]> git.saurik.com Git - apple/xnu.git/blob - osfmk/kdp/kdp_udp.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-3789.31.2.tar.gz
[apple/xnu.git] / osfmk / kdp / kdp_udp.c
1 /*
2 * Copyright (c) 2000-2016 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29 /*
30 * Copyright (c) 1982, 1986, 1993
31 * The Regents of the University of California. All rights reserved.
32 */
33
34 /*
35 * Kernel Debugging Protocol UDP implementation.
36 */
37
38 #include <mach/boolean.h>
39 #include <mach/mach_types.h>
40 #include <mach/exception_types.h>
41 #include <kern/cpu_data.h>
42 #include <kern/debug.h>
43 #include <kern/clock.h>
44
45 #include <kdp/kdp_core.h>
46 #include <kdp/kdp_internal.h>
47 #include <kdp/kdp_en_debugger.h>
48 #include <kdp/kdp_callout.h>
49 #include <kdp/kdp_udp.h>
50 #include <kdp/kdp_core.h>
51 #if CONFIG_SERIAL_KDP
52 #include <kdp/kdp_serial.h>
53 #endif
54
55 #include <vm/vm_map.h>
56 #include <vm/vm_protos.h>
57 #include <vm/vm_kern.h> /* kernel_map */
58
59 #include <mach/memory_object_types.h>
60 #include <machine/pal_routines.h>
61
62 #include <sys/msgbuf.h>
63
64 /* we just want the link status flags, so undef KERNEL_PRIVATE for this
65 * header file. */
66 #undef KERNEL_PRIVATE
67 #include <net/if_media.h>
68 #define KERNEL_PRIVATE
69
70 #include <string.h>
71
72 #include <IOKit/IOPlatformExpert.h>
73 #include <libkern/version.h>
74
75 #include <sys/pgo.h>
76
77 extern unsigned int not_in_kdp;
78 extern int kdp_snapshot;
79 extern void do_stackshot(void);
80
81 #ifdef CONFIG_KDP_INTERACTIVE_DEBUGGING
82
83 extern int inet_aton(const char *, struct kdp_in_addr *); /* in libkern */
84 extern char *inet_ntoa_r(struct kdp_in_addr ina, char *buf,
85 size_t buflen); /* in libkern */
86
87 #define DO_ALIGN 1 /* align all packet data accesses */
88 #define KDP_SERIAL_IPADDR 0xABADBABE /* IP address used for serial KDP */
89 #define LINK_UP_STATUS (IFM_AVALID | IFM_ACTIVE)
90
91 extern int kdp_getc(void);
92 extern int reattach_wait;
93
94 static u_short ip_id; /* ip packet ctr, for ids */
95
96 /* @(#)udp_usrreq.c 2.2 88/05/23 4.0NFSSRC SMI; from UCB 7.1 6/5/86 */
97
98 /*
99 * UDP protocol implementation.
100 * Per RFC 768, August, 1980.
101 */
102 #define UDP_TTL 60 /* deflt time to live for UDP packets */
103 static int udp_ttl = UDP_TTL;
104 static unsigned char exception_seq;
105
106 struct kdp_ipovly {
107 uint32_t ih_next, ih_prev; /* for protocol sequence q's */
108 u_char ih_x1; /* (unused) */
109 u_char ih_pr; /* protocol */
110 short ih_len; /* protocol length */
111 struct kdp_in_addr ih_src; /* source internet address */
112 struct kdp_in_addr ih_dst; /* destination internet address */
113 };
114
115 struct kdp_udphdr {
116 u_short uh_sport; /* source port */
117 u_short uh_dport; /* destination port */
118 short uh_ulen; /* udp length */
119 u_short uh_sum; /* udp checksum */
120 };
121
122 struct kdp_udpiphdr {
123 struct kdp_ipovly ui_i; /* overlaid ip structure */
124 struct kdp_udphdr ui_u; /* udp header */
125 };
126 #define ui_next ui_i.ih_next
127 #define ui_prev ui_i.ih_prev
128 #define ui_x1 ui_i.ih_x1
129 #define ui_pr ui_i.ih_pr
130 #define ui_len ui_i.ih_len
131 #define ui_src ui_i.ih_src
132 #define ui_dst ui_i.ih_dst
133 #define ui_sport ui_u.uh_sport
134 #define ui_dport ui_u.uh_dport
135 #define ui_ulen ui_u.uh_ulen
136 #define ui_sum ui_u.uh_sum
137
138 struct kdp_ip {
139 union {
140 uint32_t ip_w;
141 struct {
142 unsigned int
143 #ifdef __LITTLE_ENDIAN__
144 ip_xhl:4, /* header length */
145 ip_xv:4, /* version */
146 ip_xtos:8, /* type of service */
147 ip_xlen:16; /* total length */
148 #endif
149 #ifdef __BIG_ENDIAN__
150 ip_xv:4, /* version */
151 ip_xhl:4, /* header length */
152 ip_xtos:8, /* type of service */
153 ip_xlen:16; /* total length */
154 #endif
155 } ip_x;
156 } ip_vhltl;
157 u_short ip_id; /* identification */
158 short ip_off; /* fragment offset field */
159 #define IP_DF 0x4000 /* dont fragment flag */
160 #define IP_MF 0x2000 /* more fragments flag */
161 #define IP_OFFMASK 0x1fff /* mask for fragmenting bits */
162 u_char ip_ttl; /* time to live */
163 u_char ip_p; /* protocol */
164 u_short ip_sum; /* checksum */
165 struct kdp_in_addr ip_src,ip_dst; /* source and dest address */
166 };
167 #define ip_v ip_vhltl.ip_x.ip_xv
168 #define ip_hl ip_vhltl.ip_x.ip_xhl
169 #define ip_tos ip_vhltl.ip_x.ip_xtos
170 #define ip_len ip_vhltl.ip_x.ip_xlen
171
172 #define IPPROTO_UDP 17
173 #define IPVERSION 4
174
175 #define ETHERTYPE_IP 0x0800 /* IP protocol */
176
177 /*
178 * Ethernet Address Resolution Protocol.
179 *
180 * See RFC 826 for protocol description. Structure below is adapted
181 * to resolving internet addresses. Field names used correspond to
182 * RFC 826.
183 */
184
185 #define ETHERTYPE_ARP 0x0806 /* Addr. resolution protocol */
186
187 struct kdp_arphdr {
188 u_short ar_hrd; /* format of hardware address */
189 #define ARPHRD_ETHER 1 /* ethernet hardware format */
190 #define ARPHRD_FRELAY 15 /* frame relay hardware format */
191 u_short ar_pro; /* format of protocol address */
192 u_char ar_hln; /* length of hardware address */
193 u_char ar_pln; /* length of protocol address */
194 u_short ar_op; /* one of: */
195 #define ARPOP_REQUEST 1 /* request to resolve address */
196 #define ARPOP_REPLY 2 /* response to previous request */
197 #define ARPOP_REVREQUEST 3 /* request protocol address given hardware */
198 #define ARPOP_REVREPLY 4 /* response giving protocol address */
199 #define ARPOP_INVREQUEST 8 /* request to identify peer */
200 #define ARPOP_INVREPLY 9 /* response identifying peer */
201 };
202
203 struct kdp_ether_arp {
204 struct kdp_arphdr ea_hdr; /* fixed-size header */
205 u_char arp_sha[ETHER_ADDR_LEN]; /* sender hardware address */
206 u_char arp_spa[4]; /* sender protocol address */
207 u_char arp_tha[ETHER_ADDR_LEN]; /* target hardware address */
208 u_char arp_tpa[4]; /* target protocol address */
209 };
210 #define arp_hrd ea_hdr.ar_hrd
211 #define arp_pro ea_hdr.ar_pro
212 #define arp_hln ea_hdr.ar_hln
213 #define arp_pln ea_hdr.ar_pln
214 #define arp_op ea_hdr.ar_op
215
216 #define ETHERMTU 1500
217 #define ETHERHDRSIZE 14
218 #define ETHERCRC 4
219 #define KDP_MAXPACKET (ETHERHDRSIZE + ETHERMTU + ETHERCRC)
220
221 static struct {
222 unsigned char data[KDP_MAXPACKET];
223 unsigned int off, len;
224 boolean_t input;
225 } pkt, saved_reply;
226
227 struct kdp_manual_pkt manual_pkt;
228
229 struct {
230 struct {
231 struct kdp_in_addr in;
232 struct kdp_ether_addr ea;
233 } loc;
234 struct {
235 struct kdp_in_addr in;
236 struct kdp_ether_addr ea;
237 } rmt;
238 } adr;
239
240 static const char
241 *exception_message[] = {
242 "Unknown",
243 "Memory access", /* EXC_BAD_ACCESS */
244 "Failed instruction", /* EXC_BAD_INSTRUCTION */
245 "Arithmetic", /* EXC_ARITHMETIC */
246 "Emulation", /* EXC_EMULATION */
247 "Software", /* EXC_SOFTWARE */
248 "Breakpoint" /* EXC_BREAKPOINT */
249 };
250
251 volatile int kdp_flag = 0;
252 boolean_t kdp_corezip_disabled = 0;
253
254 kdp_send_t kdp_en_send_pkt;
255 static kdp_receive_t kdp_en_recv_pkt;
256 static kdp_link_t kdp_en_linkstatus;
257 static kdp_mode_t kdp_en_setmode;
258
259 #if CONFIG_SERIAL_KDP
260 static void kdp_serial_send(void *rpkt, unsigned int rpkt_len);
261 #define KDP_SERIAL_ENABLED() (kdp_en_send_pkt == kdp_serial_send)
262 #else
263 #define KDP_SERIAL_ENABLED() (0)
264 #endif
265
266 static uint32_t kdp_current_ip_address = 0;
267 static struct kdp_ether_addr kdp_current_mac_address = {{0, 0, 0, 0, 0, 0}};
268 static void *kdp_current_ifp;
269
270 static void kdp_handler( void *);
271
272 static uint32_t panic_server_ip = 0;
273 static uint32_t parsed_router_ip = 0;
274 static uint32_t router_ip = 0;
275 static uint32_t target_ip = 0;
276
277 static boolean_t save_ip_in_nvram = FALSE;
278
279 static volatile boolean_t panicd_specified = FALSE;
280 static boolean_t router_specified = FALSE;
281 static boolean_t corename_specified = FALSE;
282 static unsigned int panicd_port = CORE_REMOTE_PORT;
283
284 static struct kdp_ether_addr etherbroadcastaddr = {{0xff, 0xff, 0xff, 0xff, 0xff, 0xff}};
285
286 static struct kdp_ether_addr router_mac = {{0, 0, 0 , 0, 0, 0}};
287 static struct kdp_ether_addr destination_mac = {{0, 0, 0 , 0, 0, 0}};
288 static struct kdp_ether_addr temp_mac = {{0, 0, 0 , 0, 0, 0}};
289 static struct kdp_ether_addr current_resolved_MAC = {{0, 0, 0 , 0, 0, 0}};
290
291 static boolean_t flag_panic_dump_in_progress = FALSE;
292 static boolean_t flag_router_mac_initialized = FALSE;
293 static boolean_t flag_dont_abort_panic_dump = FALSE;
294
295 static boolean_t flag_arp_resolved = FALSE;
296
297 static unsigned int panic_timeout = 100000;
298 static unsigned int last_panic_port = CORE_REMOTE_PORT;
299
300 #define KDP_THROTTLE_VALUE (10ULL * NSEC_PER_SEC)
301
302 uint32_t kdp_crashdump_pkt_size = 512;
303 #define KDP_LARGE_CRASHDUMP_PKT_SIZE (1440 - 6 - sizeof(struct kdp_udpiphdr))
304 static char panicd_ip_str[20];
305 static char router_ip_str[20];
306 static char corename_str[100];
307
308 static unsigned int panic_block = 0;
309 volatile unsigned int kdp_trigger_core_dump = 0;
310 __private_extern__ volatile unsigned int flag_kdp_trigger_reboot = 0;
311
312
313 extern unsigned int disableConsoleOutput;
314
315 extern void kdp_call(void);
316 extern boolean_t kdp_call_kdb(void);
317
318 void * kdp_get_interface(void);
319 void kdp_set_gateway_mac(void *gatewaymac);
320 void kdp_set_ip_and_mac_addresses(struct kdp_in_addr *ipaddr, struct kdp_ether_addr *);
321 void kdp_set_interface(void *interface, const struct kdp_ether_addr *macaddr);
322
323 void kdp_disable_arp(void);
324 static void kdp_arp_reply(struct kdp_ether_arp *);
325 static void kdp_process_arp_reply(struct kdp_ether_arp *);
326 static boolean_t kdp_arp_resolve(uint32_t, struct kdp_ether_addr *);
327
328 static volatile unsigned kdp_reentry_deadline;
329
330 static uint32_t kdp_crashdump_feature_mask = KDP_FEATURE_LARGE_CRASHDUMPS | KDP_FEATURE_LARGE_PKT_SIZE;
331 uint32_t kdp_feature_large_crashdumps, kdp_feature_large_pkt_size;
332
333 char kdp_kernelversion_string[256];
334
335 static boolean_t gKDPDebug = FALSE;
336
337 #if WITH_CONSISTENT_DBG
338 #include <arm/caches_internal.h>
339 extern volatile struct xnu_hw_shmem_dbg_command_info *hwsd_info;
340 #endif
341
342 #define KDP_DEBUG(...) if (gKDPDebug) printf(__VA_ARGS__);
343
344 #define SBLOCKSZ (2048)
345 uint64_t kdp_dump_start_time = 0;
346 uint64_t kdp_min_superblock_dump_time = ~1ULL;
347 uint64_t kdp_max_superblock_dump_time = 0;
348 uint64_t kdp_superblock_dump_time = 0;
349 uint64_t kdp_superblock_dump_start_time = 0;
350 static thread_call_t
351 kdp_timer_call;
352
353 static void
354 kdp_ml_enter_debugger_wrapper(__unused void *param0, __unused void *param1) {
355 kdp_ml_enter_debugger();
356 }
357
358 static void
359 kdp_timer_callout_init(void) {
360 kdp_timer_call = thread_call_allocate(kdp_ml_enter_debugger_wrapper, NULL);
361 }
362
363
364 /* only send/receive data if the link is up */
365 inline static void
366 wait_for_link(void)
367 {
368 static int first = 0;
369
370 if (!kdp_en_linkstatus)
371 return;
372
373 while (((*kdp_en_linkstatus)() & LINK_UP_STATUS) != LINK_UP_STATUS) {
374 if (first)
375 continue;
376
377 first = 1;
378 printf("Waiting for link to become available.\n");
379 kprintf("Waiting for link to become available.\n");
380 }
381 }
382
383
384 inline static void
385 kdp_send_data(void *packet, unsigned int len)
386 {
387 wait_for_link();
388 (*kdp_en_send_pkt)(packet, len);
389 }
390
391
392 inline static void
393 kdp_receive_data(void *packet, unsigned int *len, unsigned int timeout)
394 {
395 wait_for_link();
396 (*kdp_en_recv_pkt)(packet, len, timeout);
397 }
398
399
400 void
401 kdp_register_link(kdp_link_t link, kdp_mode_t mode)
402 {
403 kdp_en_linkstatus = link;
404 kdp_en_setmode = mode;
405 }
406
407 void
408 kdp_unregister_link(__unused kdp_link_t link, __unused kdp_mode_t mode)
409 {
410 kdp_en_linkstatus = NULL;
411 kdp_en_setmode = NULL;
412 }
413
414 void
415 kdp_register_send_receive(
416 kdp_send_t send,
417 kdp_receive_t receive)
418 {
419 unsigned int debug = 0;
420
421 PE_parse_boot_argn("debug", &debug, sizeof (debug));
422
423
424 if (!debug)
425 return;
426
427 kdp_en_send_pkt = send;
428 kdp_en_recv_pkt = receive;
429
430 if (debug & DB_KDP_BP_DIS)
431 kdp_flag |= KDP_BP_DIS;
432 if (debug & DB_KDP_GETC_ENA)
433 kdp_flag |= KDP_GETC_ENA;
434 if (debug & DB_ARP)
435 kdp_flag |= KDP_ARP;
436
437 if (debug & DB_KERN_DUMP_ON_PANIC)
438 kdp_flag |= KDP_PANIC_DUMP_ENABLED;
439 if (debug & DB_KERN_DUMP_ON_NMI)
440 kdp_flag |= PANIC_CORE_ON_NMI;
441
442 if (debug & DB_DBG_POST_CORE)
443 kdp_flag |= DBG_POST_CORE;
444
445 if (debug & DB_PANICLOG_DUMP)
446 kdp_flag |= PANIC_LOG_DUMP;
447
448 kdp_corezip_disabled = (0 != (debug & DB_DISABLE_GZIP_CORE));
449
450 if (PE_parse_boot_argn("_panicd_ip", panicd_ip_str, sizeof (panicd_ip_str)))
451 panicd_specified = TRUE;
452
453 if ((debug & DB_REBOOT_POST_CORE) && (panicd_specified == TRUE))
454 kdp_flag |= REBOOT_POST_CORE;
455
456 if (PE_parse_boot_argn("_router_ip", router_ip_str, sizeof (router_ip_str)))
457 router_specified = TRUE;
458
459 if (!PE_parse_boot_argn("panicd_port", &panicd_port, sizeof (panicd_port)))
460 panicd_port = CORE_REMOTE_PORT;
461
462 if (PE_parse_boot_argn("_panicd_corename", &corename_str, sizeof (corename_str)))
463 corename_specified = TRUE;
464
465 kdp_flag |= KDP_READY;
466
467 current_debugger = KDP_CUR_DB;
468 if ((kdp_current_ip_address != 0) && halt_in_debugger) {
469 kdp_call();
470 halt_in_debugger=0;
471 }
472 }
473
474 void
475 kdp_unregister_send_receive(
476 __unused kdp_send_t send,
477 __unused kdp_receive_t receive)
478 {
479 if (current_debugger == KDP_CUR_DB)
480 current_debugger = NO_CUR_DB;
481 kdp_flag &= ~KDP_READY;
482 kdp_en_send_pkt = NULL;
483 kdp_en_recv_pkt = NULL;
484 }
485
486 static void
487 kdp_schedule_debugger_reentry(unsigned interval) {
488 uint64_t deadline;;
489
490 clock_interval_to_deadline(interval, 1000 * 1000, &deadline);
491 thread_call_enter_delayed(kdp_timer_call, deadline);
492 }
493
494 static void
495 enaddr_copy(
496 void *src,
497 void *dst
498 )
499 {
500 bcopy((char *)src, (char *)dst, sizeof (struct kdp_ether_addr));
501 }
502
503 static unsigned short
504 ip_sum(
505 unsigned char *c,
506 unsigned int hlen
507 )
508 {
509 unsigned int high, low, sum;
510
511 high = low = 0;
512 while (hlen-- > 0) {
513 low += c[1] + c[3];
514 high += c[0] + c[2];
515
516 c += sizeof (int);
517 }
518
519 sum = (high << 8) + low;
520 sum = (sum >> 16) + (sum & 65535);
521
522 return (sum > 65535 ? sum - 65535 : sum);
523 }
524
525 static void
526 kdp_reply(
527 unsigned short reply_port,
528 const boolean_t sideband
529 )
530 {
531 struct kdp_udpiphdr aligned_ui, *ui = &aligned_ui;
532 struct kdp_ip aligned_ip, *ip = &aligned_ip;
533 struct kdp_in_addr tmp_ipaddr;
534 struct kdp_ether_addr tmp_enaddr;
535 struct kdp_ether_header *eh = NULL;
536
537 if (!pkt.input)
538 kdp_panic("kdp_reply");
539
540 pkt.off -= (unsigned int)sizeof (struct kdp_udpiphdr);
541
542 #if DO_ALIGN
543 bcopy((char *)&pkt.data[pkt.off], (char *)ui, sizeof(*ui));
544 #else
545 ui = (struct kdp_udpiphdr *)&pkt.data[pkt.off];
546 #endif
547 ui->ui_next = ui->ui_prev = 0;
548 ui->ui_x1 = 0;
549 ui->ui_pr = IPPROTO_UDP;
550 ui->ui_len = htons((u_short)pkt.len + sizeof (struct kdp_udphdr));
551 tmp_ipaddr = ui->ui_src;
552 ui->ui_src = ui->ui_dst;
553 ui->ui_dst = tmp_ipaddr;
554 ui->ui_sport = htons(KDP_REMOTE_PORT);
555 ui->ui_dport = reply_port;
556 ui->ui_ulen = ui->ui_len;
557 ui->ui_sum = 0;
558 #if DO_ALIGN
559 bcopy((char *)ui, (char *)&pkt.data[pkt.off], sizeof(*ui));
560 bcopy((char *)&pkt.data[pkt.off], (char *)ip, sizeof(*ip));
561 #else
562 ip = (struct kdp_ip *)&pkt.data[pkt.off];
563 #endif
564 ip->ip_len = htons(sizeof (struct kdp_udpiphdr) + pkt.len);
565 ip->ip_v = IPVERSION;
566 ip->ip_id = htons(ip_id++);
567 ip->ip_hl = sizeof (struct kdp_ip) >> 2;
568 ip->ip_ttl = udp_ttl;
569 ip->ip_sum = 0;
570 ip->ip_sum = htons(~ip_sum((unsigned char *)ip, ip->ip_hl));
571 #if DO_ALIGN
572 bcopy((char *)ip, (char *)&pkt.data[pkt.off], sizeof(*ip));
573 #endif
574
575 pkt.len += (unsigned int)sizeof (struct kdp_udpiphdr);
576
577 pkt.off -= (unsigned int)sizeof (struct kdp_ether_header);
578
579 eh = (struct kdp_ether_header *)&pkt.data[pkt.off];
580 enaddr_copy(eh->ether_shost, &tmp_enaddr);
581 enaddr_copy(eh->ether_dhost, eh->ether_shost);
582 enaddr_copy(&tmp_enaddr, eh->ether_dhost);
583 eh->ether_type = htons(ETHERTYPE_IP);
584
585 pkt.len += (unsigned int)sizeof (struct kdp_ether_header);
586
587 // save reply for possible retransmission
588 assert(pkt.len <= KDP_MAXPACKET);
589 if (!sideband)
590 bcopy((char *)&pkt, (char *)&saved_reply, sizeof(saved_reply));
591
592 kdp_send_data(&pkt.data[pkt.off], pkt.len);
593
594 // increment expected sequence number
595 if (!sideband)
596 exception_seq++;
597 }
598
599 static void
600 kdp_send(
601 unsigned short remote_port
602 )
603 {
604 struct kdp_udpiphdr aligned_ui, *ui = &aligned_ui;
605 struct kdp_ip aligned_ip, *ip = &aligned_ip;
606 struct kdp_ether_header *eh;
607
608 if (pkt.input)
609 kdp_panic("kdp_send");
610
611 pkt.off -= (unsigned int)sizeof (struct kdp_udpiphdr);
612
613 #if DO_ALIGN
614 bcopy((char *)&pkt.data[pkt.off], (char *)ui, sizeof(*ui));
615 #else
616 ui = (struct kdp_udpiphdr *)&pkt.data[pkt.off];
617 #endif
618 ui->ui_next = ui->ui_prev = 0;
619 ui->ui_x1 = 0;
620 ui->ui_pr = IPPROTO_UDP;
621 ui->ui_len = htons((u_short)pkt.len + sizeof (struct kdp_udphdr));
622 ui->ui_src = adr.loc.in;
623 ui->ui_dst = adr.rmt.in;
624 ui->ui_sport = htons(KDP_REMOTE_PORT);
625 ui->ui_dport = remote_port;
626 ui->ui_ulen = ui->ui_len;
627 ui->ui_sum = 0;
628 #if DO_ALIGN
629 bcopy((char *)ui, (char *)&pkt.data[pkt.off], sizeof(*ui));
630 bcopy((char *)&pkt.data[pkt.off], (char *)ip, sizeof(*ip));
631 #else
632 ip = (struct kdp_ip *)&pkt.data[pkt.off];
633 #endif
634 ip->ip_len = htons(sizeof (struct kdp_udpiphdr) + pkt.len);
635 ip->ip_v = IPVERSION;
636 ip->ip_id = htons(ip_id++);
637 ip->ip_hl = sizeof (struct kdp_ip) >> 2;
638 ip->ip_ttl = udp_ttl;
639 ip->ip_sum = 0;
640 ip->ip_sum = htons(~ip_sum((unsigned char *)ip, ip->ip_hl));
641 #if DO_ALIGN
642 bcopy((char *)ip, (char *)&pkt.data[pkt.off], sizeof(*ip));
643 #endif
644
645 pkt.len += (unsigned int)sizeof (struct kdp_udpiphdr);
646
647 pkt.off -= (unsigned int)sizeof (struct kdp_ether_header);
648
649 eh = (struct kdp_ether_header *)&pkt.data[pkt.off];
650 enaddr_copy(&adr.loc.ea, eh->ether_shost);
651 enaddr_copy(&adr.rmt.ea, eh->ether_dhost);
652 eh->ether_type = htons(ETHERTYPE_IP);
653
654 pkt.len += (unsigned int)sizeof (struct kdp_ether_header);
655 kdp_send_data(&pkt.data[pkt.off], pkt.len);
656 }
657
658
659 inline static void
660 debugger_if_necessary(void)
661 {
662 if ((current_debugger == KDP_CUR_DB) && halt_in_debugger) {
663 kdp_call();
664 halt_in_debugger=0;
665 }
666 }
667
668
669 /* We don't interpret this pointer, we just give it to the bsd stack
670 so it can decide when to set the MAC and IP info. We'll
671 early initialize the MAC/IP info if we can so that we can use
672 KDP early in boot. These values may subsequently get over-written
673 when the interface gets initialized for real.
674 */
675 void
676 kdp_set_interface(void *ifp, const struct kdp_ether_addr *macaddr)
677 {
678 char kdpstr[80];
679 struct kdp_in_addr addr = { 0 };
680 unsigned int len;
681
682 kdp_current_ifp = ifp;
683
684 if (PE_parse_boot_argn("kdp_ip_addr", kdpstr, sizeof(kdpstr))) {
685 /* look for a static ip address */
686 if (inet_aton(kdpstr, &addr) == FALSE)
687 goto done;
688
689 goto config_network;
690 }
691
692 /* use saved ip address */
693 save_ip_in_nvram = TRUE;
694
695 len = sizeof(kdpstr);
696 if (PEReadNVRAMProperty("_kdp_ipstr", kdpstr, &len) == FALSE)
697 goto done;
698
699 kdpstr[len < sizeof(kdpstr) ? len : sizeof(kdpstr) - 1] = '\0';
700 if (inet_aton(kdpstr, &addr) == FALSE)
701 goto done;
702
703 config_network:
704 kdp_current_ip_address = addr.s_addr;
705 if (macaddr)
706 kdp_current_mac_address = *macaddr;
707
708 /* we can't drop into the debugger at this point because the
709 link will likely not be up. when getDebuggerLinkStatus() support gets
710 added to the appropriate network drivers, adding the
711 following will enable this capability:
712 debugger_if_necessary();
713 */
714 done:
715 return;
716 }
717
718 void *
719 kdp_get_interface(void)
720 {
721 return kdp_current_ifp;
722 }
723
724 void
725 kdp_set_ip_and_mac_addresses(
726 struct kdp_in_addr *ipaddr,
727 struct kdp_ether_addr *macaddr)
728 {
729 static uint64_t last_time = (uint64_t) -1;
730 static uint64_t throttle_val = 0;
731 uint64_t cur_time;
732 char addr[16];
733
734 if (kdp_current_ip_address == ipaddr->s_addr)
735 goto done;
736
737 /* don't replace if serial debugging is configured */
738 if (!KDP_SERIAL_ENABLED() ||
739 (kdp_current_ip_address != KDP_SERIAL_IPADDR)) {
740 kdp_current_mac_address = *macaddr;
741 kdp_current_ip_address = ipaddr->s_addr;
742 }
743
744 if (save_ip_in_nvram == FALSE)
745 goto done;
746
747 if (inet_ntoa_r(*ipaddr, addr, sizeof(addr)) == NULL)
748 goto done;
749
750 /* throttle writes if needed */
751 if (!throttle_val)
752 nanoseconds_to_absolutetime(KDP_THROTTLE_VALUE, &throttle_val);
753
754 cur_time = mach_absolute_time();
755 if (last_time == (uint64_t) -1 ||
756 ((cur_time - last_time) > throttle_val)) {
757 PEWriteNVRAMProperty("_kdp_ipstr", addr,
758 (const unsigned int) strlen(addr));
759 }
760 last_time = cur_time;
761
762 done:
763 debugger_if_necessary();
764 }
765
766 void
767 kdp_set_gateway_mac(void *gatewaymac)
768 {
769 router_mac = *(struct kdp_ether_addr *)gatewaymac;
770 flag_router_mac_initialized = TRUE;
771 }
772
773 struct kdp_ether_addr
774 kdp_get_mac_addr(void)
775 {
776 return kdp_current_mac_address;
777 }
778
779 unsigned int
780 kdp_get_ip_address(void)
781 {
782 return (unsigned int)kdp_current_ip_address;
783 }
784
785 void
786 kdp_disable_arp(void)
787 {
788 kdp_flag &= ~(DB_ARP);
789 }
790
791 static void
792 kdp_arp_dispatch(void)
793 {
794 struct kdp_ether_arp aligned_ea, *ea = &aligned_ea;
795 unsigned arp_header_offset;
796
797 arp_header_offset = (unsigned)sizeof(struct kdp_ether_header) + pkt.off;
798 memcpy((void *)ea, (void *)&pkt.data[arp_header_offset], sizeof(*ea));
799
800 switch(ntohs(ea->arp_op)) {
801 case ARPOP_REQUEST:
802 kdp_arp_reply(ea);
803 break;
804 case ARPOP_REPLY:
805 kdp_process_arp_reply(ea);
806 break;
807 default:
808 return;
809 }
810 }
811
812 static void
813 kdp_process_arp_reply(struct kdp_ether_arp *ea)
814 {
815 /* Are we interested in ARP replies? */
816 if (flag_arp_resolved == TRUE)
817 return;
818
819 /* Did we receive a reply from the right source? */
820 if (((struct kdp_in_addr *)(ea->arp_spa))->s_addr != target_ip)
821 return;
822
823 flag_arp_resolved = TRUE;
824 current_resolved_MAC = *(struct kdp_ether_addr *) (ea->arp_sha);
825
826 return;
827 }
828
829 /* ARP responses are enabled when the DB_ARP bit of the debug boot arg
830 * is set.
831 */
832
833 static void
834 kdp_arp_reply(struct kdp_ether_arp *ea)
835 {
836 struct kdp_ether_header *eh;
837
838 struct kdp_in_addr isaddr, itaddr, myaddr;
839 struct kdp_ether_addr my_enaddr;
840
841 eh = (struct kdp_ether_header *)&pkt.data[pkt.off];
842 pkt.off += (unsigned int)sizeof(struct kdp_ether_header);
843
844 if(ntohs(ea->arp_op) != ARPOP_REQUEST)
845 return;
846
847 myaddr.s_addr = kdp_get_ip_address();
848 my_enaddr = kdp_get_mac_addr();
849
850 if ((ntohl(myaddr.s_addr) == 0) ||
851 ((my_enaddr.ether_addr_octet[0] & 0xff) == 0
852 && (my_enaddr.ether_addr_octet[1] & 0xff) == 0
853 && (my_enaddr.ether_addr_octet[2] & 0xff) == 0
854 && (my_enaddr.ether_addr_octet[3] & 0xff) == 0
855 && (my_enaddr.ether_addr_octet[4] & 0xff) == 0
856 && (my_enaddr.ether_addr_octet[5] & 0xff) == 0
857 ))
858 return;
859
860 (void)memcpy((void *)&isaddr, (void *)ea->arp_spa, sizeof (isaddr));
861 (void)memcpy((void *)&itaddr, (void *)ea->arp_tpa, sizeof (itaddr));
862
863 if (itaddr.s_addr == myaddr.s_addr) {
864 (void)memcpy((void *)ea->arp_tha, (void *)ea->arp_sha, sizeof(ea->arp_sha));
865 (void)memcpy((void *)ea->arp_sha, (void *)&my_enaddr, sizeof(ea->arp_sha));
866
867 (void)memcpy((void *)ea->arp_tpa, (void *) ea->arp_spa, sizeof(ea->arp_spa));
868 (void)memcpy((void *)ea->arp_spa, (void *) &itaddr, sizeof(ea->arp_spa));
869
870 ea->arp_op = htons(ARPOP_REPLY);
871 ea->arp_pro = htons(ETHERTYPE_IP);
872 (void)memcpy(eh->ether_dhost, ea->arp_tha, sizeof(eh->ether_dhost));
873 (void)memcpy(eh->ether_shost, &my_enaddr, sizeof(eh->ether_shost));
874 eh->ether_type = htons(ETHERTYPE_ARP);
875 (void)memcpy(&pkt.data[pkt.off], ea, sizeof(*ea));
876 pkt.off -= (unsigned int)sizeof (struct kdp_ether_header);
877 /* pkt.len is still the length we want, ether_header+ether_arp */
878 kdp_send_data(&pkt.data[pkt.off], pkt.len);
879 }
880 }
881
882 static void
883 kdp_poll(void)
884 {
885 struct kdp_ether_header *eh = NULL;
886 struct kdp_udpiphdr aligned_ui, *ui = &aligned_ui;
887 struct kdp_ip aligned_ip, *ip = &aligned_ip;
888 static int msg_printed;
889
890 if (pkt.input)
891 kdp_panic("kdp_poll");
892
893 if (!kdp_en_recv_pkt || !kdp_en_send_pkt) {
894 if( msg_printed == 0) {
895 msg_printed = 1;
896 printf("kdp_poll: no debugger device\n");
897 }
898 return;
899 }
900
901 pkt.off = pkt.len = 0;
902 kdp_receive_data(pkt.data, &pkt.len, 3/* ms */);
903
904 if (pkt.len == 0)
905 return;
906
907 if (pkt.len >= sizeof(struct kdp_ether_header)) {
908 eh = (struct kdp_ether_header *)&pkt.data[pkt.off];
909
910 if (kdp_flag & KDP_ARP) {
911 if (ntohs(eh->ether_type) == ETHERTYPE_ARP) {
912 kdp_arp_dispatch();
913 return;
914 }
915 }
916 }
917
918 if (pkt.len < (sizeof (struct kdp_ether_header) + sizeof (struct kdp_udpiphdr)))
919 return;
920
921 pkt.off += (unsigned int)sizeof (struct kdp_ether_header);
922 if (ntohs(eh->ether_type) != ETHERTYPE_IP) {
923 return;
924 }
925
926 #if DO_ALIGN
927 bcopy((char *)&pkt.data[pkt.off], (char *)ui, sizeof(*ui));
928 bcopy((char *)&pkt.data[pkt.off], (char *)ip, sizeof(*ip));
929 #else
930 ui = (struct kdp_udpiphdr *)&pkt.data[pkt.off];
931 ip = (struct kdp_ip *)&pkt.data[pkt.off];
932 #endif
933
934 pkt.off += (unsigned int)sizeof (struct kdp_udpiphdr);
935 if (ui->ui_pr != IPPROTO_UDP) {
936 return;
937 }
938
939 if (ip->ip_hl > (sizeof (struct kdp_ip) >> 2)) {
940 return;
941 }
942
943 if (ntohs(ui->ui_dport) != KDP_REMOTE_PORT) {
944 if (panicd_port == (ntohs(ui->ui_dport)) &&
945 flag_panic_dump_in_progress) {
946 last_panic_port = ui->ui_sport;
947 }
948 else
949 return;
950 }
951 /* If we receive a kernel debugging packet whilst a
952 * core dump is in progress, abort the transfer and
953 * enter the debugger if not told otherwise.
954 */
955 else
956 if (flag_panic_dump_in_progress) {
957 if (!flag_dont_abort_panic_dump) {
958 abort_panic_transfer();
959 }
960 return;
961 }
962
963 if (!kdp.is_conn && !flag_panic_dump_in_progress) {
964 enaddr_copy(eh->ether_dhost, &adr.loc.ea);
965 adr.loc.in = ui->ui_dst;
966
967 enaddr_copy(eh->ether_shost, &adr.rmt.ea);
968 adr.rmt.in = ui->ui_src;
969 }
970
971 /*
972 * Calculate kdp packet length.
973 */
974 pkt.len = ntohs((u_short)ui->ui_ulen) - (unsigned int)sizeof (struct kdp_udphdr);
975 pkt.input = TRUE;
976 }
977
978
979 /* Create and transmit an ARP resolution request for the target IP address.
980 * This is modeled on ether_inet_arp()/RFC 826.
981 */
982
983 static void
984 transmit_ARP_request(uint32_t ip_addr)
985 {
986 struct kdp_ether_header *eh = (struct kdp_ether_header *) &pkt.data[0];
987 struct kdp_ether_arp *ea = (struct kdp_ether_arp *) &pkt.data[sizeof(struct kdp_ether_header)];
988
989 KDP_DEBUG("Transmitting ARP request\n");
990 /* Populate the ether_header */
991 eh->ether_type = htons(ETHERTYPE_ARP);
992 enaddr_copy(&kdp_current_mac_address, eh->ether_shost);
993 enaddr_copy(&etherbroadcastaddr, eh->ether_dhost);
994
995 /* Populate the ARP header */
996 ea->arp_pro = htons(ETHERTYPE_IP);
997 ea->arp_hln = sizeof(ea->arp_sha);
998 ea->arp_pln = sizeof(ea->arp_spa);
999 ea->arp_hrd = htons(ARPHRD_ETHER);
1000 ea->arp_op = htons(ARPOP_REQUEST);
1001
1002 /* Target fields */
1003 enaddr_copy(&etherbroadcastaddr, ea->arp_tha);
1004 memcpy(ea->arp_tpa, (void *) &ip_addr, sizeof(ip_addr));
1005
1006 /* Source fields */
1007 enaddr_copy(&kdp_current_mac_address, ea->arp_sha);
1008 memcpy(ea->arp_spa, (void *) &kdp_current_ip_address, sizeof(kdp_current_ip_address));
1009
1010 pkt.off = 0;
1011 pkt.len = sizeof(struct kdp_ether_header) + sizeof(struct kdp_ether_arp);
1012 /* Transmit */
1013 kdp_send_data(&pkt.data[pkt.off], pkt.len);
1014 }
1015
1016 static boolean_t
1017 kdp_arp_resolve(uint32_t arp_target_ip, struct kdp_ether_addr *resolved_MAC)
1018 {
1019 int poll_count = 256; /* ~770 ms modulo broadcast/delayed traffic? */
1020 char tretries = 0;
1021
1022 #define NUM_ARP_TX_RETRIES 5
1023
1024 target_ip = arp_target_ip;
1025 flag_arp_resolved = FALSE;
1026
1027 TRANSMIT_RETRY:
1028 pkt.off = pkt.len = 0;
1029
1030 tretries++;
1031
1032 if (tretries >= NUM_ARP_TX_RETRIES) {
1033 return FALSE;
1034 }
1035
1036 KDP_DEBUG("ARP TX attempt #%d \n", tretries);
1037
1038 transmit_ARP_request(arp_target_ip);
1039
1040 while (!pkt.input && !flag_arp_resolved && flag_panic_dump_in_progress && --poll_count) {
1041 kdp_poll();
1042 }
1043
1044 if (flag_arp_resolved) {
1045 *resolved_MAC = current_resolved_MAC;
1046 return TRUE;
1047 }
1048
1049 if (!flag_panic_dump_in_progress || pkt.input) { /* we received a debugging packet, bail*/
1050 printf("Received a debugger packet,transferring control to debugger\n");
1051 /* Indicate that we should wait in the debugger when we return */
1052 kdp_flag |= DBG_POST_CORE;
1053 pkt.input = FALSE;
1054 return FALSE;
1055 } else { /* We timed out */
1056 if (0 == poll_count) {
1057 poll_count = 256;
1058 goto TRANSMIT_RETRY;
1059 }
1060 }
1061 return FALSE;
1062 }
1063
1064 static void
1065 kdp_handler(
1066 void *saved_state
1067 )
1068 {
1069 unsigned short reply_port;
1070 kdp_hdr_t aligned_hdr, *hdr = &aligned_hdr;
1071
1072 kdp.saved_state = saved_state; // see comment in kdp_raise_exception
1073
1074 do {
1075 while (!pkt.input)
1076 kdp_poll();
1077
1078 #if DO_ALIGN
1079 bcopy((char *)&pkt.data[pkt.off], (char *)hdr, sizeof(*hdr));
1080 #else
1081 hdr = (kdp_hdr_t *)&pkt.data[pkt.off];
1082 #endif
1083
1084 // ignore replies -- we're not expecting them anyway.
1085 if (hdr->is_reply) {
1086 goto again;
1087 }
1088
1089 if (hdr->request == KDP_REATTACH)
1090 exception_seq = hdr->seq;
1091
1092 // check for retransmitted request
1093 if (hdr->seq == (exception_seq - 1)) {
1094 /* retransmit last reply */
1095 kdp_send_data(&saved_reply.data[saved_reply.off],
1096 saved_reply.len);
1097 goto again;
1098 } else if ((hdr->seq != exception_seq) &&
1099 (hdr->request != KDP_CONNECT)) {
1100 printf("kdp: bad sequence %d (want %d)\n",
1101 hdr->seq, exception_seq);
1102 goto again;
1103 }
1104
1105 /* This is a manual side-channel to the main KDP protocol.
1106 * A client like GDB/kgmacros can manually construct
1107 * a request, set the input flag, issue a dummy KDP request,
1108 * and then manually collect the result
1109 */
1110 if (manual_pkt.input) {
1111 kdp_hdr_t *manual_hdr = (kdp_hdr_t *)&manual_pkt.data;
1112 unsigned short manual_port_unused = 0;
1113 if (!manual_hdr->is_reply) {
1114 /* process */
1115 kdp_packet((unsigned char *)&manual_pkt.data,
1116 (int *)&manual_pkt.len,
1117 &manual_port_unused);
1118 }
1119 manual_pkt.input = 0;
1120 }
1121
1122 if (kdp_packet((unsigned char*)&pkt.data[pkt.off],
1123 (int *)&pkt.len,
1124 (unsigned short *)&reply_port)) {
1125 boolean_t sideband = FALSE;
1126
1127 /* if it's an already connected error message,
1128 * send a sideband reply for that. for successful connects,
1129 * make sure the sequence number is correct. */
1130 if (hdr->request == KDP_CONNECT) {
1131 kdp_connect_reply_t *rp =
1132 (kdp_connect_reply_t *) &pkt.data[pkt.off];
1133 kdp_error_t err = rp->error;
1134
1135 if (err == KDPERR_NO_ERROR) {
1136 exception_seq = hdr->seq;
1137 } else if (err == KDPERR_ALREADY_CONNECTED) {
1138 sideband = TRUE;
1139 }
1140 }
1141
1142 kdp_reply(reply_port, sideband);
1143 }
1144
1145 again:
1146 pkt.input = FALSE;
1147 } while (kdp.is_halted);
1148 }
1149
1150 static void
1151 kdp_connection_wait(void)
1152 {
1153 unsigned short reply_port;
1154 struct kdp_ether_addr kdp_mac_addr = kdp_get_mac_addr();
1155 unsigned int ip_addr = ntohl(kdp_get_ip_address());
1156
1157 /*
1158 * Do both a printf() and a kprintf() of the MAC and IP so that
1159 * they will print out on headless machines but not be added to
1160 * the panic.log
1161 */
1162
1163 if (KDP_SERIAL_ENABLED()) {
1164 printf("Using serial KDP.\n");
1165 kprintf("Using serial KDP.\n");
1166 } else {
1167 printf("ethernet MAC address: %02x:%02x:%02x:%02x:%02x:%02x\n",
1168 kdp_mac_addr.ether_addr_octet[0] & 0xff,
1169 kdp_mac_addr.ether_addr_octet[1] & 0xff,
1170 kdp_mac_addr.ether_addr_octet[2] & 0xff,
1171 kdp_mac_addr.ether_addr_octet[3] & 0xff,
1172 kdp_mac_addr.ether_addr_octet[4] & 0xff,
1173 kdp_mac_addr.ether_addr_octet[5] & 0xff);
1174
1175 kprintf("ethernet MAC address: %02x:%02x:%02x:%02x:%02x:%02x\n",
1176 kdp_mac_addr.ether_addr_octet[0] & 0xff,
1177 kdp_mac_addr.ether_addr_octet[1] & 0xff,
1178 kdp_mac_addr.ether_addr_octet[2] & 0xff,
1179 kdp_mac_addr.ether_addr_octet[3] & 0xff,
1180 kdp_mac_addr.ether_addr_octet[4] & 0xff,
1181 kdp_mac_addr.ether_addr_octet[5] & 0xff);
1182
1183 printf("ip address: %d.%d.%d.%d\n",
1184 (ip_addr & 0xff000000) >> 24,
1185 (ip_addr & 0xff0000) >> 16,
1186 (ip_addr & 0xff00) >> 8,
1187 (ip_addr & 0xff));
1188
1189 kprintf("ip address: %d.%d.%d.%d\n",
1190 (ip_addr & 0xff000000) >> 24,
1191 (ip_addr & 0xff0000) >> 16,
1192 (ip_addr & 0xff00) >> 8,
1193 (ip_addr & 0xff));
1194 }
1195
1196 printf("\nWaiting for remote debugger connection.\n");
1197 kprintf("\nWaiting for remote debugger connection.\n");
1198
1199
1200 if (reattach_wait == 0) {
1201 if((kdp_flag & KDP_GETC_ENA) && (0 != kdp_getc())) {
1202 printf("Options..... Type\n");
1203 printf("------------ ----\n");
1204 printf("continue.... 'c'\n");
1205 printf("reboot...... 'r'\n");
1206 }
1207 } else {
1208 reattach_wait = 0;
1209 }
1210
1211 exception_seq = 0;
1212
1213 do {
1214 kdp_hdr_t aligned_hdr, *hdr = &aligned_hdr;
1215
1216 while (!pkt.input) {
1217 if (kdp_flag & KDP_GETC_ENA) {
1218 switch(kdp_getc()) {
1219 case 'c':
1220 printf("Continuing...\n");
1221 return;
1222 case 'r':
1223 printf("Rebooting...\n");
1224 kdp_machine_reboot();
1225 break;
1226 default:
1227 break;
1228 }
1229 }
1230 kdp_poll();
1231 }
1232
1233 #if DO_ALIGN
1234 bcopy((char *)&pkt.data[pkt.off], (char *)hdr, sizeof(*hdr));
1235 #else
1236 hdr = (kdp_hdr_t *)&pkt.data[pkt.off];
1237 #endif
1238 if (hdr->request == KDP_HOSTREBOOT) {
1239 kdp_machine_reboot();
1240 /* should not return! */
1241 }
1242 if (((hdr->request == KDP_CONNECT) || (hdr->request == KDP_REATTACH)) &&
1243 !hdr->is_reply && (hdr->seq == exception_seq)) {
1244 if (kdp_packet((unsigned char *)&pkt.data[pkt.off],
1245 (int *)&pkt.len,
1246 (unsigned short *)&reply_port))
1247 kdp_reply(reply_port, FALSE);
1248 if (hdr->request == KDP_REATTACH) {
1249 reattach_wait = 0;
1250 hdr->request=KDP_DISCONNECT;
1251 exception_seq = 0;
1252 }
1253 }
1254
1255 pkt.input = FALSE;
1256 } while (!kdp.is_conn);
1257
1258 if (current_debugger == KDP_CUR_DB)
1259 active_debugger=1;
1260 printf("Connected to remote debugger.\n");
1261 kprintf("Connected to remote debugger.\n");
1262 }
1263
1264 static void
1265 kdp_send_exception(
1266 unsigned int exception,
1267 unsigned int code,
1268 unsigned int subcode
1269 )
1270 {
1271 unsigned short remote_port;
1272 unsigned int timeout_count = 100;
1273 unsigned int poll_timeout;
1274
1275 do {
1276 pkt.off = sizeof (struct kdp_ether_header) + sizeof (struct kdp_udpiphdr);
1277 kdp_exception((unsigned char *)&pkt.data[pkt.off],
1278 (int *)&pkt.len,
1279 (unsigned short *)&remote_port,
1280 (unsigned int)exception,
1281 (unsigned int)code,
1282 (unsigned int)subcode);
1283
1284 kdp_send(remote_port);
1285
1286 poll_timeout = 50;
1287 while (!pkt.input && poll_timeout) {
1288 kdp_poll();
1289 poll_timeout--;
1290 }
1291
1292 if (pkt.input) {
1293 if (!kdp_exception_ack(&pkt.data[pkt.off], pkt.len)) {
1294 pkt.input = FALSE;
1295 }
1296 }
1297
1298 pkt.input = FALSE;
1299
1300 if (kdp.exception_ack_needed)
1301 kdp_us_spin(250000);
1302
1303 } while (kdp.exception_ack_needed && timeout_count--);
1304
1305 if (kdp.exception_ack_needed) {
1306 // give up & disconnect
1307 printf("kdp: exception ack timeout\n");
1308 if (current_debugger == KDP_CUR_DB)
1309 active_debugger=0;
1310 kdp_reset();
1311 }
1312 }
1313
1314 static void
1315 kdp_debugger_loop(
1316 unsigned int exception,
1317 unsigned int code,
1318 unsigned int subcode,
1319 void *saved_state)
1320 {
1321 int index;
1322
1323 if (saved_state == 0)
1324 printf("kdp_raise_exception with NULL state\n");
1325
1326 index = exception;
1327 if (exception != EXC_BREAKPOINT) {
1328 if (exception > EXC_BREAKPOINT || exception < EXC_BAD_ACCESS) {
1329 index = 0;
1330 }
1331 printf("%s exception (%x,%x,%x)\n",
1332 exception_message[index],
1333 exception, code, subcode);
1334 }
1335
1336 kdp_sync_cache();
1337
1338 /* XXX WMG it seems that sometimes it doesn't work to let kdp_handler
1339 * do this. I think the client and the host can get out of sync.
1340 */
1341 kdp.saved_state = saved_state;
1342 kdp.kdp_cpu = cpu_number();
1343 kdp.kdp_thread = current_thread();
1344
1345 if (kdp_en_setmode)
1346 (*kdp_en_setmode)(TRUE); /* enabling link mode */
1347
1348 if (pkt.input)
1349 kdp_panic("kdp_raise_exception");
1350
1351 if (((kdp_flag & KDP_PANIC_DUMP_ENABLED)
1352 || (kdp_flag & PANIC_LOG_DUMP)
1353 || kdp_has_polled_corefile())
1354 && (panicstr != (char *) 0)) {
1355 kdp_panic_dump();
1356 if (kdp_flag & REBOOT_POST_CORE)
1357 kdp_machine_reboot();
1358 } else {
1359 if ((kdp_flag & PANIC_CORE_ON_NMI) && (panicstr == (char *) 0)
1360 && !kdp.is_conn) {
1361
1362 disable_debug_output = disableConsoleOutput = FALSE;
1363 kdp_panic_dump();
1364 if (kdp_flag & REBOOT_POST_CORE)
1365 kdp_machine_reboot();
1366
1367 if (!(kdp_flag & DBG_POST_CORE))
1368 goto exit_debugger_loop;
1369 }
1370 }
1371
1372 again:
1373 if (!kdp.is_conn) {
1374 kdp_connection_wait();
1375 } else {
1376 kdp_send_exception(exception, code, subcode);
1377 if (kdp.exception_ack_needed) {
1378 kdp.exception_ack_needed = FALSE;
1379 kdp_remove_all_breakpoints();
1380 printf("Remote debugger disconnected.\n");
1381 }
1382 }
1383
1384 if (kdp.is_conn) {
1385 kdp.is_halted = TRUE; /* XXX */
1386 kdp_handler(saved_state);
1387 if (!kdp.is_conn)
1388 {
1389 kdp_remove_all_breakpoints();
1390 printf("Remote debugger disconnected.\n");
1391 }
1392 }
1393 /* Allow triggering a panic core dump when connected to the machine
1394 * Continuing after setting kdp_trigger_core_dump should do the
1395 * trick.
1396 */
1397
1398 if (1 == kdp_trigger_core_dump) {
1399 kdp_flag |= KDP_PANIC_DUMP_ENABLED;
1400 kdp_panic_dump();
1401 if (kdp_flag & REBOOT_POST_CORE)
1402 kdp_machine_reboot();
1403 kdp_trigger_core_dump = 0;
1404 }
1405
1406 /* Trigger a reboot if the user has set this flag through the
1407 * debugger.Ideally, this would be done through the HOSTREBOOT packet
1408 * in the protocol,but that will need gdb support,and when it's
1409 * available, it should work automatically.
1410 */
1411 if (1 == flag_kdp_trigger_reboot) {
1412 kdp_machine_reboot();
1413 /* If we're still around, reset the flag */
1414 flag_kdp_trigger_reboot = 0;
1415 }
1416
1417 if (kdp_reentry_deadline) {
1418 kdp_schedule_debugger_reentry(kdp_reentry_deadline);
1419 printf("Debugger re-entry scheduled in %d milliseconds\n", kdp_reentry_deadline);
1420 kdp_reentry_deadline = 0;
1421 }
1422
1423 kdp_sync_cache();
1424
1425 if (reattach_wait == 1)
1426 goto again;
1427
1428 exit_debugger_loop:
1429 if (kdp_en_setmode)
1430 (*kdp_en_setmode)(FALSE); /* link cleanup */
1431 }
1432
1433 void
1434 kdp_reset(void)
1435 {
1436 kdp.reply_port = kdp.exception_port = 0;
1437 kdp.is_halted = kdp.is_conn = FALSE;
1438 kdp.exception_seq = kdp.conn_seq = 0;
1439 kdp.session_key = 0;
1440 pkt.input = manual_pkt.input = FALSE;
1441 pkt.len = pkt.off = manual_pkt.len = 0;
1442 }
1443
1444 struct corehdr *
1445 create_panic_header(unsigned int request, const char *corename,
1446 unsigned length, unsigned int block)
1447 {
1448 struct kdp_udpiphdr aligned_ui, *ui = &aligned_ui;
1449 struct kdp_ip aligned_ip, *ip = &aligned_ip;
1450 struct kdp_ether_header *eh;
1451 struct corehdr *coreh;
1452 const char *mode = "octet";
1453 char modelen = strlen(mode) + 1;
1454
1455 size_t fmask_size = sizeof(KDP_FEATURE_MASK_STRING) + sizeof(kdp_crashdump_feature_mask);
1456
1457 pkt.off = sizeof (struct kdp_ether_header);
1458 pkt.len = (unsigned int)(length + ((request == KDP_WRQ) ? modelen + fmask_size : 0) +
1459 (corename ? (strlen(corename) + 1 ): 0) + sizeof(struct corehdr));
1460
1461 #if DO_ALIGN
1462 bcopy((char *)&pkt.data[pkt.off], (char *)ui, sizeof(*ui));
1463 #else
1464 ui = (struct kdp_udpiphdr *)&pkt.data[pkt.off];
1465 #endif
1466 ui->ui_next = ui->ui_prev = 0;
1467 ui->ui_x1 = 0;
1468 ui->ui_pr = IPPROTO_UDP;
1469 ui->ui_len = htons((u_short)pkt.len + sizeof (struct kdp_udphdr));
1470 ui->ui_src.s_addr = (uint32_t)kdp_current_ip_address;
1471 /* Already in network byte order via inet_aton() */
1472 ui->ui_dst.s_addr = panic_server_ip;
1473 ui->ui_sport = htons(panicd_port);
1474 ui->ui_dport = ((request == KDP_WRQ) ? htons(panicd_port) : last_panic_port);
1475 ui->ui_ulen = ui->ui_len;
1476 ui->ui_sum = 0;
1477 #if DO_ALIGN
1478 bcopy((char *)ui, (char *)&pkt.data[pkt.off], sizeof(*ui));
1479 bcopy((char *)&pkt.data[pkt.off], (char *)ip, sizeof(*ip));
1480 #else
1481 ip = (struct kdp_ip *)&pkt.data[pkt.off];
1482 #endif
1483 ip->ip_len = htons(sizeof (struct kdp_udpiphdr) + pkt.len);
1484 ip->ip_v = IPVERSION;
1485 ip->ip_id = htons(ip_id++);
1486 ip->ip_hl = sizeof (struct kdp_ip) >> 2;
1487 ip->ip_ttl = udp_ttl;
1488 ip->ip_sum = 0;
1489 ip->ip_sum = htons(~ip_sum((unsigned char *)ip, ip->ip_hl));
1490 #if DO_ALIGN
1491 bcopy((char *)ip, (char *)&pkt.data[pkt.off], sizeof(*ip));
1492 #endif
1493
1494 pkt.len += (unsigned int)sizeof (struct kdp_udpiphdr);
1495
1496 pkt.off += (unsigned int)sizeof (struct kdp_udpiphdr);
1497
1498 coreh = (struct corehdr *) &pkt.data[pkt.off];
1499 coreh->th_opcode = htons((u_short)request);
1500
1501 if (request == KDP_WRQ) {
1502 char *cp;
1503
1504 cp = coreh->th_u.tu_rpl;
1505 cp += strlcpy (cp, corename, KDP_MAXPACKET);
1506 *cp++ = '\0';
1507 cp += strlcpy (cp, mode, KDP_MAXPACKET - strlen(corename));
1508 *cp++ = '\0';
1509 cp += strlcpy(cp, KDP_FEATURE_MASK_STRING, sizeof(KDP_FEATURE_MASK_STRING));
1510 *cp++ = '\0'; /* Redundant */
1511 bcopy(&kdp_crashdump_feature_mask, cp, sizeof(kdp_crashdump_feature_mask));
1512 kdp_crashdump_pkt_size = KDP_LARGE_CRASHDUMP_PKT_SIZE;
1513 PE_parse_boot_argn("kdp_crashdump_pkt_size", &kdp_crashdump_pkt_size, sizeof(kdp_crashdump_pkt_size));
1514 cp += sizeof(kdp_crashdump_feature_mask);
1515 *(uint32_t *)cp = htonl(kdp_crashdump_pkt_size);
1516 } else {
1517 coreh->th_block = htonl((unsigned int) block);
1518 }
1519
1520 pkt.off -= (unsigned int)sizeof (struct kdp_udpiphdr);
1521 pkt.off -= (unsigned int)sizeof (struct kdp_ether_header);
1522
1523 eh = (struct kdp_ether_header *)&pkt.data[pkt.off];
1524 enaddr_copy(&kdp_current_mac_address, eh->ether_shost);
1525 enaddr_copy(&destination_mac, eh->ether_dhost);
1526 eh->ether_type = htons(ETHERTYPE_IP);
1527
1528 pkt.len += (unsigned int)sizeof (struct kdp_ether_header);
1529 return coreh;
1530 }
1531
1532 static int
1533 kdp_send_crashdump_seek(char *corename, uint64_t seek_off)
1534 {
1535 int panic_error;
1536
1537 if (kdp_feature_large_crashdumps) {
1538 panic_error = kdp_send_crashdump_pkt(KDP_SEEK, corename,
1539 sizeof(seek_off),
1540 &seek_off);
1541 } else {
1542 uint32_t off = (uint32_t) seek_off;
1543 panic_error = kdp_send_crashdump_pkt(KDP_SEEK, corename,
1544 sizeof(off), &off);
1545 }
1546
1547 if (panic_error < 0) {
1548 printf ("kdp_send_crashdump_pkt failed with error %d\n",
1549 panic_error);
1550 return panic_error;
1551 }
1552
1553 return KERN_SUCCESS;
1554 }
1555
1556 int
1557 kdp_send_crashdump_data(unsigned int request, char *corename,
1558 uint64_t length, void * txstart)
1559 {
1560 int panic_error = 0;
1561
1562 while ((length > 0) || !txstart) {
1563 uint64_t chunk = MIN(kdp_crashdump_pkt_size, length);
1564
1565 panic_error = kdp_send_crashdump_pkt(request, corename, chunk,
1566 txstart);
1567 if (panic_error < 0) {
1568 printf ("kdp_send_crashdump_pkt failed with error %d\n", panic_error);
1569 return panic_error;
1570 }
1571 if (!txstart) break;
1572 txstart = (void *)(((uintptr_t) txstart) + chunk);
1573 length -= chunk;
1574 }
1575 return KERN_SUCCESS;
1576 }
1577
1578 uint32_t kdp_crashdump_short_pkt;
1579
1580 int
1581 kdp_send_crashdump_pkt(unsigned int request, char *corename,
1582 uint64_t length, void *panic_data)
1583 {
1584 int poll_count;
1585 struct corehdr *th = NULL;
1586 char rretries, tretries;
1587
1588 if (kdp_dump_start_time == 0) {
1589 kdp_dump_start_time = mach_absolute_time();
1590 kdp_superblock_dump_start_time = kdp_dump_start_time;
1591 }
1592
1593 tretries = rretries = 0;
1594 poll_count = KDP_CRASHDUMP_POLL_COUNT;
1595 pkt.off = pkt.len = 0;
1596 if (request == KDP_WRQ) /* longer timeout for initial request */
1597 poll_count += 1000;
1598
1599 TRANSMIT_RETRY:
1600 tretries++;
1601
1602 if (tretries >=15) {
1603 /* The crashdump server is unreachable for some reason. This could be a network
1604 * issue or, if we've been especially unfortunate, we've hit Radar 2760413,
1605 * which is a long standing problem with the IOKit polled mode network driver
1606 * shim which can prevent transmits/receives completely.
1607 */
1608 printf ("Cannot contact panic server, timing out.\n");
1609 return (-3);
1610 }
1611
1612 if (tretries > 2)
1613 printf("TX retry #%d ", tretries );
1614
1615 th = create_panic_header(request, corename, (unsigned)length, panic_block);
1616
1617 if (request == KDP_DATA) {
1618 /* as all packets are kdp_crashdump_pkt_size in length, the last packet
1619 * may end up with trailing bits. make sure that those
1620 * bits aren't confusing. */
1621 if (length < kdp_crashdump_pkt_size) {
1622 kdp_crashdump_short_pkt++;
1623 memset(th->th_data + length, 'Y',
1624 kdp_crashdump_pkt_size - (uint32_t) length);
1625 }
1626
1627 if (!kdp_machine_vm_read((mach_vm_address_t)(uintptr_t)panic_data, (caddr_t) th->th_data, length)) {
1628 uintptr_t next_page = round_page((uintptr_t)panic_data);
1629 memset((caddr_t) th->th_data, 'X', (size_t)length);
1630 if ((next_page - ((uintptr_t) panic_data)) < length) {
1631 uint64_t resid = length - (next_page - (intptr_t) panic_data);
1632 if (!kdp_machine_vm_read((mach_vm_address_t)(uintptr_t)next_page, (caddr_t) th->th_data + (length - resid), resid)) {
1633 memset((caddr_t) th->th_data + (length - resid), 'X', (size_t)resid);
1634 }
1635 }
1636 }
1637 }
1638 else if (request == KDP_SEEK) {
1639 if (kdp_feature_large_crashdumps)
1640 *(uint64_t *) th->th_data = OSSwapHostToBigInt64((*(uint64_t *) panic_data));
1641 else
1642 *(unsigned int *) th->th_data = htonl(*(unsigned int *) panic_data);
1643 }
1644
1645 kdp_send_data(&pkt.data[pkt.off], pkt.len);
1646
1647 /* Listen for the ACK */
1648 RECEIVE_RETRY:
1649 while (!pkt.input && flag_panic_dump_in_progress && poll_count) {
1650 kdp_poll();
1651 poll_count--;
1652 }
1653
1654 if (pkt.input) {
1655 pkt.input = FALSE;
1656
1657 th = (struct corehdr *) &pkt.data[pkt.off];
1658 if (request == KDP_WRQ) {
1659 uint16_t opcode64 = ntohs(th->th_opcode);
1660 uint16_t features64 = (opcode64 & 0xFF00)>>8;
1661 if ((opcode64 & 0xFF) == KDP_ACK) {
1662 kdp_feature_large_crashdumps = features64 & KDP_FEATURE_LARGE_CRASHDUMPS;
1663 if (features64 & KDP_FEATURE_LARGE_PKT_SIZE) {
1664 kdp_feature_large_pkt_size = 1;
1665 }
1666 else {
1667 kdp_feature_large_pkt_size = 0;
1668 kdp_crashdump_pkt_size = 512;
1669 }
1670 printf("Protocol features: 0x%x\n", (uint32_t) features64);
1671 th->th_opcode = htons(KDP_ACK);
1672 }
1673 }
1674 if (ntohs(th->th_opcode) == KDP_ACK && ntohl(th->th_block) == panic_block) {
1675 } else {
1676 if (ntohs(th->th_opcode) == KDP_ERROR) {
1677 printf("Panic server returned error %d, retrying\n", ntohl(th->th_code));
1678 poll_count = 1000;
1679 goto TRANSMIT_RETRY;
1680 } else if (ntohl(th->th_block) == (panic_block - 1)) {
1681 printf("RX retry ");
1682 if (++rretries > 1)
1683 goto TRANSMIT_RETRY;
1684 else
1685 goto RECEIVE_RETRY;
1686 }
1687 }
1688 } else if (!flag_panic_dump_in_progress) { /* we received a debugging packet, bail*/
1689 printf("Received a debugger packet,transferring control to debugger\n");
1690 /* Configure that if not set ..*/
1691 kdp_flag |= DBG_POST_CORE;
1692 return (-2);
1693 } else { /* We timed out */
1694 if (0 == poll_count) {
1695 poll_count = 1000;
1696 kdp_us_spin ((tretries%4) * panic_timeout); /* capped linear backoff */
1697 goto TRANSMIT_RETRY;
1698 }
1699 }
1700
1701 if (!(++panic_block % SBLOCKSZ)) {
1702 uint64_t ctime;
1703 kdb_printf_unbuffered(".");
1704 ctime = mach_absolute_time();
1705 kdp_superblock_dump_time = ctime - kdp_superblock_dump_start_time;
1706 kdp_superblock_dump_start_time = ctime;
1707 if (kdp_superblock_dump_time > kdp_max_superblock_dump_time)
1708 kdp_max_superblock_dump_time = kdp_superblock_dump_time;
1709 if (kdp_superblock_dump_time < kdp_min_superblock_dump_time)
1710 kdp_min_superblock_dump_time = kdp_superblock_dump_time;
1711 }
1712
1713 if (request == KDP_EOF) {
1714 printf("\nTotal number of packets transmitted: %d\n", panic_block);
1715 printf("Avg. superblock transfer abstime 0x%llx\n", ((mach_absolute_time() - kdp_dump_start_time) / panic_block) * SBLOCKSZ);
1716 printf("Minimum superblock transfer abstime: 0x%llx\n", kdp_min_superblock_dump_time);
1717 printf("Maximum superblock transfer abstime: 0x%llx\n", kdp_max_superblock_dump_time);
1718 }
1719 return KERN_SUCCESS;
1720 }
1721
1722 static int
1723 isdigit (char c)
1724 {
1725 return ((c > 47) && (c < 58));
1726 }
1727
1728 /* Horrid hack to extract xnu version if possible - a much cleaner approach
1729 * would be to have the integrator run a script which would copy the
1730 * xnu version into a string or an int somewhere at project submission
1731 * time - makes assumptions about sizeof(version), but will not fail if
1732 * it changes, but may be incorrect.
1733 */
1734 /* 2006: Incorporated a change from Darwin user P. Lovell to extract
1735 * the minor kernel version numbers from the version string.
1736 */
1737 static int
1738 kdp_get_xnu_version(char *versionbuf)
1739 {
1740 char *versionpos;
1741 char vstr[20];
1742 int retval = -1;
1743 char *vptr;
1744
1745 strlcpy(vstr, "custom", 10);
1746 if (kdp_machine_vm_read((mach_vm_address_t)(uintptr_t)version, versionbuf, 128)) {
1747 versionbuf[127] = '\0';
1748 versionpos = strnstr(versionbuf, "xnu-", 115);
1749 if (versionpos) {
1750 strncpy(vstr, versionpos, sizeof(vstr));
1751 vstr[sizeof(vstr)-1] = '\0';
1752 vptr = vstr + 4; /* Begin after "xnu-" */
1753 while (*vptr && (isdigit(*vptr) || *vptr == '.'))
1754 vptr++;
1755 *vptr = '\0';
1756 /* Remove trailing period, if any */
1757 if (*(--vptr) == '.')
1758 *vptr = '\0';
1759 retval = 0;
1760 }
1761 }
1762 strlcpy(versionbuf, vstr, KDP_MAXPACKET);
1763 return retval;
1764 }
1765
1766 void
1767 kdp_set_dump_info(const uint32_t flags, const char *filename,
1768 const char *destipstr, const char *routeripstr,
1769 const uint32_t port)
1770 {
1771 uint32_t cmd;
1772
1773 if (destipstr && (destipstr[0] != '\0')) {
1774 strlcpy(panicd_ip_str, destipstr, sizeof(panicd_ip_str));
1775 panicd_specified = 1;
1776 }
1777
1778 if (routeripstr && (routeripstr[0] != '\0')) {
1779 strlcpy(router_ip_str, routeripstr, sizeof(router_ip_str));
1780 router_specified = 1;
1781 }
1782
1783 if (filename && (filename[0] != '\0')) {
1784 strlcpy(corename_str, filename, sizeof(corename_str));
1785 corename_specified = TRUE;
1786 } else {
1787 corename_specified = FALSE;
1788 }
1789
1790 if (port)
1791 panicd_port = port;
1792
1793 /* on a disconnect, should we stay in KDP or not? */
1794 noresume_on_disconnect = (flags & KDP_DUMPINFO_NORESUME) ? 1 : 0;
1795
1796 if ((flags & KDP_DUMPINFO_DUMP) == 0)
1797 return;
1798
1799 /* the rest of the commands can modify kdp_flags */
1800 cmd = flags & KDP_DUMPINFO_MASK;
1801 if (cmd == KDP_DUMPINFO_DISABLE) {
1802 kdp_flag &= ~KDP_PANIC_DUMP_ENABLED;
1803 panicd_specified = 0;
1804 kdp_trigger_core_dump = 0;
1805 return;
1806 }
1807
1808 kdp_flag &= ~REBOOT_POST_CORE;
1809 if (flags & KDP_DUMPINFO_REBOOT)
1810 kdp_flag |= REBOOT_POST_CORE;
1811
1812 kdp_flag &= ~PANIC_LOG_DUMP;
1813 if (cmd == KDP_DUMPINFO_PANICLOG)
1814 kdp_flag |= PANIC_LOG_DUMP;
1815
1816 kdp_flag &= ~SYSTEM_LOG_DUMP;
1817 if (cmd == KDP_DUMPINFO_SYSTEMLOG)
1818 kdp_flag |= SYSTEM_LOG_DUMP;
1819
1820 /* trigger a dump */
1821 kdp_flag |= DBG_POST_CORE;
1822
1823 flag_dont_abort_panic_dump = (flags & KDP_DUMPINFO_NOINTR) ?
1824 TRUE : FALSE;
1825
1826 reattach_wait = 1;
1827 logPanicDataToScreen = 1;
1828 disableConsoleOutput = 0;
1829 disable_debug_output = 0;
1830 kdp_trigger_core_dump = 1;
1831 }
1832
1833 void
1834 kdp_get_dump_info(uint32_t *flags, char *filename, char *destipstr,
1835 char *routeripstr, uint32_t *port)
1836 {
1837 if (destipstr) {
1838 if (panicd_specified)
1839 strlcpy(destipstr, panicd_ip_str,
1840 sizeof(panicd_ip_str));
1841 else
1842 destipstr[0] = '\0';
1843 }
1844
1845 if (routeripstr) {
1846 if (router_specified)
1847 strlcpy(routeripstr, router_ip_str,
1848 sizeof(router_ip_str));
1849 else
1850 routeripstr[0] = '\0';
1851 }
1852
1853 if (filename) {
1854 if (corename_specified)
1855 strlcpy(filename, corename_str,
1856 sizeof(corename_str));
1857 else
1858 filename[0] = '\0';
1859
1860 }
1861
1862 if (port)
1863 *port = panicd_port;
1864
1865 if (flags) {
1866 *flags = 0;
1867 if (!panicd_specified)
1868 *flags |= KDP_DUMPINFO_DISABLE;
1869 else if (kdp_flag & PANIC_LOG_DUMP)
1870 *flags |= KDP_DUMPINFO_PANICLOG;
1871 else
1872 *flags |= KDP_DUMPINFO_CORE;
1873
1874 if (noresume_on_disconnect)
1875 *flags |= KDP_DUMPINFO_NORESUME;
1876 }
1877 }
1878
1879
1880 /* Primary dispatch routine for the system dump */
1881 void
1882 kdp_panic_dump(void)
1883 {
1884 char coreprefix[10];
1885 char coresuffix[4];
1886 int panic_error;
1887
1888 uint64_t abstime;
1889 uint32_t current_ip = ntohl((uint32_t)kdp_current_ip_address);
1890
1891 if (flag_panic_dump_in_progress) {
1892 kdb_printf("System dump aborted.\n");
1893 goto panic_dump_exit;
1894 }
1895
1896 printf("Entering system dump routine\n");
1897
1898 /* try a local disk dump */
1899 if (kdp_has_polled_corefile()) {
1900 flag_panic_dump_in_progress = TRUE;
1901 kern_dump(KERN_DUMP_DISK);
1902 abort_panic_transfer();
1903 }
1904
1905 if (!strcmp("local", panicd_ip_str)) return; /* disk only request */
1906
1907 if (!kdp_en_recv_pkt || !kdp_en_send_pkt) {
1908 if (!kdp_has_polled_corefile()) {
1909 kdb_printf("Error: No transport device registered for kernel crashdump\n");
1910 }
1911 return;
1912 }
1913
1914 if (!panicd_specified) {
1915 if (!kdp_has_polled_corefile()) {
1916 kdb_printf("A dump server was not specified in the boot-args, terminating kernel core dump.\n");
1917 }
1918 goto panic_dump_exit;
1919 }
1920
1921 flag_panic_dump_in_progress = TRUE;
1922
1923 if (pkt.input)
1924 kdp_panic("kdp_panic_dump: unexpected pending input packet");
1925
1926 kdp_get_xnu_version((char *) &pkt.data[0]);
1927
1928 if (!corename_specified) {
1929 coresuffix[0] = 0;
1930 /* Panic log bit takes precedence over core dump bit */
1931 if ((panicstr != (char *) 0) && (kdp_flag & PANIC_LOG_DUMP))
1932 strlcpy(coreprefix, "paniclog", sizeof(coreprefix));
1933 else if (kdp_flag & SYSTEM_LOG_DUMP)
1934 strlcpy(coreprefix, "systemlog", sizeof(coreprefix));
1935 else {
1936 strlcpy(coreprefix, "core", sizeof(coreprefix));
1937 if (!kdp_corezip_disabled) strlcpy(coresuffix, ".gz", sizeof(coresuffix));
1938 }
1939
1940 abstime = mach_absolute_time();
1941 pkt.data[20] = '\0';
1942 snprintf (corename_str,
1943 sizeof(corename_str),
1944 "%s-%s-%d.%d.%d.%d-%x%s",
1945 coreprefix, &pkt.data[0],
1946 (current_ip & 0xff000000) >> 24,
1947 (current_ip & 0xff0000) >> 16,
1948 (current_ip & 0xff00) >> 8,
1949 (current_ip & 0xff),
1950 (unsigned int) (abstime & 0xffffffff),
1951 coresuffix);
1952 }
1953
1954 if (0 == inet_aton(panicd_ip_str, (struct kdp_in_addr *) &panic_server_ip)) {
1955 kdb_printf("inet_aton() failed interpreting %s as a panic server IP\n", panicd_ip_str);
1956 } else {
1957 kdb_printf("Attempting connection to panic server configured at IP %s, port %d\n", panicd_ip_str, panicd_port);
1958 }
1959
1960 destination_mac = router_mac;
1961
1962 if (kdp_arp_resolve(panic_server_ip, &temp_mac)) {
1963 kdb_printf("Resolved %s's (or proxy's) link level address\n", panicd_ip_str);
1964 destination_mac = temp_mac;
1965 } else {
1966 if (!flag_panic_dump_in_progress) goto panic_dump_exit;
1967 if (router_specified) {
1968 if (0 == inet_aton(router_ip_str, (struct kdp_in_addr *) &parsed_router_ip)) {
1969 kdb_printf("inet_aton() failed interpreting %s as an IP\n", router_ip_str);
1970 } else {
1971 router_ip = parsed_router_ip;
1972 if (kdp_arp_resolve(router_ip, &temp_mac)) {
1973 destination_mac = temp_mac;
1974 kdb_printf("Routing through specified router IP %s (%d)\n", router_ip_str, router_ip);
1975 }
1976 }
1977 }
1978 }
1979
1980 if (!flag_panic_dump_in_progress) goto panic_dump_exit;
1981
1982 kdb_printf("Transmitting packets to link level address: %02x:%02x:%02x:%02x:%02x:%02x\n",
1983 destination_mac.ether_addr_octet[0] & 0xff,
1984 destination_mac.ether_addr_octet[1] & 0xff,
1985 destination_mac.ether_addr_octet[2] & 0xff,
1986 destination_mac.ether_addr_octet[3] & 0xff,
1987 destination_mac.ether_addr_octet[4] & 0xff,
1988 destination_mac.ether_addr_octet[5] & 0xff);
1989
1990 kdb_printf("Kernel map size is %llu\n", (unsigned long long) get_vmmap_size(kernel_map));
1991 kdb_printf("Sending write request for %s\n", corename_str);
1992
1993 if ((panic_error = kdp_send_crashdump_pkt(KDP_WRQ, corename_str, 0 , NULL)) < 0) {
1994 kdb_printf ("kdp_send_crashdump_pkt failed with error %d\n", panic_error);
1995 goto panic_dump_exit;
1996 }
1997
1998 /* Just the panic log requested */
1999 if ((panicstr != (char *) 0) && (kdp_flag & PANIC_LOG_DUMP)) {
2000 kdb_printf_unbuffered("Transmitting panic log, please wait: ");
2001 kdp_send_crashdump_data(KDP_DATA, corename_str,
2002 debug_buf_ptr - debug_buf_addr,
2003 debug_buf_addr);
2004 kdp_send_crashdump_pkt (KDP_EOF, NULL, 0, ((void *) 0));
2005 printf("Please file a bug report on this panic, if possible.\n");
2006 goto panic_dump_exit;
2007 }
2008
2009 /* maybe we wanted the systemlog */
2010 if (kdp_flag & SYSTEM_LOG_DUMP) {
2011 long start_off = msgbufp->msg_bufx;
2012 long len;
2013
2014 kdb_printf_unbuffered("Transmitting system log, please wait: ");
2015 if (start_off >= msgbufp->msg_bufr) {
2016 len = msgbufp->msg_size - start_off;
2017 kdp_send_crashdump_data(KDP_DATA, corename_str, len,
2018 msgbufp->msg_bufc + start_off);
2019 /* seek to remove trailing bytes */
2020 kdp_send_crashdump_seek(corename_str, len);
2021 start_off = 0;
2022 }
2023
2024 if (start_off != msgbufp->msg_bufr) {
2025 len = msgbufp->msg_bufr - start_off;
2026 kdp_send_crashdump_data(KDP_DATA, corename_str, len,
2027 msgbufp->msg_bufc + start_off);
2028 }
2029
2030 kdp_send_crashdump_pkt (KDP_EOF, NULL, 0, ((void *) 0));
2031 goto panic_dump_exit;
2032 }
2033
2034 /* We want a core dump if we're here */
2035 kern_dump(KERN_DUMP_NET);
2036
2037 panic_dump_exit:
2038 abort_panic_transfer();
2039 kdp_reset();
2040 return;
2041 }
2042
2043 void
2044 abort_panic_transfer(void)
2045 {
2046 flag_panic_dump_in_progress = FALSE;
2047 flag_dont_abort_panic_dump = FALSE;
2048 panic_block = 0;
2049 }
2050
2051 #if CONFIG_SERIAL_KDP
2052
2053 static boolean_t needs_serial_init = TRUE;
2054
2055 static void
2056 kdp_serial_send(void *rpkt, unsigned int rpkt_len)
2057 {
2058 // printf("tx\n");
2059 kdp_serialize_packet((unsigned char *)rpkt, rpkt_len, pal_serial_putc_nocr);
2060 }
2061
2062 static void
2063 kdp_serial_receive(void *rpkt, unsigned int *rpkt_len, unsigned int timeout)
2064 {
2065 int readkar;
2066 uint64_t now, deadline;
2067
2068 clock_interval_to_deadline(timeout, 1000 * 1000 /* milliseconds */, &deadline);
2069
2070 // printf("rx\n");
2071 for(clock_get_uptime(&now); now < deadline; clock_get_uptime(&now)) {
2072 readkar = pal_serial_getc();
2073 if(readkar >= 0) {
2074 unsigned char *packet;
2075 // printf("got char %02x\n", readkar);
2076 if((packet = kdp_unserialize_packet(readkar,rpkt_len))) {
2077 memcpy(rpkt, packet, *rpkt_len);
2078 return;
2079 }
2080 }
2081 }
2082 *rpkt_len = 0;
2083 }
2084
2085 static boolean_t
2086 kdp_serial_setmode(boolean_t active)
2087 {
2088 if (active == FALSE) /* leaving KDP */
2089 return TRUE;
2090
2091 if (!needs_serial_init)
2092 return TRUE;
2093
2094 pal_serial_init();
2095 needs_serial_init = FALSE;
2096 return TRUE;
2097 }
2098
2099
2100 static void
2101 kdp_serial_callout(__unused void *arg, kdp_event_t event)
2102 {
2103 /*
2104 * When we stop KDP, set the bit to re-initialize the console serial
2105 * port the next time we send/receive a KDP packet. We don't do it on
2106 * KDP_EVENT_ENTER directly because it also gets called when we trap to
2107 * KDP for non-external debugging, i.e., stackshot or core dumps.
2108 *
2109 * Set needs_serial_init on exit (and initialization, see above) and not
2110 * enter because enter is sent multiple times and causes excess
2111 * reinitialization.
2112 */
2113
2114 switch (event)
2115 {
2116 case KDP_EVENT_PANICLOG:
2117 case KDP_EVENT_ENTER:
2118 break;
2119 case KDP_EVENT_EXIT:
2120 needs_serial_init = TRUE;
2121 break;
2122 }
2123 }
2124
2125 #endif /* CONFIG_SERIAL_KDP */
2126
2127 void
2128 kdp_init(void)
2129 {
2130 strlcpy(kdp_kernelversion_string, version, sizeof(kdp_kernelversion_string));
2131
2132 /* Relies on platform layer calling panic_init() before kdp_init() */
2133 if (kernel_uuid_string[0] != '\0') {
2134 /*
2135 * Update kdp_kernelversion_string with our UUID
2136 * generated at link time.
2137 */
2138
2139 strlcat(kdp_kernelversion_string, "; UUID=", sizeof(kdp_kernelversion_string));
2140 strlcat(kdp_kernelversion_string, kernel_uuid_string, sizeof(kdp_kernelversion_string));
2141 }
2142
2143 debug_log_init();
2144
2145 #if defined(__x86_64__) || defined(__arm__) || defined(__arm64__)
2146 if (vm_kernel_slide) {
2147 char KASLR_stext[19];
2148 strlcat(kdp_kernelversion_string, "; stext=", sizeof(kdp_kernelversion_string));
2149 snprintf(KASLR_stext, sizeof(KASLR_stext), "%p", (void *) vm_kernel_stext);
2150 strlcat(kdp_kernelversion_string, KASLR_stext, sizeof(kdp_kernelversion_string));
2151 }
2152 #endif
2153
2154 if (debug_boot_arg & DB_REBOOT_POST_CORE)
2155 kdp_flag |= REBOOT_POST_CORE;
2156 #if defined(__x86_64__)
2157 kdp_machine_init();
2158 #endif
2159
2160 kdp_timer_callout_init();
2161 kdp_crashdump_feature_mask = htonl(kdp_crashdump_feature_mask);
2162 kdp_core_init();
2163
2164 #if CONFIG_SERIAL_KDP
2165 char kdpname[80];
2166 struct kdp_in_addr ipaddr;
2167 struct kdp_ether_addr macaddr;
2168
2169 boolean_t kdp_match_name_found = PE_parse_boot_argn("kdp_match_name", kdpname, sizeof(kdpname));
2170 boolean_t kdp_not_serial = kdp_match_name_found ? (strncmp(kdpname, "serial", sizeof(kdpname))) : TRUE;
2171
2172 // serial must be explicitly requested
2173 if(!kdp_match_name_found || kdp_not_serial)
2174 return;
2175
2176 #if WITH_CONSISTENT_DBG
2177 if (kdp_not_serial && PE_consistent_debug_enabled() && debug_boot_arg) {
2178 current_debugger = HW_SHM_CUR_DB;
2179 return;
2180 } else {
2181 printf("Serial requested, consistent debug disabled or debug boot arg not present, configuring debugging over serial\n");
2182 }
2183 #endif /* WITH_CONSISTENT_DBG */
2184
2185 kprintf("Initializing serial KDP\n");
2186
2187 kdp_register_callout(kdp_serial_callout, NULL);
2188 kdp_register_link(NULL, kdp_serial_setmode);
2189 kdp_register_send_receive(kdp_serial_send, kdp_serial_receive);
2190
2191 /* fake up an ip and mac for early serial debugging */
2192 macaddr.ether_addr_octet[0] = 's';
2193 macaddr.ether_addr_octet[1] = 'e';
2194 macaddr.ether_addr_octet[2] = 'r';
2195 macaddr.ether_addr_octet[3] = 'i';
2196 macaddr.ether_addr_octet[4] = 'a';
2197 macaddr.ether_addr_octet[5] = 'l';
2198 ipaddr.s_addr = KDP_SERIAL_IPADDR;
2199 kdp_set_ip_and_mac_addresses(&ipaddr, &macaddr);
2200
2201 #endif /* CONFIG_SERIAL_KDP */
2202 }
2203
2204 #else /* CONFIG_KDP_INTERACTIVE_DEBUGGING */
2205 void
2206 kdp_init(void)
2207 {
2208 }
2209 #endif /* CONFIG_KDP_INTERACTIVE_DEBUGGING */
2210
2211 #if !CONFIG_KDP_INTERACTIVE_DEBUGGING
2212 __attribute__((noreturn))
2213 static void
2214 panic_spin_forever()
2215 {
2216 kdb_printf("\nPlease go to https://panic.apple.com to report this panic\n");
2217
2218 for (;;) { }
2219 }
2220 #endif
2221
2222 #if WITH_CONSISTENT_DBG && CONFIG_KDP_INTERACTIVE_DEBUGGING
2223 __attribute__((noreturn))
2224 static void
2225 panic_spin_shmcon()
2226 {
2227 kdb_printf("\nPlease go to https://panic.apple.com to report this panic\n");
2228 kdb_printf("Waiting for hardware shared memory debugger, handshake structure is at virt: %p, phys %p\n",
2229 hwsd_info, (void *)kvtophys((vm_offset_t)hwsd_info));
2230
2231 assert(hwsd_info != NULL);
2232 hwsd_info->xhsdci_status = XHSDCI_STATUS_KERNEL_READY;
2233 hwsd_info->xhsdci_seq_no = 0;
2234 FlushPoC_DcacheRegion((vm_offset_t) hwsd_info, sizeof(*hwsd_info));
2235
2236 for (;;) {
2237 FlushPoC_DcacheRegion((vm_offset_t) hwsd_info, sizeof(*hwsd_info));
2238 if (hwsd_info->xhsdci_status == XHSDCI_COREDUMP_BEGIN) {
2239 kern_dump(KERN_DUMP_HW_SHMEM_DBG);
2240 }
2241
2242 if ((hwsd_info->xhsdci_status == XHSDCI_COREDUMP_REMOTE_DONE) ||
2243 (hwsd_info->xhsdci_status == XHSDCI_COREDUMP_ERROR)) {
2244 hwsd_info->xhsdci_status = XHSDCI_STATUS_KERNEL_READY;
2245 hwsd_info->xhsdci_seq_no = 0;
2246 FlushPoC_DcacheRegion((vm_offset_t) hwsd_info, sizeof(*hwsd_info));
2247 }
2248 }
2249 }
2250 #endif /* WITH_CONSISTENT_DBG && CONFIG_KDP_INTERACTIVE_DEBUGGING */
2251
2252 #if !CONFIG_KDP_INTERACTIVE_DEBUGGING
2253 __attribute__((noreturn))
2254 void
2255 kdp_raise_exception(
2256 __unused unsigned int exception,
2257 __unused unsigned int code,
2258 __unused unsigned int subcode,
2259 __unused void *saved_state
2260 )
2261 #else
2262 void
2263 kdp_raise_exception(
2264 unsigned int exception,
2265 unsigned int code,
2266 unsigned int subcode,
2267 void *saved_state
2268 )
2269 #endif
2270 {
2271
2272 #if CONFIG_KDP_INTERACTIVE_DEBUGGING
2273
2274 unsigned int initial_not_in_kdp = not_in_kdp;
2275 not_in_kdp = 0;
2276
2277 disable_preemption();
2278
2279 if (current_debugger != KDP_CUR_DB) {
2280 /* try a local disk dump */
2281 if (kdp_has_polled_corefile()) {
2282 #if WITH_CONSISTENT_DBG
2283 if (current_debugger == HW_SHM_CUR_DB) {
2284 hwsd_info->xhsdci_status = XHSDCI_STATUS_KERNEL_BUSY;
2285 }
2286 #endif /* WITH_CONSISTENT_DBG */
2287 flag_panic_dump_in_progress = TRUE;
2288 kern_dump(KERN_DUMP_DISK);
2289 abort_panic_transfer();
2290 }
2291 #if WITH_CONSISTENT_DBG
2292 if (current_debugger == HW_SHM_CUR_DB) {
2293 panic_spin_shmcon();
2294 }
2295 #endif /* WITH_CONSISTENT_DBG */
2296
2297
2298 if (!panicDebugging) {
2299 kdp_machine_reboot();
2300 }
2301 }
2302
2303 kdp_debugger_loop(exception, code, subcode, saved_state);
2304 not_in_kdp = initial_not_in_kdp;
2305 enable_preemption();
2306 #else /* CONFIG_KDP_INTERACTIVE_DEBUGGING */
2307 assert(current_debugger != KDP_CUR_DB);
2308
2309 /*
2310 * If kernel debugging is enabled via boot-args, but KDP debugging
2311 * is not compiled into the kernel, spin here waiting for debugging
2312 * via another method. Why here? Because we want to have watchdog
2313 * disabled (via KDP callout) while sitting waiting to be debugged.
2314 */
2315 panic_spin_forever();
2316 #endif /* CONFIG_KDP_INTERACTIVE_DEBUGGING */
2317 }
mirror of XNU