]> git.saurik.com Git - apple/xnu.git/blob - bsd/kern/kdebug.c
projects / apple / xnu.git / blob
? search:


79896dbbe87b5bed869cd7129585408b9ae6a45f
[apple/xnu.git] / bsd / kern / kdebug.c
1 /*
2 * Copyright (c) 2000-2006 Apple Computer, Inc. All rights reserved.
3 *
4 * @Apple_LICENSE_HEADER_START@
5 *
6 * The contents of this file constitute Original Code as defined in and
7 * are subject to the Apple Public Source License Version 1.1 (the
8 * "License"). You may not use this file except in compliance with the
9 * License. Please obtain a copy of the License at
10 * http://www.apple.com/publicsource and read it before using this file.
11 *
12 * This Original Code and all software distributed under the License are
13 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17 * License for the specific language governing rights and limitations
18 * under the License.
19 *
20 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
21 */
22
23
24 #include <machine/spl.h>
25
26 #include <sys/errno.h>
27 #include <sys/param.h>
28 #include <sys/systm.h>
29 #include <sys/proc_internal.h>
30 #include <sys/vm.h>
31 #include <sys/sysctl.h>
32 #include <sys/kdebug.h>
33 #include <sys/sysproto.h>
34 #include <sys/bsdtask_info.h>
35
36 #define HZ 100
37 #include <mach/clock_types.h>
38 #include <mach/mach_types.h>
39 #include <mach/mach_time.h>
40 #include <machine/machine_routines.h>
41
42 #if defined(__i386__) || defined(__x86_64__)
43 #include <i386/rtclock_protos.h>
44 #include <i386/mp.h>
45 #include <i386/machine_routines.h>
46 #endif
47
48 #include <kern/clock.h>
49
50 #include <kern/thread.h>
51 #include <kern/task.h>
52 #include <kern/debug.h>
53 #include <kern/kalloc.h>
54 #include <kern/cpu_data.h>
55 #include <kern/assert.h>
56 #include <vm/vm_kern.h>
57 #include <sys/lock.h>
58
59 #include <sys/malloc.h>
60 #include <sys/mcache.h>
61 #include <sys/kauth.h>
62
63 #include <sys/vnode.h>
64 #include <sys/vnode_internal.h>
65 #include <sys/fcntl.h>
66 #include <sys/file_internal.h>
67 #include <sys/ubc.h>
68 #include <sys/param.h> /* for isset() */
69
70 #include <mach/mach_host.h> /* for host_info() */
71 #include <libkern/OSAtomic.h>
72
73 #include <machine/pal_routines.h>
74
75 /* XXX should have prototypes, but Mach does not provide one */
76 void task_act_iterate_wth_args(task_t, void(*)(thread_t, void *), void *);
77 int cpu_number(void); /* XXX <machine/...> include path broken */
78
79 /* XXX should probably be static, but it's debugging code... */
80 int kdbg_read(user_addr_t, size_t *, vnode_t, vfs_context_t);
81 void kdbg_control_chud(int, void *);
82 int kdbg_control(int *, u_int, user_addr_t, size_t *);
83 int kdbg_getentropy (user_addr_t, size_t *, int);
84 int kdbg_readmap(user_addr_t, size_t *, vnode_t, vfs_context_t);
85 int kdbg_getreg(kd_regtype *);
86 int kdbg_setreg(kd_regtype *);
87 int kdbg_setrtcdec(kd_regtype *);
88 int kdbg_setpidex(kd_regtype *);
89 int kdbg_setpid(kd_regtype *);
90 void kdbg_mapinit(void);
91 int kdbg_reinit(boolean_t);
92 int kdbg_bootstrap(boolean_t);
93
94 static int kdbg_enable_typefilter(void);
95 static int kdbg_disable_typefilter(void);
96
97 static int create_buffers(boolean_t);
98 static void delete_buffers(void);
99
100 extern void IOSleep(int);
101
102 /* trace enable status */
103 unsigned int kdebug_enable = 0;
104
105 /* track timestamps for security server's entropy needs */
106 uint64_t * kd_entropy_buffer = 0;
107 unsigned int kd_entropy_bufsize = 0;
108 unsigned int kd_entropy_count = 0;
109 unsigned int kd_entropy_indx = 0;
110 vm_offset_t kd_entropy_buftomem = 0;
111
112 #define MAX_ENTROPY_COUNT (128 * 1024)
113
114
115 #define SLOW_NOLOG 0x01
116 #define SLOW_CHECKS 0x02
117 #define SLOW_ENTROPY 0x04
118 #define SLOW_CHUD 0x08
119
120 unsigned int kd_cpus;
121
122 #define EVENTS_PER_STORAGE_UNIT 2048
123 #define MIN_STORAGE_UNITS_PER_CPU 4
124
125 #define POINTER_FROM_KDS_PTR(x) (&kd_bufs[x.buffer_index].kdsb_addr[x.offset])
126
127 #define NATIVE_TRACE_FACILITY
128
129 union kds_ptr {
130 struct {
131 uint32_t buffer_index:21;
132 uint16_t offset:11;
133 };
134 uint32_t raw;
135 };
136
137 struct kd_storage {
138 union kds_ptr kds_next;
139 uint32_t kds_bufindx;
140 uint32_t kds_bufcnt;
141 uint32_t kds_readlast;
142 boolean_t kds_lostevents;
143 uint64_t kds_timestamp;
144
145 kd_buf kds_records[EVENTS_PER_STORAGE_UNIT];
146 };
147
148 #define MAX_BUFFER_SIZE (1024 * 1024 * 128)
149 #define N_STORAGE_UNITS_PER_BUFFER (MAX_BUFFER_SIZE / sizeof(struct kd_storage))
150
151 struct kd_storage_buffers {
152 struct kd_storage *kdsb_addr;
153 uint32_t kdsb_size;
154 };
155
156 #define KDS_PTR_NULL 0xffffffff
157 struct kd_storage_buffers *kd_bufs = NULL;
158 int n_storage_units = 0;
159 int n_storage_buffers = 0;
160 int n_storage_threshold = 0;
161 int kds_waiter = 0;
162 int kde_waiter = 0;
163
164 #pragma pack(0)
165 struct kd_bufinfo {
166 union kds_ptr kd_list_head;
167 union kds_ptr kd_list_tail;
168 boolean_t kd_lostevents;
169 uint32_t _pad;
170 uint64_t kd_prev_timebase;
171 uint32_t num_bufs;
172 } __attribute__(( aligned(CPU_CACHE_SIZE) ));
173
174 struct kd_ctrl_page_t {
175 union kds_ptr kds_free_list;
176 uint32_t enabled :1;
177 uint32_t _pad0 :31;
178 int kds_inuse_count;
179 uint32_t kdebug_flags;
180 uint32_t kdebug_slowcheck;
181 uint32_t _pad1;
182 struct {
183 uint64_t tsc_base;
184 uint64_t ns_base;
185 } cpu_timebase[32]; // should be max number of actual logical cpus
186 } kd_ctrl_page = {.kds_free_list = {.raw = KDS_PTR_NULL}, .enabled = 0, .kds_inuse_count = 0, .kdebug_flags = 0, .kdebug_slowcheck = SLOW_NOLOG};
187 #pragma pack()
188
189 struct kd_bufinfo *kdbip = NULL;
190
191 #define KDCOPYBUF_COUNT 8192
192 #define KDCOPYBUF_SIZE (KDCOPYBUF_COUNT * sizeof(kd_buf))
193 kd_buf *kdcopybuf = NULL;
194
195
196 int kdlog_sched_events = 0;
197
198 boolean_t kdlog_bg_trace = FALSE;
199 boolean_t kdlog_bg_trace_running = FALSE;
200 unsigned int bg_nkdbufs = 0;
201
202 unsigned int nkdbufs = 0;
203 unsigned int kdlog_beg=0;
204 unsigned int kdlog_end=0;
205 unsigned int kdlog_value1=0;
206 unsigned int kdlog_value2=0;
207 unsigned int kdlog_value3=0;
208 unsigned int kdlog_value4=0;
209
210 static lck_spin_t * kdw_spin_lock;
211 static lck_spin_t * kds_spin_lock;
212 static lck_mtx_t * kd_trace_mtx_sysctl;
213 static lck_grp_t * kd_trace_mtx_sysctl_grp;
214 static lck_attr_t * kd_trace_mtx_sysctl_attr;
215 static lck_grp_attr_t *kd_trace_mtx_sysctl_grp_attr;
216
217 static lck_grp_t *stackshot_subsys_lck_grp;
218 static lck_grp_attr_t *stackshot_subsys_lck_grp_attr;
219 static lck_attr_t *stackshot_subsys_lck_attr;
220 static lck_mtx_t stackshot_subsys_mutex;
221
222 void *stackshot_snapbuf = NULL;
223
224 int
225 stack_snapshot2(pid_t pid, user_addr_t tracebuf, uint32_t tracebuf_size, uint32_t flags, uint32_t dispatch_offset, int32_t *retval);
226
227 extern void
228 kdp_snapshot_preflight(int pid, void *tracebuf, uint32_t tracebuf_size, uint32_t flags, uint32_t dispatch_offset);
229
230 extern int
231 kdp_stack_snapshot_geterror(void);
232 extern unsigned int
233 kdp_stack_snapshot_bytes_traced(void);
234
235 kd_threadmap *kd_mapptr = 0;
236 unsigned int kd_mapsize = 0;
237 unsigned int kd_mapcount = 0;
238 vm_offset_t kd_maptomem = 0;
239
240 off_t RAW_file_offset = 0;
241 int RAW_file_written = 0;
242
243 #define RAW_FLUSH_SIZE (2 * 1024 * 1024)
244
245
246 pid_t global_state_pid = -1; /* Used to control exclusive use of kd_buffer */
247
248 #define DBG_FUNC_MASK 0xfffffffc
249
250 /* TODO: move to kdebug.h */
251 #define CLASS_MASK 0xff000000
252 #define CLASS_OFFSET 24
253 #define SUBCLASS_MASK 0x00ff0000
254 #define SUBCLASS_OFFSET 16
255 #define CSC_MASK 0xffff0000 /* class and subclass mask */
256 #define CSC_OFFSET SUBCLASS_OFFSET
257
258 #define EXTRACT_CLASS(debugid) ( (uint8_t) ( ((debugid) & CLASS_MASK ) >> CLASS_OFFSET ) )
259 #define EXTRACT_SUBCLASS(debugid) ( (uint8_t) ( ((debugid) & SUBCLASS_MASK) >> SUBCLASS_OFFSET ) )
260 #define EXTRACT_CSC(debugid) ( (uint16_t)( ((debugid) & CSC_MASK ) >> CSC_OFFSET ) )
261
262 #define INTERRUPT 0x01050000
263 #define MACH_vmfault 0x01300008
264 #define BSC_SysCall 0x040c0000
265 #define MACH_SysCall 0x010c0000
266 #define DBG_SCALL_MASK 0xffff0000
267
268
269 /* task to string structure */
270 struct tts
271 {
272 task_t task; /* from procs task */
273 pid_t pid; /* from procs p_pid */
274 char task_comm[20]; /* from procs p_comm */
275 };
276
277 typedef struct tts tts_t;
278
279 struct krt
280 {
281 kd_threadmap *map; /* pointer to the map buffer */
282 int count;
283 int maxcount;
284 struct tts *atts;
285 };
286
287 typedef struct krt krt_t;
288
289 /* This is for the CHUD toolkit call */
290 typedef void (*kd_chudhook_fn) (uint32_t debugid, uintptr_t arg1,
291 uintptr_t arg2, uintptr_t arg3,
292 uintptr_t arg4, uintptr_t arg5);
293
294 volatile kd_chudhook_fn kdebug_chudhook = 0; /* pointer to CHUD toolkit function */
295
296 __private_extern__ void stackshot_lock_init( void ) __attribute__((section("__TEXT, initcode")));
297
298 static uint8_t *type_filter_bitmap;
299
300 static void
301 kdbg_set_tracing_enabled(boolean_t enabled, uint32_t trace_type)
302 {
303 int s = ml_set_interrupts_enabled(FALSE);
304 lck_spin_lock(kds_spin_lock);
305
306 if (enabled) {
307 kdebug_enable |= trace_type;
308 kd_ctrl_page.kdebug_slowcheck &= ~SLOW_NOLOG;
309 kd_ctrl_page.enabled = 1;
310 } else {
311 kdebug_enable &= ~(KDEBUG_ENABLE_TRACE|KDEBUG_ENABLE_PPT);
312 kd_ctrl_page.kdebug_slowcheck |= SLOW_NOLOG;
313 kd_ctrl_page.enabled = 0;
314 }
315 lck_spin_unlock(kds_spin_lock);
316 ml_set_interrupts_enabled(s);
317 }
318
319 static void
320 kdbg_set_flags(int slowflag, int enableflag, boolean_t enabled)
321 {
322 int s = ml_set_interrupts_enabled(FALSE);
323 lck_spin_lock(kds_spin_lock);
324
325 if (enabled) {
326 kd_ctrl_page.kdebug_slowcheck |= slowflag;
327 kdebug_enable |= enableflag;
328 } else {
329 kd_ctrl_page.kdebug_slowcheck &= ~slowflag;
330 kdebug_enable &= ~enableflag;
331 }
332 lck_spin_unlock(kds_spin_lock);
333 ml_set_interrupts_enabled(s);
334 }
335
336
337 #ifdef NATIVE_TRACE_FACILITY
338 void
339 disable_wrap(uint32_t *old_slowcheck, uint32_t *old_flags)
340 {
341 int s = ml_set_interrupts_enabled(FALSE);
342 lck_spin_lock(kds_spin_lock);
343
344 *old_slowcheck = kd_ctrl_page.kdebug_slowcheck;
345 *old_flags = kd_ctrl_page.kdebug_flags;
346
347 kd_ctrl_page.kdebug_flags &= ~KDBG_WRAPPED;
348 kd_ctrl_page.kdebug_flags |= KDBG_NOWRAP;
349
350 lck_spin_unlock(kds_spin_lock);
351 ml_set_interrupts_enabled(s);
352 }
353
354 void
355 enable_wrap(uint32_t old_slowcheck, boolean_t lostevents)
356 {
357 int s = ml_set_interrupts_enabled(FALSE);
358 lck_spin_lock(kds_spin_lock);
359
360 kd_ctrl_page.kdebug_flags &= ~KDBG_NOWRAP;
361
362 if ( !(old_slowcheck & SLOW_NOLOG))
363 kd_ctrl_page.kdebug_slowcheck &= ~SLOW_NOLOG;
364
365 if (lostevents == TRUE)
366 kd_ctrl_page.kdebug_flags |= KDBG_WRAPPED;
367
368 lck_spin_unlock(kds_spin_lock);
369 ml_set_interrupts_enabled(s);
370 }
371
372 void trace_set_timebases(__unused uint64_t tsc, __unused uint64_t ns)
373 {
374 }
375 #else
376 /* Begin functions that are defined twice */
377 void trace_set_timebases(uint64_t tsc, uint64_t ns)
378 {
379 int cpu = cpu_number();
380 kd_ctrl_page.cpu_timebase[cpu].tsc_base = tsc;
381 kd_ctrl_page.cpu_timebase[cpu].ns_base = ns;
382 }
383
384 #endif
385
386 static int
387 #if defined(__i386__) || defined(__x86_64__)
388 create_buffers(boolean_t early_trace)
389 #else
390 create_buffers(__unused boolean_t early_trace)
391 #endif
392 {
393 int i;
394 int p_buffer_size;
395 int f_buffer_size;
396 int f_buffers;
397 int error = 0;
398
399 /*
400 * get the number of cpus and cache it
401 */
402 #if defined(__i386__) || defined(__x86_64__)
403 if (early_trace == TRUE) {
404 /*
405 * we've started tracing before the
406 * IOKit has even started running... just
407 * use the static max value
408 */
409 kd_cpus = max_ncpus;
410 } else
411 #endif
412 {
413 host_basic_info_data_t hinfo;
414 mach_msg_type_number_t count = HOST_BASIC_INFO_COUNT;
415
416 #define BSD_HOST 1
417 host_info((host_t)BSD_HOST, HOST_BASIC_INFO, (host_info_t)&hinfo, &count);
418 kd_cpus = hinfo.logical_cpu_max;
419 }
420 if (kmem_alloc(kernel_map, (vm_offset_t *)&kdbip, sizeof(struct kd_bufinfo) * kd_cpus) != KERN_SUCCESS) {
421 error = ENOSPC;
422 goto out;
423 }
424
425 trace_handler_map_bufinfo((uintptr_t)kdbip, sizeof(struct kd_bufinfo) * kd_cpus);
426
427 #if !defined(NATIVE_TRACE_FACILITY)
428 for(i=0;i<(int)kd_cpus;i++) {
429 get_nanotime_timebases(i,
430 &kd_ctrl_page.cpu_timebase[i].tsc_base,
431 &kd_ctrl_page.cpu_timebase[i].ns_base);
432 }
433 #endif
434
435 if (nkdbufs < (kd_cpus * EVENTS_PER_STORAGE_UNIT * MIN_STORAGE_UNITS_PER_CPU))
436 n_storage_units = kd_cpus * MIN_STORAGE_UNITS_PER_CPU;
437 else
438 n_storage_units = nkdbufs / EVENTS_PER_STORAGE_UNIT;
439
440 nkdbufs = n_storage_units * EVENTS_PER_STORAGE_UNIT;
441
442 f_buffers = n_storage_units / N_STORAGE_UNITS_PER_BUFFER;
443 n_storage_buffers = f_buffers;
444
445 f_buffer_size = N_STORAGE_UNITS_PER_BUFFER * sizeof(struct kd_storage);
446 p_buffer_size = (n_storage_units % N_STORAGE_UNITS_PER_BUFFER) * sizeof(struct kd_storage);
447
448 if (p_buffer_size)
449 n_storage_buffers++;
450
451 kd_bufs = NULL;
452
453 if (kdcopybuf == 0) {
454 if (kmem_alloc(kernel_map, (vm_offset_t *)&kdcopybuf, (vm_size_t)KDCOPYBUF_SIZE) != KERN_SUCCESS) {
455 error = ENOSPC;
456 goto out;
457 }
458 }
459 if (kmem_alloc(kernel_map, (vm_offset_t *)&kd_bufs, (vm_size_t)(n_storage_buffers * sizeof(struct kd_storage_buffers))) != KERN_SUCCESS) {
460 error = ENOSPC;
461 goto out;
462 }
463 bzero(kd_bufs, n_storage_buffers * sizeof(struct kd_storage_buffers));
464
465 for (i = 0; i < f_buffers; i++) {
466 if (kmem_alloc(kernel_map, (vm_offset_t *)&kd_bufs[i].kdsb_addr, (vm_size_t)f_buffer_size) != KERN_SUCCESS) {
467 error = ENOSPC;
468 goto out;
469 }
470 bzero(kd_bufs[i].kdsb_addr, f_buffer_size);
471
472 kd_bufs[i].kdsb_size = f_buffer_size;
473 }
474 if (p_buffer_size) {
475 if (kmem_alloc(kernel_map, (vm_offset_t *)&kd_bufs[i].kdsb_addr, (vm_size_t)p_buffer_size) != KERN_SUCCESS) {
476 error = ENOSPC;
477 goto out;
478 }
479 bzero(kd_bufs[i].kdsb_addr, p_buffer_size);
480
481 kd_bufs[i].kdsb_size = p_buffer_size;
482 }
483 n_storage_units = 0;
484
485 for (i = 0; i < n_storage_buffers; i++) {
486 struct kd_storage *kds;
487 int n_elements;
488 int n;
489
490 n_elements = kd_bufs[i].kdsb_size / sizeof(struct kd_storage);
491 kds = kd_bufs[i].kdsb_addr;
492
493 trace_handler_map_buffer(i, (uintptr_t)kd_bufs[i].kdsb_addr, kd_bufs[i].kdsb_size);
494
495 for (n = 0; n < n_elements; n++) {
496 kds[n].kds_next.buffer_index = kd_ctrl_page.kds_free_list.buffer_index;
497 kds[n].kds_next.offset = kd_ctrl_page.kds_free_list.offset;
498
499 kd_ctrl_page.kds_free_list.buffer_index = i;
500 kd_ctrl_page.kds_free_list.offset = n;
501 }
502 n_storage_units += n_elements;
503 }
504
505 bzero((char *)kdbip, sizeof(struct kd_bufinfo) * kd_cpus);
506
507 for (i = 0; i < (int)kd_cpus; i++) {
508 kdbip[i].kd_list_head.raw = KDS_PTR_NULL;
509 kdbip[i].kd_list_tail.raw = KDS_PTR_NULL;
510 kdbip[i].kd_lostevents = FALSE;
511 kdbip[i].num_bufs = 0;
512 }
513
514 kd_ctrl_page.kdebug_flags |= KDBG_BUFINIT;
515
516 kd_ctrl_page.kds_inuse_count = 0;
517 n_storage_threshold = n_storage_units / 2;
518 out:
519 if (error)
520 delete_buffers();
521
522 return(error);
523 }
524
525
526 static void
527 delete_buffers(void)
528 {
529 int i;
530
531 if (kd_bufs) {
532 for (i = 0; i < n_storage_buffers; i++) {
533 if (kd_bufs[i].kdsb_addr) {
534 kmem_free(kernel_map, (vm_offset_t)kd_bufs[i].kdsb_addr, (vm_size_t)kd_bufs[i].kdsb_size);
535 trace_handler_unmap_buffer(i);
536 }
537 }
538 kmem_free(kernel_map, (vm_offset_t)kd_bufs, (vm_size_t)(n_storage_buffers * sizeof(struct kd_storage_buffers)));
539
540 kd_bufs = NULL;
541 n_storage_buffers = 0;
542 }
543 if (kdcopybuf) {
544 kmem_free(kernel_map, (vm_offset_t)kdcopybuf, KDCOPYBUF_SIZE);
545
546 kdcopybuf = NULL;
547 }
548 kd_ctrl_page.kds_free_list.raw = KDS_PTR_NULL;
549
550 if (kdbip) {
551 trace_handler_unmap_bufinfo();
552
553 kmem_free(kernel_map, (vm_offset_t)kdbip, sizeof(struct kd_bufinfo) * kd_cpus);
554
555 kdbip = NULL;
556 }
557 kd_ctrl_page.kdebug_flags &= ~KDBG_BUFINIT;
558 }
559
560
561 #ifdef NATIVE_TRACE_FACILITY
562 void
563 release_storage_unit(int cpu, uint32_t kdsp_raw)
564 {
565 int s = 0;
566 struct kd_storage *kdsp_actual;
567 struct kd_bufinfo *kdbp;
568 union kds_ptr kdsp;
569
570 kdsp.raw = kdsp_raw;
571
572 s = ml_set_interrupts_enabled(FALSE);
573 lck_spin_lock(kds_spin_lock);
574
575 kdbp = &kdbip[cpu];
576
577 if (kdsp.raw == kdbp->kd_list_head.raw) {
578 /*
579 * it's possible for the storage unit pointed to
580 * by kdsp to have already been stolen... so
581 * check to see if it's still the head of the list
582 * now that we're behind the lock that protects
583 * adding and removing from the queue...
584 * since we only ever release and steal units from
585 * that position, if it's no longer the head
586 * we having nothing to do in this context
587 */
588 kdsp_actual = POINTER_FROM_KDS_PTR(kdsp);
589 kdbp->kd_list_head = kdsp_actual->kds_next;
590
591 kdsp_actual->kds_next = kd_ctrl_page.kds_free_list;
592 kd_ctrl_page.kds_free_list = kdsp;
593
594 kd_ctrl_page.kds_inuse_count--;
595 }
596 lck_spin_unlock(kds_spin_lock);
597 ml_set_interrupts_enabled(s);
598 }
599
600
601 boolean_t
602 allocate_storage_unit(int cpu)
603 {
604 union kds_ptr kdsp;
605 struct kd_storage *kdsp_actual, *kdsp_next_actual;
606 struct kd_bufinfo *kdbp, *kdbp_vict, *kdbp_try;
607 uint64_t oldest_ts, ts;
608 boolean_t retval = TRUE;
609 int s = 0;
610
611 s = ml_set_interrupts_enabled(FALSE);
612 lck_spin_lock(kds_spin_lock);
613
614 kdbp = &kdbip[cpu];
615
616 /* If someone beat us to the allocate, return success */
617 if (kdbp->kd_list_tail.raw != KDS_PTR_NULL) {
618 kdsp_actual = POINTER_FROM_KDS_PTR(kdbp->kd_list_tail);
619
620 if (kdsp_actual->kds_bufindx < EVENTS_PER_STORAGE_UNIT)
621 goto out;
622 }
623
624 if ((kdsp = kd_ctrl_page.kds_free_list).raw != KDS_PTR_NULL) {
625 kdsp_actual = POINTER_FROM_KDS_PTR(kdsp);
626 kd_ctrl_page.kds_free_list = kdsp_actual->kds_next;
627
628 kd_ctrl_page.kds_inuse_count++;
629 } else {
630 if (kd_ctrl_page.kdebug_flags & KDBG_NOWRAP) {
631 kd_ctrl_page.kdebug_slowcheck |= SLOW_NOLOG;
632 kdbp->kd_lostevents = TRUE;
633 retval = FALSE;
634 goto out;
635 }
636 kdbp_vict = NULL;
637 oldest_ts = (uint64_t)-1;
638
639 for (kdbp_try = &kdbip[0]; kdbp_try < &kdbip[kd_cpus]; kdbp_try++) {
640
641 if (kdbp_try->kd_list_head.raw == KDS_PTR_NULL) {
642 /*
643 * no storage unit to steal
644 */
645 continue;
646 }
647
648 kdsp_actual = POINTER_FROM_KDS_PTR(kdbp_try->kd_list_head);
649
650 if (kdsp_actual->kds_bufcnt < EVENTS_PER_STORAGE_UNIT) {
651 /*
652 * make sure we don't steal the storage unit
653 * being actively recorded to... need to
654 * move on because we don't want an out-of-order
655 * set of events showing up later
656 */
657 continue;
658 }
659 ts = kdbg_get_timestamp(&kdsp_actual->kds_records[0]);
660
661 if (ts < oldest_ts) {
662 /*
663 * when 'wrapping', we want to steal the
664 * storage unit that has the 'earliest' time
665 * associated with it (first event time)
666 */
667 oldest_ts = ts;
668 kdbp_vict = kdbp_try;
669 }
670 }
671 if (kdbp_vict == NULL) {
672 kdebug_enable = 0;
673 kd_ctrl_page.enabled = 0;
674 retval = FALSE;
675 goto out;
676 }
677 kdsp = kdbp_vict->kd_list_head;
678 kdsp_actual = POINTER_FROM_KDS_PTR(kdsp);
679 kdbp_vict->kd_list_head = kdsp_actual->kds_next;
680
681 if (kdbp_vict->kd_list_head.raw != KDS_PTR_NULL) {
682 kdsp_next_actual = POINTER_FROM_KDS_PTR(kdbp_vict->kd_list_head);
683 kdsp_next_actual->kds_lostevents = TRUE;
684 } else
685 kdbp_vict->kd_lostevents = TRUE;
686
687 kd_ctrl_page.kdebug_flags |= KDBG_WRAPPED;
688 }
689 kdsp_actual->kds_timestamp = mach_absolute_time();
690 kdsp_actual->kds_next.raw = KDS_PTR_NULL;
691 kdsp_actual->kds_bufcnt = 0;
692 kdsp_actual->kds_readlast = 0;
693
694 kdsp_actual->kds_lostevents = kdbp->kd_lostevents;
695 kdbp->kd_lostevents = FALSE;
696 kdsp_actual->kds_bufindx = 0;
697
698 if (kdbp->kd_list_head.raw == KDS_PTR_NULL)
699 kdbp->kd_list_head = kdsp;
700 else
701 POINTER_FROM_KDS_PTR(kdbp->kd_list_tail)->kds_next = kdsp;
702 kdbp->kd_list_tail = kdsp;
703 out:
704 lck_spin_unlock(kds_spin_lock);
705 ml_set_interrupts_enabled(s);
706
707 return (retval);
708 }
709 #endif
710
711 void
712 kernel_debug_internal(
713 uint32_t debugid,
714 uintptr_t arg1,
715 uintptr_t arg2,
716 uintptr_t arg3,
717 uintptr_t arg4,
718 uintptr_t arg5,
719 int entropy_flag);
720
721 __attribute__((always_inline)) void
722 kernel_debug_internal(
723 uint32_t debugid,
724 uintptr_t arg1,
725 uintptr_t arg2,
726 uintptr_t arg3,
727 uintptr_t arg4,
728 uintptr_t arg5,
729 int entropy_flag)
730 {
731 struct proc *curproc;
732 uint64_t now;
733 uint32_t bindx;
734 boolean_t s;
735 kd_buf *kd;
736 int cpu;
737 struct kd_bufinfo *kdbp;
738 struct kd_storage *kdsp_actual;
739 union kds_ptr kds_raw;
740
741
742
743 if (kd_ctrl_page.kdebug_slowcheck) {
744
745 if (kdebug_enable & KDEBUG_ENABLE_CHUD) {
746 kd_chudhook_fn chudhook;
747 /*
748 * Mask interrupts to minimize the interval across
749 * which the driver providing the hook could be
750 * unloaded.
751 */
752 s = ml_set_interrupts_enabled(FALSE);
753 chudhook = kdebug_chudhook;
754 if (chudhook)
755 chudhook(debugid, arg1, arg2, arg3, arg4, arg5);
756 ml_set_interrupts_enabled(s);
757 }
758 if ((kdebug_enable & KDEBUG_ENABLE_ENTROPY) && entropy_flag) {
759
760 now = mach_absolute_time();
761
762 s = ml_set_interrupts_enabled(FALSE);
763 lck_spin_lock(kds_spin_lock);
764
765 if (kdebug_enable & KDEBUG_ENABLE_ENTROPY) {
766
767 if (kd_entropy_indx < kd_entropy_count) {
768 kd_entropy_buffer[kd_entropy_indx] = now;
769 kd_entropy_indx++;
770 }
771 if (kd_entropy_indx == kd_entropy_count) {
772 /*
773 * Disable entropy collection
774 */
775 kdebug_enable &= ~KDEBUG_ENABLE_ENTROPY;
776 kd_ctrl_page.kdebug_slowcheck &= ~SLOW_ENTROPY;
777 }
778 }
779 lck_spin_unlock(kds_spin_lock);
780 ml_set_interrupts_enabled(s);
781 }
782 if ( (kd_ctrl_page.kdebug_slowcheck & SLOW_NOLOG) || !(kdebug_enable & (KDEBUG_ENABLE_TRACE|KDEBUG_ENABLE_PPT)))
783 goto out1;
784
785 if ( !ml_at_interrupt_context()) {
786 if (kd_ctrl_page.kdebug_flags & KDBG_PIDCHECK) {
787 /*
788 * If kdebug flag is not set for current proc, return
789 */
790 curproc = current_proc();
791
792 if ((curproc && !(curproc->p_kdebug)) &&
793 ((debugid & 0xffff0000) != (MACHDBG_CODE(DBG_MACH_SCHED, 0) | DBG_FUNC_NONE)) &&
794 (debugid >> 24 != DBG_TRACE))
795 goto out1;
796 }
797 else if (kd_ctrl_page.kdebug_flags & KDBG_PIDEXCLUDE) {
798 /*
799 * If kdebug flag is set for current proc, return
800 */
801 curproc = current_proc();
802
803 if ((curproc && curproc->p_kdebug) &&
804 ((debugid & 0xffff0000) != (MACHDBG_CODE(DBG_MACH_SCHED, 0) | DBG_FUNC_NONE)) &&
805 (debugid >> 24 != DBG_TRACE))
806 goto out1;
807 }
808 }
809
810 if (kd_ctrl_page.kdebug_flags & KDBG_TYPEFILTER_CHECK) {
811 /* Always record trace system info */
812 if (EXTRACT_CLASS(debugid) == DBG_TRACE)
813 goto record_event;
814
815 if (isset(type_filter_bitmap, EXTRACT_CSC(debugid)))
816 goto record_event;
817 goto out1;
818 }
819 else if (kd_ctrl_page.kdebug_flags & KDBG_RANGECHECK) {
820 if ((debugid >= kdlog_beg && debugid <= kdlog_end) || (debugid >> 24) == DBG_TRACE)
821 goto record_event;
822 if (kdlog_sched_events && (debugid & 0xffff0000) == (MACHDBG_CODE(DBG_MACH_SCHED, 0) | DBG_FUNC_NONE))
823 goto record_event;
824 goto out1;
825 }
826 else if (kd_ctrl_page.kdebug_flags & KDBG_VALCHECK) {
827 if ((debugid & DBG_FUNC_MASK) != kdlog_value1 &&
828 (debugid & DBG_FUNC_MASK) != kdlog_value2 &&
829 (debugid & DBG_FUNC_MASK) != kdlog_value3 &&
830 (debugid & DBG_FUNC_MASK) != kdlog_value4 &&
831 (debugid >> 24 != DBG_TRACE))
832 goto out1;
833 }
834 }
835 record_event:
836 disable_preemption();
837 cpu = cpu_number();
838 kdbp = &kdbip[cpu];
839 retry_q:
840 kds_raw = kdbp->kd_list_tail;
841
842 if (kds_raw.raw != KDS_PTR_NULL) {
843 kdsp_actual = POINTER_FROM_KDS_PTR(kds_raw);
844 bindx = kdsp_actual->kds_bufindx;
845 } else
846 kdsp_actual = NULL;
847
848 if (kdsp_actual == NULL || bindx >= EVENTS_PER_STORAGE_UNIT) {
849 if (allocate_storage_unit(cpu) == FALSE) {
850 /*
851 * this can only happen if wrapping
852 * has been disabled
853 */
854 goto out;
855 }
856 goto retry_q;
857 }
858 now = mach_absolute_time() & KDBG_TIMESTAMP_MASK;
859
860 if ( !OSCompareAndSwap(bindx, bindx + 1, &kdsp_actual->kds_bufindx))
861 goto retry_q;
862
863 kd = &kdsp_actual->kds_records[bindx];
864
865 kd->debugid = debugid;
866 kd->arg1 = arg1;
867 kd->arg2 = arg2;
868 kd->arg3 = arg3;
869 kd->arg4 = arg4;
870 kd->arg5 = arg5;
871
872 kdbg_set_timestamp_and_cpu(kd, now, cpu);
873
874 OSAddAtomic(1, &kdsp_actual->kds_bufcnt);
875 out:
876 enable_preemption();
877 out1:
878 if ((kds_waiter && kd_ctrl_page.kds_inuse_count >= n_storage_threshold) ||
879 (kde_waiter && kd_entropy_indx >= kd_entropy_count)) {
880 uint32_t etype;
881 uint32_t stype;
882
883 etype = debugid & DBG_FUNC_MASK;
884 stype = debugid & DBG_SCALL_MASK;
885
886 if (etype == INTERRUPT || etype == MACH_vmfault ||
887 stype == BSC_SysCall || stype == MACH_SysCall) {
888
889 boolean_t need_kds_wakeup = FALSE;
890 boolean_t need_kde_wakeup = FALSE;
891
892 /*
893 * try to take the lock here to synchronize with the
894 * waiter entering the blocked state... use the try
895 * mode to prevent deadlocks caused by re-entering this
896 * routine due to various trace points triggered in the
897 * lck_spin_sleep_xxxx routines used to actually enter
898 * one of our 2 wait conditions... no problem if we fail,
899 * there will be lots of additional events coming in that
900 * will eventually succeed in grabbing this lock
901 */
902 s = ml_set_interrupts_enabled(FALSE);
903
904 if (lck_spin_try_lock(kdw_spin_lock)) {
905
906 if (kds_waiter && kd_ctrl_page.kds_inuse_count >= n_storage_threshold) {
907 kds_waiter = 0;
908 need_kds_wakeup = TRUE;
909 }
910 if (kde_waiter && kd_entropy_indx >= kd_entropy_count) {
911 kde_waiter = 0;
912 need_kde_wakeup = TRUE;
913 }
914 lck_spin_unlock(kdw_spin_lock);
915 }
916 ml_set_interrupts_enabled(s);
917
918 if (need_kds_wakeup == TRUE)
919 wakeup(&kds_waiter);
920 if (need_kde_wakeup == TRUE)
921 wakeup(&kde_waiter);
922 }
923 }
924 }
925
926 void
927 kernel_debug(
928 uint32_t debugid,
929 uintptr_t arg1,
930 uintptr_t arg2,
931 uintptr_t arg3,
932 uintptr_t arg4,
933 __unused uintptr_t arg5)
934 {
935 kernel_debug_internal(debugid, arg1, arg2, arg3, arg4, (uintptr_t)thread_tid(current_thread()), 1);
936 }
937
938 void
939 kernel_debug1(
940 uint32_t debugid,
941 uintptr_t arg1,
942 uintptr_t arg2,
943 uintptr_t arg3,
944 uintptr_t arg4,
945 uintptr_t arg5)
946 {
947 kernel_debug_internal(debugid, arg1, arg2, arg3, arg4, arg5, 1);
948 }
949
950 /*
951 * Support syscall SYS_kdebug_trace
952 */
953 int
954 kdebug_trace(__unused struct proc *p, struct kdebug_trace_args *uap, __unused int32_t *retval)
955 {
956 if ( __probable(kdebug_enable == 0) )
957 return(EINVAL);
958
959 kernel_debug_internal(uap->code, uap->arg1, uap->arg2, uap->arg3, uap->arg4, (uintptr_t)thread_tid(current_thread()), 0);
960
961 return(0);
962 }
963
964
965 static void
966 kdbg_lock_init(void)
967 {
968 if (kd_ctrl_page.kdebug_flags & KDBG_LOCKINIT)
969 return;
970
971 trace_handler_map_ctrl_page((uintptr_t)&kd_ctrl_page, sizeof(kd_ctrl_page), sizeof(struct kd_storage), sizeof(union kds_ptr));
972
973 /*
974 * allocate lock group attribute and group
975 */
976 kd_trace_mtx_sysctl_grp_attr = lck_grp_attr_alloc_init();
977 kd_trace_mtx_sysctl_grp = lck_grp_alloc_init("kdebug", kd_trace_mtx_sysctl_grp_attr);
978
979 /*
980 * allocate the lock attribute
981 */
982 kd_trace_mtx_sysctl_attr = lck_attr_alloc_init();
983
984
985 /*
986 * allocate and initialize mutex's
987 */
988 kd_trace_mtx_sysctl = lck_mtx_alloc_init(kd_trace_mtx_sysctl_grp, kd_trace_mtx_sysctl_attr);
989 kds_spin_lock = lck_spin_alloc_init(kd_trace_mtx_sysctl_grp, kd_trace_mtx_sysctl_attr);
990 kdw_spin_lock = lck_spin_alloc_init(kd_trace_mtx_sysctl_grp, kd_trace_mtx_sysctl_attr);
991
992 kd_ctrl_page.kdebug_flags |= KDBG_LOCKINIT;
993 }
994
995
996 int
997 kdbg_bootstrap(boolean_t early_trace)
998 {
999 kd_ctrl_page.kdebug_flags &= ~KDBG_WRAPPED;
1000
1001 return (create_buffers(early_trace));
1002 }
1003
1004 int
1005 kdbg_reinit(boolean_t early_trace)
1006 {
1007 int ret = 0;
1008
1009 /*
1010 * Disable trace collecting
1011 * First make sure we're not in
1012 * the middle of cutting a trace
1013 */
1014 kdbg_set_tracing_enabled(FALSE, KDEBUG_ENABLE_TRACE);
1015
1016 /*
1017 * make sure the SLOW_NOLOG is seen
1018 * by everyone that might be trying
1019 * to cut a trace..
1020 */
1021 IOSleep(100);
1022
1023 delete_buffers();
1024
1025 if ((kd_ctrl_page.kdebug_flags & KDBG_MAPINIT) && kd_mapsize && kd_mapptr) {
1026 kmem_free(kernel_map, (vm_offset_t)kd_mapptr, kd_mapsize);
1027 kd_ctrl_page.kdebug_flags &= ~KDBG_MAPINIT;
1028 kd_mapsize = 0;
1029 kd_mapptr = (kd_threadmap *) 0;
1030 kd_mapcount = 0;
1031 }
1032 ret = kdbg_bootstrap(early_trace);
1033
1034 RAW_file_offset = 0;
1035 RAW_file_written = 0;
1036
1037 return(ret);
1038 }
1039
1040 void
1041 kdbg_trace_data(struct proc *proc, long *arg_pid)
1042 {
1043 if (!proc)
1044 *arg_pid = 0;
1045 else
1046 *arg_pid = proc->p_pid;
1047 }
1048
1049
1050 void
1051 kdbg_trace_string(struct proc *proc, long *arg1, long *arg2, long *arg3, long *arg4)
1052 {
1053 char *dbg_nameptr;
1054 int dbg_namelen;
1055 long dbg_parms[4];
1056
1057 if (!proc) {
1058 *arg1 = 0;
1059 *arg2 = 0;
1060 *arg3 = 0;
1061 *arg4 = 0;
1062 return;
1063 }
1064 /*
1065 * Collect the pathname for tracing
1066 */
1067 dbg_nameptr = proc->p_comm;
1068 dbg_namelen = (int)strlen(proc->p_comm);
1069 dbg_parms[0]=0L;
1070 dbg_parms[1]=0L;
1071 dbg_parms[2]=0L;
1072 dbg_parms[3]=0L;
1073
1074 if(dbg_namelen > (int)sizeof(dbg_parms))
1075 dbg_namelen = (int)sizeof(dbg_parms);
1076
1077 strncpy((char *)dbg_parms, dbg_nameptr, dbg_namelen);
1078
1079 *arg1=dbg_parms[0];
1080 *arg2=dbg_parms[1];
1081 *arg3=dbg_parms[2];
1082 *arg4=dbg_parms[3];
1083 }
1084
1085 static void
1086 kdbg_resolve_map(thread_t th_act, void *opaque)
1087 {
1088 kd_threadmap *mapptr;
1089 krt_t *t = (krt_t *)opaque;
1090
1091 if (t->count < t->maxcount) {
1092 mapptr = &t->map[t->count];
1093 mapptr->thread = (uintptr_t)thread_tid(th_act);
1094
1095 (void) strlcpy (mapptr->command, t->atts->task_comm,
1096 sizeof(t->atts->task_comm));
1097 /*
1098 * Some kernel threads have no associated pid.
1099 * We still need to mark the entry as valid.
1100 */
1101 if (t->atts->pid)
1102 mapptr->valid = t->atts->pid;
1103 else
1104 mapptr->valid = 1;
1105
1106 t->count++;
1107 }
1108 }
1109
1110 void
1111 kdbg_mapinit(void)
1112 {
1113 struct proc *p;
1114 struct krt akrt;
1115 int tts_count; /* number of task-to-string structures */
1116 struct tts *tts_mapptr;
1117 unsigned int tts_mapsize = 0;
1118 vm_offset_t tts_maptomem=0;
1119 int i;
1120
1121 if (kd_ctrl_page.kdebug_flags & KDBG_MAPINIT)
1122 return;
1123
1124 /*
1125 * need to use PROC_SCANPROCLIST with proc_iterate
1126 */
1127 proc_list_lock();
1128
1129 /*
1130 * Calculate the sizes of map buffers
1131 */
1132 for (p = allproc.lh_first, kd_mapcount=0, tts_count=0; p; p = p->p_list.le_next) {
1133 kd_mapcount += get_task_numacts((task_t)p->task);
1134 tts_count++;
1135 }
1136 proc_list_unlock();
1137
1138 /*
1139 * The proc count could change during buffer allocation,
1140 * so introduce a small fudge factor to bump up the
1141 * buffer sizes. This gives new tasks some chance of
1142 * making into the tables. Bump up by 10%.
1143 */
1144 kd_mapcount += kd_mapcount/10;
1145 tts_count += tts_count/10;
1146
1147 kd_mapsize = kd_mapcount * sizeof(kd_threadmap);
1148
1149 if ((kmem_alloc(kernel_map, & kd_maptomem, (vm_size_t)kd_mapsize) == KERN_SUCCESS)) {
1150 kd_mapptr = (kd_threadmap *) kd_maptomem;
1151 bzero(kd_mapptr, kd_mapsize);
1152 } else
1153 kd_mapptr = (kd_threadmap *) 0;
1154
1155 tts_mapsize = tts_count * sizeof(struct tts);
1156
1157 if ((kmem_alloc(kernel_map, & tts_maptomem, (vm_size_t)tts_mapsize) == KERN_SUCCESS)) {
1158 tts_mapptr = (struct tts *) tts_maptomem;
1159 bzero(tts_mapptr, tts_mapsize);
1160 } else
1161 tts_mapptr = (struct tts *) 0;
1162
1163 /*
1164 * We need to save the procs command string
1165 * and take a reference for each task associated
1166 * with a valid process
1167 */
1168 if (tts_mapptr) {
1169 /*
1170 * should use proc_iterate
1171 */
1172 proc_list_lock();
1173
1174 for (p = allproc.lh_first, i=0; p && i < tts_count; p = p->p_list.le_next) {
1175 if (p->p_lflag & P_LEXIT)
1176 continue;
1177
1178 if (p->task) {
1179 task_reference(p->task);
1180 tts_mapptr[i].task = p->task;
1181 tts_mapptr[i].pid = p->p_pid;
1182 (void)strlcpy(tts_mapptr[i].task_comm, p->p_comm, sizeof(tts_mapptr[i].task_comm));
1183 i++;
1184 }
1185 }
1186 tts_count = i;
1187
1188 proc_list_unlock();
1189 }
1190
1191 if (kd_mapptr && tts_mapptr) {
1192 kd_ctrl_page.kdebug_flags |= KDBG_MAPINIT;
1193
1194 /*
1195 * Initialize thread map data
1196 */
1197 akrt.map = kd_mapptr;
1198 akrt.count = 0;
1199 akrt.maxcount = kd_mapcount;
1200
1201 for (i = 0; i < tts_count; i++) {
1202 akrt.atts = &tts_mapptr[i];
1203 task_act_iterate_wth_args(tts_mapptr[i].task, kdbg_resolve_map, &akrt);
1204 task_deallocate((task_t) tts_mapptr[i].task);
1205 }
1206 kmem_free(kernel_map, (vm_offset_t)tts_mapptr, tts_mapsize);
1207 }
1208 }
1209
1210 static void
1211 kdbg_clear(void)
1212 {
1213 /*
1214 * Clean up the trace buffer
1215 * First make sure we're not in
1216 * the middle of cutting a trace
1217 */
1218 kdbg_set_tracing_enabled(FALSE, KDEBUG_ENABLE_TRACE);
1219
1220 /*
1221 * make sure the SLOW_NOLOG is seen
1222 * by everyone that might be trying
1223 * to cut a trace..
1224 */
1225 IOSleep(100);
1226
1227 kdlog_sched_events = 0;
1228 global_state_pid = -1;
1229 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
1230 kd_ctrl_page.kdebug_flags &= ~(KDBG_NOWRAP | KDBG_RANGECHECK | KDBG_VALCHECK);
1231 kd_ctrl_page.kdebug_flags &= ~(KDBG_PIDCHECK | KDBG_PIDEXCLUDE);
1232
1233 kdbg_disable_typefilter();
1234
1235 delete_buffers();
1236 nkdbufs = 0;
1237
1238 /* Clean up the thread map buffer */
1239 kd_ctrl_page.kdebug_flags &= ~KDBG_MAPINIT;
1240 if (kd_mapptr) {
1241 kmem_free(kernel_map, (vm_offset_t)kd_mapptr, kd_mapsize);
1242 kd_mapptr = (kd_threadmap *) 0;
1243 }
1244 kd_mapsize = 0;
1245 kd_mapcount = 0;
1246
1247 RAW_file_offset = 0;
1248 RAW_file_written = 0;
1249 }
1250
1251 int
1252 kdbg_setpid(kd_regtype *kdr)
1253 {
1254 pid_t pid;
1255 int flag, ret=0;
1256 struct proc *p;
1257
1258 pid = (pid_t)kdr->value1;
1259 flag = (int)kdr->value2;
1260
1261 if (pid > 0) {
1262 if ((p = proc_find(pid)) == NULL)
1263 ret = ESRCH;
1264 else {
1265 if (flag == 1) {
1266 /*
1267 * turn on pid check for this and all pids
1268 */
1269 kd_ctrl_page.kdebug_flags |= KDBG_PIDCHECK;
1270 kd_ctrl_page.kdebug_flags &= ~KDBG_PIDEXCLUDE;
1271 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
1272
1273 p->p_kdebug = 1;
1274 } else {
1275 /*
1276 * turn off pid check for this pid value
1277 * Don't turn off all pid checking though
1278 *
1279 * kd_ctrl_page.kdebug_flags &= ~KDBG_PIDCHECK;
1280 */
1281 p->p_kdebug = 0;
1282 }
1283 proc_rele(p);
1284 }
1285 }
1286 else
1287 ret = EINVAL;
1288
1289 return(ret);
1290 }
1291
1292 /* This is for pid exclusion in the trace buffer */
1293 int
1294 kdbg_setpidex(kd_regtype *kdr)
1295 {
1296 pid_t pid;
1297 int flag, ret=0;
1298 struct proc *p;
1299
1300 pid = (pid_t)kdr->value1;
1301 flag = (int)kdr->value2;
1302
1303 if (pid > 0) {
1304 if ((p = proc_find(pid)) == NULL)
1305 ret = ESRCH;
1306 else {
1307 if (flag == 1) {
1308 /*
1309 * turn on pid exclusion
1310 */
1311 kd_ctrl_page.kdebug_flags |= KDBG_PIDEXCLUDE;
1312 kd_ctrl_page.kdebug_flags &= ~KDBG_PIDCHECK;
1313 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
1314
1315 p->p_kdebug = 1;
1316 }
1317 else {
1318 /*
1319 * turn off pid exclusion for this pid value
1320 * Don't turn off all pid exclusion though
1321 *
1322 * kd_ctrl_page.kdebug_flags &= ~KDBG_PIDEXCLUDE;
1323 */
1324 p->p_kdebug = 0;
1325 }
1326 proc_rele(p);
1327 }
1328 } else
1329 ret = EINVAL;
1330
1331 return(ret);
1332 }
1333
1334
1335 /*
1336 * This is for setting a maximum decrementer value
1337 */
1338 int
1339 kdbg_setrtcdec(kd_regtype *kdr)
1340 {
1341 int ret = 0;
1342 natural_t decval;
1343
1344 decval = (natural_t)kdr->value1;
1345
1346 if (decval && decval < KDBG_MINRTCDEC)
1347 ret = EINVAL;
1348 else
1349 ret = ENOTSUP;
1350
1351 return(ret);
1352 }
1353
1354 int
1355 kdbg_enable_typefilter(void)
1356 {
1357 if (kd_ctrl_page.kdebug_flags & KDBG_TYPEFILTER_CHECK) {
1358 /* free the old filter */
1359 kdbg_disable_typefilter();
1360 }
1361
1362 if (kmem_alloc(kernel_map, (vm_offset_t *)&type_filter_bitmap, KDBG_TYPEFILTER_BITMAP_SIZE) != KERN_SUCCESS) {
1363 return ENOSPC;
1364 }
1365
1366 bzero(type_filter_bitmap, KDBG_TYPEFILTER_BITMAP_SIZE);
1367
1368 /* Turn off range and value checks */
1369 kd_ctrl_page.kdebug_flags &= ~(KDBG_RANGECHECK | KDBG_VALCHECK);
1370
1371 /* Enable filter checking */
1372 kd_ctrl_page.kdebug_flags |= KDBG_TYPEFILTER_CHECK;
1373 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
1374 return 0;
1375 }
1376
1377 int
1378 kdbg_disable_typefilter(void)
1379 {
1380 /* Disable filter checking */
1381 kd_ctrl_page.kdebug_flags &= ~KDBG_TYPEFILTER_CHECK;
1382
1383 /* Turn off slow checks unless pid checks are using them */
1384 if ( (kd_ctrl_page.kdebug_flags & (KDBG_PIDCHECK | KDBG_PIDEXCLUDE)) )
1385 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
1386 else
1387 kdbg_set_flags(SLOW_CHECKS, 0, FALSE);
1388
1389 if(type_filter_bitmap == NULL)
1390 return 0;
1391
1392 vm_offset_t old_bitmap = (vm_offset_t)type_filter_bitmap;
1393 type_filter_bitmap = NULL;
1394
1395 kmem_free(kernel_map, old_bitmap, KDBG_TYPEFILTER_BITMAP_SIZE);
1396 return 0;
1397 }
1398
1399 int
1400 kdbg_setreg(kd_regtype * kdr)
1401 {
1402 int ret=0;
1403 unsigned int val_1, val_2, val;
1404
1405 kdlog_sched_events = 0;
1406
1407 switch (kdr->type) {
1408
1409 case KDBG_CLASSTYPE :
1410 val_1 = (kdr->value1 & 0xff);
1411 val_2 = (kdr->value2 & 0xff);
1412
1413 if (val_1 == DBG_FSYSTEM && val_2 == (DBG_FSYSTEM + 1))
1414 kdlog_sched_events = 1;
1415
1416 kdlog_beg = (val_1<<24);
1417 kdlog_end = (val_2<<24);
1418 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
1419 kd_ctrl_page.kdebug_flags &= ~KDBG_VALCHECK; /* Turn off specific value check */
1420 kd_ctrl_page.kdebug_flags |= (KDBG_RANGECHECK | KDBG_CLASSTYPE);
1421 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
1422 break;
1423 case KDBG_SUBCLSTYPE :
1424 val_1 = (kdr->value1 & 0xff);
1425 val_2 = (kdr->value2 & 0xff);
1426 val = val_2 + 1;
1427 kdlog_beg = ((val_1<<24) | (val_2 << 16));
1428 kdlog_end = ((val_1<<24) | (val << 16));
1429 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
1430 kd_ctrl_page.kdebug_flags &= ~KDBG_VALCHECK; /* Turn off specific value check */
1431 kd_ctrl_page.kdebug_flags |= (KDBG_RANGECHECK | KDBG_SUBCLSTYPE);
1432 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
1433 break;
1434 case KDBG_RANGETYPE :
1435 kdlog_beg = (kdr->value1);
1436 kdlog_end = (kdr->value2);
1437 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
1438 kd_ctrl_page.kdebug_flags &= ~KDBG_VALCHECK; /* Turn off specific value check */
1439 kd_ctrl_page.kdebug_flags |= (KDBG_RANGECHECK | KDBG_RANGETYPE);
1440 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
1441 break;
1442 case KDBG_VALCHECK:
1443 kdlog_value1 = (kdr->value1);
1444 kdlog_value2 = (kdr->value2);
1445 kdlog_value3 = (kdr->value3);
1446 kdlog_value4 = (kdr->value4);
1447 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
1448 kd_ctrl_page.kdebug_flags &= ~KDBG_RANGECHECK; /* Turn off range check */
1449 kd_ctrl_page.kdebug_flags |= KDBG_VALCHECK; /* Turn on specific value check */
1450 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
1451 break;
1452 case KDBG_TYPENONE :
1453 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
1454
1455 if ( (kd_ctrl_page.kdebug_flags & (KDBG_RANGECHECK | KDBG_VALCHECK |
1456 KDBG_PIDCHECK | KDBG_PIDEXCLUDE |
1457 KDBG_TYPEFILTER_CHECK)) )
1458 kdbg_set_flags(SLOW_CHECKS, 0, TRUE);
1459 else
1460 kdbg_set_flags(SLOW_CHECKS, 0, FALSE);
1461
1462 kdlog_beg = 0;
1463 kdlog_end = 0;
1464 break;
1465 default :
1466 ret = EINVAL;
1467 break;
1468 }
1469 return(ret);
1470 }
1471
1472 int
1473 kdbg_getreg(__unused kd_regtype * kdr)
1474 {
1475 #if 0
1476 int i,j, ret=0;
1477 unsigned int val_1, val_2, val;
1478
1479 switch (kdr->type) {
1480 case KDBG_CLASSTYPE :
1481 val_1 = (kdr->value1 & 0xff);
1482 val_2 = val_1 + 1;
1483 kdlog_beg = (val_1<<24);
1484 kdlog_end = (val_2<<24);
1485 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
1486 kd_ctrl_page.kdebug_flags |= (KDBG_RANGECHECK | KDBG_CLASSTYPE);
1487 break;
1488 case KDBG_SUBCLSTYPE :
1489 val_1 = (kdr->value1 & 0xff);
1490 val_2 = (kdr->value2 & 0xff);
1491 val = val_2 + 1;
1492 kdlog_beg = ((val_1<<24) | (val_2 << 16));
1493 kdlog_end = ((val_1<<24) | (val << 16));
1494 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
1495 kd_ctrl_page.kdebug_flags |= (KDBG_RANGECHECK | KDBG_SUBCLSTYPE);
1496 break;
1497 case KDBG_RANGETYPE :
1498 kdlog_beg = (kdr->value1);
1499 kdlog_end = (kdr->value2);
1500 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
1501 kd_ctrl_page.kdebug_flags |= (KDBG_RANGECHECK | KDBG_RANGETYPE);
1502 break;
1503 case KDBG_TYPENONE :
1504 kd_ctrl_page.kdebug_flags &= (unsigned int)~KDBG_CKTYPES;
1505 kdlog_beg = 0;
1506 kdlog_end = 0;
1507 break;
1508 default :
1509 ret = EINVAL;
1510 break;
1511 }
1512 #endif /* 0 */
1513 return(EINVAL);
1514 }
1515
1516
1517 int
1518 kdbg_readmap(user_addr_t buffer, size_t *number, vnode_t vp, vfs_context_t ctx)
1519 {
1520 int avail = *number;
1521 int ret = 0;
1522 uint32_t count = 0;
1523
1524 count = avail/sizeof (kd_threadmap);
1525
1526 if (count && (count <= kd_mapcount))
1527 {
1528 if ((kd_ctrl_page.kdebug_flags & KDBG_MAPINIT) && kd_mapsize && kd_mapptr)
1529 {
1530 if (*number < kd_mapsize)
1531 ret = EINVAL;
1532 else
1533 {
1534 if (vp)
1535 {
1536 RAW_header header;
1537 clock_sec_t secs;
1538 clock_usec_t usecs;
1539 char *pad_buf;
1540 int pad_size;
1541
1542 header.version_no = RAW_VERSION1;
1543 header.thread_count = count;
1544
1545 clock_get_calendar_microtime(&secs, &usecs);
1546 header.TOD_secs = secs;
1547 header.TOD_usecs = usecs;
1548
1549 ret = vn_rdwr(UIO_WRITE, vp, (caddr_t)&header, sizeof(RAW_header), RAW_file_offset,
1550 UIO_SYSSPACE, IO_NODELOCKED|IO_UNIT, vfs_context_ucred(ctx), (int *) 0, vfs_context_proc(ctx));
1551 if (ret)
1552 goto write_error;
1553 RAW_file_offset += sizeof(RAW_header);
1554
1555 ret = vn_rdwr(UIO_WRITE, vp, (caddr_t)kd_mapptr, kd_mapsize, RAW_file_offset,
1556 UIO_SYSSPACE, IO_NODELOCKED|IO_UNIT, vfs_context_ucred(ctx), (int *) 0, vfs_context_proc(ctx));
1557 if (ret)
1558 goto write_error;
1559 RAW_file_offset += kd_mapsize;
1560
1561 pad_size = PAGE_SIZE - (RAW_file_offset & PAGE_MASK_64);
1562
1563 if (pad_size)
1564 {
1565 pad_buf = (char *)kalloc(pad_size);
1566 memset(pad_buf, 0, pad_size);
1567
1568 ret = vn_rdwr(UIO_WRITE, vp, (caddr_t)pad_buf, pad_size, RAW_file_offset,
1569 UIO_SYSSPACE, IO_NODELOCKED|IO_UNIT, vfs_context_ucred(ctx), (int *) 0, vfs_context_proc(ctx));
1570 kfree(pad_buf, pad_size);
1571
1572 if (ret)
1573 goto write_error;
1574 RAW_file_offset += pad_size;
1575 }
1576 RAW_file_written += sizeof(RAW_header) + kd_mapsize + pad_size;
1577
1578 } else {
1579 if (copyout(kd_mapptr, buffer, kd_mapsize))
1580 ret = EINVAL;
1581 }
1582 }
1583 }
1584 else
1585 ret = EINVAL;
1586 }
1587 else
1588 ret = EINVAL;
1589
1590 if (ret && vp)
1591 {
1592 count = 0;
1593
1594 vn_rdwr(UIO_WRITE, vp, (caddr_t)&count, sizeof(uint32_t), RAW_file_offset,
1595 UIO_SYSSPACE, IO_NODELOCKED|IO_UNIT, vfs_context_ucred(ctx), (int *) 0, vfs_context_proc(ctx));
1596 RAW_file_offset += sizeof(uint32_t);
1597 RAW_file_written += sizeof(uint32_t);
1598 }
1599 write_error:
1600 if ((kd_ctrl_page.kdebug_flags & KDBG_MAPINIT) && kd_mapsize && kd_mapptr)
1601 {
1602 kmem_free(kernel_map, (vm_offset_t)kd_mapptr, kd_mapsize);
1603 kd_ctrl_page.kdebug_flags &= ~KDBG_MAPINIT;
1604 kd_mapsize = 0;
1605 kd_mapptr = (kd_threadmap *) 0;
1606 kd_mapcount = 0;
1607 }
1608 return(ret);
1609 }
1610
1611 int
1612 kdbg_getentropy (user_addr_t buffer, size_t *number, int ms_timeout)
1613 {
1614 int avail = *number;
1615 int ret = 0;
1616 int s;
1617 u_int64_t abstime;
1618 u_int64_t ns;
1619 int wait_result = THREAD_AWAKENED;
1620
1621
1622 if (kd_entropy_buffer)
1623 return(EBUSY);
1624
1625 if (ms_timeout < 0)
1626 return(EINVAL);
1627
1628 kd_entropy_count = avail/sizeof(uint64_t);
1629
1630 if (kd_entropy_count > MAX_ENTROPY_COUNT || kd_entropy_count == 0) {
1631 /*
1632 * Enforce maximum entropy entries
1633 */
1634 return(EINVAL);
1635 }
1636 kd_entropy_bufsize = kd_entropy_count * sizeof(uint64_t);
1637
1638 /*
1639 * allocate entropy buffer
1640 */
1641 if (kmem_alloc(kernel_map, &kd_entropy_buftomem, (vm_size_t)kd_entropy_bufsize) == KERN_SUCCESS) {
1642 kd_entropy_buffer = (uint64_t *) kd_entropy_buftomem;
1643 } else {
1644 kd_entropy_buffer = (uint64_t *) 0;
1645 kd_entropy_count = 0;
1646
1647 return (ENOMEM);
1648 }
1649 kd_entropy_indx = 0;
1650
1651 KERNEL_DEBUG_CONSTANT(0xbbbbf000 | DBG_FUNC_START, ms_timeout, kd_entropy_count, 0, 0, 0);
1652
1653 /*
1654 * Enable entropy sampling
1655 */
1656 kdbg_set_flags(SLOW_ENTROPY, KDEBUG_ENABLE_ENTROPY, TRUE);
1657
1658 if (ms_timeout) {
1659 ns = (u_int64_t)ms_timeout * (u_int64_t)(1000 * 1000);
1660 nanoseconds_to_absolutetime(ns, &abstime );
1661 clock_absolutetime_interval_to_deadline( abstime, &abstime );
1662 } else
1663 abstime = 0;
1664
1665 s = ml_set_interrupts_enabled(FALSE);
1666 lck_spin_lock(kdw_spin_lock);
1667
1668 while (wait_result == THREAD_AWAKENED && kd_entropy_indx < kd_entropy_count) {
1669
1670 kde_waiter = 1;
1671
1672 if (abstime) {
1673 /*
1674 * wait for the specified timeout or
1675 * until we've hit our sample limit
1676 */
1677 wait_result = lck_spin_sleep_deadline(kdw_spin_lock, 0, &kde_waiter, THREAD_ABORTSAFE, abstime);
1678 } else {
1679 /*
1680 * wait until we've hit our sample limit
1681 */
1682 wait_result = lck_spin_sleep(kdw_spin_lock, 0, &kde_waiter, THREAD_ABORTSAFE);
1683 }
1684 kde_waiter = 0;
1685 }
1686 lck_spin_unlock(kdw_spin_lock);
1687 ml_set_interrupts_enabled(s);
1688
1689 /*
1690 * Disable entropy sampling
1691 */
1692 kdbg_set_flags(SLOW_ENTROPY, KDEBUG_ENABLE_ENTROPY, FALSE);
1693
1694 KERNEL_DEBUG_CONSTANT(0xbbbbf000 | DBG_FUNC_END, ms_timeout, kd_entropy_indx, 0, 0, 0);
1695
1696 *number = 0;
1697 ret = 0;
1698
1699 if (kd_entropy_indx > 0) {
1700 /*
1701 * copyout the buffer
1702 */
1703 if (copyout(kd_entropy_buffer, buffer, kd_entropy_indx * sizeof(uint64_t)))
1704 ret = EINVAL;
1705 else
1706 *number = kd_entropy_indx * sizeof(uint64_t);
1707 }
1708 /*
1709 * Always cleanup
1710 */
1711 kd_entropy_count = 0;
1712 kd_entropy_indx = 0;
1713 kd_entropy_buftomem = 0;
1714 kmem_free(kernel_map, (vm_offset_t)kd_entropy_buffer, kd_entropy_bufsize);
1715 kd_entropy_buffer = (uint64_t *) 0;
1716
1717 return(ret);
1718 }
1719
1720
1721 static int
1722 kdbg_set_nkdbufs(unsigned int value)
1723 {
1724 /*
1725 * We allow a maximum buffer size of 50% of either ram or max mapped address, whichever is smaller
1726 * 'value' is the desired number of trace entries
1727 */
1728 unsigned int max_entries = (sane_size/2) / sizeof(kd_buf);
1729
1730 if (value <= max_entries)
1731 return (value);
1732 else
1733 return (max_entries);
1734 }
1735
1736
1737 static void
1738 kdbg_enable_bg_trace(void)
1739 {
1740 if (kdlog_bg_trace == TRUE && kdlog_bg_trace_running == FALSE && n_storage_buffers == 0) {
1741 nkdbufs = bg_nkdbufs;
1742 kdbg_reinit(FALSE);
1743 kdbg_set_tracing_enabled(TRUE, KDEBUG_ENABLE_TRACE);
1744 kdlog_bg_trace_running = TRUE;
1745 }
1746 }
1747
1748 static void
1749 kdbg_disable_bg_trace(void)
1750 {
1751 if (kdlog_bg_trace_running == TRUE) {
1752 kdlog_bg_trace_running = FALSE;
1753 kdbg_clear();
1754 }
1755 }
1756
1757
1758
1759 /*
1760 * This function is provided for the CHUD toolkit only.
1761 * int val:
1762 * zero disables kdebug_chudhook function call
1763 * non-zero enables kdebug_chudhook function call
1764 * char *fn:
1765 * address of the enabled kdebug_chudhook function
1766 */
1767
1768 void
1769 kdbg_control_chud(int val, void *fn)
1770 {
1771 kdbg_lock_init();
1772
1773 if (val) {
1774 /* enable chudhook */
1775 kdebug_chudhook = fn;
1776 kdbg_set_flags(SLOW_CHUD, KDEBUG_ENABLE_CHUD, TRUE);
1777 }
1778 else {
1779 /* disable chudhook */
1780 kdbg_set_flags(SLOW_CHUD, KDEBUG_ENABLE_CHUD, FALSE);
1781 kdebug_chudhook = 0;
1782 }
1783 }
1784
1785
1786 int
1787 kdbg_control(int *name, u_int namelen, user_addr_t where, size_t *sizep)
1788 {
1789 int ret = 0;
1790 size_t size = *sizep;
1791 unsigned int value = 0;
1792 kd_regtype kd_Reg;
1793 kbufinfo_t kd_bufinfo;
1794 pid_t curpid;
1795 proc_t p, curproc;
1796
1797 if (name[0] == KERN_KDGETENTROPY ||
1798 name[0] == KERN_KDWRITETR ||
1799 name[0] == KERN_KDWRITEMAP ||
1800 name[0] == KERN_KDEFLAGS ||
1801 name[0] == KERN_KDDFLAGS ||
1802 name[0] == KERN_KDENABLE ||
1803 name[0] == KERN_KDENABLE_BG_TRACE ||
1804 name[0] == KERN_KDSETBUF) {
1805
1806 if ( namelen < 2 )
1807 return(EINVAL);
1808 value = name[1];
1809 }
1810
1811 kdbg_lock_init();
1812
1813 if ( !(kd_ctrl_page.kdebug_flags & KDBG_LOCKINIT))
1814 return(ENOSPC);
1815
1816 lck_mtx_lock(kd_trace_mtx_sysctl);
1817
1818 switch(name[0]) {
1819
1820 case KERN_KDGETBUF:
1821 /*
1822 * Does not alter the global_state_pid
1823 * This is a passive request.
1824 */
1825 if (size < sizeof(kd_bufinfo.nkdbufs)) {
1826 /*
1827 * There is not enough room to return even
1828 * the first element of the info structure.
1829 */
1830 ret = EINVAL;
1831 goto out;
1832 }
1833 kd_bufinfo.nkdbufs = nkdbufs;
1834 kd_bufinfo.nkdthreads = kd_mapsize / sizeof(kd_threadmap);
1835
1836 if ( (kd_ctrl_page.kdebug_slowcheck & SLOW_NOLOG) )
1837 kd_bufinfo.nolog = 1;
1838 else
1839 kd_bufinfo.nolog = 0;
1840
1841 kd_bufinfo.flags = kd_ctrl_page.kdebug_flags;
1842 #if defined(__LP64__)
1843 kd_bufinfo.flags |= KDBG_LP64;
1844 #endif
1845 kd_bufinfo.bufid = global_state_pid;
1846
1847 if (size >= sizeof(kd_bufinfo)) {
1848 /*
1849 * Provide all the info we have
1850 */
1851 if (copyout(&kd_bufinfo, where, sizeof(kd_bufinfo)))
1852 ret = EINVAL;
1853 } else {
1854 /*
1855 * For backwards compatibility, only provide
1856 * as much info as there is room for.
1857 */
1858 if (copyout(&kd_bufinfo, where, size))
1859 ret = EINVAL;
1860 }
1861 goto out;
1862 break;
1863
1864 case KERN_KDGETENTROPY:
1865 if (kd_entropy_buffer)
1866 ret = EBUSY;
1867 else
1868 ret = kdbg_getentropy(where, sizep, value);
1869 goto out;
1870 break;
1871
1872 case KERN_KDENABLE_BG_TRACE:
1873 bg_nkdbufs = kdbg_set_nkdbufs(value);
1874 kdlog_bg_trace = TRUE;
1875 kdbg_enable_bg_trace();
1876 goto out;
1877 break;
1878
1879 case KERN_KDDISABLE_BG_TRACE:
1880 kdlog_bg_trace = FALSE;
1881 kdbg_disable_bg_trace();
1882 goto out;
1883 break;
1884 }
1885
1886 if ((curproc = current_proc()) != NULL)
1887 curpid = curproc->p_pid;
1888 else {
1889 ret = ESRCH;
1890 goto out;
1891 }
1892 if (global_state_pid == -1)
1893 global_state_pid = curpid;
1894 else if (global_state_pid != curpid) {
1895 if ((p = proc_find(global_state_pid)) == NULL) {
1896 /*
1897 * The global pid no longer exists
1898 */
1899 global_state_pid = curpid;
1900 } else {
1901 /*
1902 * The global pid exists, deny this request
1903 */
1904 proc_rele(p);
1905
1906 ret = EBUSY;
1907 goto out;
1908 }
1909 }
1910
1911 switch(name[0]) {
1912 case KERN_KDEFLAGS:
1913 kdbg_disable_bg_trace();
1914
1915 value &= KDBG_USERFLAGS;
1916 kd_ctrl_page.kdebug_flags |= value;
1917 break;
1918 case KERN_KDDFLAGS:
1919 kdbg_disable_bg_trace();
1920
1921 value &= KDBG_USERFLAGS;
1922 kd_ctrl_page.kdebug_flags &= ~value;
1923 break;
1924 case KERN_KDENABLE:
1925 /*
1926 * Enable tracing mechanism. Two types:
1927 * KDEBUG_TRACE is the standard one,
1928 * and KDEBUG_PPT which is a carefully
1929 * chosen subset to avoid performance impact.
1930 */
1931 if (value) {
1932 /*
1933 * enable only if buffer is initialized
1934 */
1935 if (!(kd_ctrl_page.kdebug_flags & KDBG_BUFINIT) ||
1936 !(value == KDEBUG_ENABLE_TRACE || value == KDEBUG_ENABLE_PPT)) {
1937 ret = EINVAL;
1938 break;
1939 }
1940 kdbg_mapinit();
1941
1942 kdbg_set_tracing_enabled(TRUE, value);
1943 }
1944 else
1945 {
1946 kdbg_set_tracing_enabled(FALSE, 0);
1947 }
1948 break;
1949 case KERN_KDSETBUF:
1950 kdbg_disable_bg_trace();
1951
1952 nkdbufs = kdbg_set_nkdbufs(value);
1953 break;
1954 case KERN_KDSETUP:
1955 kdbg_disable_bg_trace();
1956
1957 ret = kdbg_reinit(FALSE);
1958 break;
1959 case KERN_KDREMOVE:
1960 kdbg_clear();
1961 kdbg_enable_bg_trace();
1962 break;
1963 case KERN_KDSETREG:
1964 if(size < sizeof(kd_regtype)) {
1965 ret = EINVAL;
1966 break;
1967 }
1968 if (copyin(where, &kd_Reg, sizeof(kd_regtype))) {
1969 ret = EINVAL;
1970 break;
1971 }
1972 kdbg_disable_bg_trace();
1973
1974 ret = kdbg_setreg(&kd_Reg);
1975 break;
1976 case KERN_KDGETREG:
1977 if (size < sizeof(kd_regtype)) {
1978 ret = EINVAL;
1979 break;
1980 }
1981 ret = kdbg_getreg(&kd_Reg);
1982 if (copyout(&kd_Reg, where, sizeof(kd_regtype))) {
1983 ret = EINVAL;
1984 }
1985 kdbg_disable_bg_trace();
1986
1987 break;
1988 case KERN_KDREADTR:
1989 ret = kdbg_read(where, sizep, NULL, NULL);
1990 break;
1991 case KERN_KDWRITETR:
1992 case KERN_KDWRITEMAP:
1993 {
1994 struct vfs_context context;
1995 struct fileproc *fp;
1996 size_t number;
1997 vnode_t vp;
1998 int fd;
1999
2000 kdbg_disable_bg_trace();
2001
2002 if (name[0] == KERN_KDWRITETR) {
2003 int s;
2004 int wait_result = THREAD_AWAKENED;
2005 u_int64_t abstime;
2006 u_int64_t ns;
2007
2008 if (*sizep) {
2009 ns = ((u_int64_t)*sizep) * (u_int64_t)(1000 * 1000);
2010 nanoseconds_to_absolutetime(ns, &abstime );
2011 clock_absolutetime_interval_to_deadline( abstime, &abstime );
2012 } else
2013 abstime = 0;
2014
2015 s = ml_set_interrupts_enabled(FALSE);
2016 lck_spin_lock(kdw_spin_lock);
2017
2018 while (wait_result == THREAD_AWAKENED && kd_ctrl_page.kds_inuse_count < n_storage_threshold) {
2019
2020 kds_waiter = 1;
2021
2022 if (abstime)
2023 wait_result = lck_spin_sleep_deadline(kdw_spin_lock, 0, &kds_waiter, THREAD_ABORTSAFE, abstime);
2024 else
2025 wait_result = lck_spin_sleep(kdw_spin_lock, 0, &kds_waiter, THREAD_ABORTSAFE);
2026
2027 kds_waiter = 0;
2028 }
2029 lck_spin_unlock(kdw_spin_lock);
2030 ml_set_interrupts_enabled(s);
2031 }
2032 p = current_proc();
2033 fd = value;
2034
2035 proc_fdlock(p);
2036 if ( (ret = fp_lookup(p, fd, &fp, 1)) ) {
2037 proc_fdunlock(p);
2038 break;
2039 }
2040 context.vc_thread = current_thread();
2041 context.vc_ucred = fp->f_fglob->fg_cred;
2042
2043 if (fp->f_fglob->fg_type != DTYPE_VNODE) {
2044 fp_drop(p, fd, fp, 1);
2045 proc_fdunlock(p);
2046
2047 ret = EBADF;
2048 break;
2049 }
2050 vp = (struct vnode *)fp->f_fglob->fg_data;
2051 proc_fdunlock(p);
2052
2053 if ((ret = vnode_getwithref(vp)) == 0) {
2054
2055 if (name[0] == KERN_KDWRITETR) {
2056 number = nkdbufs * sizeof(kd_buf);
2057
2058 KERNEL_DEBUG_CONSTANT((TRACEDBG_CODE(DBG_TRACE_INFO, 3)) | DBG_FUNC_START, 0, 0, 0, 0, 0);
2059 ret = kdbg_read(0, &number, vp, &context);
2060 KERNEL_DEBUG_CONSTANT((TRACEDBG_CODE(DBG_TRACE_INFO, 3)) | DBG_FUNC_END, number, 0, 0, 0, 0);
2061
2062 *sizep = number;
2063 } else {
2064 number = kd_mapsize;
2065 kdbg_readmap(0, &number, vp, &context);
2066 }
2067 vnode_put(vp);
2068 }
2069 fp_drop(p, fd, fp, 0);
2070
2071 break;
2072 }
2073 case KERN_KDPIDTR:
2074 if (size < sizeof(kd_regtype)) {
2075 ret = EINVAL;
2076 break;
2077 }
2078 if (copyin(where, &kd_Reg, sizeof(kd_regtype))) {
2079 ret = EINVAL;
2080 break;
2081 }
2082 kdbg_disable_bg_trace();
2083
2084 ret = kdbg_setpid(&kd_Reg);
2085 break;
2086 case KERN_KDPIDEX:
2087 if (size < sizeof(kd_regtype)) {
2088 ret = EINVAL;
2089 break;
2090 }
2091 if (copyin(where, &kd_Reg, sizeof(kd_regtype))) {
2092 ret = EINVAL;
2093 break;
2094 }
2095 kdbg_disable_bg_trace();
2096
2097 ret = kdbg_setpidex(&kd_Reg);
2098 break;
2099 case KERN_KDTHRMAP:
2100 ret = kdbg_readmap(where, sizep, NULL, NULL);
2101 break;
2102 case KERN_KDSETRTCDEC:
2103 if (size < sizeof(kd_regtype)) {
2104 ret = EINVAL;
2105 break;
2106 }
2107 if (copyin(where, &kd_Reg, sizeof(kd_regtype))) {
2108 ret = EINVAL;
2109 break;
2110 }
2111 kdbg_disable_bg_trace();
2112
2113 ret = kdbg_setrtcdec(&kd_Reg);
2114 break;
2115 case KERN_KDSET_TYPEFILTER:
2116 kdbg_disable_bg_trace();
2117
2118 if ((kd_ctrl_page.kdebug_flags & KDBG_TYPEFILTER_CHECK) == 0){
2119 if ((ret = kdbg_enable_typefilter()))
2120 break;
2121 }
2122
2123 if (size != KDBG_TYPEFILTER_BITMAP_SIZE) {
2124 ret = EINVAL;
2125 break;
2126 }
2127
2128 if (copyin(where, type_filter_bitmap, KDBG_TYPEFILTER_BITMAP_SIZE)) {
2129 ret = EINVAL;
2130 break;
2131 }
2132 break;
2133 default:
2134 ret = EINVAL;
2135 }
2136 out:
2137 lck_mtx_unlock(kd_trace_mtx_sysctl);
2138
2139 return(ret);
2140 }
2141
2142
2143 /*
2144 * This code can run for the most part concurrently with kernel_debug_internal()...
2145 * 'release_storage_unit' will take the kds_spin_lock which may cause us to briefly
2146 * synchronize with the recording side of this puzzle... otherwise, we are able to
2147 * move through the lists w/o use of any locks
2148 */
2149 int
2150 kdbg_read(user_addr_t buffer, size_t *number, vnode_t vp, vfs_context_t ctx)
2151 {
2152 unsigned int count;
2153 unsigned int cpu, min_cpu;
2154 uint64_t mintime, t;
2155 int error = 0;
2156 kd_buf *tempbuf;
2157 uint32_t rcursor;
2158 kd_buf lostevent;
2159 union kds_ptr kdsp;
2160 struct kd_storage *kdsp_actual;
2161 struct kd_bufinfo *kdbp;
2162 struct kd_bufinfo *min_kdbp;
2163 uint32_t tempbuf_count;
2164 uint32_t tempbuf_number;
2165 uint32_t old_kdebug_flags;
2166 uint32_t old_kdebug_slowcheck;
2167 boolean_t lostevents = FALSE;
2168 boolean_t out_of_events = FALSE;
2169
2170 count = *number/sizeof(kd_buf);
2171 *number = 0;
2172
2173 if (count == 0 || !(kd_ctrl_page.kdebug_flags & KDBG_BUFINIT) || kdcopybuf == 0)
2174 return EINVAL;
2175
2176 memset(&lostevent, 0, sizeof(lostevent));
2177 lostevent.debugid = TRACEDBG_CODE(DBG_TRACE_INFO, 2);
2178
2179 /*
2180 * because we hold kd_trace_mtx_sysctl, no other control threads can
2181 * be playing with kdebug_flags... the code that cuts new events could
2182 * be running, but it grabs kds_spin_lock if it needs to acquire a new
2183 * storage chunk which is where it examines kdebug_flags... it its adding
2184 * to the same chunk we're reading from, no problem...
2185 */
2186
2187 disable_wrap(&old_kdebug_slowcheck, &old_kdebug_flags);
2188
2189 if (count > nkdbufs)
2190 count = nkdbufs;
2191
2192 if ((tempbuf_count = count) > KDCOPYBUF_COUNT)
2193 tempbuf_count = KDCOPYBUF_COUNT;
2194
2195 while (count) {
2196 tempbuf = kdcopybuf;
2197 tempbuf_number = 0;
2198
2199 // While space
2200 while (tempbuf_count) {
2201 mintime = 0xffffffffffffffffULL;
2202 min_kdbp = NULL;
2203 min_cpu = 0;
2204
2205 // Check all CPUs
2206 for (cpu = 0, kdbp = &kdbip[0]; cpu < kd_cpus; cpu++, kdbp++) {
2207
2208 // Find one with raw data
2209 if ((kdsp = kdbp->kd_list_head).raw == KDS_PTR_NULL)
2210 continue;
2211
2212 // Get from cpu data to buffer header to buffer
2213 kdsp_actual = POINTER_FROM_KDS_PTR(kdsp);
2214
2215 // See if there are actual data left in this buffer
2216 rcursor = kdsp_actual->kds_readlast;
2217
2218 if (rcursor == kdsp_actual->kds_bufindx)
2219 continue;
2220
2221 t = kdbg_get_timestamp(&kdsp_actual->kds_records[rcursor]);
2222
2223 if (t < kdsp_actual->kds_timestamp) {
2224 /*
2225 * indicates we've not yet completed filling
2226 * in this event...
2227 * this should only occur when we're looking
2228 * at the buf that the record head is utilizing
2229 * we'll pick these events up on the next
2230 * call to kdbg_read
2231 * we bail at this point so that we don't
2232 * get an out-of-order timestream by continuing
2233 * to read events from the other CPUs' timestream(s)
2234 */
2235 out_of_events = TRUE;
2236 break;
2237 }
2238 if (t < mintime) {
2239 mintime = t;
2240 min_kdbp = kdbp;
2241 min_cpu = cpu;
2242 }
2243 }
2244 if (min_kdbp == NULL || out_of_events == TRUE) {
2245 /*
2246 * all buffers ran empty
2247 */
2248 out_of_events = TRUE;
2249 break;
2250 }
2251
2252 // Get data
2253 kdsp = min_kdbp->kd_list_head;
2254 kdsp_actual = POINTER_FROM_KDS_PTR(kdsp);
2255
2256 if (kdsp_actual->kds_lostevents == TRUE) {
2257 kdbg_set_timestamp_and_cpu(&lostevent, kdsp_actual->kds_records[kdsp_actual->kds_readlast].timestamp, min_cpu);
2258 *tempbuf = lostevent;
2259
2260 kdsp_actual->kds_lostevents = FALSE;
2261 lostevents = TRUE;
2262
2263 goto nextevent;
2264 }
2265
2266 // Copy into buffer
2267 *tempbuf = kdsp_actual->kds_records[kdsp_actual->kds_readlast++];
2268
2269 if (kdsp_actual->kds_readlast == EVENTS_PER_STORAGE_UNIT)
2270 release_storage_unit(min_cpu, kdsp.raw);
2271
2272 /*
2273 * Watch for out of order timestamps
2274 */
2275 if (mintime < min_kdbp->kd_prev_timebase) {
2276 /*
2277 * if so, use the previous timestamp + 1 cycle
2278 */
2279 min_kdbp->kd_prev_timebase++;
2280 kdbg_set_timestamp_and_cpu(tempbuf, min_kdbp->kd_prev_timebase, kdbg_get_cpu(tempbuf));
2281 } else
2282 min_kdbp->kd_prev_timebase = mintime;
2283 nextevent:
2284 tempbuf_count--;
2285 tempbuf_number++;
2286 tempbuf++;
2287
2288 if ((RAW_file_written += sizeof(kd_buf)) >= RAW_FLUSH_SIZE)
2289 break;
2290 }
2291 if (tempbuf_number) {
2292
2293 if (vp) {
2294 error = vn_rdwr(UIO_WRITE, vp, (caddr_t)kdcopybuf, tempbuf_number * sizeof(kd_buf), RAW_file_offset,
2295 UIO_SYSSPACE, IO_NODELOCKED|IO_UNIT, vfs_context_ucred(ctx), (int *) 0, vfs_context_proc(ctx));
2296
2297 RAW_file_offset += (tempbuf_number * sizeof(kd_buf));
2298
2299 if (RAW_file_written >= RAW_FLUSH_SIZE) {
2300 cluster_push(vp, 0);
2301
2302 RAW_file_written = 0;
2303 }
2304 } else {
2305 error = copyout(kdcopybuf, buffer, tempbuf_number * sizeof(kd_buf));
2306 buffer += (tempbuf_number * sizeof(kd_buf));
2307 }
2308 if (error) {
2309 *number = 0;
2310 error = EINVAL;
2311 break;
2312 }
2313 count -= tempbuf_number;
2314 *number += tempbuf_number;
2315 }
2316 if (out_of_events == TRUE)
2317 /*
2318 * all trace buffers are empty
2319 */
2320 break;
2321
2322 if ((tempbuf_count = count) > KDCOPYBUF_COUNT)
2323 tempbuf_count = KDCOPYBUF_COUNT;
2324 }
2325 if ( !(old_kdebug_flags & KDBG_NOWRAP)) {
2326 enable_wrap(old_kdebug_slowcheck, lostevents);
2327 }
2328 return (error);
2329 }
2330
2331
2332 unsigned char *getProcName(struct proc *proc);
2333 unsigned char *getProcName(struct proc *proc) {
2334
2335 return (unsigned char *) &proc->p_comm; /* Return pointer to the proc name */
2336
2337 }
2338
2339 #define STACKSHOT_SUBSYS_LOCK() lck_mtx_lock(&stackshot_subsys_mutex)
2340 #define STACKSHOT_SUBSYS_UNLOCK() lck_mtx_unlock(&stackshot_subsys_mutex)
2341 #if defined(__i386__) || defined (__x86_64__)
2342 #define TRAP_DEBUGGER __asm__ volatile("int3");
2343 #endif
2344
2345 #define SANE_TRACEBUF_SIZE (8 * 1024 * 1024)
2346
2347 /* Initialize the mutex governing access to the stack snapshot subsystem */
2348 __private_extern__ void
2349 stackshot_lock_init( void )
2350 {
2351 stackshot_subsys_lck_grp_attr = lck_grp_attr_alloc_init();
2352
2353 stackshot_subsys_lck_grp = lck_grp_alloc_init("stackshot_subsys_lock", stackshot_subsys_lck_grp_attr);
2354
2355 stackshot_subsys_lck_attr = lck_attr_alloc_init();
2356
2357 lck_mtx_init(&stackshot_subsys_mutex, stackshot_subsys_lck_grp, stackshot_subsys_lck_attr);
2358 }
2359
2360 /*
2361 * stack_snapshot: Obtains a coherent set of stack traces for all threads
2362 * on the system, tracing both kernel and user stacks
2363 * where available. Uses machine specific trace routines
2364 * for ppc, ppc64 and x86.
2365 * Inputs: uap->pid - process id of process to be traced, or -1
2366 * for the entire system
2367 * uap->tracebuf - address of the user space destination
2368 * buffer
2369 * uap->tracebuf_size - size of the user space trace buffer
2370 * uap->options - various options, including the maximum
2371 * number of frames to trace.
2372 * Outputs: EPERM if the caller is not privileged
2373 * EINVAL if the supplied trace buffer isn't sanely sized
2374 * ENOMEM if we don't have enough memory to satisfy the
2375 * request
2376 * ENOENT if the target pid isn't found
2377 * ENOSPC if the supplied buffer is insufficient
2378 * *retval contains the number of bytes traced, if successful
2379 * and -1 otherwise. If the request failed due to
2380 * tracebuffer exhaustion, we copyout as much as possible.
2381 */
2382 int
2383 stack_snapshot(struct proc *p, register struct stack_snapshot_args *uap, int32_t *retval) {
2384 int error = 0;
2385
2386 if ((error = suser(kauth_cred_get(), &p->p_acflag)))
2387 return(error);
2388
2389 return stack_snapshot2(uap->pid, uap->tracebuf, uap->tracebuf_size,
2390 uap->flags, uap->dispatch_offset, retval);
2391 }
2392
2393 int
2394 stack_snapshot2(pid_t pid, user_addr_t tracebuf, uint32_t tracebuf_size, uint32_t flags, uint32_t dispatch_offset, int32_t *retval)
2395 {
2396 int error = 0;
2397 unsigned bytesTraced = 0;
2398 boolean_t istate;
2399
2400 *retval = -1;
2401 /* Serialize tracing */
2402 STACKSHOT_SUBSYS_LOCK();
2403
2404 if ((tracebuf_size <= 0) || (tracebuf_size > SANE_TRACEBUF_SIZE)) {
2405 error = EINVAL;
2406 goto error_exit;
2407 }
2408
2409 assert(stackshot_snapbuf == NULL);
2410 if (kmem_alloc_kobject(kernel_map, (vm_offset_t *)&stackshot_snapbuf, tracebuf_size) != KERN_SUCCESS) {
2411 error = ENOMEM;
2412 goto error_exit;
2413 }
2414
2415 if (panic_active()) {
2416 error = ENOMEM;
2417 goto error_exit;
2418 }
2419
2420 istate = ml_set_interrupts_enabled(FALSE);
2421 /* Preload trace parameters*/
2422 kdp_snapshot_preflight(pid, stackshot_snapbuf, tracebuf_size, flags, dispatch_offset);
2423
2424 /* Trap to the debugger to obtain a coherent stack snapshot; this populates
2425 * the trace buffer
2426 */
2427
2428 TRAP_DEBUGGER;
2429
2430 ml_set_interrupts_enabled(istate);
2431
2432 bytesTraced = kdp_stack_snapshot_bytes_traced();
2433
2434 if (bytesTraced > 0) {
2435 if ((error = copyout(stackshot_snapbuf, tracebuf,
2436 ((bytesTraced < tracebuf_size) ?
2437 bytesTraced : tracebuf_size))))
2438 goto error_exit;
2439 *retval = bytesTraced;
2440 }
2441 else {
2442 error = ENOENT;
2443 goto error_exit;
2444 }
2445
2446 error = kdp_stack_snapshot_geterror();
2447 if (error == -1) {
2448 error = ENOSPC;
2449 *retval = -1;
2450 goto error_exit;
2451 }
2452
2453 error_exit:
2454 if (stackshot_snapbuf != NULL)
2455 kmem_free(kernel_map, (vm_offset_t) stackshot_snapbuf, tracebuf_size);
2456 stackshot_snapbuf = NULL;
2457 STACKSHOT_SUBSYS_UNLOCK();
2458 return error;
2459 }
2460
2461 void
2462 start_kern_tracing(unsigned int new_nkdbufs, boolean_t need_map) {
2463
2464 if (!new_nkdbufs)
2465 return;
2466 nkdbufs = kdbg_set_nkdbufs(new_nkdbufs);
2467 kdbg_lock_init();
2468 kdbg_reinit(TRUE);
2469 if (need_map == TRUE)
2470 kdbg_mapinit();
2471 kdbg_set_tracing_enabled(TRUE, KDEBUG_ENABLE_TRACE);
2472
2473 #if defined(__i386__) || defined(__x86_64__)
2474 uint64_t now = mach_absolute_time();
2475
2476 KERNEL_DEBUG_CONSTANT((TRACEDBG_CODE(DBG_TRACE_INFO, 1)) | DBG_FUNC_NONE,
2477 (uint32_t)(tsc_rebase_abs_time >> 32), (uint32_t)tsc_rebase_abs_time,
2478 (uint32_t)(now >> 32), (uint32_t)now,
2479 0);
2480 #endif
2481 printf("kernel tracing started\n");
2482 }
2483
2484 void
2485 kdbg_dump_trace_to_file(const char *filename)
2486 {
2487 vfs_context_t ctx;
2488 vnode_t vp;
2489 int error;
2490 size_t number;
2491
2492
2493 if ( !(kdebug_enable & KDEBUG_ENABLE_TRACE))
2494 return;
2495
2496 if (global_state_pid != -1) {
2497 if ((proc_find(global_state_pid)) != NULL) {
2498 /*
2499 * The global pid exists, we're running
2500 * due to fs_usage, latency, etc...
2501 * don't cut the panic/shutdown trace file
2502 */
2503 return;
2504 }
2505 }
2506 KERNEL_DEBUG_CONSTANT((TRACEDBG_CODE(DBG_TRACE_INFO, 0)) | DBG_FUNC_NONE, 0, 0, 0, 0, 0);
2507
2508 kdebug_enable = 0;
2509 kd_ctrl_page.enabled = 0;
2510
2511 ctx = vfs_context_kernel();
2512
2513 if ((error = vnode_open(filename, (O_CREAT | FWRITE | O_NOFOLLOW), 0600, 0, &vp, ctx)))
2514 return;
2515
2516 number = kd_mapsize;
2517 kdbg_readmap(0, &number, vp, ctx);
2518
2519 number = nkdbufs*sizeof(kd_buf);
2520 kdbg_read(0, &number, vp, ctx);
2521
2522 vnode_close(vp, FWRITE, ctx);
2523
2524 sync(current_proc(), (void *)NULL, (int *)NULL);
2525 }
2526
2527 /* Helper function for filling in the BSD name for an address space
2528 * Defined here because the machine bindings know only Mach threads
2529 * and nothing about BSD processes.
2530 *
2531 * FIXME: need to grab a lock during this?
2532 */
2533 void kdbg_get_task_name(char* name_buf, int len, task_t task)
2534 {
2535 proc_t proc;
2536
2537 /* Note: we can't use thread->task (and functions that rely on it) here
2538 * because it hasn't been initialized yet when this function is called.
2539 * We use the explicitly-passed task parameter instead.
2540 */
2541 proc = get_bsdtask_info(task);
2542 if (proc != PROC_NULL)
2543 snprintf(name_buf, len, "%s/%d", proc->p_comm, proc->p_pid);
2544 else
2545 snprintf(name_buf, len, "%p [!bsd]", task);
2546 }
2547
2548
2549
2550 #if defined(NATIVE_TRACE_FACILITY)
2551 void trace_handler_map_ctrl_page(__unused uintptr_t addr, __unused size_t ctrl_page_size, __unused size_t storage_size, __unused size_t kds_ptr_size)
2552 {
2553 }
2554 void trace_handler_map_bufinfo(__unused uintptr_t addr, __unused size_t size)
2555 {
2556 }
2557 void trace_handler_unmap_bufinfo(void)
2558 {
2559 }
2560 void trace_handler_map_buffer(__unused int index, __unused uintptr_t addr, __unused size_t size)
2561 {
2562 }
2563 void trace_handler_unmap_buffer(__unused int index)
2564 {
2565 }
2566 #endif
mirror of XNU