1 /* 2 * gdbstub user-mode helper routines. 3 * 4 * We know for user-mode we are using TCG so we can call stuff directly. 5 * 6 * Copyright (c) 2003-2005 Fabrice Bellard 7 * Copyright (c) 2022 Linaro Ltd 8 * 9 * SPDX-License-Identifier: LGPL-2.0+ 10 */ 11 12 #include "qemu/osdep.h" 13 #include "qemu/bitops.h" 14 #include "qemu/cutils.h" 15 #include "qemu/sockets.h" 16 #include "exec/hwaddr.h" 17 #include "exec/tb-flush.h" 18 #include "exec/gdbstub.h" 19 #include "gdbstub/syscalls.h" 20 #include "gdbstub/user.h" 21 #include "hw/core/cpu.h" 22 #include "trace.h" 23 #include "internals.h" 24 25 #define GDB_NR_SYSCALLS 1024 26 typedef unsigned long GDBSyscallsMask[BITS_TO_LONGS(GDB_NR_SYSCALLS)]; 27 28 /* User-mode specific state */ 29 typedef struct { 30 int fd; 31 char *socket_path; 32 int running_state; 33 /* 34 * Store syscalls mask without memory allocation in order to avoid 35 * implementing synchronization. 36 */ 37 bool catch_all_syscalls; 38 GDBSyscallsMask catch_syscalls_mask; 39 } GDBUserState; 40 41 static GDBUserState gdbserver_user_state; 42 43 int gdb_get_char(void) 44 { 45 uint8_t ch; 46 int ret; 47 48 for (;;) { 49 ret = recv(gdbserver_user_state.fd, &ch, 1, 0); 50 if (ret < 0) { 51 if (errno == ECONNRESET) { 52 gdbserver_user_state.fd = -1; 53 } 54 if (errno != EINTR) { 55 return -1; 56 } 57 } else if (ret == 0) { 58 close(gdbserver_user_state.fd); 59 gdbserver_user_state.fd = -1; 60 return -1; 61 } else { 62 break; 63 } 64 } 65 return ch; 66 } 67 68 bool gdb_got_immediate_ack(void) 69 { 70 int i; 71 72 i = gdb_get_char(); 73 if (i < 0) { 74 /* no response, continue anyway */ 75 return true; 76 } 77 78 if (i == '+') { 79 /* received correctly, continue */ 80 return true; 81 } 82 83 /* anything else, including '-' then try again */ 84 return false; 85 } 86 87 void gdb_put_buffer(const uint8_t *buf, int len) 88 { 89 int ret; 90 91 while (len > 0) { 92 ret = send(gdbserver_user_state.fd, buf, len, 0); 93 if (ret < 0) { 94 if (errno != EINTR) { 95 return; 96 } 97 } else { 98 buf += ret; 99 len -= ret; 100 } 101 } 102 } 103 104 /* Tell the remote gdb that the process has exited. */ 105 void gdb_exit(int code) 106 { 107 char buf[4]; 108 109 if (!gdbserver_state.init) { 110 return; 111 } 112 if (gdbserver_user_state.socket_path) { 113 unlink(gdbserver_user_state.socket_path); 114 } 115 if (gdbserver_user_state.fd < 0) { 116 return; 117 } 118 119 trace_gdbstub_op_exiting((uint8_t)code); 120 121 if (gdbserver_state.allow_stop_reply) { 122 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code); 123 gdb_put_packet(buf); 124 gdbserver_state.allow_stop_reply = false; 125 } 126 127 } 128 129 void gdb_qemu_exit(int code) 130 { 131 exit(code); 132 } 133 134 int gdb_handlesig_reason(CPUState *cpu, int sig, const char *reason) 135 { 136 char buf[256]; 137 int n; 138 139 if (!gdbserver_state.init || gdbserver_user_state.fd < 0) { 140 return sig; 141 } 142 143 /* disable single step if it was enabled */ 144 cpu_single_step(cpu, 0); 145 tb_flush(cpu); 146 147 if (sig != 0) { 148 gdb_set_stop_cpu(cpu); 149 if (gdbserver_state.allow_stop_reply) { 150 g_string_printf(gdbserver_state.str_buf, 151 "T%02xthread:", gdb_target_signal_to_gdb(sig)); 152 gdb_append_thread_id(cpu, gdbserver_state.str_buf); 153 g_string_append_c(gdbserver_state.str_buf, ';'); 154 if (reason) { 155 g_string_append(gdbserver_state.str_buf, reason); 156 } 157 gdb_put_strbuf(); 158 gdbserver_state.allow_stop_reply = false; 159 } 160 } 161 /* 162 * gdb_put_packet() might have detected that the peer terminated the 163 * connection. 164 */ 165 if (gdbserver_user_state.fd < 0) { 166 return sig; 167 } 168 169 sig = 0; 170 gdbserver_state.state = RS_IDLE; 171 gdbserver_user_state.running_state = 0; 172 while (gdbserver_user_state.running_state == 0) { 173 n = read(gdbserver_user_state.fd, buf, 256); 174 if (n > 0) { 175 int i; 176 177 for (i = 0; i < n; i++) { 178 gdb_read_byte(buf[i]); 179 } 180 } else { 181 /* 182 * XXX: Connection closed. Should probably wait for another 183 * connection before continuing. 184 */ 185 if (n == 0) { 186 close(gdbserver_user_state.fd); 187 } 188 gdbserver_user_state.fd = -1; 189 return sig; 190 } 191 } 192 sig = gdbserver_state.signal; 193 gdbserver_state.signal = 0; 194 return sig; 195 } 196 197 /* Tell the remote gdb that the process has exited due to SIG. */ 198 void gdb_signalled(CPUArchState *env, int sig) 199 { 200 char buf[4]; 201 202 if (!gdbserver_state.init || gdbserver_user_state.fd < 0 || 203 !gdbserver_state.allow_stop_reply) { 204 return; 205 } 206 207 snprintf(buf, sizeof(buf), "X%02x", gdb_target_signal_to_gdb(sig)); 208 gdb_put_packet(buf); 209 gdbserver_state.allow_stop_reply = false; 210 } 211 212 static void gdb_accept_init(int fd) 213 { 214 gdb_init_gdbserver_state(); 215 gdb_create_default_process(&gdbserver_state); 216 gdbserver_state.processes[0].attached = true; 217 gdbserver_state.c_cpu = gdb_first_attached_cpu(); 218 gdbserver_state.g_cpu = gdbserver_state.c_cpu; 219 gdbserver_user_state.fd = fd; 220 } 221 222 static bool gdb_accept_socket(int gdb_fd) 223 { 224 int fd; 225 226 for (;;) { 227 fd = accept(gdb_fd, NULL, NULL); 228 if (fd < 0 && errno != EINTR) { 229 perror("accept socket"); 230 return false; 231 } else if (fd >= 0) { 232 qemu_set_cloexec(fd); 233 break; 234 } 235 } 236 237 gdb_accept_init(fd); 238 return true; 239 } 240 241 static int gdbserver_open_socket(const char *path) 242 { 243 struct sockaddr_un sockaddr = {}; 244 int fd, ret; 245 246 fd = socket(AF_UNIX, SOCK_STREAM, 0); 247 if (fd < 0) { 248 perror("create socket"); 249 return -1; 250 } 251 252 sockaddr.sun_family = AF_UNIX; 253 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path); 254 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 255 if (ret < 0) { 256 perror("bind socket"); 257 close(fd); 258 return -1; 259 } 260 ret = listen(fd, 1); 261 if (ret < 0) { 262 perror("listen socket"); 263 close(fd); 264 return -1; 265 } 266 267 return fd; 268 } 269 270 static bool gdb_accept_tcp(int gdb_fd) 271 { 272 struct sockaddr_in sockaddr = {}; 273 socklen_t len; 274 int fd; 275 276 for (;;) { 277 len = sizeof(sockaddr); 278 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len); 279 if (fd < 0 && errno != EINTR) { 280 perror("accept"); 281 return false; 282 } else if (fd >= 0) { 283 qemu_set_cloexec(fd); 284 break; 285 } 286 } 287 288 /* set short latency */ 289 if (socket_set_nodelay(fd)) { 290 perror("setsockopt"); 291 close(fd); 292 return false; 293 } 294 295 gdb_accept_init(fd); 296 return true; 297 } 298 299 static int gdbserver_open_port(int port) 300 { 301 struct sockaddr_in sockaddr; 302 int fd, ret; 303 304 fd = socket(PF_INET, SOCK_STREAM, 0); 305 if (fd < 0) { 306 perror("socket"); 307 return -1; 308 } 309 qemu_set_cloexec(fd); 310 311 socket_set_fast_reuse(fd); 312 313 sockaddr.sin_family = AF_INET; 314 sockaddr.sin_port = htons(port); 315 sockaddr.sin_addr.s_addr = 0; 316 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 317 if (ret < 0) { 318 perror("bind"); 319 close(fd); 320 return -1; 321 } 322 ret = listen(fd, 1); 323 if (ret < 0) { 324 perror("listen"); 325 close(fd); 326 return -1; 327 } 328 329 return fd; 330 } 331 332 int gdbserver_start(const char *port_or_path) 333 { 334 int port = g_ascii_strtoull(port_or_path, NULL, 10); 335 int gdb_fd; 336 337 if (port > 0) { 338 gdb_fd = gdbserver_open_port(port); 339 } else { 340 gdb_fd = gdbserver_open_socket(port_or_path); 341 } 342 343 if (gdb_fd < 0) { 344 return -1; 345 } 346 347 if (port > 0 && gdb_accept_tcp(gdb_fd)) { 348 return 0; 349 } else if (gdb_accept_socket(gdb_fd)) { 350 gdbserver_user_state.socket_path = g_strdup(port_or_path); 351 return 0; 352 } 353 354 /* gone wrong */ 355 close(gdb_fd); 356 return -1; 357 } 358 359 void gdbserver_fork_start(void) 360 { 361 } 362 363 static void disable_gdbstub(CPUState *thread_cpu) 364 { 365 CPUState *cpu; 366 367 close(gdbserver_user_state.fd); 368 gdbserver_user_state.fd = -1; 369 CPU_FOREACH(cpu) { 370 cpu_breakpoint_remove_all(cpu, BP_GDB); 371 /* no cpu_watchpoint_remove_all for user-mode */ 372 cpu_single_step(cpu, 0); 373 } 374 tb_flush(thread_cpu); 375 } 376 377 void gdbserver_fork_end(CPUState *cpu, pid_t pid) 378 { 379 if (pid != 0 || !gdbserver_state.init || gdbserver_user_state.fd < 0) { 380 return; 381 } 382 disable_gdbstub(cpu); 383 } 384 385 void gdb_handle_query_supported_user(const char *gdb_supported) 386 { 387 } 388 389 bool gdb_handle_set_thread_user(uint32_t pid, uint32_t tid) 390 { 391 return false; 392 } 393 394 /* 395 * Execution state helpers 396 */ 397 398 void gdb_handle_query_attached(GArray *params, void *user_ctx) 399 { 400 gdb_put_packet("0"); 401 } 402 403 void gdb_continue(void) 404 { 405 gdbserver_user_state.running_state = 1; 406 trace_gdbstub_op_continue(); 407 } 408 409 /* 410 * Resume execution, for user-mode emulation it's equivalent to 411 * gdb_continue. 412 */ 413 int gdb_continue_partial(char *newstates) 414 { 415 CPUState *cpu; 416 int res = 0; 417 /* 418 * This is not exactly accurate, but it's an improvement compared to the 419 * previous situation, where only one CPU would be single-stepped. 420 */ 421 CPU_FOREACH(cpu) { 422 if (newstates[cpu->cpu_index] == 's') { 423 trace_gdbstub_op_stepping(cpu->cpu_index); 424 cpu_single_step(cpu, gdbserver_state.sstep_flags); 425 } 426 } 427 gdbserver_user_state.running_state = 1; 428 return res; 429 } 430 431 /* 432 * Memory access helpers 433 */ 434 int gdb_target_memory_rw_debug(CPUState *cpu, hwaddr addr, 435 uint8_t *buf, int len, bool is_write) 436 { 437 CPUClass *cc; 438 439 cc = CPU_GET_CLASS(cpu); 440 if (cc->memory_rw_debug) { 441 return cc->memory_rw_debug(cpu, addr, buf, len, is_write); 442 } 443 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write); 444 } 445 446 /* 447 * cpu helpers 448 */ 449 450 unsigned int gdb_get_max_cpus(void) 451 { 452 CPUState *cpu; 453 unsigned int max_cpus = 1; 454 455 CPU_FOREACH(cpu) { 456 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus; 457 } 458 459 return max_cpus; 460 } 461 462 /* replay not supported for user-mode */ 463 bool gdb_can_reverse(void) 464 { 465 return false; 466 } 467 468 /* 469 * Break/Watch point helpers 470 */ 471 472 bool gdb_supports_guest_debug(void) 473 { 474 /* user-mode == TCG == supported */ 475 return true; 476 } 477 478 int gdb_breakpoint_insert(CPUState *cs, int type, vaddr addr, vaddr len) 479 { 480 CPUState *cpu; 481 int err = 0; 482 483 switch (type) { 484 case GDB_BREAKPOINT_SW: 485 case GDB_BREAKPOINT_HW: 486 CPU_FOREACH(cpu) { 487 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL); 488 if (err) { 489 break; 490 } 491 } 492 return err; 493 default: 494 /* user-mode doesn't support watchpoints */ 495 return -ENOSYS; 496 } 497 } 498 499 int gdb_breakpoint_remove(CPUState *cs, int type, vaddr addr, vaddr len) 500 { 501 CPUState *cpu; 502 int err = 0; 503 504 switch (type) { 505 case GDB_BREAKPOINT_SW: 506 case GDB_BREAKPOINT_HW: 507 CPU_FOREACH(cpu) { 508 err = cpu_breakpoint_remove(cpu, addr, BP_GDB); 509 if (err) { 510 break; 511 } 512 } 513 return err; 514 default: 515 /* user-mode doesn't support watchpoints */ 516 return -ENOSYS; 517 } 518 } 519 520 void gdb_breakpoint_remove_all(CPUState *cs) 521 { 522 cpu_breakpoint_remove_all(cs, BP_GDB); 523 } 524 525 /* 526 * For user-mode syscall support we send the system call immediately 527 * and then return control to gdb for it to process the syscall request. 528 * Since the protocol requires that gdb hands control back to us 529 * using a "here are the results" F packet, we don't need to check 530 * gdb_handlesig's return value (which is the signal to deliver if 531 * execution was resumed via a continue packet). 532 */ 533 void gdb_syscall_handling(const char *syscall_packet) 534 { 535 gdb_put_packet(syscall_packet); 536 gdb_handlesig(gdbserver_state.c_cpu, 0); 537 } 538 539 static bool should_catch_syscall(int num) 540 { 541 if (gdbserver_user_state.catch_all_syscalls) { 542 return true; 543 } 544 if (num < 0 || num >= GDB_NR_SYSCALLS) { 545 return false; 546 } 547 return test_bit(num, gdbserver_user_state.catch_syscalls_mask); 548 } 549 550 void gdb_syscall_entry(CPUState *cs, int num) 551 { 552 if (should_catch_syscall(num)) { 553 g_autofree char *reason = g_strdup_printf("syscall_entry:%x;", num); 554 gdb_handlesig_reason(cs, gdb_target_sigtrap(), reason); 555 } 556 } 557 558 void gdb_syscall_return(CPUState *cs, int num) 559 { 560 if (should_catch_syscall(num)) { 561 g_autofree char *reason = g_strdup_printf("syscall_return:%x;", num); 562 gdb_handlesig_reason(cs, gdb_target_sigtrap(), reason); 563 } 564 } 565 566 void gdb_handle_set_catch_syscalls(GArray *params, void *user_ctx) 567 { 568 const char *param = get_param(params, 0)->data; 569 GDBSyscallsMask catch_syscalls_mask; 570 bool catch_all_syscalls; 571 unsigned int num; 572 const char *p; 573 574 /* "0" means not catching any syscalls. */ 575 if (strcmp(param, "0") == 0) { 576 gdbserver_user_state.catch_all_syscalls = false; 577 memset(gdbserver_user_state.catch_syscalls_mask, 0, 578 sizeof(gdbserver_user_state.catch_syscalls_mask)); 579 gdb_put_packet("OK"); 580 return; 581 } 582 583 /* "1" means catching all syscalls. */ 584 if (strcmp(param, "1") == 0) { 585 gdbserver_user_state.catch_all_syscalls = true; 586 gdb_put_packet("OK"); 587 return; 588 } 589 590 /* 591 * "1;..." means catching only the specified syscalls. 592 * The syscall list must not be empty. 593 */ 594 if (param[0] == '1' && param[1] == ';') { 595 catch_all_syscalls = false; 596 memset(catch_syscalls_mask, 0, sizeof(catch_syscalls_mask)); 597 for (p = ¶m[2];; p++) { 598 if (qemu_strtoui(p, &p, 16, &num) || (*p && *p != ';')) { 599 goto err; 600 } 601 if (num >= GDB_NR_SYSCALLS) { 602 /* 603 * Fall back to reporting all syscalls. Reporting extra 604 * syscalls is inefficient, but the spec explicitly allows it. 605 * Keep parsing in case there is a syntax error ahead. 606 */ 607 catch_all_syscalls = true; 608 } else { 609 set_bit(num, catch_syscalls_mask); 610 } 611 if (!*p) { 612 break; 613 } 614 } 615 gdbserver_user_state.catch_all_syscalls = catch_all_syscalls; 616 if (!catch_all_syscalls) { 617 memcpy(gdbserver_user_state.catch_syscalls_mask, 618 catch_syscalls_mask, sizeof(catch_syscalls_mask)); 619 } 620 gdb_put_packet("OK"); 621 return; 622 } 623 624 err: 625 gdb_put_packet("E00"); 626 } 627