Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
gdbstub.c
Go to the documentation of this file.
1 /*
2  * Kernel Debug Core
3  *
4  * Maintainer: Jason Wessel <[email protected]>
5  *
6  * Copyright (C) 2000-2001 VERITAS Software Corporation.
7  * Copyright (C) 2002-2004 Timesys Corporation
8  * Copyright (C) 2003-2004 Amit S. Kale <[email protected]>
9  * Copyright (C) 2004 Pavel Machek <[email protected]>
10  * Copyright (C) 2004-2006 Tom Rini <[email protected]>
11  * Copyright (C) 2004-2006 LinSysSoft Technologies Pvt. Ltd.
12  * Copyright (C) 2005-2009 Wind River Systems, Inc.
13  * Copyright (C) 2007 MontaVista Software, Inc.
14  * Copyright (C) 2008 Red Hat, Inc., Ingo Molnar <[email protected]>
15  *
16  * Contributors at various stages not listed above:
17  * Jason Wessel ( [email protected] )
18  * George Anzinger <[email protected]>
19  * Anurekh Saxena ([email protected])
20  * Lake Stevens Instrument Division (Glenn Engel)
21  * Jim Kingdon, Cygnus Support.
22  *
23  * Original KGDB stub: David Grothe <[email protected]>,
24  * Tigran Aivazian <[email protected]>
25  *
26  * This file is licensed under the terms of the GNU General Public License
27  * version 2. This program is licensed "as is" without any warranty of any
28  * kind, whether express or implied.
29  */
30 
31 #include <linux/kernel.h>
32 #include <linux/kgdb.h>
33 #include <linux/kdb.h>
34 #include <linux/reboot.h>
35 #include <linux/uaccess.h>
36 #include <asm/cacheflush.h>
37 #include <asm/unaligned.h>
38 #include "debug_core.h"
39 
40 #define KGDB_MAX_THREAD_QUERY 17
41 
42 /* Our I/O buffers. */
43 static char remcom_in_buffer[BUFMAX];
44 static char remcom_out_buffer[BUFMAX];
45 static int gdbstub_use_prev_in_buf;
46 static int gdbstub_prev_in_buf_pos;
47 
48 /* Storage for the registers, in GDB format. */
49 static unsigned long gdb_regs[(NUMREGBYTES +
50  sizeof(unsigned long) - 1) /
51  sizeof(unsigned long)];
52 
53 /*
54  * GDB remote protocol parser:
55  */
56 
57 #ifdef CONFIG_KGDB_KDB
58 static int gdbstub_read_wait(void)
59 {
60  int ret = -1;
61  int i;
62 
63  if (unlikely(gdbstub_use_prev_in_buf)) {
64  if (gdbstub_prev_in_buf_pos < gdbstub_use_prev_in_buf)
65  return remcom_in_buffer[gdbstub_prev_in_buf_pos++];
66  else
67  gdbstub_use_prev_in_buf = 0;
68  }
69 
70  /* poll any additional I/O interfaces that are defined */
71  while (ret < 0)
72  for (i = 0; kdb_poll_funcs[i] != NULL; i++) {
73  ret = kdb_poll_funcs[i]();
74  if (ret > 0)
75  break;
76  }
77  return ret;
78 }
79 #else
80 static int gdbstub_read_wait(void)
81 {
82  int ret = dbg_io_ops->read_char();
83  while (ret == NO_POLL_CHAR)
84  ret = dbg_io_ops->read_char();
85  return ret;
86 }
87 #endif
88 /* scan for the sequence $<data>#<checksum> */
89 static void get_packet(char *buffer)
90 {
91  unsigned char checksum;
92  unsigned char xmitcsum;
93  int count;
94  char ch;
95 
96  do {
97  /*
98  * Spin and wait around for the start character, ignore all
99  * other characters:
100  */
101  while ((ch = (gdbstub_read_wait())) != '$')
102  /* nothing */;
103 
104  kgdb_connected = 1;
105  checksum = 0;
106  xmitcsum = -1;
107 
108  count = 0;
109 
110  /*
111  * now, read until a # or end of buffer is found:
112  */
113  while (count < (BUFMAX - 1)) {
114  ch = gdbstub_read_wait();
115  if (ch == '#')
116  break;
117  checksum = checksum + ch;
118  buffer[count] = ch;
119  count = count + 1;
120  }
121 
122  if (ch == '#') {
123  xmitcsum = hex_to_bin(gdbstub_read_wait()) << 4;
124  xmitcsum += hex_to_bin(gdbstub_read_wait());
125 
126  if (checksum != xmitcsum)
127  /* failed checksum */
128  dbg_io_ops->write_char('-');
129  else
130  /* successful transfer */
131  dbg_io_ops->write_char('+');
132  if (dbg_io_ops->flush)
133  dbg_io_ops->flush();
134  }
135  buffer[count] = 0;
136  } while (checksum != xmitcsum);
137 }
138 
139 /*
140  * Send the packet in buffer.
141  * Check for gdb connection if asked for.
142  */
143 static void put_packet(char *buffer)
144 {
145  unsigned char checksum;
146  int count;
147  char ch;
148 
149  /*
150  * $<packet info>#<checksum>.
151  */
152  while (1) {
153  dbg_io_ops->write_char('$');
154  checksum = 0;
155  count = 0;
156 
157  while ((ch = buffer[count])) {
158  dbg_io_ops->write_char(ch);
159  checksum += ch;
160  count++;
161  }
162 
163  dbg_io_ops->write_char('#');
164  dbg_io_ops->write_char(hex_asc_hi(checksum));
165  dbg_io_ops->write_char(hex_asc_lo(checksum));
166  if (dbg_io_ops->flush)
167  dbg_io_ops->flush();
168 
169  /* Now see what we get in reply. */
170  ch = gdbstub_read_wait();
171 
172  if (ch == 3)
173  ch = gdbstub_read_wait();
174 
175  /* If we get an ACK, we are done. */
176  if (ch == '+')
177  return;
178 
179  /*
180  * If we get the start of another packet, this means
181  * that GDB is attempting to reconnect. We will NAK
182  * the packet being sent, and stop trying to send this
183  * packet.
184  */
185  if (ch == '$') {
186  dbg_io_ops->write_char('-');
187  if (dbg_io_ops->flush)
188  dbg_io_ops->flush();
189  return;
190  }
191  }
192 }
193 
194 static char gdbmsgbuf[BUFMAX + 1];
195 
196 void gdbstub_msg_write(const char *s, int len)
197 {
198  char *bufptr;
199  int wcount;
200  int i;
201 
202  if (len == 0)
203  len = strlen(s);
204 
205  /* 'O'utput */
206  gdbmsgbuf[0] = 'O';
207 
208  /* Fill and send buffers... */
209  while (len > 0) {
210  bufptr = gdbmsgbuf + 1;
211 
212  /* Calculate how many this time */
213  if ((len << 1) > (BUFMAX - 2))
214  wcount = (BUFMAX - 2) >> 1;
215  else
216  wcount = len;
217 
218  /* Pack in hex chars */
219  for (i = 0; i < wcount; i++)
220  bufptr = hex_byte_pack(bufptr, s[i]);
221  *bufptr = '\0';
222 
223  /* Move up */
224  s += wcount;
225  len -= wcount;
226 
227  /* Write packet */
228  put_packet(gdbmsgbuf);
229  }
230 }
231 
232 /*
233  * Convert the memory pointed to by mem into hex, placing result in
234  * buf. Return a pointer to the last char put in buf (null). May
235  * return an error.
236  */
237 char *kgdb_mem2hex(char *mem, char *buf, int count)
238 {
239  char *tmp;
240  int err;
241 
242  /*
243  * We use the upper half of buf as an intermediate buffer for the
244  * raw memory copy. Hex conversion will work against this one.
245  */
246  tmp = buf + count;
247 
248  err = probe_kernel_read(tmp, mem, count);
249  if (err)
250  return NULL;
251  while (count > 0) {
252  buf = hex_byte_pack(buf, *tmp);
253  tmp++;
254  count--;
255  }
256  *buf = 0;
257 
258  return buf;
259 }
260 
261 /*
262  * Convert the hex array pointed to by buf into binary to be placed in
263  * mem. Return a pointer to the character AFTER the last byte
264  * written. May return an error.
265  */
266 int kgdb_hex2mem(char *buf, char *mem, int count)
267 {
268  char *tmp_raw;
269  char *tmp_hex;
270 
271  /*
272  * We use the upper half of buf as an intermediate buffer for the
273  * raw memory that is converted from hex.
274  */
275  tmp_raw = buf + count * 2;
276 
277  tmp_hex = tmp_raw - 1;
278  while (tmp_hex >= buf) {
279  tmp_raw--;
280  *tmp_raw = hex_to_bin(*tmp_hex--);
281  *tmp_raw |= hex_to_bin(*tmp_hex--) << 4;
282  }
283 
284  return probe_kernel_write(mem, tmp_raw, count);
285 }
286 
287 /*
288  * While we find nice hex chars, build a long_val.
289  * Return number of chars processed.
290  */
291 int kgdb_hex2long(char **ptr, unsigned long *long_val)
292 {
293  int hex_val;
294  int num = 0;
295  int negate = 0;
296 
297  *long_val = 0;
298 
299  if (**ptr == '-') {
300  negate = 1;
301  (*ptr)++;
302  }
303  while (**ptr) {
304  hex_val = hex_to_bin(**ptr);
305  if (hex_val < 0)
306  break;
307 
308  *long_val = (*long_val << 4) | hex_val;
309  num++;
310  (*ptr)++;
311  }
312 
313  if (negate)
314  *long_val = -*long_val;
315 
316  return num;
317 }
318 
319 /*
320  * Copy the binary array pointed to by buf into mem. Fix $, #, and
321  * 0x7d escaped with 0x7d. Return -EFAULT on failure or 0 on success.
322  * The input buf is overwitten with the result to write to mem.
323  */
324 static int kgdb_ebin2mem(char *buf, char *mem, int count)
325 {
326  int size = 0;
327  char *c = buf;
328 
329  while (count-- > 0) {
330  c[size] = *buf++;
331  if (c[size] == 0x7d)
332  c[size] = *buf++ ^ 0x20;
333  size++;
334  }
335 
336  return probe_kernel_write(mem, c, size);
337 }
338 
339 #if DBG_MAX_REG_NUM > 0
340 void pt_regs_to_gdb_regs(unsigned long *gdb_regs, struct pt_regs *regs)
341 {
342  int i;
343  int idx = 0;
344  char *ptr = (char *)gdb_regs;
345 
346  for (i = 0; i < DBG_MAX_REG_NUM; i++) {
347  dbg_get_reg(i, ptr + idx, regs);
348  idx += dbg_reg_def[i].size;
349  }
350 }
351 
352 void gdb_regs_to_pt_regs(unsigned long *gdb_regs, struct pt_regs *regs)
353 {
354  int i;
355  int idx = 0;
356  char *ptr = (char *)gdb_regs;
357 
358  for (i = 0; i < DBG_MAX_REG_NUM; i++) {
359  dbg_set_reg(i, ptr + idx, regs);
360  idx += dbg_reg_def[i].size;
361  }
362 }
363 #endif /* DBG_MAX_REG_NUM > 0 */
364 
365 /* Write memory due to an 'M' or 'X' packet. */
366 static int write_mem_msg(int binary)
367 {
368  char *ptr = &remcom_in_buffer[1];
369  unsigned long addr;
370  unsigned long length;
371  int err;
372 
373  if (kgdb_hex2long(&ptr, &addr) > 0 && *(ptr++) == ',' &&
374  kgdb_hex2long(&ptr, &length) > 0 && *(ptr++) == ':') {
375  if (binary)
376  err = kgdb_ebin2mem(ptr, (char *)addr, length);
377  else
378  err = kgdb_hex2mem(ptr, (char *)addr, length);
379  if (err)
380  return err;
382  flush_icache_range(addr, addr + length);
383  return 0;
384  }
385 
386  return -EINVAL;
387 }
388 
389 static void error_packet(char *pkt, int error)
390 {
391  error = -error;
392  pkt[0] = 'E';
393  pkt[1] = hex_asc[(error / 10)];
394  pkt[2] = hex_asc[(error % 10)];
395  pkt[3] = '\0';
396 }
397 
398 /*
399  * Thread ID accessors. We represent a flat TID space to GDB, where
400  * the per CPU idle threads (which under Linux all have PID 0) are
401  * remapped to negative TIDs.
402  */
403 
404 #define BUF_THREAD_ID_SIZE 8
405 
406 static char *pack_threadid(char *pkt, unsigned char *id)
407 {
408  unsigned char *limit;
409  int lzero = 1;
410 
411  limit = id + (BUF_THREAD_ID_SIZE / 2);
412  while (id < limit) {
413  if (!lzero || *id != 0) {
414  pkt = hex_byte_pack(pkt, *id);
415  lzero = 0;
416  }
417  id++;
418  }
419 
420  if (lzero)
421  pkt = hex_byte_pack(pkt, 0);
422 
423  return pkt;
424 }
425 
426 static void int_to_threadref(unsigned char *id, int value)
427 {
428  put_unaligned_be32(value, id);
429 }
430 
431 static struct task_struct *getthread(struct pt_regs *regs, int tid)
432 {
433  /*
434  * Non-positive TIDs are remapped to the cpu shadow information
435  */
436  if (tid == 0 || tid == -1)
437  tid = -atomic_read(&kgdb_active) - 2;
438  if (tid < -1 && tid > -NR_CPUS - 2) {
439  if (kgdb_info[-tid - 2].task)
440  return kgdb_info[-tid - 2].task;
441  else
442  return idle_task(-tid - 2);
443  }
444  if (tid <= 0) {
445  printk(KERN_ERR "KGDB: Internal thread select error\n");
446  dump_stack();
447  return NULL;
448  }
449 
450  /*
451  * find_task_by_pid_ns() does not take the tasklist lock anymore
452  * but is nicely RCU locked - hence is a pretty resilient
453  * thing to use:
454  */
455  return find_task_by_pid_ns(tid, &init_pid_ns);
456 }
457 
458 
459 /*
460  * Remap normal tasks to their real PID,
461  * CPU shadow threads are mapped to -CPU - 2
462  */
463 static inline int shadow_pid(int realpid)
464 {
465  if (realpid)
466  return realpid;
467 
468  return -raw_smp_processor_id() - 2;
469 }
470 
471 /*
472  * All the functions that start with gdb_cmd are the various
473  * operations to implement the handlers for the gdbserial protocol
474  * where KGDB is communicating with an external debugger
475  */
476 
477 /* Handle the '?' status packets */
478 static void gdb_cmd_status(struct kgdb_state *ks)
479 {
480  /*
481  * We know that this packet is only sent
482  * during initial connect. So to be safe,
483  * we clear out our breakpoints now in case
484  * GDB is reconnecting.
485  */
487 
488  remcom_out_buffer[0] = 'S';
489  hex_byte_pack(&remcom_out_buffer[1], ks->signo);
490 }
491 
492 static void gdb_get_regs_helper(struct kgdb_state *ks)
493 {
494  struct task_struct *thread;
495  void *local_debuggerinfo;
496  int i;
497 
498  thread = kgdb_usethread;
499  if (!thread) {
500  thread = kgdb_info[ks->cpu].task;
501  local_debuggerinfo = kgdb_info[ks->cpu].debuggerinfo;
502  } else {
503  local_debuggerinfo = NULL;
505  /*
506  * Try to find the task on some other
507  * or possibly this node if we do not
508  * find the matching task then we try
509  * to approximate the results.
510  */
511  if (thread == kgdb_info[i].task)
512  local_debuggerinfo = kgdb_info[i].debuggerinfo;
513  }
514  }
515 
516  /*
517  * All threads that don't have debuggerinfo should be
518  * in schedule() sleeping, since all other CPUs
519  * are in kgdb_wait, and thus have debuggerinfo.
520  */
521  if (local_debuggerinfo) {
522  pt_regs_to_gdb_regs(gdb_regs, local_debuggerinfo);
523  } else {
524  /*
525  * Pull stuff saved during switch_to; nothing
526  * else is accessible (or even particularly
527  * relevant).
528  *
529  * This should be enough for a stack trace.
530  */
531  sleeping_thread_to_gdb_regs(gdb_regs, thread);
532  }
533 }
534 
535 /* Handle the 'g' get registers request */
536 static void gdb_cmd_getregs(struct kgdb_state *ks)
537 {
538  gdb_get_regs_helper(ks);
539  kgdb_mem2hex((char *)gdb_regs, remcom_out_buffer, NUMREGBYTES);
540 }
541 
542 /* Handle the 'G' set registers request */
543 static void gdb_cmd_setregs(struct kgdb_state *ks)
544 {
545  kgdb_hex2mem(&remcom_in_buffer[1], (char *)gdb_regs, NUMREGBYTES);
546 
548  error_packet(remcom_out_buffer, -EINVAL);
549  } else {
550  gdb_regs_to_pt_regs(gdb_regs, ks->linux_regs);
551  strcpy(remcom_out_buffer, "OK");
552  }
553 }
554 
555 /* Handle the 'm' memory read bytes */
556 static void gdb_cmd_memread(struct kgdb_state *ks)
557 {
558  char *ptr = &remcom_in_buffer[1];
559  unsigned long length;
560  unsigned long addr;
561  char *err;
562 
563  if (kgdb_hex2long(&ptr, &addr) > 0 && *ptr++ == ',' &&
564  kgdb_hex2long(&ptr, &length) > 0) {
565  err = kgdb_mem2hex((char *)addr, remcom_out_buffer, length);
566  if (!err)
567  error_packet(remcom_out_buffer, -EINVAL);
568  } else {
569  error_packet(remcom_out_buffer, -EINVAL);
570  }
571 }
572 
573 /* Handle the 'M' memory write bytes */
574 static void gdb_cmd_memwrite(struct kgdb_state *ks)
575 {
576  int err = write_mem_msg(0);
577 
578  if (err)
579  error_packet(remcom_out_buffer, err);
580  else
581  strcpy(remcom_out_buffer, "OK");
582 }
583 
584 #if DBG_MAX_REG_NUM > 0
585 static char *gdb_hex_reg_helper(int regnum, char *out)
586 {
587  int i;
588  int offset = 0;
589 
590  for (i = 0; i < regnum; i++)
591  offset += dbg_reg_def[i].size;
592  return kgdb_mem2hex((char *)gdb_regs + offset, out,
593  dbg_reg_def[i].size);
594 }
595 
596 /* Handle the 'p' individual regster get */
597 static void gdb_cmd_reg_get(struct kgdb_state *ks)
598 {
599  unsigned long regnum;
600  char *ptr = &remcom_in_buffer[1];
601 
602  kgdb_hex2long(&ptr, &regnum);
603  if (regnum >= DBG_MAX_REG_NUM) {
604  error_packet(remcom_out_buffer, -EINVAL);
605  return;
606  }
607  gdb_get_regs_helper(ks);
608  gdb_hex_reg_helper(regnum, remcom_out_buffer);
609 }
610 
611 /* Handle the 'P' individual regster set */
612 static void gdb_cmd_reg_set(struct kgdb_state *ks)
613 {
614  unsigned long regnum;
615  char *ptr = &remcom_in_buffer[1];
616  int i = 0;
617 
618  kgdb_hex2long(&ptr, &regnum);
619  if (*ptr++ != '=' ||
621  !dbg_get_reg(regnum, gdb_regs, ks->linux_regs)) {
622  error_packet(remcom_out_buffer, -EINVAL);
623  return;
624  }
625  memset(gdb_regs, 0, sizeof(gdb_regs));
626  while (i < sizeof(gdb_regs) * 2)
627  if (hex_to_bin(ptr[i]) >= 0)
628  i++;
629  else
630  break;
631  i = i / 2;
632  kgdb_hex2mem(ptr, (char *)gdb_regs, i);
633  dbg_set_reg(regnum, gdb_regs, ks->linux_regs);
634  strcpy(remcom_out_buffer, "OK");
635 }
636 #endif /* DBG_MAX_REG_NUM > 0 */
637 
638 /* Handle the 'X' memory binary write bytes */
639 static void gdb_cmd_binwrite(struct kgdb_state *ks)
640 {
641  int err = write_mem_msg(1);
642 
643  if (err)
644  error_packet(remcom_out_buffer, err);
645  else
646  strcpy(remcom_out_buffer, "OK");
647 }
648 
649 /* Handle the 'D' or 'k', detach or kill packets */
650 static void gdb_cmd_detachkill(struct kgdb_state *ks)
651 {
652  int error;
653 
654  /* The detach case */
655  if (remcom_in_buffer[0] == 'D') {
656  error = dbg_remove_all_break();
657  if (error < 0) {
658  error_packet(remcom_out_buffer, error);
659  } else {
660  strcpy(remcom_out_buffer, "OK");
661  kgdb_connected = 0;
662  }
663  put_packet(remcom_out_buffer);
664  } else {
665  /*
666  * Assume the kill case, with no exit code checking,
667  * trying to force detach the debugger:
668  */
670  kgdb_connected = 0;
671  }
672 }
673 
674 /* Handle the 'R' reboot packets */
675 static int gdb_cmd_reboot(struct kgdb_state *ks)
676 {
677  /* For now, only honor R0 */
678  if (strcmp(remcom_in_buffer, "R0") == 0) {
679  printk(KERN_CRIT "Executing emergency reboot\n");
680  strcpy(remcom_out_buffer, "OK");
681  put_packet(remcom_out_buffer);
682 
683  /*
684  * Execution should not return from
685  * machine_emergency_restart()
686  */
688  kgdb_connected = 0;
689 
690  return 1;
691  }
692  return 0;
693 }
694 
695 /* Handle the 'q' query packets */
696 static void gdb_cmd_query(struct kgdb_state *ks)
697 {
698  struct task_struct *g;
699  struct task_struct *p;
700  unsigned char thref[BUF_THREAD_ID_SIZE];
701  char *ptr;
702  int i;
703  int cpu;
704  int finished = 0;
705 
706  switch (remcom_in_buffer[1]) {
707  case 's':
708  case 'f':
709  if (memcmp(remcom_in_buffer + 2, "ThreadInfo", 10))
710  break;
711 
712  i = 0;
713  remcom_out_buffer[0] = 'm';
714  ptr = remcom_out_buffer + 1;
715  if (remcom_in_buffer[1] == 'f') {
716  /* Each cpu is a shadow thread */
717  for_each_online_cpu(cpu) {
718  ks->thr_query = 0;
719  int_to_threadref(thref, -cpu - 2);
720  ptr = pack_threadid(ptr, thref);
721  *(ptr++) = ',';
722  i++;
723  }
724  }
725 
726  do_each_thread(g, p) {
727  if (i >= ks->thr_query && !finished) {
728  int_to_threadref(thref, p->pid);
729  ptr = pack_threadid(ptr, thref);
730  *(ptr++) = ',';
731  ks->thr_query++;
732  if (ks->thr_query % KGDB_MAX_THREAD_QUERY == 0)
733  finished = 1;
734  }
735  i++;
736  } while_each_thread(g, p);
737 
738  *(--ptr) = '\0';
739  break;
740 
741  case 'C':
742  /* Current thread id */
743  strcpy(remcom_out_buffer, "QC");
744  ks->threadid = shadow_pid(current->pid);
745  int_to_threadref(thref, ks->threadid);
746  pack_threadid(remcom_out_buffer + 2, thref);
747  break;
748  case 'T':
749  if (memcmp(remcom_in_buffer + 1, "ThreadExtraInfo,", 16))
750  break;
751 
752  ks->threadid = 0;
753  ptr = remcom_in_buffer + 17;
754  kgdb_hex2long(&ptr, &ks->threadid);
755  if (!getthread(ks->linux_regs, ks->threadid)) {
756  error_packet(remcom_out_buffer, -EINVAL);
757  break;
758  }
759  if ((int)ks->threadid > 0) {
760  kgdb_mem2hex(getthread(ks->linux_regs,
761  ks->threadid)->comm,
762  remcom_out_buffer, 16);
763  } else {
764  static char tmpstr[23 + BUF_THREAD_ID_SIZE];
765 
766  sprintf(tmpstr, "shadowCPU%d",
767  (int)(-ks->threadid - 2));
768  kgdb_mem2hex(tmpstr, remcom_out_buffer, strlen(tmpstr));
769  }
770  break;
771 #ifdef CONFIG_KGDB_KDB
772  case 'R':
773  if (strncmp(remcom_in_buffer, "qRcmd,", 6) == 0) {
774  int len = strlen(remcom_in_buffer + 6);
775 
776  if ((len % 2) != 0) {
777  strcpy(remcom_out_buffer, "E01");
778  break;
779  }
780  kgdb_hex2mem(remcom_in_buffer + 6,
781  remcom_out_buffer, len);
782  len = len / 2;
783  remcom_out_buffer[len++] = 0;
784 
785  kdb_parse(remcom_out_buffer);
786  strcpy(remcom_out_buffer, "OK");
787  }
788  break;
789 #endif
790  }
791 }
792 
793 /* Handle the 'H' task query packets */
794 static void gdb_cmd_task(struct kgdb_state *ks)
795 {
796  struct task_struct *thread;
797  char *ptr;
798 
799  switch (remcom_in_buffer[1]) {
800  case 'g':
801  ptr = &remcom_in_buffer[2];
802  kgdb_hex2long(&ptr, &ks->threadid);
803  thread = getthread(ks->linux_regs, ks->threadid);
804  if (!thread && ks->threadid > 0) {
805  error_packet(remcom_out_buffer, -EINVAL);
806  break;
807  }
809  ks->kgdb_usethreadid = ks->threadid;
810  strcpy(remcom_out_buffer, "OK");
811  break;
812  case 'c':
813  ptr = &remcom_in_buffer[2];
814  kgdb_hex2long(&ptr, &ks->threadid);
815  if (!ks->threadid) {
817  } else {
818  thread = getthread(ks->linux_regs, ks->threadid);
819  if (!thread && ks->threadid > 0) {
820  error_packet(remcom_out_buffer, -EINVAL);
821  break;
822  }
824  }
825  strcpy(remcom_out_buffer, "OK");
826  break;
827  }
828 }
829 
830 /* Handle the 'T' thread query packets */
831 static void gdb_cmd_thread(struct kgdb_state *ks)
832 {
833  char *ptr = &remcom_in_buffer[1];
834  struct task_struct *thread;
835 
836  kgdb_hex2long(&ptr, &ks->threadid);
837  thread = getthread(ks->linux_regs, ks->threadid);
838  if (thread)
839  strcpy(remcom_out_buffer, "OK");
840  else
841  error_packet(remcom_out_buffer, -EINVAL);
842 }
843 
844 /* Handle the 'z' or 'Z' breakpoint remove or set packets */
845 static void gdb_cmd_break(struct kgdb_state *ks)
846 {
847  /*
848  * Since GDB-5.3, it's been drafted that '0' is a software
849  * breakpoint, '1' is a hardware breakpoint, so let's do that.
850  */
851  char *bpt_type = &remcom_in_buffer[1];
852  char *ptr = &remcom_in_buffer[2];
853  unsigned long addr;
854  unsigned long length;
855  int error = 0;
856 
857  if (arch_kgdb_ops.set_hw_breakpoint && *bpt_type >= '1') {
858  /* Unsupported */
859  if (*bpt_type > '4')
860  return;
861  } else {
862  if (*bpt_type != '0' && *bpt_type != '1')
863  /* Unsupported. */
864  return;
865  }
866 
867  /*
868  * Test if this is a hardware breakpoint, and
869  * if we support it:
870  */
871  if (*bpt_type == '1' && !(arch_kgdb_ops.flags & KGDB_HW_BREAKPOINT))
872  /* Unsupported. */
873  return;
874 
875  if (*(ptr++) != ',') {
876  error_packet(remcom_out_buffer, -EINVAL);
877  return;
878  }
879  if (!kgdb_hex2long(&ptr, &addr)) {
880  error_packet(remcom_out_buffer, -EINVAL);
881  return;
882  }
883  if (*(ptr++) != ',' ||
884  !kgdb_hex2long(&ptr, &length)) {
885  error_packet(remcom_out_buffer, -EINVAL);
886  return;
887  }
888 
889  if (remcom_in_buffer[0] == 'Z' && *bpt_type == '0')
890  error = dbg_set_sw_break(addr);
891  else if (remcom_in_buffer[0] == 'z' && *bpt_type == '0')
892  error = dbg_remove_sw_break(addr);
893  else if (remcom_in_buffer[0] == 'Z')
894  error = arch_kgdb_ops.set_hw_breakpoint(addr,
895  (int)length, *bpt_type - '0');
896  else if (remcom_in_buffer[0] == 'z')
897  error = arch_kgdb_ops.remove_hw_breakpoint(addr,
898  (int) length, *bpt_type - '0');
899 
900  if (error == 0)
901  strcpy(remcom_out_buffer, "OK");
902  else
903  error_packet(remcom_out_buffer, error);
904 }
905 
906 /* Handle the 'C' signal / exception passing packets */
907 static int gdb_cmd_exception_pass(struct kgdb_state *ks)
908 {
909  /* C09 == pass exception
910  * C15 == detach kgdb, pass exception
911  */
912  if (remcom_in_buffer[1] == '0' && remcom_in_buffer[2] == '9') {
913 
914  ks->pass_exception = 1;
915  remcom_in_buffer[0] = 'c';
916 
917  } else if (remcom_in_buffer[1] == '1' && remcom_in_buffer[2] == '5') {
918 
919  ks->pass_exception = 1;
920  remcom_in_buffer[0] = 'D';
922  kgdb_connected = 0;
923  return 1;
924 
925  } else {
926  gdbstub_msg_write("KGDB only knows signal 9 (pass)"
927  " and 15 (pass and disconnect)\n"
928  "Executing a continue without signal passing\n", 0);
929  remcom_in_buffer[0] = 'c';
930  }
931 
932  /* Indicate fall through */
933  return -1;
934 }
935 
936 /*
937  * This function performs all gdbserial command procesing
938  */
940 {
941  int error = 0;
942  int tmp;
943 
944  /* Initialize comm buffer and globals. */
945  memset(remcom_out_buffer, 0, sizeof(remcom_out_buffer));
946  kgdb_usethread = kgdb_info[ks->cpu].task;
947  ks->kgdb_usethreadid = shadow_pid(kgdb_info[ks->cpu].task->pid);
948  ks->pass_exception = 0;
949 
950  if (kgdb_connected) {
951  unsigned char thref[BUF_THREAD_ID_SIZE];
952  char *ptr;
953 
954  /* Reply to host that an exception has occurred */
955  ptr = remcom_out_buffer;
956  *ptr++ = 'T';
957  ptr = hex_byte_pack(ptr, ks->signo);
958  ptr += strlen(strcpy(ptr, "thread:"));
959  int_to_threadref(thref, shadow_pid(current->pid));
960  ptr = pack_threadid(ptr, thref);
961  *ptr++ = ';';
962  put_packet(remcom_out_buffer);
963  }
964 
965  while (1) {
966  error = 0;
967 
968  /* Clear the out buffer. */
969  memset(remcom_out_buffer, 0, sizeof(remcom_out_buffer));
970 
971  get_packet(remcom_in_buffer);
972 
973  switch (remcom_in_buffer[0]) {
974  case '?': /* gdbserial status */
975  gdb_cmd_status(ks);
976  break;
977  case 'g': /* return the value of the CPU registers */
978  gdb_cmd_getregs(ks);
979  break;
980  case 'G': /* set the value of the CPU registers - return OK */
981  gdb_cmd_setregs(ks);
982  break;
983  case 'm': /* mAA..AA,LLLL Read LLLL bytes at address AA..AA */
984  gdb_cmd_memread(ks);
985  break;
986  case 'M': /* MAA..AA,LLLL: Write LLLL bytes at address AA..AA */
987  gdb_cmd_memwrite(ks);
988  break;
989 #if DBG_MAX_REG_NUM > 0
990  case 'p': /* pXX Return gdb register XX (in hex) */
991  gdb_cmd_reg_get(ks);
992  break;
993  case 'P': /* PXX=aaaa Set gdb register XX to aaaa (in hex) */
994  gdb_cmd_reg_set(ks);
995  break;
996 #endif /* DBG_MAX_REG_NUM > 0 */
997  case 'X': /* XAA..AA,LLLL: Write LLLL bytes at address AA..AA */
998  gdb_cmd_binwrite(ks);
999  break;
1000  /* kill or detach. KGDB should treat this like a
1001  * continue.
1002  */
1003  case 'D': /* Debugger detach */
1004  case 'k': /* Debugger detach via kill */
1005  gdb_cmd_detachkill(ks);
1006  goto default_handle;
1007  case 'R': /* Reboot */
1008  if (gdb_cmd_reboot(ks))
1009  goto default_handle;
1010  break;
1011  case 'q': /* query command */
1012  gdb_cmd_query(ks);
1013  break;
1014  case 'H': /* task related */
1015  gdb_cmd_task(ks);
1016  break;
1017  case 'T': /* Query thread status */
1018  gdb_cmd_thread(ks);
1019  break;
1020  case 'z': /* Break point remove */
1021  case 'Z': /* Break point set */
1022  gdb_cmd_break(ks);
1023  break;
1024 #ifdef CONFIG_KGDB_KDB
1025  case '3': /* Escape into back into kdb */
1026  if (remcom_in_buffer[1] == '\0') {
1027  gdb_cmd_detachkill(ks);
1028  return DBG_PASS_EVENT;
1029  }
1030 #endif
1031  case 'C': /* Exception passing */
1032  tmp = gdb_cmd_exception_pass(ks);
1033  if (tmp > 0)
1034  goto default_handle;
1035  if (tmp == 0)
1036  break;
1037  /* Fall through on tmp < 0 */
1038  case 'c': /* Continue packet */
1039  case 's': /* Single step packet */
1041  /* Can't switch threads in kgdb */
1042  error_packet(remcom_out_buffer, -EINVAL);
1043  break;
1044  }
1046  /* Fall through to default processing */
1047  default:
1048 default_handle:
1050  ks->signo,
1051  ks->err_code,
1052  remcom_in_buffer,
1053  remcom_out_buffer,
1054  ks->linux_regs);
1055  /*
1056  * Leave cmd processing on error, detach,
1057  * kill, continue, or single step.
1058  */
1059  if (error >= 0 || remcom_in_buffer[0] == 'D' ||
1060  remcom_in_buffer[0] == 'k') {
1061  error = 0;
1062  goto kgdb_exit;
1063  }
1064 
1065  }
1066 
1067  /* reply to the request */
1068  put_packet(remcom_out_buffer);
1069  }
1070 
1071 kgdb_exit:
1072  if (ks->pass_exception)
1073  error = 1;
1074  return error;
1075 }
1076 
1077 int gdbstub_state(struct kgdb_state *ks, char *cmd)
1078 {
1079  int error;
1080 
1081  switch (cmd[0]) {
1082  case 'e':
1084  ks->signo,
1085  ks->err_code,
1086  remcom_in_buffer,
1087  remcom_out_buffer,
1088  ks->linux_regs);
1089  return error;
1090  case 's':
1091  case 'c':
1092  strcpy(remcom_in_buffer, cmd);
1093  return 0;
1094  case '$':
1095  strcpy(remcom_in_buffer, cmd);
1096  gdbstub_use_prev_in_buf = strlen(remcom_in_buffer);
1097  gdbstub_prev_in_buf_pos = 0;
1098  return 0;
1099  }
1100  dbg_io_ops->write_char('+');
1101  put_packet(remcom_out_buffer);
1102  return 0;
1103 }
1104 
1110 {
1111  unsigned char checksum, ch, buffer[3];
1112  int loop;
1113 
1114  if (!kgdb_connected)
1115  return;
1116  kgdb_connected = 0;
1117 
1118  if (!dbg_io_ops || dbg_kdb_mode)
1119  return;
1120 
1121  buffer[0] = 'W';
1122  buffer[1] = hex_asc_hi(status);
1123  buffer[2] = hex_asc_lo(status);
1124 
1125  dbg_io_ops->write_char('$');
1126  checksum = 0;
1127 
1128  for (loop = 0; loop < 3; loop++) {
1129  ch = buffer[loop];
1130  checksum += ch;
1131  dbg_io_ops->write_char(ch);
1132  }
1133 
1134  dbg_io_ops->write_char('#');
1135  dbg_io_ops->write_char(hex_asc_hi(checksum));
1136  dbg_io_ops->write_char(hex_asc_lo(checksum));
1137 
1138  /* make sure the output is flushed, lest the bootloader clobber it */
1139  if (dbg_io_ops->flush)
1140  dbg_io_ops->flush();
1141 }