/* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License, Version 1.0 only * (the "License"). You may not use this file except in compliance * with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at usr/src/OPENSOLARIS.LICENSE. * If applicable, add the following below this CDDL HEADER, with the * fields enclosed by brackets "[]" replaced with your own identifying * information: Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END */ /* * Copyright 2005 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ #pragma ident "%Z%%M% %I% %E% SMI" #include <sys/reboot.h> #include <sys/systm.h> #include <sys/archsystm.h> #include <sys/machsystm.h> #include <sys/promif.h> #include <sys/promimpl.h> #include <sys/prom_plat.h> #include <sys/cpu_sgnblk_defs.h> #include <sys/ivintr.h> #include <sys/kdi.h> #include <sys/callb.h> #ifdef TRAPTRACE #include <sys/traptrace.h> #endif /* TRAPTRACE */ #ifdef C2_AUDIT extern void audit_enterprom(); extern void audit_exitprom(); #endif /* C2_AUDIT */ /* * Platforms that use CPU signatures need to set cpu_sgn_func * to point to a platform specific function. This needs to * be done in set_platform_defaults() within the platmod. */ void (*cpu_sgn_func)(ushort_t, uchar_t, uchar_t, int) = NULL; /* * abort_seq_handler required by sysctrl. */ void debug_enter(char *); void (*abort_seq_handler)(char *) = debug_enter; /* * Platform tunable to disable the h/w watchdog timer. */ int disable_watchdog_on_exit = 0; extern void clear_watchdog_on_exit(void); /* * On sun4u platform, abort_sequence_enter() can be called at high PIL * and we can't afford to acquire any adaptive mutex or use any * condition variables as we are not allowed to sleep while running * on interrupt stack. We work around this problem by posting a level * 10 soft interrupt and then invoking the "abort_seq_handler" within * that soft interrupt context. * * This has the side effect of not allowing us to drop into debugger * when the kernel is stuck at high PIL (PIL > 10). It's better to * be able to break into a hung system even if it means crashing the * system. If a user presses L1-A more than once within a 15 seconds * window, and the previous L1-A soft interrupt is still pending, then * we directly invoke the abort_sequence_enter. * * Since the "msg" argument passed to abort_sequence_enter can refer * to a message anywhere in memory, including stack, it's copied into * abort_seq_msgbuf buffer for processing by the soft interrupt. */ #define ABORT_SEQ_MSGBUFSZ 256 #define FORCE_ABORT_SEQ_INTERVAL ((hrtime_t)15 * NANOSEC) static kmutex_t abort_seq_lock; static uint_t abort_seq_inum; /* abort seq softintr # */ static hrtime_t abort_seq_tstamp; /* hrtime of last abort seq */ static size_t abort_seq_msglen; /* abort seq message length */ static char abort_seq_msgbuf[ABORT_SEQ_MSGBUFSZ]; /*ARGSUSED0*/ static uint_t abort_seq_softintr(caddr_t arg) { char *msg; char msgbuf[ABORT_SEQ_MSGBUFSZ]; mutex_enter(&abort_seq_lock); if (abort_enable != 0 && abort_seq_tstamp != 0LL) { if (abort_seq_msglen > 0) { bcopy(abort_seq_msgbuf, msgbuf, abort_seq_msglen); msg = msgbuf; } else msg = NULL; abort_seq_tstamp = 0LL; mutex_exit(&abort_seq_lock); #ifdef C2_AUDIT if (audit_active) audit_enterprom(1); #endif /* C2_AUDIT */ (*abort_seq_handler)(msg); #ifdef C2_AUDIT if (audit_active) audit_exitprom(1); #endif /* C2_AUDIT */ } else { mutex_exit(&abort_seq_lock); #ifdef C2_AUDIT if (audit_active) audit_enterprom(0); #endif /* C2_AUDIT */ } return (1); } void abort_sequence_init(void) { mutex_init(&abort_seq_lock, NULL, MUTEX_SPIN, (void *)PIL_12); abort_seq_tstamp = 0LL; if (abort_seq_inum == 0) abort_seq_inum = add_softintr(LOCK_LEVEL, (softintrfunc)abort_seq_softintr, NULL); } /* * Machine dependent abort sequence handling */ void abort_sequence_enter(char *msg) { int s, on_intr; size_t msglen; hrtime_t tstamp; if (abort_enable != 0) { s = splhi(); on_intr = CPU_ON_INTR(CPU) || (spltoipl(s) > LOCK_LEVEL); splx(s); tstamp = gethrtime(); mutex_enter(&abort_seq_lock); /* * If we are on an interrupt stack and/or running at * PIL > LOCK_LEVEL, then we post a softint and invoke * abort_seq_handler from there as we can't afford to * acquire any adaptive mutex here. However, if we * already have a pending softint, which was posted * within FORCE_ABORT_SEQ_INTERVAL duration, then we * bypass softint approach as our softint may be blocked * and the user really wants to drop into the debugger. */ if (on_intr && abort_seq_inum != 0 && (abort_seq_tstamp == 0LL || tstamp > (abort_seq_tstamp + FORCE_ABORT_SEQ_INTERVAL))) { abort_seq_tstamp = tstamp; if (msg != NULL) { msglen = strlen(msg); if (msglen >= ABORT_SEQ_MSGBUFSZ) msglen = ABORT_SEQ_MSGBUFSZ - 1; bcopy(msg, abort_seq_msgbuf, msglen); abort_seq_msgbuf[msglen] = '\0'; abort_seq_msglen = msglen + 1; } else abort_seq_msglen = 0; mutex_exit(&abort_seq_lock); setsoftint(abort_seq_inum); } else { /* * Ignore any pending abort sequence softint * as we are invoking the abort_seq_handler * here. */ abort_seq_tstamp = 0LL; mutex_exit(&abort_seq_lock); #ifdef C2_AUDIT if (!on_intr && audit_active) audit_enterprom(1); #endif /* C2_AUDIT */ (*abort_seq_handler)(msg); #ifdef C2_AUDIT if (!on_intr && audit_active) audit_exitprom(1); #endif /* C2_AUDIT */ } } else { #ifdef C2_AUDIT if (audit_active) audit_enterprom(0); #endif /* C2_AUDIT */ } } /* * Enter debugger. Called when the user types L1-A or break or whenever * code wants to enter the debugger and possibly resume later. * If the debugger isn't present, enter the PROM monitor. * * If console is a framebuffer which is powered off, it will be powered up * before jumping to the debugger. If we are called above lock level, a * softint is triggered to reenter this code and allow the fb to be powered * up as in the less than lock level case. If this code is entered at greater * than lock level and the fb is not already powered up, the msg argument * will not be displayed. */ void debug_enter(char *msg) { label_t old_pcb; int s; extern void pm_cfb_powerup(void); extern void pm_cfb_rele(void); extern void pm_cfb_trigger(void); extern int pm_cfb_check_and_hold(void); /* * For platforms that use CPU signatures, update the signature * to indicate that we are entering the debugger if we are in * the middle of a panic flow. */ if (panicstr) CPU_SIGNATURE(OS_SIG, SIGST_EXIT, SIGSUBST_DEBUG, -1); if (!panicstr) (void) callb_execute_class(CB_CL_ENTER_DEBUGGER, 0); if (pm_cfb_check_and_hold()) if (getpil() > LOCK_LEVEL) { pm_cfb_trigger(); return; } else pm_cfb_powerup(); if (msg) prom_printf("%s\n", msg); clear_watchdog_on_exit(); if ((s = getpil()) < ipltospl(12)) s = splzs(); old_pcb = curthread->t_pcb; (void) setjmp(&curthread->t_pcb); if (boothowto & RB_DEBUG) kdi_dvec_enter(); else prom_enter_mon(); curthread->t_pcb = old_pcb; splx(s); pm_cfb_rele(); if (!panicstr) (void) callb_execute_class(CB_CL_ENTER_DEBUGGER, 1); if (panicstr) CPU_SIGNATURE(OS_SIG, SIGST_EXIT, SIGSUBST_PANIC_CONT, -1); } /* * Halt the machine and return to the monitor */ void halt(char *s) { flush_windows(); stop_other_cpus(); /* send stop signal to other CPUs */ if (s) prom_printf("(%s) ", s); /* * For Platforms that use CPU signatures, we * need to set the signature block to OS and * the state to exiting for all the processors. */ CPU_SIGNATURE(OS_SIG, SIGST_EXIT, SIGSUBST_HALT, -1); prom_exit_to_mon(); /*NOTREACHED*/ } /* * Halt the machine and power off the system. */ void power_down(const char *s) { flush_windows(); stop_other_cpus(); /* send stop signal to other CPUs */ if (s != NULL) prom_printf("(%s) ", s); /* * For platforms that use CPU signatures, we need to set up the * signature blocks to indicate that we have an environmental * interrupt request to power down, and then exit to the prom monitor. */ CPU_SIGNATURE(OS_SIG, SIGST_EXIT, SIGSUBST_ENVIRON, -1); prom_power_off(); /* * If here is reached, for some reason prom's power-off command failed. * Prom should have already printed out error messages. Exit to * firmware. */ prom_exit_to_mon(); /*NOTREACHED*/ } void do_shutdown(void) { proc_t *initpp; /* * If we're still booting and init(1) isn't set up yet, simply halt. */ mutex_enter(&pidlock); initpp = prfind(P_INITPID); mutex_exit(&pidlock); if (initpp == NULL) { extern void halt(char *); prom_power_off(); halt("Power off the System"); /* just in case */ } /* * else, graceful shutdown with inittab and all getting involved */ psignal(initpp, SIGPWR); }