]> git.saurik.com Git - apple/xnu.git/blob - osfmk/kdp/kdp_udp.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-6153.61.1.tar.gz
[apple/xnu.git] / osfmk / kdp / kdp_udp.c
1 /*
2 * Copyright (c) 2000-2019 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29 /*
30 * Copyright (c) 1982, 1986, 1993
31 * The Regents of the University of California. All rights reserved.
32 */
33
34 /*
35 * Kernel Debugging Protocol UDP implementation.
36 */
37
38 #include <mach/boolean.h>
39 #include <mach/mach_types.h>
40 #include <mach/exception_types.h>
41 #include <kern/cpu_data.h>
42 #include <kern/debug.h>
43 #include <kern/clock.h>
44
45 #include <kdp/kdp_core.h>
46 #include <kdp/kdp_internal.h>
47 #if (MACH_KDP && CONFIG_KDP_INTERACTIVE_DEBUGGING)
48 #include <kdp/kdp_en_debugger.h>
49 #endif
50 #include <kdp/kdp_callout.h>
51 #include <kdp/kdp_udp.h>
52 #include <kdp/kdp_core.h>
53 #if CONFIG_SERIAL_KDP
54 #include <kdp/kdp_serial.h>
55 #endif
56
57 #include <vm/vm_map.h>
58 #include <vm/vm_protos.h>
59 #include <vm/vm_kern.h> /* kernel_map */
60
61 #include <mach/memory_object_types.h>
62 #include <machine/pal_routines.h>
63
64 #include <sys/msgbuf.h>
65
66 /* we just want the link status flags, so undef KERNEL_PRIVATE for this
67 * header file. */
68 #undef KERNEL_PRIVATE
69 #include <net/if_media.h>
70 #define KERNEL_PRIVATE
71
72 #include <string.h>
73
74 #include <IOKit/IOPlatformExpert.h>
75 #include <libkern/version.h>
76
77 #include <sys/pgo.h>
78
79 extern unsigned int not_in_kdp;
80 extern int kdp_snapshot;
81
82 #ifdef CONFIG_KDP_INTERACTIVE_DEBUGGING
83
84 extern int inet_aton(const char *, struct kdp_in_addr *); /* in libkern */
85 extern char *inet_ntoa_r(struct kdp_in_addr ina, char *buf,
86 size_t buflen); /* in libkern */
87
88 #define DO_ALIGN 1 /* align all packet data accesses */
89 #define KDP_SERIAL_IPADDR 0xABADBABE /* IP address used for serial KDP */
90 #define LINK_UP_STATUS (IFM_AVALID | IFM_ACTIVE)
91
92 extern int kdp_getc(void);
93 extern int reattach_wait;
94
95 static u_short ip_id; /* ip packet ctr, for ids */
96
97 /* @(#)udp_usrreq.c 2.2 88/05/23 4.0NFSSRC SMI; from UCB 7.1 6/5/86 */
98
99 /*
100 * UDP protocol implementation.
101 * Per RFC 768, August, 1980.
102 */
103 #define UDP_TTL 60 /* deflt time to live for UDP packets */
104 static int udp_ttl = UDP_TTL;
105 static unsigned char exception_seq;
106
107 struct kdp_ipovly {
108 uint32_t ih_next, ih_prev; /* for protocol sequence q's */
109 u_char ih_x1; /* (unused) */
110 u_char ih_pr; /* protocol */
111 short ih_len; /* protocol length */
112 struct kdp_in_addr ih_src; /* source internet address */
113 struct kdp_in_addr ih_dst; /* destination internet address */
114 };
115
116 struct kdp_udphdr {
117 u_short uh_sport; /* source port */
118 u_short uh_dport; /* destination port */
119 short uh_ulen; /* udp length */
120 u_short uh_sum; /* udp checksum */
121 };
122
123 struct kdp_udpiphdr {
124 struct kdp_ipovly ui_i; /* overlaid ip structure */
125 struct kdp_udphdr ui_u; /* udp header */
126 };
127 #define ui_next ui_i.ih_next
128 #define ui_prev ui_i.ih_prev
129 #define ui_x1 ui_i.ih_x1
130 #define ui_pr ui_i.ih_pr
131 #define ui_len ui_i.ih_len
132 #define ui_src ui_i.ih_src
133 #define ui_dst ui_i.ih_dst
134 #define ui_sport ui_u.uh_sport
135 #define ui_dport ui_u.uh_dport
136 #define ui_ulen ui_u.uh_ulen
137 #define ui_sum ui_u.uh_sum
138
139 struct kdp_ip {
140 union {
141 uint32_t ip_w;
142 struct {
143 unsigned int
144 #ifdef __LITTLE_ENDIAN__
145 ip_xhl:4, /* header length */
146 ip_xv:4, /* version */
147 ip_xtos:8, /* type of service */
148 ip_xlen:16; /* total length */
149 #endif
150 #ifdef __BIG_ENDIAN__
151 ip_xv:4, /* version */
152 ip_xhl:4, /* header length */
153 ip_xtos:8, /* type of service */
154 ip_xlen:16; /* total length */
155 #endif
156 } ip_x;
157 } ip_vhltl;
158 u_short ip_id; /* identification */
159 short ip_off; /* fragment offset field */
160 #define IP_DF 0x4000 /* dont fragment flag */
161 #define IP_MF 0x2000 /* more fragments flag */
162 #define IP_OFFMASK 0x1fff /* mask for fragmenting bits */
163 u_char ip_ttl; /* time to live */
164 u_char ip_p; /* protocol */
165 u_short ip_sum; /* checksum */
166 struct kdp_in_addr ip_src, ip_dst; /* source and dest address */
167 };
168 #define ip_v ip_vhltl.ip_x.ip_xv
169 #define ip_hl ip_vhltl.ip_x.ip_xhl
170 #define ip_tos ip_vhltl.ip_x.ip_xtos
171 #define ip_len ip_vhltl.ip_x.ip_xlen
172
173 #define IPPROTO_UDP 17
174 #define IPVERSION 4
175
176 #define ETHERTYPE_IP 0x0800 /* IP protocol */
177
178 /*
179 * Ethernet Address Resolution Protocol.
180 *
181 * See RFC 826 for protocol description. Structure below is adapted
182 * to resolving internet addresses. Field names used correspond to
183 * RFC 826.
184 */
185
186 #define ETHERTYPE_ARP 0x0806 /* Addr. resolution protocol */
187
188 struct kdp_arphdr {
189 u_short ar_hrd; /* format of hardware address */
190 #define ARPHRD_ETHER 1 /* ethernet hardware format */
191 #define ARPHRD_FRELAY 15 /* frame relay hardware format */
192 u_short ar_pro; /* format of protocol address */
193 u_char ar_hln; /* length of hardware address */
194 u_char ar_pln; /* length of protocol address */
195 u_short ar_op; /* one of: */
196 #define ARPOP_REQUEST 1 /* request to resolve address */
197 #define ARPOP_REPLY 2 /* response to previous request */
198 #define ARPOP_REVREQUEST 3 /* request protocol address given hardware */
199 #define ARPOP_REVREPLY 4 /* response giving protocol address */
200 #define ARPOP_INVREQUEST 8 /* request to identify peer */
201 #define ARPOP_INVREPLY 9 /* response identifying peer */
202 };
203
204 struct kdp_ether_arp {
205 struct kdp_arphdr ea_hdr; /* fixed-size header */
206 u_char arp_sha[ETHER_ADDR_LEN]; /* sender hardware address */
207 u_char arp_spa[4]; /* sender protocol address */
208 u_char arp_tha[ETHER_ADDR_LEN]; /* target hardware address */
209 u_char arp_tpa[4]; /* target protocol address */
210 };
211 #define arp_hrd ea_hdr.ar_hrd
212 #define arp_pro ea_hdr.ar_pro
213 #define arp_hln ea_hdr.ar_hln
214 #define arp_pln ea_hdr.ar_pln
215 #define arp_op ea_hdr.ar_op
216
217 #define ETHERMTU 1500
218 #define ETHERHDRSIZE 14
219 #define ETHERCRC 4
220 #define KDP_MAXPACKET (ETHERHDRSIZE + ETHERMTU + ETHERCRC)
221
222 static struct {
223 unsigned char data[KDP_MAXPACKET];
224 unsigned int off, len;
225 boolean_t input;
226 } pkt, saved_reply;
227
228 struct kdp_manual_pkt manual_pkt;
229
230 struct {
231 struct {
232 struct kdp_in_addr in;
233 struct kdp_ether_addr ea;
234 } loc;
235 struct {
236 struct kdp_in_addr in;
237 struct kdp_ether_addr ea;
238 } rmt;
239 } adr;
240
241 static const char
242 *exception_message[] = {
243 "Unknown",
244 "Memory access", /* EXC_BAD_ACCESS */
245 "Failed instruction", /* EXC_BAD_INSTRUCTION */
246 "Arithmetic", /* EXC_ARITHMETIC */
247 "Emulation", /* EXC_EMULATION */
248 "Software", /* EXC_SOFTWARE */
249 "Breakpoint" /* EXC_BREAKPOINT */
250 };
251
252 volatile int kdp_flag = 0;
253 boolean_t kdp_corezip_disabled = 0;
254
255 kdp_send_t kdp_en_send_pkt;
256 static kdp_receive_t kdp_en_recv_pkt;
257 static kdp_link_t kdp_en_linkstatus;
258 static kdp_mode_t kdp_en_setmode;
259
260 #if CONFIG_SERIAL_KDP
261 static void kdp_serial_send(void *rpkt, unsigned int rpkt_len);
262 #define KDP_SERIAL_ENABLED() (kdp_en_send_pkt == kdp_serial_send)
263 #else
264 #define KDP_SERIAL_ENABLED() (0)
265 #endif
266
267 static uint32_t kdp_current_ip_address = 0;
268 static struct kdp_ether_addr kdp_current_mac_address = {.ether_addr_octet = {0, 0, 0, 0, 0, 0}};
269 static void *kdp_current_ifp;
270
271 static void kdp_handler( void *);
272
273 static uint32_t panic_server_ip = 0;
274 static uint32_t parsed_router_ip = 0;
275 static uint32_t router_ip = 0;
276 static uint32_t target_ip = 0;
277
278 static boolean_t save_ip_in_nvram = FALSE;
279
280 static volatile boolean_t panicd_specified = FALSE;
281 static boolean_t router_specified = FALSE;
282 static boolean_t corename_specified = FALSE;
283 static unsigned int panicd_port = CORE_REMOTE_PORT;
284
285 static struct kdp_ether_addr etherbroadcastaddr = {.ether_addr_octet = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff}};
286
287 static struct kdp_ether_addr router_mac = {.ether_addr_octet = {0, 0, 0, 0, 0, 0}};
288 static struct kdp_ether_addr destination_mac = {.ether_addr_octet = {0, 0, 0, 0, 0, 0}};
289 static struct kdp_ether_addr temp_mac = {.ether_addr_octet = {0, 0, 0, 0, 0, 0}};
290 static struct kdp_ether_addr current_resolved_MAC = {.ether_addr_octet = {0, 0, 0, 0, 0, 0}};
291
292 static boolean_t flag_panic_dump_in_progress = FALSE;
293 static boolean_t flag_router_mac_initialized = FALSE;
294 static boolean_t flag_dont_abort_panic_dump = FALSE;
295
296 static boolean_t flag_arp_resolved = FALSE;
297
298 static unsigned int panic_timeout = 100000;
299 static unsigned int last_panic_port = CORE_REMOTE_PORT;
300
301 #define KDP_THROTTLE_VALUE (10ULL * NSEC_PER_SEC)
302
303 uint32_t kdp_crashdump_pkt_size = 512;
304 #define KDP_LARGE_CRASHDUMP_PKT_SIZE (1440 - 6 - sizeof(struct kdp_udpiphdr))
305 static char panicd_ip_str[20];
306 static char router_ip_str[20];
307 static char corename_str[100];
308
309 static unsigned int panic_block = 0;
310 volatile unsigned int kdp_trigger_core_dump = 0;
311 __private_extern__ volatile unsigned int flag_kdp_trigger_reboot = 0;
312
313
314 extern unsigned int disableConsoleOutput;
315
316 extern void kdp_call(void);
317
318 void * kdp_get_interface(void);
319 void kdp_set_gateway_mac(void *gatewaymac);
320 void kdp_set_ip_and_mac_addresses(struct kdp_in_addr *ipaddr, struct kdp_ether_addr *);
321 void kdp_set_interface(void *interface, const struct kdp_ether_addr *macaddr);
322
323 void kdp_disable_arp(void);
324 static void kdp_arp_reply(struct kdp_ether_arp *);
325 static void kdp_process_arp_reply(struct kdp_ether_arp *);
326 static boolean_t kdp_arp_resolve(uint32_t, struct kdp_ether_addr *);
327
328 static volatile unsigned kdp_reentry_deadline;
329
330 static uint32_t kdp_crashdump_feature_mask = KDP_FEATURE_LARGE_CRASHDUMPS | KDP_FEATURE_LARGE_PKT_SIZE;
331 uint32_t kdp_feature_large_crashdumps, kdp_feature_large_pkt_size;
332
333 char kdp_kernelversion_string[256];
334
335 static boolean_t gKDPDebug = FALSE;
336
337 #define KDP_DEBUG(...) if (gKDPDebug) printf(__VA_ARGS__);
338
339 #define SBLOCKSZ (2048)
340 uint64_t kdp_dump_start_time = 0;
341 uint64_t kdp_min_superblock_dump_time = ~1ULL;
342 uint64_t kdp_max_superblock_dump_time = 0;
343 uint64_t kdp_superblock_dump_time = 0;
344 uint64_t kdp_superblock_dump_start_time = 0;
345 static thread_call_t
346 kdp_timer_call;
347
348 static void
349 kdp_ml_enter_debugger_wrapper(__unused void *param0, __unused void *param1)
350 {
351 kdp_ml_enter_debugger();
352 }
353
354 static void
355 kdp_timer_callout_init(void)
356 {
357 kdp_timer_call = thread_call_allocate(kdp_ml_enter_debugger_wrapper, NULL);
358 }
359
360
361 /* only send/receive data if the link is up */
362 inline static void
363 wait_for_link(void)
364 {
365 static int first = 0;
366
367 if (!kdp_en_linkstatus) {
368 return;
369 }
370
371 while (((*kdp_en_linkstatus)() & LINK_UP_STATUS) != LINK_UP_STATUS) {
372 if (first) {
373 continue;
374 }
375
376 first = 1;
377 printf("Waiting for link to become available.\n");
378 kprintf("Waiting for link to become available.\n");
379 }
380 }
381
382
383 inline static void
384 kdp_send_data(void *packet, unsigned int len)
385 {
386 wait_for_link();
387 (*kdp_en_send_pkt)(packet, len);
388 }
389
390
391 inline static void
392 kdp_receive_data(void *packet, unsigned int *len, unsigned int timeout)
393 {
394 wait_for_link();
395 (*kdp_en_recv_pkt)(packet, len, timeout);
396 }
397
398
399 void
400 kdp_register_link(kdp_link_t link, kdp_mode_t mode)
401 {
402 kdp_en_linkstatus = link;
403 kdp_en_setmode = mode;
404 }
405
406 void
407 kdp_unregister_link(__unused kdp_link_t link, __unused kdp_mode_t mode)
408 {
409 kdp_en_linkstatus = NULL;
410 kdp_en_setmode = NULL;
411 }
412
413 void
414 kdp_register_send_receive(
415 kdp_send_t send,
416 kdp_receive_t receive)
417 {
418 unsigned int debug = 0;
419
420 PE_parse_boot_argn("debug", &debug, sizeof(debug));
421
422 #if defined(__arm__) || defined(__arm64__)
423 {
424 uint32_t debug_flags;
425
426 if (!PE_i_can_has_debugger(&debug_flags)) {
427 debug = 0;
428 }
429 }
430 #endif
431
432 if (!debug) {
433 return;
434 }
435
436 kdp_en_send_pkt = send;
437 kdp_en_recv_pkt = receive;
438
439 if (debug & DB_KDP_BP_DIS) {
440 kdp_flag |= KDP_BP_DIS;
441 }
442 if (debug & DB_KDP_GETC_ENA) {
443 kdp_flag |= KDP_GETC_ENA;
444 }
445 if (debug & DB_ARP) {
446 kdp_flag |= KDP_ARP;
447 }
448
449 if (debug & DB_KERN_DUMP_ON_PANIC) {
450 kdp_flag |= KDP_PANIC_DUMP_ENABLED;
451 }
452 if (debug & DB_KERN_DUMP_ON_NMI) {
453 kdp_flag |= PANIC_CORE_ON_NMI;
454 }
455
456 if (debug & DB_DBG_POST_CORE) {
457 kdp_flag |= DBG_POST_CORE;
458 }
459
460 if (debug & DB_PANICLOG_DUMP) {
461 kdp_flag |= PANIC_LOG_DUMP;
462 }
463
464 kdp_corezip_disabled = (0 != (debug & DB_DISABLE_GZIP_CORE));
465
466 if (PE_parse_boot_argn("_panicd_ip", panicd_ip_str, sizeof(panicd_ip_str))) {
467 panicd_specified = TRUE;
468 }
469
470 if ((debug & DB_REBOOT_POST_CORE) && (panicd_specified == TRUE)) {
471 kdp_flag |= REBOOT_POST_CORE;
472 }
473
474 if (PE_parse_boot_argn("_router_ip", router_ip_str, sizeof(router_ip_str))) {
475 router_specified = TRUE;
476 }
477
478 if (!PE_parse_boot_argn("panicd_port", &panicd_port, sizeof(panicd_port))) {
479 panicd_port = CORE_REMOTE_PORT;
480 }
481
482 if (PE_parse_boot_argn("_panicd_corename", &corename_str, sizeof(corename_str))) {
483 corename_specified = TRUE;
484 }
485
486 kdp_flag |= KDP_READY;
487
488 current_debugger = KDP_CUR_DB;
489 if ((kdp_current_ip_address != 0) && halt_in_debugger) {
490 kdp_call();
491 halt_in_debugger = 0;
492 }
493 }
494
495 void
496 kdp_unregister_send_receive(
497 __unused kdp_send_t send,
498 __unused kdp_receive_t receive)
499 {
500 if (current_debugger == KDP_CUR_DB) {
501 current_debugger = NO_CUR_DB;
502 }
503 kdp_flag &= ~KDP_READY;
504 kdp_en_send_pkt = NULL;
505 kdp_en_recv_pkt = NULL;
506 }
507
508 static void
509 kdp_schedule_debugger_reentry(unsigned interval)
510 {
511 uint64_t deadline;;
512
513 clock_interval_to_deadline(interval, 1000 * 1000, &deadline);
514 thread_call_enter_delayed(kdp_timer_call, deadline);
515 }
516
517 static void
518 enaddr_copy(
519 void *src,
520 void *dst
521 )
522 {
523 bcopy((char *)src, (char *)dst, sizeof(struct kdp_ether_addr));
524 }
525
526 static unsigned short
527 ip_sum(
528 unsigned char *c,
529 unsigned int hlen
530 )
531 {
532 unsigned int high, low, sum;
533
534 high = low = 0;
535 while (hlen-- > 0) {
536 low += c[1] + c[3];
537 high += c[0] + c[2];
538
539 c += sizeof(int);
540 }
541
542 sum = (high << 8) + low;
543 sum = (sum >> 16) + (sum & 65535);
544
545 return sum > 65535 ? sum - 65535 : sum;
546 }
547
548 static void
549 kdp_reply(
550 unsigned short reply_port,
551 const boolean_t sideband
552 )
553 {
554 struct kdp_udpiphdr aligned_ui, *ui = &aligned_ui;
555 struct kdp_ip aligned_ip, *ip = &aligned_ip;
556 struct kdp_in_addr tmp_ipaddr;
557 struct kdp_ether_addr tmp_enaddr;
558 struct kdp_ether_header *eh = NULL;
559
560 if (!pkt.input) {
561 kdp_panic("kdp_reply");
562 }
563
564 pkt.off -= (unsigned int)sizeof(struct kdp_udpiphdr);
565
566 #if DO_ALIGN
567 bcopy((char *)&pkt.data[pkt.off], (char *)ui, sizeof(*ui));
568 #else
569 ui = (struct kdp_udpiphdr *)&pkt.data[pkt.off];
570 #endif
571 ui->ui_next = ui->ui_prev = 0;
572 ui->ui_x1 = 0;
573 ui->ui_pr = IPPROTO_UDP;
574 ui->ui_len = htons((u_short)pkt.len + sizeof(struct kdp_udphdr));
575 tmp_ipaddr = ui->ui_src;
576 ui->ui_src = ui->ui_dst;
577 ui->ui_dst = tmp_ipaddr;
578 ui->ui_sport = htons(KDP_REMOTE_PORT);
579 ui->ui_dport = reply_port;
580 ui->ui_ulen = ui->ui_len;
581 ui->ui_sum = 0;
582 #if DO_ALIGN
583 bcopy((char *)ui, (char *)&pkt.data[pkt.off], sizeof(*ui));
584 bcopy((char *)&pkt.data[pkt.off], (char *)ip, sizeof(*ip));
585 #else
586 ip = (struct kdp_ip *)&pkt.data[pkt.off];
587 #endif
588 ip->ip_len = htons(sizeof(struct kdp_udpiphdr) + pkt.len);
589 ip->ip_v = IPVERSION;
590 ip->ip_id = htons(ip_id++);
591 ip->ip_hl = sizeof(struct kdp_ip) >> 2;
592 ip->ip_ttl = udp_ttl;
593 ip->ip_sum = 0;
594 ip->ip_sum = htons(~ip_sum((unsigned char *)ip, ip->ip_hl));
595 #if DO_ALIGN
596 bcopy((char *)ip, (char *)&pkt.data[pkt.off], sizeof(*ip));
597 #endif
598
599 pkt.len += (unsigned int)sizeof(struct kdp_udpiphdr);
600
601 pkt.off -= (unsigned int)sizeof(struct kdp_ether_header);
602
603 eh = (struct kdp_ether_header *)&pkt.data[pkt.off];
604 enaddr_copy(eh->ether_shost, &tmp_enaddr);
605 enaddr_copy(eh->ether_dhost, eh->ether_shost);
606 enaddr_copy(&tmp_enaddr, eh->ether_dhost);
607 eh->ether_type = htons(ETHERTYPE_IP);
608
609 pkt.len += (unsigned int)sizeof(struct kdp_ether_header);
610
611 // save reply for possible retransmission
612 assert(pkt.len <= KDP_MAXPACKET);
613 if (!sideband) {
614 bcopy((char *)&pkt, (char *)&saved_reply, sizeof(saved_reply));
615 }
616
617 kdp_send_data(&pkt.data[pkt.off], pkt.len);
618
619 // increment expected sequence number
620 if (!sideband) {
621 exception_seq++;
622 }
623 }
624
625 static void
626 kdp_send(
627 unsigned short remote_port
628 )
629 {
630 struct kdp_udpiphdr aligned_ui, *ui = &aligned_ui;
631 struct kdp_ip aligned_ip, *ip = &aligned_ip;
632 struct kdp_ether_header *eh;
633
634 if (pkt.input) {
635 kdp_panic("kdp_send");
636 }
637
638 pkt.off -= (unsigned int)sizeof(struct kdp_udpiphdr);
639
640 #if DO_ALIGN
641 bcopy((char *)&pkt.data[pkt.off], (char *)ui, sizeof(*ui));
642 #else
643 ui = (struct kdp_udpiphdr *)&pkt.data[pkt.off];
644 #endif
645 ui->ui_next = ui->ui_prev = 0;
646 ui->ui_x1 = 0;
647 ui->ui_pr = IPPROTO_UDP;
648 ui->ui_len = htons((u_short)pkt.len + sizeof(struct kdp_udphdr));
649 ui->ui_src = adr.loc.in;
650 ui->ui_dst = adr.rmt.in;
651 ui->ui_sport = htons(KDP_REMOTE_PORT);
652 ui->ui_dport = remote_port;
653 ui->ui_ulen = ui->ui_len;
654 ui->ui_sum = 0;
655 #if DO_ALIGN
656 bcopy((char *)ui, (char *)&pkt.data[pkt.off], sizeof(*ui));
657 bcopy((char *)&pkt.data[pkt.off], (char *)ip, sizeof(*ip));
658 #else
659 ip = (struct kdp_ip *)&pkt.data[pkt.off];
660 #endif
661 ip->ip_len = htons(sizeof(struct kdp_udpiphdr) + pkt.len);
662 ip->ip_v = IPVERSION;
663 ip->ip_id = htons(ip_id++);
664 ip->ip_hl = sizeof(struct kdp_ip) >> 2;
665 ip->ip_ttl = udp_ttl;
666 ip->ip_sum = 0;
667 ip->ip_sum = htons(~ip_sum((unsigned char *)ip, ip->ip_hl));
668 #if DO_ALIGN
669 bcopy((char *)ip, (char *)&pkt.data[pkt.off], sizeof(*ip));
670 #endif
671
672 pkt.len += (unsigned int)sizeof(struct kdp_udpiphdr);
673
674 pkt.off -= (unsigned int)sizeof(struct kdp_ether_header);
675
676 eh = (struct kdp_ether_header *)&pkt.data[pkt.off];
677 enaddr_copy(&adr.loc.ea, eh->ether_shost);
678 enaddr_copy(&adr.rmt.ea, eh->ether_dhost);
679 eh->ether_type = htons(ETHERTYPE_IP);
680
681 pkt.len += (unsigned int)sizeof(struct kdp_ether_header);
682 kdp_send_data(&pkt.data[pkt.off], pkt.len);
683 }
684
685
686 inline static void
687 debugger_if_necessary(void)
688 {
689 if ((current_debugger == KDP_CUR_DB) && halt_in_debugger) {
690 kdp_call();
691 halt_in_debugger = 0;
692 }
693 }
694
695
696 /* We don't interpret this pointer, we just give it to the bsd stack
697 * so it can decide when to set the MAC and IP info. We'll
698 * early initialize the MAC/IP info if we can so that we can use
699 * KDP early in boot. These values may subsequently get over-written
700 * when the interface gets initialized for real.
701 */
702 void
703 kdp_set_interface(void *ifp, const struct kdp_ether_addr *macaddr)
704 {
705 char kdpstr[80];
706 struct kdp_in_addr addr = { .s_addr = 0 };
707 unsigned int len;
708
709 kdp_current_ifp = ifp;
710
711 if (PE_parse_boot_argn("kdp_ip_addr", kdpstr, sizeof(kdpstr))) {
712 /* look for a static ip address */
713 if (inet_aton(kdpstr, &addr) == FALSE) {
714 goto done;
715 }
716
717 goto config_network;
718 }
719
720 /* use saved ip address */
721 save_ip_in_nvram = TRUE;
722
723 len = sizeof(kdpstr);
724 if (PEReadNVRAMProperty("_kdp_ipstr", kdpstr, &len) == FALSE) {
725 goto done;
726 }
727
728 kdpstr[len < sizeof(kdpstr) ? len : sizeof(kdpstr) - 1] = '\0';
729 if (inet_aton(kdpstr, &addr) == FALSE) {
730 goto done;
731 }
732
733 config_network:
734 kdp_current_ip_address = addr.s_addr;
735 if (macaddr) {
736 kdp_current_mac_address = *macaddr;
737 }
738
739 /* we can't drop into the debugger at this point because the
740 * link will likely not be up. when getDebuggerLinkStatus() support gets
741 * added to the appropriate network drivers, adding the
742 * following will enable this capability:
743 * debugger_if_necessary();
744 */
745 done:
746 return;
747 }
748
749 void *
750 kdp_get_interface(void)
751 {
752 return kdp_current_ifp;
753 }
754
755 void
756 kdp_set_ip_and_mac_addresses(
757 struct kdp_in_addr *ipaddr,
758 struct kdp_ether_addr *macaddr)
759 {
760 static uint64_t last_time = (uint64_t) -1;
761 static uint64_t throttle_val = 0;
762 uint64_t cur_time;
763 char addr[16];
764
765 if (kdp_current_ip_address == ipaddr->s_addr) {
766 goto done;
767 }
768
769 /* don't replace if serial debugging is configured */
770 if (!KDP_SERIAL_ENABLED() ||
771 (kdp_current_ip_address != KDP_SERIAL_IPADDR)) {
772 kdp_current_mac_address = *macaddr;
773 kdp_current_ip_address = ipaddr->s_addr;
774 }
775
776 if (save_ip_in_nvram == FALSE) {
777 goto done;
778 }
779
780 if (inet_ntoa_r(*ipaddr, addr, sizeof(addr)) == NULL) {
781 goto done;
782 }
783
784 /* throttle writes if needed */
785 if (!throttle_val) {
786 nanoseconds_to_absolutetime(KDP_THROTTLE_VALUE, &throttle_val);
787 }
788
789 cur_time = mach_absolute_time();
790 if (last_time == (uint64_t) -1 ||
791 ((cur_time - last_time) > throttle_val)) {
792 PEWriteNVRAMProperty("_kdp_ipstr", addr,
793 (const unsigned int) strlen(addr));
794 }
795 last_time = cur_time;
796
797 done:
798 debugger_if_necessary();
799 }
800
801 void
802 kdp_set_gateway_mac(void *gatewaymac)
803 {
804 router_mac = *(struct kdp_ether_addr *)gatewaymac;
805 flag_router_mac_initialized = TRUE;
806 }
807
808 struct kdp_ether_addr
809 kdp_get_mac_addr(void)
810 {
811 return kdp_current_mac_address;
812 }
813
814 unsigned int
815 kdp_get_ip_address(void)
816 {
817 return (unsigned int)kdp_current_ip_address;
818 }
819
820 void
821 kdp_disable_arp(void)
822 {
823 kdp_flag &= ~(DB_ARP);
824 }
825
826 static void
827 kdp_arp_dispatch(void)
828 {
829 struct kdp_ether_arp aligned_ea, *ea = &aligned_ea;
830 unsigned arp_header_offset;
831
832 arp_header_offset = (unsigned)sizeof(struct kdp_ether_header) + pkt.off;
833 memcpy((void *)ea, (void *)&pkt.data[arp_header_offset], sizeof(*ea));
834
835 switch (ntohs(ea->arp_op)) {
836 case ARPOP_REQUEST:
837 kdp_arp_reply(ea);
838 break;
839 case ARPOP_REPLY:
840 kdp_process_arp_reply(ea);
841 break;
842 default:
843 return;
844 }
845 }
846
847 static void
848 kdp_process_arp_reply(struct kdp_ether_arp *ea)
849 {
850 /* Are we interested in ARP replies? */
851 if (flag_arp_resolved == TRUE) {
852 return;
853 }
854
855 /* Did we receive a reply from the right source? */
856 if (((struct kdp_in_addr *)(ea->arp_spa))->s_addr != target_ip) {
857 return;
858 }
859
860 flag_arp_resolved = TRUE;
861 current_resolved_MAC = *(struct kdp_ether_addr *) (ea->arp_sha);
862
863 return;
864 }
865
866 /* ARP responses are enabled when the DB_ARP bit of the debug boot arg
867 * is set.
868 */
869
870 static void
871 kdp_arp_reply(struct kdp_ether_arp *ea)
872 {
873 struct kdp_ether_header *eh;
874
875 struct kdp_in_addr isaddr, itaddr, myaddr;
876 struct kdp_ether_addr my_enaddr;
877
878 eh = (struct kdp_ether_header *)&pkt.data[pkt.off];
879 pkt.off += (unsigned int)sizeof(struct kdp_ether_header);
880
881 if (ntohs(ea->arp_op) != ARPOP_REQUEST) {
882 return;
883 }
884
885 myaddr.s_addr = kdp_get_ip_address();
886 my_enaddr = kdp_get_mac_addr();
887
888 if ((ntohl(myaddr.s_addr) == 0) ||
889 ((my_enaddr.ether_addr_octet[0] & 0xff) == 0
890 && (my_enaddr.ether_addr_octet[1] & 0xff) == 0
891 && (my_enaddr.ether_addr_octet[2] & 0xff) == 0
892 && (my_enaddr.ether_addr_octet[3] & 0xff) == 0
893 && (my_enaddr.ether_addr_octet[4] & 0xff) == 0
894 && (my_enaddr.ether_addr_octet[5] & 0xff) == 0
895 )) {
896 return;
897 }
898
899 (void)memcpy((void *)&isaddr, (void *)ea->arp_spa, sizeof(isaddr));
900 (void)memcpy((void *)&itaddr, (void *)ea->arp_tpa, sizeof(itaddr));
901
902 if (itaddr.s_addr == myaddr.s_addr) {
903 (void)memcpy((void *)ea->arp_tha, (void *)ea->arp_sha, sizeof(ea->arp_sha));
904 (void)memcpy((void *)ea->arp_sha, (void *)&my_enaddr, sizeof(ea->arp_sha));
905
906 (void)memcpy((void *)ea->arp_tpa, (void *) ea->arp_spa, sizeof(ea->arp_spa));
907 (void)memcpy((void *)ea->arp_spa, (void *) &itaddr, sizeof(ea->arp_spa));
908
909 ea->arp_op = htons(ARPOP_REPLY);
910 ea->arp_pro = htons(ETHERTYPE_IP);
911 (void)memcpy(eh->ether_dhost, ea->arp_tha, sizeof(eh->ether_dhost));
912 (void)memcpy(eh->ether_shost, &my_enaddr, sizeof(eh->ether_shost));
913 eh->ether_type = htons(ETHERTYPE_ARP);
914 (void)memcpy(&pkt.data[pkt.off], ea, sizeof(*ea));
915 pkt.off -= (unsigned int)sizeof(struct kdp_ether_header);
916 /* pkt.len is still the length we want, ether_header+ether_arp */
917 kdp_send_data(&pkt.data[pkt.off], pkt.len);
918 }
919 }
920
921 static void
922 kdp_poll(void)
923 {
924 struct kdp_ether_header *eh = NULL;
925 struct kdp_udpiphdr aligned_ui, *ui = &aligned_ui;
926 struct kdp_ip aligned_ip, *ip = &aligned_ip;
927 static int msg_printed;
928
929 if (pkt.input) {
930 kdp_panic("kdp_poll");
931 }
932
933 if (!kdp_en_recv_pkt || !kdp_en_send_pkt) {
934 if (msg_printed == 0) {
935 msg_printed = 1;
936 printf("kdp_poll: no debugger device\n");
937 }
938 return;
939 }
940
941 pkt.off = pkt.len = 0;
942 kdp_receive_data(pkt.data, &pkt.len, 3 /* ms */);
943
944 if (pkt.len == 0) {
945 return;
946 }
947
948 if (pkt.len >= sizeof(struct kdp_ether_header)) {
949 eh = (struct kdp_ether_header *)&pkt.data[pkt.off];
950
951 if (kdp_flag & KDP_ARP) {
952 if (ntohs(eh->ether_type) == ETHERTYPE_ARP) {
953 kdp_arp_dispatch();
954 return;
955 }
956 }
957 }
958
959 if (pkt.len < (sizeof(struct kdp_ether_header) + sizeof(struct kdp_udpiphdr))) {
960 return;
961 }
962
963 pkt.off += (unsigned int)sizeof(struct kdp_ether_header);
964 if (ntohs(eh->ether_type) != ETHERTYPE_IP) {
965 return;
966 }
967
968 #if DO_ALIGN
969 bcopy((char *)&pkt.data[pkt.off], (char *)ui, sizeof(*ui));
970 bcopy((char *)&pkt.data[pkt.off], (char *)ip, sizeof(*ip));
971 #else
972 ui = (struct kdp_udpiphdr *)&pkt.data[pkt.off];
973 ip = (struct kdp_ip *)&pkt.data[pkt.off];
974 #endif
975
976 pkt.off += (unsigned int)sizeof(struct kdp_udpiphdr);
977 if (ui->ui_pr != IPPROTO_UDP) {
978 return;
979 }
980
981 if (ip->ip_hl > (sizeof(struct kdp_ip) >> 2)) {
982 return;
983 }
984
985 if (ntohs(ui->ui_dport) != KDP_REMOTE_PORT) {
986 if (panicd_port == (ntohs(ui->ui_dport)) &&
987 flag_panic_dump_in_progress) {
988 last_panic_port = ui->ui_sport;
989 } else {
990 return;
991 }
992 }
993 /* If we receive a kernel debugging packet whilst a
994 * core dump is in progress, abort the transfer and
995 * enter the debugger if not told otherwise.
996 */
997 else if (flag_panic_dump_in_progress) {
998 if (!flag_dont_abort_panic_dump) {
999 abort_panic_transfer();
1000 }
1001 return;
1002 }
1003
1004 if (!kdp.is_conn && !flag_panic_dump_in_progress) {
1005 enaddr_copy(eh->ether_dhost, &adr.loc.ea);
1006 adr.loc.in = ui->ui_dst;
1007
1008 enaddr_copy(eh->ether_shost, &adr.rmt.ea);
1009 adr.rmt.in = ui->ui_src;
1010 }
1011
1012 /*
1013 * Calculate kdp packet length.
1014 */
1015 pkt.len = ntohs((u_short)ui->ui_ulen) - (unsigned int)sizeof(struct kdp_udphdr);
1016 pkt.input = TRUE;
1017 }
1018
1019
1020 /* Create and transmit an ARP resolution request for the target IP address.
1021 * This is modeled on ether_inet_arp()/RFC 826.
1022 */
1023
1024 static void
1025 transmit_ARP_request(uint32_t ip_addr)
1026 {
1027 struct kdp_ether_header *eh = (struct kdp_ether_header *) &pkt.data[0];
1028 struct kdp_ether_arp *ea = (struct kdp_ether_arp *) &pkt.data[sizeof(struct kdp_ether_header)];
1029
1030 KDP_DEBUG("Transmitting ARP request\n");
1031 /* Populate the ether_header */
1032 eh->ether_type = htons(ETHERTYPE_ARP);
1033 enaddr_copy(&kdp_current_mac_address, eh->ether_shost);
1034 enaddr_copy(&etherbroadcastaddr, eh->ether_dhost);
1035
1036 /* Populate the ARP header */
1037 ea->arp_pro = htons(ETHERTYPE_IP);
1038 ea->arp_hln = sizeof(ea->arp_sha);
1039 ea->arp_pln = sizeof(ea->arp_spa);
1040 ea->arp_hrd = htons(ARPHRD_ETHER);
1041 ea->arp_op = htons(ARPOP_REQUEST);
1042
1043 /* Target fields */
1044 enaddr_copy(&etherbroadcastaddr, ea->arp_tha);
1045 memcpy(ea->arp_tpa, (void *) &ip_addr, sizeof(ip_addr));
1046
1047 /* Source fields */
1048 enaddr_copy(&kdp_current_mac_address, ea->arp_sha);
1049 memcpy(ea->arp_spa, (void *) &kdp_current_ip_address, sizeof(kdp_current_ip_address));
1050
1051 pkt.off = 0;
1052 pkt.len = sizeof(struct kdp_ether_header) + sizeof(struct kdp_ether_arp);
1053 /* Transmit */
1054 kdp_send_data(&pkt.data[pkt.off], pkt.len);
1055 }
1056
1057 static boolean_t
1058 kdp_arp_resolve(uint32_t arp_target_ip, struct kdp_ether_addr *resolved_MAC)
1059 {
1060 int poll_count = 256; /* ~770 ms modulo broadcast/delayed traffic? */
1061 char tretries = 0;
1062
1063 #define NUM_ARP_TX_RETRIES 5
1064
1065 target_ip = arp_target_ip;
1066 flag_arp_resolved = FALSE;
1067
1068 TRANSMIT_RETRY:
1069 pkt.off = pkt.len = 0;
1070
1071 tretries++;
1072
1073 if (tretries >= NUM_ARP_TX_RETRIES) {
1074 return FALSE;
1075 }
1076
1077 KDP_DEBUG("ARP TX attempt #%d \n", tretries);
1078
1079 transmit_ARP_request(arp_target_ip);
1080
1081 while (!pkt.input && !flag_arp_resolved && flag_panic_dump_in_progress && --poll_count) {
1082 kdp_poll();
1083 }
1084
1085 if (flag_arp_resolved) {
1086 *resolved_MAC = current_resolved_MAC;
1087 return TRUE;
1088 }
1089
1090 if (!flag_panic_dump_in_progress || pkt.input) { /* we received a debugging packet, bail*/
1091 printf("Received a debugger packet,transferring control to debugger\n");
1092 /* Indicate that we should wait in the debugger when we return */
1093 kdp_flag |= DBG_POST_CORE;
1094 pkt.input = FALSE;
1095 return FALSE;
1096 } else { /* We timed out */
1097 if (0 == poll_count) {
1098 poll_count = 256;
1099 goto TRANSMIT_RETRY;
1100 }
1101 }
1102 return FALSE;
1103 }
1104
1105 static void
1106 kdp_handler(
1107 void *saved_state
1108 )
1109 {
1110 unsigned short reply_port;
1111 kdp_hdr_t aligned_hdr, *hdr = &aligned_hdr;
1112
1113 kdp.saved_state = saved_state; // see comment in kdp_raise_exception
1114
1115 do {
1116 while (!pkt.input) {
1117 kdp_poll();
1118 }
1119
1120 #if DO_ALIGN
1121 bcopy((char *)&pkt.data[pkt.off], (char *)hdr, sizeof(*hdr));
1122 #else
1123 hdr = (kdp_hdr_t *)&pkt.data[pkt.off];
1124 #endif
1125
1126 // ignore replies -- we're not expecting them anyway.
1127 if (hdr->is_reply) {
1128 goto again;
1129 }
1130
1131 if (hdr->request == KDP_REATTACH) {
1132 exception_seq = hdr->seq;
1133 }
1134
1135 // check for retransmitted request
1136 if (hdr->seq == (exception_seq - 1)) {
1137 /* retransmit last reply */
1138 kdp_send_data(&saved_reply.data[saved_reply.off],
1139 saved_reply.len);
1140 goto again;
1141 } else if ((hdr->seq != exception_seq) &&
1142 (hdr->request != KDP_CONNECT)) {
1143 printf("kdp: bad sequence %d (want %d)\n",
1144 hdr->seq, exception_seq);
1145 goto again;
1146 }
1147
1148 /* This is a manual side-channel to the main KDP protocol.
1149 * A client like GDB/kgmacros can manually construct
1150 * a request, set the input flag, issue a dummy KDP request,
1151 * and then manually collect the result
1152 */
1153 if (manual_pkt.input) {
1154 kdp_hdr_t *manual_hdr = (kdp_hdr_t *)&manual_pkt.data;
1155 unsigned short manual_port_unused = 0;
1156 if (!manual_hdr->is_reply) {
1157 /* process */
1158 int packet_length = manual_pkt.len;
1159 kdp_packet((unsigned char *)&manual_pkt.data,
1160 &packet_length,
1161 &manual_port_unused);
1162 manual_pkt.len = packet_length;
1163 }
1164 manual_pkt.input = 0;
1165 }
1166
1167 if (kdp_packet((unsigned char*)&pkt.data[pkt.off],
1168 (int *)&pkt.len,
1169 (unsigned short *)&reply_port)) {
1170 boolean_t sideband = FALSE;
1171
1172 /* if it's an already connected error message,
1173 * send a sideband reply for that. for successful connects,
1174 * make sure the sequence number is correct. */
1175 if (hdr->request == KDP_CONNECT) {
1176 kdp_connect_reply_t *rp =
1177 (kdp_connect_reply_t *) &pkt.data[pkt.off];
1178 kdp_error_t err = rp->error;
1179
1180 if (err == KDPERR_NO_ERROR) {
1181 exception_seq = hdr->seq;
1182 } else if (err == KDPERR_ALREADY_CONNECTED) {
1183 sideband = TRUE;
1184 }
1185 }
1186
1187 kdp_reply(reply_port, sideband);
1188 }
1189
1190 again:
1191 pkt.input = FALSE;
1192 } while (kdp.is_halted);
1193 }
1194
1195 static void
1196 kdp_connection_wait(void)
1197 {
1198 unsigned short reply_port;
1199 struct kdp_ether_addr kdp_mac_addr = kdp_get_mac_addr();
1200 unsigned int ip_addr = ntohl(kdp_get_ip_address());
1201
1202 /*
1203 * Do both a printf() and a kprintf() of the MAC and IP so that
1204 * they will print out on headless machines but not be added to
1205 * the panic.log
1206 */
1207
1208 if (KDP_SERIAL_ENABLED()) {
1209 printf("Using serial KDP.\n");
1210 kprintf("Using serial KDP.\n");
1211 } else {
1212 printf("ethernet MAC address: %02x:%02x:%02x:%02x:%02x:%02x\n",
1213 kdp_mac_addr.ether_addr_octet[0] & 0xff,
1214 kdp_mac_addr.ether_addr_octet[1] & 0xff,
1215 kdp_mac_addr.ether_addr_octet[2] & 0xff,
1216 kdp_mac_addr.ether_addr_octet[3] & 0xff,
1217 kdp_mac_addr.ether_addr_octet[4] & 0xff,
1218 kdp_mac_addr.ether_addr_octet[5] & 0xff);
1219
1220 kprintf("ethernet MAC address: %02x:%02x:%02x:%02x:%02x:%02x\n",
1221 kdp_mac_addr.ether_addr_octet[0] & 0xff,
1222 kdp_mac_addr.ether_addr_octet[1] & 0xff,
1223 kdp_mac_addr.ether_addr_octet[2] & 0xff,
1224 kdp_mac_addr.ether_addr_octet[3] & 0xff,
1225 kdp_mac_addr.ether_addr_octet[4] & 0xff,
1226 kdp_mac_addr.ether_addr_octet[5] & 0xff);
1227
1228 printf("ip address: %d.%d.%d.%d\n",
1229 (ip_addr & 0xff000000) >> 24,
1230 (ip_addr & 0xff0000) >> 16,
1231 (ip_addr & 0xff00) >> 8,
1232 (ip_addr & 0xff));
1233
1234 kprintf("ip address: %d.%d.%d.%d\n",
1235 (ip_addr & 0xff000000) >> 24,
1236 (ip_addr & 0xff0000) >> 16,
1237 (ip_addr & 0xff00) >> 8,
1238 (ip_addr & 0xff));
1239 }
1240
1241 printf("\nWaiting for remote debugger connection.\n");
1242 kprintf("\nWaiting for remote debugger connection.\n");
1243
1244 #ifdef ARM
1245 printf("\nPlease go to https://panic.apple.com to report this panic\n");
1246 #endif
1247
1248 if (reattach_wait == 0) {
1249 if ((kdp_flag & KDP_GETC_ENA) && (0 != kdp_getc())) {
1250 printf("Options..... Type\n");
1251 printf("------------ ----\n");
1252 printf("continue.... 'c'\n");
1253 printf("reboot...... 'r'\n");
1254 }
1255 } else {
1256 reattach_wait = 0;
1257 }
1258
1259 exception_seq = 0;
1260
1261 do {
1262 kdp_hdr_t aligned_hdr, *hdr = &aligned_hdr;
1263
1264 while (!pkt.input) {
1265 if (kdp_flag & KDP_GETC_ENA) {
1266 switch (kdp_getc()) {
1267 case 'c':
1268 printf("Continuing...\n");
1269 return;
1270 case 'r':
1271 printf("Rebooting...\n");
1272 kdp_machine_reboot();
1273 break;
1274 default:
1275 break;
1276 }
1277 }
1278 kdp_poll();
1279 }
1280
1281 #if DO_ALIGN
1282 bcopy((char *)&pkt.data[pkt.off], (char *)hdr, sizeof(*hdr));
1283 #else
1284 hdr = (kdp_hdr_t *)&pkt.data[pkt.off];
1285 #endif
1286 if (hdr->request == KDP_HOSTREBOOT) {
1287 kdp_machine_reboot();
1288 /* should not return! */
1289 }
1290 if (((hdr->request == KDP_CONNECT) || (hdr->request == KDP_REATTACH)) &&
1291 !hdr->is_reply && (hdr->seq == exception_seq)) {
1292 if (kdp_packet((unsigned char *)&pkt.data[pkt.off],
1293 (int *)&pkt.len,
1294 (unsigned short *)&reply_port)) {
1295 kdp_reply(reply_port, FALSE);
1296 }
1297 if (hdr->request == KDP_REATTACH) {
1298 reattach_wait = 0;
1299 hdr->request = KDP_DISCONNECT;
1300 exception_seq = 0;
1301 }
1302 }
1303
1304 pkt.input = FALSE;
1305 } while (!kdp.is_conn);
1306
1307 if (current_debugger == KDP_CUR_DB) {
1308 active_debugger = 1;
1309 }
1310 printf("Connected to remote debugger.\n");
1311 kprintf("Connected to remote debugger.\n");
1312 }
1313
1314 static void
1315 kdp_send_exception(
1316 unsigned int exception,
1317 unsigned int code,
1318 unsigned int subcode
1319 )
1320 {
1321 unsigned short remote_port;
1322 unsigned int timeout_count = 100;
1323 unsigned int poll_timeout;
1324
1325 do {
1326 pkt.off = sizeof(struct kdp_ether_header) + sizeof(struct kdp_udpiphdr);
1327 kdp_exception((unsigned char *)&pkt.data[pkt.off],
1328 (int *)&pkt.len,
1329 (unsigned short *)&remote_port,
1330 (unsigned int)exception,
1331 (unsigned int)code,
1332 (unsigned int)subcode);
1333
1334 kdp_send(remote_port);
1335
1336 poll_timeout = 50;
1337 while (!pkt.input && poll_timeout) {
1338 kdp_poll();
1339 poll_timeout--;
1340 }
1341
1342 if (pkt.input) {
1343 if (!kdp_exception_ack(&pkt.data[pkt.off], pkt.len)) {
1344 pkt.input = FALSE;
1345 }
1346 }
1347
1348 pkt.input = FALSE;
1349
1350 if (kdp.exception_ack_needed) {
1351 kdp_us_spin(250000);
1352 }
1353 } while (kdp.exception_ack_needed && timeout_count--);
1354
1355 if (kdp.exception_ack_needed) {
1356 // give up & disconnect
1357 printf("kdp: exception ack timeout\n");
1358 if (current_debugger == KDP_CUR_DB) {
1359 active_debugger = 0;
1360 }
1361 kdp_reset();
1362 }
1363 }
1364
1365 static void
1366 kdp_debugger_loop(
1367 unsigned int exception,
1368 unsigned int code,
1369 unsigned int subcode,
1370 void *saved_state)
1371 {
1372 int index;
1373
1374 if (saved_state == 0) {
1375 printf("kdp_raise_exception with NULL state\n");
1376 }
1377
1378 index = exception;
1379 if (exception != EXC_BREAKPOINT) {
1380 if (exception > EXC_BREAKPOINT || exception < EXC_BAD_ACCESS) {
1381 index = 0;
1382 }
1383 printf("%s exception (%x,%x,%x)\n",
1384 exception_message[index],
1385 exception, code, subcode);
1386 }
1387
1388 kdp_sync_cache();
1389
1390 /* XXX WMG it seems that sometimes it doesn't work to let kdp_handler
1391 * do this. I think the client and the host can get out of sync.
1392 */
1393 kdp.saved_state = saved_state;
1394 kdp.kdp_cpu = cpu_number();
1395 kdp.kdp_thread = current_thread();
1396
1397 if (kdp_en_setmode) {
1398 (*kdp_en_setmode)(TRUE); /* enabling link mode */
1399 }
1400 if (pkt.input) {
1401 kdp_panic("kdp_raise_exception");
1402 }
1403
1404 if (((kdp_flag & KDP_PANIC_DUMP_ENABLED)
1405 || (kdp_flag & PANIC_LOG_DUMP))
1406 && panic_active()) {
1407 kdp_panic_dump();
1408 if (kdp_flag & REBOOT_POST_CORE && dumped_kernel_core()) {
1409 kdp_machine_reboot();
1410 }
1411 } else {
1412 if ((kdp_flag & PANIC_CORE_ON_NMI) && !panic_active()
1413 && !kdp.is_conn) {
1414 disableConsoleOutput = FALSE;
1415 kdp_panic_dump();
1416 if (kdp_flag & REBOOT_POST_CORE && dumped_kernel_core()) {
1417 kdp_machine_reboot();
1418 }
1419
1420 if (!(kdp_flag & DBG_POST_CORE)) {
1421 goto exit_debugger_loop;
1422 }
1423 }
1424 }
1425
1426 again:
1427 if (!kdp.is_conn) {
1428 kdp_connection_wait();
1429 } else {
1430 kdp_send_exception(exception, code, subcode);
1431 if (kdp.exception_ack_needed) {
1432 kdp.exception_ack_needed = FALSE;
1433 kdp_remove_all_breakpoints();
1434 printf("Remote debugger disconnected.\n");
1435 }
1436 }
1437
1438 if (kdp.is_conn) {
1439 kdp.is_halted = TRUE; /* XXX */
1440 kdp_handler(saved_state);
1441 if (!kdp.is_conn) {
1442 kdp_remove_all_breakpoints();
1443 printf("Remote debugger disconnected.\n");
1444 }
1445 }
1446 /* Allow triggering a panic core dump when connected to the machine
1447 * Continuing after setting kdp_trigger_core_dump should do the
1448 * trick.
1449 */
1450
1451 if (1 == kdp_trigger_core_dump) {
1452 kdp_flag |= KDP_PANIC_DUMP_ENABLED;
1453 kdp_panic_dump();
1454 if (kdp_flag & REBOOT_POST_CORE && dumped_kernel_core()) {
1455 kdp_machine_reboot();
1456 }
1457 kdp_trigger_core_dump = 0;
1458 }
1459
1460 /* Trigger a reboot if the user has set this flag through the
1461 * debugger.Ideally, this would be done through the HOSTREBOOT packet
1462 * in the protocol,but that will need gdb support,and when it's
1463 * available, it should work automatically.
1464 */
1465 if (1 == flag_kdp_trigger_reboot) {
1466 kdp_machine_reboot();
1467 /* If we're still around, reset the flag */
1468 flag_kdp_trigger_reboot = 0;
1469 }
1470
1471 if (kdp_reentry_deadline) {
1472 kdp_schedule_debugger_reentry(kdp_reentry_deadline);
1473 printf("Debugger re-entry scheduled in %d milliseconds\n", kdp_reentry_deadline);
1474 kdp_reentry_deadline = 0;
1475 }
1476
1477 kdp_sync_cache();
1478
1479 if (reattach_wait == 1) {
1480 goto again;
1481 }
1482
1483 exit_debugger_loop:
1484 if (kdp_en_setmode) {
1485 (*kdp_en_setmode)(FALSE); /* link cleanup */
1486 }
1487 }
1488
1489 void
1490 kdp_reset(void)
1491 {
1492 kdp.reply_port = kdp.exception_port = 0;
1493 kdp.is_halted = kdp.is_conn = FALSE;
1494 kdp.exception_seq = kdp.conn_seq = 0;
1495 kdp.session_key = 0;
1496 pkt.input = manual_pkt.input = FALSE;
1497 pkt.len = pkt.off = manual_pkt.len = 0;
1498 }
1499
1500 struct corehdr *
1501 create_panic_header(unsigned int request, const char *corename,
1502 unsigned length, unsigned int block)
1503 {
1504 struct kdp_udpiphdr aligned_ui, *ui = &aligned_ui;
1505 struct kdp_ip aligned_ip, *ip = &aligned_ip;
1506 struct kdp_ether_header *eh;
1507 struct corehdr *coreh;
1508 const char *mode = "octet";
1509 char modelen = strlen(mode) + 1;
1510
1511 size_t fmask_size = sizeof(KDP_FEATURE_MASK_STRING) + sizeof(kdp_crashdump_feature_mask);
1512
1513 pkt.off = sizeof(struct kdp_ether_header);
1514 pkt.len = (unsigned int)(length + ((request == KDP_WRQ) ? modelen + fmask_size : 0) +
1515 (corename ? (strlen(corename) + 1): 0) + sizeof(struct corehdr));
1516
1517 #if DO_ALIGN
1518 bcopy((char *)&pkt.data[pkt.off], (char *)ui, sizeof(*ui));
1519 #else
1520 ui = (struct kdp_udpiphdr *)&pkt.data[pkt.off];
1521 #endif
1522 ui->ui_next = ui->ui_prev = 0;
1523 ui->ui_x1 = 0;
1524 ui->ui_pr = IPPROTO_UDP;
1525 ui->ui_len = htons((u_short)pkt.len + sizeof(struct kdp_udphdr));
1526 ui->ui_src.s_addr = (uint32_t)kdp_current_ip_address;
1527 /* Already in network byte order via inet_aton() */
1528 ui->ui_dst.s_addr = panic_server_ip;
1529 ui->ui_sport = htons(panicd_port);
1530 ui->ui_dport = ((request == KDP_WRQ) ? htons(panicd_port) : last_panic_port);
1531 ui->ui_ulen = ui->ui_len;
1532 ui->ui_sum = 0;
1533 #if DO_ALIGN
1534 bcopy((char *)ui, (char *)&pkt.data[pkt.off], sizeof(*ui));
1535 bcopy((char *)&pkt.data[pkt.off], (char *)ip, sizeof(*ip));
1536 #else
1537 ip = (struct kdp_ip *)&pkt.data[pkt.off];
1538 #endif
1539 ip->ip_len = htons(sizeof(struct kdp_udpiphdr) + pkt.len);
1540 ip->ip_v = IPVERSION;
1541 ip->ip_id = htons(ip_id++);
1542 ip->ip_hl = sizeof(struct kdp_ip) >> 2;
1543 ip->ip_ttl = udp_ttl;
1544 ip->ip_sum = 0;
1545 ip->ip_sum = htons(~ip_sum((unsigned char *)ip, ip->ip_hl));
1546 #if DO_ALIGN
1547 bcopy((char *)ip, (char *)&pkt.data[pkt.off], sizeof(*ip));
1548 #endif
1549
1550 pkt.len += (unsigned int)sizeof(struct kdp_udpiphdr);
1551
1552 pkt.off += (unsigned int)sizeof(struct kdp_udpiphdr);
1553
1554 coreh = (struct corehdr *) &pkt.data[pkt.off];
1555 coreh->th_opcode = htons((u_short)request);
1556
1557 if (request == KDP_WRQ) {
1558 char *cp;
1559 size_t length_remaining = (sizeof(pkt.data) - pkt.off), bytes_filled = 0;
1560
1561 cp = coreh->th_u.tu_rpl;
1562 bytes_filled = strlcpy(cp, corename, length_remaining);
1563 cp += bytes_filled;
1564 *cp++ = '\0';
1565 /* account for the extra NULL character that has been added historically */
1566 length_remaining -= (bytes_filled + 1);
1567
1568 bytes_filled = strlcpy(cp, mode, length_remaining);
1569 cp += bytes_filled;
1570 *cp++ = '\0';
1571 /* account for the extra NULL character that has been added historically */
1572 length_remaining -= (bytes_filled + 1);
1573
1574 bytes_filled = strlcpy(cp, KDP_FEATURE_MASK_STRING, length_remaining);
1575 cp += bytes_filled;
1576 *cp++ = '\0';
1577 /* account for the extra NULL character that has been added historically */
1578 length_remaining -= (bytes_filled + 1);
1579
1580 bcopy(&kdp_crashdump_feature_mask, cp, sizeof(kdp_crashdump_feature_mask));
1581 kdp_crashdump_pkt_size = KDP_LARGE_CRASHDUMP_PKT_SIZE;
1582 cp += sizeof(kdp_crashdump_feature_mask);
1583 length_remaining -= sizeof(kdp_crashdump_feature_mask);
1584
1585 PE_parse_boot_argn("kdp_crashdump_pkt_size", &kdp_crashdump_pkt_size, sizeof(kdp_crashdump_pkt_size));
1586 *(uint32_t *)cp = htonl(kdp_crashdump_pkt_size);
1587 } else {
1588 coreh->th_block = htonl((unsigned int) block);
1589 }
1590
1591 pkt.off -= (unsigned int)sizeof(struct kdp_udpiphdr);
1592 pkt.off -= (unsigned int)sizeof(struct kdp_ether_header);
1593
1594 eh = (struct kdp_ether_header *)&pkt.data[pkt.off];
1595 enaddr_copy(&kdp_current_mac_address, eh->ether_shost);
1596 enaddr_copy(&destination_mac, eh->ether_dhost);
1597 eh->ether_type = htons(ETHERTYPE_IP);
1598
1599 pkt.len += (unsigned int)sizeof(struct kdp_ether_header);
1600 return coreh;
1601 }
1602
1603 static int
1604 kdp_send_crashdump_seek(char *corename, uint64_t seek_off)
1605 {
1606 int panic_error;
1607
1608 if (kdp_feature_large_crashdumps) {
1609 panic_error = kdp_send_crashdump_pkt(KDP_SEEK, corename,
1610 sizeof(seek_off),
1611 &seek_off);
1612 } else {
1613 uint32_t off = (uint32_t) seek_off;
1614 panic_error = kdp_send_crashdump_pkt(KDP_SEEK, corename,
1615 sizeof(off), &off);
1616 }
1617
1618 if (panic_error < 0) {
1619 printf("kdp_send_crashdump_pkt failed with error %d\n",
1620 panic_error);
1621 return panic_error;
1622 }
1623
1624 return KERN_SUCCESS;
1625 }
1626
1627 int
1628 kdp_send_crashdump_data(unsigned int request, char *corename,
1629 uint64_t length, void * txstart)
1630 {
1631 int panic_error = 0;
1632
1633 while ((length > 0) || !txstart) {
1634 uint64_t chunk = MIN(kdp_crashdump_pkt_size, length);
1635
1636 panic_error = kdp_send_crashdump_pkt(request, corename, chunk,
1637 txstart);
1638 if (panic_error < 0) {
1639 printf("kdp_send_crashdump_pkt failed with error %d\n", panic_error);
1640 return panic_error;
1641 }
1642 if (!txstart) {
1643 break;
1644 }
1645 txstart = (void *)(((uintptr_t) txstart) + chunk);
1646 length -= chunk;
1647 }
1648 return KERN_SUCCESS;
1649 }
1650
1651 uint32_t kdp_crashdump_short_pkt;
1652
1653 int
1654 kdp_send_crashdump_pkt(unsigned int request, char *corename,
1655 uint64_t length, void *panic_data)
1656 {
1657 int poll_count;
1658 struct corehdr *th = NULL;
1659 char rretries, tretries;
1660
1661 if (kdp_dump_start_time == 0) {
1662 kdp_dump_start_time = mach_absolute_time();
1663 kdp_superblock_dump_start_time = kdp_dump_start_time;
1664 }
1665
1666 tretries = rretries = 0;
1667 poll_count = KDP_CRASHDUMP_POLL_COUNT;
1668 pkt.off = pkt.len = 0;
1669 if (request == KDP_WRQ) { /* longer timeout for initial request */
1670 poll_count += 1000;
1671 }
1672
1673 TRANSMIT_RETRY:
1674 tretries++;
1675
1676 if (tretries >= 15) {
1677 /* The crashdump server is unreachable for some reason. This could be a network
1678 * issue or, if we've been especially unfortunate, we've hit Radar 2760413,
1679 * which is a long standing problem with the IOKit polled mode network driver
1680 * shim which can prevent transmits/receives completely.
1681 */
1682 printf("Cannot contact panic server, timing out.\n");
1683 return -3;
1684 }
1685
1686 if (tretries > 2) {
1687 printf("TX retry #%d ", tretries );
1688 }
1689
1690 th = create_panic_header(request, corename, (unsigned)length, panic_block);
1691
1692 if (request == KDP_DATA) {
1693 /* as all packets are kdp_crashdump_pkt_size in length, the last packet
1694 * may end up with trailing bits. make sure that those
1695 * bits aren't confusing. */
1696 if (length < kdp_crashdump_pkt_size) {
1697 kdp_crashdump_short_pkt++;
1698 memset(th->th_data + length, 'Y',
1699 kdp_crashdump_pkt_size - (uint32_t) length);
1700 }
1701
1702 if (!kdp_machine_vm_read((mach_vm_address_t)(uintptr_t)panic_data, (caddr_t) th->th_data, length)) {
1703 uintptr_t next_page = round_page((uintptr_t)panic_data);
1704 memset((caddr_t) th->th_data, 'X', (size_t)length);
1705 if ((next_page - ((uintptr_t) panic_data)) < length) {
1706 uint64_t resid = length - (next_page - (intptr_t) panic_data);
1707 if (!kdp_machine_vm_read((mach_vm_address_t)(uintptr_t)next_page, (caddr_t) th->th_data + (length - resid), resid)) {
1708 memset((caddr_t) th->th_data + (length - resid), 'X', (size_t)resid);
1709 }
1710 }
1711 }
1712 } else if (request == KDP_SEEK) {
1713 if (kdp_feature_large_crashdumps) {
1714 *(uint64_t *) th->th_data = OSSwapHostToBigInt64((*(uint64_t *) panic_data));
1715 } else {
1716 *(unsigned int *) th->th_data = htonl(*(unsigned int *) panic_data);
1717 }
1718 }
1719
1720 kdp_send_data(&pkt.data[pkt.off], pkt.len);
1721
1722 /* Listen for the ACK */
1723 RECEIVE_RETRY:
1724 while (!pkt.input && flag_panic_dump_in_progress && poll_count) {
1725 kdp_poll();
1726 poll_count--;
1727 }
1728
1729 if (pkt.input) {
1730 pkt.input = FALSE;
1731
1732 th = (struct corehdr *) &pkt.data[pkt.off];
1733 if (request == KDP_WRQ) {
1734 uint16_t opcode64 = ntohs(th->th_opcode);
1735 uint16_t features64 = (opcode64 & 0xFF00) >> 8;
1736 if ((opcode64 & 0xFF) == KDP_ACK) {
1737 kdp_feature_large_crashdumps = features64 & KDP_FEATURE_LARGE_CRASHDUMPS;
1738 if (features64 & KDP_FEATURE_LARGE_PKT_SIZE) {
1739 kdp_feature_large_pkt_size = 1;
1740 } else {
1741 kdp_feature_large_pkt_size = 0;
1742 kdp_crashdump_pkt_size = 512;
1743 }
1744 printf("Protocol features: 0x%x\n", (uint32_t) features64);
1745 th->th_opcode = htons(KDP_ACK);
1746 }
1747 }
1748 if (ntohs(th->th_opcode) == KDP_ACK && ntohl(th->th_block) == panic_block) {
1749 } else {
1750 if (ntohs(th->th_opcode) == KDP_ERROR) {
1751 printf("Panic server returned error %d, retrying\n", ntohl(th->th_code));
1752 poll_count = 1000;
1753 goto TRANSMIT_RETRY;
1754 } else if (ntohl(th->th_block) == (panic_block - 1)) {
1755 printf("RX retry ");
1756 if (++rretries > 1) {
1757 goto TRANSMIT_RETRY;
1758 } else {
1759 goto RECEIVE_RETRY;
1760 }
1761 }
1762 }
1763 } else if (!flag_panic_dump_in_progress) { /* we received a debugging packet, bail*/
1764 printf("Received a debugger packet,transferring control to debugger\n");
1765 /* Configure that if not set ..*/
1766 kdp_flag |= DBG_POST_CORE;
1767 return -2;
1768 } else { /* We timed out */
1769 if (0 == poll_count) {
1770 poll_count = 1000;
1771 kdp_us_spin((tretries % 4) * panic_timeout); /* capped linear backoff */
1772 goto TRANSMIT_RETRY;
1773 }
1774 }
1775
1776 if (!(++panic_block % SBLOCKSZ)) {
1777 uint64_t ctime;
1778 kdb_printf_unbuffered(".");
1779 ctime = mach_absolute_time();
1780 kdp_superblock_dump_time = ctime - kdp_superblock_dump_start_time;
1781 kdp_superblock_dump_start_time = ctime;
1782 if (kdp_superblock_dump_time > kdp_max_superblock_dump_time) {
1783 kdp_max_superblock_dump_time = kdp_superblock_dump_time;
1784 }
1785 if (kdp_superblock_dump_time < kdp_min_superblock_dump_time) {
1786 kdp_min_superblock_dump_time = kdp_superblock_dump_time;
1787 }
1788 }
1789
1790 if (request == KDP_EOF) {
1791 printf("\nTotal number of packets transmitted: %d\n", panic_block);
1792 printf("Avg. superblock transfer abstime 0x%llx\n", ((mach_absolute_time() - kdp_dump_start_time) / panic_block) * SBLOCKSZ);
1793 printf("Minimum superblock transfer abstime: 0x%llx\n", kdp_min_superblock_dump_time);
1794 printf("Maximum superblock transfer abstime: 0x%llx\n", kdp_max_superblock_dump_time);
1795 }
1796 return KERN_SUCCESS;
1797 }
1798
1799 static int
1800 isdigit(char c)
1801 {
1802 return (c > 47) && (c < 58);
1803 }
1804
1805 /* Horrid hack to extract xnu version if possible - a much cleaner approach
1806 * would be to have the integrator run a script which would copy the
1807 * xnu version into a string or an int somewhere at project submission
1808 * time - makes assumptions about sizeof(version), but will not fail if
1809 * it changes, but may be incorrect.
1810 */
1811 /* 2006: Incorporated a change from Darwin user P. Lovell to extract
1812 * the minor kernel version numbers from the version string.
1813 */
1814 static int
1815 kdp_get_xnu_version(char *versionbuf)
1816 {
1817 char *versionpos;
1818 char vstr[20];
1819 int retval = -1;
1820 char *vptr;
1821 size_t length_remaining = (sizeof(pkt.data) - pkt.off);
1822
1823 strlcpy(vstr, "custom", 10);
1824 if (kdp_machine_vm_read((mach_vm_address_t)(uintptr_t)version, versionbuf, 128)) {
1825 versionbuf[127] = '\0';
1826 versionpos = strnstr(versionbuf, "xnu-", 115);
1827 if (versionpos) {
1828 strncpy(vstr, versionpos, sizeof(vstr));
1829 vstr[sizeof(vstr) - 1] = '\0';
1830 vptr = vstr + 4; /* Begin after "xnu-" */
1831 while (*vptr && (isdigit(*vptr) || *vptr == '.')) {
1832 vptr++;
1833 }
1834 *vptr = '\0';
1835 /* Remove trailing period, if any */
1836 if (*(--vptr) == '.') {
1837 *vptr = '\0';
1838 }
1839 retval = 0;
1840 }
1841 }
1842 strlcpy(versionbuf, vstr, length_remaining);
1843 return retval;
1844 }
1845
1846 void
1847 kdp_set_dump_info(const uint32_t flags, const char *filename,
1848 const char *destipstr, const char *routeripstr,
1849 const uint32_t port)
1850 {
1851 uint32_t cmd;
1852
1853 if (destipstr && (destipstr[0] != '\0')) {
1854 strlcpy(panicd_ip_str, destipstr, sizeof(panicd_ip_str));
1855 panicd_specified = 1;
1856 }
1857
1858 if (routeripstr && (routeripstr[0] != '\0')) {
1859 strlcpy(router_ip_str, routeripstr, sizeof(router_ip_str));
1860 router_specified = 1;
1861 }
1862
1863 if (filename && (filename[0] != '\0')) {
1864 strlcpy(corename_str, filename, sizeof(corename_str));
1865 corename_specified = TRUE;
1866 } else {
1867 corename_specified = FALSE;
1868 }
1869
1870 if (port) {
1871 panicd_port = port;
1872 }
1873
1874 /* on a disconnect, should we stay in KDP or not? */
1875 noresume_on_disconnect = (flags & KDP_DUMPINFO_NORESUME) ? 1 : 0;
1876
1877 if ((flags & KDP_DUMPINFO_DUMP) == 0) {
1878 return;
1879 }
1880
1881 /* the rest of the commands can modify kdp_flags */
1882 cmd = flags & KDP_DUMPINFO_MASK;
1883 if (cmd == KDP_DUMPINFO_DISABLE) {
1884 kdp_flag &= ~KDP_PANIC_DUMP_ENABLED;
1885 panicd_specified = 0;
1886 kdp_trigger_core_dump = 0;
1887 return;
1888 }
1889
1890 kdp_flag &= ~REBOOT_POST_CORE;
1891 if (flags & KDP_DUMPINFO_REBOOT) {
1892 kdp_flag |= REBOOT_POST_CORE;
1893 }
1894
1895 kdp_flag &= ~PANIC_LOG_DUMP;
1896 if (cmd == KDP_DUMPINFO_PANICLOG) {
1897 kdp_flag |= PANIC_LOG_DUMP;
1898 }
1899
1900 kdp_flag &= ~SYSTEM_LOG_DUMP;
1901 if (cmd == KDP_DUMPINFO_SYSTEMLOG) {
1902 kdp_flag |= SYSTEM_LOG_DUMP;
1903 }
1904
1905 /* trigger a dump */
1906 kdp_flag |= DBG_POST_CORE;
1907
1908 flag_dont_abort_panic_dump = (flags & KDP_DUMPINFO_NOINTR) ?
1909 TRUE : FALSE;
1910
1911 reattach_wait = 1;
1912 disableConsoleOutput = 0;
1913 kdp_trigger_core_dump = 1;
1914 }
1915
1916 void
1917 kdp_get_dump_info(kdp_dumpinfo_reply_t *rp)
1918 {
1919 if (panicd_specified) {
1920 strlcpy(rp->destip, panicd_ip_str,
1921 sizeof(rp->destip));
1922 } else {
1923 rp->destip[0] = '\0';
1924 }
1925
1926 if (router_specified) {
1927 strlcpy(rp->routerip, router_ip_str,
1928 sizeof(rp->routerip));
1929 } else {
1930 rp->routerip[0] = '\0';
1931 }
1932
1933 if (corename_specified) {
1934 strlcpy(rp->name, corename_str,
1935 sizeof(rp->name));
1936 } else {
1937 rp->name[0] = '\0';
1938 }
1939
1940 rp->port = panicd_port;
1941
1942 rp->type = 0;
1943 if (!panicd_specified) {
1944 rp->type |= KDP_DUMPINFO_DISABLE;
1945 } else if (kdp_flag & PANIC_LOG_DUMP) {
1946 rp->type |= KDP_DUMPINFO_PANICLOG;
1947 } else {
1948 rp->type |= KDP_DUMPINFO_CORE;
1949 }
1950
1951 if (noresume_on_disconnect) {
1952 rp->type |= KDP_DUMPINFO_NORESUME;
1953 }
1954 }
1955
1956
1957 /* Primary dispatch routine for the system dump */
1958 void
1959 kdp_panic_dump(void)
1960 {
1961 char coreprefix[10];
1962 char coresuffix[4];
1963 int panic_error;
1964
1965 uint64_t abstime;
1966 uint32_t current_ip = ntohl((uint32_t)kdp_current_ip_address);
1967
1968 if (flag_panic_dump_in_progress) {
1969 kdb_printf("System dump aborted.\n");
1970 goto panic_dump_exit;
1971 }
1972
1973 printf("Entering system dump routine\n");
1974
1975 if (!kdp_en_recv_pkt || !kdp_en_send_pkt) {
1976 kdb_printf("Error: No transport device registered for kernel crashdump\n");
1977 return;
1978 }
1979
1980 if (!panicd_specified) {
1981 kdb_printf("A dump server was not specified in the boot-args, terminating kernel core dump.\n");
1982 goto panic_dump_exit;
1983 }
1984
1985 flag_panic_dump_in_progress = TRUE;
1986
1987 if (pkt.input) {
1988 kdp_panic("kdp_panic_dump: unexpected pending input packet");
1989 }
1990
1991 kdp_get_xnu_version((char *) &pkt.data[0]);
1992
1993 if (!corename_specified) {
1994 coresuffix[0] = 0;
1995 /* Panic log bit takes precedence over core dump bit */
1996 if ((debugger_panic_str != (char *) 0) && (kdp_flag & PANIC_LOG_DUMP)) {
1997 strlcpy(coreprefix, "paniclog", sizeof(coreprefix));
1998 } else if (kdp_flag & SYSTEM_LOG_DUMP) {
1999 strlcpy(coreprefix, "systemlog", sizeof(coreprefix));
2000 } else {
2001 strlcpy(coreprefix, "core", sizeof(coreprefix));
2002 if (!kdp_corezip_disabled) {
2003 strlcpy(coresuffix, ".gz", sizeof(coresuffix));
2004 }
2005 }
2006
2007 abstime = mach_absolute_time();
2008 pkt.data[20] = '\0';
2009 snprintf(corename_str,
2010 sizeof(corename_str),
2011 "%s-%s-%d.%d.%d.%d-%x%s",
2012 coreprefix, &pkt.data[0],
2013 (current_ip & 0xff000000) >> 24,
2014 (current_ip & 0xff0000) >> 16,
2015 (current_ip & 0xff00) >> 8,
2016 (current_ip & 0xff),
2017 (unsigned int) (abstime & 0xffffffff),
2018 coresuffix);
2019 }
2020
2021 if (0 == inet_aton(panicd_ip_str, (struct kdp_in_addr *) &panic_server_ip)) {
2022 kdb_printf("inet_aton() failed interpreting %s as a panic server IP\n", panicd_ip_str);
2023 } else {
2024 kdb_printf("Attempting connection to panic server configured at IP %s, port %d\n", panicd_ip_str, panicd_port);
2025 }
2026
2027 destination_mac = router_mac;
2028
2029 if (kdp_arp_resolve(panic_server_ip, &temp_mac)) {
2030 kdb_printf("Resolved %s's (or proxy's) link level address\n", panicd_ip_str);
2031 destination_mac = temp_mac;
2032 } else {
2033 if (!flag_panic_dump_in_progress) {
2034 goto panic_dump_exit;
2035 }
2036 if (router_specified) {
2037 if (0 == inet_aton(router_ip_str, (struct kdp_in_addr *) &parsed_router_ip)) {
2038 kdb_printf("inet_aton() failed interpreting %s as an IP\n", router_ip_str);
2039 } else {
2040 router_ip = parsed_router_ip;
2041 if (kdp_arp_resolve(router_ip, &temp_mac)) {
2042 destination_mac = temp_mac;
2043 kdb_printf("Routing through specified router IP %s (%d)\n", router_ip_str, router_ip);
2044 }
2045 }
2046 }
2047 }
2048
2049 if (!flag_panic_dump_in_progress) {
2050 goto panic_dump_exit;
2051 }
2052
2053 kdb_printf("Transmitting packets to link level address: %02x:%02x:%02x:%02x:%02x:%02x\n",
2054 destination_mac.ether_addr_octet[0] & 0xff,
2055 destination_mac.ether_addr_octet[1] & 0xff,
2056 destination_mac.ether_addr_octet[2] & 0xff,
2057 destination_mac.ether_addr_octet[3] & 0xff,
2058 destination_mac.ether_addr_octet[4] & 0xff,
2059 destination_mac.ether_addr_octet[5] & 0xff);
2060
2061 kdb_printf("Kernel map size is %llu\n", (unsigned long long) get_vmmap_size(kernel_map));
2062 kdb_printf("Sending write request for %s\n", corename_str);
2063
2064 if ((panic_error = kdp_send_crashdump_pkt(KDP_WRQ, corename_str, 0, NULL)) < 0) {
2065 kdb_printf("kdp_send_crashdump_pkt failed with error %d\n", panic_error);
2066 goto panic_dump_exit;
2067 }
2068
2069 /* Just the panic log requested */
2070 if ((debugger_panic_str != (char *) 0) && (kdp_flag & PANIC_LOG_DUMP)) {
2071 kdb_printf_unbuffered("Transmitting panic log, please wait: ");
2072 kdp_send_crashdump_data(KDP_DATA, corename_str,
2073 debug_buf_ptr - debug_buf_base,
2074 debug_buf_base);
2075 kdp_send_crashdump_pkt(KDP_EOF, NULL, 0, ((void *) 0));
2076 printf("Please file a bug report on this panic, if possible.\n");
2077 goto panic_dump_exit;
2078 }
2079
2080 /* maybe we wanted the systemlog */
2081 if (kdp_flag & SYSTEM_LOG_DUMP) {
2082 long start_off = msgbufp->msg_bufx;
2083 long len;
2084
2085 kdb_printf_unbuffered("Transmitting system log, please wait: ");
2086 if (start_off >= msgbufp->msg_bufr) {
2087 len = msgbufp->msg_size - start_off;
2088 kdp_send_crashdump_data(KDP_DATA, corename_str, len,
2089 msgbufp->msg_bufc + start_off);
2090 /* seek to remove trailing bytes */
2091 kdp_send_crashdump_seek(corename_str, len);
2092 start_off = 0;
2093 }
2094
2095 if (start_off != msgbufp->msg_bufr) {
2096 len = msgbufp->msg_bufr - start_off;
2097 kdp_send_crashdump_data(KDP_DATA, corename_str, len,
2098 msgbufp->msg_bufc + start_off);
2099 }
2100
2101 kdp_send_crashdump_pkt(KDP_EOF, NULL, 0, ((void *) 0));
2102 goto panic_dump_exit;
2103 }
2104
2105 /* We want a core dump if we're here */
2106 kern_dump(KERN_DUMP_NET);
2107
2108 panic_dump_exit:
2109 abort_panic_transfer();
2110 kdp_reset();
2111 return;
2112 }
2113
2114 void
2115 begin_panic_transfer(void)
2116 {
2117 flag_panic_dump_in_progress = TRUE;
2118 }
2119
2120 void
2121 abort_panic_transfer(void)
2122 {
2123 flag_panic_dump_in_progress = FALSE;
2124 flag_dont_abort_panic_dump = FALSE;
2125 panic_block = 0;
2126 }
2127
2128 #if CONFIG_SERIAL_KDP
2129
2130 static boolean_t needs_serial_init = TRUE;
2131
2132 static void
2133 kdp_serial_send(void *rpkt, unsigned int rpkt_len)
2134 {
2135 // printf("tx\n");
2136 kdp_serialize_packet((unsigned char *)rpkt, rpkt_len, pal_serial_putc_nocr);
2137 }
2138
2139 static void
2140 kdp_serial_receive(void *rpkt, unsigned int *rpkt_len, unsigned int timeout)
2141 {
2142 int readkar;
2143 uint64_t now, deadline;
2144
2145 clock_interval_to_deadline(timeout, 1000 * 1000 /* milliseconds */, &deadline);
2146
2147 // printf("rx\n");
2148 for (clock_get_uptime(&now); now < deadline; clock_get_uptime(&now)) {
2149 readkar = pal_serial_getc();
2150 if (readkar >= 0) {
2151 unsigned char *packet;
2152 // printf("got char %02x\n", readkar);
2153 if ((packet = kdp_unserialize_packet(readkar, rpkt_len))) {
2154 memcpy(rpkt, packet, *rpkt_len);
2155 return;
2156 }
2157 }
2158 }
2159 *rpkt_len = 0;
2160 }
2161
2162 static boolean_t
2163 kdp_serial_setmode(boolean_t active)
2164 {
2165 if (active == FALSE) { /* leaving KDP */
2166 return TRUE;
2167 }
2168
2169 if (!needs_serial_init) {
2170 return TRUE;
2171 }
2172
2173 pal_serial_init();
2174 needs_serial_init = FALSE;
2175 return TRUE;
2176 }
2177
2178
2179 static void
2180 kdp_serial_callout(__unused void *arg, kdp_event_t event)
2181 {
2182 /*
2183 * When we stop KDP, set the bit to re-initialize the console serial
2184 * port the next time we send/receive a KDP packet. We don't do it on
2185 * KDP_EVENT_ENTER directly because it also gets called when we trap to
2186 * KDP for non-external debugging, i.e., stackshot or core dumps.
2187 *
2188 * Set needs_serial_init on exit (and initialization, see above) and not
2189 * enter because enter is sent multiple times and causes excess
2190 * reinitialization.
2191 */
2192
2193 switch (event) {
2194 case KDP_EVENT_PANICLOG:
2195 case KDP_EVENT_ENTER:
2196 break;
2197 case KDP_EVENT_EXIT:
2198 needs_serial_init = TRUE;
2199 break;
2200 }
2201 }
2202
2203 #endif /* CONFIG_SERIAL_KDP */
2204
2205 void
2206 kdp_init(void)
2207 {
2208 strlcpy(kdp_kernelversion_string, version, sizeof(kdp_kernelversion_string));
2209
2210 /* Relies on platform layer calling panic_init() before kdp_init() */
2211 if (kernel_uuid_string[0] != '\0') {
2212 /*
2213 * Update kdp_kernelversion_string with our UUID
2214 * generated at link time.
2215 */
2216
2217 strlcat(kdp_kernelversion_string, "; UUID=", sizeof(kdp_kernelversion_string));
2218 strlcat(kdp_kernelversion_string, kernel_uuid_string, sizeof(kdp_kernelversion_string));
2219 }
2220
2221 debug_log_init();
2222
2223 #if defined(__x86_64__) || defined(__arm__) || defined(__arm64__)
2224 if (vm_kernel_slide) {
2225 char KASLR_stext[19];
2226 strlcat(kdp_kernelversion_string, "; stext=", sizeof(kdp_kernelversion_string));
2227 snprintf(KASLR_stext, sizeof(KASLR_stext), "%p", (void *) vm_kernel_stext);
2228 strlcat(kdp_kernelversion_string, KASLR_stext, sizeof(kdp_kernelversion_string));
2229 }
2230 #endif
2231
2232 if (debug_boot_arg & DB_REBOOT_POST_CORE) {
2233 kdp_flag |= REBOOT_POST_CORE;
2234 }
2235 #if defined(__x86_64__)
2236 kdp_machine_init();
2237 #endif
2238
2239 kdp_timer_callout_init();
2240 kdp_crashdump_feature_mask = htonl(kdp_crashdump_feature_mask);
2241 kdp_core_init();
2242
2243 #if CONFIG_SERIAL_KDP
2244 char kdpname[80];
2245 struct kdp_in_addr ipaddr;
2246 struct kdp_ether_addr macaddr;
2247
2248 boolean_t kdp_match_name_found = PE_parse_boot_argn("kdp_match_name", kdpname, sizeof(kdpname));
2249 boolean_t kdp_not_serial = kdp_match_name_found ? (strncmp(kdpname, "serial", sizeof(kdpname))) : TRUE;
2250
2251 #if CONFIG_EMBEDDED
2252 //respect any custom debugger boot-args
2253 if (kdp_match_name_found && kdp_not_serial) {
2254 return;
2255 }
2256 #else /* CONFIG_EMBEDDED */
2257 // serial must be explicitly requested
2258 if (!kdp_match_name_found || kdp_not_serial) {
2259 return;
2260 }
2261 #endif /* CONFIG_EMBEDDED */
2262
2263 #if CONFIG_EMBEDDED
2264 if (kdp_not_serial && PE_consistent_debug_enabled() && debug_boot_arg) {
2265 return;
2266 } else {
2267 printf("Serial requested, consistent debug disabled or debug boot arg not present, configuring debugging over serial\n");
2268 }
2269 #endif /* CONFIG_EMBEDDED */
2270
2271 kprintf("Initializing serial KDP\n");
2272
2273 kdp_register_callout(kdp_serial_callout, NULL);
2274 kdp_register_link(NULL, kdp_serial_setmode);
2275 kdp_register_send_receive(kdp_serial_send, kdp_serial_receive);
2276
2277 /* fake up an ip and mac for early serial debugging */
2278 macaddr.ether_addr_octet[0] = 's';
2279 macaddr.ether_addr_octet[1] = 'e';
2280 macaddr.ether_addr_octet[2] = 'r';
2281 macaddr.ether_addr_octet[3] = 'i';
2282 macaddr.ether_addr_octet[4] = 'a';
2283 macaddr.ether_addr_octet[5] = 'l';
2284 ipaddr.s_addr = KDP_SERIAL_IPADDR;
2285 kdp_set_ip_and_mac_addresses(&ipaddr, &macaddr);
2286
2287 #endif /* CONFIG_SERIAL_KDP */
2288 }
2289
2290 #else /* CONFIG_KDP_INTERACTIVE_DEBUGGING */
2291 void
2292 kdp_init(void)
2293 {
2294 }
2295 #endif /* CONFIG_KDP_INTERACTIVE_DEBUGGING */
2296
2297 #if !(MACH_KDP && CONFIG_KDP_INTERACTIVE_DEBUGGING)
2298 static struct kdp_ether_addr kdp_current_mac_address = {.ether_addr_octet = {0, 0, 0, 0, 0, 0}};
2299
2300 /* XXX ugly forward declares to stop warnings */
2301 void *kdp_get_interface(void);
2302 void kdp_set_ip_and_mac_addresses(struct kdp_in_addr *, struct kdp_ether_addr *);
2303 void kdp_set_gateway_mac(void *);
2304 void kdp_set_interface(void *);
2305 void kdp_register_send_receive(void *, void *);
2306 void kdp_unregister_send_receive(void *, void *);
2307
2308 uint32_t kdp_stack_snapshot_bytes_traced(void);
2309
2310 void
2311 kdp_register_send_receive(__unused void *send, __unused void *receive)
2312 {
2313 }
2314
2315 void
2316 kdp_unregister_send_receive(__unused void *send, __unused void *receive)
2317 {
2318 }
2319
2320 void *
2321 kdp_get_interface( void)
2322 {
2323 return (void *)0;
2324 }
2325
2326 unsigned int
2327 kdp_get_ip_address(void )
2328 {
2329 return 0;
2330 }
2331
2332 struct kdp_ether_addr
2333 kdp_get_mac_addr(void)
2334 {
2335 return kdp_current_mac_address;
2336 }
2337
2338 void
2339 kdp_set_ip_and_mac_addresses(
2340 __unused struct kdp_in_addr *ipaddr,
2341 __unused struct kdp_ether_addr *macaddr)
2342 {
2343 }
2344
2345 void
2346 kdp_set_gateway_mac(__unused void *gatewaymac)
2347 {
2348 }
2349
2350 void
2351 kdp_set_interface(__unused void *ifp)
2352 {
2353 }
2354
2355 void
2356 kdp_register_link(__unused kdp_link_t link, __unused kdp_mode_t mode)
2357 {
2358 }
2359
2360 void
2361 kdp_unregister_link(__unused kdp_link_t link, __unused kdp_mode_t mode)
2362 {
2363 }
2364
2365 #endif /* !(MACH_KDP && CONFIG_KDP_INTERACTIVE_DEBUGGING) */
2366
2367 #if !CONFIG_KDP_INTERACTIVE_DEBUGGING
2368 extern __attribute__((noreturn)) void panic_spin_forever(void);
2369
2370 __attribute__((noreturn))
2371 void
2372 kdp_raise_exception(
2373 __unused unsigned int exception,
2374 __unused unsigned int code,
2375 __unused unsigned int subcode,
2376 __unused void *saved_state
2377 )
2378 #else
2379 void
2380 kdp_raise_exception(
2381 unsigned int exception,
2382 unsigned int code,
2383 unsigned int subcode,
2384 void *saved_state
2385 )
2386 #endif
2387 {
2388 #if CONFIG_EMBEDDED
2389 assert(PE_i_can_has_debugger(NULL));
2390 #endif
2391
2392 #if CONFIG_KDP_INTERACTIVE_DEBUGGING
2393
2394 kdp_debugger_loop(exception, code, subcode, saved_state);
2395 #else /* CONFIG_KDP_INTERACTIVE_DEBUGGING */
2396 assert(current_debugger != KDP_CUR_DB);
2397
2398 panic_spin_forever();
2399 #endif /* CONFIG_KDP_INTERACTIVE_DEBUGGING */
2400 }
mirror of XNU