1 /* 2 * gdbstub user-mode helper routines. 3 * 4 * We know for user-mode we are using TCG so we can call stuff directly. 5 * 6 * Copyright (c) 2003-2005 Fabrice Bellard 7 * Copyright (c) 2022 Linaro Ltd 8 * 9 * SPDX-License-Identifier: LGPL-2.0+ 10 */ 11 12 #include "qemu/osdep.h" 13 #include "qemu/bitops.h" 14 #include "qemu/cutils.h" 15 #include "qemu/sockets.h" 16 #include "exec/hwaddr.h" 17 #include "exec/tb-flush.h" 18 #include "exec/gdbstub.h" 19 #include "gdbstub/syscalls.h" 20 #include "gdbstub/user.h" 21 #include "hw/core/cpu.h" 22 #include "trace.h" 23 #include "internals.h" 24 25 #define GDB_NR_SYSCALLS 1024 26 typedef unsigned long GDBSyscallsMask[BITS_TO_LONGS(GDB_NR_SYSCALLS)]; 27 28 /* User-mode specific state */ 29 typedef struct { 30 int fd; 31 char *socket_path; 32 int running_state; 33 /* 34 * Store syscalls mask without memory allocation in order to avoid 35 * implementing synchronization. 36 */ 37 bool catch_all_syscalls; 38 GDBSyscallsMask catch_syscalls_mask; 39 } GDBUserState; 40 41 static GDBUserState gdbserver_user_state; 42 43 int gdb_get_char(void) 44 { 45 uint8_t ch; 46 int ret; 47 48 for (;;) { 49 ret = recv(gdbserver_user_state.fd, &ch, 1, 0); 50 if (ret < 0) { 51 if (errno == ECONNRESET) { 52 gdbserver_user_state.fd = -1; 53 } 54 if (errno != EINTR) { 55 return -1; 56 } 57 } else if (ret == 0) { 58 close(gdbserver_user_state.fd); 59 gdbserver_user_state.fd = -1; 60 return -1; 61 } else { 62 break; 63 } 64 } 65 return ch; 66 } 67 68 bool gdb_got_immediate_ack(void) 69 { 70 int i; 71 72 i = gdb_get_char(); 73 if (i < 0) { 74 /* no response, continue anyway */ 75 return true; 76 } 77 78 if (i == '+') { 79 /* received correctly, continue */ 80 return true; 81 } 82 83 /* anything else, including '-' then try again */ 84 return false; 85 } 86 87 void gdb_put_buffer(const uint8_t *buf, int len) 88 { 89 int ret; 90 91 while (len > 0) { 92 ret = send(gdbserver_user_state.fd, buf, len, 0); 93 if (ret < 0) { 94 if (errno != EINTR) { 95 return; 96 } 97 } else { 98 buf += ret; 99 len -= ret; 100 } 101 } 102 } 103 104 /* Tell the remote gdb that the process has exited. */ 105 void gdb_exit(int code) 106 { 107 char buf[4]; 108 109 if (!gdbserver_state.init) { 110 return; 111 } 112 if (gdbserver_user_state.socket_path) { 113 unlink(gdbserver_user_state.socket_path); 114 } 115 if (gdbserver_user_state.fd < 0) { 116 return; 117 } 118 119 trace_gdbstub_op_exiting((uint8_t)code); 120 121 if (gdbserver_state.allow_stop_reply) { 122 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code); 123 gdb_put_packet(buf); 124 gdbserver_state.allow_stop_reply = false; 125 } 126 127 } 128 129 void gdb_qemu_exit(int code) 130 { 131 exit(code); 132 } 133 134 int gdb_handlesig_reason(CPUState *cpu, int sig, const char *reason) 135 { 136 char buf[256]; 137 int n; 138 139 if (!gdbserver_state.init || gdbserver_user_state.fd < 0) { 140 return sig; 141 } 142 143 /* disable single step if it was enabled */ 144 cpu_single_step(cpu, 0); 145 tb_flush(cpu); 146 147 if (sig != 0) { 148 gdb_set_stop_cpu(cpu); 149 if (gdbserver_state.allow_stop_reply) { 150 g_string_printf(gdbserver_state.str_buf, 151 "T%02xthread:", gdb_target_signal_to_gdb(sig)); 152 gdb_append_thread_id(cpu, gdbserver_state.str_buf); 153 g_string_append_c(gdbserver_state.str_buf, ';'); 154 if (reason) { 155 g_string_append(gdbserver_state.str_buf, reason); 156 } 157 gdb_put_strbuf(); 158 gdbserver_state.allow_stop_reply = false; 159 } 160 } 161 /* 162 * gdb_put_packet() might have detected that the peer terminated the 163 * connection. 164 */ 165 if (gdbserver_user_state.fd < 0) { 166 return sig; 167 } 168 169 sig = 0; 170 gdbserver_state.state = RS_IDLE; 171 gdbserver_user_state.running_state = 0; 172 while (gdbserver_user_state.running_state == 0) { 173 n = read(gdbserver_user_state.fd, buf, 256); 174 if (n > 0) { 175 int i; 176 177 for (i = 0; i < n; i++) { 178 gdb_read_byte(buf[i]); 179 } 180 } else { 181 /* 182 * XXX: Connection closed. Should probably wait for another 183 * connection before continuing. 184 */ 185 if (n == 0) { 186 close(gdbserver_user_state.fd); 187 } 188 gdbserver_user_state.fd = -1; 189 return sig; 190 } 191 } 192 sig = gdbserver_state.signal; 193 gdbserver_state.signal = 0; 194 return sig; 195 } 196 197 /* Tell the remote gdb that the process has exited due to SIG. */ 198 void gdb_signalled(CPUArchState *env, int sig) 199 { 200 char buf[4]; 201 202 if (!gdbserver_state.init || gdbserver_user_state.fd < 0 || 203 !gdbserver_state.allow_stop_reply) { 204 return; 205 } 206 207 snprintf(buf, sizeof(buf), "X%02x", gdb_target_signal_to_gdb(sig)); 208 gdb_put_packet(buf); 209 gdbserver_state.allow_stop_reply = false; 210 } 211 212 static void gdb_accept_init(int fd) 213 { 214 gdb_init_gdbserver_state(); 215 gdb_create_default_process(&gdbserver_state); 216 gdbserver_state.processes[0].attached = true; 217 gdbserver_state.c_cpu = gdb_first_attached_cpu(); 218 gdbserver_state.g_cpu = gdbserver_state.c_cpu; 219 gdbserver_user_state.fd = fd; 220 } 221 222 static bool gdb_accept_socket(int gdb_fd) 223 { 224 int fd; 225 226 for (;;) { 227 fd = accept(gdb_fd, NULL, NULL); 228 if (fd < 0 && errno != EINTR) { 229 perror("accept socket"); 230 return false; 231 } else if (fd >= 0) { 232 qemu_set_cloexec(fd); 233 break; 234 } 235 } 236 237 gdb_accept_init(fd); 238 return true; 239 } 240 241 static int gdbserver_open_socket(const char *path) 242 { 243 struct sockaddr_un sockaddr = {}; 244 int fd, ret; 245 246 fd = socket(AF_UNIX, SOCK_STREAM, 0); 247 if (fd < 0) { 248 perror("create socket"); 249 return -1; 250 } 251 252 sockaddr.sun_family = AF_UNIX; 253 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path); 254 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 255 if (ret < 0) { 256 perror("bind socket"); 257 close(fd); 258 return -1; 259 } 260 ret = listen(fd, 1); 261 if (ret < 0) { 262 perror("listen socket"); 263 close(fd); 264 return -1; 265 } 266 267 return fd; 268 } 269 270 static bool gdb_accept_tcp(int gdb_fd) 271 { 272 struct sockaddr_in sockaddr = {}; 273 socklen_t len; 274 int fd; 275 276 for (;;) { 277 len = sizeof(sockaddr); 278 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len); 279 if (fd < 0 && errno != EINTR) { 280 perror("accept"); 281 return false; 282 } else if (fd >= 0) { 283 qemu_set_cloexec(fd); 284 break; 285 } 286 } 287 288 /* set short latency */ 289 if (socket_set_nodelay(fd)) { 290 perror("setsockopt"); 291 close(fd); 292 return false; 293 } 294 295 gdb_accept_init(fd); 296 return true; 297 } 298 299 static int gdbserver_open_port(int port) 300 { 301 struct sockaddr_in sockaddr; 302 int fd, ret; 303 304 fd = socket(PF_INET, SOCK_STREAM, 0); 305 if (fd < 0) { 306 perror("socket"); 307 return -1; 308 } 309 qemu_set_cloexec(fd); 310 311 socket_set_fast_reuse(fd); 312 313 sockaddr.sin_family = AF_INET; 314 sockaddr.sin_port = htons(port); 315 sockaddr.sin_addr.s_addr = 0; 316 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 317 if (ret < 0) { 318 perror("bind"); 319 close(fd); 320 return -1; 321 } 322 ret = listen(fd, 1); 323 if (ret < 0) { 324 perror("listen"); 325 close(fd); 326 return -1; 327 } 328 329 return fd; 330 } 331 332 int gdbserver_start(const char *port_or_path) 333 { 334 int port = g_ascii_strtoull(port_or_path, NULL, 10); 335 int gdb_fd; 336 337 if (port > 0) { 338 gdb_fd = gdbserver_open_port(port); 339 } else { 340 gdb_fd = gdbserver_open_socket(port_or_path); 341 } 342 343 if (gdb_fd < 0) { 344 return -1; 345 } 346 347 if (port > 0 && gdb_accept_tcp(gdb_fd)) { 348 return 0; 349 } else if (gdb_accept_socket(gdb_fd)) { 350 gdbserver_user_state.socket_path = g_strdup(port_or_path); 351 return 0; 352 } 353 354 /* gone wrong */ 355 close(gdb_fd); 356 return -1; 357 } 358 359 void gdbserver_fork_start(void) 360 { 361 } 362 363 static void disable_gdbstub(CPUState *thread_cpu) 364 { 365 CPUState *cpu; 366 367 close(gdbserver_user_state.fd); 368 gdbserver_user_state.fd = -1; 369 CPU_FOREACH(cpu) { 370 cpu_breakpoint_remove_all(cpu, BP_GDB); 371 /* no cpu_watchpoint_remove_all for user-mode */ 372 cpu_single_step(cpu, 0); 373 } 374 tb_flush(thread_cpu); 375 } 376 377 /* Disable gdb stub for child processes. */ 378 void gdbserver_fork(CPUState *cpu) 379 { 380 if (!gdbserver_state.init || gdbserver_user_state.fd < 0) { 381 return; 382 } 383 disable_gdbstub(cpu); 384 } 385 386 /* 387 * Execution state helpers 388 */ 389 390 void gdb_handle_query_attached(GArray *params, void *user_ctx) 391 { 392 gdb_put_packet("0"); 393 } 394 395 void gdb_continue(void) 396 { 397 gdbserver_user_state.running_state = 1; 398 trace_gdbstub_op_continue(); 399 } 400 401 /* 402 * Resume execution, for user-mode emulation it's equivalent to 403 * gdb_continue. 404 */ 405 int gdb_continue_partial(char *newstates) 406 { 407 CPUState *cpu; 408 int res = 0; 409 /* 410 * This is not exactly accurate, but it's an improvement compared to the 411 * previous situation, where only one CPU would be single-stepped. 412 */ 413 CPU_FOREACH(cpu) { 414 if (newstates[cpu->cpu_index] == 's') { 415 trace_gdbstub_op_stepping(cpu->cpu_index); 416 cpu_single_step(cpu, gdbserver_state.sstep_flags); 417 } 418 } 419 gdbserver_user_state.running_state = 1; 420 return res; 421 } 422 423 /* 424 * Memory access helpers 425 */ 426 int gdb_target_memory_rw_debug(CPUState *cpu, hwaddr addr, 427 uint8_t *buf, int len, bool is_write) 428 { 429 CPUClass *cc; 430 431 cc = CPU_GET_CLASS(cpu); 432 if (cc->memory_rw_debug) { 433 return cc->memory_rw_debug(cpu, addr, buf, len, is_write); 434 } 435 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write); 436 } 437 438 /* 439 * cpu helpers 440 */ 441 442 unsigned int gdb_get_max_cpus(void) 443 { 444 CPUState *cpu; 445 unsigned int max_cpus = 1; 446 447 CPU_FOREACH(cpu) { 448 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus; 449 } 450 451 return max_cpus; 452 } 453 454 /* replay not supported for user-mode */ 455 bool gdb_can_reverse(void) 456 { 457 return false; 458 } 459 460 /* 461 * Break/Watch point helpers 462 */ 463 464 bool gdb_supports_guest_debug(void) 465 { 466 /* user-mode == TCG == supported */ 467 return true; 468 } 469 470 int gdb_breakpoint_insert(CPUState *cs, int type, vaddr addr, vaddr len) 471 { 472 CPUState *cpu; 473 int err = 0; 474 475 switch (type) { 476 case GDB_BREAKPOINT_SW: 477 case GDB_BREAKPOINT_HW: 478 CPU_FOREACH(cpu) { 479 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL); 480 if (err) { 481 break; 482 } 483 } 484 return err; 485 default: 486 /* user-mode doesn't support watchpoints */ 487 return -ENOSYS; 488 } 489 } 490 491 int gdb_breakpoint_remove(CPUState *cs, int type, vaddr addr, vaddr len) 492 { 493 CPUState *cpu; 494 int err = 0; 495 496 switch (type) { 497 case GDB_BREAKPOINT_SW: 498 case GDB_BREAKPOINT_HW: 499 CPU_FOREACH(cpu) { 500 err = cpu_breakpoint_remove(cpu, addr, BP_GDB); 501 if (err) { 502 break; 503 } 504 } 505 return err; 506 default: 507 /* user-mode doesn't support watchpoints */ 508 return -ENOSYS; 509 } 510 } 511 512 void gdb_breakpoint_remove_all(CPUState *cs) 513 { 514 cpu_breakpoint_remove_all(cs, BP_GDB); 515 } 516 517 /* 518 * For user-mode syscall support we send the system call immediately 519 * and then return control to gdb for it to process the syscall request. 520 * Since the protocol requires that gdb hands control back to us 521 * using a "here are the results" F packet, we don't need to check 522 * gdb_handlesig's return value (which is the signal to deliver if 523 * execution was resumed via a continue packet). 524 */ 525 void gdb_syscall_handling(const char *syscall_packet) 526 { 527 gdb_put_packet(syscall_packet); 528 gdb_handlesig(gdbserver_state.c_cpu, 0); 529 } 530 531 static bool should_catch_syscall(int num) 532 { 533 if (gdbserver_user_state.catch_all_syscalls) { 534 return true; 535 } 536 if (num < 0 || num >= GDB_NR_SYSCALLS) { 537 return false; 538 } 539 return test_bit(num, gdbserver_user_state.catch_syscalls_mask); 540 } 541 542 void gdb_syscall_entry(CPUState *cs, int num) 543 { 544 if (should_catch_syscall(num)) { 545 g_autofree char *reason = g_strdup_printf("syscall_entry:%x;", num); 546 gdb_handlesig_reason(cs, gdb_target_sigtrap(), reason); 547 } 548 } 549 550 void gdb_syscall_return(CPUState *cs, int num) 551 { 552 if (should_catch_syscall(num)) { 553 g_autofree char *reason = g_strdup_printf("syscall_return:%x;", num); 554 gdb_handlesig_reason(cs, gdb_target_sigtrap(), reason); 555 } 556 } 557 558 void gdb_handle_set_catch_syscalls(GArray *params, void *user_ctx) 559 { 560 const char *param = get_param(params, 0)->data; 561 GDBSyscallsMask catch_syscalls_mask; 562 bool catch_all_syscalls; 563 unsigned int num; 564 const char *p; 565 566 /* "0" means not catching any syscalls. */ 567 if (strcmp(param, "0") == 0) { 568 gdbserver_user_state.catch_all_syscalls = false; 569 memset(gdbserver_user_state.catch_syscalls_mask, 0, 570 sizeof(gdbserver_user_state.catch_syscalls_mask)); 571 gdb_put_packet("OK"); 572 return; 573 } 574 575 /* "1" means catching all syscalls. */ 576 if (strcmp(param, "1") == 0) { 577 gdbserver_user_state.catch_all_syscalls = true; 578 gdb_put_packet("OK"); 579 return; 580 } 581 582 /* 583 * "1;..." means catching only the specified syscalls. 584 * The syscall list must not be empty. 585 */ 586 if (param[0] == '1' && param[1] == ';') { 587 catch_all_syscalls = false; 588 memset(catch_syscalls_mask, 0, sizeof(catch_syscalls_mask)); 589 for (p = ¶m[2];; p++) { 590 if (qemu_strtoui(p, &p, 16, &num) || (*p && *p != ';')) { 591 goto err; 592 } 593 if (num >= GDB_NR_SYSCALLS) { 594 /* 595 * Fall back to reporting all syscalls. Reporting extra 596 * syscalls is inefficient, but the spec explicitly allows it. 597 * Keep parsing in case there is a syntax error ahead. 598 */ 599 catch_all_syscalls = true; 600 } else { 601 set_bit(num, catch_syscalls_mask); 602 } 603 if (!*p) { 604 break; 605 } 606 } 607 gdbserver_user_state.catch_all_syscalls = catch_all_syscalls; 608 if (!catch_all_syscalls) { 609 memcpy(gdbserver_user_state.catch_syscalls_mask, 610 catch_syscalls_mask, sizeof(catch_syscalls_mask)); 611 } 612 gdb_put_packet("OK"); 613 return; 614 } 615 616 err: 617 gdb_put_packet("E00"); 618 } 619