr);
3854 }
3855
3856 /*
3857 * stack_snapshot_from_kernel: Stackshot function for kernel consumers who have their own buffer.
3858 *
3859 * Inputs: pid - the PID to be traced or -1 for the whole system
3860 * buf - a pointer to the buffer where the stackshot should be written
3861 * size - the size of the buffer
3862 * flags - flags to be passed to the stackshot
3863 * *bytes_traced - a pointer to be filled with the length of the stackshot
3864 * Outputs: -1 if there is a problem with the arguments
3865 * the error returned by the stackshot code otherwise
3866 */
3867 int
3868 stack_snapshot_from_kernel(pid_t pid, void *buf, uint32_t size, uint32_t flags, unsigned *bytes_traced)
3869 {
3870 kern_return_t kr;
3871
3872 kr = stack_snapshot_from_kernel_internal(pid, buf, size, flags, bytes_traced);
3873 if (kr == KERN_FAILURE) {
3874 return -1;
3875 }
3876
3877 return kr;
3878 }
3879
3880 void
3881 start_kern_tracing(unsigned int new_nkdbufs, boolean_t need_map)
3882 {
3883
3884 if (!new_nkdbufs)
3885 return;
3886 nkdbufs = kdbg_set_nkdbufs(new_nkdbufs);
3887 kdbg_lock_init();
3888
3889 kernel_debug_string_simple("start_kern_tracing");
3890
3891 if (0 == kdbg_reinit(TRUE)) {
3892
3893 if (need_map == TRUE) {
3894 uint32_t old1, old2;
3895
3896 kdbg_thrmap_init();
3897
3898 disable_wrap(&old1, &old2);
3899 }
3900
3901 /* Hold off interrupts until the early traces are cut */
3902 boolean_t s = ml_set_interrupts_enabled(FALSE);
3903
3904 kdbg_set_tracing_enabled(
3905 TRUE,
3906 kdebug_serial ?
3907 (KDEBUG_ENABLE_TRACE | KDEBUG_ENABLE_SERIAL) :
3908 KDEBUG_ENABLE_TRACE);
3909
3910 /*
3911 * Transfer all very early events from the static buffer
3912 * into the real buffers.
3913 */
3914 kernel_debug_early_end();
3915
3916 ml_set_interrupts_enabled(s);
3917
3918 printf("kernel tracing started\n");
3919 #if KDEBUG_MOJO_TRACE
3920 if (kdebug_serial) {
3921 printf("serial output enabled with %lu named events\n",
3922 sizeof(kd_events)/sizeof(kd_event_t));
3923 }
3924 #endif
3925 } else {
3926 printf("error from kdbg_reinit, kernel tracing not started\n");
3927 }
3928 }
3929
3930 void
3931 start_kern_tracing_with_typefilter(unsigned int new_nkdbufs,
3932 boolean_t need_map,
3933 unsigned int typefilter)
3934 {
3935 /* startup tracing */
3936 start_kern_tracing(new_nkdbufs, need_map);
3937
3938 /* check that tracing was actually enabled */
3939 if (!(kdebug_enable & KDEBUG_ENABLE_TRACE))
3940 return;
3941
3942 /* setup the typefiltering */
3943 if (0 == kdbg_enable_typefilter())
3944 setbit(type_filter_bitmap,
3945 typefilter & (KDBG_CSC_MASK >> KDBG_CSC_OFFSET));
3946 }
3947
3948 void
3949 kdbg_dump_trace_to_file(const char *filename)
3950 {
3951 vfs_context_t ctx;
3952 vnode_t vp;
3953 int error;
3954 size_t number;
3955
3956
3957 if ( !(kdebug_enable & KDEBUG_ENABLE_TRACE))
3958 return;
3959
3960 if (global_state_pid != -1) {
3961 if ((proc_find(global_state_pid)) != NULL) {
3962 /*
3963 * The global pid exists, we're running
3964 * due to fs_usage, latency, etc...
3965 * don't cut the panic/shutdown trace file
3966 * Disable tracing from this point to avoid
3967 * perturbing state.
3968 */
3969 kdebug_enable = 0;
3970 kd_ctrl_page.enabled = 0;
3971 commpage_update_kdebug_enable();
3972 return;
3973 }
3974 }
3975 KERNEL_DEBUG_CONSTANT(TRACE_PANIC | DBG_FUNC_NONE, 0, 0, 0, 0, 0);
3976
3977 kdebug_enable = 0;
3978 kd_ctrl_page.enabled = 0;
3979 commpage_update_kdebug_enable();
3980
3981 ctx = vfs_context_kernel();
3982
3983 if ((error = vnode_open(filename, (O_CREAT | FWRITE | O_NOFOLLOW), 0600, 0, &vp, ctx)))
3984 return;
3985
3986 number = kd_mapcount * sizeof(kd_threadmap);
3987 kdbg_readthrmap(0, &number, vp, ctx);
3988
3989 number = nkdbufs*sizeof(kd_buf);
3990 kdbg_read(0, &number, vp, ctx, RAW_VERSION1);
3991
3992 vnode_close(vp, FWRITE, ctx);
3993
3994 sync(current_proc(), (void *)NULL, (int *)NULL);
3995 }
3996
3997 /* Helper function for filling in the BSD name for an address space
3998 * Defined here because the machine bindings know only Mach threads
3999 * and nothing about BSD processes.
4000 *
4001 * FIXME: need to grab a lock during this?
4002 */
4003 void kdbg_get_task_name(char* name_buf, int len, task_t task)
4004 {
4005 proc_t proc;
4006
4007 /* Note: we can't use thread->task (and functions that rely on it) here
4008 * because it hasn't been initialized yet when this function is called.
4009 * We use the explicitly-passed task parameter instead.
4010 */
4011 proc = get_bsdtask_info(task);
4012 if (proc != PROC_NULL)
4013 snprintf(name_buf, len, "%s/%d", proc->p_comm, proc->p_pid);
4014 else
4015 snprintf(name_buf, len, "%p [!bsd]", task);
4016 }
4017
4018 #if KDEBUG_MOJO_TRACE
4019 static kd_event_t *
4020 binary_search(uint32_t id)
4021 {
4022 int low, high, mid;
4023
4024 low = 0;
4025 high = sizeof(kd_events)/sizeof(kd_event_t) - 1;
4026
4027 while (TRUE)
4028 {
4029 mid = (low + high) / 2;
4030
4031 if (low > high)
4032 return NULL; /* failed */
4033 else if ( low + 1 >= high) {
4034 /* We have a match */
4035 if (kd_events[high].id == id)
4036 return &kd_events[high];
4037 else if (kd_events[low].id == id)
4038 return &kd_events[low];
4039 else
4040 return NULL; /* search failed */
4041 }
4042 else if (id < kd_events[mid].id)
4043 high = mid;
4044 else
4045 low = mid;
4046 }
4047 }
4048
4049 /*
4050 * Look up event id to get name string.
4051 * Using a per-cpu cache of a single entry
4052 * before resorting to a binary search of the full table.
4053 */
4054 #define NCACHE 1
4055 static kd_event_t *last_hit[MAX_CPUS];
4056 static kd_event_t *
4057 event_lookup_cache(uint32_t cpu, uint32_t id)
4058 {
4059 if (last_hit[cpu] == NULL || last_hit[cpu]->id != id)
4060 last_hit[cpu] = binary_search(id);
4061 return last_hit[cpu];
4062 }
4063
4064 static uint64_t kd_last_timstamp;
4065
4066 static void
4067 kdebug_serial_print(
4068 uint32_t cpunum,
4069 uint32_t debugid,
4070 uint64_t timestamp,
4071 uintptr_t arg1,
4072 uintptr_t arg2,
4073 uintptr_t arg3,
4074 uintptr_t arg4,
4075 uintptr_t threadid
4076 )
4077 {
4078 char kprintf_line[192];
4079 char event[40];
4080 uint64_t us = timestamp / NSEC_PER_USEC;
4081 uint64_t us_tenth = (timestamp % NSEC_PER_USEC) / 100;
4082 uint64_t delta = timestamp - kd_last_timstamp;
4083 uint64_t delta_us = delta / NSEC_PER_USEC;
4084 uint64_t delta_us_tenth = (delta % NSEC_PER_USEC) / 100;
4085 uint32_t event_id = debugid & KDBG_EVENTID_MASK;
4086 const char *command;
4087 const char *bra;
4088 const char *ket;
4089 kd_event_t *ep;
4090
4091 /* event time and delta from last */
4092 snprintf(kprintf_line, sizeof(kprintf_line),
4093 "%11llu.%1llu %8llu.%1llu ",
4094 us, us_tenth, delta_us, delta_us_tenth);
4095
4096
4097 /* event (id or name) - start prefixed by "[", end postfixed by "]" */
4098 bra = (debugid & DBG_FUNC_START) ? "[" : " ";
4099 ket = (debugid & DBG_FUNC_END) ? "]" : " ";
4100 ep = event_lookup_cache(cpunum, event_id);
4101 if (ep) {
4102 if (strlen(ep->name) < sizeof(event) - 3)
4103 snprintf(event, sizeof(event), "%s%s%s",
4104 bra, ep->name, ket);
4105 else
4106 snprintf(event, sizeof(event), "%s%x(name too long)%s",
4107 bra, event_id, ket);
4108 } else {
4109 snprintf(event, sizeof(event), "%s%x%s",
4110 bra, event_id, ket);
4111 }
4112 snprintf(kprintf_line + strlen(kprintf_line),
4113 sizeof(kprintf_line) - strlen(kprintf_line),
4114 "%-40s ", event);
4115
4116 /* arg1 .. arg4 with special cases for strings */
4117 switch (event_id) {
4118 case VFS_LOOKUP:
4119 case VFS_LOOKUP_DONE:
4120 if (debugid & DBG_FUNC_START) {
4121 /* arg1 hex then arg2..arg4 chars */
4122 snprintf(kprintf_line + strlen(kprintf_line),
4123 sizeof(kprintf_line) - strlen(kprintf_line),
4124 "%-16lx %-8s%-8s%-8s ",
4125 arg1, (char*)&arg2, (char*)&arg3, (char*)&arg4);
4126 break;
4127 }
4128 /* else fall through for arg1..arg4 chars */
4129 case TRACE_STRING_EXEC:
4130 case TRACE_STRING_NEWTHREAD:
4131 case TRACE_INFO_STRING:
4132 snprintf(kprintf_line + strlen(kprintf_line),
4133 sizeof(kprintf_line) - strlen(kprintf_line),
4134 "%-8s%-8s%-8s%-8s ",
4135 (char*)&arg1, (char*)&arg2, (char*)&arg3, (char*)&arg4);
4136 break;
4137 default:
4138 snprintf(kprintf_line + strlen(kprintf_line),
4139 sizeof(kprintf_line) - strlen(kprintf_line),
4140 "%-16lx %-16lx %-16lx %-16lx",
4141 arg1, arg2, arg3, arg4);
4142 }
4143
4144 /* threadid, cpu and command name */
4145 if (threadid == (uintptr_t)thread_tid(current_thread()) &&
4146 current_proc() &&
4147 current_proc()->p_comm[0])
4148 command = current_proc()->p_comm;
4149 else
4150 command = "-";
4151 snprintf(kprintf_line + strlen(kprintf_line),
4152 sizeof(kprintf_line) - strlen(kprintf_line),
4153 " %-16lx %-2d %s\n",
4154 threadid, cpunum, command);
4155
4156 kprintf("%s", kprintf_line);
4157 kd_last_timstamp = timestamp;
4158 }
4159 #endif
mirror of XNU