1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Kernel Debug Core 4 * 5 * Maintainer: Jason Wessel <jason.wessel@windriver.com> 6 * 7 * Copyright (C) 2000-2001 VERITAS Software Corporation. 8 * Copyright (C) 2002-2004 Timesys Corporation 9 * Copyright (C) 2003-2004 Amit S. Kale <amitkale@linsyssoft.com> 10 * Copyright (C) 2004 Pavel Machek <pavel@ucw.cz> 11 * Copyright (C) 2004-2006 Tom Rini <trini@kernel.crashing.org> 12 * Copyright (C) 2004-2006 LinSysSoft Technologies Pvt. Ltd. 13 * Copyright (C) 2005-2009 Wind River Systems, Inc. 14 * Copyright (C) 2007 MontaVista Software, Inc. 15 * Copyright (C) 2008 Red Hat, Inc., Ingo Molnar <mingo@redhat.com> 16 * 17 * Contributors at various stages not listed above: 18 * Jason Wessel ( jason.wessel@windriver.com ) 19 * George Anzinger <george@mvista.com> 20 * Anurekh Saxena (anurekh.saxena@timesys.com) 21 * Lake Stevens Instrument Division (Glenn Engel) 22 * Jim Kingdon, Cygnus Support. 23 * 24 * Original KGDB stub: David Grothe <dave@gcom.com>, 25 * Tigran Aivazian <tigran@sco.com> 26 */ 27 28 #include <linux/kernel.h> 29 #include <linux/sched/signal.h> 30 #include <linux/kgdb.h> 31 #include <linux/kdb.h> 32 #include <linux/serial_core.h> 33 #include <linux/reboot.h> 34 #include <linux/uaccess.h> 35 #include <asm/cacheflush.h> 36 #include <linux/unaligned.h> 37 #include "debug_core.h" 38 39 #define KGDB_MAX_THREAD_QUERY 17 40 41 /* Our I/O buffers. */ 42 static char remcom_in_buffer[BUFMAX]; 43 static char remcom_out_buffer[BUFMAX]; 44 static int gdbstub_use_prev_in_buf; 45 static int gdbstub_prev_in_buf_pos; 46 47 /* Storage for the registers, in GDB format. */ 48 static unsigned long gdb_regs[(NUMREGBYTES + 49 sizeof(unsigned long) - 1) / 50 sizeof(unsigned long)]; 51 52 /* 53 * GDB remote protocol parser: 54 */ 55 56 #ifdef CONFIG_KGDB_KDB gdbstub_read_wait(void)57 static int gdbstub_read_wait(void) 58 { 59 int ret = -1; 60 int i; 61 62 if (unlikely(gdbstub_use_prev_in_buf)) { 63 if (gdbstub_prev_in_buf_pos < gdbstub_use_prev_in_buf) 64 return remcom_in_buffer[gdbstub_prev_in_buf_pos++]; 65 else 66 gdbstub_use_prev_in_buf = 0; 67 } 68 69 /* poll any additional I/O interfaces that are defined */ 70 while (ret < 0) 71 for (i = 0; kdb_poll_funcs[i] != NULL; i++) { 72 ret = kdb_poll_funcs[i](); 73 if (ret > 0) 74 break; 75 } 76 return ret; 77 } 78 #else gdbstub_read_wait(void)79 static int gdbstub_read_wait(void) 80 { 81 int ret = dbg_io_ops->read_char(); 82 while (ret == NO_POLL_CHAR) 83 ret = dbg_io_ops->read_char(); 84 return ret; 85 } 86 #endif 87 /* scan for the sequence $<data>#<checksum> */ get_packet(char * buffer)88 static void get_packet(char *buffer) 89 { 90 unsigned char checksum; 91 unsigned char xmitcsum; 92 int count; 93 char ch; 94 95 do { 96 /* 97 * Spin and wait around for the start character, ignore all 98 * other characters: 99 */ 100 while ((ch = (gdbstub_read_wait())) != '$') 101 /* nothing */; 102 103 kgdb_connected = 1; 104 checksum = 0; 105 xmitcsum = -1; 106 107 count = 0; 108 109 /* 110 * now, read until a # or end of buffer is found: 111 */ 112 while (count < (BUFMAX - 1)) { 113 ch = gdbstub_read_wait(); 114 if (ch == '#') 115 break; 116 checksum = checksum + ch; 117 buffer[count] = ch; 118 count = count + 1; 119 } 120 121 if (ch == '#') { 122 xmitcsum = hex_to_bin(gdbstub_read_wait()) << 4; 123 xmitcsum += hex_to_bin(gdbstub_read_wait()); 124 125 if (checksum != xmitcsum) 126 /* failed checksum */ 127 dbg_io_ops->write_char('-'); 128 else 129 /* successful transfer */ 130 dbg_io_ops->write_char('+'); 131 if (dbg_io_ops->flush) 132 dbg_io_ops->flush(); 133 } 134 buffer[count] = 0; 135 } while (checksum != xmitcsum); 136 } 137 138 /* 139 * Send the packet in buffer. 140 * Check for gdb connection if asked for. 141 */ put_packet(char * buffer)142 static void put_packet(char *buffer) 143 { 144 unsigned char checksum; 145 int count; 146 char ch; 147 148 /* 149 * $<packet info>#<checksum>. 150 */ 151 while (1) { 152 dbg_io_ops->write_char('$'); 153 checksum = 0; 154 count = 0; 155 156 while ((ch = buffer[count])) { 157 dbg_io_ops->write_char(ch); 158 checksum += ch; 159 count++; 160 } 161 162 dbg_io_ops->write_char('#'); 163 dbg_io_ops->write_char(hex_asc_hi(checksum)); 164 dbg_io_ops->write_char(hex_asc_lo(checksum)); 165 if (dbg_io_ops->flush) 166 dbg_io_ops->flush(); 167 168 /* Now see what we get in reply. */ 169 ch = gdbstub_read_wait(); 170 171 if (ch == 3) 172 ch = gdbstub_read_wait(); 173 174 /* If we get an ACK, we are done. */ 175 if (ch == '+') 176 return; 177 178 /* 179 * If we get the start of another packet, this means 180 * that GDB is attempting to reconnect. We will NAK 181 * the packet being sent, and stop trying to send this 182 * packet. 183 */ 184 if (ch == '$') { 185 dbg_io_ops->write_char('-'); 186 if (dbg_io_ops->flush) 187 dbg_io_ops->flush(); 188 return; 189 } 190 } 191 } 192 193 static char gdbmsgbuf[BUFMAX + 1]; 194 gdbstub_msg_write(const char * s,int len)195 void gdbstub_msg_write(const char *s, int len) 196 { 197 char *bufptr; 198 int wcount; 199 int i; 200 201 if (len == 0) 202 len = strlen(s); 203 204 /* 'O'utput */ 205 gdbmsgbuf[0] = 'O'; 206 207 /* Fill and send buffers... */ 208 while (len > 0) { 209 bufptr = gdbmsgbuf + 1; 210 211 /* Calculate how many this time */ 212 if ((len << 1) > (BUFMAX - 2)) 213 wcount = (BUFMAX - 2) >> 1; 214 else 215 wcount = len; 216 217 /* Pack in hex chars */ 218 for (i = 0; i < wcount; i++) 219 bufptr = hex_byte_pack(bufptr, s[i]); 220 *bufptr = '\0'; 221 222 /* Move up */ 223 s += wcount; 224 len -= wcount; 225 226 /* Write packet */ 227 put_packet(gdbmsgbuf); 228 } 229 } 230 231 /* 232 * Convert the memory pointed to by mem into hex, placing result in 233 * buf. Return a pointer to the last char put in buf (null). May 234 * return an error. 235 */ kgdb_mem2hex(char * mem,char * buf,int count)236 char *kgdb_mem2hex(char *mem, char *buf, int count) 237 { 238 char *tmp; 239 int err; 240 241 /* 242 * We use the upper half of buf as an intermediate buffer for the 243 * raw memory copy. Hex conversion will work against this one. 244 */ 245 tmp = buf + count; 246 247 err = copy_from_kernel_nofault(tmp, mem, count); 248 if (err) 249 return NULL; 250 while (count > 0) { 251 buf = hex_byte_pack(buf, *tmp); 252 tmp++; 253 count--; 254 } 255 *buf = 0; 256 257 return buf; 258 } 259 260 /* 261 * Convert the hex array pointed to by buf into binary to be placed in 262 * mem. Return a pointer to the character AFTER the last byte 263 * written. May return an error. 264 */ kgdb_hex2mem(char * buf,char * mem,int count)265 int kgdb_hex2mem(char *buf, char *mem, int count) 266 { 267 char *tmp_raw; 268 char *tmp_hex; 269 270 /* 271 * We use the upper half of buf as an intermediate buffer for the 272 * raw memory that is converted from hex. 273 */ 274 tmp_raw = buf + count * 2; 275 276 tmp_hex = tmp_raw - 1; 277 while (tmp_hex >= buf) { 278 tmp_raw--; 279 *tmp_raw = hex_to_bin(*tmp_hex--); 280 *tmp_raw |= hex_to_bin(*tmp_hex--) << 4; 281 } 282 283 return copy_to_kernel_nofault(mem, tmp_raw, count); 284 } 285 286 /* 287 * While we find nice hex chars, build a long_val. 288 * Return number of chars processed. 289 */ kgdb_hex2long(char ** ptr,unsigned long * long_val)290 int kgdb_hex2long(char **ptr, unsigned long *long_val) 291 { 292 int hex_val; 293 int num = 0; 294 int negate = 0; 295 296 *long_val = 0; 297 298 if (**ptr == '-') { 299 negate = 1; 300 (*ptr)++; 301 } 302 while (**ptr) { 303 hex_val = hex_to_bin(**ptr); 304 if (hex_val < 0) 305 break; 306 307 *long_val = (*long_val << 4) | hex_val; 308 num++; 309 (*ptr)++; 310 } 311 312 if (negate) 313 *long_val = -*long_val; 314 315 return num; 316 } 317 318 /* 319 * Copy the binary array pointed to by buf into mem. Fix $, #, and 320 * 0x7d escaped with 0x7d. Return -EFAULT on failure or 0 on success. 321 * The input buf is overwritten with the result to write to mem. 322 */ kgdb_ebin2mem(char * buf,char * mem,int count)323 static int kgdb_ebin2mem(char *buf, char *mem, int count) 324 { 325 int size = 0; 326 char *c = buf; 327 328 while (count-- > 0) { 329 c[size] = *buf++; 330 if (c[size] == 0x7d) 331 c[size] = *buf++ ^ 0x20; 332 size++; 333 } 334 335 return copy_to_kernel_nofault(mem, c, size); 336 } 337 338 #if DBG_MAX_REG_NUM > 0 pt_regs_to_gdb_regs(unsigned long * gdb_regs,struct pt_regs * regs)339 void pt_regs_to_gdb_regs(unsigned long *gdb_regs, struct pt_regs *regs) 340 { 341 int i; 342 int idx = 0; 343 char *ptr = (char *)gdb_regs; 344 345 for (i = 0; i < DBG_MAX_REG_NUM; i++) { 346 dbg_get_reg(i, ptr + idx, regs); 347 idx += dbg_reg_def[i].size; 348 } 349 } 350 gdb_regs_to_pt_regs(unsigned long * gdb_regs,struct pt_regs * regs)351 void gdb_regs_to_pt_regs(unsigned long *gdb_regs, struct pt_regs *regs) 352 { 353 int i; 354 int idx = 0; 355 char *ptr = (char *)gdb_regs; 356 357 for (i = 0; i < DBG_MAX_REG_NUM; i++) { 358 dbg_set_reg(i, ptr + idx, regs); 359 idx += dbg_reg_def[i].size; 360 } 361 } 362 #endif /* DBG_MAX_REG_NUM > 0 */ 363 364 /* Write memory due to an 'M' or 'X' packet. */ write_mem_msg(int binary)365 static int write_mem_msg(int binary) 366 { 367 char *ptr = &remcom_in_buffer[1]; 368 unsigned long addr; 369 unsigned long length; 370 int err; 371 372 if (kgdb_hex2long(&ptr, &addr) > 0 && *(ptr++) == ',' && 373 kgdb_hex2long(&ptr, &length) > 0 && *(ptr++) == ':') { 374 if (binary) 375 err = kgdb_ebin2mem(ptr, (char *)addr, length); 376 else 377 err = kgdb_hex2mem(ptr, (char *)addr, length); 378 if (err) 379 return err; 380 if (CACHE_FLUSH_IS_SAFE) 381 flush_icache_range(addr, addr + length); 382 return 0; 383 } 384 385 return -EINVAL; 386 } 387 error_packet(char * pkt,int error)388 static void error_packet(char *pkt, int error) 389 { 390 error = -error; 391 pkt[0] = 'E'; 392 pkt[1] = hex_asc[(error / 10)]; 393 pkt[2] = hex_asc[(error % 10)]; 394 pkt[3] = '\0'; 395 } 396 397 /* 398 * Thread ID accessors. We represent a flat TID space to GDB, where 399 * the per CPU idle threads (which under Linux all have PID 0) are 400 * remapped to negative TIDs. 401 */ 402 403 #define BUF_THREAD_ID_SIZE 8 404 pack_threadid(char * pkt,unsigned char * id)405 static char *pack_threadid(char *pkt, unsigned char *id) 406 { 407 unsigned char *limit; 408 int lzero = 1; 409 410 limit = id + (BUF_THREAD_ID_SIZE / 2); 411 while (id < limit) { 412 if (!lzero || *id != 0) { 413 pkt = hex_byte_pack(pkt, *id); 414 lzero = 0; 415 } 416 id++; 417 } 418 419 if (lzero) 420 pkt = hex_byte_pack(pkt, 0); 421 422 return pkt; 423 } 424 int_to_threadref(unsigned char * id,int value)425 static void int_to_threadref(unsigned char *id, int value) 426 { 427 put_unaligned_be32(value, id); 428 } 429 getthread(struct pt_regs * regs,int tid)430 static struct task_struct *getthread(struct pt_regs *regs, int tid) 431 { 432 /* 433 * Non-positive TIDs are remapped to the cpu shadow information 434 */ 435 if (tid == 0 || tid == -1) 436 tid = -atomic_read(&kgdb_active) - 2; 437 if (tid < -1 && tid > -NR_CPUS - 2) { 438 if (kgdb_info[-tid - 2].task) 439 return kgdb_info[-tid - 2].task; 440 else 441 return idle_task(-tid - 2); 442 } 443 if (tid <= 0) { 444 printk(KERN_ERR "KGDB: Internal thread select error\n"); 445 dump_stack(); 446 return NULL; 447 } 448 449 /* 450 * find_task_by_pid_ns() does not take the tasklist lock anymore 451 * but is nicely RCU locked - hence is a pretty resilient 452 * thing to use: 453 */ 454 return find_task_by_pid_ns(tid, &init_pid_ns); 455 } 456 457 458 /* 459 * Remap normal tasks to their real PID, 460 * CPU shadow threads are mapped to -CPU - 2 461 */ shadow_pid(int realpid)462 static inline int shadow_pid(int realpid) 463 { 464 if (realpid) 465 return realpid; 466 467 return -raw_smp_processor_id() - 2; 468 } 469 470 /* 471 * All the functions that start with gdb_cmd are the various 472 * operations to implement the handlers for the gdbserial protocol 473 * where KGDB is communicating with an external debugger 474 */ 475 476 /* Handle the '?' status packets */ gdb_cmd_status(struct kgdb_state * ks)477 static void gdb_cmd_status(struct kgdb_state *ks) 478 { 479 /* 480 * We know that this packet is only sent 481 * during initial connect. So to be safe, 482 * we clear out our breakpoints now in case 483 * GDB is reconnecting. 484 */ 485 dbg_remove_all_break(); 486 487 remcom_out_buffer[0] = 'S'; 488 hex_byte_pack(&remcom_out_buffer[1], ks->signo); 489 } 490 gdb_get_regs_helper(struct kgdb_state * ks)491 static void gdb_get_regs_helper(struct kgdb_state *ks) 492 { 493 struct task_struct *thread; 494 void *local_debuggerinfo; 495 int i; 496 497 thread = kgdb_usethread; 498 if (!thread) { 499 thread = kgdb_info[ks->cpu].task; 500 local_debuggerinfo = kgdb_info[ks->cpu].debuggerinfo; 501 } else { 502 local_debuggerinfo = NULL; 503 for_each_online_cpu(i) { 504 /* 505 * Try to find the task on some other 506 * or possibly this node if we do not 507 * find the matching task then we try 508 * to approximate the results. 509 */ 510 if (thread == kgdb_info[i].task) 511 local_debuggerinfo = kgdb_info[i].debuggerinfo; 512 } 513 } 514 515 /* 516 * All threads that don't have debuggerinfo should be 517 * in schedule() sleeping, since all other CPUs 518 * are in kgdb_wait, and thus have debuggerinfo. 519 */ 520 if (local_debuggerinfo) { 521 pt_regs_to_gdb_regs(gdb_regs, local_debuggerinfo); 522 } else { 523 /* 524 * Pull stuff saved during switch_to; nothing 525 * else is accessible (or even particularly 526 * relevant). 527 * 528 * This should be enough for a stack trace. 529 */ 530 sleeping_thread_to_gdb_regs(gdb_regs, thread); 531 } 532 } 533 534 /* Handle the 'g' get registers request */ gdb_cmd_getregs(struct kgdb_state * ks)535 static void gdb_cmd_getregs(struct kgdb_state *ks) 536 { 537 gdb_get_regs_helper(ks); 538 kgdb_mem2hex((char *)gdb_regs, remcom_out_buffer, NUMREGBYTES); 539 } 540 541 /* Handle the 'G' set registers request */ gdb_cmd_setregs(struct kgdb_state * ks)542 static void gdb_cmd_setregs(struct kgdb_state *ks) 543 { 544 kgdb_hex2mem(&remcom_in_buffer[1], (char *)gdb_regs, NUMREGBYTES); 545 546 if (kgdb_usethread && kgdb_usethread != current) { 547 error_packet(remcom_out_buffer, -EINVAL); 548 } else { 549 gdb_regs_to_pt_regs(gdb_regs, ks->linux_regs); 550 strcpy(remcom_out_buffer, "OK"); 551 } 552 } 553 554 /* Handle the 'm' memory read bytes */ gdb_cmd_memread(struct kgdb_state * ks)555 static void gdb_cmd_memread(struct kgdb_state *ks) 556 { 557 char *ptr = &remcom_in_buffer[1]; 558 unsigned long length; 559 unsigned long addr; 560 char *err; 561 562 if (kgdb_hex2long(&ptr, &addr) > 0 && *ptr++ == ',' && 563 kgdb_hex2long(&ptr, &length) > 0) { 564 err = kgdb_mem2hex((char *)addr, remcom_out_buffer, length); 565 if (!err) 566 error_packet(remcom_out_buffer, -EINVAL); 567 } else { 568 error_packet(remcom_out_buffer, -EINVAL); 569 } 570 } 571 572 /* Handle the 'M' memory write bytes */ gdb_cmd_memwrite(struct kgdb_state * ks)573 static void gdb_cmd_memwrite(struct kgdb_state *ks) 574 { 575 int err = write_mem_msg(0); 576 577 if (err) 578 error_packet(remcom_out_buffer, err); 579 else 580 strcpy(remcom_out_buffer, "OK"); 581 } 582 583 #if DBG_MAX_REG_NUM > 0 gdb_hex_reg_helper(int regnum,char * out)584 static char *gdb_hex_reg_helper(int regnum, char *out) 585 { 586 int i; 587 int offset = 0; 588 589 for (i = 0; i < regnum; i++) 590 offset += dbg_reg_def[i].size; 591 return kgdb_mem2hex((char *)gdb_regs + offset, out, 592 dbg_reg_def[i].size); 593 } 594 595 /* Handle the 'p' individual register get */ gdb_cmd_reg_get(struct kgdb_state * ks)596 static void gdb_cmd_reg_get(struct kgdb_state *ks) 597 { 598 unsigned long regnum; 599 char *ptr = &remcom_in_buffer[1]; 600 601 kgdb_hex2long(&ptr, ®num); 602 if (regnum >= DBG_MAX_REG_NUM) { 603 error_packet(remcom_out_buffer, -EINVAL); 604 return; 605 } 606 gdb_get_regs_helper(ks); 607 gdb_hex_reg_helper(regnum, remcom_out_buffer); 608 } 609 610 /* Handle the 'P' individual register set */ gdb_cmd_reg_set(struct kgdb_state * ks)611 static void gdb_cmd_reg_set(struct kgdb_state *ks) 612 { 613 unsigned long regnum; 614 char *ptr = &remcom_in_buffer[1]; 615 int i = 0; 616 617 kgdb_hex2long(&ptr, ®num); 618 if (*ptr++ != '=' || 619 !(!kgdb_usethread || kgdb_usethread == current) || 620 !dbg_get_reg(regnum, gdb_regs, ks->linux_regs)) { 621 error_packet(remcom_out_buffer, -EINVAL); 622 return; 623 } 624 memset(gdb_regs, 0, sizeof(gdb_regs)); 625 while (i < sizeof(gdb_regs) * 2) 626 if (hex_to_bin(ptr[i]) >= 0) 627 i++; 628 else 629 break; 630 i = i / 2; 631 kgdb_hex2mem(ptr, (char *)gdb_regs, i); 632 dbg_set_reg(regnum, gdb_regs, ks->linux_regs); 633 strcpy(remcom_out_buffer, "OK"); 634 } 635 #endif /* DBG_MAX_REG_NUM > 0 */ 636 637 /* Handle the 'X' memory binary write bytes */ gdb_cmd_binwrite(struct kgdb_state * ks)638 static void gdb_cmd_binwrite(struct kgdb_state *ks) 639 { 640 int err = write_mem_msg(1); 641 642 if (err) 643 error_packet(remcom_out_buffer, err); 644 else 645 strcpy(remcom_out_buffer, "OK"); 646 } 647 648 /* Handle the 'D' or 'k', detach or kill packets */ gdb_cmd_detachkill(struct kgdb_state * ks)649 static void gdb_cmd_detachkill(struct kgdb_state *ks) 650 { 651 int error; 652 653 /* The detach case */ 654 if (remcom_in_buffer[0] == 'D') { 655 error = dbg_remove_all_break(); 656 if (error < 0) { 657 error_packet(remcom_out_buffer, error); 658 } else { 659 strcpy(remcom_out_buffer, "OK"); 660 kgdb_connected = 0; 661 } 662 put_packet(remcom_out_buffer); 663 } else { 664 /* 665 * Assume the kill case, with no exit code checking, 666 * trying to force detach the debugger: 667 */ 668 dbg_remove_all_break(); 669 kgdb_connected = 0; 670 } 671 } 672 673 /* Handle the 'R' reboot packets */ gdb_cmd_reboot(struct kgdb_state * ks)674 static int gdb_cmd_reboot(struct kgdb_state *ks) 675 { 676 /* For now, only honor R0 */ 677 if (strcmp(remcom_in_buffer, "R0") == 0) { 678 printk(KERN_CRIT "Executing emergency reboot\n"); 679 strcpy(remcom_out_buffer, "OK"); 680 put_packet(remcom_out_buffer); 681 682 /* 683 * Execution should not return from 684 * machine_emergency_restart() 685 */ 686 machine_emergency_restart(); 687 kgdb_connected = 0; 688 689 return 1; 690 } 691 return 0; 692 } 693 694 /* Handle the 'q' query packets */ gdb_cmd_query(struct kgdb_state * ks)695 static void gdb_cmd_query(struct kgdb_state *ks) 696 { 697 struct task_struct *g; 698 struct task_struct *p; 699 unsigned char thref[BUF_THREAD_ID_SIZE]; 700 char *ptr; 701 int i; 702 int cpu; 703 int finished = 0; 704 705 switch (remcom_in_buffer[1]) { 706 case 's': 707 case 'f': 708 if (memcmp(remcom_in_buffer + 2, "ThreadInfo", 10)) 709 break; 710 711 i = 0; 712 remcom_out_buffer[0] = 'm'; 713 ptr = remcom_out_buffer + 1; 714 if (remcom_in_buffer[1] == 'f') { 715 /* Each cpu is a shadow thread */ 716 for_each_online_cpu(cpu) { 717 ks->thr_query = 0; 718 int_to_threadref(thref, -cpu - 2); 719 ptr = pack_threadid(ptr, thref); 720 *(ptr++) = ','; 721 i++; 722 } 723 } 724 725 for_each_process_thread(g, p) { 726 if (i >= ks->thr_query && !finished) { 727 int_to_threadref(thref, p->pid); 728 ptr = pack_threadid(ptr, thref); 729 *(ptr++) = ','; 730 ks->thr_query++; 731 if (ks->thr_query % KGDB_MAX_THREAD_QUERY == 0) 732 finished = 1; 733 } 734 i++; 735 } 736 737 *(--ptr) = '\0'; 738 break; 739 740 case 'C': 741 /* Current thread id */ 742 strcpy(remcom_out_buffer, "QC"); 743 ks->threadid = shadow_pid(current->pid); 744 int_to_threadref(thref, ks->threadid); 745 pack_threadid(remcom_out_buffer + 2, thref); 746 break; 747 case 'T': 748 if (memcmp(remcom_in_buffer + 1, "ThreadExtraInfo,", 16)) 749 break; 750 751 ks->threadid = 0; 752 ptr = remcom_in_buffer + 17; 753 kgdb_hex2long(&ptr, &ks->threadid); 754 if (!getthread(ks->linux_regs, ks->threadid)) { 755 error_packet(remcom_out_buffer, -EINVAL); 756 break; 757 } 758 if ((int)ks->threadid > 0) { 759 kgdb_mem2hex(getthread(ks->linux_regs, 760 ks->threadid)->comm, 761 remcom_out_buffer, 16); 762 } else { 763 static char tmpstr[23 + BUF_THREAD_ID_SIZE]; 764 765 sprintf(tmpstr, "shadowCPU%d", 766 (int)(-ks->threadid - 2)); 767 kgdb_mem2hex(tmpstr, remcom_out_buffer, strlen(tmpstr)); 768 } 769 break; 770 #ifdef CONFIG_KGDB_KDB 771 case 'R': 772 if (strncmp(remcom_in_buffer, "qRcmd,", 6) == 0) { 773 int len = strlen(remcom_in_buffer + 6); 774 775 if ((len % 2) != 0) { 776 strcpy(remcom_out_buffer, "E01"); 777 break; 778 } 779 kgdb_hex2mem(remcom_in_buffer + 6, 780 remcom_out_buffer, len); 781 len = len / 2; 782 remcom_out_buffer[len++] = 0; 783 784 kdb_common_init_state(ks); 785 kdb_parse(remcom_out_buffer); 786 kdb_common_deinit_state(); 787 788 strcpy(remcom_out_buffer, "OK"); 789 } 790 break; 791 #endif 792 #ifdef CONFIG_HAVE_ARCH_KGDB_QXFER_PKT 793 case 'S': 794 if (!strncmp(remcom_in_buffer, "qSupported:", 11)) 795 strcpy(remcom_out_buffer, kgdb_arch_gdb_stub_feature); 796 break; 797 case 'X': 798 if (!strncmp(remcom_in_buffer, "qXfer:", 6)) 799 kgdb_arch_handle_qxfer_pkt(remcom_in_buffer, 800 remcom_out_buffer); 801 break; 802 #endif 803 default: 804 break; 805 } 806 } 807 808 /* Handle the 'H' task query packets */ gdb_cmd_task(struct kgdb_state * ks)809 static void gdb_cmd_task(struct kgdb_state *ks) 810 { 811 struct task_struct *thread; 812 char *ptr; 813 814 switch (remcom_in_buffer[1]) { 815 case 'g': 816 ptr = &remcom_in_buffer[2]; 817 kgdb_hex2long(&ptr, &ks->threadid); 818 thread = getthread(ks->linux_regs, ks->threadid); 819 if (!thread && ks->threadid > 0) { 820 error_packet(remcom_out_buffer, -EINVAL); 821 break; 822 } 823 kgdb_usethread = thread; 824 ks->kgdb_usethreadid = ks->threadid; 825 strcpy(remcom_out_buffer, "OK"); 826 break; 827 case 'c': 828 ptr = &remcom_in_buffer[2]; 829 kgdb_hex2long(&ptr, &ks->threadid); 830 if (!ks->threadid) { 831 kgdb_contthread = NULL; 832 } else { 833 thread = getthread(ks->linux_regs, ks->threadid); 834 if (!thread && ks->threadid > 0) { 835 error_packet(remcom_out_buffer, -EINVAL); 836 break; 837 } 838 kgdb_contthread = thread; 839 } 840 strcpy(remcom_out_buffer, "OK"); 841 break; 842 } 843 } 844 845 /* Handle the 'T' thread query packets */ gdb_cmd_thread(struct kgdb_state * ks)846 static void gdb_cmd_thread(struct kgdb_state *ks) 847 { 848 char *ptr = &remcom_in_buffer[1]; 849 struct task_struct *thread; 850 851 kgdb_hex2long(&ptr, &ks->threadid); 852 thread = getthread(ks->linux_regs, ks->threadid); 853 if (thread) 854 strcpy(remcom_out_buffer, "OK"); 855 else 856 error_packet(remcom_out_buffer, -EINVAL); 857 } 858 859 /* Handle the 'z' or 'Z' breakpoint remove or set packets */ gdb_cmd_break(struct kgdb_state * ks)860 static void gdb_cmd_break(struct kgdb_state *ks) 861 { 862 /* 863 * Since GDB-5.3, it's been drafted that '0' is a software 864 * breakpoint, '1' is a hardware breakpoint, so let's do that. 865 */ 866 char *bpt_type = &remcom_in_buffer[1]; 867 char *ptr = &remcom_in_buffer[2]; 868 unsigned long addr; 869 unsigned long length; 870 int error = 0; 871 872 if (arch_kgdb_ops.set_hw_breakpoint && *bpt_type >= '1') { 873 /* Unsupported */ 874 if (*bpt_type > '4') 875 return; 876 } else { 877 if (*bpt_type != '0' && *bpt_type != '1') 878 /* Unsupported. */ 879 return; 880 } 881 882 /* 883 * Test if this is a hardware breakpoint, and 884 * if we support it: 885 */ 886 if (*bpt_type == '1' && !(arch_kgdb_ops.flags & KGDB_HW_BREAKPOINT)) 887 /* Unsupported. */ 888 return; 889 890 if (*(ptr++) != ',') { 891 error_packet(remcom_out_buffer, -EINVAL); 892 return; 893 } 894 if (!kgdb_hex2long(&ptr, &addr)) { 895 error_packet(remcom_out_buffer, -EINVAL); 896 return; 897 } 898 if (*(ptr++) != ',' || 899 !kgdb_hex2long(&ptr, &length)) { 900 error_packet(remcom_out_buffer, -EINVAL); 901 return; 902 } 903 904 if (remcom_in_buffer[0] == 'Z' && *bpt_type == '0') 905 error = dbg_set_sw_break(addr); 906 else if (remcom_in_buffer[0] == 'z' && *bpt_type == '0') 907 error = dbg_remove_sw_break(addr); 908 else if (remcom_in_buffer[0] == 'Z') 909 error = arch_kgdb_ops.set_hw_breakpoint(addr, 910 (int)length, *bpt_type - '0'); 911 else if (remcom_in_buffer[0] == 'z') 912 error = arch_kgdb_ops.remove_hw_breakpoint(addr, 913 (int) length, *bpt_type - '0'); 914 915 if (error == 0) 916 strcpy(remcom_out_buffer, "OK"); 917 else 918 error_packet(remcom_out_buffer, error); 919 } 920 921 /* Handle the 'C' signal / exception passing packets */ gdb_cmd_exception_pass(struct kgdb_state * ks)922 static int gdb_cmd_exception_pass(struct kgdb_state *ks) 923 { 924 /* C09 == pass exception 925 * C15 == detach kgdb, pass exception 926 */ 927 if (remcom_in_buffer[1] == '0' && remcom_in_buffer[2] == '9') { 928 929 ks->pass_exception = 1; 930 remcom_in_buffer[0] = 'c'; 931 932 } else if (remcom_in_buffer[1] == '1' && remcom_in_buffer[2] == '5') { 933 934 ks->pass_exception = 1; 935 remcom_in_buffer[0] = 'D'; 936 dbg_remove_all_break(); 937 kgdb_connected = 0; 938 return 1; 939 940 } else { 941 gdbstub_msg_write("KGDB only knows signal 9 (pass)" 942 " and 15 (pass and disconnect)\n" 943 "Executing a continue without signal passing\n", 0); 944 remcom_in_buffer[0] = 'c'; 945 } 946 947 /* Indicate fall through */ 948 return -1; 949 } 950 951 /* 952 * This function performs all gdbserial command processing 953 */ gdb_serial_stub(struct kgdb_state * ks)954 int gdb_serial_stub(struct kgdb_state *ks) 955 { 956 int error = 0; 957 int tmp; 958 959 /* Initialize comm buffer and globals. */ 960 memset(remcom_out_buffer, 0, sizeof(remcom_out_buffer)); 961 kgdb_usethread = kgdb_info[ks->cpu].task; 962 ks->kgdb_usethreadid = shadow_pid(kgdb_info[ks->cpu].task->pid); 963 ks->pass_exception = 0; 964 965 if (kgdb_connected) { 966 unsigned char thref[BUF_THREAD_ID_SIZE]; 967 char *ptr; 968 969 /* Reply to host that an exception has occurred */ 970 ptr = remcom_out_buffer; 971 *ptr++ = 'T'; 972 ptr = hex_byte_pack(ptr, ks->signo); 973 ptr += strlen(strcpy(ptr, "thread:")); 974 int_to_threadref(thref, shadow_pid(current->pid)); 975 ptr = pack_threadid(ptr, thref); 976 *ptr++ = ';'; 977 put_packet(remcom_out_buffer); 978 } 979 980 while (1) { 981 error = 0; 982 983 /* Clear the out buffer. */ 984 memset(remcom_out_buffer, 0, sizeof(remcom_out_buffer)); 985 986 get_packet(remcom_in_buffer); 987 988 switch (remcom_in_buffer[0]) { 989 case '?': /* gdbserial status */ 990 gdb_cmd_status(ks); 991 break; 992 case 'g': /* return the value of the CPU registers */ 993 gdb_cmd_getregs(ks); 994 break; 995 case 'G': /* set the value of the CPU registers - return OK */ 996 gdb_cmd_setregs(ks); 997 break; 998 case 'm': /* mAA..AA,LLLL Read LLLL bytes at address AA..AA */ 999 gdb_cmd_memread(ks); 1000 break; 1001 case 'M': /* MAA..AA,LLLL: Write LLLL bytes at address AA..AA */ 1002 gdb_cmd_memwrite(ks); 1003 break; 1004 #if DBG_MAX_REG_NUM > 0 1005 case 'p': /* pXX Return gdb register XX (in hex) */ 1006 gdb_cmd_reg_get(ks); 1007 break; 1008 case 'P': /* PXX=aaaa Set gdb register XX to aaaa (in hex) */ 1009 gdb_cmd_reg_set(ks); 1010 break; 1011 #endif /* DBG_MAX_REG_NUM > 0 */ 1012 case 'X': /* XAA..AA,LLLL: Write LLLL bytes at address AA..AA */ 1013 gdb_cmd_binwrite(ks); 1014 break; 1015 /* kill or detach. KGDB should treat this like a 1016 * continue. 1017 */ 1018 case 'D': /* Debugger detach */ 1019 case 'k': /* Debugger detach via kill */ 1020 gdb_cmd_detachkill(ks); 1021 goto default_handle; 1022 case 'R': /* Reboot */ 1023 if (gdb_cmd_reboot(ks)) 1024 goto default_handle; 1025 break; 1026 case 'q': /* query command */ 1027 gdb_cmd_query(ks); 1028 break; 1029 case 'H': /* task related */ 1030 gdb_cmd_task(ks); 1031 break; 1032 case 'T': /* Query thread status */ 1033 gdb_cmd_thread(ks); 1034 break; 1035 case 'z': /* Break point remove */ 1036 case 'Z': /* Break point set */ 1037 gdb_cmd_break(ks); 1038 break; 1039 #ifdef CONFIG_KGDB_KDB 1040 case '3': /* Escape into back into kdb */ 1041 if (remcom_in_buffer[1] == '\0') { 1042 gdb_cmd_detachkill(ks); 1043 return DBG_PASS_EVENT; 1044 } 1045 fallthrough; 1046 #endif 1047 case 'C': /* Exception passing */ 1048 tmp = gdb_cmd_exception_pass(ks); 1049 if (tmp > 0) 1050 goto default_handle; 1051 if (tmp == 0) 1052 break; 1053 fallthrough; /* on tmp < 0 */ 1054 case 'c': /* Continue packet */ 1055 case 's': /* Single step packet */ 1056 if (kgdb_contthread && kgdb_contthread != current) { 1057 /* Can't switch threads in kgdb */ 1058 error_packet(remcom_out_buffer, -EINVAL); 1059 break; 1060 } 1061 fallthrough; /* to default processing */ 1062 default: 1063 default_handle: 1064 error = kgdb_arch_handle_exception(ks->ex_vector, 1065 ks->signo, 1066 ks->err_code, 1067 remcom_in_buffer, 1068 remcom_out_buffer, 1069 ks->linux_regs); 1070 /* 1071 * Leave cmd processing on error, detach, 1072 * kill, continue, or single step. 1073 */ 1074 if (error >= 0 || remcom_in_buffer[0] == 'D' || 1075 remcom_in_buffer[0] == 'k') { 1076 error = 0; 1077 goto kgdb_exit; 1078 } 1079 1080 } 1081 1082 /* reply to the request */ 1083 put_packet(remcom_out_buffer); 1084 } 1085 1086 kgdb_exit: 1087 if (ks->pass_exception) 1088 error = 1; 1089 return error; 1090 } 1091 gdbstub_state(struct kgdb_state * ks,char * cmd)1092 int gdbstub_state(struct kgdb_state *ks, char *cmd) 1093 { 1094 int error; 1095 1096 switch (cmd[0]) { 1097 case 'e': 1098 error = kgdb_arch_handle_exception(ks->ex_vector, 1099 ks->signo, 1100 ks->err_code, 1101 remcom_in_buffer, 1102 remcom_out_buffer, 1103 ks->linux_regs); 1104 return error; 1105 case 's': 1106 case 'c': 1107 strscpy(remcom_in_buffer, cmd, sizeof(remcom_in_buffer)); 1108 return 0; 1109 case '$': 1110 strscpy(remcom_in_buffer, cmd, sizeof(remcom_in_buffer)); 1111 gdbstub_use_prev_in_buf = strlen(remcom_in_buffer); 1112 gdbstub_prev_in_buf_pos = 0; 1113 return 0; 1114 } 1115 dbg_io_ops->write_char('+'); 1116 put_packet(remcom_out_buffer); 1117 return 0; 1118 } 1119 1120 /** 1121 * gdbstub_exit - Send an exit message to GDB 1122 * @status: The exit code to report. 1123 */ gdbstub_exit(int status)1124 void gdbstub_exit(int status) 1125 { 1126 unsigned char checksum, ch, buffer[3]; 1127 int loop; 1128 1129 if (!kgdb_connected) 1130 return; 1131 kgdb_connected = 0; 1132 1133 if (!dbg_io_ops || dbg_kdb_mode) 1134 return; 1135 1136 buffer[0] = 'W'; 1137 buffer[1] = hex_asc_hi(status); 1138 buffer[2] = hex_asc_lo(status); 1139 1140 dbg_io_ops->write_char('$'); 1141 checksum = 0; 1142 1143 for (loop = 0; loop < 3; loop++) { 1144 ch = buffer[loop]; 1145 checksum += ch; 1146 dbg_io_ops->write_char(ch); 1147 } 1148 1149 dbg_io_ops->write_char('#'); 1150 dbg_io_ops->write_char(hex_asc_hi(checksum)); 1151 dbg_io_ops->write_char(hex_asc_lo(checksum)); 1152 1153 /* make sure the output is flushed, lest the bootloader clobber it */ 1154 if (dbg_io_ops->flush) 1155 dbg_io_ops->flush(); 1156 } 1157