linux/kernel/debug/gdbstub.c
<<
>>
Prefs
   1/*
   2 * Kernel Debug Core
   3 *
   4 * Maintainer: Jason Wessel <jason.wessel@windriver.com>
   5 *
   6 * Copyright (C) 2000-2001 VERITAS Software Corporation.
   7 * Copyright (C) 2002-2004 Timesys Corporation
   8 * Copyright (C) 2003-2004 Amit S. Kale <amitkale@linsyssoft.com>
   9 * Copyright (C) 2004 Pavel Machek <pavel@ucw.cz>
  10 * Copyright (C) 2004-2006 Tom Rini <trini@kernel.crashing.org>
  11 * Copyright (C) 2004-2006 LinSysSoft Technologies Pvt. Ltd.
  12 * Copyright (C) 2005-2009 Wind River Systems, Inc.
  13 * Copyright (C) 2007 MontaVista Software, Inc.
  14 * Copyright (C) 2008 Red Hat, Inc., Ingo Molnar <mingo@redhat.com>
  15 *
  16 * Contributors at various stages not listed above:
  17 *  Jason Wessel ( jason.wessel@windriver.com )
  18 *  George Anzinger <george@mvista.com>
  19 *  Anurekh Saxena (anurekh.saxena@timesys.com)
  20 *  Lake Stevens Instrument Division (Glenn Engel)
  21 *  Jim Kingdon, Cygnus Support.
  22 *
  23 * Original KGDB stub: David Grothe <dave@gcom.com>,
  24 * Tigran Aivazian <tigran@sco.com>
  25 *
  26 * This file is licensed under the terms of the GNU General Public License
  27 * version 2. This program is licensed "as is" without any warranty of any
  28 * kind, whether express or implied.
  29 */
  30
  31#include <linux/kernel.h>
  32#include <linux/sched/signal.h>
  33#include <linux/kgdb.h>
  34#include <linux/kdb.h>
  35#include <linux/serial_core.h>
  36#include <linux/reboot.h>
  37#include <linux/uaccess.h>
  38#include <asm/cacheflush.h>
  39#include <asm/unaligned.h>
  40#include "debug_core.h"
  41
  42#define KGDB_MAX_THREAD_QUERY 17
  43
  44/* Our I/O buffers. */
  45static char                     remcom_in_buffer[BUFMAX];
  46static char                     remcom_out_buffer[BUFMAX];
  47static int                      gdbstub_use_prev_in_buf;
  48static int                      gdbstub_prev_in_buf_pos;
  49
  50/* Storage for the registers, in GDB format. */
  51static unsigned long            gdb_regs[(NUMREGBYTES +
  52                                        sizeof(unsigned long) - 1) /
  53                                        sizeof(unsigned long)];
  54
  55/*
  56 * GDB remote protocol parser:
  57 */
  58
  59#ifdef CONFIG_KGDB_KDB
  60static int gdbstub_read_wait(void)
  61{
  62        int ret = -1;
  63        int i;
  64
  65        if (unlikely(gdbstub_use_prev_in_buf)) {
  66                if (gdbstub_prev_in_buf_pos < gdbstub_use_prev_in_buf)
  67                        return remcom_in_buffer[gdbstub_prev_in_buf_pos++];
  68                else
  69                        gdbstub_use_prev_in_buf = 0;
  70        }
  71
  72        /* poll any additional I/O interfaces that are defined */
  73        while (ret < 0)
  74                for (i = 0; kdb_poll_funcs[i] != NULL; i++) {
  75                        ret = kdb_poll_funcs[i]();
  76                        if (ret > 0)
  77                                break;
  78                }
  79        return ret;
  80}
  81#else
  82static int gdbstub_read_wait(void)
  83{
  84        int ret = dbg_io_ops->read_char();
  85        while (ret == NO_POLL_CHAR)
  86                ret = dbg_io_ops->read_char();
  87        return ret;
  88}
  89#endif
  90/* scan for the sequence $<data>#<checksum> */
  91static void get_packet(char *buffer)
  92{
  93        unsigned char checksum;
  94        unsigned char xmitcsum;
  95        int count;
  96        char ch;
  97
  98        do {
  99                /*
 100                 * Spin and wait around for the start character, ignore all
 101                 * other characters:
 102                 */
 103                while ((ch = (gdbstub_read_wait())) != '$')
 104                        /* nothing */;
 105
 106                kgdb_connected = 1;
 107                checksum = 0;
 108                xmitcsum = -1;
 109
 110                count = 0;
 111
 112                /*
 113                 * now, read until a # or end of buffer is found:
 114                 */
 115                while (count < (BUFMAX - 1)) {
 116                        ch = gdbstub_read_wait();
 117                        if (ch == '#')
 118                                break;
 119                        checksum = checksum + ch;
 120                        buffer[count] = ch;
 121                        count = count + 1;
 122                }
 123
 124                if (ch == '#') {
 125                        xmitcsum = hex_to_bin(gdbstub_read_wait()) << 4;
 126                        xmitcsum += hex_to_bin(gdbstub_read_wait());
 127
 128                        if (checksum != xmitcsum)
 129                                /* failed checksum */
 130                                dbg_io_ops->write_char('-');
 131                        else
 132                                /* successful transfer */
 133                                dbg_io_ops->write_char('+');
 134                        if (dbg_io_ops->flush)
 135                                dbg_io_ops->flush();
 136                }
 137                buffer[count] = 0;
 138        } while (checksum != xmitcsum);
 139}
 140
 141/*
 142 * Send the packet in buffer.
 143 * Check for gdb connection if asked for.
 144 */
 145static void put_packet(char *buffer)
 146{
 147        unsigned char checksum;
 148        int count;
 149        char ch;
 150
 151        /*
 152         * $<packet info>#<checksum>.
 153         */
 154        while (1) {
 155                dbg_io_ops->write_char('$');
 156                checksum = 0;
 157                count = 0;
 158
 159                while ((ch = buffer[count])) {
 160                        dbg_io_ops->write_char(ch);
 161                        checksum += ch;
 162                        count++;
 163                }
 164
 165                dbg_io_ops->write_char('#');
 166                dbg_io_ops->write_char(hex_asc_hi(checksum));
 167                dbg_io_ops->write_char(hex_asc_lo(checksum));
 168                if (dbg_io_ops->flush)
 169                        dbg_io_ops->flush();
 170
 171                /* Now see what we get in reply. */
 172                ch = gdbstub_read_wait();
 173
 174                if (ch == 3)
 175                        ch = gdbstub_read_wait();
 176
 177                /* If we get an ACK, we are done. */
 178                if (ch == '+')
 179                        return;
 180
 181                /*
 182                 * If we get the start of another packet, this means
 183                 * that GDB is attempting to reconnect.  We will NAK
 184                 * the packet being sent, and stop trying to send this
 185                 * packet.
 186                 */
 187                if (ch == '$') {
 188                        dbg_io_ops->write_char('-');
 189                        if (dbg_io_ops->flush)
 190                                dbg_io_ops->flush();
 191                        return;
 192                }
 193        }
 194}
 195
 196static char gdbmsgbuf[BUFMAX + 1];
 197
 198void gdbstub_msg_write(const char *s, int len)
 199{
 200        char *bufptr;
 201        int wcount;
 202        int i;
 203
 204        if (len == 0)
 205                len = strlen(s);
 206
 207        /* 'O'utput */
 208        gdbmsgbuf[0] = 'O';
 209
 210        /* Fill and send buffers... */
 211        while (len > 0) {
 212                bufptr = gdbmsgbuf + 1;
 213
 214                /* Calculate how many this time */
 215                if ((len << 1) > (BUFMAX - 2))
 216                        wcount = (BUFMAX - 2) >> 1;
 217                else
 218                        wcount = len;
 219
 220                /* Pack in hex chars */
 221                for (i = 0; i < wcount; i++)
 222                        bufptr = hex_byte_pack(bufptr, s[i]);
 223                *bufptr = '\0';
 224
 225                /* Move up */
 226                s += wcount;
 227                len -= wcount;
 228
 229                /* Write packet */
 230                put_packet(gdbmsgbuf);
 231        }
 232}
 233
 234/*
 235 * Convert the memory pointed to by mem into hex, placing result in
 236 * buf.  Return a pointer to the last char put in buf (null). May
 237 * return an error.
 238 */
 239char *kgdb_mem2hex(char *mem, char *buf, int count)
 240{
 241        char *tmp;
 242        int err;
 243
 244        /*
 245         * We use the upper half of buf as an intermediate buffer for the
 246         * raw memory copy.  Hex conversion will work against this one.
 247         */
 248        tmp = buf + count;
 249
 250        err = copy_from_kernel_nofault(tmp, mem, count);
 251        if (err)
 252                return NULL;
 253        while (count > 0) {
 254                buf = hex_byte_pack(buf, *tmp);
 255                tmp++;
 256                count--;
 257        }
 258        *buf = 0;
 259
 260        return buf;
 261}
 262
 263/*
 264 * Convert the hex array pointed to by buf into binary to be placed in
 265 * mem.  Return a pointer to the character AFTER the last byte
 266 * written.  May return an error.
 267 */
 268int kgdb_hex2mem(char *buf, char *mem, int count)
 269{
 270        char *tmp_raw;
 271        char *tmp_hex;
 272
 273        /*
 274         * We use the upper half of buf as an intermediate buffer for the
 275         * raw memory that is converted from hex.
 276         */
 277        tmp_raw = buf + count * 2;
 278
 279        tmp_hex = tmp_raw - 1;
 280        while (tmp_hex >= buf) {
 281                tmp_raw--;
 282                *tmp_raw = hex_to_bin(*tmp_hex--);
 283                *tmp_raw |= hex_to_bin(*tmp_hex--) << 4;
 284        }
 285
 286        return copy_to_kernel_nofault(mem, tmp_raw, count);
 287}
 288
 289/*
 290 * While we find nice hex chars, build a long_val.
 291 * Return number of chars processed.
 292 */
 293int kgdb_hex2long(char **ptr, unsigned long *long_val)
 294{
 295        int hex_val;
 296        int num = 0;
 297        int negate = 0;
 298
 299        *long_val = 0;
 300
 301        if (**ptr == '-') {
 302                negate = 1;
 303                (*ptr)++;
 304        }
 305        while (**ptr) {
 306                hex_val = hex_to_bin(**ptr);
 307                if (hex_val < 0)
 308                        break;
 309
 310                *long_val = (*long_val << 4) | hex_val;
 311                num++;
 312                (*ptr)++;
 313        }
 314
 315        if (negate)
 316                *long_val = -*long_val;
 317
 318        return num;
 319}
 320
 321/*
 322 * Copy the binary array pointed to by buf into mem.  Fix $, #, and
 323 * 0x7d escaped with 0x7d. Return -EFAULT on failure or 0 on success.
 324 * The input buf is overwritten with the result to write to mem.
 325 */
 326static int kgdb_ebin2mem(char *buf, char *mem, int count)
 327{
 328        int size = 0;
 329        char *c = buf;
 330
 331        while (count-- > 0) {
 332                c[size] = *buf++;
 333                if (c[size] == 0x7d)
 334                        c[size] = *buf++ ^ 0x20;
 335                size++;
 336        }
 337
 338        return copy_to_kernel_nofault(mem, c, size);
 339}
 340
 341#if DBG_MAX_REG_NUM > 0
 342void pt_regs_to_gdb_regs(unsigned long *gdb_regs, struct pt_regs *regs)
 343{
 344        int i;
 345        int idx = 0;
 346        char *ptr = (char *)gdb_regs;
 347
 348        for (i = 0; i < DBG_MAX_REG_NUM; i++) {
 349                dbg_get_reg(i, ptr + idx, regs);
 350                idx += dbg_reg_def[i].size;
 351        }
 352}
 353
 354void gdb_regs_to_pt_regs(unsigned long *gdb_regs, struct pt_regs *regs)
 355{
 356        int i;
 357        int idx = 0;
 358        char *ptr = (char *)gdb_regs;
 359
 360        for (i = 0; i < DBG_MAX_REG_NUM; i++) {
 361                dbg_set_reg(i, ptr + idx, regs);
 362                idx += dbg_reg_def[i].size;
 363        }
 364}
 365#endif /* DBG_MAX_REG_NUM > 0 */
 366
 367/* Write memory due to an 'M' or 'X' packet. */
 368static int write_mem_msg(int binary)
 369{
 370        char *ptr = &remcom_in_buffer[1];
 371        unsigned long addr;
 372        unsigned long length;
 373        int err;
 374
 375        if (kgdb_hex2long(&ptr, &addr) > 0 && *(ptr++) == ',' &&
 376            kgdb_hex2long(&ptr, &length) > 0 && *(ptr++) == ':') {
 377                if (binary)
 378                        err = kgdb_ebin2mem(ptr, (char *)addr, length);
 379                else
 380                        err = kgdb_hex2mem(ptr, (char *)addr, length);
 381                if (err)
 382                        return err;
 383                if (CACHE_FLUSH_IS_SAFE)
 384                        flush_icache_range(addr, addr + length);
 385                return 0;
 386        }
 387
 388        return -EINVAL;
 389}
 390
 391static void error_packet(char *pkt, int error)
 392{
 393        error = -error;
 394        pkt[0] = 'E';
 395        pkt[1] = hex_asc[(error / 10)];
 396        pkt[2] = hex_asc[(error % 10)];
 397        pkt[3] = '\0';
 398}
 399
 400/*
 401 * Thread ID accessors. We represent a flat TID space to GDB, where
 402 * the per CPU idle threads (which under Linux all have PID 0) are
 403 * remapped to negative TIDs.
 404 */
 405
 406#define BUF_THREAD_ID_SIZE      8
 407
 408static char *pack_threadid(char *pkt, unsigned char *id)
 409{
 410        unsigned char *limit;
 411        int lzero = 1;
 412
 413        limit = id + (BUF_THREAD_ID_SIZE / 2);
 414        while (id < limit) {
 415                if (!lzero || *id != 0) {
 416                        pkt = hex_byte_pack(pkt, *id);
 417                        lzero = 0;
 418                }
 419                id++;
 420        }
 421
 422        if (lzero)
 423                pkt = hex_byte_pack(pkt, 0);
 424
 425        return pkt;
 426}
 427
 428static void int_to_threadref(unsigned char *id, int value)
 429{
 430        put_unaligned_be32(value, id);
 431}
 432
 433static struct task_struct *getthread(struct pt_regs *regs, int tid)
 434{
 435        /*
 436         * Non-positive TIDs are remapped to the cpu shadow information
 437         */
 438        if (tid == 0 || tid == -1)
 439                tid = -atomic_read(&kgdb_active) - 2;
 440        if (tid < -1 && tid > -NR_CPUS - 2) {
 441                if (kgdb_info[-tid - 2].task)
 442                        return kgdb_info[-tid - 2].task;
 443                else
 444                        return idle_task(-tid - 2);
 445        }
 446        if (tid <= 0) {
 447                printk(KERN_ERR "KGDB: Internal thread select error\n");
 448                dump_stack();
 449                return NULL;
 450        }
 451
 452        /*
 453         * find_task_by_pid_ns() does not take the tasklist lock anymore
 454         * but is nicely RCU locked - hence is a pretty resilient
 455         * thing to use:
 456         */
 457        return find_task_by_pid_ns(tid, &init_pid_ns);
 458}
 459
 460
 461/*
 462 * Remap normal tasks to their real PID,
 463 * CPU shadow threads are mapped to -CPU - 2
 464 */
 465static inline int shadow_pid(int realpid)
 466{
 467        if (realpid)
 468                return realpid;
 469
 470        return -raw_smp_processor_id() - 2;
 471}
 472
 473/*
 474 * All the functions that start with gdb_cmd are the various
 475 * operations to implement the handlers for the gdbserial protocol
 476 * where KGDB is communicating with an external debugger
 477 */
 478
 479/* Handle the '?' status packets */
 480static void gdb_cmd_status(struct kgdb_state *ks)
 481{
 482        /*
 483         * We know that this packet is only sent
 484         * during initial connect.  So to be safe,
 485         * we clear out our breakpoints now in case
 486         * GDB is reconnecting.
 487         */
 488        dbg_remove_all_break();
 489
 490        remcom_out_buffer[0] = 'S';
 491        hex_byte_pack(&remcom_out_buffer[1], ks->signo);
 492}
 493
 494static void gdb_get_regs_helper(struct kgdb_state *ks)
 495{
 496        struct task_struct *thread;
 497        void *local_debuggerinfo;
 498        int i;
 499
 500        thread = kgdb_usethread;
 501        if (!thread) {
 502                thread = kgdb_info[ks->cpu].task;
 503                local_debuggerinfo = kgdb_info[ks->cpu].debuggerinfo;
 504        } else {
 505                local_debuggerinfo = NULL;
 506                for_each_online_cpu(i) {
 507                        /*
 508                         * Try to find the task on some other
 509                         * or possibly this node if we do not
 510                         * find the matching task then we try
 511                         * to approximate the results.
 512                         */
 513                        if (thread == kgdb_info[i].task)
 514                                local_debuggerinfo = kgdb_info[i].debuggerinfo;
 515                }
 516        }
 517
 518        /*
 519         * All threads that don't have debuggerinfo should be
 520         * in schedule() sleeping, since all other CPUs
 521         * are in kgdb_wait, and thus have debuggerinfo.
 522         */
 523        if (local_debuggerinfo) {
 524                pt_regs_to_gdb_regs(gdb_regs, local_debuggerinfo);
 525        } else {
 526                /*
 527                 * Pull stuff saved during switch_to; nothing
 528                 * else is accessible (or even particularly
 529                 * relevant).
 530                 *
 531                 * This should be enough for a stack trace.
 532                 */
 533                sleeping_thread_to_gdb_regs(gdb_regs, thread);
 534        }
 535}
 536
 537/* Handle the 'g' get registers request */
 538static void gdb_cmd_getregs(struct kgdb_state *ks)
 539{
 540        gdb_get_regs_helper(ks);
 541        kgdb_mem2hex((char *)gdb_regs, remcom_out_buffer, NUMREGBYTES);
 542}
 543
 544/* Handle the 'G' set registers request */
 545static void gdb_cmd_setregs(struct kgdb_state *ks)
 546{
 547        kgdb_hex2mem(&remcom_in_buffer[1], (char *)gdb_regs, NUMREGBYTES);
 548
 549        if (kgdb_usethread && kgdb_usethread != current) {
 550                error_packet(remcom_out_buffer, -EINVAL);
 551        } else {
 552                gdb_regs_to_pt_regs(gdb_regs, ks->linux_regs);
 553                strcpy(remcom_out_buffer, "OK");
 554        }
 555}
 556
 557/* Handle the 'm' memory read bytes */
 558static void gdb_cmd_memread(struct kgdb_state *ks)
 559{
 560        char *ptr = &remcom_in_buffer[1];
 561        unsigned long length;
 562        unsigned long addr;
 563        char *err;
 564
 565        if (kgdb_hex2long(&ptr, &addr) > 0 && *ptr++ == ',' &&
 566                                        kgdb_hex2long(&ptr, &length) > 0) {
 567                err = kgdb_mem2hex((char *)addr, remcom_out_buffer, length);
 568                if (!err)
 569                        error_packet(remcom_out_buffer, -EINVAL);
 570        } else {
 571                error_packet(remcom_out_buffer, -EINVAL);
 572        }
 573}
 574
 575/* Handle the 'M' memory write bytes */
 576static void gdb_cmd_memwrite(struct kgdb_state *ks)
 577{
 578        int err = write_mem_msg(0);
 579
 580        if (err)
 581                error_packet(remcom_out_buffer, err);
 582        else
 583                strcpy(remcom_out_buffer, "OK");
 584}
 585
 586#if DBG_MAX_REG_NUM > 0
 587static char *gdb_hex_reg_helper(int regnum, char *out)
 588{
 589        int i;
 590        int offset = 0;
 591
 592        for (i = 0; i < regnum; i++)
 593                offset += dbg_reg_def[i].size;
 594        return kgdb_mem2hex((char *)gdb_regs + offset, out,
 595                            dbg_reg_def[i].size);
 596}
 597
 598/* Handle the 'p' individual regster get */
 599static void gdb_cmd_reg_get(struct kgdb_state *ks)
 600{
 601        unsigned long regnum;
 602        char *ptr = &remcom_in_buffer[1];
 603
 604        kgdb_hex2long(&ptr, &regnum);
 605        if (regnum >= DBG_MAX_REG_NUM) {
 606                error_packet(remcom_out_buffer, -EINVAL);
 607                return;
 608        }
 609        gdb_get_regs_helper(ks);
 610        gdb_hex_reg_helper(regnum, remcom_out_buffer);
 611}
 612
 613/* Handle the 'P' individual regster set */
 614static void gdb_cmd_reg_set(struct kgdb_state *ks)
 615{
 616        unsigned long regnum;
 617        char *ptr = &remcom_in_buffer[1];
 618        int i = 0;
 619
 620        kgdb_hex2long(&ptr, &regnum);
 621        if (*ptr++ != '=' ||
 622            !(!kgdb_usethread || kgdb_usethread == current) ||
 623            !dbg_get_reg(regnum, gdb_regs, ks->linux_regs)) {
 624                error_packet(remcom_out_buffer, -EINVAL);
 625                return;
 626        }
 627        memset(gdb_regs, 0, sizeof(gdb_regs));
 628        while (i < sizeof(gdb_regs) * 2)
 629                if (hex_to_bin(ptr[i]) >= 0)
 630                        i++;
 631                else
 632                        break;
 633        i = i / 2;
 634        kgdb_hex2mem(ptr, (char *)gdb_regs, i);
 635        dbg_set_reg(regnum, gdb_regs, ks->linux_regs);
 636        strcpy(remcom_out_buffer, "OK");
 637}
 638#endif /* DBG_MAX_REG_NUM > 0 */
 639
 640/* Handle the 'X' memory binary write bytes */
 641static void gdb_cmd_binwrite(struct kgdb_state *ks)
 642{
 643        int err = write_mem_msg(1);
 644
 645        if (err)
 646                error_packet(remcom_out_buffer, err);
 647        else
 648                strcpy(remcom_out_buffer, "OK");
 649}
 650
 651/* Handle the 'D' or 'k', detach or kill packets */
 652static void gdb_cmd_detachkill(struct kgdb_state *ks)
 653{
 654        int error;
 655
 656        /* The detach case */
 657        if (remcom_in_buffer[0] == 'D') {
 658                error = dbg_remove_all_break();
 659                if (error < 0) {
 660                        error_packet(remcom_out_buffer, error);
 661                } else {
 662                        strcpy(remcom_out_buffer, "OK");
 663                        kgdb_connected = 0;
 664                }
 665                put_packet(remcom_out_buffer);
 666        } else {
 667                /*
 668                 * Assume the kill case, with no exit code checking,
 669                 * trying to force detach the debugger:
 670                 */
 671                dbg_remove_all_break();
 672                kgdb_connected = 0;
 673        }
 674}
 675
 676/* Handle the 'R' reboot packets */
 677static int gdb_cmd_reboot(struct kgdb_state *ks)
 678{
 679        /* For now, only honor R0 */
 680        if (strcmp(remcom_in_buffer, "R0") == 0) {
 681                printk(KERN_CRIT "Executing emergency reboot\n");
 682                strcpy(remcom_out_buffer, "OK");
 683                put_packet(remcom_out_buffer);
 684
 685                /*
 686                 * Execution should not return from
 687                 * machine_emergency_restart()
 688                 */
 689                machine_emergency_restart();
 690                kgdb_connected = 0;
 691
 692                return 1;
 693        }
 694        return 0;
 695}
 696
 697/* Handle the 'q' query packets */
 698static void gdb_cmd_query(struct kgdb_state *ks)
 699{
 700        struct task_struct *g;
 701        struct task_struct *p;
 702        unsigned char thref[BUF_THREAD_ID_SIZE];
 703        char *ptr;
 704        int i;
 705        int cpu;
 706        int finished = 0;
 707
 708        switch (remcom_in_buffer[1]) {
 709        case 's':
 710        case 'f':
 711                if (memcmp(remcom_in_buffer + 2, "ThreadInfo", 10))
 712                        break;
 713
 714                i = 0;
 715                remcom_out_buffer[0] = 'm';
 716                ptr = remcom_out_buffer + 1;
 717                if (remcom_in_buffer[1] == 'f') {
 718                        /* Each cpu is a shadow thread */
 719                        for_each_online_cpu(cpu) {
 720                                ks->thr_query = 0;
 721                                int_to_threadref(thref, -cpu - 2);
 722                                ptr = pack_threadid(ptr, thref);
 723                                *(ptr++) = ',';
 724                                i++;
 725                        }
 726                }
 727
 728                do_each_thread(g, p) {
 729                        if (i >= ks->thr_query && !finished) {
 730                                int_to_threadref(thref, p->pid);
 731                                ptr = pack_threadid(ptr, thref);
 732                                *(ptr++) = ',';
 733                                ks->thr_query++;
 734                                if (ks->thr_query % KGDB_MAX_THREAD_QUERY == 0)
 735                                        finished = 1;
 736                        }
 737                        i++;
 738                } while_each_thread(g, p);
 739
 740                *(--ptr) = '\0';
 741                break;
 742
 743        case 'C':
 744                /* Current thread id */
 745                strcpy(remcom_out_buffer, "QC");
 746                ks->threadid = shadow_pid(current->pid);
 747                int_to_threadref(thref, ks->threadid);
 748                pack_threadid(remcom_out_buffer + 2, thref);
 749                break;
 750        case 'T':
 751                if (memcmp(remcom_in_buffer + 1, "ThreadExtraInfo,", 16))
 752                        break;
 753
 754                ks->threadid = 0;
 755                ptr = remcom_in_buffer + 17;
 756                kgdb_hex2long(&ptr, &ks->threadid);
 757                if (!getthread(ks->linux_regs, ks->threadid)) {
 758                        error_packet(remcom_out_buffer, -EINVAL);
 759                        break;
 760                }
 761                if ((int)ks->threadid > 0) {
 762                        kgdb_mem2hex(getthread(ks->linux_regs,
 763                                        ks->threadid)->comm,
 764                                        remcom_out_buffer, 16);
 765                } else {
 766                        static char tmpstr[23 + BUF_THREAD_ID_SIZE];
 767
 768                        sprintf(tmpstr, "shadowCPU%d",
 769                                        (int)(-ks->threadid - 2));
 770                        kgdb_mem2hex(tmpstr, remcom_out_buffer, strlen(tmpstr));
 771                }
 772                break;
 773#ifdef CONFIG_KGDB_KDB
 774        case 'R':
 775                if (strncmp(remcom_in_buffer, "qRcmd,", 6) == 0) {
 776                        int len = strlen(remcom_in_buffer + 6);
 777
 778                        if ((len % 2) != 0) {
 779                                strcpy(remcom_out_buffer, "E01");
 780                                break;
 781                        }
 782                        kgdb_hex2mem(remcom_in_buffer + 6,
 783                                     remcom_out_buffer, len);
 784                        len = len / 2;
 785                        remcom_out_buffer[len++] = 0;
 786
 787                        kdb_common_init_state(ks);
 788                        kdb_parse(remcom_out_buffer);
 789                        kdb_common_deinit_state();
 790
 791                        strcpy(remcom_out_buffer, "OK");
 792                }
 793                break;
 794#endif
 795        }
 796}
 797
 798/* Handle the 'H' task query packets */
 799static void gdb_cmd_task(struct kgdb_state *ks)
 800{
 801        struct task_struct *thread;
 802        char *ptr;
 803
 804        switch (remcom_in_buffer[1]) {
 805        case 'g':
 806                ptr = &remcom_in_buffer[2];
 807                kgdb_hex2long(&ptr, &ks->threadid);
 808                thread = getthread(ks->linux_regs, ks->threadid);
 809                if (!thread && ks->threadid > 0) {
 810                        error_packet(remcom_out_buffer, -EINVAL);
 811                        break;
 812                }
 813                kgdb_usethread = thread;
 814                ks->kgdb_usethreadid = ks->threadid;
 815                strcpy(remcom_out_buffer, "OK");
 816                break;
 817        case 'c':
 818                ptr = &remcom_in_buffer[2];
 819                kgdb_hex2long(&ptr, &ks->threadid);
 820                if (!ks->threadid) {
 821                        kgdb_contthread = NULL;
 822                } else {
 823                        thread = getthread(ks->linux_regs, ks->threadid);
 824                        if (!thread && ks->threadid > 0) {
 825                                error_packet(remcom_out_buffer, -EINVAL);
 826                                break;
 827                        }
 828                        kgdb_contthread = thread;
 829                }
 830                strcpy(remcom_out_buffer, "OK");
 831                break;
 832        }
 833}
 834
 835/* Handle the 'T' thread query packets */
 836static void gdb_cmd_thread(struct kgdb_state *ks)
 837{
 838        char *ptr = &remcom_in_buffer[1];
 839        struct task_struct *thread;
 840
 841        kgdb_hex2long(&ptr, &ks->threadid);
 842        thread = getthread(ks->linux_regs, ks->threadid);
 843        if (thread)
 844                strcpy(remcom_out_buffer, "OK");
 845        else
 846                error_packet(remcom_out_buffer, -EINVAL);
 847}
 848
 849/* Handle the 'z' or 'Z' breakpoint remove or set packets */
 850static void gdb_cmd_break(struct kgdb_state *ks)
 851{
 852        /*
 853         * Since GDB-5.3, it's been drafted that '0' is a software
 854         * breakpoint, '1' is a hardware breakpoint, so let's do that.
 855         */
 856        char *bpt_type = &remcom_in_buffer[1];
 857        char *ptr = &remcom_in_buffer[2];
 858        unsigned long addr;
 859        unsigned long length;
 860        int error = 0;
 861
 862        if (arch_kgdb_ops.set_hw_breakpoint && *bpt_type >= '1') {
 863                /* Unsupported */
 864                if (*bpt_type > '4')
 865                        return;
 866        } else {
 867                if (*bpt_type != '0' && *bpt_type != '1')
 868                        /* Unsupported. */
 869                        return;
 870        }
 871
 872        /*
 873         * Test if this is a hardware breakpoint, and
 874         * if we support it:
 875         */
 876        if (*bpt_type == '1' && !(arch_kgdb_ops.flags & KGDB_HW_BREAKPOINT))
 877                /* Unsupported. */
 878                return;
 879
 880        if (*(ptr++) != ',') {
 881                error_packet(remcom_out_buffer, -EINVAL);
 882                return;
 883        }
 884        if (!kgdb_hex2long(&ptr, &addr)) {
 885                error_packet(remcom_out_buffer, -EINVAL);
 886                return;
 887        }
 888        if (*(ptr++) != ',' ||
 889                !kgdb_hex2long(&ptr, &length)) {
 890                error_packet(remcom_out_buffer, -EINVAL);
 891                return;
 892        }
 893
 894        if (remcom_in_buffer[0] == 'Z' && *bpt_type == '0')
 895                error = dbg_set_sw_break(addr);
 896        else if (remcom_in_buffer[0] == 'z' && *bpt_type == '0')
 897                error = dbg_remove_sw_break(addr);
 898        else if (remcom_in_buffer[0] == 'Z')
 899                error = arch_kgdb_ops.set_hw_breakpoint(addr,
 900                        (int)length, *bpt_type - '0');
 901        else if (remcom_in_buffer[0] == 'z')
 902                error = arch_kgdb_ops.remove_hw_breakpoint(addr,
 903                        (int) length, *bpt_type - '0');
 904
 905        if (error == 0)
 906                strcpy(remcom_out_buffer, "OK");
 907        else
 908                error_packet(remcom_out_buffer, error);
 909}
 910
 911/* Handle the 'C' signal / exception passing packets */
 912static int gdb_cmd_exception_pass(struct kgdb_state *ks)
 913{
 914        /* C09 == pass exception
 915         * C15 == detach kgdb, pass exception
 916         */
 917        if (remcom_in_buffer[1] == '0' && remcom_in_buffer[2] == '9') {
 918
 919                ks->pass_exception = 1;
 920                remcom_in_buffer[0] = 'c';
 921
 922        } else if (remcom_in_buffer[1] == '1' && remcom_in_buffer[2] == '5') {
 923
 924                ks->pass_exception = 1;
 925                remcom_in_buffer[0] = 'D';
 926                dbg_remove_all_break();
 927                kgdb_connected = 0;
 928                return 1;
 929
 930        } else {
 931                gdbstub_msg_write("KGDB only knows signal 9 (pass)"
 932                        " and 15 (pass and disconnect)\n"
 933                        "Executing a continue without signal passing\n", 0);
 934                remcom_in_buffer[0] = 'c';
 935        }
 936
 937        /* Indicate fall through */
 938        return -1;
 939}
 940
 941/*
 942 * This function performs all gdbserial command processing
 943 */
 944int gdb_serial_stub(struct kgdb_state *ks)
 945{
 946        int error = 0;
 947        int tmp;
 948
 949        /* Initialize comm buffer and globals. */
 950        memset(remcom_out_buffer, 0, sizeof(remcom_out_buffer));
 951        kgdb_usethread = kgdb_info[ks->cpu].task;
 952        ks->kgdb_usethreadid = shadow_pid(kgdb_info[ks->cpu].task->pid);
 953        ks->pass_exception = 0;
 954
 955        if (kgdb_connected) {
 956                unsigned char thref[BUF_THREAD_ID_SIZE];
 957                char *ptr;
 958
 959                /* Reply to host that an exception has occurred */
 960                ptr = remcom_out_buffer;
 961                *ptr++ = 'T';
 962                ptr = hex_byte_pack(ptr, ks->signo);
 963                ptr += strlen(strcpy(ptr, "thread:"));
 964                int_to_threadref(thref, shadow_pid(current->pid));
 965                ptr = pack_threadid(ptr, thref);
 966                *ptr++ = ';';
 967                put_packet(remcom_out_buffer);
 968        }
 969
 970        while (1) {
 971                error = 0;
 972
 973                /* Clear the out buffer. */
 974                memset(remcom_out_buffer, 0, sizeof(remcom_out_buffer));
 975
 976                get_packet(remcom_in_buffer);
 977
 978                switch (remcom_in_buffer[0]) {
 979                case '?': /* gdbserial status */
 980                        gdb_cmd_status(ks);
 981                        break;
 982                case 'g': /* return the value of the CPU registers */
 983                        gdb_cmd_getregs(ks);
 984                        break;
 985                case 'G': /* set the value of the CPU registers - return OK */
 986                        gdb_cmd_setregs(ks);
 987                        break;
 988                case 'm': /* mAA..AA,LLLL  Read LLLL bytes at address AA..AA */
 989                        gdb_cmd_memread(ks);
 990                        break;
 991                case 'M': /* MAA..AA,LLLL: Write LLLL bytes at address AA..AA */
 992                        gdb_cmd_memwrite(ks);
 993                        break;
 994#if DBG_MAX_REG_NUM > 0
 995                case 'p': /* pXX Return gdb register XX (in hex) */
 996                        gdb_cmd_reg_get(ks);
 997                        break;
 998                case 'P': /* PXX=aaaa Set gdb register XX to aaaa (in hex) */
 999                        gdb_cmd_reg_set(ks);
1000                        break;
1001#endif /* DBG_MAX_REG_NUM > 0 */
1002                case 'X': /* XAA..AA,LLLL: Write LLLL bytes at address AA..AA */
1003                        gdb_cmd_binwrite(ks);
1004                        break;
1005                        /* kill or detach. KGDB should treat this like a
1006                         * continue.
1007                         */
1008                case 'D': /* Debugger detach */
1009                case 'k': /* Debugger detach via kill */
1010                        gdb_cmd_detachkill(ks);
1011                        goto default_handle;
1012                case 'R': /* Reboot */
1013                        if (gdb_cmd_reboot(ks))
1014                                goto default_handle;
1015                        break;
1016                case 'q': /* query command */
1017                        gdb_cmd_query(ks);
1018                        break;
1019                case 'H': /* task related */
1020                        gdb_cmd_task(ks);
1021                        break;
1022                case 'T': /* Query thread status */
1023                        gdb_cmd_thread(ks);
1024                        break;
1025                case 'z': /* Break point remove */
1026                case 'Z': /* Break point set */
1027                        gdb_cmd_break(ks);
1028                        break;
1029#ifdef CONFIG_KGDB_KDB
1030                case '3': /* Escape into back into kdb */
1031                        if (remcom_in_buffer[1] == '\0') {
1032                                gdb_cmd_detachkill(ks);
1033                                return DBG_PASS_EVENT;
1034                        }
1035#endif
1036                case 'C': /* Exception passing */
1037                        tmp = gdb_cmd_exception_pass(ks);
1038                        if (tmp > 0)
1039                                goto default_handle;
1040                        if (tmp == 0)
1041                                break;
1042                        /* Fall through on tmp < 0 */
1043                case 'c': /* Continue packet */
1044                case 's': /* Single step packet */
1045                        if (kgdb_contthread && kgdb_contthread != current) {
1046                                /* Can't switch threads in kgdb */
1047                                error_packet(remcom_out_buffer, -EINVAL);
1048                                break;
1049                        }
1050                        dbg_activate_sw_breakpoints();
1051                        /* Fall through to default processing */
1052                default:
1053default_handle:
1054                        error = kgdb_arch_handle_exception(ks->ex_vector,
1055                                                ks->signo,
1056                                                ks->err_code,
1057                                                remcom_in_buffer,
1058                                                remcom_out_buffer,
1059                                                ks->linux_regs);
1060                        /*
1061                         * Leave cmd processing on error, detach,
1062                         * kill, continue, or single step.
1063                         */
1064                        if (error >= 0 || remcom_in_buffer[0] == 'D' ||
1065                            remcom_in_buffer[0] == 'k') {
1066                                error = 0;
1067                                goto kgdb_exit;
1068                        }
1069
1070                }
1071
1072                /* reply to the request */
1073                put_packet(remcom_out_buffer);
1074        }
1075
1076kgdb_exit:
1077        if (ks->pass_exception)
1078                error = 1;
1079        return error;
1080}
1081
1082int gdbstub_state(struct kgdb_state *ks, char *cmd)
1083{
1084        int error;
1085
1086        switch (cmd[0]) {
1087        case 'e':
1088                error = kgdb_arch_handle_exception(ks->ex_vector,
1089                                                   ks->signo,
1090                                                   ks->err_code,
1091                                                   remcom_in_buffer,
1092                                                   remcom_out_buffer,
1093                                                   ks->linux_regs);
1094                return error;
1095        case 's':
1096        case 'c':
1097                strcpy(remcom_in_buffer, cmd);
1098                return 0;
1099        case '$':
1100                strcpy(remcom_in_buffer, cmd);
1101                gdbstub_use_prev_in_buf = strlen(remcom_in_buffer);
1102                gdbstub_prev_in_buf_pos = 0;
1103                return 0;
1104        }
1105        dbg_io_ops->write_char('+');
1106        put_packet(remcom_out_buffer);
1107        return 0;
1108}
1109
1110/**
1111 * gdbstub_exit - Send an exit message to GDB
1112 * @status: The exit code to report.
1113 */
1114void gdbstub_exit(int status)
1115{
1116        unsigned char checksum, ch, buffer[3];
1117        int loop;
1118
1119        if (!kgdb_connected)
1120                return;
1121        kgdb_connected = 0;
1122
1123        if (!dbg_io_ops || dbg_kdb_mode)
1124                return;
1125
1126        buffer[0] = 'W';
1127        buffer[1] = hex_asc_hi(status);
1128        buffer[2] = hex_asc_lo(status);
1129
1130        dbg_io_ops->write_char('$');
1131        checksum = 0;
1132
1133        for (loop = 0; loop < 3; loop++) {
1134                ch = buffer[loop];
1135                checksum += ch;
1136                dbg_io_ops->write_char(ch);
1137        }
1138
1139        dbg_io_ops->write_char('#');
1140        dbg_io_ops->write_char(hex_asc_hi(checksum));
1141        dbg_io_ops->write_char(hex_asc_lo(checksum));
1142
1143        /* make sure the output is flushed, lest the bootloader clobber it */
1144        if (dbg_io_ops->flush)
1145                dbg_io_ops->flush();
1146}
1147