1 /* 2 * gdbstub user-mode helper routines. 3 * 4 * We know for user-mode we are using TCG so we can call stuff directly. 5 * 6 * Copyright (c) 2003-2005 Fabrice Bellard 7 * Copyright (c) 2022 Linaro Ltd 8 * 9 * SPDX-License-Identifier: LGPL-2.0+ 10 */ 11 12 #include "qemu/osdep.h" 13 #include "qemu/bitops.h" 14 #include "qemu/cutils.h" 15 #include "qemu/sockets.h" 16 #include "exec/hwaddr.h" 17 #include "exec/tb-flush.h" 18 #include "exec/gdbstub.h" 19 #include "gdbstub/syscalls.h" 20 #include "gdbstub/user.h" 21 #include "hw/core/cpu.h" 22 #include "trace.h" 23 #include "internals.h" 24 25 #define GDB_NR_SYSCALLS 1024 26 typedef unsigned long GDBSyscallsMask[BITS_TO_LONGS(GDB_NR_SYSCALLS)]; 27 28 /* User-mode specific state */ 29 typedef struct { 30 int fd; 31 char *socket_path; 32 int running_state; 33 /* 34 * Store syscalls mask without memory allocation in order to avoid 35 * implementing synchronization. 36 */ 37 bool catch_all_syscalls; 38 GDBSyscallsMask catch_syscalls_mask; 39 } GDBUserState; 40 41 static GDBUserState gdbserver_user_state; 42 43 int gdb_get_char(void) 44 { 45 uint8_t ch; 46 int ret; 47 48 for (;;) { 49 ret = recv(gdbserver_user_state.fd, &ch, 1, 0); 50 if (ret < 0) { 51 if (errno == ECONNRESET) { 52 gdbserver_user_state.fd = -1; 53 } 54 if (errno != EINTR) { 55 return -1; 56 } 57 } else if (ret == 0) { 58 close(gdbserver_user_state.fd); 59 gdbserver_user_state.fd = -1; 60 return -1; 61 } else { 62 break; 63 } 64 } 65 return ch; 66 } 67 68 bool gdb_got_immediate_ack(void) 69 { 70 int i; 71 72 i = gdb_get_char(); 73 if (i < 0) { 74 /* no response, continue anyway */ 75 return true; 76 } 77 78 if (i == '+') { 79 /* received correctly, continue */ 80 return true; 81 } 82 83 /* anything else, including '-' then try again */ 84 return false; 85 } 86 87 void gdb_put_buffer(const uint8_t *buf, int len) 88 { 89 int ret; 90 91 while (len > 0) { 92 ret = send(gdbserver_user_state.fd, buf, len, 0); 93 if (ret < 0) { 94 if (errno != EINTR) { 95 return; 96 } 97 } else { 98 buf += ret; 99 len -= ret; 100 } 101 } 102 } 103 104 /* Tell the remote gdb that the process has exited. */ 105 void gdb_exit(int code) 106 { 107 char buf[4]; 108 109 if (!gdbserver_state.init) { 110 return; 111 } 112 if (gdbserver_user_state.socket_path) { 113 unlink(gdbserver_user_state.socket_path); 114 } 115 if (gdbserver_user_state.fd < 0) { 116 return; 117 } 118 119 trace_gdbstub_op_exiting((uint8_t)code); 120 121 if (gdbserver_state.allow_stop_reply) { 122 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code); 123 gdb_put_packet(buf); 124 gdbserver_state.allow_stop_reply = false; 125 } 126 127 } 128 129 void gdb_qemu_exit(int code) 130 { 131 exit(code); 132 } 133 134 int gdb_handlesig_reason(CPUState *cpu, int sig, const char *reason) 135 { 136 char buf[256]; 137 int n; 138 139 if (!gdbserver_state.init || gdbserver_user_state.fd < 0) { 140 return sig; 141 } 142 143 /* disable single step if it was enabled */ 144 cpu_single_step(cpu, 0); 145 tb_flush(cpu); 146 147 if (sig != 0) { 148 gdb_set_stop_cpu(cpu); 149 if (gdbserver_state.allow_stop_reply) { 150 g_string_printf(gdbserver_state.str_buf, 151 "T%02xthread:", gdb_target_signal_to_gdb(sig)); 152 gdb_append_thread_id(cpu, gdbserver_state.str_buf); 153 g_string_append_c(gdbserver_state.str_buf, ';'); 154 if (reason) { 155 g_string_append(gdbserver_state.str_buf, reason); 156 } 157 gdb_put_strbuf(); 158 gdbserver_state.allow_stop_reply = false; 159 } 160 } 161 /* 162 * gdb_put_packet() might have detected that the peer terminated the 163 * connection. 164 */ 165 if (gdbserver_user_state.fd < 0) { 166 return sig; 167 } 168 169 sig = 0; 170 gdbserver_state.state = RS_IDLE; 171 gdbserver_user_state.running_state = 0; 172 while (gdbserver_user_state.running_state == 0) { 173 n = read(gdbserver_user_state.fd, buf, 256); 174 if (n > 0) { 175 int i; 176 177 for (i = 0; i < n; i++) { 178 gdb_read_byte(buf[i]); 179 } 180 } else { 181 /* 182 * XXX: Connection closed. Should probably wait for another 183 * connection before continuing. 184 */ 185 if (n == 0) { 186 close(gdbserver_user_state.fd); 187 } 188 gdbserver_user_state.fd = -1; 189 return sig; 190 } 191 } 192 sig = gdbserver_state.signal; 193 gdbserver_state.signal = 0; 194 return sig; 195 } 196 197 /* Tell the remote gdb that the process has exited due to SIG. */ 198 void gdb_signalled(CPUArchState *env, int sig) 199 { 200 char buf[4]; 201 202 if (!gdbserver_state.init || gdbserver_user_state.fd < 0 || 203 !gdbserver_state.allow_stop_reply) { 204 return; 205 } 206 207 snprintf(buf, sizeof(buf), "X%02x", gdb_target_signal_to_gdb(sig)); 208 gdb_put_packet(buf); 209 gdbserver_state.allow_stop_reply = false; 210 } 211 212 static void gdb_accept_init(int fd) 213 { 214 gdb_init_gdbserver_state(); 215 gdb_create_default_process(&gdbserver_state); 216 gdbserver_state.processes[0].attached = true; 217 gdbserver_state.c_cpu = gdb_first_attached_cpu(); 218 gdbserver_state.g_cpu = gdbserver_state.c_cpu; 219 gdbserver_user_state.fd = fd; 220 } 221 222 static bool gdb_accept_socket(int gdb_fd) 223 { 224 int fd; 225 226 for (;;) { 227 fd = accept(gdb_fd, NULL, NULL); 228 if (fd < 0 && errno != EINTR) { 229 perror("accept socket"); 230 return false; 231 } else if (fd >= 0) { 232 qemu_set_cloexec(fd); 233 break; 234 } 235 } 236 237 gdb_accept_init(fd); 238 return true; 239 } 240 241 static int gdbserver_open_socket(const char *path) 242 { 243 struct sockaddr_un sockaddr = {}; 244 int fd, ret; 245 246 fd = socket(AF_UNIX, SOCK_STREAM, 0); 247 if (fd < 0) { 248 perror("create socket"); 249 return -1; 250 } 251 252 sockaddr.sun_family = AF_UNIX; 253 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path); 254 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 255 if (ret < 0) { 256 perror("bind socket"); 257 close(fd); 258 return -1; 259 } 260 ret = listen(fd, 1); 261 if (ret < 0) { 262 perror("listen socket"); 263 close(fd); 264 return -1; 265 } 266 267 return fd; 268 } 269 270 static bool gdb_accept_tcp(int gdb_fd) 271 { 272 struct sockaddr_in sockaddr = {}; 273 socklen_t len; 274 int fd; 275 276 for (;;) { 277 len = sizeof(sockaddr); 278 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len); 279 if (fd < 0 && errno != EINTR) { 280 perror("accept"); 281 return false; 282 } else if (fd >= 0) { 283 qemu_set_cloexec(fd); 284 break; 285 } 286 } 287 288 /* set short latency */ 289 if (socket_set_nodelay(fd)) { 290 perror("setsockopt"); 291 close(fd); 292 return false; 293 } 294 295 gdb_accept_init(fd); 296 return true; 297 } 298 299 static int gdbserver_open_port(int port) 300 { 301 struct sockaddr_in sockaddr; 302 int fd, ret; 303 304 fd = socket(PF_INET, SOCK_STREAM, 0); 305 if (fd < 0) { 306 perror("socket"); 307 return -1; 308 } 309 qemu_set_cloexec(fd); 310 311 socket_set_fast_reuse(fd); 312 313 sockaddr.sin_family = AF_INET; 314 sockaddr.sin_port = htons(port); 315 sockaddr.sin_addr.s_addr = 0; 316 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 317 if (ret < 0) { 318 perror("bind"); 319 close(fd); 320 return -1; 321 } 322 ret = listen(fd, 1); 323 if (ret < 0) { 324 perror("listen"); 325 close(fd); 326 return -1; 327 } 328 329 return fd; 330 } 331 332 int gdbserver_start(const char *port_or_path) 333 { 334 int port = g_ascii_strtoull(port_or_path, NULL, 10); 335 int gdb_fd; 336 337 if (port > 0) { 338 gdb_fd = gdbserver_open_port(port); 339 } else { 340 gdb_fd = gdbserver_open_socket(port_or_path); 341 } 342 343 if (gdb_fd < 0) { 344 return -1; 345 } 346 347 if (port > 0 && gdb_accept_tcp(gdb_fd)) { 348 return 0; 349 } else if (gdb_accept_socket(gdb_fd)) { 350 gdbserver_user_state.socket_path = g_strdup(port_or_path); 351 return 0; 352 } 353 354 /* gone wrong */ 355 close(gdb_fd); 356 return -1; 357 } 358 359 void gdbserver_fork_start(void) 360 { 361 } 362 363 static void disable_gdbstub(CPUState *thread_cpu) 364 { 365 CPUState *cpu; 366 367 close(gdbserver_user_state.fd); 368 gdbserver_user_state.fd = -1; 369 CPU_FOREACH(cpu) { 370 cpu_breakpoint_remove_all(cpu, BP_GDB); 371 /* no cpu_watchpoint_remove_all for user-mode */ 372 cpu_single_step(cpu, 0); 373 } 374 tb_flush(thread_cpu); 375 } 376 377 void gdbserver_fork_end(CPUState *cpu, pid_t pid) 378 { 379 if (pid != 0 || !gdbserver_state.init || gdbserver_user_state.fd < 0) { 380 return; 381 } 382 disable_gdbstub(cpu); 383 } 384 385 /* 386 * Execution state helpers 387 */ 388 389 void gdb_handle_query_attached(GArray *params, void *user_ctx) 390 { 391 gdb_put_packet("0"); 392 } 393 394 void gdb_continue(void) 395 { 396 gdbserver_user_state.running_state = 1; 397 trace_gdbstub_op_continue(); 398 } 399 400 /* 401 * Resume execution, for user-mode emulation it's equivalent to 402 * gdb_continue. 403 */ 404 int gdb_continue_partial(char *newstates) 405 { 406 CPUState *cpu; 407 int res = 0; 408 /* 409 * This is not exactly accurate, but it's an improvement compared to the 410 * previous situation, where only one CPU would be single-stepped. 411 */ 412 CPU_FOREACH(cpu) { 413 if (newstates[cpu->cpu_index] == 's') { 414 trace_gdbstub_op_stepping(cpu->cpu_index); 415 cpu_single_step(cpu, gdbserver_state.sstep_flags); 416 } 417 } 418 gdbserver_user_state.running_state = 1; 419 return res; 420 } 421 422 /* 423 * Memory access helpers 424 */ 425 int gdb_target_memory_rw_debug(CPUState *cpu, hwaddr addr, 426 uint8_t *buf, int len, bool is_write) 427 { 428 CPUClass *cc; 429 430 cc = CPU_GET_CLASS(cpu); 431 if (cc->memory_rw_debug) { 432 return cc->memory_rw_debug(cpu, addr, buf, len, is_write); 433 } 434 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write); 435 } 436 437 /* 438 * cpu helpers 439 */ 440 441 unsigned int gdb_get_max_cpus(void) 442 { 443 CPUState *cpu; 444 unsigned int max_cpus = 1; 445 446 CPU_FOREACH(cpu) { 447 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus; 448 } 449 450 return max_cpus; 451 } 452 453 /* replay not supported for user-mode */ 454 bool gdb_can_reverse(void) 455 { 456 return false; 457 } 458 459 /* 460 * Break/Watch point helpers 461 */ 462 463 bool gdb_supports_guest_debug(void) 464 { 465 /* user-mode == TCG == supported */ 466 return true; 467 } 468 469 int gdb_breakpoint_insert(CPUState *cs, int type, vaddr addr, vaddr len) 470 { 471 CPUState *cpu; 472 int err = 0; 473 474 switch (type) { 475 case GDB_BREAKPOINT_SW: 476 case GDB_BREAKPOINT_HW: 477 CPU_FOREACH(cpu) { 478 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL); 479 if (err) { 480 break; 481 } 482 } 483 return err; 484 default: 485 /* user-mode doesn't support watchpoints */ 486 return -ENOSYS; 487 } 488 } 489 490 int gdb_breakpoint_remove(CPUState *cs, int type, vaddr addr, vaddr len) 491 { 492 CPUState *cpu; 493 int err = 0; 494 495 switch (type) { 496 case GDB_BREAKPOINT_SW: 497 case GDB_BREAKPOINT_HW: 498 CPU_FOREACH(cpu) { 499 err = cpu_breakpoint_remove(cpu, addr, BP_GDB); 500 if (err) { 501 break; 502 } 503 } 504 return err; 505 default: 506 /* user-mode doesn't support watchpoints */ 507 return -ENOSYS; 508 } 509 } 510 511 void gdb_breakpoint_remove_all(CPUState *cs) 512 { 513 cpu_breakpoint_remove_all(cs, BP_GDB); 514 } 515 516 /* 517 * For user-mode syscall support we send the system call immediately 518 * and then return control to gdb for it to process the syscall request. 519 * Since the protocol requires that gdb hands control back to us 520 * using a "here are the results" F packet, we don't need to check 521 * gdb_handlesig's return value (which is the signal to deliver if 522 * execution was resumed via a continue packet). 523 */ 524 void gdb_syscall_handling(const char *syscall_packet) 525 { 526 gdb_put_packet(syscall_packet); 527 gdb_handlesig(gdbserver_state.c_cpu, 0); 528 } 529 530 static bool should_catch_syscall(int num) 531 { 532 if (gdbserver_user_state.catch_all_syscalls) { 533 return true; 534 } 535 if (num < 0 || num >= GDB_NR_SYSCALLS) { 536 return false; 537 } 538 return test_bit(num, gdbserver_user_state.catch_syscalls_mask); 539 } 540 541 void gdb_syscall_entry(CPUState *cs, int num) 542 { 543 if (should_catch_syscall(num)) { 544 g_autofree char *reason = g_strdup_printf("syscall_entry:%x;", num); 545 gdb_handlesig_reason(cs, gdb_target_sigtrap(), reason); 546 } 547 } 548 549 void gdb_syscall_return(CPUState *cs, int num) 550 { 551 if (should_catch_syscall(num)) { 552 g_autofree char *reason = g_strdup_printf("syscall_return:%x;", num); 553 gdb_handlesig_reason(cs, gdb_target_sigtrap(), reason); 554 } 555 } 556 557 void gdb_handle_set_catch_syscalls(GArray *params, void *user_ctx) 558 { 559 const char *param = get_param(params, 0)->data; 560 GDBSyscallsMask catch_syscalls_mask; 561 bool catch_all_syscalls; 562 unsigned int num; 563 const char *p; 564 565 /* "0" means not catching any syscalls. */ 566 if (strcmp(param, "0") == 0) { 567 gdbserver_user_state.catch_all_syscalls = false; 568 memset(gdbserver_user_state.catch_syscalls_mask, 0, 569 sizeof(gdbserver_user_state.catch_syscalls_mask)); 570 gdb_put_packet("OK"); 571 return; 572 } 573 574 /* "1" means catching all syscalls. */ 575 if (strcmp(param, "1") == 0) { 576 gdbserver_user_state.catch_all_syscalls = true; 577 gdb_put_packet("OK"); 578 return; 579 } 580 581 /* 582 * "1;..." means catching only the specified syscalls. 583 * The syscall list must not be empty. 584 */ 585 if (param[0] == '1' && param[1] == ';') { 586 catch_all_syscalls = false; 587 memset(catch_syscalls_mask, 0, sizeof(catch_syscalls_mask)); 588 for (p = ¶m[2];; p++) { 589 if (qemu_strtoui(p, &p, 16, &num) || (*p && *p != ';')) { 590 goto err; 591 } 592 if (num >= GDB_NR_SYSCALLS) { 593 /* 594 * Fall back to reporting all syscalls. Reporting extra 595 * syscalls is inefficient, but the spec explicitly allows it. 596 * Keep parsing in case there is a syntax error ahead. 597 */ 598 catch_all_syscalls = true; 599 } else { 600 set_bit(num, catch_syscalls_mask); 601 } 602 if (!*p) { 603 break; 604 } 605 } 606 gdbserver_user_state.catch_all_syscalls = catch_all_syscalls; 607 if (!catch_all_syscalls) { 608 memcpy(gdbserver_user_state.catch_syscalls_mask, 609 catch_syscalls_mask, sizeof(catch_syscalls_mask)); 610 } 611 gdb_put_packet("OK"); 612 return; 613 } 614 615 err: 616 gdb_put_packet("E00"); 617 } 618