1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (c) 2009 Robert N. M. Watson
5 * Copyright (c) 2009 Bjoern A. Zeeb <bz@FreeBSD.org>
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 */
29
30 #include <sys/cdefs.h>
31 #include <sys/param.h>
32
33 #define _WANT_PRISON
34 #define _WANT_UCRED
35 #define _WANT_VNET
36
37 #include <sys/_lock.h>
38 #include <sys/_mutex.h>
39 #include <sys/_task.h>
40 #include <sys/jail.h>
41 #include <sys/proc.h>
42 #include <sys/types.h>
43
44 #include <stdbool.h>
45 #include <net/vnet.h>
46
47 #include <kvm.h>
48 #include <limits.h>
49 #include <stdlib.h>
50 #include <unistd.h>
51
52 #include "kvm_private.h"
53
54 /*
55 * Set up libkvm to handle virtual network stack symbols by selecting a
56 * starting pid.
57 */
58 int
_kvm_vnet_selectpid(kvm_t * kd,pid_t pid)59 _kvm_vnet_selectpid(kvm_t *kd, pid_t pid)
60 {
61 struct proc proc;
62 struct ucred cred;
63 struct prison prison;
64 struct vnet vnet;
65 struct kvm_nlist nl[] = {
66 /*
67 * Note: kvm_nlist strips the first '_' so add an extra one
68 * here to __{start,stop}_set_vnet.
69 */
70 #define NLIST_START_VNET 0
71 { .n_name = "___start_" VNET_SETNAME },
72 #define NLIST_STOP_VNET 1
73 { .n_name = "___stop_" VNET_SETNAME },
74 #define NLIST_VNET_HEAD 2
75 { .n_name = "vnet_head" },
76 #define NLIST_ALLPROC 3
77 { .n_name = "allproc" },
78 #define NLIST_DUMPTID 4
79 { .n_name = "dumptid" },
80 #define NLIST_PROC0 5
81 { .n_name = "proc0" },
82 { .n_name = NULL },
83 };
84 uintptr_t procp, credp;
85 #define VMCORE_VNET_OF_PROC0
86 #ifndef VMCORE_VNET_OF_PROC0
87 struct thread td;
88 uintptr_t tdp;
89 #endif
90 lwpid_t dumptid;
91
92 /*
93 * XXX: This only works for native kernels for now.
94 */
95 if (!kvm_native(kd))
96 return (-1);
97
98 /*
99 * Locate and cache locations of important symbols
100 * using the internal version of _kvm_nlist, turning
101 * off initialization to avoid recursion in case of
102 * unresolveable symbols.
103 */
104 if (_kvm_nlist(kd, nl, 0) != 0) {
105 /*
106 * XXX-BZ: ___start_/___stop_VNET_SETNAME may fail.
107 * For now do not report an error here as we are called
108 * internally and in `void context' until we merge the
109 * functionality to optionally activate this into programs.
110 * By that time we can properly fail and let the callers
111 * handle the error.
112 */
113 /* _kvm_err(kd, kd->program, "%s: no namelist", __func__); */
114 return (-1);
115 }
116
117 /*
118 * Auto-detect if this is a crashdump by reading dumptid.
119 */
120 dumptid = 0;
121 if (nl[NLIST_DUMPTID].n_value) {
122 if (kvm_read(kd, nl[NLIST_DUMPTID].n_value, &dumptid,
123 sizeof(dumptid)) != sizeof(dumptid)) {
124 _kvm_err(kd, kd->program, "%s: dumptid", __func__);
125 return (-1);
126 }
127 }
128
129 /*
130 * First, find the process for this pid. If we are working on a
131 * dump, either locate the thread dumptid is referring to or proc0.
132 * Based on either, take the address of the ucred.
133 */
134 credp = 0;
135
136 procp = nl[NLIST_ALLPROC].n_value;
137 #ifdef VMCORE_VNET_OF_PROC0
138 if (dumptid > 0) {
139 procp = nl[NLIST_PROC0].n_value;
140 pid = 0;
141 }
142 #endif
143 while (procp != 0) {
144 if (kvm_read(kd, procp, &proc, sizeof(proc)) != sizeof(proc)) {
145 _kvm_err(kd, kd->program, "%s: proc", __func__);
146 return (-1);
147 }
148 #ifndef VMCORE_VNET_OF_PROC0
149 if (dumptid > 0) {
150 tdp = (uintptr_t)TAILQ_FIRST(&proc.p_threads);
151 while (tdp != 0) {
152 if (kvm_read(kd, tdp, &td, sizeof(td)) !=
153 sizeof(td)) {
154 _kvm_err(kd, kd->program, "%s: thread",
155 __func__);
156 return (-1);
157 }
158 if (td.td_tid == dumptid) {
159 credp = (uintptr_t)td.td_ucred;
160 break;
161 }
162 tdp = (uintptr_t)TAILQ_NEXT(&td, td_plist);
163 }
164 } else
165 #endif
166 if (proc.p_pid == pid)
167 credp = (uintptr_t)proc.p_ucred;
168 if (credp != 0)
169 break;
170 procp = (uintptr_t)LIST_NEXT(&proc, p_list);
171 }
172 if (credp == 0) {
173 _kvm_err(kd, kd->program, "%s: pid/tid not found", __func__);
174 return (-1);
175 }
176 if (kvm_read(kd, (uintptr_t)credp, &cred, sizeof(cred)) !=
177 sizeof(cred)) {
178 _kvm_err(kd, kd->program, "%s: cred", __func__);
179 return (-1);
180 }
181 if (cred.cr_prison == NULL) {
182 _kvm_err(kd, kd->program, "%s: no jail", __func__);
183 return (-1);
184 }
185 if (kvm_read(kd, (uintptr_t)cred.cr_prison, &prison, sizeof(prison)) !=
186 sizeof(prison)) {
187 _kvm_err(kd, kd->program, "%s: prison", __func__);
188 return (-1);
189 }
190 if (prison.pr_vnet == NULL) {
191 _kvm_err(kd, kd->program, "%s: no vnet", __func__);
192 return (-1);
193 }
194 if (kvm_read(kd, (uintptr_t)prison.pr_vnet, &vnet, sizeof(vnet)) !=
195 sizeof(vnet)) {
196 _kvm_err(kd, kd->program, "%s: vnet", __func__);
197 return (-1);
198 }
199 if (vnet.vnet_magic_n != VNET_MAGIC_N) {
200 _kvm_err(kd, kd->program, "%s: invalid vnet magic#", __func__);
201 return (-1);
202 }
203 kd->vnet_initialized = 1;
204 kd->vnet_start = nl[NLIST_START_VNET].n_value;
205 kd->vnet_stop = nl[NLIST_STOP_VNET].n_value;
206 kd->vnet_current = (uintptr_t)prison.pr_vnet;
207 kd->vnet_base = vnet.vnet_data_base;
208 return (0);
209 }
210
211 /*
212 * Check whether the vnet module has been initialized successfully
213 * or not, initialize it if permitted.
214 */
215 int
_kvm_vnet_initialized(kvm_t * kd,int intialize)216 _kvm_vnet_initialized(kvm_t *kd, int intialize)
217 {
218
219 if (kd->vnet_initialized || !intialize)
220 return (kd->vnet_initialized);
221
222 (void) _kvm_vnet_selectpid(kd, getpid());
223
224 return (kd->vnet_initialized);
225 }
226
227 /*
228 * Check whether the value is within the vnet symbol range and
229 * only if so adjust the offset relative to the current base.
230 */
231 kvaddr_t
_kvm_vnet_validaddr(kvm_t * kd,kvaddr_t value)232 _kvm_vnet_validaddr(kvm_t *kd, kvaddr_t value)
233 {
234
235 if (value == 0)
236 return (value);
237
238 if (!kd->vnet_initialized)
239 return (value);
240
241 if (value < kd->vnet_start || value >= kd->vnet_stop)
242 return (value);
243
244 return (kd->vnet_base + value);
245 }
246