1 /* 2 * Copyright (c) 2000-2019 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 29 #ifndef _KERN_DEBUG_H_ 30 #define _KERN_DEBUG_H_ 31 32 #include <kern/kcdata.h> 33 34 #include <sys/cdefs.h> 35 #include <stdint.h> 36 #include <stdarg.h> 37 #include <uuid/uuid.h> 38 #include <mach/boolean.h> 39 #include <mach/kern_return.h> 40 #include <mach/vm_types.h> 41 42 #ifndef XNU_KERNEL_PRIVATE 43 #include <TargetConditionals.h> 44 #endif 45 46 __BEGIN_DECLS 47 48 #ifdef __APPLE_API_PRIVATE 49 #ifdef __APPLE_API_UNSTABLE 50 51 struct thread_snapshot { 52 uint32_t snapshot_magic; 53 uint32_t nkern_frames; 54 uint32_t nuser_frames; 55 uint64_t wait_event; 56 uint64_t continuation; 57 uint64_t thread_id; 58 uint64_t user_time; 59 uint64_t system_time; 60 int32_t state; 61 int32_t priority; /* static priority */ 62 int32_t sched_pri; /* scheduled (current) priority */ 63 int32_t sched_flags; /* scheduler flags */ 64 char ss_flags; 65 char ts_qos; /* effective qos */ 66 char ts_rqos; /* requested qos */ 67 char ts_rqos_override; /* requested qos override */ 68 char io_tier; 69 /* 70 * In microstackshots, the low two bytes are the start of the first async 71 * frame in the thread's user space call stack. If the call stack lacks 72 * async stack frames, it's `UINT16_MAX`. 73 */ 74 char _reserved[3]; /* pad for 4 byte alignement packing */ 75 76 /* 77 * I/O Statistics 78 * XXX: These fields must be together 79 */ 80 uint64_t disk_reads_count; 81 uint64_t disk_reads_size; 82 uint64_t disk_writes_count; 83 uint64_t disk_writes_size; 84 uint64_t io_priority_count[STACKSHOT_IO_NUM_PRIORITIES]; 85 uint64_t io_priority_size[STACKSHOT_IO_NUM_PRIORITIES]; 86 uint64_t paging_count; 87 uint64_t paging_size; 88 uint64_t non_paging_count; 89 uint64_t non_paging_size; 90 uint64_t data_count; 91 uint64_t data_size; 92 uint64_t metadata_count; 93 uint64_t metadata_size; 94 /* XXX: I/O Statistics end */ 95 96 uint64_t voucher_identifier; /* obfuscated voucher identifier */ 97 uint64_t total_syscalls; 98 char pth_name[STACKSHOT_MAX_THREAD_NAME_SIZE]; 99 } __attribute__((packed)); 100 101 /* old, non kcdata format */ 102 struct task_snapshot { 103 uint32_t snapshot_magic; 104 int32_t pid; 105 uint64_t uniqueid; 106 uint64_t user_time_in_terminated_threads; 107 uint64_t system_time_in_terminated_threads; 108 uint8_t shared_cache_identifier[16]; 109 uint64_t shared_cache_slide; 110 uint32_t nloadinfos; 111 int suspend_count; 112 int task_size; /* pages */ 113 int faults; /* number of page faults */ 114 int pageins; /* number of actual pageins */ 115 int cow_faults; /* number of copy-on-write faults */ 116 uint32_t ss_flags; 117 /* 118 * In microstackshots, `p_start_sec` is actually the resource coalition ID. 119 */ 120 uint64_t p_start_sec; /* from the bsd proc struct */ 121 uint64_t p_start_usec; /* from the bsd proc struct */ 122 123 /* 124 * We restrict ourselves to a statically defined 125 * (current as of 2009) length for the 126 * p_comm string, due to scoping issues (osfmk/bsd and user/kernel 127 * binary compatibility). 128 */ 129 char p_comm[17]; 130 uint32_t was_throttled; 131 uint32_t did_throttle; 132 uint32_t latency_qos; 133 /* 134 * I/O Statistics 135 * XXX: These fields must be together. 136 */ 137 uint64_t disk_reads_count; 138 uint64_t disk_reads_size; 139 uint64_t disk_writes_count; 140 uint64_t disk_writes_size; 141 uint64_t io_priority_count[STACKSHOT_IO_NUM_PRIORITIES]; 142 uint64_t io_priority_size[STACKSHOT_IO_NUM_PRIORITIES]; 143 uint64_t paging_count; 144 uint64_t paging_size; 145 uint64_t non_paging_count; 146 uint64_t non_paging_size; 147 uint64_t data_count; 148 uint64_t data_size; 149 uint64_t metadata_count; 150 uint64_t metadata_size; 151 /* XXX: I/O Statistics end */ 152 153 uint32_t donating_pid_count; 154 } __attribute__ ((packed)); 155 156 157 158 struct micro_snapshot { 159 uint32_t snapshot_magic; 160 uint32_t ms_cpu; /* cpu number this snapshot was recorded on */ 161 uint64_t ms_time; /* time at sample (seconds) */ 162 uint64_t ms_time_microsecs; 163 uint8_t ms_flags; 164 uint16_t ms_opaque_flags; /* managed by external entity, e.g. fdrmicrod */ 165 } __attribute__ ((packed)); 166 167 168 /* 169 * mirrors the dyld_cache_header struct defined in dyld_cache_format.h from dyld source code 170 */ 171 struct _dyld_cache_header { 172 char magic[16]; // e.g. "dyld_v0 i386" 173 uint32_t mappingOffset; // file offset to first dyld_cache_mapping_info 174 uint32_t mappingCount; // number of dyld_cache_mapping_info entries 175 uint32_t imagesOffset; // file offset to first dyld_cache_image_info 176 uint32_t imagesCount; // number of dyld_cache_image_info entries 177 uint64_t dyldBaseAddress; // base address of dyld when cache was built 178 uint64_t codeSignatureOffset;// file offset of code signature blob 179 uint64_t codeSignatureSize; // size of code signature blob (zero means to end of file) 180 uint64_t slideInfoOffset; // file offset of kernel slid info 181 uint64_t slideInfoSize; // size of kernel slid info 182 uint64_t localSymbolsOffset; // file offset of where local symbols are stored 183 uint64_t localSymbolsSize; // size of local symbols information 184 uint8_t uuid[16]; // unique value for each shared cache file 185 uint64_t cacheType; // 0 for development, 1 for production 186 uint32_t branchPoolsOffset; // file offset to table of uint64_t pool addresses 187 uint32_t branchPoolsCount; // number of uint64_t entries 188 uint64_t accelerateInfoAddr; // (unslid) address of optimization info 189 uint64_t accelerateInfoSize; // size of optimization info 190 uint64_t imagesTextOffset; // file offset to first dyld_cache_image_text_info 191 uint64_t imagesTextCount; // number of dyld_cache_image_text_info entries 192 uint64_t dylibsImageGroupAddr;// (unslid) address of ImageGroup for dylibs in this cache 193 uint64_t dylibsImageGroupSize;// size of ImageGroup for dylibs in this cache 194 uint64_t otherImageGroupAddr;// (unslid) address of ImageGroup for other OS dylibs 195 uint64_t otherImageGroupSize;// size of oImageGroup for other OS dylibs 196 uint64_t progClosuresAddr; // (unslid) address of list of program launch closures 197 uint64_t progClosuresSize; // size of list of program launch closures 198 uint64_t progClosuresTrieAddr;// (unslid) address of trie of indexes into program launch closures 199 uint64_t progClosuresTrieSize;// size of trie of indexes into program launch closures 200 uint32_t platform; // platform number (macOS=1, etc) 201 uint32_t formatVersion : 8,// dyld3::closure::kFormatVersion 202 dylibsExpectedOnDisk : 1, // dyld should expect the dylib exists on disk and to compare inode/mtime to see if cache is valid 203 simulator : 1, // for simulator of specified platform 204 locallyBuiltCache : 1, // 0 for B&I built cache, 1 for locally built cache 205 padding : 21; // TBD 206 }; 207 208 /* 209 * mirrors the dyld_cache_image_text_info struct defined in dyld_cache_format.h from dyld source code 210 */ 211 struct _dyld_cache_image_text_info { 212 uuid_t uuid; 213 uint64_t loadAddress; // unslid address of start of __TEXT 214 uint32_t textSegmentSize; 215 uint32_t pathOffset; // offset from start of cache file 216 }; 217 218 219 enum micro_snapshot_flags { 220 kInterruptRecord = 0x1, 221 kTimerArmingRecord = 0x2, 222 kUserMode = 0x4, /* interrupted usermode, or armed by usermode */ 223 kIORecord = 0x8, 224 kPMIRecord = 0x10, 225 kMACFRecord = 0x20, /* armed by MACF policy */ 226 }; 227 228 /* 229 * Flags used in the following assortment of snapshots. 230 */ 231 enum generic_snapshot_flags { 232 kUser64_p = 0x1, /* Userspace uses 64 bit pointers */ 233 kKernel64_p = 0x2 /* The kernel uses 64 bit pointers */ 234 }; 235 236 #define VM_PRESSURE_TIME_WINDOW 5 /* seconds */ 237 238 __options_decl(stackshot_flags_t, uint64_t, { 239 STACKSHOT_GET_DQ = 0x01, 240 STACKSHOT_SAVE_LOADINFO = 0x02, 241 STACKSHOT_GET_GLOBAL_MEM_STATS = 0x04, 242 STACKSHOT_SAVE_KEXT_LOADINFO = 0x08, 243 /* 244 * 0x10, 0x20, 0x40 and 0x80 are reserved. 245 * 246 * See microstackshot_flags_t whose members used to be part of this 247 * declaration. 248 */ 249 STACKSHOT_ACTIVE_KERNEL_THREADS_ONLY = 0x100, 250 STACKSHOT_GET_BOOT_PROFILE = 0x200, 251 STACKSHOT_DO_COMPRESS = 0x400, 252 STACKSHOT_SAVE_IMP_DONATION_PIDS = 0x2000, 253 STACKSHOT_SAVE_IN_KERNEL_BUFFER = 0x4000, 254 STACKSHOT_RETRIEVE_EXISTING_BUFFER = 0x8000, 255 STACKSHOT_KCDATA_FORMAT = 0x10000, 256 STACKSHOT_ENABLE_BT_FAULTING = 0x20000, 257 STACKSHOT_COLLECT_DELTA_SNAPSHOT = 0x40000, 258 /* Include the layout of the system shared cache */ 259 STACKSHOT_COLLECT_SHAREDCACHE_LAYOUT = 0x80000, 260 /* 261 * Kernel consumers of stackshot (via stack_snapshot_from_kernel) can ask 262 * that we try to take the stackshot lock, and fail if we don't get it. 263 */ 264 STACKSHOT_TRYLOCK = 0x100000, 265 STACKSHOT_ENABLE_UUID_FAULTING = 0x200000, 266 STACKSHOT_FROM_PANIC = 0x400000, 267 STACKSHOT_NO_IO_STATS = 0x800000, 268 /* Report owners of and pointers to kernel objects that threads are blocked on */ 269 STACKSHOT_THREAD_WAITINFO = 0x1000000, 270 STACKSHOT_THREAD_GROUP = 0x2000000, 271 STACKSHOT_SAVE_JETSAM_COALITIONS = 0x4000000, 272 STACKSHOT_INSTRS_CYCLES = 0x8000000, 273 STACKSHOT_ASID = 0x10000000, 274 STACKSHOT_PAGE_TABLES = 0x20000000, 275 STACKSHOT_DISABLE_LATENCY_INFO = 0x40000000, 276 STACKSHOT_SAVE_DYLD_COMPACTINFO = 0x80000000, 277 STACKSHOT_INCLUDE_DRIVER_THREADS_IN_KERNEL = 0x100000000, 278 }); // Note: Add any new flags to kcdata.py (stackshot_in_flags) 279 280 __options_decl(microstackshot_flags_t, uint32_t, { 281 STACKSHOT_GET_MICROSTACKSHOT = 0x10, 282 STACKSHOT_GLOBAL_MICROSTACKSHOT_ENABLE = 0x20, 283 STACKSHOT_GLOBAL_MICROSTACKSHOT_DISABLE = 0x40, 284 STACKSHOT_SET_MICROSTACKSHOT_MARK = 0x80, 285 }); 286 287 #define STACKSHOT_THREAD_SNAPSHOT_MAGIC 0xfeedface 288 #define STACKSHOT_TASK_SNAPSHOT_MAGIC 0xdecafbad 289 #define STACKSHOT_MEM_AND_IO_SNAPSHOT_MAGIC 0xbfcabcde 290 #define STACKSHOT_MICRO_SNAPSHOT_MAGIC 0x31c54011 291 292 #define STACKSHOT_PAGETABLES_MASK_ALL ~0 293 294 #define KF_SERIAL_OVRD (0x2) 295 #define KF_PMAPV_OVRD (0x4) 296 #define KF_MATV_OVRD (0x8) 297 #define KF_STACKSHOT_OVRD (0x10) 298 #define KF_COMPRSV_OVRD (0x20) 299 #define KF_INTERRUPT_MASKED_DEBUG_OVRD (0x40) 300 #define KF_TRAPTRACE_OVRD (0x80) 301 #define KF_IOTRACE_OVRD (0x100) 302 #define KF_INTERRUPT_MASKED_DEBUG_STACKSHOT_OVRD (0x200) 303 #define KF_SCHED_HYGIENE_DEBUG_PMC_OVRD (0x400) 304 #define KF_RW_LOCK_DEBUG_OVRD (0x800) 305 #define KF_MADVISE_FREE_DEBUG_OVRD (0x1000) 306 #define KF_DISABLE_FP_POPC_ON_PGFLT (0x2000) 307 #define KF_IO_TIMEOUT_OVRD (0x8000) 308 309 boolean_t kern_feature_override(uint32_t fmask); 310 311 __options_decl(eph_panic_flags_t, uint64_t, { 312 EMBEDDED_PANIC_HEADER_FLAG_COREDUMP_COMPLETE = 0x01, /* INFO: coredump completed */ 313 EMBEDDED_PANIC_HEADER_FLAG_STACKSHOT_SUCCEEDED = 0x02, /* INFO: stackshot completed */ 314 EMBEDDED_PANIC_HEADER_FLAG_STACKSHOT_FAILED_DEBUGGERSYNC = 0x04, /* ERROR: stackshot failed to sync with external debugger */ 315 EMBEDDED_PANIC_HEADER_FLAG_STACKSHOT_FAILED_ERROR = 0x08, /* ERROR: stackshot failed */ 316 EMBEDDED_PANIC_HEADER_FLAG_STACKSHOT_FAILED_INCOMPLETE = 0x10, /* ERROR: stackshot is partially complete */ 317 EMBEDDED_PANIC_HEADER_FLAG_STACKSHOT_FAILED_NESTED = 0x20, /* ERROR: stackshot caused a nested panic */ 318 EMBEDDED_PANIC_HEADER_FLAG_NESTED_PANIC = 0x40, /* ERROR: panic handler encountered a panic */ 319 EMBEDDED_PANIC_HEADER_FLAG_BUTTON_RESET_PANIC = 0x80, /* INFO: force-reset panic: user held power button to force shutdown */ 320 EMBEDDED_PANIC_HEADER_FLAG_COPROC_INITIATED_PANIC = 0x100, /* INFO: panic was triggered by a companion processor (not Xnu) */ 321 EMBEDDED_PANIC_HEADER_FLAG_COREDUMP_FAILED = 0x200, /* ERROR: coredump failed to complete */ 322 EMBEDDED_PANIC_HEADER_FLAG_COMPRESS_FAILED = 0x400, /* ERROR: stackshot failed to compress */ 323 EMBEDDED_PANIC_HEADER_FLAG_STACKSHOT_DATA_COMPRESSED = 0x800, /* INFO: stackshot data is compressed */ 324 EMBEDDED_PANIC_HEADER_FLAG_ENCRYPTED_COREDUMP_SKIPPED = 0x1000, /* ERROR: coredump policy requires encryption, but encryptions is not initialized or available */ 325 EMBEDDED_PANIC_HEADER_FLAG_KERNEL_COREDUMP_SKIPPED_EXCLUDE_REGIONS_UNAVAILABLE = 0x2000, /* ERROR: coredump region exclusion list is not available */ 326 EMBEDDED_PANIC_HEADER_FLAG_COREFILE_UNLINKED = 0x4000, /* ERROR: coredump output file is not linked */ 327 EMBEDDED_PANIC_HEADER_FLAG_INCOHERENT_PANICLOG = 0x8000 /* ERROR: paniclog integrity check failed (a warning to consumer code i.e. DumpPanic) */ 328 }); 329 330 #define EMBEDDED_PANIC_HEADER_CURRENT_VERSION 4 331 #define EMBEDDED_PANIC_MAGIC 0x46554E4B /* FUNK */ 332 #define EMBEDDED_PANIC_HEADER_OSVERSION_LEN 32 333 334 /* 335 * Any updates to this header should be also updated in astris as it can not 336 * grab this header from the SDK. 337 * 338 * NOTE: DO NOT REMOVE OR CHANGE THE MEANING OF ANY FIELDS FROM THIS STRUCTURE. 339 * Any modifications should add new fields at the end, bump the version number 340 * and be done alongside astris and DumpPanic changes. 341 */ 342 struct embedded_panic_header { 343 uint32_t eph_magic; /* EMBEDDED_PANIC_MAGIC if valid */ 344 uint32_t eph_crc; /* CRC of everything following the ph_crc in the header and the contents */ 345 uint32_t eph_version; /* embedded_panic_header version */ 346 eph_panic_flags_t eph_panic_flags; /* Flags indicating any state or relevant details */ 347 uint32_t eph_panic_log_offset; /* Offset of the beginning of the panic log from the beginning of the header */ 348 uint32_t eph_panic_log_len; /* length of the panic log */ 349 uint32_t eph_stackshot_offset; /* Offset of the beginning of the panic stackshot from the beginning of the header */ 350 uint32_t eph_stackshot_len; /* length of the panic stackshot (0 if not valid ) */ 351 uint32_t eph_other_log_offset; /* Offset of the other log (any logging subsequent to the stackshot) from the beginning of the header */ 352 uint32_t eph_other_log_len; /* length of the other log */ 353 union { 354 struct { 355 uint64_t eph_x86_power_state:8, 356 eph_x86_efi_boot_state:8, 357 eph_x86_system_state:8, 358 eph_x86_unused_bits:40; 359 }; // anonymous struct to group the bitfields together. 360 uint64_t eph_x86_do_not_use; /* Used for offsetof/sizeof when parsing header */ 361 }; 362 char eph_os_version[EMBEDDED_PANIC_HEADER_OSVERSION_LEN]; 363 char eph_macos_version[EMBEDDED_PANIC_HEADER_OSVERSION_LEN]; 364 uuid_string_t eph_bootsessionuuid_string; /* boot session UUID */ 365 uint64_t eph_roots_installed; /* bitmap indicating which roots are installed on this system */ 366 } __attribute__((packed)); 367 368 369 #define MACOS_PANIC_HEADER_CURRENT_VERSION 3 370 #define MACOS_PANIC_MAGIC 0x44454544 /* DEED */ 371 372 __options_decl(mph_panic_flags_t, uint64_t, { 373 MACOS_PANIC_HEADER_FLAG_NESTED_PANIC = 0x01, /* ERROR: panic handler encountered a panic */ 374 MACOS_PANIC_HEADER_FLAG_COPROC_INITIATED_PANIC = 0x02, /* INFO: panic was triggered by a companion processor (not Xnu) */ 375 MACOS_PANIC_HEADER_FLAG_STACKSHOT_SUCCEEDED = 0x04, /* INFO: stackshot completed */ 376 MACOS_PANIC_HEADER_FLAG_STACKSHOT_DATA_COMPRESSED = 0x08, /* INFO: stackshot data is compressed */ 377 MACOS_PANIC_HEADER_FLAG_STACKSHOT_FAILED_DEBUGGERSYNC = 0x10, /* ERROR: stackshot failed to sync with external debugger */ 378 MACOS_PANIC_HEADER_FLAG_STACKSHOT_FAILED_ERROR = 0x20, /* ERROR: stackshot failed */ 379 MACOS_PANIC_HEADER_FLAG_STACKSHOT_FAILED_INCOMPLETE = 0x40, /* ERROR: stackshot is partially complete */ 380 MACOS_PANIC_HEADER_FLAG_STACKSHOT_FAILED_NESTED = 0x80, /* ERROR: stackshot caused a nested panic */ 381 MACOS_PANIC_HEADER_FLAG_COREDUMP_COMPLETE = 0x100, /* INFO: coredump completed */ 382 MACOS_PANIC_HEADER_FLAG_COREDUMP_FAILED = 0x200, /* ERROR: coredump failed to complete */ 383 MACOS_PANIC_HEADER_FLAG_STACKSHOT_KERNEL_ONLY = 0x400, /* ERROR: stackshot contains only kernel data (e.g. due to space limitations) */ 384 MACOS_PANIC_HEADER_FLAG_STACKSHOT_FAILED_COMPRESS = 0x800, /* ERROR: stackshot failed to compress */ 385 MACOS_PANIC_HEADER_FLAG_ENCRYPTED_COREDUMP_SKIPPED = 0x1000, /* ERROR: coredump policy requires encryption, but encryptions is not initialized or available */ 386 MACOS_PANIC_HEADER_FLAG_KERNEL_COREDUMP_SKIPPED_EXCLUDE_REGIONS_UNAVAILABLE = 0x2000, /* ERROR: coredump region exclusion list is not available */ 387 MACOS_PANIC_HEADER_FLAG_COREFILE_UNLINKED = 0x4000, /* ERROR: coredump output file is not linked */ 388 MACOS_PANIC_HEADER_FLAG_INCOHERENT_PANICLOG = 0x8000 /* ERROR: paniclog integrity check failed (a warning to consumer code i.e. DumpPanic) */ 389 }); 390 391 struct macos_panic_header { 392 uint32_t mph_magic; /* MACOS_PANIC_MAGIC if valid */ 393 uint32_t mph_crc; /* CRC of everything following mph_crc in the header and the contents */ 394 uint32_t mph_version; /* macos_panic_header version */ 395 uint32_t mph_padding; /* unused */ 396 mph_panic_flags_t mph_panic_flags; /* Flags indicating any state or relevant details */ 397 uint32_t mph_panic_log_offset; /* Offset of the panic log from the beginning of the header */ 398 uint32_t mph_panic_log_len; /* length of the panic log */ 399 uint32_t mph_stackshot_offset; /* Offset of the panic stackshot from the beginning of the header */ 400 uint32_t mph_stackshot_len; /* length of the panic stackshot */ 401 uint32_t mph_other_log_offset; /* Offset of the other log (any logging subsequent to the stackshot) from the beginning of the header */ 402 uint32_t mph_other_log_len; /* length of the other log */ 403 uint64_t mph_roots_installed; /* bitmap indicating which roots are installed on this system */ 404 char mph_data[]; /* panic data -- DO NOT ACCESS THIS FIELD DIRECTLY. Use the offsets above relative to the beginning of the header */ 405 } __attribute__((packed)); 406 407 /* 408 * Any change to the below structure should mirror the structure defined in MacEFIFirmware 409 * (and vice versa) 410 */ 411 412 struct efi_aurr_panic_header { 413 uint32_t efi_aurr_magic; 414 uint32_t efi_aurr_crc; 415 uint32_t efi_aurr_version; 416 uint32_t efi_aurr_reset_cause; 417 uint32_t efi_aurr_reset_log_offset; 418 uint32_t efi_aurr_reset_log_len; 419 char efi_aurr_panic_data[]; 420 } __attribute__((packed)); 421 422 /* 423 * EXTENDED_/DEBUG_BUF_SIZE can't grow without updates to SMC and iBoot to store larger panic logs on co-processor systems 424 */ 425 #define EXTENDED_DEBUG_BUF_SIZE 0x0013ff80 426 427 #define EFI_AURR_PANIC_STRING_MAX_LEN 112 428 #define EFI_AURR_EXTENDED_LOG_SIZE (EXTENDED_DEBUG_BUF_SIZE - sizeof(struct efi_aurr_panic_header) - EFI_AURR_PANIC_STRING_MAX_LEN) 429 430 struct efi_aurr_extended_panic_log { 431 char efi_aurr_extended_log_buf[EFI_AURR_EXTENDED_LOG_SIZE]; 432 uint32_t efi_aurr_log_tail; /* Circular buffer indices */ 433 uint32_t efi_aurr_log_head; /* ditto.. */ 434 } __attribute__((packed)); 435 436 #endif /* __APPLE_API_UNSTABLE */ 437 #endif /* __APPLE_API_PRIVATE */ 438 439 /* 440 * If non-zero, this physical address had an ECC error that led to a panic. 441 */ 442 extern uint64_t ecc_panic_physical_address; 443 444 #ifdef KERNEL 445 446 __abortlike __printflike(1, 2) 447 extern void panic(const char *string, ...); 448 449 #endif /* KERNEL */ 450 451 #ifdef KERNEL_PRIVATE 452 #if DEBUG 453 #ifndef DKPR 454 #define DKPR 1 455 #endif 456 #endif 457 458 #if DKPR 459 /* 460 * For the DEBUG kernel, support the following: 461 * sysctl -w debug.kprint_syscall=<syscall_mask> 462 * sysctl -w debug.kprint_syscall_process=<p_comm> 463 * <syscall_mask> should be an OR of the masks below 464 * for UNIX, MACH, MDEP, or IPC. This debugging aid 465 * assumes the task/process is locked/wired and will 466 * not go away during evaluation. If no process is 467 * specified, all processes will be traced 468 */ 469 extern int debug_kprint_syscall; 470 extern int debug_kprint_current_process(const char **namep); 471 #define DEBUG_KPRINT_SYSCALL_PREDICATE_INTERNAL(mask, namep) \ 472 ( (debug_kprint_syscall & (mask)) && debug_kprint_current_process(namep) ) 473 #define DEBUG_KPRINT_SYSCALL_MASK(mask, fmt, args...) do { \ 474 const char *dks_name = NULL; \ 475 if (DEBUG_KPRINT_SYSCALL_PREDICATE_INTERNAL(mask, &dks_name)) { \ 476 kprintf("[%s%s%p]" fmt, dks_name ? dks_name : "", \ 477 dks_name ? "@" : "", current_thread(), args); \ 478 } \ 479 } while (0) 480 #else /* !DEBUG */ 481 #define DEBUG_KPRINT_SYSCALL_PREDICATE_INTERNAL(mask, namep) (0) 482 #define DEBUG_KPRINT_SYSCALL_MASK(mask, fmt, args...) do { } while (0) /* kprintf(fmt, args) */ 483 #endif /* !DEBUG */ 484 485 enum { 486 DEBUG_KPRINT_SYSCALL_UNIX_MASK = 1 << 0, 487 DEBUG_KPRINT_SYSCALL_MACH_MASK = 1 << 1, 488 DEBUG_KPRINT_SYSCALL_MDEP_MASK = 1 << 2, 489 DEBUG_KPRINT_SYSCALL_IPC_MASK = 1 << 3 490 }; 491 492 #define DEBUG_KPRINT_SYSCALL_PREDICATE(mask) \ 493 DEBUG_KPRINT_SYSCALL_PREDICATE_INTERNAL(mask, NULL) 494 #define DEBUG_KPRINT_SYSCALL_UNIX(fmt, args...) \ 495 DEBUG_KPRINT_SYSCALL_MASK(DEBUG_KPRINT_SYSCALL_UNIX_MASK,fmt,args) 496 #define DEBUG_KPRINT_SYSCALL_MACH(fmt, args...) \ 497 DEBUG_KPRINT_SYSCALL_MASK(DEBUG_KPRINT_SYSCALL_MACH_MASK,fmt,args) 498 #define DEBUG_KPRINT_SYSCALL_MDEP(fmt, args...) \ 499 DEBUG_KPRINT_SYSCALL_MASK(DEBUG_KPRINT_SYSCALL_MDEP_MASK,fmt,args) 500 #define DEBUG_KPRINT_SYSCALL_IPC(fmt, args...) \ 501 DEBUG_KPRINT_SYSCALL_MASK(DEBUG_KPRINT_SYSCALL_IPC_MASK,fmt,args) 502 503 /* Debug boot-args */ 504 #define DB_HALT 0x1 505 //#define DB_PRT 0x2 -- obsolete 506 #define DB_NMI 0x4 507 #define DB_KPRT 0x8 508 #define DB_KDB 0x10 509 #define DB_ARP 0x40 510 #define DB_KDP_BP_DIS 0x80 511 //#define DB_LOG_PI_SCRN 0x100 -- obsolete 512 #define DB_KDP_GETC_ENA 0x200 513 514 #define DB_KERN_DUMP_ON_PANIC 0x400 /* Trigger core dump on panic*/ 515 #define DB_KERN_DUMP_ON_NMI 0x800 /* Trigger core dump on NMI */ 516 #define DB_DBG_POST_CORE 0x1000 /*Wait in debugger after NMI core */ 517 #define DB_PANICLOG_DUMP 0x2000 /* Send paniclog on panic,not core*/ 518 #define DB_REBOOT_POST_CORE 0x4000 /* Attempt to reboot after 519 * post-panic crashdump/paniclog 520 * dump. 521 */ 522 #define DB_NMI_BTN_ENA 0x8000 /* Enable button to directly trigger NMI */ 523 /* 0x10000 was DB_PRT_KDEBUG (kprintf kdebug events), feature removed */ 524 #define DB_DISABLE_LOCAL_CORE 0x20000 /* ignore local kernel core dump support */ 525 #define DB_DISABLE_GZIP_CORE 0x40000 /* don't gzip kernel core dumps */ 526 #define DB_DISABLE_CROSS_PANIC 0x80000 /* x86 only - don't trigger cross panics. Only 527 * necessary to enable x86 kernel debugging on 528 * configs with a dev-fused co-processor running 529 * release bridgeOS. 530 */ 531 #define DB_REBOOT_ALWAYS 0x100000 /* Don't wait for debugger connection */ 532 #define DB_DISABLE_STACKSHOT_TO_DISK 0x200000 /* Disable writing stackshot to local disk */ 533 534 /* 535 * Values for a 64-bit mask that's passed to the debugger. 536 */ 537 #define DEBUGGER_OPTION_NONE 0x0ULL 538 #define DEBUGGER_OPTION_PANICLOGANDREBOOT 0x1ULL /* capture a panic log and then reboot immediately */ 539 #define DEBUGGER_OPTION_INITPROC_PANIC 0x20ULL 540 #define DEBUGGER_OPTION_COPROC_INITIATED_PANIC 0x40ULL /* panic initiated by a co-processor */ 541 #define DEBUGGER_OPTION_SKIP_LOCAL_COREDUMP 0x80ULL /* don't try to save local coredumps for this panic */ 542 #define DEBUGGER_OPTION_ATTEMPTCOREDUMPANDREBOOT 0x100ULL /* attempt to save coredump. always reboot */ 543 #define DEBUGGER_INTERNAL_OPTION_THREAD_BACKTRACE 0x200ULL /* backtrace the specified thread in the paniclog (x86 only) */ 544 #define DEBUGGER_OPTION_PRINT_CPU_USAGE_PANICLOG 0x400ULL /* print extra CPU usage data in the panic log */ 545 #define DEBUGGER_OPTION_SKIP_PANICEND_CALLOUTS 0x800ULL /* (bridgeOS) skip the kPEPanicEnd callouts -- don't wait for x86 to finish sending panic data */ 546 547 #define DEBUGGER_INTERNAL_OPTIONS_MASK (DEBUGGER_INTERNAL_OPTION_THREAD_BACKTRACE) 548 549 #define __STRINGIFY(x) #x 550 #define LINE_NUMBER(x) __STRINGIFY(x) 551 #ifdef __FILE_NAME__ 552 #define PANIC_LOCATION __FILE_NAME__ ":" LINE_NUMBER(__LINE__) 553 #else 554 #define PANIC_LOCATION __FILE__ ":" LINE_NUMBER(__LINE__) 555 #define __FILE_NAME__ __FILE__ 556 #endif 557 558 /* Macros for XNU platform stalls 559 * The "location" macros specify points where we can stall or panic 560 * The "action" macros specify the action to take at these points. 561 * The default action is to stall. */ 562 #if (DEVELOPMENT || DEBUG) 563 #define PLATFORM_STALL_XNU_DISABLE (0) 564 #define PLATFORM_STALL_XNU_LOCATION_ARM_INIT (0x1ULL << 0) 565 #define PLATFORM_STALL_XNU_LOCATION_KERNEL_BOOTSTRAP (0x1ULL << 1) 566 #define PLATFORM_STALL_XNU_LOCATION_BSD_INIT (0x1ULL << 2) 567 #define PLATFORM_STALL_XNU_ACTION_PANIC (0x1ULL << 7) 568 569 extern uint64_t xnu_platform_stall_value; 570 571 void platform_stall_panic_or_spin(uint32_t req); 572 573 #endif 574 575 #if XNU_KERNEL_PRIVATE 576 #define panic(ex, ...) ({ \ 577 __asm__("" ::: "memory"); \ 578 (panic)(ex " @%s:%d", ## __VA_ARGS__, __FILE_NAME__, __LINE__); \ 579 }) 580 #else 581 #define panic(ex, ...) ({ \ 582 __asm__("" ::: "memory"); \ 583 (panic)(#ex " @%s:%d", ## __VA_ARGS__, __FILE_NAME__, __LINE__); \ 584 }) 585 #endif 586 #define panic_plain(ex, ...) (panic)(ex, ## __VA_ARGS__) 587 588 struct task; 589 struct thread; 590 struct proc; 591 592 __abortlike __printflike(4, 5) 593 void panic_with_options(unsigned int reason, void *ctx, 594 uint64_t debugger_options_mask, const char *str, ...); 595 void Debugger(const char * message); 596 void populate_model_name(char *); 597 598 boolean_t panic_validate_ptr(void *ptr, vm_size_t size, const char *what); 599 600 boolean_t panic_get_thread_proc_task(struct thread *thread, struct task **task, struct proc **proc); 601 602 #define PANIC_VALIDATE_PTR(expr) \ 603 panic_validate_ptr(expr, sizeof(*(expr)), #expr) 604 605 606 #if defined(__arm__) || defined(__arm64__) 607 /* Note that producer_name and buf should never be de-allocated as we reference these during panic */ 608 void register_additional_panic_data_buffer(const char *producer_name, void *buf, int len); 609 #endif 610 611 unsigned panic_active(void); 612 613 #endif /* KERNEL_PRIVATE */ 614 615 #if XNU_KERNEL_PRIVATE 616 617 #if defined (__x86_64__) 618 struct thread; 619 620 __abortlike __printflike(5, 6) 621 void panic_with_thread_context(unsigned int reason, void *ctx, 622 uint64_t debugger_options_mask, struct thread* th, const char *str, ...); 623 #endif 624 625 /* limit the max size to a reasonable length */ 626 #define ADDITIONAL_PANIC_DATA_BUFFER_MAX_LEN 64 627 628 struct additional_panic_data_buffer { 629 const char *producer_name; 630 void *buf; 631 int len; 632 }; 633 634 extern struct additional_panic_data_buffer *panic_data_buffers; 635 636 boolean_t oslog_is_safe(void); 637 boolean_t debug_mode_active(void); 638 boolean_t stackshot_active(void); 639 void panic_stackshot_reset_state(void); 640 641 /* 642 * @function stack_snapshot_from_kernel 643 * 644 * @abstract Stackshot function for kernel consumers who have their own buffer. 645 * 646 * @param pid the PID to be traced or -1 for the whole system 647 * @param buf a pointer to the buffer where the stackshot should be written 648 * @param size the size of the buffer 649 * @param flags flags to be passed to the stackshot 650 * @param delta_since_timestamp start time for delta period 651 * @param pagetable_mask if pagetable dumping is set in flags, the mask of page table levels to dump 652 * @bytes_traced a pointer to be filled with the length of the stackshot 653 * 654 */ 655 kern_return_t 656 stack_snapshot_from_kernel(int pid, void *buf, uint32_t size, uint64_t flags, 657 uint64_t delta_since_timestamp, uint32_t pagetable_mask, unsigned *bytes_traced); 658 659 /* 660 * Returns whether on device corefiles are enabled based on the build 661 * and boot configuration. 662 */ 663 boolean_t on_device_corefile_enabled(void); 664 665 /* 666 * Returns whether panic stackshot to disk is enabled based on the build 667 * and boot configuration. 668 */ 669 boolean_t panic_stackshot_to_disk_enabled(void); 670 671 #if defined(__x86_64__) 672 extern char debug_buf[]; 673 extern boolean_t coprocessor_paniclog_flush; 674 extern boolean_t extended_debug_log_enabled; 675 #endif /* defined(__x86_64__) */ 676 677 extern char *debug_buf_base; 678 679 #if defined(XNU_TARGET_OS_BRIDGE) 680 extern uint64_t macos_panic_base; 681 extern unsigned int macos_panic_size; 682 #endif /* defined(XNU_TARGET_OS_BRIDGE) */ 683 684 extern char kernel_uuid_string[]; 685 extern char panic_disk_error_description[]; 686 extern size_t panic_disk_error_description_size; 687 688 extern unsigned char *kernel_uuid; 689 extern unsigned int debug_boot_arg; 690 extern int verbose_panic_flow_logging; 691 692 extern boolean_t kernelcache_uuid_valid; 693 extern uuid_t kernelcache_uuid; 694 extern uuid_string_t kernelcache_uuid_string; 695 696 extern boolean_t pageablekc_uuid_valid; 697 extern uuid_t pageablekc_uuid; 698 extern uuid_string_t pageablekc_uuid_string; 699 700 extern boolean_t auxkc_uuid_valid; 701 extern uuid_t auxkc_uuid; 702 extern uuid_string_t auxkc_uuid_string; 703 704 extern boolean_t doprnt_hide_pointers; 705 706 extern unsigned int halt_in_debugger; /* pending halt in debugger after boot */ 707 extern unsigned int current_debugger; 708 #define NO_CUR_DB 0x0 709 #define KDP_CUR_DB 0x1 710 711 extern unsigned int active_debugger; 712 extern unsigned int kernel_debugger_entry_count; 713 714 extern unsigned int panicDebugging; 715 716 extern const char *debugger_panic_str; 717 718 extern char *debug_buf_ptr; 719 extern unsigned int debug_buf_size; 720 721 extern void debug_log_init(void); 722 extern void debug_putc(char); 723 extern boolean_t debug_is_current_cpu_in_panic_state(void); 724 725 /* 726 * Initialize the physical carveout requested with the `phys_carveout_mb` 727 * boot-arg. This should only be called at kernel startup, when physically 728 * contiguous pages are plentiful. 729 */ 730 extern void phys_carveout_init(void); 731 732 /* 733 * Check whether a kernel virtual address points within the physical carveout. 734 */ 735 extern boolean_t debug_is_in_phys_carveout(vm_map_offset_t va); 736 737 /* 738 * Check whether the physical carveout should be included in a coredump. 739 */ 740 extern boolean_t debug_can_coredump_phys_carveout(void); 741 742 extern vm_offset_t phys_carveout; 743 extern uintptr_t phys_carveout_pa; 744 extern size_t phys_carveout_size; 745 746 extern boolean_t kernel_debugging_restricted(void); 747 748 #if defined (__x86_64__) 749 extern void extended_debug_log_init(void); 750 751 int packA(char *inbuf, uint32_t length, uint32_t buflen); 752 void unpackA(char *inbuf, uint32_t length); 753 754 #define PANIC_STACKSHOT_BUFSIZE (1024 * 1024) 755 756 extern uintptr_t panic_stackshot_buf; 757 extern size_t panic_stackshot_buf_len; 758 759 extern size_t panic_stackshot_len; 760 #endif /* defined (__x86_64__) */ 761 762 void SavePanicInfo(const char *message, void *panic_data, uint64_t panic_options); 763 void paniclog_flush(void); 764 void panic_display_zalloc(void); /* in zalloc.c */ 765 void panic_display_kernel_aslr(void); 766 void panic_display_hibb(void); 767 void panic_display_model_name(void); 768 void panic_display_kernel_uuid(void); 769 void panic_display_process_name(void); 770 void panic_print_symbol_name(vm_address_t search); 771 #if CONFIG_ECC_LOGGING 772 void panic_display_ecc_errors(void); 773 #endif /* CONFIG_ECC_LOGGING */ 774 void panic_display_compressor_stats(void); 775 776 /* 777 * @var not_in_kdp 778 * 779 * @abstract True if we're in normal kernel operation, False if we're in a 780 * single-core debugger context. 781 */ 782 extern unsigned int not_in_kdp; 783 784 #define DEBUGGER_NO_CPU -1 785 786 typedef enum { 787 DBOP_NONE, 788 DBOP_STACKSHOT, 789 DBOP_RESET_PGO_COUNTERS, 790 DBOP_PANIC, 791 DBOP_DEBUGGER, 792 DBOP_BREAKPOINT, 793 } debugger_op; 794 795 __printflike(3, 0) 796 kern_return_t DebuggerTrapWithState(debugger_op db_op, const char *db_message, const char *db_panic_str, va_list *db_panic_args, 797 uint64_t db_panic_options, void *db_panic_data_ptr, boolean_t db_proceed_on_sync_failure, unsigned long db_panic_caller); 798 void handle_debugger_trap(unsigned int exception, unsigned int code, unsigned int subcode, void *state); 799 800 void DebuggerWithContext(unsigned int reason, void *ctx, const char *message, uint64_t debugger_options_mask, unsigned long debugger_caller); 801 802 const char *sysctl_debug_get_preoslog(size_t *size); 803 void sysctl_debug_free_preoslog(void); 804 805 #if DEBUG || DEVELOPMENT 806 /* leak pointer scan definitions */ 807 808 enum{ 809 kInstanceFlagAddress = 0x01UL, 810 kInstanceFlagReferenced = 0x02UL, 811 kInstanceFlags = 0x03UL 812 }; 813 814 #define INSTANCE_GET(x) ((x) & ~kInstanceFlags) 815 #define INSTANCE_PUT(x) ((x) ^ ~kInstanceFlags) 816 817 typedef void (^leak_site_proc)(uint32_t siteCount, uint32_t elem_size, uint32_t btref); 818 819 extern kern_return_t 820 zone_leaks(const char * zoneName, uint32_t nameLen, leak_site_proc proc); 821 822 extern void 823 zone_leaks_scan(uintptr_t * instances, uint32_t count, uint32_t zoneSize, uint32_t * found); 824 825 /* panic testing hooks */ 826 827 #define PANIC_TEST_CASE_DISABLED 0 828 #define PANIC_TEST_CASE_RECURPANIC_ENTRY 0x2 // recursive panic at panic entrypoint, before panic data structures are initialized 829 #define PANIC_TEST_CASE_RECURPANIC_PRELOG 0x4 // recursive panic prior to paniclog being written 830 #define PANIC_TEST_CASE_RECURPANIC_POSTLOG 0x8 // recursive panic after paniclog has been written 831 #define PANIC_TEST_CASE_RECURPANIC_POSTCORE 0x10 // recursive panic after corefile has been written 832 #define PANIC_TEST_CASE_COREFILE_IO_ERR 0x20 // single IO error in the corefile write path 833 extern unsigned int panic_test_case; 834 835 #define PANIC_TEST_FAILURE_MODE_BADPTR 0x1 // dereference a bad pointer 836 #define PANIC_TEST_FAILURE_MODE_SPIN 0x2 // spin until watchdog kicks in 837 #define PANIC_TEST_FAILURE_MODE_PANIC 0x4 // explicit panic 838 extern unsigned int panic_test_failure_mode; // panic failure mode 839 840 extern unsigned int panic_test_action_count; // test parameter, depends on test case 841 842 #endif /* DEBUG || DEVELOPMENT */ 843 844 /* 845 * A callback that reads or writes data from a given offset into the corefile. It is understood that this 846 * callback should only be used from within the context where it is given. It should never be stored and 847 * reused later on. 848 */ 849 typedef kern_return_t (*IOCoreFileAccessCallback)(void *context, boolean_t write, uint64_t offset, int length, void *buffer); 850 851 /* 852 * A callback that receives temporary file-system access to the kernel corefile 853 * 854 * Parameters: 855 * - access: A function to call for reading/writing the kernel corefile. 856 * - access_context: The context that should be passed to the 'access' function. 857 * - recipient_context: The recipient-specific context. Can be anything. 858 */ 859 typedef kern_return_t (*IOCoreFileAccessRecipient)(IOCoreFileAccessCallback access, void *access_context, void *recipient_context); 860 861 /* 862 * Provides safe and temporary file-system access to the kernel corefile to the given recipient callback. 863 * It does so by opening the kernel corefile, then calling the 'recipient' callback, passing it an IOCoreFileAccessCallback 864 * function that it can use to read/write data, then closing the kernel corefile as soon as the recipient returns. 865 * 866 * Parameters: 867 * - recipient: A function to call, providing it access to the kernel corefile. 868 * - recipient_context: Recipient-specific context. Can be anything. 869 */ 870 extern kern_return_t 871 IOProvideCoreFileAccess(IOCoreFileAccessRecipient recipient, void *recipient_context); 872 873 struct kdp_core_encryption_key_descriptor { 874 uint64_t kcekd_format; 875 uint16_t kcekd_size; 876 void * kcekd_key; 877 }; 878 879 /* 880 * Registers a new kernel (and co-processor) coredump encryption key. The key format should be one of the 881 * supported "next" key formats in mach_debug_types.h. The recipient context pointer should point to a kdp_core_encryption_key_descriptor 882 * structure. 883 * 884 * Note that the given key pointer should be allocated using `kmem_alloc(kernel_map, <pointer>, <size>, VM_KERN_MEMORY_DIAG)` 885 * 886 * Note that upon successful completion, this function will adopt the given public key pointer 887 * and the caller should NOT release it. 888 */ 889 kern_return_t kdp_core_handle_new_encryption_key(IOCoreFileAccessCallback access_data, void *access_context, void *recipient_context); 890 891 /* 892 * Enum of allowed values for the 'lbr_support' boot-arg 893 */ 894 typedef enum { 895 LBR_ENABLED_NONE, 896 LBR_ENABLED_USERMODE, 897 LBR_ENABLED_KERNELMODE, 898 LBR_ENABLED_ALLMODES 899 } lbr_modes_t; 900 901 extern lbr_modes_t last_branch_enabled_modes; 902 903 #endif /* XNU_KERNEL_PRIVATE */ 904 905 __END_DECLS 906 907 #endif /* _KERN_DEBUG_H_ */ 908