[LTP] [RFC PATCH] scripts: Dump /proc and /sys

[LTP] [RFC PATCH] scripts: Dump /proc and /sys

[Richard Palethorpe]

When a test fails during automated testing, the state of the system may be
lost due to storage constraints or hardware availability. For example, if the
system under test is virtualized, then the VM image may no longer be available
due to storage capacity limits. Or if one is testing a bare metal system then the
hardware may no longer be accessible for whatever reason.

The serial console output may be available, but lacking some information. So
in order to retain more information (about the kernel at least), we can
systematically copy the contents of /proc and /sys.

Not all sysfs or proc files are meant to be read or block indefinitely or are
infinitely large etc. So the script only tries to copy ~256K from each file
and times out after a second. Files which appear to be OK to read from are
saved to a white list which can be used during future invocations to save some
time.
---
 scripts/proc_sys_dump.sh | 106 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 106 insertions(+)
 create mode 100644 scripts/proc_sys_dump.sh

diff --git a/scripts/proc_sys_dump.sh b/scripts/proc_sys_dump.sh
new file mode 100644
index 000000000..f845fb46a
--- /dev/null
+++ b/scripts/proc_sys_dump.sh
@@ -0,0 +1,106 @@
+#!/bin/sh
+
+dump_dir=/tmp/dump
+white_list=/tmp/dump/white.list
+use_white_list=
+timeout=1
+batch_size=1000
+
+echo Dump /proc and /sys script, written by rpalethorpe@suse.com
+
+while getopts d:w:u:t:b:h arg
+do case $arg in
+       d) dump_dir="$OPTARG" ;;
+       w) white_list="$OPTARG" ;;
+       u) use_white_list="$OPTARG" ;;
+       t) timeout="$OPTARG" ;;
+       b) batch_size="$OPTARG" ;;
+       h) cat <<-EOF >&1
+
+This script partially dumps the contents of /proc and /sys to a folder. It can
+attempt to dump all the contents and then write out which files were
+successful to a white list. Or use a previously generated white list.
+
+usage: ${0##*/}	[ [ -d dump_dir ]
+ 			[ -w white_list ] [ -u use_white_list ]
+ 			[ -t timeout ]
+ 			[ -b batch_size ]
+ 			|  -h ]
+
+-d dump_dir	  The output directory, note that this will be recreated.
+   		  Set to $dump_dir
+
+-w white_list	  The white list to output after dumping the files.
+   		  Set to $white_list
+
+-u use_white_list The list of files to dump, if this is unset then 'find' is
+   		  used to create a list.
+
+-t timeout	  How long, in seconds, we should wait for operations to finish.
+   		  Set to $timeout.
+
+-h		  Print this help message and exit.
+
+Files are added to the white list if they are small, but not empty and can be
+copied quickly. The idea is that when running the script with -W white_list
+the majority of useful information can be quickly saved during automated
+testing.
+
+EOF
+	  exit 0 ;;
+   esac
+done
+
+files=
+if [ ! $use_white_list ]
+then echo Finding files in /proc and /sys
+     proc_files=$(find -L /proc -maxdepth 4 -readable -not -regex '/proc/[0-9]+/.*' -not -type d 2> /dev/null)
+     sys_files=$(find -L /sys -maxdepth 4 -readable -not -type d 2> /dev/null)
+     files="$proc_files $sys_files"
+else echo Using file list $use_white_list
+     files=$(cat $use_white_list)
+fi
+
+dump_dir=${dump_dir%/}
+echo Dumping to $dump_dir
+rm -rf $dump_dir
+mkdir $dump_dir
+
+count=$batch_size
+for f in $files
+do
+    mkdir -p $dump_dir$(dirname $f)
+    ({
+	dd if=$f of=$dump_dir$f bs=$(getconf PAGESIZE) count=63 status=none &
+	ddproc=$!
+	sleep $timeout
+	if ps -p $ddproc > /dev/null
+	then echo dd $f is taking too long
+	     kill $ddproc
+	     rm $dump_dir$f
+	fi
+    }) &
+    count=$((count - 1))
+    if [ $count -le 0 ]
+    then
+	sleep $timeout
+	count=$batch_size
+    fi
+done
+
+sleep $timeout
+
+if [ ! $white_list ]
+then echo Finished copying files.
+     exit 0
+fi
+
+echo Finished copying files, now generating $white_list
+for f in $(find $dump_dir -not -type d)
+do
+    size=$(stat -c '%s' $f)
+    if [ ${size:=0} -gt 0 -a $size -lt 256000 ]
+    then echo ${f#$dump_dir} >> $white_list
+    else echo $f has invalid file size: ${size:=0}
+    fi
+done
-- 
2.14.3

[LTP] [RFC PATCH] scripts: Dump /proc and /sys

[Petr Vorel]

Hi Richard,

the script does quite a big load:

I'd set it executable bit (0755 instead of 0644).
IMHO this script should be run as root, or lots of sensitive info will be lost.
It's not also installed to SUT (but it's meant to be used on SUT).

> +usage: ${0##*/}	[ [ -d dump_dir ]
> + 			[ -w white_list ] [ -u use_white_list ]
> + 			[ -t timeout ]
> + 			[ -b batch_size ]
> + 			|  -h ]
How about this?
USAGE:
${0##*/} [ -d dump_dir ] [ -w white_list ] [ -u use_white_list ] [ -t timeout ]
		 [ -b batch_size ]
${0##*/} -h

...
> +if [ ! $use_white_list ]
> +then echo Finding files in /proc and /sys
IMHO this syntax is more common, but it's a matter of taste:
if [ ! $use_white_list ]; then
	echo Finding files in /proc and /sys
...

> +     proc_files=$(find -L /proc -maxdepth 4 -readable -not -regex '/proc/[0-9]+/.*' -not -type d 2> /dev/null)
This gets files in /proc/self and /proc/thread-self. I don't think we want it.
Also it gets symlinks (maybe not a problem),

and files not readable:
dd: error reading '/proc/sys/fs/binfmt_misc/register': Invalid argument
dd: error reading '/proc/sysrq-trigger': Input/output error
ls -l /proc/sys/fs/binfmt_misc/register /proc/sysrq-trigger
--w------- 1 root root 0 lis  8 07:45 /proc/sys/fs/binfmt_misc/register
--w------- 1 root root 0 lis  8 07:45 /proc/sysrq-trigger
Maybe using -perm instead of -readable (find(1) says that 

> +     sys_files=$(find -L /sys -maxdepth 4 -readable -not -type d 2> /dev/null)
> +     files="$proc_files $sys_files"
> +else echo Using file list $use_white_list
> +     files=$(cat $use_white_list)
> +fi
> +
> +dump_dir=${dump_dir%/}
> +echo Dumping to $dump_dir
IMHO it's better to quote string for echo, even not required.
echo "Dumping to $dump_dir"
> +rm -rf $dump_dir
> +mkdir $dump_dir
> +
> +count=$batch_size
> +for f in $files
> +do
Again here:
for f in $files; do

> +    mkdir -p $dump_dir$(dirname $f)
> +    ({
Wouldn't be using '(' enough? (I suppose using subshell is safer than '{') and you don't
need to use '&'.
But I don't like the whole block being run in background.

Kind regards,
Petr

[LTP] [RFC PATCH] scripts: Dump /proc and /sys

[Richard Palethorpe]

Hello Petr

Petr Vorel writes:

> Hi Richard,
>
> the script does quite a big load:
>
> I'd set it executable bit (0755 instead of 0644).

OK.

> IMHO this script should be run as root, or lots of sensitive info will be lost.
> It's not also installed to SUT (but it's meant to be used on SUT).

Well I won't force it to be run as root, but I can document that.

>
>> +usage: ${0##*/}	[ [ -d dump_dir ]
>> + 			[ -w white_list ] [ -u use_white_list ]
>> + 			[ -t timeout ]
>> + 			[ -b batch_size ]
>> + 			|  -h ]
> How about this?
> USAGE:
> ${0##*/} [ -d dump_dir ] [ -w white_list ] [ -u use_white_list ] [ -t timeout ]
> 		 [ -b batch_size ]
> ${0##*/} -h

OK

>
> ...
>> +if [ ! $use_white_list ]
>> +then echo Finding files in /proc and /sys
> IMHO this syntax is more common, but it's a matter of taste:
> if [ ! $use_white_list ]; then
> 	echo Finding files in /proc and /sys
> ...

OK

>
>> +     proc_files=$(find -L /proc -maxdepth 4 -readable -not -regex '/proc/[0-9]+/.*' -not -type d 2> /dev/null)
> This gets files in /proc/self and /proc/thread-self. I don't think we want it.
> Also it gets symlinks (maybe not a problem),
>
> and files not readable:
> dd: error reading '/proc/sys/fs/binfmt_misc/register': Invalid argument
> dd: error reading '/proc/sysrq-trigger': Input/output error
> ls -l /proc/sys/fs/binfmt_misc/register /proc/sysrq-trigger
> --w------- 1 root root 0 lis  8 07:45 /proc/sys/fs/binfmt_misc/register
> --w------- 1 root root 0 lis  8 07:45 /proc/sysrq-trigger
> Maybe using -perm instead of -readable (find(1) says that

Says what ? :-)

I have changed it to use -perm, but it doesn't make any difference. I
think the read bits are fairly useless in procfs and sysfs.

>
>> +     sys_files=$(find -L /sys -maxdepth 4 -readable -not -type d 2> /dev/null)
>> +     files="$proc_files $sys_files"
>> +else echo Using file list $use_white_list
>> +     files=$(cat $use_white_list)
>> +fi
>> +
>> +dump_dir=${dump_dir%/}
>> +echo Dumping to $dump_dir
> IMHO it's better to quote string for echo, even not required.
> echo "Dumping to $dump_dir"

OK

>> +rm -rf $dump_dir
>> +mkdir $dump_dir
>> +
>> +count=$batch_size
>> +for f in $files
>> +do
> Again here:
> for f in $files; do
>
>> +    mkdir -p $dump_dir$(dirname $f)
>> +    ({
> Wouldn't be using '(' enough? (I suppose using subshell is safer than '{') and you don't
> need to use '&'.

OK

> But I don't like the whole block being run in background.
>
> Kind regards,
> Petr

I'm still not sure how else to do a time out. Also it probably speeds up
the process a lot because many of the files block on read.

-- 
Thank you,
Richard.

[LTP] [RFC PATCH] scripts: Dump /proc and /sys

[Petr Vorel]

Hi Richard,

> > IMHO this script should be run as root, or lots of sensitive info will be lost.
> > It's not also installed to SUT (but it's meant to be used on SUT).

> Well I won't force it to be run as root, but I can document that.
ok.

> >> +     proc_files=$(find -L /proc -maxdepth 4 -readable -not -regex '/proc/[0-9]+/.*' -not -type d 2> /dev/null)
> > This gets files in /proc/self and /proc/thread-self. I don't think we want it.
> > Also it gets symlinks (maybe not a problem),

> > and files not readable:
> > dd: error reading '/proc/sys/fs/binfmt_misc/register': Invalid argument
> > dd: error reading '/proc/sysrq-trigger': Input/output error
> > ls -l /proc/sys/fs/binfmt_misc/register /proc/sysrq-trigger
> > --w------- 1 root root 0 lis  8 07:45 /proc/sys/fs/binfmt_misc/register
> > --w------- 1 root root 0 lis  8 07:45 /proc/sysrq-trigger
> > Maybe using -perm instead of -readable (find(1) says that

> Says what ? :-)
Sorry for missing text. Says that -readable takes into account access control lists and other permissions artefacts which the -perm test ignores. But it's not relevant for us.

> I have changed it to use -perm, but it doesn't make any difference. I
> think the read bits are fairly useless in procfs and sysfs.
Sorry for confusing, find is really correct (I got is running with root).
Maybe it would be worth to not to copy empty files:
$ file /proc/sys/fs/binfmt_misc/register
/proc/sys/fs/binfmt_misc/register: empty
Even you don't care about it it would be avoid dumping at least /proc/self/* and
/proc/thread-self/* at least.

> > But I don't like the whole block being run in background.

> I'm still not sure how else to do a time out. Also it probably speeds up
> the process a lot because many of the files block on read.
I don't have better solution either.
In coreutils there is timeout command, but I guess we don't want to depend on coreutils.


Kind regards,
Petr

[LTP] [RFC PATCH] scripts: Dump /proc and /sys

[Richard Palethorpe]

Hello,

Petr Vorel writes:

> Hi Richard,
>
>> > IMHO this script should be run as root, or lots of sensitive info will be lost.
>> > It's not also installed to SUT (but it's meant to be used on SUT).
>
>> Well I won't force it to be run as root, but I can document that.
> ok.
>
>> >> +     proc_files=$(find -L /proc -maxdepth 4 -readable -not -regex '/proc/[0-9]+/.*' -not -type d 2> /dev/null)
>> > This gets files in /proc/self and /proc/thread-self. I don't think we want it.
>> > Also it gets symlinks (maybe not a problem),
>
>> > and files not readable:
>> > dd: error reading '/proc/sys/fs/binfmt_misc/register': Invalid argument
>> > dd: error reading '/proc/sysrq-trigger': Input/output error
>> > ls -l /proc/sys/fs/binfmt_misc/register /proc/sysrq-trigger
>> > --w------- 1 root root 0 lis  8 07:45 /proc/sys/fs/binfmt_misc/register
>> > --w------- 1 root root 0 lis  8 07:45 /proc/sysrq-trigger
>> > Maybe using -perm instead of -readable (find(1) says that
>
>> Says what ? :-)
> Sorry for missing text. Says that -readable takes into account access control lists and other permissions artefacts which the -perm test ignores. But it's not relevant for us.
>
>> I have changed it to use -perm, but it doesn't make any difference. I
>> think the read bits are fairly useless in procfs and sysfs.
> Sorry for confusing, find is really correct (I got is running with root).
> Maybe it would be worth to not to copy empty files:
> $ file /proc/sys/fs/binfmt_misc/register
> /proc/sys/fs/binfmt_misc/register: empty
> Even you don't care about it it would be avoid dumping at least /proc/self/* and
> /proc/thread-self/* at least.

I have specifically filtered those out now. The problem with proc and
sys is that each file only has a subset of read, write, seek and stat
(etc.) implemented for it and that these functions don't necessarily
behave as they normally would. Stat certainly does not return the correct
file size for the majority of files.

So the only way to find out if any given file can be read from is to try
reading it.

>
>> > But I don't like the whole block being run in background.
>
>> I'm still not sure how else to do a time out. Also it probably speeds up
>> the process a lot because many of the files block on read.
> I don't have better solution either.
> In coreutils there is timeout command, but I guess we don't want to depend on coreutils.

I think that might work, it is already depends on dd and find.

--
Thank you,
Richard.