1 /*
2  * Copyright (c) 2016 Dmitry V. Levin <ldv@altlinux.org>
3  * Copyright (c) 2016-2018 The strace developers.
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  * 3. The name of the author may not be used to endorse or promote products
15  *    derived from this software without specific prior written permission.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
18  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
19  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
20  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
21  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
22  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27  */
28 
29 #include "defs.h"
30 #include "nsig.h"
31 #include "number_set.h"
32 #include "filter.h"
33 #include "delay.h"
34 #include "retval.h"
35 
36 struct number_set *read_set;
37 struct number_set *write_set;
38 struct number_set *signal_set;
39 
40 static struct number_set *abbrev_set;
41 static struct number_set *inject_set;
42 static struct number_set *raw_set;
43 static struct number_set *trace_set;
44 static struct number_set *verbose_set;
45 
46 /* Only syscall numbers are personality-specific so far.  */
47 struct inject_personality_data {
48 	uint16_t scno;
49 };
50 
51 static int
sigstr_to_uint(const char * s)52 sigstr_to_uint(const char *s)
53 {
54 	if (*s >= '0' && *s <= '9')
55 		return string_to_uint_upto(s, 255);
56 
57 	if (strncasecmp(s, "SIG", 3) == 0)
58 		s += 3;
59 
60 	for (int i = 0; i <= 255; ++i) {
61 		const char *name = signame(i);
62 
63 		if (strncasecmp(name, "SIG", 3) != 0)
64 			continue;
65 
66 		name += 3;
67 
68 		if (strcasecmp(name, s) != 0)
69 			continue;
70 
71 		return i;
72 	}
73 
74 	return -1;
75 }
76 
77 static int
find_errno_by_name(const char * name)78 find_errno_by_name(const char *name)
79 {
80 	for (unsigned int i = 1; i < nerrnos; ++i) {
81 		if (errnoent[i] && (strcasecmp(name, errnoent[i]) == 0))
82 			return i;
83 	}
84 
85 	return -1;
86 }
87 
88 static bool
parse_delay_token(const char * input,struct inject_opts * fopts,bool isenter)89 parse_delay_token(const char *input, struct inject_opts *fopts, bool isenter)
90 {
91        unsigned flag = isenter ? INJECT_F_DELAY_ENTER : INJECT_F_DELAY_EXIT;
92 
93        if (fopts->data.flags & flag) /* duplicate */
94                return false;
95        long long intval = string_to_ulonglong(input);
96        if (intval < 0) /* couldn't parse */
97                return false;
98 
99        if (fopts->data.delay_idx == (uint16_t) -1)
100                fopts->data.delay_idx = alloc_delay_data();
101        /* populate .ts_enter or .ts_exit */
102        fill_delay_data(fopts->data.delay_idx, intval, isenter);
103        fopts->data.flags |= flag;
104 
105        return true;
106 }
107 
108 static bool
parse_inject_token(const char * const token,struct inject_opts * const fopts,struct inject_personality_data * const pdata,const bool fault_tokens_only)109 parse_inject_token(const char *const token, struct inject_opts *const fopts,
110 		   struct inject_personality_data *const pdata,
111 		   const bool fault_tokens_only)
112 {
113 	const char *val;
114 	int intval;
115 
116 	if ((val = STR_STRIP_PREFIX(token, "when=")) != token) {
117 		/*
118 		 *	== 1+1
119 		 * F	== F+0
120 		 * F+	== F+1
121 		 * F+S
122 		 */
123 		char *end;
124 		intval = string_to_uint_ex(val, &end, 0xffff, "+");
125 		if (intval < 1)
126 			return false;
127 
128 		fopts->first = intval;
129 
130 		if (*end) {
131 			val = end + 1;
132 			if (*val) {
133 				/* F+S */
134 				intval = string_to_uint_upto(val, 0xffff);
135 				if (intval < 1)
136 					return false;
137 				fopts->step = intval;
138 			} else {
139 				/* F+ == F+1 */
140 				fopts->step = 1;
141 			}
142 		} else {
143 			/* F == F+0 */
144 			fopts->step = 0;
145 		}
146 	} else if ((val = STR_STRIP_PREFIX(token, "syscall=")) != token) {
147 		if (fopts->data.flags & INJECT_F_SYSCALL)
148 			return false;
149 
150 		for (unsigned int p = 0; p < SUPPORTED_PERSONALITIES; ++p) {
151 			kernel_long_t scno = scno_by_name(val, p, 0);
152 
153 			if (scno < 0)
154 				return false;
155 
156 			/*
157 			 * We want to inject only pure system calls with no side
158 			 * effects.
159 			 */
160 			if (!(sysent_vec[p][scno].sys_flags & TRACE_PURE))
161 				return false;
162 
163 			pdata[p].scno = scno;
164 		}
165 
166 		fopts->data.flags |= INJECT_F_SYSCALL;
167 	} else if ((val = STR_STRIP_PREFIX(token, "error=")) != token) {
168 		if (fopts->data.flags & (INJECT_F_ERROR | INJECT_F_RETVAL))
169 			return false;
170 		intval = string_to_uint_upto(val, MAX_ERRNO_VALUE);
171 		if (intval < 0)
172 			intval = find_errno_by_name(val);
173 		if (intval < 1)
174 			return false;
175 		fopts->data.rval_idx = retval_new(intval);
176 		fopts->data.flags |= INJECT_F_ERROR;
177 	} else if (!fault_tokens_only
178 		   && (val = STR_STRIP_PREFIX(token, "retval=")) != token) {
179 
180 		if (fopts->data.flags & (INJECT_F_ERROR | INJECT_F_RETVAL))
181 			return false;
182 
183 		errno = 0;
184 		char *endp;
185 		unsigned long long ullval = strtoull(val, &endp, 0);
186 		if (endp == val || *endp || (kernel_ulong_t) ullval != ullval
187 		    || ((ullval == 0 || ullval == ULLONG_MAX) && errno))
188 			return false;
189 
190 #if ANY_WORDSIZE_LESS_THAN_KERNEL_LONG
191 		bool inadvertent_fault_injection = false;
192 #endif
193 
194 #if !HAVE_ARCH_DEDICATED_ERR_REG
195 		if ((kernel_long_t) ullval < 0
196 		    && (kernel_long_t) ullval >= -MAX_ERRNO_VALUE) {
197 # if ANY_WORDSIZE_LESS_THAN_KERNEL_LONG
198 			inadvertent_fault_injection = true;
199 # endif
200 			error_msg("Inadvertent injection of error %" PRI_kld
201 				  " is possible for retval=%llu",
202 				  -(kernel_long_t) ullval, ullval);
203 		}
204 # if ANY_WORDSIZE_LESS_THAN_KERNEL_LONG
205 		else if ((int) ullval < 0 && (int) ullval >= -MAX_ERRNO_VALUE) {
206 			inadvertent_fault_injection = true;
207 			error_msg("Inadvertent injection of error %d is"
208 				  " possible in compat personality for"
209 				  " retval=%llu",
210 				  -(int) ullval, ullval);
211 		}
212 # endif
213 #endif
214 
215 #if ANY_WORDSIZE_LESS_THAN_KERNEL_LONG
216 		if (!inadvertent_fault_injection
217 		    && (unsigned int) ullval != ullval) {
218 			error_msg("Injected return value %llu will be"
219 				  " clipped to %u in compat personality",
220 				  ullval, (unsigned int) ullval);
221 		}
222 #endif
223 
224 		fopts->data.rval_idx = retval_new(ullval);
225 		fopts->data.flags |= INJECT_F_RETVAL;
226 	} else if (!fault_tokens_only
227 		   && (val = STR_STRIP_PREFIX(token, "signal=")) != token) {
228 		if (fopts->data.flags & INJECT_F_SIGNAL)
229 			return false;
230 		intval = sigstr_to_uint(val);
231 		if (intval < 1 || intval > NSIG_BYTES * 8)
232 			return false;
233 		fopts->data.signo = intval;
234 		fopts->data.flags |= INJECT_F_SIGNAL;
235 	} else if (!fault_tokens_only
236 		&& (val = STR_STRIP_PREFIX(token, "delay_enter=")) != token) {
237 		if (!parse_delay_token(val, fopts, true))
238 			return false;
239 	} else if (!fault_tokens_only
240 		&& (val = STR_STRIP_PREFIX(token, "delay_exit=")) != token) {
241 		if (!parse_delay_token(val, fopts, false))
242 			return false;
243 	} else {
244 		return false;
245 	}
246 
247 	return true;
248 }
249 
250 static const char *
parse_inject_expression(char * const str,struct inject_opts * const fopts,struct inject_personality_data * const pdata,const bool fault_tokens_only)251 parse_inject_expression(char *const str,
252 			struct inject_opts *const fopts,
253 			struct inject_personality_data *const pdata,
254 			const bool fault_tokens_only)
255 {
256 	if (str[0] == '\0' || str[0] == ':')
257 		return "";
258 
259 	char *saveptr = NULL;
260 	const char *name = strtok_r(str, ":", &saveptr);
261 
262 	char *token;
263 	while ((token = strtok_r(NULL, ":", &saveptr))) {
264 		if (!parse_inject_token(token, fopts, pdata, fault_tokens_only))
265 			return NULL;
266 	}
267 
268 	return name;
269 }
270 
271 static void
qualify_read(const char * const str)272 qualify_read(const char *const str)
273 {
274 	if (!read_set)
275 		read_set = alloc_number_set_array(1);
276 	qualify_tokens(str, read_set, string_to_uint, "descriptor");
277 }
278 
279 static void
qualify_write(const char * const str)280 qualify_write(const char *const str)
281 {
282 	if (!write_set)
283 		write_set = alloc_number_set_array(1);
284 	qualify_tokens(str, write_set, string_to_uint, "descriptor");
285 }
286 
287 static void
qualify_signals(const char * const str)288 qualify_signals(const char *const str)
289 {
290 	if (!signal_set)
291 		signal_set = alloc_number_set_array(1);
292 	qualify_tokens(str, signal_set, sigstr_to_uint, "signal");
293 }
294 
295 static void
qualify_trace(const char * const str)296 qualify_trace(const char *const str)
297 {
298 	if (!trace_set)
299 		trace_set = alloc_number_set_array(SUPPORTED_PERSONALITIES);
300 	qualify_syscall_tokens(str, trace_set);
301 }
302 
303 static void
qualify_abbrev(const char * const str)304 qualify_abbrev(const char *const str)
305 {
306 	if (!abbrev_set)
307 		abbrev_set = alloc_number_set_array(SUPPORTED_PERSONALITIES);
308 	qualify_syscall_tokens(str, abbrev_set);
309 }
310 
311 static void
qualify_verbose(const char * const str)312 qualify_verbose(const char *const str)
313 {
314 	if (!verbose_set)
315 		verbose_set = alloc_number_set_array(SUPPORTED_PERSONALITIES);
316 	qualify_syscall_tokens(str, verbose_set);
317 }
318 
319 static void
qualify_raw(const char * const str)320 qualify_raw(const char *const str)
321 {
322 	if (!raw_set)
323 		raw_set = alloc_number_set_array(SUPPORTED_PERSONALITIES);
324 	qualify_syscall_tokens(str, raw_set);
325 }
326 
327 static void
qualify_inject_common(const char * const str,const bool fault_tokens_only,const char * const description)328 qualify_inject_common(const char *const str,
329 		      const bool fault_tokens_only,
330 		      const char *const description)
331 {
332 	struct inject_opts opts = {
333 		.first = 1,
334 		.step = 1,
335 		.data = {
336 			.delay_idx = -1
337 		}
338 	};
339 	struct inject_personality_data pdata[SUPPORTED_PERSONALITIES] = { { 0 } };
340 	char *copy = xstrdup(str);
341 	const char *name =
342 		parse_inject_expression(copy, &opts, pdata, fault_tokens_only);
343 	if (!name)
344 		error_msg_and_die("invalid %s '%s'", description, str);
345 
346 	struct number_set *tmp_set =
347 		alloc_number_set_array(SUPPORTED_PERSONALITIES);
348 	qualify_syscall_tokens(name, tmp_set);
349 
350 	free(copy);
351 
352 	/* If neither of retval, error, signal or delay is specified, then ... */
353 	if (!(opts.data.flags & INJECT_ACTION_FLAGS)) {
354 		if (fault_tokens_only) {
355 			/* in fault= syntax the default error code is ENOSYS. */
356 			opts.data.rval_idx = retval_new(ENOSYS);
357 			opts.data.flags |= INJECT_F_ERROR;
358 		} else {
359 			/* in inject= syntax this is not allowed. */
360 			error_msg_and_die("invalid %s '%s'", description, str);
361 		}
362 	}
363 
364 	/*
365 	 * Initialize inject_vec according to tmp_set.
366 	 * Merge tmp_set into inject_set.
367 	 */
368 	for (unsigned int p = 0; p < SUPPORTED_PERSONALITIES; ++p) {
369 		if (number_set_array_is_empty(tmp_set, p))
370 			continue;
371 
372 		if (!inject_set) {
373 			inject_set =
374 				alloc_number_set_array(SUPPORTED_PERSONALITIES);
375 		}
376 		if (!inject_vec[p]) {
377 			inject_vec[p] = xcalloc(nsyscall_vec[p],
378 						sizeof(*inject_vec[p]));
379 		}
380 
381 		for (unsigned int i = 0; i < nsyscall_vec[p]; ++i) {
382 			if (is_number_in_set_array(i, tmp_set, p)) {
383 				add_number_to_set_array(i, inject_set, p);
384 				inject_vec[p][i] = opts;
385 
386 				/* Copy per-personality data.  */
387 				inject_vec[p][i].data.scno =
388 					pdata[p].scno;
389 			}
390 		}
391 	}
392 
393 	free_number_set_array(tmp_set, SUPPORTED_PERSONALITIES);
394 }
395 
396 static void
qualify_fault(const char * const str)397 qualify_fault(const char *const str)
398 {
399 	qualify_inject_common(str, true, "fault argument");
400 }
401 
402 static void
qualify_inject(const char * const str)403 qualify_inject(const char *const str)
404 {
405 	qualify_inject_common(str, false, "inject argument");
406 }
407 
408 static void
qualify_kvm(const char * const str)409 qualify_kvm(const char *const str)
410 {
411 	if (strcmp(str, "vcpu") == 0) {
412 #ifdef HAVE_LINUX_KVM_H
413 		if (os_release >= KERNEL_VERSION(4, 16, 0))
414 			kvm_run_structure_decoder_init();
415 		else
416 			error_msg("-e kvm=vcpu option needs"
417 				  " Linux 4.16.0 or higher");
418 #else
419 		error_msg("-e kvm=vcpu option is not implemented"
420 			  " for this architecture");
421 #endif
422 	} else {
423 		error_msg_and_die("invalid -e kvm= argument: '%s'", str);
424 	}
425 }
426 
427 static const struct qual_options {
428 	const char *name;
429 	void (*qualify)(const char *);
430 } qual_options[] = {
431 	{ "trace",	qualify_trace	},
432 	{ "t",		qualify_trace	},
433 	{ "abbrev",	qualify_abbrev	},
434 	{ "a",		qualify_abbrev	},
435 	{ "verbose",	qualify_verbose	},
436 	{ "v",		qualify_verbose	},
437 	{ "raw",	qualify_raw	},
438 	{ "x",		qualify_raw	},
439 	{ "signal",	qualify_signals	},
440 	{ "signals",	qualify_signals	},
441 	{ "s",		qualify_signals	},
442 	{ "read",	qualify_read	},
443 	{ "reads",	qualify_read	},
444 	{ "r",		qualify_read	},
445 	{ "write",	qualify_write	},
446 	{ "writes",	qualify_write	},
447 	{ "w",		qualify_write	},
448 	{ "fault",	qualify_fault	},
449 	{ "inject",	qualify_inject	},
450 	{ "kvm",	qualify_kvm	},
451 };
452 
453 void
qualify(const char * str)454 qualify(const char *str)
455 {
456 	const struct qual_options *opt = qual_options;
457 
458 	for (unsigned int i = 0; i < ARRAY_SIZE(qual_options); ++i) {
459 		const char *name = qual_options[i].name;
460 		const size_t len = strlen(name);
461 		const char *val = str_strip_prefix_len(str, name, len);
462 
463 		if (val == str || *val != '=')
464 			continue;
465 		str = val + 1;
466 		opt = &qual_options[i];
467 		break;
468 	}
469 
470 	opt->qualify(str);
471 }
472 
473 unsigned int
qual_flags(const unsigned int scno)474 qual_flags(const unsigned int scno)
475 {
476 	return	(is_number_in_set_array(scno, trace_set, current_personality)
477 		   ? QUAL_TRACE : 0)
478 		| (is_number_in_set_array(scno, abbrev_set, current_personality)
479 		   ? QUAL_ABBREV : 0)
480 		| (is_number_in_set_array(scno, verbose_set, current_personality)
481 		   ? QUAL_VERBOSE : 0)
482 		| (is_number_in_set_array(scno, raw_set, current_personality)
483 		   ? QUAL_RAW : 0)
484 		| (is_number_in_set_array(scno, inject_set, current_personality)
485 		   ? QUAL_INJECT : 0);
486 }
487