1 /* 2 * gdbstub user-mode helper routines. 3 * 4 * We know for user-mode we are using TCG so we can call stuff directly. 5 * 6 * Copyright (c) 2003-2005 Fabrice Bellard 7 * Copyright (c) 2022 Linaro Ltd 8 * 9 * SPDX-License-Identifier: LGPL-2.0+ 10 */ 11 12 #include "qemu/osdep.h" 13 #include "qemu/bitops.h" 14 #include "qemu/cutils.h" 15 #include "qemu/sockets.h" 16 #include "exec/hwaddr.h" 17 #include "exec/tb-flush.h" 18 #include "exec/gdbstub.h" 19 #include "gdbstub/syscalls.h" 20 #include "gdbstub/user.h" 21 #include "hw/core/cpu.h" 22 #include "trace.h" 23 #include "internals.h" 24 25 #define GDB_NR_SYSCALLS 1024 26 typedef unsigned long GDBSyscallsMask[BITS_TO_LONGS(GDB_NR_SYSCALLS)]; 27 28 /* User-mode specific state */ 29 typedef struct { 30 int fd; 31 char *socket_path; 32 int running_state; 33 /* 34 * Store syscalls mask without memory allocation in order to avoid 35 * implementing synchronization. 36 */ 37 bool catch_all_syscalls; 38 GDBSyscallsMask catch_syscalls_mask; 39 } GDBUserState; 40 41 static GDBUserState gdbserver_user_state; 42 43 int gdb_get_char(void) 44 { 45 uint8_t ch; 46 int ret; 47 48 for (;;) { 49 ret = recv(gdbserver_user_state.fd, &ch, 1, 0); 50 if (ret < 0) { 51 if (errno == ECONNRESET) { 52 gdbserver_user_state.fd = -1; 53 } 54 if (errno != EINTR) { 55 return -1; 56 } 57 } else if (ret == 0) { 58 close(gdbserver_user_state.fd); 59 gdbserver_user_state.fd = -1; 60 return -1; 61 } else { 62 break; 63 } 64 } 65 return ch; 66 } 67 68 bool gdb_got_immediate_ack(void) 69 { 70 int i; 71 72 i = gdb_get_char(); 73 if (i < 0) { 74 /* no response, continue anyway */ 75 return true; 76 } 77 78 if (i == '+') { 79 /* received correctly, continue */ 80 return true; 81 } 82 83 /* anything else, including '-' then try again */ 84 return false; 85 } 86 87 void gdb_put_buffer(const uint8_t *buf, int len) 88 { 89 int ret; 90 91 while (len > 0) { 92 ret = send(gdbserver_user_state.fd, buf, len, 0); 93 if (ret < 0) { 94 if (errno != EINTR) { 95 return; 96 } 97 } else { 98 buf += ret; 99 len -= ret; 100 } 101 } 102 } 103 104 /* Tell the remote gdb that the process has exited. */ 105 void gdb_exit(int code) 106 { 107 char buf[4]; 108 109 if (!gdbserver_state.init) { 110 return; 111 } 112 if (gdbserver_user_state.socket_path) { 113 unlink(gdbserver_user_state.socket_path); 114 } 115 if (gdbserver_user_state.fd < 0) { 116 return; 117 } 118 119 trace_gdbstub_op_exiting((uint8_t)code); 120 121 if (gdbserver_state.allow_stop_reply) { 122 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code); 123 gdb_put_packet(buf); 124 gdbserver_state.allow_stop_reply = false; 125 } 126 127 } 128 129 void gdb_qemu_exit(int code) 130 { 131 exit(code); 132 } 133 134 int gdb_handlesig_reason(CPUState *cpu, int sig, const char *reason) 135 { 136 char buf[256]; 137 int n; 138 139 if (!gdbserver_state.init || gdbserver_user_state.fd < 0) { 140 return sig; 141 } 142 143 /* disable single step if it was enabled */ 144 cpu_single_step(cpu, 0); 145 tb_flush(cpu); 146 147 if (sig != 0) { 148 gdb_set_stop_cpu(cpu); 149 if (gdbserver_state.allow_stop_reply) { 150 g_string_printf(gdbserver_state.str_buf, 151 "T%02xthread:", gdb_target_signal_to_gdb(sig)); 152 gdb_append_thread_id(cpu, gdbserver_state.str_buf); 153 g_string_append_c(gdbserver_state.str_buf, ';'); 154 if (reason) { 155 g_string_append(gdbserver_state.str_buf, reason); 156 } 157 gdb_put_strbuf(); 158 gdbserver_state.allow_stop_reply = false; 159 } 160 } 161 /* 162 * gdb_put_packet() might have detected that the peer terminated the 163 * connection. 164 */ 165 if (gdbserver_user_state.fd < 0) { 166 return sig; 167 } 168 169 sig = 0; 170 gdbserver_state.state = RS_IDLE; 171 gdbserver_user_state.running_state = 0; 172 while (gdbserver_user_state.running_state == 0) { 173 n = read(gdbserver_user_state.fd, buf, 256); 174 if (n > 0) { 175 int i; 176 177 for (i = 0; i < n; i++) { 178 gdb_read_byte(buf[i]); 179 } 180 } else { 181 /* 182 * XXX: Connection closed. Should probably wait for another 183 * connection before continuing. 184 */ 185 if (n == 0) { 186 close(gdbserver_user_state.fd); 187 } 188 gdbserver_user_state.fd = -1; 189 return sig; 190 } 191 } 192 sig = gdbserver_state.signal; 193 gdbserver_state.signal = 0; 194 return sig; 195 } 196 197 /* Tell the remote gdb that the process has exited due to SIG. */ 198 void gdb_signalled(CPUArchState *env, int sig) 199 { 200 char buf[4]; 201 202 if (!gdbserver_state.init || gdbserver_user_state.fd < 0 || 203 !gdbserver_state.allow_stop_reply) { 204 return; 205 } 206 207 snprintf(buf, sizeof(buf), "X%02x", gdb_target_signal_to_gdb(sig)); 208 gdb_put_packet(buf); 209 gdbserver_state.allow_stop_reply = false; 210 } 211 212 static void gdb_accept_init(int fd) 213 { 214 gdb_init_gdbserver_state(); 215 gdb_create_default_process(&gdbserver_state); 216 gdbserver_state.processes[0].attached = true; 217 gdbserver_state.c_cpu = gdb_first_attached_cpu(); 218 gdbserver_state.g_cpu = gdbserver_state.c_cpu; 219 gdbserver_user_state.fd = fd; 220 } 221 222 static bool gdb_accept_socket(int gdb_fd) 223 { 224 int fd; 225 226 for (;;) { 227 fd = accept(gdb_fd, NULL, NULL); 228 if (fd < 0 && errno != EINTR) { 229 perror("accept socket"); 230 return false; 231 } else if (fd >= 0) { 232 qemu_set_cloexec(fd); 233 break; 234 } 235 } 236 237 gdb_accept_init(fd); 238 return true; 239 } 240 241 static int gdbserver_open_socket(const char *path) 242 { 243 struct sockaddr_un sockaddr = {}; 244 int fd, ret; 245 246 fd = socket(AF_UNIX, SOCK_STREAM, 0); 247 if (fd < 0) { 248 perror("create socket"); 249 return -1; 250 } 251 252 sockaddr.sun_family = AF_UNIX; 253 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path); 254 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 255 if (ret < 0) { 256 perror("bind socket"); 257 close(fd); 258 return -1; 259 } 260 ret = listen(fd, 1); 261 if (ret < 0) { 262 perror("listen socket"); 263 close(fd); 264 return -1; 265 } 266 267 return fd; 268 } 269 270 static bool gdb_accept_tcp(int gdb_fd) 271 { 272 struct sockaddr_in sockaddr = {}; 273 socklen_t len; 274 int fd; 275 276 for (;;) { 277 len = sizeof(sockaddr); 278 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len); 279 if (fd < 0 && errno != EINTR) { 280 perror("accept"); 281 return false; 282 } else if (fd >= 0) { 283 qemu_set_cloexec(fd); 284 break; 285 } 286 } 287 288 /* set short latency */ 289 if (socket_set_nodelay(fd)) { 290 perror("setsockopt"); 291 close(fd); 292 return false; 293 } 294 295 gdb_accept_init(fd); 296 return true; 297 } 298 299 static int gdbserver_open_port(int port) 300 { 301 struct sockaddr_in sockaddr; 302 int fd, ret; 303 304 fd = socket(PF_INET, SOCK_STREAM, 0); 305 if (fd < 0) { 306 perror("socket"); 307 return -1; 308 } 309 qemu_set_cloexec(fd); 310 311 socket_set_fast_reuse(fd); 312 313 sockaddr.sin_family = AF_INET; 314 sockaddr.sin_port = htons(port); 315 sockaddr.sin_addr.s_addr = 0; 316 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 317 if (ret < 0) { 318 perror("bind"); 319 close(fd); 320 return -1; 321 } 322 ret = listen(fd, 1); 323 if (ret < 0) { 324 perror("listen"); 325 close(fd); 326 return -1; 327 } 328 329 return fd; 330 } 331 332 int gdbserver_start(const char *port_or_path) 333 { 334 int port = g_ascii_strtoull(port_or_path, NULL, 10); 335 int gdb_fd; 336 337 if (port > 0) { 338 gdb_fd = gdbserver_open_port(port); 339 } else { 340 gdb_fd = gdbserver_open_socket(port_or_path); 341 } 342 343 if (gdb_fd < 0) { 344 return -1; 345 } 346 347 if (port > 0 && gdb_accept_tcp(gdb_fd)) { 348 return 0; 349 } else if (gdb_accept_socket(gdb_fd)) { 350 gdbserver_user_state.socket_path = g_strdup(port_or_path); 351 return 0; 352 } 353 354 /* gone wrong */ 355 close(gdb_fd); 356 return -1; 357 } 358 359 /* Disable gdb stub for child processes. */ 360 void gdbserver_fork(CPUState *cpu) 361 { 362 if (!gdbserver_state.init || gdbserver_user_state.fd < 0) { 363 return; 364 } 365 close(gdbserver_user_state.fd); 366 gdbserver_user_state.fd = -1; 367 cpu_breakpoint_remove_all(cpu, BP_GDB); 368 /* no cpu_watchpoint_remove_all for user-mode */ 369 } 370 371 /* 372 * Execution state helpers 373 */ 374 375 void gdb_handle_query_attached(GArray *params, void *user_ctx) 376 { 377 gdb_put_packet("0"); 378 } 379 380 void gdb_continue(void) 381 { 382 gdbserver_user_state.running_state = 1; 383 trace_gdbstub_op_continue(); 384 } 385 386 /* 387 * Resume execution, for user-mode emulation it's equivalent to 388 * gdb_continue. 389 */ 390 int gdb_continue_partial(char *newstates) 391 { 392 CPUState *cpu; 393 int res = 0; 394 /* 395 * This is not exactly accurate, but it's an improvement compared to the 396 * previous situation, where only one CPU would be single-stepped. 397 */ 398 CPU_FOREACH(cpu) { 399 if (newstates[cpu->cpu_index] == 's') { 400 trace_gdbstub_op_stepping(cpu->cpu_index); 401 cpu_single_step(cpu, gdbserver_state.sstep_flags); 402 } 403 } 404 gdbserver_user_state.running_state = 1; 405 return res; 406 } 407 408 /* 409 * Memory access helpers 410 */ 411 int gdb_target_memory_rw_debug(CPUState *cpu, hwaddr addr, 412 uint8_t *buf, int len, bool is_write) 413 { 414 CPUClass *cc; 415 416 cc = CPU_GET_CLASS(cpu); 417 if (cc->memory_rw_debug) { 418 return cc->memory_rw_debug(cpu, addr, buf, len, is_write); 419 } 420 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write); 421 } 422 423 /* 424 * cpu helpers 425 */ 426 427 unsigned int gdb_get_max_cpus(void) 428 { 429 CPUState *cpu; 430 unsigned int max_cpus = 1; 431 432 CPU_FOREACH(cpu) { 433 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus; 434 } 435 436 return max_cpus; 437 } 438 439 /* replay not supported for user-mode */ 440 bool gdb_can_reverse(void) 441 { 442 return false; 443 } 444 445 /* 446 * Break/Watch point helpers 447 */ 448 449 bool gdb_supports_guest_debug(void) 450 { 451 /* user-mode == TCG == supported */ 452 return true; 453 } 454 455 int gdb_breakpoint_insert(CPUState *cs, int type, vaddr addr, vaddr len) 456 { 457 CPUState *cpu; 458 int err = 0; 459 460 switch (type) { 461 case GDB_BREAKPOINT_SW: 462 case GDB_BREAKPOINT_HW: 463 CPU_FOREACH(cpu) { 464 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL); 465 if (err) { 466 break; 467 } 468 } 469 return err; 470 default: 471 /* user-mode doesn't support watchpoints */ 472 return -ENOSYS; 473 } 474 } 475 476 int gdb_breakpoint_remove(CPUState *cs, int type, vaddr addr, vaddr len) 477 { 478 CPUState *cpu; 479 int err = 0; 480 481 switch (type) { 482 case GDB_BREAKPOINT_SW: 483 case GDB_BREAKPOINT_HW: 484 CPU_FOREACH(cpu) { 485 err = cpu_breakpoint_remove(cpu, addr, BP_GDB); 486 if (err) { 487 break; 488 } 489 } 490 return err; 491 default: 492 /* user-mode doesn't support watchpoints */ 493 return -ENOSYS; 494 } 495 } 496 497 void gdb_breakpoint_remove_all(CPUState *cs) 498 { 499 cpu_breakpoint_remove_all(cs, BP_GDB); 500 } 501 502 /* 503 * For user-mode syscall support we send the system call immediately 504 * and then return control to gdb for it to process the syscall request. 505 * Since the protocol requires that gdb hands control back to us 506 * using a "here are the results" F packet, we don't need to check 507 * gdb_handlesig's return value (which is the signal to deliver if 508 * execution was resumed via a continue packet). 509 */ 510 void gdb_syscall_handling(const char *syscall_packet) 511 { 512 gdb_put_packet(syscall_packet); 513 gdb_handlesig(gdbserver_state.c_cpu, 0); 514 } 515 516 static bool should_catch_syscall(int num) 517 { 518 if (gdbserver_user_state.catch_all_syscalls) { 519 return true; 520 } 521 if (num < 0 || num >= GDB_NR_SYSCALLS) { 522 return false; 523 } 524 return test_bit(num, gdbserver_user_state.catch_syscalls_mask); 525 } 526 527 void gdb_syscall_entry(CPUState *cs, int num) 528 { 529 if (should_catch_syscall(num)) { 530 g_autofree char *reason = g_strdup_printf("syscall_entry:%x;", num); 531 gdb_handlesig_reason(cs, gdb_target_sigtrap(), reason); 532 } 533 } 534 535 void gdb_syscall_return(CPUState *cs, int num) 536 { 537 if (should_catch_syscall(num)) { 538 g_autofree char *reason = g_strdup_printf("syscall_return:%x;", num); 539 gdb_handlesig_reason(cs, gdb_target_sigtrap(), reason); 540 } 541 } 542 543 void gdb_handle_set_catch_syscalls(GArray *params, void *user_ctx) 544 { 545 const char *param = get_param(params, 0)->data; 546 GDBSyscallsMask catch_syscalls_mask; 547 bool catch_all_syscalls; 548 unsigned int num; 549 const char *p; 550 551 /* "0" means not catching any syscalls. */ 552 if (strcmp(param, "0") == 0) { 553 gdbserver_user_state.catch_all_syscalls = false; 554 memset(gdbserver_user_state.catch_syscalls_mask, 0, 555 sizeof(gdbserver_user_state.catch_syscalls_mask)); 556 gdb_put_packet("OK"); 557 return; 558 } 559 560 /* "1" means catching all syscalls. */ 561 if (strcmp(param, "1") == 0) { 562 gdbserver_user_state.catch_all_syscalls = true; 563 gdb_put_packet("OK"); 564 return; 565 } 566 567 /* 568 * "1;..." means catching only the specified syscalls. 569 * The syscall list must not be empty. 570 */ 571 if (param[0] == '1' && param[1] == ';') { 572 catch_all_syscalls = false; 573 memset(catch_syscalls_mask, 0, sizeof(catch_syscalls_mask)); 574 for (p = ¶m[2];; p++) { 575 if (qemu_strtoui(p, &p, 16, &num) || (*p && *p != ';')) { 576 goto err; 577 } 578 if (num >= GDB_NR_SYSCALLS) { 579 /* 580 * Fall back to reporting all syscalls. Reporting extra 581 * syscalls is inefficient, but the spec explicitly allows it. 582 * Keep parsing in case there is a syntax error ahead. 583 */ 584 catch_all_syscalls = true; 585 } else { 586 set_bit(num, catch_syscalls_mask); 587 } 588 if (!*p) { 589 break; 590 } 591 } 592 gdbserver_user_state.catch_all_syscalls = catch_all_syscalls; 593 if (!catch_all_syscalls) { 594 memcpy(gdbserver_user_state.catch_syscalls_mask, 595 catch_syscalls_mask, sizeof(catch_syscalls_mask)); 596 } 597 gdb_put_packet("OK"); 598 return; 599 } 600 601 err: 602 gdb_put_packet("E00"); 603 } 604