1 /* 2 * Kernel Debug Core 3 * 4 * Maintainer: Jason Wessel <jason.wessel@windriver.com> 5 * 6 * Copyright (C) 2000-2001 VERITAS Software Corporation. 7 * Copyright (C) 2002-2004 Timesys Corporation 8 * Copyright (C) 2003-2004 Amit S. Kale <amitkale@linsyssoft.com> 9 * Copyright (C) 2004 Pavel Machek <pavel@ucw.cz> 10 * Copyright (C) 2004-2006 Tom Rini <trini@kernel.crashing.org> 11 * Copyright (C) 2004-2006 LinSysSoft Technologies Pvt. Ltd. 12 * Copyright (C) 2005-2009 Wind River Systems, Inc. 13 * Copyright (C) 2007 MontaVista Software, Inc. 14 * Copyright (C) 2008 Red Hat, Inc., Ingo Molnar <mingo@redhat.com> 15 * 16 * Contributors at various stages not listed above: 17 * Jason Wessel ( jason.wessel@windriver.com ) 18 * George Anzinger <george@mvista.com> 19 * Anurekh Saxena (anurekh.saxena@timesys.com) 20 * Lake Stevens Instrument Division (Glenn Engel) 21 * Jim Kingdon, Cygnus Support. 22 * 23 * Original KGDB stub: David Grothe <dave@gcom.com>, 24 * Tigran Aivazian <tigran@sco.com> 25 * 26 * This file is licensed under the terms of the GNU General Public License 27 * version 2. This program is licensed "as is" without any warranty of any 28 * kind, whether express or implied. 29 */ 30 31 #include <linux/kernel.h> 32 #include <linux/kgdb.h> 33 #include <linux/kdb.h> 34 #include <linux/reboot.h> 35 #include <linux/uaccess.h> 36 #include <asm/cacheflush.h> 37 #include <asm/unaligned.h> 38 #include "debug_core.h" 39 40 #define KGDB_MAX_THREAD_QUERY 17 41 42 /* Our I/O buffers. */ 43 static char remcom_in_buffer[BUFMAX]; 44 static char remcom_out_buffer[BUFMAX]; 45 static int gdbstub_use_prev_in_buf; 46 static int gdbstub_prev_in_buf_pos; 47 48 /* Storage for the registers, in GDB format. */ 49 static unsigned long gdb_regs[(NUMREGBYTES + 50 sizeof(unsigned long) - 1) / 51 sizeof(unsigned long)]; 52 53 /* 54 * GDB remote protocol parser: 55 */ 56 57 #ifdef CONFIG_KGDB_KDB 58 static int gdbstub_read_wait(void) 59 { 60 int ret = -1; 61 int i; 62 63 if (unlikely(gdbstub_use_prev_in_buf)) { 64 if (gdbstub_prev_in_buf_pos < gdbstub_use_prev_in_buf) 65 return remcom_in_buffer[gdbstub_prev_in_buf_pos++]; 66 else 67 gdbstub_use_prev_in_buf = 0; 68 } 69 70 /* poll any additional I/O interfaces that are defined */ 71 while (ret < 0) 72 for (i = 0; kdb_poll_funcs[i] != NULL; i++) { 73 ret = kdb_poll_funcs[i](); 74 if (ret > 0) 75 break; 76 } 77 return ret; 78 } 79 #else 80 static int gdbstub_read_wait(void) 81 { 82 int ret = dbg_io_ops->read_char(); 83 while (ret == NO_POLL_CHAR) 84 ret = dbg_io_ops->read_char(); 85 return ret; 86 } 87 #endif 88 /* scan for the sequence $<data>#<checksum> */ 89 static void get_packet(char *buffer) 90 { 91 unsigned char checksum; 92 unsigned char xmitcsum; 93 int count; 94 char ch; 95 96 do { 97 /* 98 * Spin and wait around for the start character, ignore all 99 * other characters: 100 */ 101 while ((ch = (gdbstub_read_wait())) != '$') 102 /* nothing */; 103 104 kgdb_connected = 1; 105 checksum = 0; 106 xmitcsum = -1; 107 108 count = 0; 109 110 /* 111 * now, read until a # or end of buffer is found: 112 */ 113 while (count < (BUFMAX - 1)) { 114 ch = gdbstub_read_wait(); 115 if (ch == '#') 116 break; 117 checksum = checksum + ch; 118 buffer[count] = ch; 119 count = count + 1; 120 } 121 122 if (ch == '#') { 123 xmitcsum = hex_to_bin(gdbstub_read_wait()) << 4; 124 xmitcsum += hex_to_bin(gdbstub_read_wait()); 125 126 if (checksum != xmitcsum) 127 /* failed checksum */ 128 dbg_io_ops->write_char('-'); 129 else 130 /* successful transfer */ 131 dbg_io_ops->write_char('+'); 132 if (dbg_io_ops->flush) 133 dbg_io_ops->flush(); 134 } 135 buffer[count] = 0; 136 } while (checksum != xmitcsum); 137 } 138 139 /* 140 * Send the packet in buffer. 141 * Check for gdb connection if asked for. 142 */ 143 static void put_packet(char *buffer) 144 { 145 unsigned char checksum; 146 int count; 147 char ch; 148 149 /* 150 * $<packet info>#<checksum>. 151 */ 152 while (1) { 153 dbg_io_ops->write_char('$'); 154 checksum = 0; 155 count = 0; 156 157 while ((ch = buffer[count])) { 158 dbg_io_ops->write_char(ch); 159 checksum += ch; 160 count++; 161 } 162 163 dbg_io_ops->write_char('#'); 164 dbg_io_ops->write_char(hex_asc_hi(checksum)); 165 dbg_io_ops->write_char(hex_asc_lo(checksum)); 166 if (dbg_io_ops->flush) 167 dbg_io_ops->flush(); 168 169 /* Now see what we get in reply. */ 170 ch = gdbstub_read_wait(); 171 172 if (ch == 3) 173 ch = gdbstub_read_wait(); 174 175 /* If we get an ACK, we are done. */ 176 if (ch == '+') 177 return; 178 179 /* 180 * If we get the start of another packet, this means 181 * that GDB is attempting to reconnect. We will NAK 182 * the packet being sent, and stop trying to send this 183 * packet. 184 */ 185 if (ch == '$') { 186 dbg_io_ops->write_char('-'); 187 if (dbg_io_ops->flush) 188 dbg_io_ops->flush(); 189 return; 190 } 191 } 192 } 193 194 static char gdbmsgbuf[BUFMAX + 1]; 195 196 void gdbstub_msg_write(const char *s, int len) 197 { 198 char *bufptr; 199 int wcount; 200 int i; 201 202 if (len == 0) 203 len = strlen(s); 204 205 /* 'O'utput */ 206 gdbmsgbuf[0] = 'O'; 207 208 /* Fill and send buffers... */ 209 while (len > 0) { 210 bufptr = gdbmsgbuf + 1; 211 212 /* Calculate how many this time */ 213 if ((len << 1) > (BUFMAX - 2)) 214 wcount = (BUFMAX - 2) >> 1; 215 else 216 wcount = len; 217 218 /* Pack in hex chars */ 219 for (i = 0; i < wcount; i++) 220 bufptr = hex_byte_pack(bufptr, s[i]); 221 *bufptr = '\0'; 222 223 /* Move up */ 224 s += wcount; 225 len -= wcount; 226 227 /* Write packet */ 228 put_packet(gdbmsgbuf); 229 } 230 } 231 232 /* 233 * Convert the memory pointed to by mem into hex, placing result in 234 * buf. Return a pointer to the last char put in buf (null). May 235 * return an error. 236 */ 237 char *kgdb_mem2hex(char *mem, char *buf, int count) 238 { 239 char *tmp; 240 int err; 241 242 /* 243 * We use the upper half of buf as an intermediate buffer for the 244 * raw memory copy. Hex conversion will work against this one. 245 */ 246 tmp = buf + count; 247 248 err = probe_kernel_read(tmp, mem, count); 249 if (err) 250 return NULL; 251 while (count > 0) { 252 buf = hex_byte_pack(buf, *tmp); 253 tmp++; 254 count--; 255 } 256 *buf = 0; 257 258 return buf; 259 } 260 261 /* 262 * Convert the hex array pointed to by buf into binary to be placed in 263 * mem. Return a pointer to the character AFTER the last byte 264 * written. May return an error. 265 */ 266 int kgdb_hex2mem(char *buf, char *mem, int count) 267 { 268 char *tmp_raw; 269 char *tmp_hex; 270 271 /* 272 * We use the upper half of buf as an intermediate buffer for the 273 * raw memory that is converted from hex. 274 */ 275 tmp_raw = buf + count * 2; 276 277 tmp_hex = tmp_raw - 1; 278 while (tmp_hex >= buf) { 279 tmp_raw--; 280 *tmp_raw = hex_to_bin(*tmp_hex--); 281 *tmp_raw |= hex_to_bin(*tmp_hex--) << 4; 282 } 283 284 return probe_kernel_write(mem, tmp_raw, count); 285 } 286 287 /* 288 * While we find nice hex chars, build a long_val. 289 * Return number of chars processed. 290 */ 291 int kgdb_hex2long(char **ptr, unsigned long *long_val) 292 { 293 int hex_val; 294 int num = 0; 295 int negate = 0; 296 297 *long_val = 0; 298 299 if (**ptr == '-') { 300 negate = 1; 301 (*ptr)++; 302 } 303 while (**ptr) { 304 hex_val = hex_to_bin(**ptr); 305 if (hex_val < 0) 306 break; 307 308 *long_val = (*long_val << 4) | hex_val; 309 num++; 310 (*ptr)++; 311 } 312 313 if (negate) 314 *long_val = -*long_val; 315 316 return num; 317 } 318 319 /* 320 * Copy the binary array pointed to by buf into mem. Fix $, #, and 321 * 0x7d escaped with 0x7d. Return -EFAULT on failure or 0 on success. 322 * The input buf is overwitten with the result to write to mem. 323 */ 324 static int kgdb_ebin2mem(char *buf, char *mem, int count) 325 { 326 int size = 0; 327 char *c = buf; 328 329 while (count-- > 0) { 330 c[size] = *buf++; 331 if (c[size] == 0x7d) 332 c[size] = *buf++ ^ 0x20; 333 size++; 334 } 335 336 return probe_kernel_write(mem, c, size); 337 } 338 339 #if DBG_MAX_REG_NUM > 0 340 void pt_regs_to_gdb_regs(unsigned long *gdb_regs, struct pt_regs *regs) 341 { 342 int i; 343 int idx = 0; 344 char *ptr = (char *)gdb_regs; 345 346 for (i = 0; i < DBG_MAX_REG_NUM; i++) { 347 dbg_get_reg(i, ptr + idx, regs); 348 idx += dbg_reg_def[i].size; 349 } 350 } 351 352 void gdb_regs_to_pt_regs(unsigned long *gdb_regs, struct pt_regs *regs) 353 { 354 int i; 355 int idx = 0; 356 char *ptr = (char *)gdb_regs; 357 358 for (i = 0; i < DBG_MAX_REG_NUM; i++) { 359 dbg_set_reg(i, ptr + idx, regs); 360 idx += dbg_reg_def[i].size; 361 } 362 } 363 #endif /* DBG_MAX_REG_NUM > 0 */ 364 365 /* Write memory due to an 'M' or 'X' packet. */ 366 static int write_mem_msg(int binary) 367 { 368 char *ptr = &remcom_in_buffer[1]; 369 unsigned long addr; 370 unsigned long length; 371 int err; 372 373 if (kgdb_hex2long(&ptr, &addr) > 0 && *(ptr++) == ',' && 374 kgdb_hex2long(&ptr, &length) > 0 && *(ptr++) == ':') { 375 if (binary) 376 err = kgdb_ebin2mem(ptr, (char *)addr, length); 377 else 378 err = kgdb_hex2mem(ptr, (char *)addr, length); 379 if (err) 380 return err; 381 if (CACHE_FLUSH_IS_SAFE) 382 flush_icache_range(addr, addr + length); 383 return 0; 384 } 385 386 return -EINVAL; 387 } 388 389 static void error_packet(char *pkt, int error) 390 { 391 error = -error; 392 pkt[0] = 'E'; 393 pkt[1] = hex_asc[(error / 10)]; 394 pkt[2] = hex_asc[(error % 10)]; 395 pkt[3] = '\0'; 396 } 397 398 /* 399 * Thread ID accessors. We represent a flat TID space to GDB, where 400 * the per CPU idle threads (which under Linux all have PID 0) are 401 * remapped to negative TIDs. 402 */ 403 404 #define BUF_THREAD_ID_SIZE 8 405 406 static char *pack_threadid(char *pkt, unsigned char *id) 407 { 408 unsigned char *limit; 409 int lzero = 1; 410 411 limit = id + (BUF_THREAD_ID_SIZE / 2); 412 while (id < limit) { 413 if (!lzero || *id != 0) { 414 pkt = hex_byte_pack(pkt, *id); 415 lzero = 0; 416 } 417 id++; 418 } 419 420 if (lzero) 421 pkt = hex_byte_pack(pkt, 0); 422 423 return pkt; 424 } 425 426 static void int_to_threadref(unsigned char *id, int value) 427 { 428 put_unaligned_be32(value, id); 429 } 430 431 static struct task_struct *getthread(struct pt_regs *regs, int tid) 432 { 433 /* 434 * Non-positive TIDs are remapped to the cpu shadow information 435 */ 436 if (tid == 0 || tid == -1) 437 tid = -atomic_read(&kgdb_active) - 2; 438 if (tid < -1 && tid > -NR_CPUS - 2) { 439 if (kgdb_info[-tid - 2].task) 440 return kgdb_info[-tid - 2].task; 441 else 442 return idle_task(-tid - 2); 443 } 444 if (tid <= 0) { 445 printk(KERN_ERR "KGDB: Internal thread select error\n"); 446 dump_stack(); 447 return NULL; 448 } 449 450 /* 451 * find_task_by_pid_ns() does not take the tasklist lock anymore 452 * but is nicely RCU locked - hence is a pretty resilient 453 * thing to use: 454 */ 455 return find_task_by_pid_ns(tid, &init_pid_ns); 456 } 457 458 459 /* 460 * Remap normal tasks to their real PID, 461 * CPU shadow threads are mapped to -CPU - 2 462 */ 463 static inline int shadow_pid(int realpid) 464 { 465 if (realpid) 466 return realpid; 467 468 return -raw_smp_processor_id() - 2; 469 } 470 471 /* 472 * All the functions that start with gdb_cmd are the various 473 * operations to implement the handlers for the gdbserial protocol 474 * where KGDB is communicating with an external debugger 475 */ 476 477 /* Handle the '?' status packets */ 478 static void gdb_cmd_status(struct kgdb_state *ks) 479 { 480 /* 481 * We know that this packet is only sent 482 * during initial connect. So to be safe, 483 * we clear out our breakpoints now in case 484 * GDB is reconnecting. 485 */ 486 dbg_remove_all_break(); 487 488 remcom_out_buffer[0] = 'S'; 489 hex_byte_pack(&remcom_out_buffer[1], ks->signo); 490 } 491 492 static void gdb_get_regs_helper(struct kgdb_state *ks) 493 { 494 struct task_struct *thread; 495 void *local_debuggerinfo; 496 int i; 497 498 thread = kgdb_usethread; 499 if (!thread) { 500 thread = kgdb_info[ks->cpu].task; 501 local_debuggerinfo = kgdb_info[ks->cpu].debuggerinfo; 502 } else { 503 local_debuggerinfo = NULL; 504 for_each_online_cpu(i) { 505 /* 506 * Try to find the task on some other 507 * or possibly this node if we do not 508 * find the matching task then we try 509 * to approximate the results. 510 */ 511 if (thread == kgdb_info[i].task) 512 local_debuggerinfo = kgdb_info[i].debuggerinfo; 513 } 514 } 515 516 /* 517 * All threads that don't have debuggerinfo should be 518 * in schedule() sleeping, since all other CPUs 519 * are in kgdb_wait, and thus have debuggerinfo. 520 */ 521 if (local_debuggerinfo) { 522 pt_regs_to_gdb_regs(gdb_regs, local_debuggerinfo); 523 } else { 524 /* 525 * Pull stuff saved during switch_to; nothing 526 * else is accessible (or even particularly 527 * relevant). 528 * 529 * This should be enough for a stack trace. 530 */ 531 sleeping_thread_to_gdb_regs(gdb_regs, thread); 532 } 533 } 534 535 /* Handle the 'g' get registers request */ 536 static void gdb_cmd_getregs(struct kgdb_state *ks) 537 { 538 gdb_get_regs_helper(ks); 539 kgdb_mem2hex((char *)gdb_regs, remcom_out_buffer, NUMREGBYTES); 540 } 541 542 /* Handle the 'G' set registers request */ 543 static void gdb_cmd_setregs(struct kgdb_state *ks) 544 { 545 kgdb_hex2mem(&remcom_in_buffer[1], (char *)gdb_regs, NUMREGBYTES); 546 547 if (kgdb_usethread && kgdb_usethread != current) { 548 error_packet(remcom_out_buffer, -EINVAL); 549 } else { 550 gdb_regs_to_pt_regs(gdb_regs, ks->linux_regs); 551 strcpy(remcom_out_buffer, "OK"); 552 } 553 } 554 555 /* Handle the 'm' memory read bytes */ 556 static void gdb_cmd_memread(struct kgdb_state *ks) 557 { 558 char *ptr = &remcom_in_buffer[1]; 559 unsigned long length; 560 unsigned long addr; 561 char *err; 562 563 if (kgdb_hex2long(&ptr, &addr) > 0 && *ptr++ == ',' && 564 kgdb_hex2long(&ptr, &length) > 0) { 565 err = kgdb_mem2hex((char *)addr, remcom_out_buffer, length); 566 if (!err) 567 error_packet(remcom_out_buffer, -EINVAL); 568 } else { 569 error_packet(remcom_out_buffer, -EINVAL); 570 } 571 } 572 573 /* Handle the 'M' memory write bytes */ 574 static void gdb_cmd_memwrite(struct kgdb_state *ks) 575 { 576 int err = write_mem_msg(0); 577 578 if (err) 579 error_packet(remcom_out_buffer, err); 580 else 581 strcpy(remcom_out_buffer, "OK"); 582 } 583 584 #if DBG_MAX_REG_NUM > 0 585 static char *gdb_hex_reg_helper(int regnum, char *out) 586 { 587 int i; 588 int offset = 0; 589 590 for (i = 0; i < regnum; i++) 591 offset += dbg_reg_def[i].size; 592 return kgdb_mem2hex((char *)gdb_regs + offset, out, 593 dbg_reg_def[i].size); 594 } 595 596 /* Handle the 'p' individual regster get */ 597 static void gdb_cmd_reg_get(struct kgdb_state *ks) 598 { 599 unsigned long regnum; 600 char *ptr = &remcom_in_buffer[1]; 601 602 kgdb_hex2long(&ptr, ®num); 603 if (regnum >= DBG_MAX_REG_NUM) { 604 error_packet(remcom_out_buffer, -EINVAL); 605 return; 606 } 607 gdb_get_regs_helper(ks); 608 gdb_hex_reg_helper(regnum, remcom_out_buffer); 609 } 610 611 /* Handle the 'P' individual regster set */ 612 static void gdb_cmd_reg_set(struct kgdb_state *ks) 613 { 614 unsigned long regnum; 615 char *ptr = &remcom_in_buffer[1]; 616 int i = 0; 617 618 kgdb_hex2long(&ptr, ®num); 619 if (*ptr++ != '=' || 620 !(!kgdb_usethread || kgdb_usethread == current) || 621 !dbg_get_reg(regnum, gdb_regs, ks->linux_regs)) { 622 error_packet(remcom_out_buffer, -EINVAL); 623 return; 624 } 625 memset(gdb_regs, 0, sizeof(gdb_regs)); 626 while (i < sizeof(gdb_regs) * 2) 627 if (hex_to_bin(ptr[i]) >= 0) 628 i++; 629 else 630 break; 631 i = i / 2; 632 kgdb_hex2mem(ptr, (char *)gdb_regs, i); 633 dbg_set_reg(regnum, gdb_regs, ks->linux_regs); 634 strcpy(remcom_out_buffer, "OK"); 635 } 636 #endif /* DBG_MAX_REG_NUM > 0 */ 637 638 /* Handle the 'X' memory binary write bytes */ 639 static void gdb_cmd_binwrite(struct kgdb_state *ks) 640 { 641 int err = write_mem_msg(1); 642 643 if (err) 644 error_packet(remcom_out_buffer, err); 645 else 646 strcpy(remcom_out_buffer, "OK"); 647 } 648 649 /* Handle the 'D' or 'k', detach or kill packets */ 650 static void gdb_cmd_detachkill(struct kgdb_state *ks) 651 { 652 int error; 653 654 /* The detach case */ 655 if (remcom_in_buffer[0] == 'D') { 656 error = dbg_remove_all_break(); 657 if (error < 0) { 658 error_packet(remcom_out_buffer, error); 659 } else { 660 strcpy(remcom_out_buffer, "OK"); 661 kgdb_connected = 0; 662 } 663 put_packet(remcom_out_buffer); 664 } else { 665 /* 666 * Assume the kill case, with no exit code checking, 667 * trying to force detach the debugger: 668 */ 669 dbg_remove_all_break(); 670 kgdb_connected = 0; 671 } 672 } 673 674 /* Handle the 'R' reboot packets */ 675 static int gdb_cmd_reboot(struct kgdb_state *ks) 676 { 677 /* For now, only honor R0 */ 678 if (strcmp(remcom_in_buffer, "R0") == 0) { 679 printk(KERN_CRIT "Executing emergency reboot\n"); 680 strcpy(remcom_out_buffer, "OK"); 681 put_packet(remcom_out_buffer); 682 683 /* 684 * Execution should not return from 685 * machine_emergency_restart() 686 */ 687 machine_emergency_restart(); 688 kgdb_connected = 0; 689 690 return 1; 691 } 692 return 0; 693 } 694 695 /* Handle the 'q' query packets */ 696 static void gdb_cmd_query(struct kgdb_state *ks) 697 { 698 struct task_struct *g; 699 struct task_struct *p; 700 unsigned char thref[BUF_THREAD_ID_SIZE]; 701 char *ptr; 702 int i; 703 int cpu; 704 int finished = 0; 705 706 switch (remcom_in_buffer[1]) { 707 case 's': 708 case 'f': 709 if (memcmp(remcom_in_buffer + 2, "ThreadInfo", 10)) 710 break; 711 712 i = 0; 713 remcom_out_buffer[0] = 'm'; 714 ptr = remcom_out_buffer + 1; 715 if (remcom_in_buffer[1] == 'f') { 716 /* Each cpu is a shadow thread */ 717 for_each_online_cpu(cpu) { 718 ks->thr_query = 0; 719 int_to_threadref(thref, -cpu - 2); 720 ptr = pack_threadid(ptr, thref); 721 *(ptr++) = ','; 722 i++; 723 } 724 } 725 726 do_each_thread(g, p) { 727 if (i >= ks->thr_query && !finished) { 728 int_to_threadref(thref, p->pid); 729 ptr = pack_threadid(ptr, thref); 730 *(ptr++) = ','; 731 ks->thr_query++; 732 if (ks->thr_query % KGDB_MAX_THREAD_QUERY == 0) 733 finished = 1; 734 } 735 i++; 736 } while_each_thread(g, p); 737 738 *(--ptr) = '\0'; 739 break; 740 741 case 'C': 742 /* Current thread id */ 743 strcpy(remcom_out_buffer, "QC"); 744 ks->threadid = shadow_pid(current->pid); 745 int_to_threadref(thref, ks->threadid); 746 pack_threadid(remcom_out_buffer + 2, thref); 747 break; 748 case 'T': 749 if (memcmp(remcom_in_buffer + 1, "ThreadExtraInfo,", 16)) 750 break; 751 752 ks->threadid = 0; 753 ptr = remcom_in_buffer + 17; 754 kgdb_hex2long(&ptr, &ks->threadid); 755 if (!getthread(ks->linux_regs, ks->threadid)) { 756 error_packet(remcom_out_buffer, -EINVAL); 757 break; 758 } 759 if ((int)ks->threadid > 0) { 760 kgdb_mem2hex(getthread(ks->linux_regs, 761 ks->threadid)->comm, 762 remcom_out_buffer, 16); 763 } else { 764 static char tmpstr[23 + BUF_THREAD_ID_SIZE]; 765 766 sprintf(tmpstr, "shadowCPU%d", 767 (int)(-ks->threadid - 2)); 768 kgdb_mem2hex(tmpstr, remcom_out_buffer, strlen(tmpstr)); 769 } 770 break; 771 #ifdef CONFIG_KGDB_KDB 772 case 'R': 773 if (strncmp(remcom_in_buffer, "qRcmd,", 6) == 0) { 774 int len = strlen(remcom_in_buffer + 6); 775 776 if ((len % 2) != 0) { 777 strcpy(remcom_out_buffer, "E01"); 778 break; 779 } 780 kgdb_hex2mem(remcom_in_buffer + 6, 781 remcom_out_buffer, len); 782 len = len / 2; 783 remcom_out_buffer[len++] = 0; 784 785 kdb_parse(remcom_out_buffer); 786 strcpy(remcom_out_buffer, "OK"); 787 } 788 break; 789 #endif 790 } 791 } 792 793 /* Handle the 'H' task query packets */ 794 static void gdb_cmd_task(struct kgdb_state *ks) 795 { 796 struct task_struct *thread; 797 char *ptr; 798 799 switch (remcom_in_buffer[1]) { 800 case 'g': 801 ptr = &remcom_in_buffer[2]; 802 kgdb_hex2long(&ptr, &ks->threadid); 803 thread = getthread(ks->linux_regs, ks->threadid); 804 if (!thread && ks->threadid > 0) { 805 error_packet(remcom_out_buffer, -EINVAL); 806 break; 807 } 808 kgdb_usethread = thread; 809 ks->kgdb_usethreadid = ks->threadid; 810 strcpy(remcom_out_buffer, "OK"); 811 break; 812 case 'c': 813 ptr = &remcom_in_buffer[2]; 814 kgdb_hex2long(&ptr, &ks->threadid); 815 if (!ks->threadid) { 816 kgdb_contthread = NULL; 817 } else { 818 thread = getthread(ks->linux_regs, ks->threadid); 819 if (!thread && ks->threadid > 0) { 820 error_packet(remcom_out_buffer, -EINVAL); 821 break; 822 } 823 kgdb_contthread = thread; 824 } 825 strcpy(remcom_out_buffer, "OK"); 826 break; 827 } 828 } 829 830 /* Handle the 'T' thread query packets */ 831 static void gdb_cmd_thread(struct kgdb_state *ks) 832 { 833 char *ptr = &remcom_in_buffer[1]; 834 struct task_struct *thread; 835 836 kgdb_hex2long(&ptr, &ks->threadid); 837 thread = getthread(ks->linux_regs, ks->threadid); 838 if (thread) 839 strcpy(remcom_out_buffer, "OK"); 840 else 841 error_packet(remcom_out_buffer, -EINVAL); 842 } 843 844 /* Handle the 'z' or 'Z' breakpoint remove or set packets */ 845 static void gdb_cmd_break(struct kgdb_state *ks) 846 { 847 /* 848 * Since GDB-5.3, it's been drafted that '0' is a software 849 * breakpoint, '1' is a hardware breakpoint, so let's do that. 850 */ 851 char *bpt_type = &remcom_in_buffer[1]; 852 char *ptr = &remcom_in_buffer[2]; 853 unsigned long addr; 854 unsigned long length; 855 int error = 0; 856 857 if (arch_kgdb_ops.set_hw_breakpoint && *bpt_type >= '1') { 858 /* Unsupported */ 859 if (*bpt_type > '4') 860 return; 861 } else { 862 if (*bpt_type != '0' && *bpt_type != '1') 863 /* Unsupported. */ 864 return; 865 } 866 867 /* 868 * Test if this is a hardware breakpoint, and 869 * if we support it: 870 */ 871 if (*bpt_type == '1' && !(arch_kgdb_ops.flags & KGDB_HW_BREAKPOINT)) 872 /* Unsupported. */ 873 return; 874 875 if (*(ptr++) != ',') { 876 error_packet(remcom_out_buffer, -EINVAL); 877 return; 878 } 879 if (!kgdb_hex2long(&ptr, &addr)) { 880 error_packet(remcom_out_buffer, -EINVAL); 881 return; 882 } 883 if (*(ptr++) != ',' || 884 !kgdb_hex2long(&ptr, &length)) { 885 error_packet(remcom_out_buffer, -EINVAL); 886 return; 887 } 888 889 if (remcom_in_buffer[0] == 'Z' && *bpt_type == '0') 890 error = dbg_set_sw_break(addr); 891 else if (remcom_in_buffer[0] == 'z' && *bpt_type == '0') 892 error = dbg_remove_sw_break(addr); 893 else if (remcom_in_buffer[0] == 'Z') 894 error = arch_kgdb_ops.set_hw_breakpoint(addr, 895 (int)length, *bpt_type - '0'); 896 else if (remcom_in_buffer[0] == 'z') 897 error = arch_kgdb_ops.remove_hw_breakpoint(addr, 898 (int) length, *bpt_type - '0'); 899 900 if (error == 0) 901 strcpy(remcom_out_buffer, "OK"); 902 else 903 error_packet(remcom_out_buffer, error); 904 } 905 906 /* Handle the 'C' signal / exception passing packets */ 907 static int gdb_cmd_exception_pass(struct kgdb_state *ks) 908 { 909 /* C09 == pass exception 910 * C15 == detach kgdb, pass exception 911 */ 912 if (remcom_in_buffer[1] == '0' && remcom_in_buffer[2] == '9') { 913 914 ks->pass_exception = 1; 915 remcom_in_buffer[0] = 'c'; 916 917 } else if (remcom_in_buffer[1] == '1' && remcom_in_buffer[2] == '5') { 918 919 ks->pass_exception = 1; 920 remcom_in_buffer[0] = 'D'; 921 dbg_remove_all_break(); 922 kgdb_connected = 0; 923 return 1; 924 925 } else { 926 gdbstub_msg_write("KGDB only knows signal 9 (pass)" 927 " and 15 (pass and disconnect)\n" 928 "Executing a continue without signal passing\n", 0); 929 remcom_in_buffer[0] = 'c'; 930 } 931 932 /* Indicate fall through */ 933 return -1; 934 } 935 936 /* 937 * This function performs all gdbserial command procesing 938 */ 939 int gdb_serial_stub(struct kgdb_state *ks) 940 { 941 int error = 0; 942 int tmp; 943 944 /* Initialize comm buffer and globals. */ 945 memset(remcom_out_buffer, 0, sizeof(remcom_out_buffer)); 946 kgdb_usethread = kgdb_info[ks->cpu].task; 947 ks->kgdb_usethreadid = shadow_pid(kgdb_info[ks->cpu].task->pid); 948 ks->pass_exception = 0; 949 950 if (kgdb_connected) { 951 unsigned char thref[BUF_THREAD_ID_SIZE]; 952 char *ptr; 953 954 /* Reply to host that an exception has occurred */ 955 ptr = remcom_out_buffer; 956 *ptr++ = 'T'; 957 ptr = hex_byte_pack(ptr, ks->signo); 958 ptr += strlen(strcpy(ptr, "thread:")); 959 int_to_threadref(thref, shadow_pid(current->pid)); 960 ptr = pack_threadid(ptr, thref); 961 *ptr++ = ';'; 962 put_packet(remcom_out_buffer); 963 } 964 965 while (1) { 966 error = 0; 967 968 /* Clear the out buffer. */ 969 memset(remcom_out_buffer, 0, sizeof(remcom_out_buffer)); 970 971 get_packet(remcom_in_buffer); 972 973 switch (remcom_in_buffer[0]) { 974 case '?': /* gdbserial status */ 975 gdb_cmd_status(ks); 976 break; 977 case 'g': /* return the value of the CPU registers */ 978 gdb_cmd_getregs(ks); 979 break; 980 case 'G': /* set the value of the CPU registers - return OK */ 981 gdb_cmd_setregs(ks); 982 break; 983 case 'm': /* mAA..AA,LLLL Read LLLL bytes at address AA..AA */ 984 gdb_cmd_memread(ks); 985 break; 986 case 'M': /* MAA..AA,LLLL: Write LLLL bytes at address AA..AA */ 987 gdb_cmd_memwrite(ks); 988 break; 989 #if DBG_MAX_REG_NUM > 0 990 case 'p': /* pXX Return gdb register XX (in hex) */ 991 gdb_cmd_reg_get(ks); 992 break; 993 case 'P': /* PXX=aaaa Set gdb register XX to aaaa (in hex) */ 994 gdb_cmd_reg_set(ks); 995 break; 996 #endif /* DBG_MAX_REG_NUM > 0 */ 997 case 'X': /* XAA..AA,LLLL: Write LLLL bytes at address AA..AA */ 998 gdb_cmd_binwrite(ks); 999 break; 1000 /* kill or detach. KGDB should treat this like a 1001 * continue. 1002 */ 1003 case 'D': /* Debugger detach */ 1004 case 'k': /* Debugger detach via kill */ 1005 gdb_cmd_detachkill(ks); 1006 goto default_handle; 1007 case 'R': /* Reboot */ 1008 if (gdb_cmd_reboot(ks)) 1009 goto default_handle; 1010 break; 1011 case 'q': /* query command */ 1012 gdb_cmd_query(ks); 1013 break; 1014 case 'H': /* task related */ 1015 gdb_cmd_task(ks); 1016 break; 1017 case 'T': /* Query thread status */ 1018 gdb_cmd_thread(ks); 1019 break; 1020 case 'z': /* Break point remove */ 1021 case 'Z': /* Break point set */ 1022 gdb_cmd_break(ks); 1023 break; 1024 #ifdef CONFIG_KGDB_KDB 1025 case '3': /* Escape into back into kdb */ 1026 if (remcom_in_buffer[1] == '\0') { 1027 gdb_cmd_detachkill(ks); 1028 return DBG_PASS_EVENT; 1029 } 1030 #endif 1031 case 'C': /* Exception passing */ 1032 tmp = gdb_cmd_exception_pass(ks); 1033 if (tmp > 0) 1034 goto default_handle; 1035 if (tmp == 0) 1036 break; 1037 /* Fall through on tmp < 0 */ 1038 case 'c': /* Continue packet */ 1039 case 's': /* Single step packet */ 1040 if (kgdb_contthread && kgdb_contthread != current) { 1041 /* Can't switch threads in kgdb */ 1042 error_packet(remcom_out_buffer, -EINVAL); 1043 break; 1044 } 1045 dbg_activate_sw_breakpoints(); 1046 /* Fall through to default processing */ 1047 default: 1048 default_handle: 1049 error = kgdb_arch_handle_exception(ks->ex_vector, 1050 ks->signo, 1051 ks->err_code, 1052 remcom_in_buffer, 1053 remcom_out_buffer, 1054 ks->linux_regs); 1055 /* 1056 * Leave cmd processing on error, detach, 1057 * kill, continue, or single step. 1058 */ 1059 if (error >= 0 || remcom_in_buffer[0] == 'D' || 1060 remcom_in_buffer[0] == 'k') { 1061 error = 0; 1062 goto kgdb_exit; 1063 } 1064 1065 } 1066 1067 /* reply to the request */ 1068 put_packet(remcom_out_buffer); 1069 } 1070 1071 kgdb_exit: 1072 if (ks->pass_exception) 1073 error = 1; 1074 return error; 1075 } 1076 1077 int gdbstub_state(struct kgdb_state *ks, char *cmd) 1078 { 1079 int error; 1080 1081 switch (cmd[0]) { 1082 case 'e': 1083 error = kgdb_arch_handle_exception(ks->ex_vector, 1084 ks->signo, 1085 ks->err_code, 1086 remcom_in_buffer, 1087 remcom_out_buffer, 1088 ks->linux_regs); 1089 return error; 1090 case 's': 1091 case 'c': 1092 strcpy(remcom_in_buffer, cmd); 1093 return 0; 1094 case '$': 1095 strcpy(remcom_in_buffer, cmd); 1096 gdbstub_use_prev_in_buf = strlen(remcom_in_buffer); 1097 gdbstub_prev_in_buf_pos = 0; 1098 return 0; 1099 } 1100 dbg_io_ops->write_char('+'); 1101 put_packet(remcom_out_buffer); 1102 return 0; 1103 } 1104 1105 /** 1106 * gdbstub_exit - Send an exit message to GDB 1107 * @status: The exit code to report. 1108 */ 1109 void gdbstub_exit(int status) 1110 { 1111 unsigned char checksum, ch, buffer[3]; 1112 int loop; 1113 1114 if (!kgdb_connected) 1115 return; 1116 kgdb_connected = 0; 1117 1118 if (!dbg_io_ops || dbg_kdb_mode) 1119 return; 1120 1121 buffer[0] = 'W'; 1122 buffer[1] = hex_asc_hi(status); 1123 buffer[2] = hex_asc_lo(status); 1124 1125 dbg_io_ops->write_char('$'); 1126 checksum = 0; 1127 1128 for (loop = 0; loop < 3; loop++) { 1129 ch = buffer[loop]; 1130 checksum += ch; 1131 dbg_io_ops->write_char(ch); 1132 } 1133 1134 dbg_io_ops->write_char('#'); 1135 dbg_io_ops->write_char(hex_asc_hi(checksum)); 1136 dbg_io_ops->write_char(hex_asc_lo(checksum)); 1137 1138 /* make sure the output is flushed, lest the bootloader clobber it */ 1139 if (dbg_io_ops->flush) 1140 dbg_io_ops->flush(); 1141 } 1142