kdp_udp.c source code [xnu/osfmk/kdp/kdp_udp.c]

1	/*
2	* Copyright (c) 2000-2016 Apple Inc. All rights reserved.
3	*
4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5	*
6	* This file contains Original Code and/or Modifications of Original Code
7	* as defined in and that are subject to the Apple Public Source License
8	* Version 2.0 (the 'License'). You may not use this file except in
9	* compliance with the License. The rights granted to you under the License
10	* may not be used to create, or enable the creation or redistribution of,
11	* unlawful or unlicensed copies of an Apple operating system, or to
12	* circumvent, violate, or enable the circumvention or violation of, any
13	* terms of an Apple operating system software license agreement.
14	*
15	* Please obtain a copy of the License at
16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
17	*
18	* The Original Code and all software distributed under the License are
19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23	* Please see the License for the specific language governing rights and
24	* limitations under the License.
25	*
26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27	*/
28
29	/*
30	* Copyright (c) 1982, 1986, 1993
31	* The Regents of the University of California. All rights reserved.
32	*/
33
34	/*
35	* Kernel Debugging Protocol UDP implementation.
36	*/
37
38	#include <mach/boolean.h>
39	#include <mach/mach_types.h>
40	#include <mach/exception_types.h>
41	#include <kern/cpu_data.h>
42	#include <kern/debug.h>
43	#include <kern/clock.h>
44
45	#include <kdp/kdp_core.h>
46	#include <kdp/kdp_internal.h>
47	#if (MACH_KDP && CONFIG_KDP_INTERACTIVE_DEBUGGING)
48	#include <kdp/kdp_en_debugger.h>
49	#endif
50	#include <kdp/kdp_callout.h>
51	#include <kdp/kdp_udp.h>
52	#include <kdp/kdp_core.h>
53	#if CONFIG_SERIAL_KDP
54	#include <kdp/kdp_serial.h>
55	#endif
56
57	#include <vm/vm_map.h>
58	#include <vm/vm_protos.h>
59	#include <vm/vm_kern.h> /* kernel_map */
60
61	#include <mach/memory_object_types.h>
62	#include <machine/pal_routines.h>
63
64	#include <sys/msgbuf.h>
65
66	/ we just want the link status flags, so undef KERNEL_PRIVATE for this*
67	* header file. */
68	#undef KERNEL_PRIVATE
69	#include <net/if_media.h>
70	#define KERNEL_PRIVATE
71
72	#include <string.h>
73
74	#include <IOKit/IOPlatformExpert.h>
75	#include <libkern/version.h>
76
77	#include <sys/pgo.h>
78
79	extern unsigned int not_in_kdp;
80	extern int kdp_snapshot;
81
82	#ifdef CONFIG_KDP_INTERACTIVE_DEBUGGING
83
84	extern int inet_aton(const char , struct* kdp_in_addr ); /* in libkern /
85	extern char inet_ntoa_r(struct* kdp_in_addr ina, char *buf,
86	size_t buflen); / in libkern /
87
88	#define DO_ALIGN 1 /* align all packet data accesses */
89	#define KDP_SERIAL_IPADDR 0xABADBABE /* IP address used for serial KDP */
90	#define LINK_UP_STATUS (IFM_AVALID \| IFM_ACTIVE)
91
92	extern int kdp_getc(void);
93	extern int reattach_wait;
94
95	static u_short ip_id; / ip packet ctr, for ids /
96
97	/ @(#)udp_usrreq.c 2.2 88/05/23 4.0NFSSRC SMI; from UCB 7.1 6/5/86 /
98
99	/*
100	* UDP protocol implementation.
101	* Per RFC 768, August, 1980.
102	*/
103	#define UDP_TTL 60 /* deflt time to live for UDP packets */
104	static int udp_ttl = UDP_TTL;
105	static unsigned char exception_seq;
106
107	struct kdp_ipovly {
108	uint32_t ih_next, ih_prev; / for protocol sequence q's /
109	u_char ih_x1; / (unused) /
110	u_char ih_pr; / protocol /
111	short ih_len; / protocol length /
112	struct kdp_in_addr ih_src; / source internet address /
113	struct kdp_in_addr ih_dst; / destination internet address /
114	};
115
116	struct kdp_udphdr {
117	u_short uh_sport; / source port /
118	u_short uh_dport; / destination port /
119	short uh_ulen; / udp length /
120	u_short uh_sum; / udp checksum /
121	};
122
123	struct kdp_udpiphdr {
124	struct kdp_ipovly ui_i; / overlaid ip structure /
125	struct kdp_udphdr ui_u; / udp header /
126	};
127	#define ui_next ui_i.ih_next
128	#define ui_prev ui_i.ih_prev
129	#define ui_x1 ui_i.ih_x1
130	#define ui_pr ui_i.ih_pr
131	#define ui_len ui_i.ih_len
132	#define ui_src ui_i.ih_src
133	#define ui_dst ui_i.ih_dst
134	#define ui_sport ui_u.uh_sport
135	#define ui_dport ui_u.uh_dport
136	#define ui_ulen ui_u.uh_ulen
137	#define ui_sum ui_u.uh_sum
138
139	struct kdp_ip {
140	union {
141	uint32_t ip_w;
142	struct {
143	unsigned int
144	#ifdef __LITTLE_ENDIAN__
145	ip_xhl:`4`, / header length /
146	ip_xv:`4`, / version /
147	ip_xtos:`8`, / type of service /
148	ip_xlen:`16`; / total length /
149	#endif
150	#ifdef __BIG_ENDIAN__
151	ip_xv:`4`, / version /
152	ip_xhl:`4`, / header length /
153	ip_xtos:`8`, / type of service /
154	ip_xlen:`16`; / total length /
155	#endif
156	} ip_x;
157	} ip_vhltl;
158	u_short ip_id; / identification /
159	short ip_off; / fragment offset field /
160	#define IP_DF 0x4000 /* dont fragment flag */
161	#define IP_MF 0x2000 /* more fragments flag */
162	#define IP_OFFMASK 0x1fff /* mask for fragmenting bits */
163	u_char ip_ttl; / time to live /
164	u_char ip_p; / protocol /
165	u_short ip_sum; / checksum /
166	struct kdp_in_addr ip_src,ip_dst; / source and dest address /
167	};
168	#define ip_v ip_vhltl.ip_x.ip_xv
169	#define ip_hl ip_vhltl.ip_x.ip_xhl
170	#define ip_tos ip_vhltl.ip_x.ip_xtos
171	#define ip_len ip_vhltl.ip_x.ip_xlen
172
173	#define IPPROTO_UDP 17
174	#define IPVERSION 4
175
176	#define ETHERTYPE_IP 0x0800 /* IP protocol */
177
178	/*
179	* Ethernet Address Resolution Protocol.
180	*
181	* See RFC 826 for protocol description. Structure below is adapted
182	* to resolving internet addresses. Field names used correspond to
183	* RFC 826.
184	*/
185
186	#define ETHERTYPE_ARP 0x0806 /* Addr. resolution protocol */
187
188	struct kdp_arphdr {
189	u_short ar_hrd; / format of hardware address /
190	#define ARPHRD_ETHER 1 /* ethernet hardware format */
191	#define ARPHRD_FRELAY 15 /* frame relay hardware format */
192	u_short ar_pro; / format of protocol address /
193	u_char ar_hln; / length of hardware address /
194	u_char ar_pln; / length of protocol address /
195	u_short ar_op; / one of: /
196	#define ARPOP_REQUEST 1 /* request to resolve address */
197	#define ARPOP_REPLY 2 /* response to previous request */
198	#define ARPOP_REVREQUEST 3 /* request protocol address given hardware */
199	#define ARPOP_REVREPLY 4 /* response giving protocol address */
200	#define ARPOP_INVREQUEST 8 /* request to identify peer */
201	#define ARPOP_INVREPLY 9 /* response identifying peer */
202	};
203
204	struct kdp_ether_arp {
205	struct kdp_arphdr ea_hdr; / fixed-size header /
206	u_char arp_sha[ETHER_ADDR_LEN]; / sender hardware address /
207	u_char arp_spa[`4`]; / sender protocol address /
208	u_char arp_tha[ETHER_ADDR_LEN]; / target hardware address /
209	u_char arp_tpa[`4`]; / target protocol address /
210	};
211	#define arp_hrd ea_hdr.ar_hrd
212	#define arp_pro ea_hdr.ar_pro
213	#define arp_hln ea_hdr.ar_hln
214	#define arp_pln ea_hdr.ar_pln
215	#define arp_op ea_hdr.ar_op
216
217	#define ETHERMTU 1500
218	#define ETHERHDRSIZE 14
219	#define ETHERCRC 4
220	#define KDP_MAXPACKET (ETHERHDRSIZE + ETHERMTU + ETHERCRC)
221
222	static struct {
223	unsigned char data[KDP_MAXPACKET];
224	unsigned int off, len;
225	boolean_t input;
226	} pkt, saved_reply;
227
228	struct kdp_manual_pkt manual_pkt;
229
230	struct {
231	struct {
232	struct kdp_in_addr in;
233	struct kdp_ether_addr ea;
234	} loc;
235	struct {
236	struct kdp_in_addr in;
237	struct kdp_ether_addr ea;
238	} rmt;
239	} adr;
240
241	static const char
242	*exception_message[] = {
243	"Unknown",
244	"Memory access", / EXC_BAD_ACCESS /
245	"Failed instruction", / EXC_BAD_INSTRUCTION /
246	"Arithmetic", / EXC_ARITHMETIC /
247	"Emulation", / EXC_EMULATION /
248	"Software", / EXC_SOFTWARE /
249	"Breakpoint" / EXC_BREAKPOINT /
250	};
251
252	volatile int kdp_flag = `0`;
253	boolean_t kdp_corezip_disabled = `0`;
254
255	kdp_send_t kdp_en_send_pkt;
256	static kdp_receive_t kdp_en_recv_pkt;
257	static kdp_link_t kdp_en_linkstatus;
258	static kdp_mode_t kdp_en_setmode;
259
260	#if CONFIG_SERIAL_KDP
261	static void kdp_serial_send(void rpkt, unsigned* int rpkt_len);
262	#define KDP_SERIAL_ENABLED() (kdp_en_send_pkt == kdp_serial_send)
263	#else
264	#define KDP_SERIAL_ENABLED() (0)
265	#endif
266
267	static uint32_t kdp_current_ip_address = `0`;
268	static struct kdp_ether_addr kdp_current_mac_address = {{`0`, `0`, `0`, `0`, `0`, `0`}};
269	static void *kdp_current_ifp;
270
271	static void kdp_handler( void *);
272
273	static uint32_t panic_server_ip = `0`;
274	static uint32_t parsed_router_ip = `0`;
275	static uint32_t router_ip = `0`;
276	static uint32_t target_ip = `0`;
277
278	static boolean_t save_ip_in_nvram = FALSE;
279
280	static volatile boolean_t panicd_specified = FALSE;
281	static boolean_t router_specified = FALSE;
282	static boolean_t corename_specified = FALSE;
283	static unsigned int panicd_port = CORE_REMOTE_PORT;
284
285	static struct kdp_ether_addr etherbroadcastaddr = {{`0xff`, `0xff`, `0xff`, `0xff`, `0xff`, `0xff`}};
286
287	static struct kdp_ether_addr router_mac = {{`0`, `0`, `0` , `0`, `0`, `0`}};
288	static struct kdp_ether_addr destination_mac = {{`0`, `0`, `0` , `0`, `0`, `0`}};
289	static struct kdp_ether_addr temp_mac = {{`0`, `0`, `0` , `0`, `0`, `0`}};
290	static struct kdp_ether_addr current_resolved_MAC = {{`0`, `0`, `0` , `0`, `0`, `0`}};
291
292	static boolean_t flag_panic_dump_in_progress = FALSE;
293	static boolean_t flag_router_mac_initialized = FALSE;
294	static boolean_t flag_dont_abort_panic_dump = FALSE;
295
296	static boolean_t flag_arp_resolved = FALSE;
297
298	static unsigned int panic_timeout = `100000`;
299	static unsigned int last_panic_port = CORE_REMOTE_PORT;
300
301	#define KDP_THROTTLE_VALUE (10ULL * NSEC_PER_SEC)
302
303	uint32_t kdp_crashdump_pkt_size = `512`;
304	#define KDP_LARGE_CRASHDUMP_PKT_SIZE (1440 - 6 - sizeof(struct kdp_udpiphdr))
305	static char panicd_ip_str[`20`];
306	static char router_ip_str[`20`];
307	static char corename_str[`100`];
308
309	static unsigned int panic_block = `0`;
310	volatile unsigned int kdp_trigger_core_dump = `0`;
311	__private_extern__ volatile unsigned int flag_kdp_trigger_reboot = `0`;
312
313
314	extern unsigned int disableConsoleOutput;
315
316	extern void kdp_call(void);
317
318	void * kdp_get_interface(void);
319	void kdp_set_gateway_mac(void *gatewaymac);
320	void kdp_set_ip_and_mac_addresses(struct kdp_in_addr ipaddr, struct* kdp_ether_addr *);
321	void kdp_set_interface(void interface, const* struct kdp_ether_addr *macaddr);
322
323	void kdp_disable_arp(void);
324	static void kdp_arp_reply(struct kdp_ether_arp *);
325	static void kdp_process_arp_reply(struct kdp_ether_arp *);
326	static boolean_t kdp_arp_resolve(uint32_t, struct kdp_ether_addr *);
327
328	static volatile unsigned kdp_reentry_deadline;
329
330	static uint32_t kdp_crashdump_feature_mask = KDP_FEATURE_LARGE_CRASHDUMPS \| KDP_FEATURE_LARGE_PKT_SIZE;
331	uint32_t kdp_feature_large_crashdumps, kdp_feature_large_pkt_size;
332
333	char kdp_kernelversion_string[`256`];
334
335	static boolean_t gKDPDebug = FALSE;
336
337	#define KDP_DEBUG(...) if (gKDPDebug) printf(__VA_ARGS__);
338
339	#define SBLOCKSZ (2048)
340	uint64_t kdp_dump_start_time = `0`;
341	uint64_t kdp_min_superblock_dump_time = ~`1ULL`;
342	uint64_t kdp_max_superblock_dump_time = `0`;
343	uint64_t kdp_superblock_dump_time = `0`;
344	uint64_t kdp_superblock_dump_start_time = `0`;
345	static thread_call_t
346	kdp_timer_call;
347
348	static void
349	kdp_ml_enter_debugger_wrapper(__unused void param0, __unused void* *param1) {
350	kdp_ml_enter_debugger();
351	}
352
353	static void
354	kdp_timer_callout_init(void) {
355	kdp_timer_call = thread_call_allocate(kdp_ml_enter_debugger_wrapper, NULL);
356	}
357
358
359	/ only send/receive data if the link is up /
360	inline static void
361	wait_for_link(void)
362	{
363	static int first = `0`;
364
365	if (!kdp_en_linkstatus)
366	return;
367
368	while (((*kdp_en_linkstatus)() & LINK_UP_STATUS) != LINK_UP_STATUS) {
369	if (first)
370	continue;
371
372	first = `1`;
373	printf("Waiting for link to become available.\n");
374	kprintf("Waiting for link to become available.\n");
375	}
376	}
377
378
379	inline static void
380	kdp_send_data(void packet, unsigned* int len)
381	{
382	wait_for_link();
383	(*kdp_en_send_pkt)(packet, len);
384	}
385
386
387	inline static void
388	kdp_receive_data(void packet, unsigned* int len, unsigned* int timeout)
389	{
390	wait_for_link();
391	(*kdp_en_recv_pkt)(packet, len, timeout);
392	}
393
394
395	void
396	kdp_register_link(kdp_link_t link, kdp_mode_t mode)
397	{
398	kdp_en_linkstatus = link;
399	kdp_en_setmode = mode;
400	}
401
402	void
403	kdp_unregister_link(__unused kdp_link_t link, __unused kdp_mode_t mode)
404	{
405	kdp_en_linkstatus = NULL;
406	kdp_en_setmode = NULL;
407	}
408
409	void
410	kdp_register_send_receive(
411	kdp_send_t send,
412	kdp_receive_t receive)
413	{
414	unsigned int debug = `0`;
415
416	PE_parse_boot_argn("debug", &debug, sizeof (debug));
417
418	#if defined(__arm__) \|\| defined(__arm64__)
419	{
420	uint32_t debug_flags;
421
422	if (!PE_i_can_has_debugger(&debug_flags))
423	debug = `0`;
424	}
425	#endif
426
427	if (!debug)
428	return;
429
430	kdp_en_send_pkt = send;
431	kdp_en_recv_pkt = receive;
432
433	if (debug & DB_KDP_BP_DIS)
434	kdp_flag \|= KDP_BP_DIS;
435	if (debug & DB_KDP_GETC_ENA)
436	kdp_flag \|= KDP_GETC_ENA;
437	if (debug & DB_ARP)
438	kdp_flag \|= KDP_ARP;
439
440	if (debug & DB_KERN_DUMP_ON_PANIC)
441	kdp_flag \|= KDP_PANIC_DUMP_ENABLED;
442	if (debug & DB_KERN_DUMP_ON_NMI)
443	kdp_flag \|= PANIC_CORE_ON_NMI;
444
445	if (debug & DB_DBG_POST_CORE)
446	kdp_flag \|= DBG_POST_CORE;
447
448	if (debug & DB_PANICLOG_DUMP)
449	kdp_flag \|= PANIC_LOG_DUMP;
450
451	kdp_corezip_disabled = (`0` != (debug & DB_DISABLE_GZIP_CORE));
452
453	if (PE_parse_boot_argn("_panicd_ip", panicd_ip_str, sizeof (panicd_ip_str)))
454	panicd_specified = TRUE;
455
456	if ((debug & DB_REBOOT_POST_CORE) && (panicd_specified == TRUE))
457	kdp_flag \|= REBOOT_POST_CORE;
458
459	if (PE_parse_boot_argn("_router_ip", router_ip_str, sizeof (router_ip_str)))
460	router_specified = TRUE;
461
462	if (!PE_parse_boot_argn("panicd_port", &panicd_port, sizeof (panicd_port)))
463	panicd_port = CORE_REMOTE_PORT;
464
465	if (PE_parse_boot_argn("_panicd_corename", &corename_str, sizeof (corename_str)))
466	corename_specified = TRUE;
467
468	kdp_flag \|= KDP_READY;
469
470	current_debugger = KDP_CUR_DB;
471	if ((kdp_current_ip_address != `0`) && halt_in_debugger) {
472	kdp_call();
473	halt_in_debugger=`0`;
474	}
475	}
476
477	void
478	kdp_unregister_send_receive(
479	__unused kdp_send_t send,
480	__unused kdp_receive_t receive)
481	{
482	if (current_debugger == KDP_CUR_DB)
483	current_debugger = NO_CUR_DB;
484	kdp_flag &= ~KDP_READY;
485	kdp_en_send_pkt = NULL;
486	kdp_en_recv_pkt = NULL;
487	}
488
489	static void
490	kdp_schedule_debugger_reentry(unsigned interval) {
491	uint64_t deadline;;
492
493	clock_interval_to_deadline(interval, `1000` * `1000`, &deadline);
494	thread_call_enter_delayed(kdp_timer_call, deadline);
495	}
496
497	static void
498	enaddr_copy(
499	void *src,
500	void *dst
501	)
502	{
503	bcopy((char )src, (char* )dst, sizeof* (struct kdp_ether_addr));
504	}
505
506	static unsigned short
507	ip_sum(
508	unsigned char *c,
509	unsigned int hlen
510	)
511	{
512	unsigned int high, low, sum;
513
514	high = low = `0`;
515	while (hlen-- > `0`) {
516	low += c[`1`] + c[`3`];
517	high += c[`0`] + c[`2`];
518
519	c += sizeof (int);
520	}
521
522	sum = (high << `8`) + low;
523	sum = (sum >> `16`) + (sum & `65535`);
524
525	return (sum > `65535` ? sum - `65535` : sum);
526	}
527
528	static void
529	kdp_reply(
530	unsigned short reply_port,
531	const boolean_t sideband
532	)
533	{
534	struct kdp_udpiphdr aligned_ui, *ui = &aligned_ui;
535	struct kdp_ip aligned_ip, *ip = &aligned_ip;
536	struct kdp_in_addr tmp_ipaddr;
537	struct kdp_ether_addr tmp_enaddr;
538	struct kdp_ether_header *eh = NULL;
539
540	if (!pkt.input)
541	kdp_panic("kdp_reply");
542
543	pkt.off -= (unsigned int)sizeof (struct kdp_udpiphdr);
544
545	#if DO_ALIGN
546	bcopy((char )&pkt.data[pkt.off], (char* )ui, sizeof(ui));
547	#else
548	ui = (struct kdp_udpiphdr *)&pkt.data[pkt.off];
549	#endif
550	ui->ui_next = ui->ui_prev = `0`;
551	ui->ui_x1 = `0`;
552	ui->ui_pr = IPPROTO_UDP;
553	ui->ui_len = htons((u_short)pkt.len + sizeof (struct kdp_udphdr));
554	tmp_ipaddr = ui->ui_src;
555	ui->ui_src = ui->ui_dst;
556	ui->ui_dst = tmp_ipaddr;
557	ui->ui_sport = htons(KDP_REMOTE_PORT);
558	ui->ui_dport = reply_port;
559	ui->ui_ulen = ui->ui_len;
560	ui->ui_sum = `0`;
561	#if DO_ALIGN
562	bcopy((char )ui, (char* )&pkt.data[pkt.off], sizeof(ui));
563	bcopy((char )&pkt.data[pkt.off], (char* )ip, sizeof(ip));
564	#else
565	ip = (struct kdp_ip *)&pkt.data[pkt.off];
566	#endif
567	ip->ip_len = htons(sizeof (struct kdp_udpiphdr) + pkt.len);
568	ip->ip_v = IPVERSION;
569	ip->ip_id = htons(ip_id++);
570	ip->ip_hl = sizeof (struct kdp_ip) >> `2`;
571	ip->ip_ttl = udp_ttl;
572	ip->ip_sum = `0`;
573	ip->ip_sum = htons(~ip_sum((unsigned char *)ip, ip->ip_hl));
574	#if DO_ALIGN
575	bcopy((char )ip, (char* )&pkt.data[pkt.off], sizeof(ip));
576	#endif
577
578	pkt.len += (unsigned int)sizeof (struct kdp_udpiphdr);
579
580	pkt.off -= (unsigned int)sizeof (struct kdp_ether_header);
581
582	eh = (struct kdp_ether_header *)&pkt.data[pkt.off];
583	enaddr_copy(eh->ether_shost, &tmp_enaddr);
584	enaddr_copy(eh->ether_dhost, eh->ether_shost);
585	enaddr_copy(&tmp_enaddr, eh->ether_dhost);
586	eh->ether_type = htons(ETHERTYPE_IP);
587
588	pkt.len += (unsigned int)sizeof (struct kdp_ether_header);
589
590	// save reply for possible retransmission
591	assert(pkt.len <= KDP_MAXPACKET);
592	if (!sideband)
593	bcopy((char )&pkt, (char* )&saved_reply, sizeof*(saved_reply));
594
595	kdp_send_data(&pkt.data[pkt.off], pkt.len);
596
597	// increment expected sequence number
598	if (!sideband)
599	exception_seq++;
600	}
601
602	static void
603	kdp_send(
604	unsigned short remote_port
605	)
606	{
607	struct kdp_udpiphdr aligned_ui, *ui = &aligned_ui;
608	struct kdp_ip aligned_ip, *ip = &aligned_ip;
609	struct kdp_ether_header *eh;
610
611	if (pkt.input)
612	kdp_panic("kdp_send");
613
614	pkt.off -= (unsigned int)sizeof (struct kdp_udpiphdr);
615
616	#if DO_ALIGN
617	bcopy((char )&pkt.data[pkt.off], (char* )ui, sizeof(ui));
618	#else
619	ui = (struct kdp_udpiphdr *)&pkt.data[pkt.off];
620	#endif
621	ui->ui_next = ui->ui_prev = `0`;
622	ui->ui_x1 = `0`;
623	ui->ui_pr = IPPROTO_UDP;
624	ui->ui_len = htons((u_short)pkt.len + sizeof (struct kdp_udphdr));
625	ui->ui_src = adr.loc.in;
626	ui->ui_dst = adr.rmt.in;
627	ui->ui_sport = htons(KDP_REMOTE_PORT);
628	ui->ui_dport = remote_port;
629	ui->ui_ulen = ui->ui_len;
630	ui->ui_sum = `0`;
631	#if DO_ALIGN
632	bcopy((char )ui, (char* )&pkt.data[pkt.off], sizeof(ui));
633	bcopy((char )&pkt.data[pkt.off], (char* )ip, sizeof(ip));
634	#else
635	ip = (struct kdp_ip *)&pkt.data[pkt.off];
636	#endif
637	ip->ip_len = htons(sizeof (struct kdp_udpiphdr) + pkt.len);
638	ip->ip_v = IPVERSION;
639	ip->ip_id = htons(ip_id++);
640	ip->ip_hl = sizeof (struct kdp_ip) >> `2`;
641	ip->ip_ttl = udp_ttl;
642	ip->ip_sum = `0`;
643	ip->ip_sum = htons(~ip_sum((unsigned char *)ip, ip->ip_hl));
644	#if DO_ALIGN
645	bcopy((char )ip, (char* )&pkt.data[pkt.off], sizeof(ip));
646	#endif
647
648	pkt.len += (unsigned int)sizeof (struct kdp_udpiphdr);
649
650	pkt.off -= (unsigned int)sizeof (struct kdp_ether_header);
651
652	eh = (struct kdp_ether_header *)&pkt.data[pkt.off];
653	enaddr_copy(&adr.loc.ea, eh->ether_shost);
654	enaddr_copy(&adr.rmt.ea, eh->ether_dhost);
655	eh->ether_type = htons(ETHERTYPE_IP);
656
657	pkt.len += (unsigned int)sizeof (struct kdp_ether_header);
658	kdp_send_data(&pkt.data[pkt.off], pkt.len);
659	}
660
661
662	inline static void
663	debugger_if_necessary(void)
664	{
665	if ((current_debugger == KDP_CUR_DB) && halt_in_debugger) {
666	kdp_call();
667	halt_in_debugger=`0`;
668	}
669	}
670
671
672	/ We don't interpret this pointer, we just give it to the bsd stack*
673	so it can decide when to set the MAC and IP info. We'll
674	early initialize the MAC/IP info if we can so that we can use
675	KDP early in boot. These values may subsequently get over-written
676	when the interface gets initialized for real.
677	*/
678	void
679	kdp_set_interface(void ifp, const* struct kdp_ether_addr *macaddr)
680	{
681	char kdpstr[`80`];
682	struct kdp_in_addr addr = { `0` };
683	unsigned int len;
684
685	kdp_current_ifp = ifp;
686
687	if (PE_parse_boot_argn("kdp_ip_addr", kdpstr, sizeof(kdpstr))) {
688	/ look for a static ip address /
689	if (inet_aton(kdpstr, &addr) == FALSE)
690	goto done;
691
692	goto config_network;
693	}
694
695	/ use saved ip address /
696	save_ip_in_nvram = TRUE;
697
698	len = sizeof(kdpstr);
699	if (PEReadNVRAMProperty("_kdp_ipstr", kdpstr, &len) == FALSE)
700	goto done;
701
702	kdpstr[len < sizeof(kdpstr) ? len : sizeof(kdpstr) - `1`] = `'\0'`;
703	if (inet_aton(kdpstr, &addr) == FALSE)
704	goto done;
705
706	config_network:
707	kdp_current_ip_address = addr.s_addr;
708	if (macaddr)
709	kdp_current_mac_address = *macaddr;
710
711	/ we can't drop into the debugger at this point because the*
712	link will likely not be up. when getDebuggerLinkStatus() support gets
713	added to the appropriate network drivers, adding the
714	following will enable this capability:
715	debugger_if_necessary();
716	*/
717	done:
718	return;
719	}
720
721	void *
722	kdp_get_interface(void)
723	{
724	return kdp_current_ifp;
725	}
726
727	void
728	kdp_set_ip_and_mac_addresses(
729	struct kdp_in_addr *ipaddr,
730	struct kdp_ether_addr *macaddr)
731	{
732	static uint64_t last_time = (uint64_t) -`1`;
733	static uint64_t throttle_val = `0`;
734	uint64_t cur_time;
735	char addr[`16`];
736
737	if (kdp_current_ip_address == ipaddr->s_addr)
738	goto done;
739
740	/ don't replace if serial debugging is configured /
741	if (!KDP_SERIAL_ENABLED() \|\|
742	(kdp_current_ip_address != KDP_SERIAL_IPADDR)) {
743	kdp_current_mac_address = *macaddr;
744	kdp_current_ip_address = ipaddr->s_addr;
745	}
746
747	if (save_ip_in_nvram == FALSE)
748	goto done;
749
750	if (inet_ntoa_r(ipaddr, addr, sizeof*(addr)) == NULL)
751	goto done;
752
753	/ throttle writes if needed /
754	if (!throttle_val)
755	nanoseconds_to_absolutetime(KDP_THROTTLE_VALUE, &throttle_val);
756
757	cur_time = mach_absolute_time();
758	if (last_time == (uint64_t) -`1` \|\|
759	((cur_time - last_time) > throttle_val)) {
760	PEWriteNVRAMProperty("_kdp_ipstr", addr,
761	(const unsigned int) strlen(addr));
762	}
763	last_time = cur_time;
764
765	done:
766	debugger_if_necessary();
767	}
768
769	void
770	kdp_set_gateway_mac(void *gatewaymac)
771	{
772	router_mac = (struct* kdp_ether_addr *)gatewaymac;
773	flag_router_mac_initialized = TRUE;
774	}
775
776	struct kdp_ether_addr
777	kdp_get_mac_addr(void)
778	{
779	return kdp_current_mac_address;
780	}
781
782	unsigned int
783	kdp_get_ip_address(void)
784	{
785	return (unsigned int)kdp_current_ip_address;
786	}
787
788	void
789	kdp_disable_arp(void)
790	{
791	kdp_flag &= ~(DB_ARP);
792	}
793
794	static void
795	kdp_arp_dispatch(void)
796	{
797	struct kdp_ether_arp aligned_ea, *ea = &aligned_ea;
798	unsigned arp_header_offset;
799
800	arp_header_offset = (unsigned)sizeof(struct kdp_ether_header) + pkt.off;
801	memcpy((void )ea, (void* )&pkt.data[arp_header_offset], sizeof(ea));
802
803	switch(ntohs(ea->arp_op)) {
804	case ARPOP_REQUEST:
805	kdp_arp_reply(ea);
806	break;
807	case ARPOP_REPLY:
808	kdp_process_arp_reply(ea);
809	break;
810	default:
811	return;
812	}
813	}
814
815	static void
816	kdp_process_arp_reply(struct kdp_ether_arp *ea)
817	{
818	/ Are we interested in ARP replies? /
819	if (flag_arp_resolved == TRUE)
820	return;
821
822	/ Did we receive a reply from the right source? /
823	if (((struct kdp_in_addr *)(ea->arp_spa))->s_addr != target_ip)
824	return;
825
826	flag_arp_resolved = TRUE;
827	current_resolved_MAC = (struct* kdp_ether_addr *) (ea->arp_sha);
828
829	return;
830	}
831
832	/ ARP responses are enabled when the DB_ARP bit of the debug boot arg*
833	* is set.
834	*/
835
836	static void
837	kdp_arp_reply(struct kdp_ether_arp *ea)
838	{
839	struct kdp_ether_header *eh;
840
841	struct kdp_in_addr isaddr, itaddr, myaddr;
842	struct kdp_ether_addr my_enaddr;
843
844	eh = (struct kdp_ether_header *)&pkt.data[pkt.off];
845	pkt.off += (unsigned int)sizeof(struct kdp_ether_header);
846
847	if(ntohs(ea->arp_op) != ARPOP_REQUEST)
848	return;
849
850	myaddr.s_addr = kdp_get_ip_address();
851	my_enaddr = kdp_get_mac_addr();
852
853	if ((ntohl(myaddr.s_addr) == `0`) \|\|
854	((my_enaddr.ether_addr_octet[`0`] & `0xff`) == `0`
855	&& (my_enaddr.ether_addr_octet[`1`] & `0xff`) == `0`
856	&& (my_enaddr.ether_addr_octet[`2`] & `0xff`) == `0`
857	&& (my_enaddr.ether_addr_octet[`3`] & `0xff`) == `0`
858	&& (my_enaddr.ether_addr_octet[`4`] & `0xff`) == `0`
859	&& (my_enaddr.ether_addr_octet[`5`] & `0xff`) == `0`
860	))
861	return;
862
863	(void)memcpy((void )&isaddr, (void* )ea->arp_spa, sizeof* (isaddr));
864	(void)memcpy((void )&itaddr, (void* )ea->arp_tpa, sizeof* (itaddr));
865
866	if (itaddr.s_addr == myaddr.s_addr) {
867	(void)memcpy((void )ea->arp_tha, (void* )ea->arp_sha, sizeof*(ea->arp_sha));
868	(void)memcpy((void )ea->arp_sha, (void* )&my_enaddr, sizeof*(ea->arp_sha));
869
870	(void)memcpy((void )ea->arp_tpa, (void* ) ea->arp_spa, sizeof*(ea->arp_spa));
871	(void)memcpy((void )ea->arp_spa, (void* ) &itaddr, sizeof*(ea->arp_spa));
872
873	ea->arp_op = htons(ARPOP_REPLY);
874	ea->arp_pro = htons(ETHERTYPE_IP);
875	(void)memcpy(eh->ether_dhost, ea->arp_tha, sizeof(eh->ether_dhost));
876	(void)memcpy(eh->ether_shost, &my_enaddr, sizeof(eh->ether_shost));
877	eh->ether_type = htons(ETHERTYPE_ARP);
878	(void)memcpy(&pkt.data[pkt.off], ea, sizeof(*ea));
879	pkt.off -= (unsigned int)sizeof (struct kdp_ether_header);
880	/ pkt.len is still the length we want, ether_header+ether_arp /
881	kdp_send_data(&pkt.data[pkt.off], pkt.len);
882	}
883	}
884
885	static void
886	kdp_poll(void)
887	{
888	struct kdp_ether_header *eh = NULL;
889	struct kdp_udpiphdr aligned_ui, *ui = &aligned_ui;
890	struct kdp_ip aligned_ip, *ip = &aligned_ip;
891	static int msg_printed;
892
893	if (pkt.input)
894	kdp_panic("kdp_poll");
895
896	if (!kdp_en_recv_pkt \|\| !kdp_en_send_pkt) {
897	if( msg_printed == `0`) {
898	msg_printed = `1`;
899	printf("kdp_poll: no debugger device\n");
900	}
901	return;
902	}
903
904	pkt.off = pkt.len = `0`;
905	kdp_receive_data(pkt.data, &pkt.len, `3`/ ms /);
906
907	if (pkt.len == `0`)
908	return;
909
910	if (pkt.len >= sizeof(struct kdp_ether_header)) {
911	eh = (struct kdp_ether_header *)&pkt.data[pkt.off];
912
913	if (kdp_flag & KDP_ARP) {
914	if (ntohs(eh->ether_type) == ETHERTYPE_ARP) {
915	kdp_arp_dispatch();
916	return;
917	}
918	}
919	}
920
921	if (pkt.len < (sizeof (struct kdp_ether_header) + sizeof (struct kdp_udpiphdr)))
922	return;
923
924	pkt.off += (unsigned int)sizeof (struct kdp_ether_header);
925	if (ntohs(eh->ether_type) != ETHERTYPE_IP) {
926	return;
927	}
928
929	#if DO_ALIGN
930	bcopy((char )&pkt.data[pkt.off], (char* )ui, sizeof(ui));
931	bcopy((char )&pkt.data[pkt.off], (char* )ip, sizeof(ip));
932	#else
933	ui = (struct kdp_udpiphdr *)&pkt.data[pkt.off];
934	ip = (struct kdp_ip *)&pkt.data[pkt.off];
935	#endif
936
937	pkt.off += (unsigned int)sizeof (struct kdp_udpiphdr);
938	if (ui->ui_pr != IPPROTO_UDP) {
939	return;
940	}
941
942	if (ip->ip_hl > (sizeof (struct kdp_ip) >> `2`)) {
943	return;
944	}
945
946	if (ntohs(ui->ui_dport) != KDP_REMOTE_PORT) {
947	if (panicd_port == (ntohs(ui->ui_dport)) &&
948	flag_panic_dump_in_progress) {
949	last_panic_port = ui->ui_sport;
950	}
951	else
952	return;
953	}
954	/ If we receive a kernel debugging packet whilst a*
955	* core dump is in progress, abort the transfer and
956	* enter the debugger if not told otherwise.
957	*/
958	else
959	if (flag_panic_dump_in_progress) {
960	if (!flag_dont_abort_panic_dump) {
961	abort_panic_transfer();
962	}
963	return;
964	}
965
966	if (!kdp.is_conn && !flag_panic_dump_in_progress) {
967	enaddr_copy(eh->ether_dhost, &adr.loc.ea);
968	adr.loc.in = ui->ui_dst;
969
970	enaddr_copy(eh->ether_shost, &adr.rmt.ea);
971	adr.rmt.in = ui->ui_src;
972	}
973
974	/*
975	* Calculate kdp packet length.
976	*/
977	pkt.len = ntohs((u_short)ui->ui_ulen) - (unsigned int)sizeof (struct kdp_udphdr);
978	pkt.input = TRUE;
979	}
980
981
982	/ Create and transmit an ARP resolution request for the target IP address.*
983	* This is modeled on ether_inet_arp()/RFC 826.
984	*/
985
986	static void
987	transmit_ARP_request(uint32_t ip_addr)
988	{
989	struct kdp_ether_header eh = (struct* kdp_ether_header *) &pkt.data[`0`];
990	struct kdp_ether_arp ea = (struct* kdp_ether_arp ) &pkt.data[sizeof(struct* kdp_ether_header)];
991
992	KDP_DEBUG("Transmitting ARP request\n");
993	/ Populate the ether_header /
994	eh->ether_type = htons(ETHERTYPE_ARP);
995	enaddr_copy(&kdp_current_mac_address, eh->ether_shost);
996	enaddr_copy(&etherbroadcastaddr, eh->ether_dhost);
997
998	/ Populate the ARP header /
999	ea->arp_pro = htons(ETHERTYPE_IP);
1000	ea->arp_hln = sizeof(ea->arp_sha);
1001	ea->arp_pln = sizeof(ea->arp_spa);
1002	ea->arp_hrd = htons(ARPHRD_ETHER);
1003	ea->arp_op = htons(ARPOP_REQUEST);
1004
1005	/ Target fields /
1006	enaddr_copy(&etherbroadcastaddr, ea->arp_tha);
1007	memcpy(ea->arp_tpa, (void ) &ip_addr, sizeof*(ip_addr));
1008
1009	/ Source fields /
1010	enaddr_copy(&kdp_current_mac_address, ea->arp_sha);
1011	memcpy(ea->arp_spa, (void ) &kdp_current_ip_address, sizeof*(kdp_current_ip_address));
1012
1013	pkt.off = `0`;
1014	pkt.len = sizeof(struct kdp_ether_header) + sizeof(struct kdp_ether_arp);
1015	/ Transmit /
1016	kdp_send_data(&pkt.data[pkt.off], pkt.len);
1017	}
1018
1019	static boolean_t
1020	kdp_arp_resolve(uint32_t arp_target_ip, struct kdp_ether_addr *resolved_MAC)
1021	{
1022	int poll_count = `256`; / ~770 ms modulo broadcast/delayed traffic? /
1023	char tretries = `0`;
1024
1025	#define NUM_ARP_TX_RETRIES 5
1026
1027	target_ip = arp_target_ip;
1028	flag_arp_resolved = FALSE;
1029
1030	TRANSMIT_RETRY:
1031	pkt.off = pkt.len = `0`;
1032
1033	tretries++;
1034
1035	if (tretries >= NUM_ARP_TX_RETRIES) {
1036	return FALSE;
1037	}
1038
1039	KDP_DEBUG("ARP TX attempt #%d \n", tretries);
1040
1041	transmit_ARP_request(arp_target_ip);
1042
1043	while (!pkt.input && !flag_arp_resolved && flag_panic_dump_in_progress && --poll_count) {
1044	kdp_poll();
1045	}
1046
1047	if (flag_arp_resolved) {
1048	*resolved_MAC = current_resolved_MAC;
1049	return TRUE;
1050	}
1051
1052	if (!flag_panic_dump_in_progress \|\| pkt.input) { / we received a debugging packet, bail/
1053	printf("Received a debugger packet,transferring control to debugger\n");
1054	/ Indicate that we should wait in the debugger when we return /
1055	kdp_flag \|= DBG_POST_CORE;
1056	pkt.input = FALSE;
1057	return FALSE;
1058	} else { / We timed out /
1059	if (`0` == poll_count) {
1060	poll_count = `256`;
1061	goto TRANSMIT_RETRY;
1062	}
1063	}
1064	return FALSE;
1065	}
1066
1067	static void
1068	kdp_handler(
1069	void *saved_state
1070	)
1071	{
1072	unsigned short reply_port;
1073	kdp_hdr_t aligned_hdr, *hdr = &aligned_hdr;
1074
1075	kdp.saved_state = saved_state; // see comment in kdp_raise_exception
1076
1077	do {
1078	while (!pkt.input)
1079	kdp_poll();
1080
1081	#if DO_ALIGN
1082	bcopy((char )&pkt.data[pkt.off], (char* )hdr, sizeof(hdr));
1083	#else
1084	hdr = (kdp_hdr_t *)&pkt.data[pkt.off];
1085	#endif
1086
1087	// ignore replies -- we're not expecting them anyway.
1088	if (hdr->is_reply) {
1089	goto again;
1090	}
1091
1092	if (hdr->request == KDP_REATTACH)
1093	exception_seq = hdr->seq;
1094
1095	// check for retransmitted request
1096	if (hdr->seq == (exception_seq - `1`)) {
1097	/ retransmit last reply /
1098	kdp_send_data(&saved_reply.data[saved_reply.off],
1099	saved_reply.len);
1100	goto again;
1101	} else if ((hdr->seq != exception_seq) &&
1102	(hdr->request != KDP_CONNECT)) {
1103	printf("kdp: bad sequence %d (want %d)\n",
1104	hdr->seq, exception_seq);
1105	goto again;
1106	}
1107
1108	/ This is a manual side-channel to the main KDP protocol.*
1109	* A client like GDB/kgmacros can manually construct
1110	* a request, set the input flag, issue a dummy KDP request,
1111	* and then manually collect the result
1112	*/
1113	if (manual_pkt.input) {
1114	kdp_hdr_t manual_hdr = (kdp_hdr_t )&manual_pkt.data;
1115	unsigned short manual_port_unused = `0`;
1116	if (!manual_hdr->is_reply) {
1117	/ process /
1118	int packet_length = manual_pkt.len;
1119	kdp_packet((unsigned char *)&manual_pkt.data,
1120	&packet_length,
1121	&manual_port_unused);
1122	manual_pkt.len = packet_length;
1123	}
1124	manual_pkt.input = `0`;
1125	}
1126
1127	if (kdp_packet((unsigned char*)&pkt.data[pkt.off],
1128	(int *)&pkt.len,
1129	(unsigned short *)&reply_port)) {
1130	boolean_t sideband = FALSE;
1131
1132	/ if it's an already connected error message,*
1133	* send a sideband reply for that. for successful connects,
1134	* make sure the sequence number is correct. */
1135	if (hdr->request == KDP_CONNECT) {
1136	kdp_connect_reply_t *rp =
1137	(kdp_connect_reply_t *) &pkt.data[pkt.off];
1138	kdp_error_t err = rp->error;
1139
1140	if (err == KDPERR_NO_ERROR) {
1141	exception_seq = hdr->seq;
1142	} else if (err == KDPERR_ALREADY_CONNECTED) {
1143	sideband = TRUE;
1144	}
1145	}
1146
1147	kdp_reply(reply_port, sideband);
1148	}
1149
1150	again:
1151	pkt.input = FALSE;
1152	} while (kdp.is_halted);
1153	}
1154
1155	static void
1156	kdp_connection_wait(void)
1157	{
1158	unsigned short reply_port;
1159	struct kdp_ether_addr kdp_mac_addr = kdp_get_mac_addr();
1160	unsigned int ip_addr = ntohl(kdp_get_ip_address());
1161
1162	/*
1163	* Do both a printf() and a kprintf() of the MAC and IP so that
1164	* they will print out on headless machines but not be added to
1165	* the panic.log
1166	*/
1167
1168	if (KDP_SERIAL_ENABLED()) {
1169	printf("Using serial KDP.\n");
1170	kprintf("Using serial KDP.\n");
1171	} else {
1172	printf("ethernet MAC address: %02x:%02x:%02x:%02x:%02x:%02x\n",
1173	kdp_mac_addr.ether_addr_octet[`0`] & `0xff`,
1174	kdp_mac_addr.ether_addr_octet[`1`] & `0xff`,
1175	kdp_mac_addr.ether_addr_octet[`2`] & `0xff`,
1176	kdp_mac_addr.ether_addr_octet[`3`] & `0xff`,
1177	kdp_mac_addr.ether_addr_octet[`4`] & `0xff`,
1178	kdp_mac_addr.ether_addr_octet[`5`] & `0xff`);
1179
1180	kprintf("ethernet MAC address: %02x:%02x:%02x:%02x:%02x:%02x\n",
1181	kdp_mac_addr.ether_addr_octet[`0`] & `0xff`,
1182	kdp_mac_addr.ether_addr_octet[`1`] & `0xff`,
1183	kdp_mac_addr.ether_addr_octet[`2`] & `0xff`,
1184	kdp_mac_addr.ether_addr_octet[`3`] & `0xff`,
1185	kdp_mac_addr.ether_addr_octet[`4`] & `0xff`,
1186	kdp_mac_addr.ether_addr_octet[`5`] & `0xff`);
1187
1188	printf("ip address: %d.%d.%d.%d\n",
1189	(ip_addr & `0xff000000`) >> `24`,
1190	(ip_addr & `0xff0000`) >> `16`,
1191	(ip_addr & `0xff00`) >> `8`,
1192	(ip_addr & `0xff`));
1193
1194	kprintf("ip address: %d.%d.%d.%d\n",
1195	(ip_addr & `0xff000000`) >> `24`,
1196	(ip_addr & `0xff0000`) >> `16`,
1197	(ip_addr & `0xff00`) >> `8`,
1198	(ip_addr & `0xff`));
1199	}
1200
1201	printf("\nWaiting for remote debugger connection.\n");
1202	kprintf("\nWaiting for remote debugger connection.\n");
1203
1204	#ifdef ARM
1205	printf("\nPlease go to https://panic.apple.com to report this panic\n");
1206	#endif
1207
1208	if (reattach_wait == `0`) {
1209	if((kdp_flag & KDP_GETC_ENA) && (`0` != kdp_getc())) {
1210	printf("Options..... Type\n");
1211	printf("------------ ----\n");
1212	printf("continue.... 'c'\n");
1213	printf("reboot...... 'r'\n");
1214	}
1215	} else {
1216	reattach_wait = `0`;
1217	}
1218
1219	exception_seq = `0`;
1220
1221	do {
1222	kdp_hdr_t aligned_hdr, *hdr = &aligned_hdr;
1223
1224	while (!pkt.input) {
1225	if (kdp_flag & KDP_GETC_ENA) {
1226	switch(kdp_getc()) {
1227	case `'c'`:
1228	printf("Continuing...\n");
1229	return;
1230	case `'r'`:
1231	printf("Rebooting...\n");
1232	kdp_machine_reboot();
1233	break;
1234	default:
1235	break;
1236	}
1237	}
1238	kdp_poll();
1239	}
1240
1241	#if DO_ALIGN
1242	bcopy((char )&pkt.data[pkt.off], (char* )hdr, sizeof(hdr));
1243	#else
1244	hdr = (kdp_hdr_t *)&pkt.data[pkt.off];
1245	#endif
1246	if (hdr->request == KDP_HOSTREBOOT) {
1247	kdp_machine_reboot();
1248	/ should not return! /
1249	}
1250	if (((hdr->request == KDP_CONNECT) \|\| (hdr->request == KDP_REATTACH)) &&
1251	!hdr->is_reply && (hdr->seq == exception_seq)) {
1252	if (kdp_packet((unsigned char *)&pkt.data[pkt.off],
1253	(int *)&pkt.len,
1254	(unsigned short *)&reply_port))
1255	kdp_reply(reply_port, FALSE);
1256	if (hdr->request == KDP_REATTACH) {
1257	reattach_wait = `0`;
1258	hdr->request=KDP_DISCONNECT;
1259	exception_seq = `0`;
1260	}
1261	}
1262
1263	pkt.input = FALSE;
1264	} while (!kdp.is_conn);
1265
1266	if (current_debugger == KDP_CUR_DB)
1267	active_debugger=`1`;
1268	printf("Connected to remote debugger.\n");
1269	kprintf("Connected to remote debugger.\n");
1270	}
1271
1272	static void
1273	kdp_send_exception(
1274	unsigned int exception,
1275	unsigned int code,
1276	unsigned int subcode
1277	)
1278	{
1279	unsigned short remote_port;
1280	unsigned int timeout_count = `100`;
1281	unsigned int poll_timeout;
1282
1283	do {
1284	pkt.off = sizeof (struct kdp_ether_header) + sizeof (struct kdp_udpiphdr);
1285	kdp_exception((unsigned char *)&pkt.data[pkt.off],
1286	(int *)&pkt.len,
1287	(unsigned short *)&remote_port,
1288	(unsigned int)exception,
1289	(unsigned int)code,
1290	(unsigned int)subcode);
1291
1292	kdp_send(remote_port);
1293
1294	poll_timeout = `50`;
1295	while (!pkt.input && poll_timeout) {
1296	kdp_poll();
1297	poll_timeout--;
1298	}
1299
1300	if (pkt.input) {
1301	if (!kdp_exception_ack(&pkt.data[pkt.off], pkt.len)) {
1302	pkt.input = FALSE;
1303	}
1304	}
1305
1306	pkt.input = FALSE;
1307
1308	if (kdp.exception_ack_needed)
1309	kdp_us_spin(`250000`);
1310
1311	} while (kdp.exception_ack_needed && timeout_count--);
1312
1313	if (kdp.exception_ack_needed) {
1314	// give up & disconnect
1315	printf("kdp: exception ack timeout\n");
1316	if (current_debugger == KDP_CUR_DB)
1317	active_debugger=`0`;
1318	kdp_reset();
1319	}
1320	}
1321
1322	static void
1323	kdp_debugger_loop(
1324	unsigned int exception,
1325	unsigned int code,
1326	unsigned int subcode,
1327	void *saved_state)
1328	{
1329	int index;
1330
1331	if (saved_state == `0`)
1332	printf("kdp_raise_exception with NULL state\n");
1333
1334	index = exception;
1335	if (exception != EXC_BREAKPOINT) {
1336	if (exception > EXC_BREAKPOINT \|\| exception < EXC_BAD_ACCESS) {
1337	index = `0`;
1338	}
1339	printf("%s exception (%x,%x,%x)\n",
1340	exception_message[index],
1341	exception, code, subcode);
1342	}
1343
1344	kdp_sync_cache();
1345
1346	/ XXX WMG it seems that sometimes it doesn't work to let kdp_handler*
1347	* do this. I think the client and the host can get out of sync.
1348	*/
1349	kdp.saved_state = saved_state;
1350	kdp.kdp_cpu = cpu_number();
1351	kdp.kdp_thread = current_thread();
1352
1353	if (kdp_en_setmode)
1354	(kdp_en_setmode)(TRUE); /* enabling link mode /
1355
1356	if (pkt.input)
1357	kdp_panic("kdp_raise_exception");
1358
1359	if (((kdp_flag & KDP_PANIC_DUMP_ENABLED)
1360	\|\| (kdp_flag & PANIC_LOG_DUMP))
1361	&& panic_active()) {
1362	kdp_panic_dump();
1363	if (kdp_flag & REBOOT_POST_CORE && dumped_kernel_core())
1364	kdp_machine_reboot();
1365	} else {
1366	if ((kdp_flag & PANIC_CORE_ON_NMI) && !panic_active()
1367	&& !kdp.is_conn) {
1368
1369	disableConsoleOutput = FALSE;
1370	kdp_panic_dump();
1371	if (kdp_flag & REBOOT_POST_CORE && dumped_kernel_core())
1372	kdp_machine_reboot();
1373
1374	if (!(kdp_flag & DBG_POST_CORE))
1375	goto exit_debugger_loop;
1376	}
1377	}
1378
1379	again:
1380	if (!kdp.is_conn) {
1381	kdp_connection_wait();
1382	} else {
1383	kdp_send_exception(exception, code, subcode);
1384	if (kdp.exception_ack_needed) {
1385	kdp.exception_ack_needed = FALSE;
1386	kdp_remove_all_breakpoints();
1387	printf("Remote debugger disconnected.\n");
1388	}
1389	}
1390
1391	if (kdp.is_conn) {
1392	kdp.is_halted = TRUE; / XXX /
1393	kdp_handler(saved_state);
1394	if (!kdp.is_conn)
1395	{
1396	kdp_remove_all_breakpoints();
1397	printf("Remote debugger disconnected.\n");
1398	}
1399	}
1400	/ Allow triggering a panic core dump when connected to the machine*
1401	* Continuing after setting kdp_trigger_core_dump should do the
1402	* trick.
1403	*/
1404
1405	if (`1` == kdp_trigger_core_dump) {
1406	kdp_flag \|= KDP_PANIC_DUMP_ENABLED;
1407	kdp_panic_dump();
1408	if (kdp_flag & REBOOT_POST_CORE && dumped_kernel_core())
1409	kdp_machine_reboot();
1410	kdp_trigger_core_dump = `0`;
1411	}
1412
1413	/ Trigger a reboot if the user has set this flag through the*
1414	* debugger.Ideally, this would be done through the HOSTREBOOT packet
1415	* in the protocol,but that will need gdb support,and when it's
1416	* available, it should work automatically.
1417	*/
1418	if (`1` == flag_kdp_trigger_reboot) {
1419	kdp_machine_reboot();
1420	/ If we're still around, reset the flag /
1421	flag_kdp_trigger_reboot = `0`;
1422	}
1423
1424	if (kdp_reentry_deadline) {
1425	kdp_schedule_debugger_reentry(kdp_reentry_deadline);
1426	printf("Debugger re-entry scheduled in %d milliseconds\n", kdp_reentry_deadline);
1427	kdp_reentry_deadline = `0`;
1428	}
1429
1430	kdp_sync_cache();
1431
1432	if (reattach_wait == `1`)
1433	goto again;
1434
1435	exit_debugger_loop:
1436	if (kdp_en_setmode)
1437	(kdp_en_setmode)(FALSE); /* link cleanup /
1438	}
1439
1440	void
1441	kdp_reset(void)
1442	{
1443	kdp.reply_port = kdp.exception_port = `0`;
1444	kdp.is_halted = kdp.is_conn = FALSE;
1445	kdp.exception_seq = kdp.conn_seq = `0`;
1446	kdp.session_key = `0`;
1447	pkt.input = manual_pkt.input = FALSE;
1448	pkt.len = pkt.off = manual_pkt.len = `0`;
1449	}
1450
1451	struct corehdr *
1452	create_panic_header(unsigned int request, const char *corename,
1453	unsigned length, unsigned int block)
1454	{
1455	struct kdp_udpiphdr aligned_ui, *ui = &aligned_ui;
1456	struct kdp_ip aligned_ip, *ip = &aligned_ip;
1457	struct kdp_ether_header *eh;
1458	struct corehdr *coreh;
1459	const char *mode = "octet";
1460	char modelen = strlen(mode) + `1`;
1461
1462	size_t fmask_size = sizeof(KDP_FEATURE_MASK_STRING) + sizeof(kdp_crashdump_feature_mask);
1463
1464	pkt.off = sizeof (struct kdp_ether_header);
1465	pkt.len = (unsigned int)(length + ((request == KDP_WRQ) ? modelen + fmask_size : `0`) +
1466	(corename ? (strlen(corename) + `1` ): `0`) + sizeof(struct corehdr));
1467
1468	#if DO_ALIGN
1469	bcopy((char )&pkt.data[pkt.off], (char* )ui, sizeof(ui));
1470	#else
1471	ui = (struct kdp_udpiphdr *)&pkt.data[pkt.off];
1472	#endif
1473	ui->ui_next = ui->ui_prev = `0`;
1474	ui->ui_x1 = `0`;
1475	ui->ui_pr = IPPROTO_UDP;
1476	ui->ui_len = htons((u_short)pkt.len + sizeof (struct kdp_udphdr));
1477	ui->ui_src.s_addr = (uint32_t)kdp_current_ip_address;
1478	/ Already in network byte order via inet_aton() /
1479	ui->ui_dst.s_addr = panic_server_ip;
1480	ui->ui_sport = htons(panicd_port);
1481	ui->ui_dport = ((request == KDP_WRQ) ? htons(panicd_port) : last_panic_port);
1482	ui->ui_ulen = ui->ui_len;
1483	ui->ui_sum = `0`;
1484	#if DO_ALIGN
1485	bcopy((char )ui, (char* )&pkt.data[pkt.off], sizeof(ui));
1486	bcopy((char )&pkt.data[pkt.off], (char* )ip, sizeof(ip));
1487	#else
1488	ip = (struct kdp_ip *)&pkt.data[pkt.off];
1489	#endif
1490	ip->ip_len = htons(sizeof (struct kdp_udpiphdr) + pkt.len);
1491	ip->ip_v = IPVERSION;
1492	ip->ip_id = htons(ip_id++);
1493	ip->ip_hl = sizeof (struct kdp_ip) >> `2`;
1494	ip->ip_ttl = udp_ttl;
1495	ip->ip_sum = `0`;
1496	ip->ip_sum = htons(~ip_sum((unsigned char *)ip, ip->ip_hl));
1497	#if DO_ALIGN
1498	bcopy((char )ip, (char* )&pkt.data[pkt.off], sizeof(ip));
1499	#endif
1500
1501	pkt.len += (unsigned int)sizeof (struct kdp_udpiphdr);
1502
1503	pkt.off += (unsigned int)sizeof (struct kdp_udpiphdr);
1504
1505	coreh = (struct corehdr *) &pkt.data[pkt.off];
1506	coreh->th_opcode = htons((u_short)request);
1507
1508	if (request == KDP_WRQ) {
1509	char *cp;
1510
1511	cp = coreh->th_u.tu_rpl;
1512	cp += strlcpy (cp, corename, KDP_MAXPACKET);
1513	*cp++ = `'\0'`;
1514	cp += strlcpy (cp, mode, KDP_MAXPACKET - strlen(corename));
1515	*cp++ = `'\0'`;
1516	cp += strlcpy(cp, KDP_FEATURE_MASK_STRING, sizeof(KDP_FEATURE_MASK_STRING));
1517	cp++ = `'\0'`; /* Redundant /
1518	bcopy(&kdp_crashdump_feature_mask, cp, sizeof(kdp_crashdump_feature_mask));
1519	kdp_crashdump_pkt_size = KDP_LARGE_CRASHDUMP_PKT_SIZE;
1520	PE_parse_boot_argn("kdp_crashdump_pkt_size", &kdp_crashdump_pkt_size, sizeof(kdp_crashdump_pkt_size));
1521	cp += sizeof(kdp_crashdump_feature_mask);
1522	(uint32_t )cp = htonl(kdp_crashdump_pkt_size);
1523	} else {
1524	coreh->th_block = htonl((unsigned int) block);
1525	}
1526
1527	pkt.off -= (unsigned int)sizeof (struct kdp_udpiphdr);
1528	pkt.off -= (unsigned int)sizeof (struct kdp_ether_header);
1529
1530	eh = (struct kdp_ether_header *)&pkt.data[pkt.off];
1531	enaddr_copy(&kdp_current_mac_address, eh->ether_shost);
1532	enaddr_copy(&destination_mac, eh->ether_dhost);
1533	eh->ether_type = htons(ETHERTYPE_IP);
1534
1535	pkt.len += (unsigned int)sizeof (struct kdp_ether_header);
1536	return coreh;
1537	}
1538
1539	static int
1540	kdp_send_crashdump_seek(char *corename, uint64_t seek_off)
1541	{
1542	int panic_error;
1543
1544	if (kdp_feature_large_crashdumps) {
1545	panic_error = kdp_send_crashdump_pkt(KDP_SEEK, corename,
1546	sizeof(seek_off),
1547	&seek_off);
1548	} else {
1549	uint32_t off = (uint32_t) seek_off;
1550	panic_error = kdp_send_crashdump_pkt(KDP_SEEK, corename,
1551	sizeof(off), &off);
1552	}
1553
1554	if (panic_error < `0`) {
1555	printf ("kdp_send_crashdump_pkt failed with error %d\n",
1556	panic_error);
1557	return panic_error;
1558	}
1559
1560	return KERN_SUCCESS;
1561	}
1562
1563	int
1564	kdp_send_crashdump_data(unsigned int request, char *corename,
1565	uint64_t length, void * txstart)
1566	{
1567	int panic_error = `0`;
1568
1569	while ((length > `0`) \|\| !txstart) {
1570	uint64_t chunk = MIN(kdp_crashdump_pkt_size, length);
1571
1572	panic_error = kdp_send_crashdump_pkt(request, corename, chunk,
1573	txstart);
1574	if (panic_error < `0`) {
1575	printf ("kdp_send_crashdump_pkt failed with error %d\n", panic_error);
1576	return panic_error;
1577	}
1578	if (!txstart) break;
1579	txstart = (void *)(((uintptr_t) txstart) + chunk);
1580	length -= chunk;
1581	}
1582	return KERN_SUCCESS;
1583	}
1584
1585	uint32_t kdp_crashdump_short_pkt;
1586
1587	int
1588	kdp_send_crashdump_pkt(unsigned int request, char *corename,
1589	uint64_t length, void *panic_data)
1590	{
1591	int poll_count;
1592	struct corehdr *th = NULL;
1593	char rretries, tretries;
1594
1595	if (kdp_dump_start_time == `0`) {
1596	kdp_dump_start_time = mach_absolute_time();
1597	kdp_superblock_dump_start_time = kdp_dump_start_time;
1598	}
1599
1600	tretries = rretries = `0`;
1601	poll_count = KDP_CRASHDUMP_POLL_COUNT;
1602	pkt.off = pkt.len = `0`;
1603	if (request == KDP_WRQ) / longer timeout for initial request /
1604	poll_count += `1000`;
1605
1606	TRANSMIT_RETRY:
1607	tretries++;
1608
1609	if (tretries >=`15`) {
1610	/ The crashdump server is unreachable for some reason. This could be a network*
1611	* issue or, if we've been especially unfortunate, we've hit Radar 2760413,
1612	* which is a long standing problem with the IOKit polled mode network driver
1613	* shim which can prevent transmits/receives completely.
1614	*/
1615	printf ("Cannot contact panic server, timing out.\n");
1616	return (-`3`);
1617	}
1618
1619	if (tretries > `2`)
1620	printf("TX retry #%d ", tretries );
1621
1622	th = create_panic_header(request, corename, (unsigned)length, panic_block);
1623
1624	if (request == KDP_DATA) {
1625	/ as all packets are kdp_crashdump_pkt_size in length, the last packet*
1626	* may end up with trailing bits. make sure that those
1627	* bits aren't confusing. */
1628	if (length < kdp_crashdump_pkt_size) {
1629	kdp_crashdump_short_pkt++;
1630	memset(th->th_data + length, `'Y'`,
1631	kdp_crashdump_pkt_size - (uint32_t) length);
1632	}
1633
1634	if (!kdp_machine_vm_read((mach_vm_address_t)(uintptr_t)panic_data, (caddr_t) th->th_data, length)) {
1635	uintptr_t next_page = round_page((uintptr_t)panic_data);
1636	memset((caddr_t) th->th_data, `'X'`, (size_t)length);
1637	if ((next_page - ((uintptr_t) panic_data)) < length) {
1638	uint64_t resid = length - (next_page - (intptr_t) panic_data);
1639	if (!kdp_machine_vm_read((mach_vm_address_t)(uintptr_t)next_page, (caddr_t) th->th_data + (length - resid), resid)) {
1640	memset((caddr_t) th->th_data + (length - resid), `'X'`, (size_t)resid);
1641	}
1642	}
1643	}
1644	}
1645	else if (request == KDP_SEEK) {
1646	if (kdp_feature_large_crashdumps)
1647	(uint64_t ) th->th_data = OSSwapHostToBigInt64(((uint64_t ) panic_data));
1648	else
1649	(unsigned* int ) th->th_data = htonl((unsigned int *) panic_data);
1650	}
1651
1652	kdp_send_data(&pkt.data[pkt.off], pkt.len);
1653
1654	/ Listen for the ACK /
1655	RECEIVE_RETRY:
1656	while (!pkt.input && flag_panic_dump_in_progress && poll_count) {
1657	kdp_poll();
1658	poll_count--;
1659	}
1660
1661	if (pkt.input) {
1662	pkt.input = FALSE;
1663
1664	th = (struct corehdr *) &pkt.data[pkt.off];
1665	if (request == KDP_WRQ) {
1666	uint16_t opcode64 = ntohs(th->th_opcode);
1667	uint16_t features64 = (opcode64 & `0xFF00`)>>`8`;
1668	if ((opcode64 & `0xFF`) == KDP_ACK) {
1669	kdp_feature_large_crashdumps = features64 & KDP_FEATURE_LARGE_CRASHDUMPS;
1670	if (features64 & KDP_FEATURE_LARGE_PKT_SIZE) {
1671	kdp_feature_large_pkt_size = `1`;
1672	}
1673	else {
1674	kdp_feature_large_pkt_size = `0`;
1675	kdp_crashdump_pkt_size = `512`;
1676	}
1677	printf("Protocol features: 0x%x\n", (uint32_t) features64);
1678	th->th_opcode = htons(KDP_ACK);
1679	}
1680	}
1681	if (ntohs(th->th_opcode) == KDP_ACK && ntohl(th->th_block) == panic_block) {
1682	} else {
1683	if (ntohs(th->th_opcode) == KDP_ERROR) {
1684	printf("Panic server returned error %d, retrying\n", ntohl(th->th_code));
1685	poll_count = `1000`;
1686	goto TRANSMIT_RETRY;
1687	} else if (ntohl(th->th_block) == (panic_block - `1`)) {
1688	printf("RX retry ");
1689	if (++rretries > `1`)
1690	goto TRANSMIT_RETRY;
1691	else
1692	goto RECEIVE_RETRY;
1693	}
1694	}
1695	} else if (!flag_panic_dump_in_progress) { / we received a debugging packet, bail/
1696	printf("Received a debugger packet,transferring control to debugger\n");
1697	/ Configure that if not set ../
1698	kdp_flag \|= DBG_POST_CORE;
1699	return (-`2`);
1700	} else { / We timed out /
1701	if (`0` == poll_count) {
1702	poll_count = `1000`;
1703	kdp_us_spin ((tretries%`4`) * panic_timeout); / capped linear backoff /
1704	goto TRANSMIT_RETRY;
1705	}
1706	}
1707
1708	if (!(++panic_block % SBLOCKSZ)) {
1709	uint64_t ctime;
1710	kdb_printf_unbuffered(".");
1711	ctime = mach_absolute_time();
1712	kdp_superblock_dump_time = ctime - kdp_superblock_dump_start_time;
1713	kdp_superblock_dump_start_time = ctime;
1714	if (kdp_superblock_dump_time > kdp_max_superblock_dump_time)
1715	kdp_max_superblock_dump_time = kdp_superblock_dump_time;
1716	if (kdp_superblock_dump_time < kdp_min_superblock_dump_time)
1717	kdp_min_superblock_dump_time = kdp_superblock_dump_time;
1718	}
1719
1720	if (request == KDP_EOF) {
1721	printf("\nTotal number of packets transmitted: %d\n", panic_block);
1722	printf("Avg. superblock transfer abstime 0x%llx\n", ((mach_absolute_time() - kdp_dump_start_time) / panic_block) * SBLOCKSZ);
1723	printf("Minimum superblock transfer abstime: 0x%llx\n", kdp_min_superblock_dump_time);
1724	printf("Maximum superblock transfer abstime: 0x%llx\n", kdp_max_superblock_dump_time);
1725	}
1726	return KERN_SUCCESS;
1727	}
1728
1729	static int
1730	isdigit (char c)
1731	{
1732	return ((c > `47`) && (c < `58`));
1733	}
1734
1735	/ Horrid hack to extract xnu version if possible - a much cleaner approach*
1736	* would be to have the integrator run a script which would copy the
1737	* xnu version into a string or an int somewhere at project submission
1738	* time - makes assumptions about sizeof(version), but will not fail if
1739	* it changes, but may be incorrect.
1740	*/
1741	/ 2006: Incorporated a change from Darwin user P. Lovell to extract*
1742	* the minor kernel version numbers from the version string.
1743	*/
1744	static int
1745	kdp_get_xnu_version(char *versionbuf)
1746	{
1747	char *versionpos;
1748	char vstr[`20`];
1749	int retval = -`1`;
1750	char *vptr;
1751
1752	strlcpy(vstr, "custom", `10`);
1753	if (kdp_machine_vm_read((mach_vm_address_t)(uintptr_t)version, versionbuf, `128`)) {
1754	versionbuf[`127`] = `'\0'`;
1755	versionpos = strnstr(versionbuf, "xnu-", `115`);
1756	if (versionpos) {
1757	strncpy(vstr, versionpos, sizeof(vstr));
1758	vstr[sizeof(vstr)-`1`] = `'\0'`;
1759	vptr = vstr + `4`; / Begin after "xnu-" /
1760	while (vptr && (isdigit(vptr) \|\| *vptr == `'.'`))
1761	vptr++;
1762	*vptr = `'\0'`;
1763	/ Remove trailing period, if any /
1764	if (*(--vptr) == `'.'`)
1765	*vptr = `'\0'`;
1766	retval = `0`;
1767	}
1768	}
1769	strlcpy(versionbuf, vstr, KDP_MAXPACKET);
1770	return retval;
1771	}
1772
1773	void
1774	kdp_set_dump_info(const uint32_t flags, const char *filename,
1775	const char destipstr, const* char *routeripstr,
1776	const uint32_t port)
1777	{
1778	uint32_t cmd;
1779
1780	if (destipstr && (destipstr[`0`] != `'\0'`)) {
1781	strlcpy(panicd_ip_str, destipstr, sizeof(panicd_ip_str));
1782	panicd_specified = `1`;
1783	}
1784
1785	if (routeripstr && (routeripstr[`0`] != `'\0'`)) {
1786	strlcpy(router_ip_str, routeripstr, sizeof(router_ip_str));
1787	router_specified = `1`;
1788	}
1789
1790	if (filename && (filename[`0`] != `'\0'`)) {
1791	strlcpy(corename_str, filename, sizeof(corename_str));
1792	corename_specified = TRUE;
1793	} else {
1794	corename_specified = FALSE;
1795	}
1796
1797	if (port)
1798	panicd_port = port;
1799
1800	/ on a disconnect, should we stay in KDP or not? /
1801	noresume_on_disconnect = (flags & KDP_DUMPINFO_NORESUME) ? `1` : `0`;
1802
1803	if ((flags & KDP_DUMPINFO_DUMP) == `0`)
1804	return;
1805
1806	/ the rest of the commands can modify kdp_flags /
1807	cmd = flags & KDP_DUMPINFO_MASK;
1808	if (cmd == KDP_DUMPINFO_DISABLE) {
1809	kdp_flag &= ~KDP_PANIC_DUMP_ENABLED;
1810	panicd_specified = `0`;
1811	kdp_trigger_core_dump = `0`;
1812	return;
1813	}
1814
1815	kdp_flag &= ~REBOOT_POST_CORE;
1816	if (flags & KDP_DUMPINFO_REBOOT)
1817	kdp_flag \|= REBOOT_POST_CORE;
1818
1819	kdp_flag &= ~PANIC_LOG_DUMP;
1820	if (cmd == KDP_DUMPINFO_PANICLOG)
1821	kdp_flag \|= PANIC_LOG_DUMP;
1822
1823	kdp_flag &= ~SYSTEM_LOG_DUMP;
1824	if (cmd == KDP_DUMPINFO_SYSTEMLOG)
1825	kdp_flag \|= SYSTEM_LOG_DUMP;
1826
1827	/ trigger a dump /
1828	kdp_flag \|= DBG_POST_CORE;
1829
1830	flag_dont_abort_panic_dump = (flags & KDP_DUMPINFO_NOINTR) ?
1831	TRUE : FALSE;
1832
1833	reattach_wait = `1`;
1834	disableConsoleOutput = `0`;
1835	kdp_trigger_core_dump = `1`;
1836	}
1837
1838	void
1839	kdp_get_dump_info(kdp_dumpinfo_reply_t *rp)
1840	{
1841	if (panicd_specified)
1842	strlcpy(rp->destip, panicd_ip_str,
1843	sizeof(rp->destip));
1844	else
1845	rp->destip[`0`] = `'\0'`;
1846
1847	if (router_specified)
1848	strlcpy(rp->routerip, router_ip_str,
1849	sizeof(rp->routerip));
1850	else
1851	rp->routerip[`0`] = `'\0'`;
1852
1853	if (corename_specified)
1854	strlcpy(rp->name, corename_str,
1855	sizeof(rp->name));
1856	else
1857	rp->name[`0`] = `'\0'`;
1858
1859	rp->port = panicd_port;
1860
1861	rp->type = `0`;
1862	if (!panicd_specified)
1863	rp->type \|= KDP_DUMPINFO_DISABLE;
1864	else if (kdp_flag & PANIC_LOG_DUMP)
1865	rp->type \|= KDP_DUMPINFO_PANICLOG;
1866	else
1867	rp->type \|= KDP_DUMPINFO_CORE;
1868
1869	if (noresume_on_disconnect)
1870	rp->type \|= KDP_DUMPINFO_NORESUME;
1871	}
1872
1873
1874	/ Primary dispatch routine for the system dump /
1875	void
1876	kdp_panic_dump(void)
1877	{
1878	char coreprefix[`10`];
1879	char coresuffix[`4`];
1880	int panic_error;
1881
1882	uint64_t abstime;
1883	uint32_t current_ip = ntohl((uint32_t)kdp_current_ip_address);
1884
1885	if (flag_panic_dump_in_progress) {
1886	kdb_printf("System dump aborted.\n");
1887	goto panic_dump_exit;
1888	}
1889
1890	printf("Entering system dump routine\n");
1891
1892	if (!kdp_en_recv_pkt \|\| !kdp_en_send_pkt) {
1893	kdb_printf("Error: No transport device registered for kernel crashdump\n");
1894	return;
1895	}
1896
1897	if (!panicd_specified) {
1898	kdb_printf("A dump server was not specified in the boot-args, terminating kernel core dump.\n");
1899	goto panic_dump_exit;
1900	}
1901
1902	flag_panic_dump_in_progress = TRUE;
1903
1904	if (pkt.input)
1905	kdp_panic("kdp_panic_dump: unexpected pending input packet");
1906
1907	kdp_get_xnu_version((char *) &pkt.data[`0`]);
1908
1909	if (!corename_specified) {
1910	coresuffix[`0`] = `0`;
1911	/ Panic log bit takes precedence over core dump bit /
1912	if ((debugger_panic_str != (char *) `0`) && (kdp_flag & PANIC_LOG_DUMP))
1913	strlcpy(coreprefix, "paniclog", sizeof(coreprefix));
1914	else if (kdp_flag & SYSTEM_LOG_DUMP)
1915	strlcpy(coreprefix, "systemlog", sizeof(coreprefix));
1916	else {
1917	strlcpy(coreprefix, "core", sizeof(coreprefix));
1918	if (!kdp_corezip_disabled) strlcpy(coresuffix, ".gz", sizeof(coresuffix));
1919	}
1920
1921	abstime = mach_absolute_time();
1922	pkt.data[`20`] = `'\0'`;
1923	snprintf (corename_str,
1924	sizeof(corename_str),
1925	"%s-%s-%d.%d.%d.%d-%x%s",
1926	coreprefix, &pkt.data[`0`],
1927	(current_ip & `0xff000000`) >> `24`,
1928	(current_ip & `0xff0000`) >> `16`,
1929	(current_ip & `0xff00`) >> `8`,
1930	(current_ip & `0xff`),
1931	(unsigned int) (abstime & `0xffffffff`),
1932	coresuffix);
1933	}
1934
1935	if (`0` == inet_aton(panicd_ip_str, (struct kdp_in_addr *) &panic_server_ip)) {
1936	kdb_printf("inet_aton() failed interpreting %s as a panic server IP\n", panicd_ip_str);
1937	} else {
1938	kdb_printf("Attempting connection to panic server configured at IP %s, port %d\n", panicd_ip_str, panicd_port);
1939	}
1940
1941	destination_mac = router_mac;
1942
1943	if (kdp_arp_resolve(panic_server_ip, &temp_mac)) {
1944	kdb_printf("Resolved %s's (or proxy's) link level address\n", panicd_ip_str);
1945	destination_mac = temp_mac;
1946	} else {
1947	if (!flag_panic_dump_in_progress) goto panic_dump_exit;
1948	if (router_specified) {
1949	if (`0` == inet_aton(router_ip_str, (struct kdp_in_addr *) &parsed_router_ip)) {
1950	kdb_printf("inet_aton() failed interpreting %s as an IP\n", router_ip_str);
1951	} else {
1952	router_ip = parsed_router_ip;
1953	if (kdp_arp_resolve(router_ip, &temp_mac)) {
1954	destination_mac = temp_mac;
1955	kdb_printf("Routing through specified router IP %s (%d)\n", router_ip_str, router_ip);
1956	}
1957	}
1958	}
1959	}
1960
1961	if (!flag_panic_dump_in_progress) goto panic_dump_exit;
1962
1963	kdb_printf("Transmitting packets to link level address: %02x:%02x:%02x:%02x:%02x:%02x\n",
1964	destination_mac.ether_addr_octet[`0`] & `0xff`,
1965	destination_mac.ether_addr_octet[`1`] & `0xff`,
1966	destination_mac.ether_addr_octet[`2`] & `0xff`,
1967	destination_mac.ether_addr_octet[`3`] & `0xff`,
1968	destination_mac.ether_addr_octet[`4`] & `0xff`,
1969	destination_mac.ether_addr_octet[`5`] & `0xff`);
1970
1971	kdb_printf("Kernel map size is %llu\n", (unsigned long long) get_vmmap_size(kernel_map));
1972	kdb_printf("Sending write request for %s\n", corename_str);
1973
1974	if ((panic_error = kdp_send_crashdump_pkt(KDP_WRQ, corename_str, `0` , NULL)) < `0`) {
1975	kdb_printf ("kdp_send_crashdump_pkt failed with error %d\n", panic_error);
1976	goto panic_dump_exit;
1977	}
1978
1979	/ Just the panic log requested /
1980	if ((debugger_panic_str != (char *) `0`) && (kdp_flag & PANIC_LOG_DUMP)) {
1981	kdb_printf_unbuffered("Transmitting panic log, please wait: ");
1982	kdp_send_crashdump_data(KDP_DATA, corename_str,
1983	debug_buf_ptr - debug_buf_base,
1984	debug_buf_base);
1985	kdp_send_crashdump_pkt (KDP_EOF, NULL, `0`, ((void *) `0`));
1986	printf("Please file a bug report on this panic, if possible.\n");
1987	goto panic_dump_exit;
1988	}
1989
1990	/ maybe we wanted the systemlog /
1991	if (kdp_flag & SYSTEM_LOG_DUMP) {
1992	long start_off = msgbufp->msg_bufx;
1993	long len;
1994
1995	kdb_printf_unbuffered("Transmitting system log, please wait: ");
1996	if (start_off >= msgbufp->msg_bufr) {
1997	len = msgbufp->msg_size - start_off;
1998	kdp_send_crashdump_data(KDP_DATA, corename_str, len,
1999	msgbufp->msg_bufc + start_off);
2000	/ seek to remove trailing bytes /
2001	kdp_send_crashdump_seek(corename_str, len);
2002	start_off = `0`;
2003	}
2004
2005	if (start_off != msgbufp->msg_bufr) {
2006	len = msgbufp->msg_bufr - start_off;
2007	kdp_send_crashdump_data(KDP_DATA, corename_str, len,
2008	msgbufp->msg_bufc + start_off);
2009	}
2010
2011	kdp_send_crashdump_pkt (KDP_EOF, NULL, `0`, ((void *) `0`));
2012	goto panic_dump_exit;
2013	}
2014
2015	/ We want a core dump if we're here /
2016	kern_dump(KERN_DUMP_NET);
2017
2018	panic_dump_exit:
2019	abort_panic_transfer();
2020	kdp_reset();
2021	return;
2022	}
2023
2024	void
2025	begin_panic_transfer(void)
2026	{
2027	flag_panic_dump_in_progress = TRUE;
2028	}
2029
2030	void
2031	abort_panic_transfer(void)
2032	{
2033	flag_panic_dump_in_progress = FALSE;
2034	flag_dont_abort_panic_dump = FALSE;
2035	panic_block = `0`;
2036	}
2037
2038	#if CONFIG_SERIAL_KDP
2039
2040	static boolean_t needs_serial_init = TRUE;
2041
2042	static void
2043	kdp_serial_send(void rpkt, unsigned* int rpkt_len)
2044	{
2045	// printf("tx\n");
2046	kdp_serialize_packet((unsigned char *)rpkt, rpkt_len, pal_serial_putc_nocr);
2047	}
2048
2049	static void
2050	kdp_serial_receive(void rpkt, unsigned* int rpkt_len, unsigned* int timeout)
2051	{
2052	int readkar;
2053	uint64_t now, deadline;
2054
2055	clock_interval_to_deadline(timeout, `1000` * `1000` / milliseconds /, &deadline);
2056
2057	// printf("rx\n");
2058	for(clock_get_uptime(&now); now < deadline; clock_get_uptime(&now)) {
2059	readkar = pal_serial_getc();
2060	if(readkar >= `0`) {
2061	unsigned char *packet;
2062	// printf("got char %02x\n", readkar);
2063	if((packet = kdp_unserialize_packet(readkar,rpkt_len))) {
2064	memcpy(rpkt, packet, *rpkt_len);
2065	return;
2066	}
2067	}
2068	}
2069	*rpkt_len = `0`;
2070	}
2071
2072	static boolean_t
2073	kdp_serial_setmode(boolean_t active)
2074	{
2075	if (active == FALSE) / leaving KDP /
2076	return TRUE;
2077
2078	if (!needs_serial_init)
2079	return TRUE;
2080
2081	pal_serial_init();
2082	needs_serial_init = FALSE;
2083	return TRUE;
2084	}
2085
2086
2087	static void
2088	kdp_serial_callout(__unused void *arg, kdp_event_t event)
2089	{
2090	/*
2091	* When we stop KDP, set the bit to re-initialize the console serial
2092	* port the next time we send/receive a KDP packet. We don't do it on
2093	* KDP_EVENT_ENTER directly because it also gets called when we trap to
2094	* KDP for non-external debugging, i.e., stackshot or core dumps.
2095	*
2096	* Set needs_serial_init on exit (and initialization, see above) and not
2097	* enter because enter is sent multiple times and causes excess
2098	* reinitialization.
2099	*/
2100
2101	switch (event)
2102	{
2103	case KDP_EVENT_PANICLOG:
2104	case KDP_EVENT_ENTER:
2105	break;
2106	case KDP_EVENT_EXIT:
2107	needs_serial_init = TRUE;
2108	break;
2109	}
2110	}
2111
2112	#endif /* CONFIG_SERIAL_KDP */
2113
2114	void
2115	kdp_init(void)
2116	{
2117	strlcpy(kdp_kernelversion_string, version, sizeof(kdp_kernelversion_string));
2118
2119	/ Relies on platform layer calling panic_init() before kdp_init() /
2120	if (kernel_uuid_string[`0`] != `'\0'`) {
2121	/*
2122	* Update kdp_kernelversion_string with our UUID
2123	* generated at link time.
2124	*/
2125
2126	strlcat(kdp_kernelversion_string, "; UUID=", sizeof(kdp_kernelversion_string));
2127	strlcat(kdp_kernelversion_string, kernel_uuid_string, sizeof(kdp_kernelversion_string));
2128	}
2129
2130	debug_log_init();
2131
2132	#if defined(__x86_64__) \|\| defined(__arm__) \|\| defined(__arm64__)
2133	if (vm_kernel_slide) {
2134	char KASLR_stext[`19`];
2135	strlcat(kdp_kernelversion_string, "; stext=", sizeof(kdp_kernelversion_string));
2136	snprintf(KASLR_stext, sizeof(KASLR_stext), "%p", (void *) vm_kernel_stext);
2137	strlcat(kdp_kernelversion_string, KASLR_stext, sizeof(kdp_kernelversion_string));
2138	}
2139	#endif
2140
2141	if (debug_boot_arg & DB_REBOOT_POST_CORE)
2142	kdp_flag \|= REBOOT_POST_CORE;
2143	#if defined(__x86_64__)
2144	kdp_machine_init();
2145	#endif
2146
2147	kdp_timer_callout_init();
2148	kdp_crashdump_feature_mask = htonl(kdp_crashdump_feature_mask);
2149	kdp_core_init();
2150
2151	#if CONFIG_SERIAL_KDP
2152	char kdpname[`80`];
2153	struct kdp_in_addr ipaddr;
2154	struct kdp_ether_addr macaddr;
2155
2156	boolean_t kdp_match_name_found = PE_parse_boot_argn("kdp_match_name", kdpname, sizeof(kdpname));
2157	boolean_t kdp_not_serial = kdp_match_name_found ? (strncmp(kdpname, "serial", sizeof(kdpname))) : TRUE;
2158
2159	#if CONFIG_EMBEDDED
2160	//respect any custom debugger boot-args
2161	if(kdp_match_name_found && kdp_not_serial)
2162	return;
2163	#else /* CONFIG_EMBEDDED */
2164	// serial must be explicitly requested
2165	if(!kdp_match_name_found \|\| kdp_not_serial)
2166	return;
2167	#endif /* CONFIG_EMBEDDED */
2168
2169	#if CONFIG_EMBEDDED
2170	if (kdp_not_serial && PE_consistent_debug_enabled() && debug_boot_arg) {
2171	return;
2172	} else {
2173	printf("Serial requested, consistent debug disabled or debug boot arg not present, configuring debugging over serial\n");
2174	}
2175	#endif /* CONFIG_EMBEDDED */
2176
2177	kprintf("Initializing serial KDP\n");
2178
2179	kdp_register_callout(kdp_serial_callout, NULL);
2180	kdp_register_link(NULL, kdp_serial_setmode);
2181	kdp_register_send_receive(kdp_serial_send, kdp_serial_receive);
2182
2183	/ fake up an ip and mac for early serial debugging /
2184	macaddr.ether_addr_octet[`0`] = `'s'`;
2185	macaddr.ether_addr_octet[`1`] = `'e'`;
2186	macaddr.ether_addr_octet[`2`] = `'r'`;
2187	macaddr.ether_addr_octet[`3`] = `'i'`;
2188	macaddr.ether_addr_octet[`4`] = `'a'`;
2189	macaddr.ether_addr_octet[`5`] = `'l'`;
2190	ipaddr.s_addr = KDP_SERIAL_IPADDR;
2191	kdp_set_ip_and_mac_addresses(&ipaddr, &macaddr);
2192
2193	#endif /* CONFIG_SERIAL_KDP */
2194	}
2195
2196	#else /* CONFIG_KDP_INTERACTIVE_DEBUGGING */
2197	void
2198	kdp_init(void)
2199	{
2200	}
2201	#endif /* CONFIG_KDP_INTERACTIVE_DEBUGGING */
2202
2203	#if !(MACH_KDP && CONFIG_KDP_INTERACTIVE_DEBUGGING)
2204	static struct kdp_ether_addr kdp_current_mac_address = {{`0`, `0`, `0`, `0`, `0`, `0`}};
2205
2206	/ XXX ugly forward declares to stop warnings /
2207	void kdp_get_interface(void*);
2208	void kdp_set_ip_and_mac_addresses(struct kdp_in_addr , struct* kdp_ether_addr *);
2209	void kdp_set_gateway_mac(void *);
2210	void kdp_set_interface(void *);
2211	void kdp_register_send_receive(void , void* *);
2212	void kdp_unregister_send_receive(void , void* *);
2213
2214	uint32_t kdp_stack_snapshot_bytes_traced(void);
2215
2216	void
2217	kdp_register_send_receive(__unused void send, __unused void* *receive)
2218	{}
2219
2220	void
2221	kdp_unregister_send_receive(__unused void send, __unused void* *receive)
2222	{}
2223
2224	void *
2225	kdp_get_interface( void)
2226	{
2227	return(void *)`0`;
2228	}
2229
2230	unsigned int
2231	kdp_get_ip_address(void )
2232	{ return `0`; }
2233
2234	struct kdp_ether_addr
2235	kdp_get_mac_addr(void)
2236	{
2237	return kdp_current_mac_address;
2238	}
2239
2240	void
2241	kdp_set_ip_and_mac_addresses(
2242	__unused struct kdp_in_addr *ipaddr,
2243	__unused struct kdp_ether_addr *macaddr)
2244	{}
2245
2246	void
2247	kdp_set_gateway_mac(__unused void *gatewaymac)
2248	{}
2249
2250	void
2251	kdp_set_interface(__unused void *ifp)
2252	{}
2253
2254	void kdp_register_link(__unused kdp_link_t link, __unused kdp_mode_t mode)
2255	{}
2256
2257	void kdp_unregister_link(__unused kdp_link_t link, __unused kdp_mode_t mode)
2258	{}
2259
2260	#endif /* !(MACH_KDP && CONFIG_KDP_INTERACTIVE_DEBUGGING) */
2261
2262	#if !CONFIG_KDP_INTERACTIVE_DEBUGGING
2263	extern __attribute__((noreturn)) void panic_spin_forever(void);
2264
2265	__attribute__((noreturn))
2266	void
2267	kdp_raise_exception(
2268	__unused unsigned int exception,
2269	__unused unsigned int code,
2270	__unused unsigned int subcode,
2271	__unused void *saved_state
2272	)
2273	#else
2274	void
2275	kdp_raise_exception(
2276	unsigned int exception,
2277	unsigned int code,
2278	unsigned int subcode,
2279	void *saved_state
2280	)
2281	#endif
2282	{
2283	#if CONFIG_EMBEDDED
2284	assert(PE_i_can_has_debugger(NULL));
2285	#endif
2286
2287	#if CONFIG_KDP_INTERACTIVE_DEBUGGING
2288
2289	kdp_debugger_loop(exception, code, subcode, saved_state);
2290	#else /* CONFIG_KDP_INTERACTIVE_DEBUGGING */
2291	assert(current_debugger != KDP_CUR_DB);
2292
2293	panic_spin_forever();
2294	#endif /* CONFIG_KDP_INTERACTIVE_DEBUGGING */
2295	}
2296

Browse the source code of xnu/osfmk/kdp/kdp_udp.c