debuggers.hg

view xen/common/gdbstub.c @ 22855:1d1eec7e1fb4

xl: Perform minimal validation of virtual disk file while parsing config file

This patch performs some very basic validation on the virtual disk
file passed through the config file. This validation ensures that we
don't go too far with the initialization like spawn qemu and more
while there could be some potentially fundamental issues.

[ Patch fixed up to work with PHYSTYPE_EMPTY 22808:6ec61438713a -iwj ]

Signed-off-by: Kamala Narasimhan <kamala.narasimhan@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
author Kamala Narasimhan <kamala.narasimhan@gmail.com>
date Tue Jan 25 18:09:49 2011 +0000 (2011-01-25)
parents df955a89b53c
children
line source
1 /*
2 * Copyright (C) 2005 Jimi Xenidis <jimix@watson.ibm.com>, IBM Corporation
3 * Copyright (C) 2006 Isaku Yamahata <yamahata at valinux co jp>
4 * VA Linux Systems Japan. K.K.
5 *
6 * gdbstub arch neutral part
7 * Based on x86 cdb (xen/arch/x86/cdb.c) and ppc gdbstub(xen/common/gdbstub.c)
8 * But extensively modified.
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
25 /*
26 * gdbstub: implements the architecture independant parts of the
27 * gdb remote protocol.
28 */
30 /* We try to avoid assuming much about what the rest of the system is
31 doing. In particular, dynamic memory allocation is out of the
32 question. */
34 /* Resuming after we've stopped used to work, but more through luck
35 than any actual intention. It doesn't at the moment. */
37 #include <xen/lib.h>
38 #include <xen/spinlock.h>
39 #include <xen/serial.h>
40 #include <xen/irq.h>
41 #include <asm/debugger.h>
42 #include <xen/init.h>
43 #include <xen/smp.h>
44 #include <xen/console.h>
45 #include <xen/errno.h>
46 #include <xen/delay.h>
47 #include <xen/init.h>
48 #include <asm/byteorder.h>
50 /* Printk isn't particularly safe just after we've trapped to the
51 debugger. so avoid it. */
52 #define dbg_printk(...)
53 /*#define dbg_printk(...) printk(__VA_ARGS__)*/
55 #define GDB_RETRY_MAX 10
57 struct gdb_cpu_info
58 {
59 atomic_t paused;
60 atomic_t ack;
61 };
63 static struct gdb_cpu_info gdb_cpu[NR_CPUS];
64 static atomic_t gdb_smp_paused_count;
66 static void gdb_smp_pause(void);
67 static void gdb_smp_resume(void);
69 static char __initdata opt_gdb[30];
70 string_param("gdb", opt_gdb);
72 static void gdbstub_console_puts(const char *str);
74 /* value <-> char (de)serialzers */
75 static char
76 hex2char(unsigned long x)
77 {
78 const char array[] = "0123456789abcdef";
79 return array[x & 15];
80 }
82 static unsigned int
83 char2hex(unsigned char c)
84 {
85 if ( (c >= '0') && (c <= '9') )
86 return c - '0';
87 else if ( (c >= 'a') && (c <= 'f') )
88 return c - 'a' + 10;
89 else if ( (c >= 'A') && (c <= 'F') )
90 return c - 'A' + 10;
91 else
92 BUG();
93 return -1;
94 }
96 static unsigned char
97 str2hex(const char *str)
98 {
99 return (char2hex(str[0]) << 4) | char2hex(str[1]);
100 }
102 static unsigned long
103 str2ulong(const char *str, unsigned long bytes)
104 {
105 unsigned long x = 0;
106 unsigned long i = 0;
108 while ( *str && (i < (bytes * 2)) )
109 {
110 x <<= 4;
111 x += char2hex(*str);
112 ++str;
113 ++i;
114 }
116 return x;
117 }
119 static unsigned long
120 str_to_native_ulong(const char *str)
121 {
122 unsigned long x = 0, i = 0;
124 while ( *str && (i < BYTES_PER_LONG) )
125 {
126 #ifdef __BIG_ENDIAN
127 x <<= 8;
128 x += str2hex(str);
129 #elif defined(__LITTLE_ENDIAN)
130 x += (unsigned long)str2hex(str) << (i*8);
131 #else
132 # error unknown endian
133 #endif
134 str += 2;
135 i++;
136 }
138 return x;
139 }
141 /* gdb io wrappers */
142 static signed long
143 gdb_io_write(const char *buf, unsigned long len, struct gdb_context *ctx)
144 {
145 int i;
146 for ( i = 0; i < len; i++ )
147 serial_putc(ctx->serhnd, buf[i]);
148 return i;
149 }
151 static int
152 gdb_io_write_char(u8 data, struct gdb_context *ctx)
153 {
154 return gdb_io_write((char*)&data, 1, ctx);
155 }
157 static unsigned char
158 gdb_io_read(struct gdb_context *ctx)
159 {
160 return serial_getc(ctx->serhnd);
161 }
163 /* Receive a command. Returns -1 on csum error, 0 otherwise. */
164 /* Does not acknowledge. */
165 static int
166 attempt_receive_packet(struct gdb_context *ctx)
167 {
168 u8 csum;
169 u8 received_csum;
170 u8 ch;
172 /* Skip over everything up to the first '$' */
173 while ( (ch = gdb_io_read(ctx)) != '$' )
174 continue;
176 csum = 0;
177 for ( ctx->in_bytes = 0;
178 ctx->in_bytes < sizeof(ctx->in_buf);
179 ctx->in_bytes++ )
180 {
181 ch = gdb_io_read(ctx);
182 if ( ch == '#' )
183 break;
184 ctx->in_buf[ctx->in_bytes] = ch;
185 csum += ch;
186 }
188 if ( ctx->in_bytes == sizeof(ctx->in_buf) )
189 {
190 dbg_printk("WARNING: GDB sent a stupidly big packet.\n");
191 return -1;
192 }
194 ctx->in_buf[ctx->in_bytes] = '\0';
195 received_csum = char2hex(gdb_io_read(ctx)) * 16 +
196 char2hex(gdb_io_read(ctx));
198 return (received_csum == csum) ? 0 : -1;
199 }
201 /* Receive a command, discarding up to ten packets with csum
202 * errors. Acknowledges all received packets. */
203 static int
204 receive_command(struct gdb_context *ctx)
205 {
206 int r, count = 0;
208 count = 0;
209 do {
210 r = attempt_receive_packet(ctx);
211 gdb_io_write_char((r < 0) ? '-' : '+', ctx);
212 count++;
213 } while ( (r < 0) && (count < GDB_RETRY_MAX) );
215 return r;
216 }
218 /* routines to send reply packets */
220 static void
221 gdb_start_packet(struct gdb_context *ctx)
222 {
223 ctx->out_buf[0] = '$';
224 ctx->out_offset = 1;
225 ctx->out_csum = 0;
226 }
228 static void
229 gdb_write_to_packet_char(u8 data, struct gdb_context *ctx)
230 {
231 ctx->out_csum += data;
232 ctx->out_buf[ctx->out_offset] = data;
233 ctx->out_offset++;
234 }
236 void
237 gdb_write_to_packet(const char *buf, int count, struct gdb_context *ctx)
238 {
239 int x;
240 for ( x = 0; x < count; x++ )
241 gdb_write_to_packet_char(buf[x], ctx);
242 }
244 void
245 gdb_write_to_packet_str(const char *buf, struct gdb_context *ctx)
246 {
247 gdb_write_to_packet(buf, strlen(buf), ctx);
248 }
250 void
251 gdb_write_to_packet_hex(unsigned long x, int int_size, struct gdb_context *ctx)
252 {
253 char buf[sizeof(unsigned long) * 2 + 1];
254 int i, width = int_size * 2;
256 buf[sizeof(unsigned long) * 2] = 0;
258 switch ( int_size )
259 {
260 case sizeof(u8):
261 case sizeof(u16):
262 case sizeof(u32):
263 case sizeof(u64):
264 break;
265 default:
266 dbg_printk("WARNING: %s x: 0x%lx int_size: %d\n",
267 __func__, x, int_size);
268 break;
269 }
271 #ifdef __BIG_ENDIAN
272 i = sizeof(unsigned long) * 2
273 do {
274 buf[--i] = hex2char(x & 15);
275 x >>= 4;
276 } while ( x );
278 while ( (i + width) > (sizeof(unsigned long) * 2) )
279 buf[--i] = '0';
281 gdb_write_to_packet(&buf[i], width, ctx);
282 #elif defined(__LITTLE_ENDIAN)
283 i = 0;
284 while ( i < width )
285 {
286 buf[i++] = hex2char(x>>4);
287 buf[i++] = hex2char(x);
288 x >>= 8;
289 }
290 gdb_write_to_packet(buf, width, ctx);
291 #else
292 # error unknown endian
293 #endif
294 }
296 static int
297 gdb_check_ack(struct gdb_context *ctx)
298 {
299 u8 c = gdb_io_read(ctx);
301 switch ( c )
302 {
303 case '+':
304 return 1;
305 case '-':
306 return 0;
307 default:
308 printk("Bad ack: %c\n", c);
309 return 0;
310 }
311 }
313 /* Return 0 if the reply was successfully received, !0 otherwise. */
314 void
315 gdb_send_packet(struct gdb_context *ctx)
316 {
317 char buf[3];
318 int count;
320 snprintf(buf, sizeof(buf), "%.02x\n", ctx->out_csum);
322 gdb_write_to_packet_char('#', ctx);
323 gdb_write_to_packet(buf, 2, ctx);
325 count = 0;
326 do {
327 gdb_io_write(ctx->out_buf, ctx->out_offset, ctx);
328 } while ( !gdb_check_ack(ctx) && (count++ < GDB_RETRY_MAX) );
330 if ( count == GDB_RETRY_MAX )
331 dbg_printk("WARNING: %s reached max retry %d\n",
332 __func__, GDB_RETRY_MAX);
333 }
335 void
336 gdb_send_reply(const char *buf, struct gdb_context *ctx)
337 {
338 gdb_start_packet(ctx);
339 gdb_write_to_packet_str(buf, ctx);
340 gdb_send_packet(ctx);
341 }
343 /* arch neutral command handlers */
345 static void
346 gdb_cmd_signum(struct gdb_context *ctx)
347 {
348 gdb_write_to_packet_char('S', ctx);
349 gdb_write_to_packet_hex(ctx->signum, sizeof(ctx->signum), ctx);
350 gdb_send_packet(ctx);
351 }
353 static void
354 gdb_cmd_read_mem(unsigned long addr, unsigned long length,
355 struct gdb_context *ctx)
356 {
357 int x, r;
358 unsigned char val;
360 dbg_printk("Memory read starting at %lx, length %lx.\n", addr,
361 length);
363 for ( x = 0; x < length; x++ )
364 {
365 r = gdb_arch_copy_from_user(&val, (void *)(addr + x), 1);
366 if ( r != 0 )
367 {
368 dbg_printk("Error reading from %lx.\n", addr + x);
369 break;
370 }
371 gdb_write_to_packet_hex(val, sizeof(val), ctx);
372 }
374 if ( x == 0 )
375 gdb_write_to_packet_str("E05", ctx);
377 dbg_printk("Read done.\n");
379 gdb_send_packet(ctx);
380 }
382 static void
383 gdb_cmd_write_mem(unsigned long addr, unsigned long length,
384 const char *buf, struct gdb_context *ctx)
385 {
386 int x, r;
387 unsigned char val;
389 dbg_printk("Memory write starting at %lx, length %lx.\n", addr, length);
391 for ( x = 0; x < length; x++, addr++, buf += 2 )
392 {
393 val = str2ulong(buf, sizeof(val));
394 r = gdb_arch_copy_to_user((void*)addr, (void*)&val, 1);
395 if ( r != 0 )
396 {
397 dbg_printk("Error writing to %lx.\n", addr);
398 break;
399 }
400 }
402 if (x == length)
403 gdb_write_to_packet_str("OK", ctx);
404 else
405 gdb_write_to_packet_str("E11", ctx);
407 dbg_printk("Write done.\n");
409 gdb_send_packet(ctx);
410 }
412 static void
413 gdbstub_attach(struct gdb_context *ctx)
414 {
415 if ( ctx->currently_attached )
416 return;
417 ctx->currently_attached = 1;
418 ctx->console_steal_id = console_steal(ctx->serhnd, gdbstub_console_puts);
419 }
421 static void
422 gdbstub_detach(struct gdb_context *ctx)
423 {
424 if ( !ctx->currently_attached )
425 return;
426 ctx->currently_attached = 0;
427 console_giveback(ctx->console_steal_id);
428 }
430 /* command dispatcher */
431 static int
432 process_command(struct cpu_user_regs *regs, struct gdb_context *ctx)
433 {
434 const char *ptr;
435 unsigned long addr, length, val;
436 int resume = 0;
437 unsigned long type = GDB_CONTINUE;
439 /* XXX check ctx->in_bytes >= 2 or similar. */
441 gdb_start_packet(ctx);
442 switch ( ctx->in_buf[0] )
443 {
444 case '?': /* query signal number */
445 gdb_cmd_signum(ctx);
446 break;
447 case 'H': /* thread operations */
448 gdb_send_reply("OK", ctx);
449 break;
450 case 'g': /* Read registers */
451 gdb_arch_read_reg_array(regs, ctx);
452 break;
453 case 'G': /* Write registers */
454 gdb_arch_write_reg_array(regs, ctx->in_buf + 1, ctx);
455 break;
456 case 'm': /* Read memory */
457 addr = simple_strtoul(ctx->in_buf + 1, &ptr, 16);
458 if ( (ptr == (ctx->in_buf + 1)) || (ptr[0] != ',') )
459 {
460 gdb_send_reply("E03", ctx);
461 return 0;
462 }
463 length = simple_strtoul(ptr + 1, &ptr, 16);
464 if ( ptr[0] != 0 )
465 {
466 gdb_send_reply("E04", ctx);
467 return 0;
468 }
469 gdb_cmd_read_mem(addr, length, ctx);
470 break;
471 case 'M': /* Write memory */
472 addr = simple_strtoul(ctx->in_buf + 1, &ptr, 16);
473 if ( (ptr == (ctx->in_buf + 1)) || (ptr[0] != ',') )
474 {
475 gdb_send_reply("E03", ctx);
476 return 0;
477 }
478 length = simple_strtoul(ptr + 1, &ptr, 16);
479 if ( ptr[0] != ':')
480 {
481 gdb_send_reply("E04", ctx);
482 return 0;
483 }
484 gdb_cmd_write_mem(addr, length, ptr + 1, ctx);
485 break;
486 case 'p': /* read register */
487 addr = simple_strtoul(ctx->in_buf + 1, &ptr, 16);
488 if ( ptr == (ctx->in_buf + 1) )
489 {
490 gdb_send_reply("E03", ctx);
491 return 0;
492 }
493 if ( ptr[0] != 0 )
494 {
495 gdb_send_reply("E04", ctx);
496 return 0;
497 }
498 gdb_arch_read_reg(addr, regs, ctx);
499 break;
500 case 'P': /* write register */
501 addr = simple_strtoul(ctx->in_buf + 1, &ptr, 16);
502 if ( ptr == (ctx->in_buf + 1) )
503 {
504 gdb_send_reply("E03", ctx);
505 return 0;
506 }
507 if ( ptr[0] != '=' )
508 {
509 gdb_send_reply("E04", ctx);
510 return 0;
511 }
512 ptr++;
513 val = str_to_native_ulong(ptr);
514 gdb_arch_write_reg(addr, val, regs, ctx);
515 break;
516 case 'D':
517 case 'k':
518 gdbstub_detach(ctx);
519 gdb_send_reply("OK", ctx);
520 ctx->connected = 0;
521 resume = 1;
522 break;
523 case 's': /* Single step */
524 type = GDB_STEP;
525 case 'c': /* Resume at current address */
526 addr = ~((unsigned long)0);
528 if ( ctx->in_buf[1] )
529 addr = str2ulong(&ctx->in_buf[1], sizeof(unsigned long));
530 gdbstub_attach(ctx);
531 resume = 1;
532 gdb_arch_resume(regs, addr, type, ctx);
533 break;
534 default:
535 gdb_send_reply("", ctx);
536 break;
537 }
538 return resume;
539 }
541 static struct gdb_context
542 __gdb_ctx = {
543 .serhnd = -1,
544 .running = ATOMIC_INIT(1),
545 .signum = 1
546 };
547 static struct gdb_context *gdb_ctx = &__gdb_ctx;
549 static void
550 gdbstub_console_puts(const char *str)
551 {
552 const char *p;
554 gdb_start_packet(gdb_ctx);
555 gdb_write_to_packet_char('O', gdb_ctx);
557 for ( p = str; *p != '\0'; p++ )
558 {
559 gdb_write_to_packet_char(hex2char((*p>>4) & 0x0f), gdb_ctx );
560 gdb_write_to_packet_char(hex2char((*p) & 0x0f), gdb_ctx );
561 }
563 gdb_send_packet(gdb_ctx);
564 }
566 /* trap handler: main entry point */
567 int
568 __trap_to_gdb(struct cpu_user_regs *regs, unsigned long cookie)
569 {
570 int rc = 0;
571 unsigned long flags;
573 if ( gdb_ctx->serhnd < 0 )
574 {
575 printk("Debugging connection not set up.\n");
576 return -EBUSY;
577 }
579 /* We rely on our caller to ensure we're only on one processor
580 * at a time... We should probably panic here, but given that
581 * we're a debugger we should probably be a little tolerant of
582 * things going wrong. */
583 /* We don't want to use a spin lock here, because we're doing
584 two distinct things:
586 1 -- we don't want to run on more than one processor at a time,
587 and
588 2 -- we want to do something sensible if we re-enter ourselves.
590 Spin locks are good for 1, but useless for 2. */
591 if ( !atomic_dec_and_test(&gdb_ctx->running) )
592 {
593 printk("WARNING WARNING WARNING: Avoiding recursive gdb.\n");
594 atomic_inc(&gdb_ctx->running);
595 return -EBUSY;
596 }
598 if ( !gdb_ctx->connected )
599 {
600 printk("GDB connection activated.\n");
601 gdb_arch_print_state(regs);
602 gdb_ctx->connected = 1;
603 }
605 gdb_smp_pause();
607 local_irq_save(flags);
609 watchdog_disable();
610 console_start_sync();
612 gdb_arch_enter(regs);
613 gdb_ctx->signum = gdb_arch_signal_num(regs, cookie);
615 /* If gdb is already attached, tell it we've stopped again. */
616 if ( gdb_ctx->currently_attached )
617 {
618 gdb_start_packet(gdb_ctx);
619 gdb_cmd_signum(gdb_ctx);
620 }
622 do {
623 if ( receive_command(gdb_ctx) < 0 )
624 {
625 dbg_printk("Error in GDB session...\n");
626 rc = -EIO;
627 break;
628 }
629 } while ( process_command(regs, gdb_ctx) == 0 );
631 gdb_smp_resume();
633 gdb_arch_exit(regs);
634 console_end_sync();
635 watchdog_enable();
636 atomic_inc(&gdb_ctx->running);
638 local_irq_restore(flags);
640 return rc;
641 }
643 static int __init initialise_gdb(void)
644 {
645 if ( *opt_gdb == '\0' )
646 return 0;
648 gdb_ctx->serhnd = serial_parse_handle(opt_gdb);
649 if ( gdb_ctx->serhnd == -1 )
650 {
651 printk("Bad gdb= option '%s'\n", opt_gdb);
652 return 0;
653 }
655 serial_start_sync(gdb_ctx->serhnd);
657 printk("GDB stub initialised.\n");
659 return 0;
660 }
661 presmp_initcall(initialise_gdb);
663 static void gdb_pause_this_cpu(void *unused)
664 {
665 unsigned long flags;
667 local_irq_save(flags);
669 atomic_set(&gdb_cpu[smp_processor_id()].ack, 1);
670 atomic_inc(&gdb_smp_paused_count);
672 while ( atomic_read(&gdb_cpu[smp_processor_id()].paused) )
673 mdelay(1);
675 atomic_dec(&gdb_smp_paused_count);
676 atomic_set(&gdb_cpu[smp_processor_id()].ack, 0);
678 /* Restore interrupts */
679 local_irq_restore(flags);
680 }
682 static void gdb_smp_pause(void)
683 {
684 int timeout = 100;
685 int cpu;
687 for_each_online_cpu(cpu)
688 {
689 atomic_set(&gdb_cpu[cpu].ack, 0);
690 atomic_set(&gdb_cpu[cpu].paused, 1);
691 }
693 atomic_set(&gdb_smp_paused_count, 0);
695 smp_call_function(gdb_pause_this_cpu, NULL, /* dont wait! */0);
697 /* Wait 100ms for all other CPUs to enter pause loop */
698 while ( (atomic_read(&gdb_smp_paused_count) < (num_online_cpus() - 1))
699 && (timeout-- > 0) )
700 mdelay(1);
702 if ( atomic_read(&gdb_smp_paused_count) < (num_online_cpus() - 1) )
703 {
704 printk("GDB: Not all CPUs have paused, missing CPUs ");
705 for_each_online_cpu(cpu)
706 {
707 if ( (cpu != smp_processor_id()) &&
708 !atomic_read(&gdb_cpu[cpu].ack) )
709 printk("%d ", cpu);
710 }
711 printk("\n");
712 }
713 }
715 static void gdb_smp_resume(void)
716 {
717 int cpu;
718 int timeout = 100;
720 for_each_online_cpu(cpu)
721 atomic_set(&gdb_cpu[cpu].paused, 0);
723 /* Make sure all CPUs resume */
724 while ( (atomic_read(&gdb_smp_paused_count) > 0)
725 && (timeout-- > 0) )
726 mdelay(1);
728 if ( atomic_read(&gdb_smp_paused_count) > 0 )
729 {
730 printk("GDB: Not all CPUs have resumed execution, missing CPUs ");
731 for_each_online_cpu(cpu)
732 {
733 if ( (cpu != smp_processor_id()) &&
734 atomic_read(&gdb_cpu[cpu].ack) )
735 printk("%d ", cpu);
736 }
737 printk("\n");
738 }
739 }
741 /*
742 * Local variables:
743 * mode: C
744 * c-set-style: "BSD"
745 * c-basic-offset: 4
746 * tab-width: 4
747 * End:
748 */