2 * SPDX-License-Identifier: BSD-3-Clause
4 * Copyright (c) 2002 Poul-Henning Kamp
5 * Copyright (c) 2002 Networks Associates Technology, Inc.
8 * This software was developed for the FreeBSD Project by Poul-Henning Kamp
9 * and NAI Labs, the Security Research Division of Network Associates, Inc.
10 * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
11 * DARPA CHATS research program.
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
16 * 1. Redistributions of source code must retain the above copyright
17 * notice, this list of conditions and the following disclaimer.
18 * 2. Redistributions in binary form must reproduce the above copyright
19 * notice, this list of conditions and the following disclaimer in the
20 * documentation and/or other materials provided with the distribution.
21 * 3. The names of the authors may not be used to endorse or promote
22 * products derived from this software without specific prior written
25 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 * Copyright (c) 1986, 1992, 1993
38 * The Regents of the University of California. All rights reserved.
40 * Redistribution and use in source and binary forms, with or without
41 * modification, are permitted provided that the following conditions
43 * 1. Redistributions of source code must retain the above copyright
44 * notice, this list of conditions and the following disclaimer.
45 * 2. Redistributions in binary form must reproduce the above copyright
46 * notice, this list of conditions and the following disclaimer in the
47 * documentation and/or other materials provided with the distribution.
48 * 3. Neither the name of the University nor the names of its contributors
49 * may be used to endorse or promote products derived from this software
50 * without specific prior written permission.
52 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
55 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
65 #include <sys/cdefs.h>
66 __FBSDID("$FreeBSD$");
68 #include <sys/param.h>
70 #include <sys/kerneldump.h>
71 #include <sys/mount.h>
74 #include <capsicum_helpers.h>
90 #include <libcasper.h>
91 #include <casper/cap_fileargs.h>
92 #include <casper/cap_syslog.h>
96 /* The size of the buffer used for I/O. */
97 #define BUFFERSIZE (1024*1024)
100 #define STATUS_GOOD 1
101 #define STATUS_UNKNOWN 2
103 static cap_channel_t *capsyslog;
104 static fileargs_t *capfa;
105 static bool checkfor, compress, clear, force, keep; /* flags */
107 static int nfound, nsaved, nerr; /* statistics */
110 extern FILE *zdopen(int, const char *);
112 static sig_atomic_t got_siginfo;
113 static void infohandler(int);
116 logmsg(int pri, const char *fmt, ...)
121 if (capsyslog != NULL)
122 cap_vsyslog(capsyslog, pri, fmt, ap);
124 vsyslog(pri, fmt, ap);
129 xfopenat(int dirfd, const char *path, int flags, const char *modestr, ...)
136 if ((flags & O_CREAT) == O_CREAT) {
137 va_start(ap, modestr);
138 mode = (mode_t)va_arg(ap, int);
143 fd = openat(dirfd, path, flags, mode);
146 fp = fdopen(fd, modestr);
156 printheader(xo_handle_t *xo, const struct kerneldumpheader *h,
157 const char *device, int bounds, const int status)
163 const char *stat_str;
164 const char *comp_str;
167 xo_emit_h(xo, "{Lwc:Dump header from device}{:dump_device/%s}\n",
169 xo_emit_h(xo, "{P: }{Lwc:Architecture}{:architecture/%s}\n",
172 "{P: }{Lwc:Architecture Version}{:architecture_version/%u}\n",
173 dtoh32(h->architectureversion));
174 dumplen = dtoh64(h->dumplength);
175 xo_emit_h(xo, "{P: }{Lwc:Dump Length}{:dump_length_bytes/%lld}\n",
177 xo_emit_h(xo, "{P: }{Lwc:Blocksize}{:blocksize/%d}\n",
178 dtoh32(h->blocksize));
179 switch (h->compression) {
180 case KERNELDUMP_COMP_NONE:
183 case KERNELDUMP_COMP_GZIP:
186 case KERNELDUMP_COMP_ZSTD:
193 xo_emit_h(xo, "{P: }{Lwc:Compression}{:compression/%s}\n", comp_str);
194 t = dtoh64(h->dumptime);
195 localtime_r(&t, &tm);
196 if (strftime(time_str, sizeof(time_str), "%F %T %z", &tm) == 0)
198 xo_emit_h(xo, "{P: }{Lwc:Dumptime}{:dumptime/%s}\n", time_str);
199 xo_emit_h(xo, "{P: }{Lwc:Hostname}{:hostname/%s}\n", h->hostname);
200 xo_emit_h(xo, "{P: }{Lwc:Magic}{:magic/%s}\n", h->magic);
201 xo_emit_h(xo, "{P: }{Lwc:Version String}{:version_string/%s}",
203 xo_emit_h(xo, "{P: }{Lwc:Panic String}{:panic_string/%s}\n",
205 xo_emit_h(xo, "{P: }{Lwc:Dump Parity}{:dump_parity/%u}\n", h->parity);
206 xo_emit_h(xo, "{P: }{Lwc:Bounds}{:bounds/%d}\n", bounds);
216 stat_str = "unknown";
219 xo_emit_h(xo, "{P: }{Lwc:Dump Status}{:dump_status/%s}\n", stat_str);
224 getbounds(int savedirfd)
231 * If we are just checking, then we haven't done a chdir to the dump
232 * directory and we should not try to read a bounds file.
239 if ((fp = xfopenat(savedirfd, "bounds", O_RDONLY, "r")) == NULL) {
241 printf("unable to open bounds file, using 0\n");
244 if (fgets(buf, sizeof(buf), fp) == NULL) {
246 logmsg(LOG_WARNING, "bounds file is empty, using 0");
248 logmsg(LOG_WARNING, "bounds file: %s", strerror(errno));
254 ret = (int)strtol(buf, NULL, 10);
255 if (ret == 0 && (errno == EINVAL || errno == ERANGE))
256 logmsg(LOG_WARNING, "invalid value found in bounds, using 0");
262 writebounds(int savedirfd, int bounds)
266 if ((fp = xfopenat(savedirfd, "bounds", O_WRONLY | O_CREAT | O_TRUNC,
267 "w", 0644)) == NULL) {
268 logmsg(LOG_WARNING, "unable to write to bounds file: %m");
273 printf("bounds number: %d\n", bounds);
275 fprintf(fp, "%d\n", bounds);
280 writekey(int savedirfd, const char *keyname, uint8_t *dumpkey,
281 uint32_t dumpkeysize)
285 fd = openat(savedirfd, keyname, O_WRONLY | O_CREAT | O_TRUNC, 0600);
287 logmsg(LOG_ERR, "Unable to open %s to write the key: %m.",
292 if (write(fd, dumpkey, dumpkeysize) != (ssize_t)dumpkeysize) {
293 logmsg(LOG_ERR, "Unable to write the key to %s: %m.", keyname);
303 file_size(int savedirfd, const char *path)
307 /* Ignore all errors, this file may not exist. */
308 if (fstatat(savedirfd, path, &sb, 0) == -1)
314 saved_dump_size(int savedirfd, int bounds)
316 static char path[PATH_MAX];
321 (void)snprintf(path, sizeof(path), "info.%d", bounds);
322 dumpsize += file_size(savedirfd, path);
323 (void)snprintf(path, sizeof(path), "vmcore.%d", bounds);
324 dumpsize += file_size(savedirfd, path);
325 (void)snprintf(path, sizeof(path), "vmcore.%d.gz", bounds);
326 dumpsize += file_size(savedirfd, path);
327 (void)snprintf(path, sizeof(path), "vmcore.%d.zst", bounds);
328 dumpsize += file_size(savedirfd, path);
329 (void)snprintf(path, sizeof(path), "textdump.tar.%d", bounds);
330 dumpsize += file_size(savedirfd, path);
331 (void)snprintf(path, sizeof(path), "textdump.tar.%d.gz", bounds);
332 dumpsize += file_size(savedirfd, path);
338 saved_dump_remove(int savedirfd, int bounds)
340 static char path[PATH_MAX];
342 (void)snprintf(path, sizeof(path), "info.%d", bounds);
343 (void)unlinkat(savedirfd, path, 0);
344 (void)snprintf(path, sizeof(path), "vmcore.%d", bounds);
345 (void)unlinkat(savedirfd, path, 0);
346 (void)snprintf(path, sizeof(path), "vmcore.%d.gz", bounds);
347 (void)unlinkat(savedirfd, path, 0);
348 (void)snprintf(path, sizeof(path), "vmcore.%d.zst", bounds);
349 (void)unlinkat(savedirfd, path, 0);
350 (void)snprintf(path, sizeof(path), "textdump.tar.%d", bounds);
351 (void)unlinkat(savedirfd, path, 0);
352 (void)snprintf(path, sizeof(path), "textdump.tar.%d.gz", bounds);
353 (void)unlinkat(savedirfd, path, 0);
357 symlinks_remove(int savedirfd)
360 (void)unlinkat(savedirfd, "info.last", 0);
361 (void)unlinkat(savedirfd, "key.last", 0);
362 (void)unlinkat(savedirfd, "vmcore.last", 0);
363 (void)unlinkat(savedirfd, "vmcore.last.gz", 0);
364 (void)unlinkat(savedirfd, "vmcore.last.zst", 0);
365 (void)unlinkat(savedirfd, "vmcore_encrypted.last", 0);
366 (void)unlinkat(savedirfd, "vmcore_encrypted.last.gz", 0);
367 (void)unlinkat(savedirfd, "textdump.tar.last", 0);
368 (void)unlinkat(savedirfd, "textdump.tar.last.gz", 0);
372 * Check that sufficient space is available on the disk that holds the
376 check_space(const char *savedir, int savedirfd, off_t dumpsize, int bounds)
381 off_t available, minfree, spacefree, totfree, needed;
383 if (fstatfs(savedirfd, &fsbuf) < 0) {
384 logmsg(LOG_ERR, "%s: %m", savedir);
387 spacefree = ((off_t) fsbuf.f_bavail * fsbuf.f_bsize) / 1024;
388 totfree = ((off_t) fsbuf.f_bfree * fsbuf.f_bsize) / 1024;
390 if ((fp = xfopenat(savedirfd, "minfree", O_RDONLY, "r")) == NULL)
393 if (fgets(buf, sizeof(buf), fp) == NULL)
399 minfree = strtoll(buf, &endp, 10);
400 if (minfree == 0 && errno != 0)
403 while (*endp != '\0' && isspace(*endp))
405 if (*endp != '\0' || minfree < 0)
410 "`minfree` didn't contain a valid size "
411 "(`%s`). Defaulting to 0", buf);
416 available = minfree > 0 ? spacefree - minfree : totfree;
417 needed = dumpsize / 1024 + 2; /* 2 for info file */
418 needed -= saved_dump_size(savedirfd, bounds);
419 if (available < needed) {
421 "no dump: not enough free space on device (need at least "
422 "%jdkB for dump; %jdkB available; %jdkB reserved)",
424 (intmax_t)available + minfree,
428 if (spacefree - needed < 0)
430 "dump performed, but free space threshold crossed");
435 compare_magic(const struct kerneldumpheader *kdh, const char *magic)
438 return (strncmp(kdh->magic, magic, sizeof(kdh->magic)) == 0);
441 #define BLOCKSIZE (1<<12)
442 #define BLOCKMASK (~(BLOCKSIZE-1))
445 DoRegularFile(int fd, off_t dumpsize, u_int sectorsize, bool sparse, char *buf,
446 const char *device, const char *filename, FILE *fp)
448 int he, hs, nr, nw, wl;
449 off_t dmpcnt, origsize;
454 while (dumpsize > 0) {
458 nr = read(fd, buf, roundup(wl, sectorsize));
459 if (nr != (int)roundup(wl, sectorsize)) {
462 "WARNING: EOF on dump device");
464 logmsg(LOG_ERR, "read error on %s: %m", device);
469 nw = fwrite(buf, 1, wl, fp);
471 for (nw = 0; nw < nr; nw = he) {
472 /* find a contiguous block of zeroes */
473 for (hs = nw; hs < nr; hs += BLOCKSIZE) {
474 for (he = hs; he < nr && buf[he] == 0;
477 /* is the hole long enough to matter? */
478 if (he >= hs + BLOCKSIZE)
482 /* back down to a block boundary */
486 * 1) Don't go beyond the end of the buffer.
487 * 2) If the end of the buffer is less than
488 * BLOCKSIZE bytes away, we're at the end
489 * of the file, so just grab what's left.
491 if (hs + BLOCKSIZE > nr)
495 * At this point, we have a partial ordering:
496 * nw <= hs <= he <= nr
497 * If hs > nw, buf[nw..hs] contains non-zero
498 * data. If he > hs, buf[hs..he] is all zeroes.
501 if (fwrite(buf + nw, hs - nw, 1, fp)
505 if (fseeko(fp, he - hs, SEEK_CUR) == -1)
511 "write error on %s file: %m", filename);
513 "WARNING: vmcore may be incomplete");
519 printf("%llu\r", (unsigned long long)dmpcnt);
524 printf("%s %.1lf%%\n", filename, (100.0 - (100.0 *
525 (double)dumpsize / (double)origsize)));
533 * Specialized version of dump-reading logic for use with textdumps, which
534 * are written backwards from the end of the partition, and must be reversed
535 * before being written to the file. Textdumps are small, so do a bit less
536 * work to optimize/sparsify.
539 DoTextdumpFile(int fd, off_t dumpsize, off_t lasthd, char *buf,
540 const char *device, const char *filename, FILE *fp)
543 off_t dmpcnt, totsize;
548 if ((dumpsize % wl) != 0) {
549 logmsg(LOG_ERR, "textdump uneven multiple of 512 on %s",
554 while (dumpsize > 0) {
555 nr = pread(fd, buf, wl, lasthd - (totsize - dumpsize) - wl);
559 "WARNING: EOF on dump device");
561 logmsg(LOG_ERR, "read error on %s: %m", device);
565 nw = fwrite(buf, 1, wl, fp);
568 "write error on %s file: %m", filename);
570 "WARNING: textdump may be incomplete");
576 printf("%llu\r", (unsigned long long)dmpcnt);
585 DoFile(const char *savedir, int savedirfd, const char *device)
587 xo_handle_t *xostdout, *xoinfo;
588 static char infoname[PATH_MAX], corename[PATH_MAX], linkname[PATH_MAX];
589 static char keyname[PATH_MAX];
590 static char *buf = NULL;
592 struct kerneldumpheader kdhf, kdhl;
594 off_t mediasize, dumpextent, dumplength, firsthd, lasthd;
596 int fdcore, fddev, error;
598 u_int sectorsize, xostyle;
599 uint32_t dumpkeysize;
600 bool iscompressed, isencrypted, istextdump, ret;
602 bounds = getbounds(savedirfd);
605 status = STATUS_UNKNOWN;
607 xostdout = xo_create_to_file(stdout, XO_STYLE_TEXT, 0);
608 if (xostdout == NULL) {
609 logmsg(LOG_ERR, "%s: %m", infoname);
613 if (maxdumps > 0 && bounds == maxdumps)
617 buf = malloc(BUFFERSIZE);
619 logmsg(LOG_ERR, "%m");
625 printf("checking for kernel dump on device %s\n", device);
627 fddev = fileargs_open(capfa, device);
629 logmsg(LOG_ERR, "%s: %m", device);
633 error = ioctl(fddev, DIOCGMEDIASIZE, &mediasize);
635 error = ioctl(fddev, DIOCGSECTORSIZE, §orsize);
638 "couldn't find media and/or sector size of %s: %m", device);
643 printf("mediasize = %lld bytes\n", (long long)mediasize);
644 printf("sectorsize = %u bytes\n", sectorsize);
647 if (sectorsize < sizeof(kdhl)) {
649 "Sector size is less the kernel dump header %zu",
654 lasthd = mediasize - sectorsize;
655 temp = malloc(sectorsize);
657 logmsg(LOG_ERR, "%m");
660 if (lseek(fddev, lasthd, SEEK_SET) != lasthd ||
661 read(fddev, temp, sectorsize) != (ssize_t)sectorsize) {
663 "error reading last dump header at offset %lld in %s: %m",
664 (long long)lasthd, device);
667 memcpy(&kdhl, temp, sizeof(kdhl));
668 iscompressed = istextdump = false;
669 if (compare_magic(&kdhl, TEXTDUMPMAGIC)) {
671 printf("textdump magic on last dump header on %s\n",
674 if (dtoh32(kdhl.version) != KERNELDUMP_TEXT_VERSION) {
676 "unknown version (%d) in last dump header on %s",
677 dtoh32(kdhl.version), device);
683 } else if (compare_magic(&kdhl, KERNELDUMPMAGIC)) {
684 if (dtoh32(kdhl.version) != KERNELDUMPVERSION) {
686 "unknown version (%d) in last dump header on %s",
687 dtoh32(kdhl.version), device);
693 switch (kdhl.compression) {
694 case KERNELDUMP_COMP_NONE:
696 case KERNELDUMP_COMP_GZIP:
697 case KERNELDUMP_COMP_ZSTD:
698 if (compress && verbose)
699 printf("dump is already compressed\n");
704 logmsg(LOG_ERR, "unknown compression type %d on %s",
705 kdhl.compression, device);
710 printf("magic mismatch on last dump header on %s\n",
717 if (compare_magic(&kdhl, KERNELDUMPMAGIC_CLEARED)) {
719 printf("forcing magic on %s\n", device);
720 memcpy(kdhl.magic, KERNELDUMPMAGIC, sizeof(kdhl.magic));
722 logmsg(LOG_ERR, "unable to force dump - bad magic");
725 if (dtoh32(kdhl.version) != KERNELDUMPVERSION) {
727 "unknown version (%d) in last dump header on %s",
728 dtoh32(kdhl.version), device);
740 if (kerneldump_parity(&kdhl)) {
742 "parity error on last dump header on %s", device);
748 dumpextent = dtoh64(kdhl.dumpextent);
749 dumplength = dtoh64(kdhl.dumplength);
750 dumpkeysize = dtoh32(kdhl.dumpkeysize);
751 firsthd = lasthd - dumpextent - sectorsize - dumpkeysize;
752 if (lseek(fddev, firsthd, SEEK_SET) != firsthd ||
753 read(fddev, temp, sectorsize) != (ssize_t)sectorsize) {
755 "error reading first dump header at offset %lld in %s: %m",
756 (long long)firsthd, device);
760 memcpy(&kdhf, temp, sizeof(kdhf));
763 printf("First dump headers:\n");
764 printheader(xostdout, &kdhf, device, bounds, -1);
766 printf("\nLast dump headers:\n");
767 printheader(xostdout, &kdhl, device, bounds, -1);
771 if (memcmp(&kdhl, &kdhf, sizeof(kdhl))) {
773 "first and last dump headers disagree on %s", device);
779 status = STATUS_GOOD;
783 printf("A dump exists on %s\n", device);
788 if (kdhl.panicstring[0] != '\0')
789 logmsg(LOG_ALERT, "reboot after panic: %.*s",
790 (int)sizeof(kdhl.panicstring), kdhl.panicstring);
792 logmsg(LOG_ALERT, "reboot");
795 printf("Checking for available free space\n");
797 if (!check_space(savedir, savedirfd, dumplength, bounds)) {
802 writebounds(savedirfd, bounds + 1);
804 saved_dump_remove(savedirfd, bounds);
806 snprintf(infoname, sizeof(infoname), "info.%d", bounds);
809 * Create or overwrite any existing dump header files.
811 if ((info = xfopenat(savedirfd, infoname,
812 O_WRONLY | O_CREAT | O_TRUNC, "w", 0600)) == NULL) {
813 logmsg(LOG_ERR, "open(%s): %m", infoname);
818 isencrypted = (dumpkeysize > 0);
820 snprintf(corename, sizeof(corename), "%s.%d.gz",
821 istextdump ? "textdump.tar" :
822 (isencrypted ? "vmcore_encrypted" : "vmcore"), bounds);
823 else if (iscompressed && !isencrypted)
824 snprintf(corename, sizeof(corename), "vmcore.%d.%s", bounds,
825 (kdhl.compression == KERNELDUMP_COMP_GZIP) ? "gz" : "zst");
827 snprintf(corename, sizeof(corename), "%s.%d",
828 istextdump ? "textdump.tar" :
829 (isencrypted ? "vmcore_encrypted" : "vmcore"), bounds);
830 fdcore = openat(savedirfd, corename, O_WRONLY | O_CREAT | O_TRUNC,
833 logmsg(LOG_ERR, "open(%s): %m", corename);
840 core = zdopen(fdcore, "w");
842 core = fdopen(fdcore, "w");
844 logmsg(LOG_ERR, "%s: %m", corename);
852 xostyle = xo_get_style(NULL);
853 xoinfo = xo_create_to_file(info, xostyle, 0);
854 if (xoinfo == NULL) {
855 logmsg(LOG_ERR, "%s: %m", infoname);
860 xo_open_container_h(xoinfo, "crashdump");
863 printheader(xostdout, &kdhl, device, bounds, status);
865 printheader(xoinfo, &kdhl, device, bounds, status);
866 xo_close_container_h(xoinfo, "crashdump");
872 dumpkey = calloc(1, dumpkeysize);
873 if (dumpkey == NULL) {
874 logmsg(LOG_ERR, "Unable to allocate kernel dump key.");
879 if (read(fddev, dumpkey, dumpkeysize) != (ssize_t)dumpkeysize) {
880 logmsg(LOG_ERR, "Unable to read kernel dump key: %m.");
885 snprintf(keyname, sizeof(keyname), "key.%d", bounds);
886 ret = writekey(savedirfd, keyname, dumpkey, dumpkeysize);
887 explicit_bzero(dumpkey, dumpkeysize);
894 logmsg(LOG_NOTICE, "writing %s%score to %s/%s",
895 isencrypted ? "encrypted " : "", compress ? "compressed " : "",
899 if (DoTextdumpFile(fddev, dumplength, lasthd, buf, device,
903 if (DoRegularFile(fddev, dumplength, sectorsize,
904 !(compress || iscompressed || isencrypted), buf, device,
905 corename, core) < 0) {
912 if (fclose(core) < 0) {
913 logmsg(LOG_ERR, "error on %s: %m", corename);
918 symlinks_remove(savedirfd);
919 if (symlinkat(infoname, savedirfd, "info.last") == -1) {
920 logmsg(LOG_WARNING, "unable to create symlink %s/%s: %m",
921 savedir, "info.last");
924 if (symlinkat(keyname, savedirfd, "key.last") == -1) {
926 "unable to create symlink %s/%s: %m", savedir,
930 if (compress || iscompressed) {
931 snprintf(linkname, sizeof(linkname), "%s.last.%s",
932 istextdump ? "textdump.tar" :
933 (isencrypted ? "vmcore_encrypted" : "vmcore"),
934 (kdhl.compression == KERNELDUMP_COMP_ZSTD) ? "zst" : "gz");
936 snprintf(linkname, sizeof(linkname), "%s.last",
937 istextdump ? "textdump.tar" :
938 (isencrypted ? "vmcore_encrypted" : "vmcore"));
940 if (symlinkat(corename, savedirfd, linkname) == -1) {
941 logmsg(LOG_WARNING, "unable to create symlink %s/%s: %m",
948 printf("dump saved\n");
953 printf("clearing dump header\n");
954 memcpy(kdhl.magic, KERNELDUMPMAGIC_CLEARED, sizeof(kdhl.magic));
955 memcpy(temp, &kdhl, sizeof(kdhl));
956 if (lseek(fddev, lasthd, SEEK_SET) != lasthd ||
957 write(fddev, temp, sectorsize) != (ssize_t)sectorsize)
959 "error while clearing the dump header: %m");
961 xo_close_container_h(xostdout, "crashdump");
962 xo_finish_h(xostdout);
977 /* Prepend "/dev/" to any arguments that don't already have it */
979 devify(int argc, char **argv)
984 devs = malloc(argc * sizeof(*argv));
986 logmsg(LOG_ERR, "malloc(): %m");
989 for (i = 0; i < argc; i++) {
990 if (strncmp(argv[i], _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0)
991 devs[i] = strdup(argv[i]);
995 fullpath = malloc(PATH_MAX);
996 if (fullpath == NULL) {
997 logmsg(LOG_ERR, "malloc(): %m");
1000 l = snprintf(fullpath, PATH_MAX, "%s%s", _PATH_DEV,
1003 logmsg(LOG_ERR, "snprintf(): %m");
1005 } else if (l >= PATH_MAX) {
1006 logmsg(LOG_ERR, "device name too long");
1016 enum_dumpdevs(int *argcp)
1023 * We cannot use getfsent(3) in capability mode, so we must
1024 * scan /etc/fstab and build up a list of candidate devices
1025 * before proceeding.
1029 argv = malloc(n * sizeof(*argv));
1031 logmsg(LOG_ERR, "malloc(): %m");
1038 if (strcmp(fsp->fs_vfstype, "swap") != 0 &&
1039 strcmp(fsp->fs_vfstype, "dump") != 0)
1043 argv = realloc(argv, n * sizeof(*argv));
1045 logmsg(LOG_ERR, "realloc(): %m");
1049 argv[argc] = strdup(fsp->fs_spec);
1050 if (argv[argc] == NULL) {
1051 logmsg(LOG_ERR, "strdup(): %m");
1061 init_caps(int argc, char **argv)
1063 cap_rights_t rights;
1064 cap_channel_t *capcas;
1066 capcas = cap_init();
1067 if (capcas == NULL) {
1068 logmsg(LOG_ERR, "cap_init(): %m");
1072 * The fileargs capability does not currently provide a way to limit
1075 (void)cap_rights_init(&rights, CAP_PREAD, CAP_WRITE, CAP_IOCTL);
1076 capfa = fileargs_init(argc, argv, checkfor || keep ? O_RDONLY : O_RDWR,
1077 0, &rights, FA_OPEN);
1078 if (capfa == NULL) {
1079 logmsg(LOG_ERR, "fileargs_init(): %m");
1082 caph_cache_catpages();
1083 caph_cache_tzdata();
1084 if (caph_enter_casper() != 0) {
1085 logmsg(LOG_ERR, "caph_enter_casper(): %m");
1088 capsyslog = cap_service_open(capcas, "system.syslog");
1089 if (capsyslog == NULL) {
1090 logmsg(LOG_ERR, "cap_service_open(system.syslog): %m");
1099 xo_error("%s\n%s\n%s\n",
1100 "usage: savecore -c [-v] [device ...]",
1101 " savecore -C [-v] [device ...]",
1102 " savecore [-fkvz] [-m maxdumps] [directory [device ...]]");
1107 main(int argc, char **argv)
1109 cap_rights_t rights;
1110 const char *savedir;
1112 int i, ch, error, savedirfd;
1114 checkfor = compress = clear = force = keep = false;
1116 nfound = nsaved = nerr = 0;
1119 openlog("savecore", LOG_PERROR, LOG_DAEMON);
1120 signal(SIGINFO, infohandler);
1122 argc = xo_parse_args(argc, argv);
1126 while ((ch = getopt(argc, argv, "Ccfkm:vz")) != -1)
1141 maxdumps = atoi(optarg);
1142 if (maxdumps <= 0) {
1143 logmsg(LOG_ERR, "Invalid maxdump value");
1157 if (checkfor && (clear || force || keep))
1159 if (clear && (compress || keep))
1161 if (maxdumps > 0 && (checkfor || clear))
1165 if (argc >= 1 && !checkfor && !clear) {
1166 error = chdir(argv[0]);
1168 logmsg(LOG_ERR, "chdir(%s): %m", argv[0]);
1176 devs = enum_dumpdevs(&argc);
1178 devs = devify(argc, argv);
1180 savedirfd = open(savedir, O_RDONLY | O_DIRECTORY);
1181 if (savedirfd < 0) {
1182 logmsg(LOG_ERR, "open(%s): %m", savedir);
1185 (void)cap_rights_init(&rights, CAP_CREATE, CAP_FCNTL, CAP_FSTATAT,
1186 CAP_FSTATFS, CAP_PREAD, CAP_SYMLINKAT, CAP_FTRUNCATE, CAP_UNLINKAT,
1188 if (caph_rights_limit(savedirfd, &rights) < 0) {
1189 logmsg(LOG_ERR, "cap_rights_limit(): %m");
1193 /* Enter capability mode. */
1194 init_caps(argc, devs);
1196 for (i = 0; i < argc; i++)
1197 DoFile(savedir, savedirfd, devs[i]);
1199 /* Emit minimal output. */
1203 printf("No dump exists\n");
1207 logmsg(LOG_WARNING, "no dumps found");
1208 } else if (nsaved == 0) {
1212 "unsaved dumps found but not saved");
1215 logmsg(LOG_WARNING, "no unsaved dumps found");
1222 infohandler(int sig __unused)