1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * @(#)ktrace.h 8.1 (Berkeley) 6/2/93 30 * $FreeBSD: stable/9/sys/sys/ktrace.h 237719 2012-06-28 18:38:24Z jhb $ 31 */ 32 33 #ifndef _SYS_KTRACE_H_ 34 #define _SYS_KTRACE_H_ 35 36 /* 37 * operations to ktrace system call (KTROP(op)) 38 */ 39 #define KTROP_SET 0 /* set trace points */ 40 #define KTROP_CLEAR 1 /* clear trace points */ 41 #define KTROP_CLEARFILE 2 /* stop all tracing to file */ 42 #define KTROP(o) ((o)&3) /* macro to extract operation */ 43 /* 44 * flags (ORed in with operation) 45 */ 46 #define KTRFLAG_DESCEND 4 /* perform op on all children too */ 47 48 /* 49 * ktrace record header 50 */ 51 struct ktr_header { 52 int ktr_len; /* length of buf */ 53 short ktr_type; /* trace record type */ 54 pid_t ktr_pid; /* process id */ 55 char ktr_comm[MAXCOMLEN + 1];/* command name */ 56 struct timeval ktr_time; /* timestamp */ 57 intptr_t ktr_tid; /* was ktr_buffer */ 58 }; 59 60 /* 61 * Test for kernel trace point (MP SAFE). 62 * 63 * KTRCHECK() just checks that the type is enabled and is only for 64 * internal use in the ktrace subsystem. KTRPOINT() checks against 65 * ktrace recursion as well as checking that the type is enabled and 66 * is the public interface. 67 */ 68 #define KTRCHECK(td, type) ((td)->td_proc->p_traceflag & (1 << type)) 69 #define KTRPOINT(td, type) \ 70 (KTRCHECK((td), (type)) && !((td)->td_pflags & TDP_INKTRACE)) 71 #define KTRCHECKDRAIN(td) (!(STAILQ_EMPTY(&(td)->td_proc->p_ktr))) 72 #define KTRUSERRET(td) do { \ 73 if (KTRCHECKDRAIN(td)) \ 74 ktruserret(td); \ 75 } while (0) 76 77 /* 78 * ktrace record types 79 */ 80 81 /* 82 * KTR_SYSCALL - system call record 83 */ 84 #define KTR_SYSCALL 1 85 struct ktr_syscall { 86 short ktr_code; /* syscall number */ 87 short ktr_narg; /* number of arguments */ 88 /* 89 * followed by ktr_narg register_t 90 */ 91 register_t ktr_args[1]; 92 }; 93 94 /* 95 * KTR_SYSRET - return from system call record 96 */ 97 #define KTR_SYSRET 2 98 struct ktr_sysret { 99 short ktr_code; 100 short ktr_eosys; 101 int ktr_error; 102 register_t ktr_retval; 103 }; 104 105 /* 106 * KTR_NAMEI - namei record 107 */ 108 #define KTR_NAMEI 3 109 /* record contains pathname */ 110 111 /* 112 * KTR_GENIO - trace generic process i/o 113 */ 114 #define KTR_GENIO 4 115 struct ktr_genio { 116 int ktr_fd; 117 enum uio_rw ktr_rw; 118 /* 119 * followed by data successfully read/written 120 */ 121 }; 122 123 /* 124 * KTR_PSIG - trace processed signal 125 */ 126 #define KTR_PSIG 5 127 struct ktr_psig { 128 int signo; 129 sig_t action; 130 int code; 131 sigset_t mask; 132 }; 133 134 /* 135 * KTR_CSW - trace context switches 136 */ 137 #define KTR_CSW 6 138 struct ktr_csw_old { 139 int out; /* 1 if switch out, 0 if switch in */ 140 int user; /* 1 if usermode (ivcsw), 0 if kernel (vcsw) */ 141 }; 142 143 struct ktr_csw { 144 int out; /* 1 if switch out, 0 if switch in */ 145 int user; /* 1 if usermode (ivcsw), 0 if kernel (vcsw) */ 146 char wmesg[8]; 147 }; 148 149 /* 150 * KTR_USER - data coming from userland 151 */ 152 #define KTR_USER_MAXLEN 2048 /* maximum length of passed data */ 153 #define KTR_USER 7 154 155 /* 156 * KTR_STRUCT - misc. structs 157 */ 158 #define KTR_STRUCT 8 159 /* 160 * record contains null-terminated struct name followed by 161 * struct contents 162 */ 163 struct sockaddr; 164 struct stat; 165 struct sysentvec; 166 167 /* 168 * KTR_SYSCTL - name of a sysctl MIB 169 */ 170 #define KTR_SYSCTL 9 171 /* record contains null-terminated MIB name */ 172 173 /* 174 * KTR_PROCCTOR - trace process creation (multiple ABI support) 175 */ 176 #define KTR_PROCCTOR 10 177 struct ktr_proc_ctor { 178 u_int sv_flags; /* struct sysentvec sv_flags copy */ 179 }; 180 181 /* 182 * KTR_PROCDTOR - trace process destruction (multiple ABI support) 183 */ 184 #define KTR_PROCDTOR 11 185 186 /* 187 * KTR_FAULT - page fault record 188 */ 189 #define KTR_FAULT 13 190 struct ktr_fault { 191 vm_offset_t vaddr; 192 int type; 193 }; 194 195 /* 196 * KTR_FAULTEND - end of page fault record 197 */ 198 #define KTR_FAULTEND 14 199 struct ktr_faultend { 200 int result; 201 }; 202 203 /* 204 * KTR_DROP - If this bit is set in ktr_type, then at least one event 205 * between the previous record and this record was dropped. 206 */ 207 #define KTR_DROP 0x8000 208 209 /* 210 * kernel trace points (in p_traceflag) 211 */ 212 #define KTRFAC_MASK 0x00ffffff 213 #define KTRFAC_SYSCALL (1<<KTR_SYSCALL) 214 #define KTRFAC_SYSRET (1<<KTR_SYSRET) 215 #define KTRFAC_NAMEI (1<<KTR_NAMEI) 216 #define KTRFAC_GENIO (1<<KTR_GENIO) 217 #define KTRFAC_PSIG (1<<KTR_PSIG) 218 #define KTRFAC_CSW (1<<KTR_CSW) 219 #define KTRFAC_USER (1<<KTR_USER) 220 #define KTRFAC_STRUCT (1<<KTR_STRUCT) 221 #define KTRFAC_SYSCTL (1<<KTR_SYSCTL) 222 #define KTRFAC_PROCCTOR (1<<KTR_PROCCTOR) 223 #define KTRFAC_PROCDTOR (1<<KTR_PROCDTOR) 224 #define KTRFAC_FAULT (1<<KTR_FAULT) 225 #define KTRFAC_FAULTEND (1<<KTR_FAULTEND) 226 227 /* 228 * trace flags (also in p_traceflags) 229 */ 230 #define KTRFAC_ROOT 0x80000000 /* root set this trace */ 231 #define KTRFAC_INHERIT 0x40000000 /* pass trace flags to children */ 232 #define KTRFAC_DROP 0x20000000 /* last event was dropped */ 233 234 #ifdef _KERNEL 235 void ktrnamei(char *); 236 void ktrcsw(int, int, const char *); 237 void ktrpsig(int, sig_t, sigset_t *, int); 238 void ktrfault(vm_offset_t, int); 239 void ktrfaultend(int); 240 void ktrgenio(int, enum uio_rw, struct uio *, int); 241 void ktrsyscall(int, int narg, register_t args[]); 242 void ktrsysctl(int *name, u_int namelen); 243 void ktrsysret(int, int, register_t); 244 void ktrprocctor(struct proc *); 245 void ktrprocexec(struct proc *, struct ucred **, struct vnode **); 246 void ktrprocexit(struct thread *); 247 void ktrprocfork(struct proc *, struct proc *); 248 void ktruserret(struct thread *); 249 void ktrstruct(const char *, void *, size_t); 250 #define ktrsockaddr(s) \ 251 ktrstruct("sockaddr", (s), ((struct sockaddr *)(s))->sa_len) 252 #define ktrstat(s) \ 253 ktrstruct("stat", (s), sizeof(struct stat)) 254 255 #else 256 257 #include <sys/cdefs.h> 258 259 __BEGIN_DECLS 260 int ktrace(const char *, int, int, pid_t); 261 int utrace(const void *, size_t); 262 __END_DECLS 263 264 #endif 265 266 #endif 267