1 /*- 2 * Copyright (c) 2014 Tycho Nightingale <tycho.nightingale@pluribusnetworks.com> 3 * Copyright (c) 2011 NetApp, Inc. 4 * All rights reserved. 5 * Copyright (c) 2018 Joyent, Inc. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY NETAPP, INC ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL NETAPP, INC OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #include <sys/cdefs.h> 30 #include "opt_bhyve_snapshot.h" 31 32 #include <sys/param.h> 33 #include <sys/types.h> 34 #include <sys/queue.h> 35 #include <sys/kernel.h> 36 #include <sys/lock.h> 37 #include <sys/malloc.h> 38 #include <sys/mutex.h> 39 #include <sys/systm.h> 40 41 #include <machine/vmm.h> 42 #include <machine/vmm_snapshot.h> 43 44 #include "vmm_ktr.h" 45 #include "vatpic.h" 46 #include "vioapic.h" 47 #include "vatpit.h" 48 49 static MALLOC_DEFINE(M_VATPIT, "atpit", "bhyve virtual atpit (8254)"); 50 51 #define VATPIT_LOCK(vatpit) mtx_lock_spin(&((vatpit)->mtx)) 52 #define VATPIT_UNLOCK(vatpit) mtx_unlock_spin(&((vatpit)->mtx)) 53 #define VATPIT_LOCKED(vatpit) mtx_owned(&((vatpit)->mtx)) 54 55 #define TIMER_SEL_MASK 0xc0 56 #define TIMER_RW_MASK 0x30 57 #define TIMER_MODE_MASK 0x0f 58 #define TIMER_SEL_READBACK 0xc0 59 60 #define TIMER_STS_OUT 0x80 61 #define TIMER_STS_NULLCNT 0x40 62 63 #define TIMER_RB_LCTR 0x20 64 #define TIMER_RB_LSTATUS 0x10 65 #define TIMER_RB_CTR_2 0x08 66 #define TIMER_RB_CTR_1 0x04 67 #define TIMER_RB_CTR_0 0x02 68 69 #define TMR2_OUT_STS 0x20 70 71 #define PIT_8254_FREQ 1193182 72 #define TIMER_DIV(freq, hz) (((freq) + (hz) / 2) / (hz)) 73 74 struct vatpit_callout_arg { 75 struct vatpit *vatpit; 76 int channel_num; 77 }; 78 79 struct channel { 80 int mode; 81 uint16_t initial; /* initial counter value */ 82 struct bintime now_bt; /* uptime when counter was loaded */ 83 uint8_t cr[2]; 84 uint8_t ol[2]; 85 bool slatched; /* status latched */ 86 uint8_t status; 87 int crbyte; 88 int olbyte; 89 int frbyte; 90 struct callout callout; 91 struct bintime callout_bt; /* target time */ 92 struct vatpit_callout_arg callout_arg; 93 }; 94 95 struct vatpit { 96 struct vm *vm; 97 struct mtx mtx; 98 99 struct bintime freq_bt; 100 101 struct channel channel[3]; 102 }; 103 104 static void pit_timer_start_cntr0(struct vatpit *vatpit); 105 106 static uint64_t 107 vatpit_delta_ticks(struct vatpit *vatpit, struct channel *c) 108 { 109 struct bintime delta; 110 uint64_t result; 111 112 binuptime(&delta); 113 bintime_sub(&delta, &c->now_bt); 114 115 result = delta.sec * PIT_8254_FREQ; 116 result += delta.frac / vatpit->freq_bt.frac; 117 118 return (result); 119 } 120 121 static int 122 vatpit_get_out(struct vatpit *vatpit, int channel) 123 { 124 struct channel *c; 125 uint64_t delta_ticks; 126 int out; 127 128 c = &vatpit->channel[channel]; 129 130 switch (c->mode) { 131 case TIMER_INTTC: 132 delta_ticks = vatpit_delta_ticks(vatpit, c); 133 out = (delta_ticks >= c->initial); 134 break; 135 default: 136 out = 0; 137 break; 138 } 139 140 return (out); 141 } 142 143 static void 144 vatpit_callout_handler(void *a) 145 { 146 struct vatpit_callout_arg *arg = a; 147 struct vatpit *vatpit; 148 struct callout *callout; 149 struct channel *c; 150 151 vatpit = arg->vatpit; 152 c = &vatpit->channel[arg->channel_num]; 153 callout = &c->callout; 154 155 VM_CTR1(vatpit->vm, "atpit t%d fired", arg->channel_num); 156 157 VATPIT_LOCK(vatpit); 158 159 if (callout_pending(callout)) /* callout was reset */ 160 goto done; 161 162 if (!callout_active(callout)) /* callout was stopped */ 163 goto done; 164 165 callout_deactivate(callout); 166 167 if (c->mode == TIMER_RATEGEN) { 168 pit_timer_start_cntr0(vatpit); 169 } 170 171 vatpic_pulse_irq(vatpit->vm, 0); 172 vioapic_pulse_irq(vatpit->vm, 2); 173 174 done: 175 VATPIT_UNLOCK(vatpit); 176 return; 177 } 178 179 static void 180 pit_timer_start_cntr0(struct vatpit *vatpit) 181 { 182 struct channel *c; 183 struct bintime now, delta; 184 sbintime_t precision; 185 186 c = &vatpit->channel[0]; 187 if (c->initial != 0) { 188 delta.sec = 0; 189 delta.frac = vatpit->freq_bt.frac * c->initial; 190 bintime_add(&c->callout_bt, &delta); 191 precision = bttosbt(delta) >> tc_precexp; 192 193 /* 194 * Reset 'callout_bt' if the time that the callout 195 * was supposed to fire is more than 'c->initial' 196 * ticks in the past. 197 */ 198 binuptime(&now); 199 if (bintime_cmp(&c->callout_bt, &now, <)) { 200 c->callout_bt = now; 201 bintime_add(&c->callout_bt, &delta); 202 } 203 204 callout_reset_sbt(&c->callout, bttosbt(c->callout_bt), 205 precision, vatpit_callout_handler, &c->callout_arg, 206 C_ABSOLUTE); 207 } 208 } 209 210 static uint16_t 211 pit_update_counter(struct vatpit *vatpit, struct channel *c, bool latch) 212 { 213 uint16_t lval; 214 uint64_t delta_ticks; 215 216 /* cannot latch a new value until the old one has been consumed */ 217 if (latch && c->olbyte != 0) 218 return (0); 219 220 if (c->initial == 0) { 221 /* 222 * This is possibly an o/s bug - reading the value of 223 * the timer without having set up the initial value. 224 * 225 * The original user-space version of this code set 226 * the timer to 100hz in this condition; do the same 227 * here. 228 */ 229 c->initial = TIMER_DIV(PIT_8254_FREQ, 100); 230 binuptime(&c->now_bt); 231 c->status &= ~TIMER_STS_NULLCNT; 232 } 233 234 delta_ticks = vatpit_delta_ticks(vatpit, c); 235 lval = c->initial - delta_ticks % c->initial; 236 237 if (latch) { 238 c->olbyte = 2; 239 c->ol[1] = lval; /* LSB */ 240 c->ol[0] = lval >> 8; /* MSB */ 241 } 242 243 return (lval); 244 } 245 246 static int 247 pit_readback1(struct vatpit *vatpit, int channel, uint8_t cmd) 248 { 249 struct channel *c; 250 251 c = &vatpit->channel[channel]; 252 253 /* 254 * Latch the count/status of the timer if not already latched. 255 * N.B. that the count/status latch-select bits are active-low. 256 */ 257 if (!(cmd & TIMER_RB_LCTR) && !c->olbyte) { 258 (void) pit_update_counter(vatpit, c, true); 259 } 260 261 if (!(cmd & TIMER_RB_LSTATUS) && !c->slatched) { 262 c->slatched = true; 263 /* 264 * For mode 0, see if the elapsed time is greater 265 * than the initial value - this results in the 266 * output pin being set to 1 in the status byte. 267 */ 268 if (c->mode == TIMER_INTTC && vatpit_get_out(vatpit, channel)) 269 c->status |= TIMER_STS_OUT; 270 else 271 c->status &= ~TIMER_STS_OUT; 272 } 273 274 return (0); 275 } 276 277 static int 278 pit_readback(struct vatpit *vatpit, uint8_t cmd) 279 { 280 int error; 281 282 /* 283 * The readback command can apply to all timers. 284 */ 285 error = 0; 286 if (cmd & TIMER_RB_CTR_0) 287 error = pit_readback1(vatpit, 0, cmd); 288 if (!error && cmd & TIMER_RB_CTR_1) 289 error = pit_readback1(vatpit, 1, cmd); 290 if (!error && cmd & TIMER_RB_CTR_2) 291 error = pit_readback1(vatpit, 2, cmd); 292 293 return (error); 294 } 295 296 static int 297 vatpit_update_mode(struct vatpit *vatpit, uint8_t val) 298 { 299 struct channel *c; 300 int sel, rw, mode; 301 302 sel = val & TIMER_SEL_MASK; 303 rw = val & TIMER_RW_MASK; 304 mode = val & TIMER_MODE_MASK; 305 306 if (sel == TIMER_SEL_READBACK) 307 return (pit_readback(vatpit, val)); 308 309 if (rw != TIMER_LATCH && rw != TIMER_16BIT) 310 return (-1); 311 312 if (rw != TIMER_LATCH) { 313 /* 314 * Counter mode is not affected when issuing a 315 * latch command. 316 */ 317 if (mode != TIMER_INTTC && 318 mode != TIMER_RATEGEN && 319 mode != TIMER_SQWAVE && 320 mode != TIMER_SWSTROBE) 321 return (-1); 322 } 323 324 c = &vatpit->channel[sel >> 6]; 325 if (rw == TIMER_LATCH) 326 pit_update_counter(vatpit, c, true); 327 else { 328 c->mode = mode; 329 c->olbyte = 0; /* reset latch after reprogramming */ 330 c->status |= TIMER_STS_NULLCNT; 331 } 332 333 return (0); 334 } 335 336 int 337 vatpit_handler(struct vm *vm, bool in, int port, int bytes, uint32_t *eax) 338 { 339 struct vatpit *vatpit; 340 struct channel *c; 341 uint8_t val; 342 int error; 343 344 vatpit = vm_atpit(vm); 345 346 if (bytes != 1) 347 return (-1); 348 349 val = *eax; 350 351 if (port == TIMER_MODE) { 352 if (in) { 353 VM_CTR0(vatpit->vm, "vatpit attempt to read mode"); 354 return (-1); 355 } 356 357 VATPIT_LOCK(vatpit); 358 error = vatpit_update_mode(vatpit, val); 359 VATPIT_UNLOCK(vatpit); 360 361 return (error); 362 } 363 364 /* counter ports */ 365 KASSERT(port >= TIMER_CNTR0 && port <= TIMER_CNTR2, 366 ("invalid port 0x%x", port)); 367 c = &vatpit->channel[port - TIMER_CNTR0]; 368 369 VATPIT_LOCK(vatpit); 370 if (in && c->slatched) { 371 /* 372 * Return the status byte if latched 373 */ 374 *eax = c->status; 375 c->slatched = false; 376 c->status = 0; 377 } else if (in) { 378 /* 379 * The spec says that once the output latch is completely 380 * read it should revert to "following" the counter. Use 381 * the free running counter for this case (i.e. Linux 382 * TSC calibration). Assuming the access mode is 16-bit, 383 * toggle the MSB/LSB bit on each read. 384 */ 385 if (c->olbyte == 0) { 386 uint16_t tmp; 387 388 tmp = pit_update_counter(vatpit, c, false); 389 if (c->frbyte) 390 tmp >>= 8; 391 tmp &= 0xff; 392 *eax = tmp; 393 c->frbyte ^= 1; 394 } else 395 *eax = c->ol[--c->olbyte]; 396 } else { 397 c->cr[c->crbyte++] = *eax; 398 if (c->crbyte == 2) { 399 c->status &= ~TIMER_STS_NULLCNT; 400 c->frbyte = 0; 401 c->crbyte = 0; 402 c->initial = c->cr[0] | (uint16_t)c->cr[1] << 8; 403 binuptime(&c->now_bt); 404 /* Start an interval timer for channel 0 */ 405 if (port == TIMER_CNTR0) { 406 c->callout_bt = c->now_bt; 407 pit_timer_start_cntr0(vatpit); 408 } 409 if (c->initial == 0) 410 c->initial = 0xffff; 411 } 412 } 413 VATPIT_UNLOCK(vatpit); 414 415 return (0); 416 } 417 418 int 419 vatpit_nmisc_handler(struct vm *vm, bool in, int port, int bytes, 420 uint32_t *eax) 421 { 422 struct vatpit *vatpit; 423 424 vatpit = vm_atpit(vm); 425 426 if (in) { 427 VATPIT_LOCK(vatpit); 428 if (vatpit_get_out(vatpit, 2)) 429 *eax = TMR2_OUT_STS; 430 else 431 *eax = 0; 432 433 VATPIT_UNLOCK(vatpit); 434 } 435 436 return (0); 437 } 438 439 struct vatpit * 440 vatpit_init(struct vm *vm) 441 { 442 struct vatpit *vatpit; 443 struct vatpit_callout_arg *arg; 444 int i; 445 446 vatpit = malloc(sizeof(struct vatpit), M_VATPIT, M_WAITOK | M_ZERO); 447 vatpit->vm = vm; 448 449 mtx_init(&vatpit->mtx, "vatpit lock", NULL, MTX_SPIN); 450 451 FREQ2BT(PIT_8254_FREQ, &vatpit->freq_bt); 452 453 for (i = 0; i < 3; i++) { 454 callout_init(&vatpit->channel[i].callout, 1); 455 arg = &vatpit->channel[i].callout_arg; 456 arg->vatpit = vatpit; 457 arg->channel_num = i; 458 } 459 460 return (vatpit); 461 } 462 463 void 464 vatpit_cleanup(struct vatpit *vatpit) 465 { 466 int i; 467 468 for (i = 0; i < 3; i++) 469 callout_drain(&vatpit->channel[i].callout); 470 471 mtx_destroy(&vatpit->mtx); 472 free(vatpit, M_VATPIT); 473 } 474 475 #ifdef BHYVE_SNAPSHOT 476 int 477 vatpit_snapshot(struct vatpit *vatpit, struct vm_snapshot_meta *meta) 478 { 479 int ret; 480 int i; 481 struct channel *channel; 482 483 SNAPSHOT_VAR_OR_LEAVE(vatpit->freq_bt.sec, meta, ret, done); 484 SNAPSHOT_VAR_OR_LEAVE(vatpit->freq_bt.frac, meta, ret, done); 485 486 /* properly restore timers; they will NOT work currently */ 487 printf("%s: snapshot restore does not reset timers!\r\n", __func__); 488 489 for (i = 0; i < nitems(vatpit->channel); i++) { 490 channel = &vatpit->channel[i]; 491 492 SNAPSHOT_VAR_OR_LEAVE(channel->mode, meta, ret, done); 493 SNAPSHOT_VAR_OR_LEAVE(channel->initial, meta, ret, done); 494 SNAPSHOT_VAR_OR_LEAVE(channel->now_bt.sec, meta, ret, done); 495 SNAPSHOT_VAR_OR_LEAVE(channel->now_bt.frac, meta, ret, done); 496 SNAPSHOT_BUF_OR_LEAVE(channel->cr, sizeof(channel->cr), 497 meta, ret, done); 498 SNAPSHOT_BUF_OR_LEAVE(channel->ol, sizeof(channel->ol), 499 meta, ret, done); 500 SNAPSHOT_VAR_OR_LEAVE(channel->slatched, meta, ret, done); 501 SNAPSHOT_VAR_OR_LEAVE(channel->status, meta, ret, done); 502 SNAPSHOT_VAR_OR_LEAVE(channel->crbyte, meta, ret, done); 503 SNAPSHOT_VAR_OR_LEAVE(channel->frbyte, meta, ret, done); 504 SNAPSHOT_VAR_OR_LEAVE(channel->callout_bt.sec, meta, ret, done); 505 SNAPSHOT_VAR_OR_LEAVE(channel->callout_bt.frac, meta, ret, 506 done); 507 } 508 509 done: 510 return (ret); 511 } 512 #endif 513