1 /*- 2 * Copyright (c) 2003 Peter Wemm. 3 * Copyright (c) 1992 Terrence R. Lambert. 4 * Copyright (c) 1982, 1987, 1990 The Regents of the University of California. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * William Jolitz. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * from: @(#)machdep.c 7.4 (Berkeley) 6/3/91 39 */ 40 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #include "opt_atpic.h" 45 #include "opt_cpu.h" 46 #include "opt_ddb.h" 47 #include "opt_inet.h" 48 #include "opt_isa.h" 49 #include "opt_kdb.h" 50 #include "opt_kstack_pages.h" 51 #include "opt_maxmem.h" 52 #include "opt_mp_watchdog.h" 53 #include "opt_platform.h" 54 #ifdef __i386__ 55 #include "opt_apic.h" 56 #endif 57 58 #include <sys/param.h> 59 #include <sys/proc.h> 60 #include <sys/systm.h> 61 #include <sys/bus.h> 62 #include <sys/cpu.h> 63 #include <sys/kdb.h> 64 #include <sys/kernel.h> 65 #include <sys/ktr.h> 66 #include <sys/lock.h> 67 #include <sys/malloc.h> 68 #include <sys/mutex.h> 69 #include <sys/pcpu.h> 70 #include <sys/rwlock.h> 71 #include <sys/sched.h> 72 #ifdef SMP 73 #include <sys/smp.h> 74 #endif 75 #include <sys/sysctl.h> 76 77 #include <machine/clock.h> 78 #include <machine/cpu.h> 79 #include <machine/cputypes.h> 80 #include <machine/specialreg.h> 81 #include <machine/md_var.h> 82 #include <machine/mp_watchdog.h> 83 #include <machine/tss.h> 84 #ifdef SMP 85 #include <machine/smp.h> 86 #endif 87 #ifdef CPU_ELAN 88 #include <machine/elan_mmcr.h> 89 #endif 90 #include <x86/acpica_machdep.h> 91 92 #include <vm/vm.h> 93 #include <vm/vm_extern.h> 94 #include <vm/vm_kern.h> 95 #include <vm/vm_page.h> 96 #include <vm/vm_map.h> 97 #include <vm/vm_object.h> 98 #include <vm/vm_pager.h> 99 #include <vm/vm_param.h> 100 101 #include <isa/isareg.h> 102 103 #define STATE_RUNNING 0x0 104 #define STATE_MWAIT 0x1 105 #define STATE_SLEEPING 0x2 106 107 #ifdef SMP 108 static u_int cpu_reset_proxyid; 109 static volatile u_int cpu_reset_proxy_active; 110 #endif 111 112 113 /* 114 * Machine dependent boot() routine 115 * 116 * I haven't seen anything to put here yet 117 * Possibly some stuff might be grafted back here from boot() 118 */ 119 void 120 cpu_boot(int howto) 121 { 122 } 123 124 /* 125 * Flush the D-cache for non-DMA I/O so that the I-cache can 126 * be made coherent later. 127 */ 128 void 129 cpu_flush_dcache(void *ptr, size_t len) 130 { 131 /* Not applicable */ 132 } 133 134 void 135 acpi_cpu_c1(void) 136 { 137 138 __asm __volatile("sti; hlt"); 139 } 140 141 /* 142 * Use mwait to pause execution while waiting for an interrupt or 143 * another thread to signal that there is more work. 144 * 145 * NOTE: Interrupts will cause a wakeup; however, this function does 146 * not enable interrupt handling. The caller is responsible to enable 147 * interrupts. 148 */ 149 void 150 acpi_cpu_idle_mwait(uint32_t mwait_hint) 151 { 152 int *state; 153 154 /* 155 * A comment in Linux patch claims that 'CPUs run faster with 156 * speculation protection disabled. All CPU threads in a core 157 * must disable speculation protection for it to be 158 * disabled. Disable it while we are idle so the other 159 * hyperthread can run fast.' 160 * 161 * XXXKIB. Software coordination mode should be supported, 162 * but all Intel CPUs provide hardware coordination. 163 */ 164 165 state = (int *)PCPU_PTR(monitorbuf); 166 KASSERT(*state == STATE_SLEEPING, 167 ("cpu_mwait_cx: wrong monitorbuf state")); 168 *state = STATE_MWAIT; 169 handle_ibrs_entry(); 170 cpu_monitor(state, 0, 0); 171 if (*state == STATE_MWAIT) 172 cpu_mwait(MWAIT_INTRBREAK, mwait_hint); 173 handle_ibrs_exit(); 174 175 /* 176 * We should exit on any event that interrupts mwait, because 177 * that event might be a wanted interrupt. 178 */ 179 *state = STATE_RUNNING; 180 } 181 182 /* Get current clock frequency for the given cpu id. */ 183 int 184 cpu_est_clockrate(int cpu_id, uint64_t *rate) 185 { 186 uint64_t tsc1, tsc2; 187 uint64_t acnt, mcnt, perf; 188 register_t reg; 189 190 if (pcpu_find(cpu_id) == NULL || rate == NULL) 191 return (EINVAL); 192 #ifdef __i386__ 193 if ((cpu_feature & CPUID_TSC) == 0) 194 return (EOPNOTSUPP); 195 #endif 196 197 /* 198 * If TSC is P-state invariant and APERF/MPERF MSRs do not exist, 199 * DELAY(9) based logic fails. 200 */ 201 if (tsc_is_invariant && !tsc_perf_stat) 202 return (EOPNOTSUPP); 203 204 #ifdef SMP 205 if (smp_cpus > 1) { 206 /* Schedule ourselves on the indicated cpu. */ 207 thread_lock(curthread); 208 sched_bind(curthread, cpu_id); 209 thread_unlock(curthread); 210 } 211 #endif 212 213 /* Calibrate by measuring a short delay. */ 214 reg = intr_disable(); 215 if (tsc_is_invariant) { 216 wrmsr(MSR_MPERF, 0); 217 wrmsr(MSR_APERF, 0); 218 tsc1 = rdtsc(); 219 DELAY(1000); 220 mcnt = rdmsr(MSR_MPERF); 221 acnt = rdmsr(MSR_APERF); 222 tsc2 = rdtsc(); 223 intr_restore(reg); 224 perf = 1000 * acnt / mcnt; 225 *rate = (tsc2 - tsc1) * perf; 226 } else { 227 tsc1 = rdtsc(); 228 DELAY(1000); 229 tsc2 = rdtsc(); 230 intr_restore(reg); 231 *rate = (tsc2 - tsc1) * 1000; 232 } 233 234 #ifdef SMP 235 if (smp_cpus > 1) { 236 thread_lock(curthread); 237 sched_unbind(curthread); 238 thread_unlock(curthread); 239 } 240 #endif 241 242 return (0); 243 } 244 245 /* 246 * Shutdown the CPU as much as possible 247 */ 248 void 249 cpu_halt(void) 250 { 251 for (;;) 252 halt(); 253 } 254 255 static void 256 cpu_reset_real(void) 257 { 258 struct region_descriptor null_idt; 259 int b; 260 261 disable_intr(); 262 #ifdef CPU_ELAN 263 if (elan_mmcr != NULL) 264 elan_mmcr->RESCFG = 1; 265 #endif 266 #ifdef __i386__ 267 if (cpu == CPU_GEODE1100) { 268 /* Attempt Geode's own reset */ 269 outl(0xcf8, 0x80009044ul); 270 outl(0xcfc, 0xf); 271 } 272 #endif 273 #if !defined(BROKEN_KEYBOARD_RESET) 274 /* 275 * Attempt to do a CPU reset via the keyboard controller, 276 * do not turn off GateA20, as any machine that fails 277 * to do the reset here would then end up in no man's land. 278 */ 279 outb(IO_KBD + 4, 0xFE); 280 DELAY(500000); /* wait 0.5 sec to see if that did it */ 281 #endif 282 283 /* 284 * Attempt to force a reset via the Reset Control register at 285 * I/O port 0xcf9. Bit 2 forces a system reset when it 286 * transitions from 0 to 1. Bit 1 selects the type of reset 287 * to attempt: 0 selects a "soft" reset, and 1 selects a 288 * "hard" reset. We try a "hard" reset. The first write sets 289 * bit 1 to select a "hard" reset and clears bit 2. The 290 * second write forces a 0 -> 1 transition in bit 2 to trigger 291 * a reset. 292 */ 293 outb(0xcf9, 0x2); 294 outb(0xcf9, 0x6); 295 DELAY(500000); /* wait 0.5 sec to see if that did it */ 296 297 /* 298 * Attempt to force a reset via the Fast A20 and Init register 299 * at I/O port 0x92. Bit 1 serves as an alternate A20 gate. 300 * Bit 0 asserts INIT# when set to 1. We are careful to only 301 * preserve bit 1 while setting bit 0. We also must clear bit 302 * 0 before setting it if it isn't already clear. 303 */ 304 b = inb(0x92); 305 if (b != 0xff) { 306 if ((b & 0x1) != 0) 307 outb(0x92, b & 0xfe); 308 outb(0x92, b | 0x1); 309 DELAY(500000); /* wait 0.5 sec to see if that did it */ 310 } 311 312 printf("No known reset method worked, attempting CPU shutdown\n"); 313 DELAY(1000000); /* wait 1 sec for printf to complete */ 314 315 /* Wipe the IDT. */ 316 null_idt.rd_limit = 0; 317 null_idt.rd_base = 0; 318 lidt(&null_idt); 319 320 /* "good night, sweet prince .... <THUNK!>" */ 321 breakpoint(); 322 323 /* NOTREACHED */ 324 while(1); 325 } 326 327 #ifdef SMP 328 static void 329 cpu_reset_proxy(void) 330 { 331 332 cpu_reset_proxy_active = 1; 333 while (cpu_reset_proxy_active == 1) 334 ia32_pause(); /* Wait for other cpu to see that we've started */ 335 336 printf("cpu_reset_proxy: Stopped CPU %d\n", cpu_reset_proxyid); 337 DELAY(1000000); 338 cpu_reset_real(); 339 } 340 #endif 341 342 void 343 cpu_reset(void) 344 { 345 #ifdef SMP 346 cpuset_t map; 347 u_int cnt; 348 349 if (smp_started) { 350 map = all_cpus; 351 CPU_CLR(PCPU_GET(cpuid), &map); 352 CPU_NAND(&map, &stopped_cpus); 353 if (!CPU_EMPTY(&map)) { 354 printf("cpu_reset: Stopping other CPUs\n"); 355 stop_cpus(map); 356 } 357 358 if (PCPU_GET(cpuid) != 0) { 359 cpu_reset_proxyid = PCPU_GET(cpuid); 360 cpustop_restartfunc = cpu_reset_proxy; 361 cpu_reset_proxy_active = 0; 362 printf("cpu_reset: Restarting BSP\n"); 363 364 /* Restart CPU #0. */ 365 CPU_SETOF(0, &started_cpus); 366 wmb(); 367 368 cnt = 0; 369 while (cpu_reset_proxy_active == 0 && cnt < 10000000) { 370 ia32_pause(); 371 cnt++; /* Wait for BSP to announce restart */ 372 } 373 if (cpu_reset_proxy_active == 0) { 374 printf("cpu_reset: Failed to restart BSP\n"); 375 } else { 376 cpu_reset_proxy_active = 2; 377 while (1) 378 ia32_pause(); 379 /* NOTREACHED */ 380 } 381 } 382 383 DELAY(1000000); 384 } 385 #endif 386 cpu_reset_real(); 387 /* NOTREACHED */ 388 } 389 390 bool 391 cpu_mwait_usable(void) 392 { 393 394 return ((cpu_feature2 & CPUID2_MON) != 0 && ((cpu_mon_mwait_flags & 395 (CPUID5_MON_MWAIT_EXT | CPUID5_MWAIT_INTRBREAK)) == 396 (CPUID5_MON_MWAIT_EXT | CPUID5_MWAIT_INTRBREAK))); 397 } 398 399 void (*cpu_idle_hook)(sbintime_t) = NULL; /* ACPI idle hook. */ 400 static int cpu_ident_amdc1e = 0; /* AMD C1E supported. */ 401 static int idle_mwait = 1; /* Use MONITOR/MWAIT for short idle. */ 402 SYSCTL_INT(_machdep, OID_AUTO, idle_mwait, CTLFLAG_RWTUN, &idle_mwait, 403 0, "Use MONITOR/MWAIT for short idle"); 404 405 static void 406 cpu_idle_acpi(sbintime_t sbt) 407 { 408 int *state; 409 410 state = (int *)PCPU_PTR(monitorbuf); 411 *state = STATE_SLEEPING; 412 413 /* See comments in cpu_idle_hlt(). */ 414 disable_intr(); 415 if (sched_runnable()) 416 enable_intr(); 417 else if (cpu_idle_hook) 418 cpu_idle_hook(sbt); 419 else 420 acpi_cpu_c1(); 421 *state = STATE_RUNNING; 422 } 423 424 static void 425 cpu_idle_hlt(sbintime_t sbt) 426 { 427 int *state; 428 429 state = (int *)PCPU_PTR(monitorbuf); 430 *state = STATE_SLEEPING; 431 432 /* 433 * Since we may be in a critical section from cpu_idle(), if 434 * an interrupt fires during that critical section we may have 435 * a pending preemption. If the CPU halts, then that thread 436 * may not execute until a later interrupt awakens the CPU. 437 * To handle this race, check for a runnable thread after 438 * disabling interrupts and immediately return if one is 439 * found. Also, we must absolutely guarentee that hlt is 440 * the next instruction after sti. This ensures that any 441 * interrupt that fires after the call to disable_intr() will 442 * immediately awaken the CPU from hlt. Finally, please note 443 * that on x86 this works fine because of interrupts enabled only 444 * after the instruction following sti takes place, while IF is set 445 * to 1 immediately, allowing hlt instruction to acknowledge the 446 * interrupt. 447 */ 448 disable_intr(); 449 if (sched_runnable()) 450 enable_intr(); 451 else 452 acpi_cpu_c1(); 453 *state = STATE_RUNNING; 454 } 455 456 static void 457 cpu_idle_mwait(sbintime_t sbt) 458 { 459 int *state; 460 461 state = (int *)PCPU_PTR(monitorbuf); 462 *state = STATE_MWAIT; 463 464 /* See comments in cpu_idle_hlt(). */ 465 disable_intr(); 466 if (sched_runnable()) { 467 enable_intr(); 468 *state = STATE_RUNNING; 469 return; 470 } 471 cpu_monitor(state, 0, 0); 472 if (*state == STATE_MWAIT) 473 __asm __volatile("sti; mwait" : : "a" (MWAIT_C1), "c" (0)); 474 else 475 enable_intr(); 476 *state = STATE_RUNNING; 477 } 478 479 static void 480 cpu_idle_spin(sbintime_t sbt) 481 { 482 int *state; 483 int i; 484 485 state = (int *)PCPU_PTR(monitorbuf); 486 *state = STATE_RUNNING; 487 488 /* 489 * The sched_runnable() call is racy but as long as there is 490 * a loop missing it one time will have just a little impact if any 491 * (and it is much better than missing the check at all). 492 */ 493 for (i = 0; i < 1000; i++) { 494 if (sched_runnable()) 495 return; 496 cpu_spinwait(); 497 } 498 } 499 500 /* 501 * C1E renders the local APIC timer dead, so we disable it by 502 * reading the Interrupt Pending Message register and clearing 503 * both C1eOnCmpHalt (bit 28) and SmiOnCmpHalt (bit 27). 504 * 505 * Reference: 506 * "BIOS and Kernel Developer's Guide for AMD NPT Family 0Fh Processors" 507 * #32559 revision 3.00+ 508 */ 509 #define MSR_AMDK8_IPM 0xc0010055 510 #define AMDK8_SMIONCMPHALT (1ULL << 27) 511 #define AMDK8_C1EONCMPHALT (1ULL << 28) 512 #define AMDK8_CMPHALT (AMDK8_SMIONCMPHALT | AMDK8_C1EONCMPHALT) 513 514 void 515 cpu_probe_amdc1e(void) 516 { 517 518 /* 519 * Detect the presence of C1E capability mostly on latest 520 * dual-cores (or future) k8 family. 521 */ 522 if (cpu_vendor_id == CPU_VENDOR_AMD && 523 (cpu_id & 0x00000f00) == 0x00000f00 && 524 (cpu_id & 0x0fff0000) >= 0x00040000) { 525 cpu_ident_amdc1e = 1; 526 } 527 } 528 529 void (*cpu_idle_fn)(sbintime_t) = cpu_idle_acpi; 530 531 void 532 cpu_idle(int busy) 533 { 534 uint64_t msr; 535 sbintime_t sbt = -1; 536 537 CTR2(KTR_SPARE2, "cpu_idle(%d) at %d", 538 busy, curcpu); 539 #ifdef MP_WATCHDOG 540 ap_watchdog(PCPU_GET(cpuid)); 541 #endif 542 543 /* If we are busy - try to use fast methods. */ 544 if (busy) { 545 if ((cpu_feature2 & CPUID2_MON) && idle_mwait) { 546 cpu_idle_mwait(busy); 547 goto out; 548 } 549 } 550 551 /* If we have time - switch timers into idle mode. */ 552 if (!busy) { 553 critical_enter(); 554 sbt = cpu_idleclock(); 555 } 556 557 /* Apply AMD APIC timer C1E workaround. */ 558 if (cpu_ident_amdc1e && cpu_disable_c3_sleep) { 559 msr = rdmsr(MSR_AMDK8_IPM); 560 if (msr & AMDK8_CMPHALT) 561 wrmsr(MSR_AMDK8_IPM, msr & ~AMDK8_CMPHALT); 562 } 563 564 /* Call main idle method. */ 565 cpu_idle_fn(sbt); 566 567 /* Switch timers back into active mode. */ 568 if (!busy) { 569 cpu_activeclock(); 570 critical_exit(); 571 } 572 out: 573 CTR2(KTR_SPARE2, "cpu_idle(%d) at %d done", 574 busy, curcpu); 575 } 576 577 int 578 cpu_idle_wakeup(int cpu) 579 { 580 struct pcpu *pcpu; 581 int *state; 582 583 pcpu = pcpu_find(cpu); 584 state = (int *)pcpu->pc_monitorbuf; 585 /* 586 * This doesn't need to be atomic since missing the race will 587 * simply result in unnecessary IPIs. 588 */ 589 if (*state == STATE_SLEEPING) 590 return (0); 591 if (*state == STATE_MWAIT) 592 *state = STATE_RUNNING; 593 return (1); 594 } 595 596 /* 597 * Ordered by speed/power consumption. 598 */ 599 struct { 600 void *id_fn; 601 char *id_name; 602 } idle_tbl[] = { 603 { cpu_idle_spin, "spin" }, 604 { cpu_idle_mwait, "mwait" }, 605 { cpu_idle_hlt, "hlt" }, 606 { cpu_idle_acpi, "acpi" }, 607 { NULL, NULL } 608 }; 609 610 static int 611 idle_sysctl_available(SYSCTL_HANDLER_ARGS) 612 { 613 char *avail, *p; 614 int error; 615 int i; 616 617 avail = malloc(256, M_TEMP, M_WAITOK); 618 p = avail; 619 for (i = 0; idle_tbl[i].id_name != NULL; i++) { 620 if (strstr(idle_tbl[i].id_name, "mwait") && 621 (cpu_feature2 & CPUID2_MON) == 0) 622 continue; 623 if (strcmp(idle_tbl[i].id_name, "acpi") == 0 && 624 cpu_idle_hook == NULL) 625 continue; 626 p += sprintf(p, "%s%s", p != avail ? ", " : "", 627 idle_tbl[i].id_name); 628 } 629 error = sysctl_handle_string(oidp, avail, 0, req); 630 free(avail, M_TEMP); 631 return (error); 632 } 633 634 SYSCTL_PROC(_machdep, OID_AUTO, idle_available, CTLTYPE_STRING | CTLFLAG_RD, 635 0, 0, idle_sysctl_available, "A", "list of available idle functions"); 636 637 static int 638 idle_sysctl(SYSCTL_HANDLER_ARGS) 639 { 640 char buf[16]; 641 int error; 642 char *p; 643 int i; 644 645 p = "unknown"; 646 for (i = 0; idle_tbl[i].id_name != NULL; i++) { 647 if (idle_tbl[i].id_fn == cpu_idle_fn) { 648 p = idle_tbl[i].id_name; 649 break; 650 } 651 } 652 strncpy(buf, p, sizeof(buf)); 653 error = sysctl_handle_string(oidp, buf, sizeof(buf), req); 654 if (error != 0 || req->newptr == NULL) 655 return (error); 656 for (i = 0; idle_tbl[i].id_name != NULL; i++) { 657 if (strstr(idle_tbl[i].id_name, "mwait") && 658 (cpu_feature2 & CPUID2_MON) == 0) 659 continue; 660 if (strcmp(idle_tbl[i].id_name, "acpi") == 0 && 661 cpu_idle_hook == NULL) 662 continue; 663 if (strcmp(idle_tbl[i].id_name, buf)) 664 continue; 665 cpu_idle_fn = idle_tbl[i].id_fn; 666 return (0); 667 } 668 return (EINVAL); 669 } 670 671 SYSCTL_PROC(_machdep, OID_AUTO, idle, CTLTYPE_STRING | CTLFLAG_RW, 0, 0, 672 idle_sysctl, "A", "currently selected idle function"); 673 674 static int panic_on_nmi = 1; 675 SYSCTL_INT(_machdep, OID_AUTO, panic_on_nmi, CTLFLAG_RWTUN, 676 &panic_on_nmi, 0, 677 "Panic on NMI"); 678 int nmi_is_broadcast = 1; 679 SYSCTL_INT(_machdep, OID_AUTO, nmi_is_broadcast, CTLFLAG_RWTUN, 680 &nmi_is_broadcast, 0, 681 "Chipset NMI is broadcast"); 682 #ifdef KDB 683 int kdb_on_nmi = 1; 684 SYSCTL_INT(_machdep, OID_AUTO, kdb_on_nmi, CTLFLAG_RWTUN, 685 &kdb_on_nmi, 0, 686 "Go to KDB on NMI"); 687 #endif 688 689 #ifdef DEV_ISA 690 void 691 nmi_call_kdb(u_int cpu, u_int type, struct trapframe *frame) 692 { 693 694 /* machine/parity/power fail/"kitchen sink" faults */ 695 if (isa_nmi(frame->tf_err) == 0) { 696 #ifdef KDB 697 /* 698 * NMI can be hooked up to a pushbutton for debugging. 699 */ 700 if (kdb_on_nmi) { 701 printf("NMI/cpu%d ... going to debugger\n", cpu); 702 kdb_trap(type, 0, frame); 703 } 704 #endif /* KDB */ 705 } else if (panic_on_nmi) { 706 panic("NMI indicates hardware failure"); 707 } 708 } 709 #endif 710 711 void 712 nmi_handle_intr(u_int type, struct trapframe *frame) 713 { 714 715 #ifdef DEV_ISA 716 #ifdef SMP 717 if (nmi_is_broadcast) { 718 nmi_call_kdb_smp(type, frame); 719 return; 720 } 721 #endif 722 nmi_call_kdb(PCPU_GET(cpuid), type, frame); 723 #endif 724 } 725 726 int hw_ibrs_active; 727 int hw_ibrs_disable = 1; 728 729 SYSCTL_INT(_hw, OID_AUTO, ibrs_active, CTLFLAG_RD, &hw_ibrs_active, 0, 730 "Indirect Branch Restricted Speculation active"); 731 732 void 733 hw_ibrs_recalculate(void) 734 { 735 uint64_t v; 736 737 if ((cpu_ia32_arch_caps & IA32_ARCH_CAP_IBRS_ALL) != 0) { 738 if (hw_ibrs_disable) { 739 v= rdmsr(MSR_IA32_SPEC_CTRL); 740 v &= ~(uint64_t)IA32_SPEC_CTRL_IBRS; 741 wrmsr(MSR_IA32_SPEC_CTRL, v); 742 } else { 743 v= rdmsr(MSR_IA32_SPEC_CTRL); 744 v |= IA32_SPEC_CTRL_IBRS; 745 wrmsr(MSR_IA32_SPEC_CTRL, v); 746 } 747 return; 748 } 749 hw_ibrs_active = (cpu_stdext_feature3 & CPUID_STDEXT3_IBPB) != 0 && 750 !hw_ibrs_disable; 751 } 752 753 static int 754 hw_ibrs_disable_handler(SYSCTL_HANDLER_ARGS) 755 { 756 int error, val; 757 758 val = hw_ibrs_disable; 759 error = sysctl_handle_int(oidp, &val, 0, req); 760 if (error != 0 || req->newptr == NULL) 761 return (error); 762 hw_ibrs_disable = val != 0; 763 hw_ibrs_recalculate(); 764 return (0); 765 } 766 SYSCTL_PROC(_hw, OID_AUTO, ibrs_disable, CTLTYPE_INT | CTLFLAG_RWTUN | 767 CTLFLAG_NOFETCH | CTLFLAG_MPSAFE, NULL, 0, hw_ibrs_disable_handler, "I", 768 "Disable Indirect Branch Restricted Speculation"); 769 770 /* 771 * Enable and restore kernel text write permissions. 772 * Callers must ensure that disable_wp()/restore_wp() are executed 773 * without rescheduling on the same core. 774 */ 775 bool 776 disable_wp(void) 777 { 778 u_int cr0; 779 780 cr0 = rcr0(); 781 if ((cr0 & CR0_WP) == 0) 782 return (false); 783 load_cr0(cr0 & ~CR0_WP); 784 return (true); 785 } 786 787 void 788 restore_wp(bool old_wp) 789 { 790 791 if (old_wp) 792 load_cr0(rcr0() | CR0_WP); 793 } 794 795