xref: /illumos-gate/usr/src/uts/i86pc/os/fastboot.c (revision 46b592853d0f4f11781b6b0a7533f267c6aee132)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 /*
28  * This file contains the functions for performing Fast Reboot -- a
29  * reboot which bypasses the firmware and bootloader, considerably
30  * reducing downtime.
31  *
32  * fastboot_load_kernel(): This function is invoked by mdpreboot() in the
33  * reboot path.  It loads the new kernel and boot archive into memory, builds
34  * the data structure containing sufficient information about the new
35  * kernel and boot archive to be passed to the fast reboot switcher
36  * (see fb_swtch_src.s for details).  When invoked the switcher relocates
37  * the new kernel and boot archive to physically contiguous low memory,
38  * similar to where the boot loader would have loaded them, and jumps to
39  * the new kernel.
40  *
41  * If fastreboot_onpanic is enabled, fastboot_load_kernel() is called
42  * by fastreboot_post_startup() to load the back up kernel in case of
43  * panic.
44  *
45  * The physical addresses of the memory allocated for the new kernel, boot
46  * archive and their page tables must be above where the boot archive ends
47  * after it has been relocated by the switcher, otherwise the new files
48  * and their page tables could be overridden during relocation.
49  *
50  * fast_reboot(): This function is invoked by mdboot() once it's determined
51  * that the system is capable of fast reboot.  It jumps to the fast reboot
52  * switcher with the data structure built by fastboot_load_kernel() as the
53  * argument.
54  */
55 
56 #include <sys/types.h>
57 #include <sys/param.h>
58 #include <sys/segments.h>
59 #include <sys/sysmacros.h>
60 #include <sys/vm.h>
61 
62 #include <sys/proc.h>
63 #include <sys/buf.h>
64 #include <sys/kmem.h>
65 
66 #include <sys/reboot.h>
67 #include <sys/uadmin.h>
68 
69 #include <sys/cred.h>
70 #include <sys/vnode.h>
71 #include <sys/file.h>
72 
73 #include <sys/cmn_err.h>
74 #include <sys/dumphdr.h>
75 #include <sys/bootconf.h>
76 #include <sys/ddidmareq.h>
77 #include <sys/varargs.h>
78 #include <sys/promif.h>
79 #include <sys/modctl.h>
80 
81 #include <vm/hat.h>
82 #include <vm/as.h>
83 #include <vm/page.h>
84 #include <vm/seg.h>
85 #include <vm/hat_i86.h>
86 #include <sys/vm_machparam.h>
87 #include <sys/archsystm.h>
88 #include <sys/machsystm.h>
89 #include <sys/mman.h>
90 #include <sys/x86_archext.h>
91 #include <sys/smp_impldefs.h>
92 #include <sys/spl.h>
93 
94 #include <sys/fastboot.h>
95 #include <sys/machelf.h>
96 #include <sys/kobj.h>
97 #include <sys/multiboot.h>
98 #include <sys/kobj_lex.h>
99 
100 /*
101  * Macro to determine how many pages are needed for PTEs to map a particular
102  * file.  Allocate one extra page table entry for terminating the list.
103  */
104 #define	FASTBOOT_PTE_LIST_SIZE(fsize)	\
105 	P2ROUNDUP((((fsize) >> PAGESHIFT) + 1) * sizeof (x86pte_t), PAGESIZE)
106 
107 /*
108  * Data structure containing necessary information for the fast reboot
109  * switcher to jump to the new kernel.
110  */
111 fastboot_info_t newkernel = { 0 };
112 char		fastboot_args[OBP_MAXPATHLEN];
113 
114 static char fastboot_filename[2][OBP_MAXPATHLEN] = { { 0 }, { 0 }};
115 static x86pte_t ptp_bits = PT_VALID | PT_REF | PT_USER | PT_WRITABLE;
116 static x86pte_t pte_bits =
117     PT_VALID | PT_REF | PT_MOD | PT_NOCONSIST | PT_WRITABLE;
118 static uint_t fastboot_shift_amt_pae[] = {12, 21, 30, 39};
119 
120 int fastboot_debug = 0;
121 int fastboot_contig = 0;
122 
123 /*
124  * Fake starting va for new kernel and boot archive.
125  */
126 static uintptr_t fake_va = FASTBOOT_FAKE_VA;
127 
128 /*
129  * Reserve memory below PA 1G in preparation of fast reboot.
130  *
131  * This variable is only checked when fastreboot_capable is set, but
132  * fastreboot_onpanic is not set.  The amount of memory reserved
133  * is negligible, but just in case we are really short of low memory,
134  * this variable will give us a backdoor to not consume memory at all.
135  */
136 int reserve_mem_enabled = 1;
137 
138 /*
139  * Mutex to protect fastreboot_onpanic.
140  */
141 kmutex_t fastreboot_config_mutex;
142 
143 /*
144  * Amount of memory below PA 1G to reserve for constructing the multiboot
145  * data structure and the page tables as we tend to run out of those
146  * when more drivers are loaded.
147  */
148 static size_t fastboot_mbi_size = 0x2000;	/* 8K */
149 static size_t fastboot_pagetable_size = 0x5000;	/* 20K */
150 
151 /*
152  * Minimum system uptime in clock_t before Fast Reboot should be used
153  * on panic.  Will be initialized in fastboot_post_startup().
154  */
155 clock_t fastreboot_onpanic_uptime = LONG_MAX;
156 
157 /*
158  * lbolt value when the system booted.  This value will be used if the system
159  * panics to calculate how long the system has been up.  If the uptime is less
160  * than fastreboot_onpanic_uptime, a reboot through BIOS will be performed to
161  * avoid a potential panic/reboot loop.
162  */
163 clock_t lbolt_at_boot = LONG_MAX;
164 
165 /*
166  * Use below 1G for page tables as
167  *	1. we are only doing 1:1 mapping of the bottom 1G of physical memory.
168  *	2. we are using 2G as the fake virtual address for the new kernel and
169  *	boot archive.
170  */
171 static ddi_dma_attr_t fastboot_below_1G_dma_attr = {
172 	DMA_ATTR_V0,
173 	0x0000000008000000ULL,	/* dma_attr_addr_lo: 128MB */
174 	0x000000003FFFFFFFULL,	/* dma_attr_addr_hi: 1G */
175 	0x00000000FFFFFFFFULL,	/* dma_attr_count_max */
176 	0x0000000000001000ULL,	/* dma_attr_align: 4KB */
177 	1,			/* dma_attr_burstsize */
178 	1,			/* dma_attr_minxfer */
179 	0x00000000FFFFFFFFULL,	/* dma_attr_maxxfer */
180 	0x00000000FFFFFFFFULL,	/* dma_attr_seg */
181 	1,			/* dma_attr_sgllen */
182 	0x1000ULL,		/* dma_attr_granular */
183 	0,			/* dma_attr_flags */
184 };
185 
186 static ddi_dma_attr_t fastboot_dma_attr = {
187 	DMA_ATTR_V0,
188 	0x0000000008000000ULL,	/* dma_attr_addr_lo: 128MB */
189 #ifdef	__amd64
190 	0xFFFFFFFFFFFFFFFFULL,	/* dma_attr_addr_hi: 2^64B */
191 #else
192 	0x0000000FFFFFFFFFULL,	/* dma_attr_addr_hi: 64GB */
193 #endif	/* __amd64 */
194 	0x00000000FFFFFFFFULL,	/* dma_attr_count_max */
195 	0x0000000000001000ULL,	/* dma_attr_align: 4KB */
196 	1,			/* dma_attr_burstsize */
197 	1,			/* dma_attr_minxfer */
198 	0x00000000FFFFFFFFULL,	/* dma_attr_maxxfer */
199 	0x00000000FFFFFFFFULL,	/* dma_attr_seg */
200 	1,			/* dma_attr_sgllen */
201 	0x1000ULL,		/* dma_attr_granular */
202 	0,			/* dma_attr_flags */
203 };
204 
205 /*
206  * Various information saved from the previous boot to reconstruct
207  * multiboot_info.
208  */
209 extern multiboot_info_t saved_mbi;
210 extern mb_memory_map_t saved_mmap[FASTBOOT_SAVED_MMAP_COUNT];
211 extern uint8_t saved_drives[FASTBOOT_SAVED_DRIVES_SIZE];
212 extern char saved_cmdline[FASTBOOT_SAVED_CMDLINE_LEN];
213 extern int saved_cmdline_len;
214 extern size_t saved_file_size[];
215 
216 extern void* contig_alloc(size_t size, ddi_dma_attr_t *attr,
217     uintptr_t align, int cansleep);
218 extern void contig_free(void *addr, size_t size);
219 
220 
221 /* PRINTLIKE */
222 extern void vprintf(const char *, va_list);
223 
224 
225 /*
226  * Need to be able to get boot_archives from other places
227  */
228 #define	BOOTARCHIVE64	"/platform/i86pc/amd64/boot_archive"
229 #define	BOOTARCHIVE32	"/platform/i86pc/boot_archive"
230 #define	BOOTARCHIVE32_FAILSAFE	"/boot/x86.miniroot-safe"
231 #define	BOOTARCHIVE64_FAILSAFE	"/boot/amd64/x86.miniroot-safe"
232 #define	FAILSAFE_BOOTFILE32	"/boot/platform/i86pc/kernel/unix"
233 #define	FAILSAFE_BOOTFILE64	"/boot/platform/i86pc/kernel/amd64/unix"
234 
235 static uint_t fastboot_vatoindex(fastboot_info_t *, uintptr_t, int);
236 static void fastboot_map_with_size(fastboot_info_t *, uintptr_t,
237     paddr_t, size_t, int);
238 static void fastboot_build_pagetables(fastboot_info_t *);
239 static int fastboot_build_mbi(char *, fastboot_info_t *);
240 static void fastboot_free_file(fastboot_file_t *);
241 
242 static const char fastboot_enomem_msg[] = "Fastboot: Couldn't allocate 0x%"
243 	PRIx64" bytes below %s to do fast reboot";
244 
245 static void
246 dprintf(char *fmt, ...)
247 {
248 	va_list adx;
249 
250 	if (!fastboot_debug)
251 		return;
252 
253 	va_start(adx, fmt);
254 	vprintf(fmt, adx);
255 	va_end(adx);
256 }
257 
258 
259 /*
260  * Return the index corresponding to a virt address at a given page table level.
261  */
262 static uint_t
263 fastboot_vatoindex(fastboot_info_t *nk, uintptr_t va, int level)
264 {
265 	return ((va >> nk->fi_shift_amt[level]) & (nk->fi_ptes_per_table - 1));
266 }
267 
268 
269 /*
270  * Add mapping from vstart to pstart for the specified size.
271  * vstart, pstart and size should all have been aligned at 2M boundaries.
272  */
273 static void
274 fastboot_map_with_size(fastboot_info_t *nk, uintptr_t vstart, paddr_t pstart,
275     size_t size, int level)
276 {
277 	x86pte_t	pteval, *table;
278 	uintptr_t	vaddr;
279 	paddr_t		paddr;
280 	int		index, l;
281 
282 	table = (x86pte_t *)(nk->fi_pagetable_va);
283 
284 	for (l = nk->fi_top_level; l >= level; l--) {
285 
286 		index = fastboot_vatoindex(nk, vstart, l);
287 
288 		if (l == level) {
289 			/*
290 			 * Last level.  Program the page table entries.
291 			 */
292 			for (vaddr = vstart, paddr = pstart;
293 			    vaddr < vstart + size;
294 			    vaddr += (1ULL << nk->fi_shift_amt[l]),
295 			    paddr += (1ULL << nk->fi_shift_amt[l])) {
296 
297 				uint_t index = fastboot_vatoindex(nk, vaddr, l);
298 
299 				if (l > 0)
300 					pteval = paddr | pte_bits | PT_PAGESIZE;
301 				else
302 					pteval = paddr | pte_bits;
303 
304 				table[index] = pteval;
305 			}
306 		} else if (table[index] & PT_VALID) {
307 
308 			table = (x86pte_t *)
309 			    ((uintptr_t)(((paddr_t)table[index] & MMU_PAGEMASK)
310 			    - nk->fi_pagetable_pa) + nk->fi_pagetable_va);
311 		} else {
312 			/*
313 			 * Intermediate levels.
314 			 * Program with either valid bit or PTP bits.
315 			 */
316 			if (l == nk->fi_top_level) {
317 #ifdef	__amd64
318 				ASSERT(nk->fi_top_level == 3);
319 				table[index] = nk->fi_next_table_pa | ptp_bits;
320 #else
321 				table[index] = nk->fi_next_table_pa | PT_VALID;
322 #endif	/* __amd64 */
323 			} else {
324 				table[index] = nk->fi_next_table_pa | ptp_bits;
325 			}
326 			table = (x86pte_t *)(nk->fi_next_table_va);
327 			nk->fi_next_table_va += MMU_PAGESIZE;
328 			nk->fi_next_table_pa += MMU_PAGESIZE;
329 		}
330 	}
331 }
332 
333 /*
334  * Build page tables for the lower 1G of physical memory using 2M
335  * pages, and prepare page tables for mapping new kernel and boot
336  * archive pages using 4K pages.
337  */
338 static void
339 fastboot_build_pagetables(fastboot_info_t *nk)
340 {
341 	/*
342 	 * Map lower 1G physical memory.  Use large pages.
343 	 */
344 	fastboot_map_with_size(nk, 0, 0, ONE_GIG, 1);
345 
346 	/*
347 	 * Map one 4K page to get the middle page tables set up.
348 	 */
349 	fake_va = P2ALIGN_TYPED(fake_va, nk->fi_lpagesize, uintptr_t);
350 	fastboot_map_with_size(nk, fake_va,
351 	    nk->fi_files[0].fb_pte_list_va[0] & MMU_PAGEMASK, PAGESIZE, 0);
352 }
353 
354 
355 /*
356  * Sanity check.  Look for dboot offset.
357  */
358 static int
359 fastboot_elf64_find_dboot_load_offset(void *img, off_t imgsz, uint32_t *offp)
360 {
361 	Elf64_Ehdr	*ehdr = (Elf64_Ehdr *)img;
362 	Elf64_Phdr	*phdr;
363 	uint8_t		*phdrbase;
364 	int		i;
365 
366 	if ((ehdr->e_phoff + ehdr->e_phnum * ehdr->e_phentsize) >= imgsz)
367 		return (-1);
368 
369 	phdrbase = (uint8_t *)img + ehdr->e_phoff;
370 
371 	for (i = 0; i < ehdr->e_phnum; i++) {
372 		phdr = (Elf64_Phdr *)(phdrbase + ehdr->e_phentsize * i);
373 
374 		if (phdr->p_type == PT_LOAD) {
375 			if (phdr->p_vaddr == phdr->p_paddr &&
376 			    phdr->p_vaddr == DBOOT_ENTRY_ADDRESS) {
377 				ASSERT(phdr->p_offset <= UINT32_MAX);
378 				*offp = (uint32_t)phdr->p_offset;
379 				return (0);
380 			}
381 		}
382 	}
383 
384 	return (-1);
385 }
386 
387 
388 /*
389  * Initialize text and data section information for 32-bit kernel.
390  * sectcntp - is both input/output parameter.
391  * On entry, *sectcntp contains maximum allowable number of sections;
392  * on return, it contains the actual number of sections filled.
393  */
394 static int
395 fastboot_elf32_find_loadables(void *img, off_t imgsz, fastboot_section_t *sectp,
396     int *sectcntp, uint32_t *offp)
397 {
398 	Elf32_Ehdr	*ehdr = (Elf32_Ehdr *)img;
399 	Elf32_Phdr	*phdr;
400 	uint8_t		*phdrbase;
401 	int		i;
402 	int		used_sections = 0;
403 	const int	max_sectcnt = *sectcntp;
404 
405 	if ((ehdr->e_phoff + ehdr->e_phnum * ehdr->e_phentsize) >= imgsz)
406 		return (-1);
407 
408 	phdrbase = (uint8_t *)img + ehdr->e_phoff;
409 
410 	for (i = 0; i < ehdr->e_phnum; i++) {
411 		phdr = (Elf32_Phdr *)(phdrbase + ehdr->e_phentsize * i);
412 
413 		if (phdr->p_type == PT_INTERP)
414 			return (-1);
415 
416 		if (phdr->p_type != PT_LOAD)
417 			continue;
418 
419 		if (phdr->p_vaddr == phdr->p_paddr &&
420 		    phdr->p_paddr == DBOOT_ENTRY_ADDRESS) {
421 			*offp = (uint32_t)phdr->p_offset;
422 		} else {
423 			if (max_sectcnt <= used_sections)
424 				return (-1);
425 
426 			sectp[used_sections].fb_sec_offset = phdr->p_offset;
427 			sectp[used_sections].fb_sec_paddr = phdr->p_paddr;
428 			sectp[used_sections].fb_sec_size = phdr->p_filesz;
429 			sectp[used_sections].fb_sec_bss_size =
430 			    (phdr->p_filesz < phdr->p_memsz) ?
431 			    (phdr->p_memsz - phdr->p_filesz) : 0;
432 
433 			/* Extra sanity check for the input object file */
434 			if (sectp[used_sections].fb_sec_paddr +
435 			    sectp[used_sections].fb_sec_size +
436 			    sectp[used_sections].fb_sec_bss_size >=
437 			    DBOOT_ENTRY_ADDRESS)
438 				return (-1);
439 
440 			used_sections++;
441 		}
442 	}
443 
444 	*sectcntp = used_sections;
445 	return (0);
446 }
447 
448 /*
449  * Create multiboot info structure (mbi) base on the saved mbi.
450  * Recalculate values of the pointer type fields in the data
451  * structure based on the new starting physical address of the
452  * data structure.
453  */
454 static int
455 fastboot_build_mbi(char *mdep, fastboot_info_t *nk)
456 {
457 	mb_module_t	*mbp;
458 	multiboot_info_t	*mbi;	/* pointer to multiboot structure */
459 	uintptr_t	start_addr_va;	/* starting VA of mbi */
460 	uintptr_t	start_addr_pa;	/* starting PA of mbi */
461 	size_t		offs = 0;	/* offset from the starting address */
462 	size_t		arglen;		/* length of the command line arg */
463 	size_t		size;	/* size of the memory reserved for mbi */
464 	size_t		mdnsz;	/* length of the boot archive name */
465 
466 	/*
467 	 * If mdep is not NULL or empty, use the length of mdep + 1
468 	 * (for NULL terminating) as the length of the new command
469 	 * line; else use the saved command line length as the
470 	 * length for the new command line.
471 	 */
472 	if (mdep != NULL && strlen(mdep) != 0) {
473 		arglen = strlen(mdep) + 1;
474 	} else {
475 		arglen = saved_cmdline_len;
476 	}
477 
478 	/*
479 	 * Allocate memory for the new multiboot info structure (mbi).
480 	 * If we have reserved memory for mbi but it's not enough,
481 	 * free it and reallocate.
482 	 */
483 	size = PAGESIZE + P2ROUNDUP(arglen, PAGESIZE);
484 	if (nk->fi_mbi_size && nk->fi_mbi_size < size) {
485 		contig_free((void *)nk->fi_new_mbi_va, nk->fi_mbi_size);
486 		nk->fi_mbi_size = 0;
487 	}
488 
489 	if (nk->fi_mbi_size == 0) {
490 		if ((nk->fi_new_mbi_va =
491 		    (uintptr_t)contig_alloc(size, &fastboot_below_1G_dma_attr,
492 		    PAGESIZE, 0)) == NULL) {
493 			cmn_err(CE_WARN, fastboot_enomem_msg,
494 			    (uint64_t)size, "1G");
495 			return (-1);
496 		}
497 		/*
498 		 * fi_mbi_size must be set after the allocation succeeds
499 		 * as it's used to determine how much memory to free.
500 		 */
501 		nk->fi_mbi_size = size;
502 	}
503 
504 	/*
505 	 * Initalize memory
506 	 */
507 	bzero((void *)nk->fi_new_mbi_va, nk->fi_mbi_size);
508 
509 	/*
510 	 * Get PA for the new mbi
511 	 */
512 	start_addr_va = nk->fi_new_mbi_va;
513 	start_addr_pa = mmu_ptob((uint64_t)hat_getpfnum(kas.a_hat,
514 	    (caddr_t)start_addr_va));
515 	nk->fi_new_mbi_pa = (paddr_t)start_addr_pa;
516 
517 	/*
518 	 * Populate the rest of the fields in the data structure
519 	 */
520 
521 	/*
522 	 * Copy from the saved mbi to preserve all non-pointer type fields.
523 	 */
524 	mbi = (multiboot_info_t *)start_addr_va;
525 	bcopy(&saved_mbi, mbi, sizeof (*mbi));
526 
527 	/*
528 	 * Recalculate mods_addr.  Set mod_start and mod_end based on
529 	 * the physical address of the new boot archive.  Set mod_name
530 	 * to the name of the new boto archive.
531 	 */
532 	offs += sizeof (multiboot_info_t);
533 	mbi->mods_addr = start_addr_pa + offs;
534 	mbp = (mb_module_t *)(start_addr_va + offs);
535 	mbp->mod_start = nk->fi_files[FASTBOOT_BOOTARCHIVE].fb_dest_pa;
536 	mbp->mod_end = nk->fi_files[FASTBOOT_BOOTARCHIVE].fb_next_pa;
537 
538 	offs += sizeof (mb_module_t);
539 	mdnsz = strlen(fastboot_filename[FASTBOOT_NAME_BOOTARCHIVE]) + 1;
540 	bcopy(fastboot_filename[FASTBOOT_NAME_BOOTARCHIVE],
541 	    (void *)(start_addr_va + offs), mdnsz);
542 	mbp->mod_name = start_addr_pa + offs;
543 	mbp->reserved = 0;
544 
545 	/*
546 	 * Make sure the offset is 16-byte aligned to avoid unaligned access.
547 	 */
548 	offs += mdnsz;
549 	offs = P2ROUNDUP_TYPED(offs, 16, size_t);
550 
551 	/*
552 	 * Recalculate mmap_addr
553 	 */
554 	mbi->mmap_addr = start_addr_pa + offs;
555 	bcopy((void *)(uintptr_t)saved_mmap, (void *)(start_addr_va + offs),
556 	    saved_mbi.mmap_length);
557 	offs += saved_mbi.mmap_length;
558 
559 	/*
560 	 * Recalculate drives_addr
561 	 */
562 	mbi->drives_addr = start_addr_pa + offs;
563 	bcopy((void *)(uintptr_t)saved_drives, (void *)(start_addr_va + offs),
564 	    saved_mbi.drives_length);
565 	offs += saved_mbi.drives_length;
566 
567 	/*
568 	 * Recalculate the address of cmdline.  Set cmdline to contain the
569 	 * new boot argument.
570 	 */
571 	mbi->cmdline = start_addr_pa + offs;
572 
573 	if (mdep != NULL && strlen(mdep) != 0) {
574 		bcopy(mdep, (void *)(start_addr_va + offs), arglen);
575 	} else {
576 		bcopy((void *)saved_cmdline, (void *)(start_addr_va + offs),
577 		    arglen);
578 	}
579 
580 	/* clear fields and flags that are not copied */
581 	bzero(&mbi->config_table,
582 	    sizeof (*mbi) - offsetof(multiboot_info_t, config_table));
583 	mbi->flags &= ~(MB_INFO_CONFIG_TABLE | MB_INFO_BOOT_LOADER_NAME |
584 	    MB_INFO_APM_TABLE | MB_INFO_VIDEO_INFO);
585 
586 	return (0);
587 }
588 
589 /*
590  * Initialize HAT related fields
591  */
592 static void
593 fastboot_init_fields(fastboot_info_t *nk)
594 {
595 	if (x86_feature & X86_PAE) {
596 		nk->fi_has_pae = 1;
597 		nk->fi_shift_amt = fastboot_shift_amt_pae;
598 		nk->fi_ptes_per_table = 512;
599 		nk->fi_lpagesize = (2 << 20);	/* 2M */
600 #ifdef	__amd64
601 		nk->fi_top_level = 3;
602 #else
603 		nk->fi_top_level = 2;
604 #endif	/* __amd64 */
605 	}
606 }
607 
608 /*
609  * Process boot argument
610  */
611 static void
612 fastboot_parse_mdep(char *mdep, char *kern_bootpath, int *bootpath_len,
613     char *bootargs)
614 {
615 	int	i;
616 
617 	/*
618 	 * If mdep is not NULL, it comes in the format of
619 	 *	mountpoint unix args
620 	 */
621 	if (mdep != NULL && strlen(mdep) != 0) {
622 		if (mdep[0] != '-') {
623 			/* First get the root argument */
624 			i = 0;
625 			while (mdep[i] != '\0' && mdep[i] != ' ') {
626 				i++;
627 			}
628 
629 			if (i < 4 || strncmp(&mdep[i-4], "unix", 4) != 0) {
630 				/* mount point */
631 				bcopy(mdep, kern_bootpath, i);
632 				kern_bootpath[i] = '\0';
633 				*bootpath_len = i;
634 
635 				/*
636 				 * Get the next argument. It should be unix as
637 				 * we have validated in in halt.c.
638 				 */
639 				if (strlen(mdep) > i) {
640 					mdep += (i + 1);
641 					i = 0;
642 					while (mdep[i] != '\0' &&
643 					    mdep[i] != ' ') {
644 						i++;
645 					}
646 				}
647 
648 			}
649 			bcopy(mdep, kern_bootfile, i);
650 			kern_bootfile[i] = '\0';
651 			bcopy(mdep, bootargs, strlen(mdep));
652 		} else {
653 			int off = strlen(kern_bootfile);
654 			bcopy(kern_bootfile, bootargs, off);
655 			bcopy(" ", &bootargs[off++], 1);
656 			bcopy(mdep, &bootargs[off], strlen(mdep));
657 			off += strlen(mdep);
658 			bootargs[off] = '\0';
659 		}
660 	}
661 }
662 
663 /*
664  * Reserve memory under PA 1G for mapping the new kernel and boot archive.
665  * This function is only called if fastreboot_onpanic is *not* set.
666  */
667 static void
668 fastboot_reserve_mem(fastboot_info_t *nk)
669 {
670 	int i;
671 
672 	/*
673 	 * A valid kernel is in place.  No need to reserve any memory.
674 	 */
675 	if (nk->fi_valid)
676 		return;
677 
678 	/*
679 	 * Reserve memory under PA 1G for PTE lists.
680 	 */
681 	for (i = 0; i < FASTBOOT_MAX_FILES_MAP; i++) {
682 		fastboot_file_t *fb = &nk->fi_files[i];
683 		size_t fsize_roundup, size;
684 
685 		fsize_roundup = P2ROUNDUP_TYPED(saved_file_size[i],
686 		    PAGESIZE, size_t);
687 		size = FASTBOOT_PTE_LIST_SIZE(fsize_roundup);
688 		if ((fb->fb_pte_list_va = contig_alloc(size,
689 		    &fastboot_below_1G_dma_attr, PAGESIZE, 0)) == NULL) {
690 			return;
691 		}
692 		fb->fb_pte_list_size = size;
693 	}
694 
695 	/*
696 	 * Reserve memory under PA 1G for page tables.
697 	 */
698 	if ((nk->fi_pagetable_va =
699 	    (uintptr_t)contig_alloc(fastboot_pagetable_size,
700 	    &fastboot_below_1G_dma_attr, PAGESIZE, 0)) == NULL) {
701 		return;
702 	}
703 	nk->fi_pagetable_size = fastboot_pagetable_size;
704 
705 	/*
706 	 * Reserve memory under PA 1G for multiboot structure.
707 	 */
708 	if ((nk->fi_new_mbi_va = (uintptr_t)contig_alloc(fastboot_mbi_size,
709 	    &fastboot_below_1G_dma_attr, PAGESIZE, 0)) == NULL) {
710 		return;
711 	}
712 	nk->fi_mbi_size = fastboot_mbi_size;
713 }
714 
715 /*
716  * Calculate MD5 digest for the given fastboot_file.
717  * Assumes that the file is allready loaded properly.
718  */
719 static void
720 fastboot_cksum_file(fastboot_file_t *fb, uchar_t *md5_hash)
721 {
722 	MD5_CTX md5_ctx;
723 
724 	MD5Init(&md5_ctx);
725 	MD5Update(&md5_ctx, (void *)fb->fb_va, fb->fb_size);
726 	MD5Final(md5_hash, &md5_ctx);
727 }
728 
729 /*
730  * Free up the memory we have allocated for a file
731  */
732 static void
733 fastboot_free_file(fastboot_file_t *fb)
734 {
735 	size_t	fsize_roundup;
736 
737 	fsize_roundup = P2ROUNDUP_TYPED(fb->fb_size, PAGESIZE, size_t);
738 	if (fsize_roundup) {
739 		contig_free((void *)fb->fb_va, fsize_roundup);
740 		fb->fb_va = NULL;
741 		fb->fb_size = 0;
742 	}
743 }
744 
745 /*
746  * Free up memory used by the PTEs for a file.
747  */
748 static void
749 fastboot_free_file_pte(fastboot_file_t *fb, uint64_t endaddr)
750 {
751 	if (fb->fb_pte_list_size && fb->fb_pte_list_pa < endaddr) {
752 		contig_free((void *)fb->fb_pte_list_va, fb->fb_pte_list_size);
753 		fb->fb_pte_list_va = 0;
754 		fb->fb_pte_list_pa = 0;
755 		fb->fb_pte_list_size = 0;
756 	}
757 }
758 
759 /*
760  * Free up all the memory used for representing a kernel with
761  * fastboot_info_t.
762  */
763 static void
764 fastboot_free_mem(fastboot_info_t *nk, uint64_t endaddr)
765 {
766 	int i;
767 
768 	for (i = 0; i < FASTBOOT_MAX_FILES_MAP; i++) {
769 		fastboot_free_file(nk->fi_files + i);
770 		fastboot_free_file_pte(nk->fi_files + i, endaddr);
771 	}
772 
773 	if (nk->fi_pagetable_size && nk->fi_pagetable_pa < endaddr) {
774 		contig_free((void *)nk->fi_pagetable_va, nk->fi_pagetable_size);
775 		nk->fi_pagetable_va = 0;
776 		nk->fi_pagetable_pa = 0;
777 		nk->fi_pagetable_size = 0;
778 	}
779 
780 	if (nk->fi_mbi_size && nk->fi_new_mbi_pa < endaddr) {
781 		contig_free((void *)nk->fi_new_mbi_va, nk->fi_mbi_size);
782 		nk->fi_new_mbi_va = 0;
783 		nk->fi_new_mbi_pa = 0;
784 		nk->fi_mbi_size = 0;
785 	}
786 }
787 
788 /*
789  * Only free up the memory allocated for the kernel and boot archive,
790  * but not for the page tables.
791  */
792 void
793 fastboot_free_newkernel(fastboot_info_t *nk)
794 {
795 	int i;
796 
797 	nk->fi_valid = 0;
798 	/*
799 	 * Free the memory we have allocated
800 	 */
801 	for (i = 0; i < FASTBOOT_MAX_FILES_MAP; i++) {
802 		fastboot_free_file(&(nk->fi_files[i]));
803 	}
804 }
805 
806 static void
807 fastboot_cksum_cdata(fastboot_info_t *nk, uchar_t *md5_hash)
808 {
809 	int i;
810 	MD5_CTX md5_ctx;
811 
812 	MD5Init(&md5_ctx);
813 	for (i = 0; i < FASTBOOT_MAX_FILES_MAP; i++) {
814 		MD5Update(&md5_ctx, nk->fi_files[i].fb_pte_list_va,
815 		    nk->fi_files[i].fb_pte_list_size);
816 	}
817 	MD5Update(&md5_ctx, (void *)nk->fi_pagetable_va, nk->fi_pagetable_size);
818 	MD5Update(&md5_ctx, (void *)nk->fi_new_mbi_va, nk->fi_mbi_size);
819 
820 	MD5Final(md5_hash, &md5_ctx);
821 }
822 
823 /*
824  * Generate MD5 checksum of the given kernel.
825  */
826 static void
827 fastboot_cksum_generate(fastboot_info_t *nk)
828 {
829 	int i;
830 
831 	for (i = 0; i < FASTBOOT_MAX_FILES_MAP; i++) {
832 		fastboot_cksum_file(nk->fi_files + i, nk->fi_md5_hash[i]);
833 	}
834 	fastboot_cksum_cdata(nk, nk->fi_md5_hash[i]);
835 }
836 
837 /*
838  * Calculate MD5 checksum of the given kernel and verify that
839  * it matches with what was calculated before.
840  */
841 int
842 fastboot_cksum_verify(fastboot_info_t *nk)
843 {
844 	int i;
845 	uchar_t md5_hash[MD5_DIGEST_LENGTH];
846 
847 	for (i = 0; i < FASTBOOT_MAX_FILES_MAP; i++) {
848 		fastboot_cksum_file(nk->fi_files + i, md5_hash);
849 		if (bcmp(nk->fi_md5_hash[i], md5_hash,
850 		    sizeof (nk->fi_md5_hash[i])) != 0)
851 			return (i + 1);
852 	}
853 
854 	fastboot_cksum_cdata(nk, md5_hash);
855 	if (bcmp(nk->fi_md5_hash[i], md5_hash,
856 	    sizeof (nk->fi_md5_hash[i])) != 0)
857 		return (i + 1);
858 
859 	return (0);
860 }
861 
862 /*
863  * This function performs the following tasks:
864  * - Read the sizes of the new kernel and boot archive.
865  * - Allocate memory for the new kernel and boot archive.
866  * - Allocate memory for page tables necessary for mapping the memory
867  *   allocated for the files.
868  * - Read the new kernel and boot archive into memory.
869  * - Map in the fast reboot switcher.
870  * - Load the fast reboot switcher to FASTBOOT_SWTCH_PA.
871  * - Build the new multiboot_info structure
872  * - Build page tables for the low 1G of physical memory.
873  * - Mark the data structure as valid if all steps have succeeded.
874  */
875 void
876 fastboot_load_kernel(char *mdep)
877 {
878 	void		*buf = NULL;
879 	int		i;
880 	fastboot_file_t	*fb;
881 	uint32_t	dboot_start_offset;
882 	char		kern_bootpath[OBP_MAXPATHLEN];
883 	extern uintptr_t postbootkernelbase;
884 	uintptr_t	saved_kernelbase;
885 	int		bootpath_len = 0;
886 	int		is_failsafe = 0;
887 	int		is_retry = 0;
888 	uint64_t	end_addr;
889 
890 	if (!fastreboot_capable)
891 		return;
892 
893 	if (newkernel.fi_valid)
894 		fastboot_free_newkernel(&newkernel);
895 
896 	saved_kernelbase = postbootkernelbase;
897 
898 	postbootkernelbase = 0;
899 
900 	/*
901 	 * Initialize various HAT related fields in the data structure
902 	 */
903 	fastboot_init_fields(&newkernel);
904 
905 	bzero(kern_bootpath, OBP_MAXPATHLEN);
906 
907 	/*
908 	 * Process the boot argument
909 	 */
910 	bzero(fastboot_args, OBP_MAXPATHLEN);
911 	fastboot_parse_mdep(mdep, kern_bootpath, &bootpath_len, fastboot_args);
912 
913 	/*
914 	 * Make sure we get the null character
915 	 */
916 	bcopy(kern_bootpath, fastboot_filename[FASTBOOT_NAME_UNIX],
917 	    bootpath_len);
918 	bcopy(kern_bootfile,
919 	    &fastboot_filename[FASTBOOT_NAME_UNIX][bootpath_len],
920 	    strlen(kern_bootfile) + 1);
921 
922 	bcopy(kern_bootpath, fastboot_filename[FASTBOOT_NAME_BOOTARCHIVE],
923 	    bootpath_len);
924 
925 	if (bcmp(kern_bootfile, FAILSAFE_BOOTFILE32,
926 	    (sizeof (FAILSAFE_BOOTFILE32) - 1)) == 0 ||
927 	    bcmp(kern_bootfile, FAILSAFE_BOOTFILE64,
928 	    (sizeof (FAILSAFE_BOOTFILE64) - 1)) == 0) {
929 		is_failsafe = 1;
930 	}
931 
932 load_kernel_retry:
933 	/*
934 	 * Read in unix and boot_archive
935 	 */
936 	end_addr = DBOOT_ENTRY_ADDRESS;
937 	for (i = 0; i < FASTBOOT_MAX_FILES_MAP; i++) {
938 		struct _buf	*file;
939 		uintptr_t	va;
940 		uint64_t	fsize;
941 		size_t		fsize_roundup, pt_size;
942 		int		page_index;
943 		uintptr_t	offset;
944 		ddi_dma_attr_t dma_attr = fastboot_dma_attr;
945 
946 
947 		dprintf("fastboot_filename[%d] = %s\n",
948 		    i, fastboot_filename[i]);
949 
950 		if ((file = kobj_open_file(fastboot_filename[i])) ==
951 		    (struct _buf *)-1) {
952 			cmn_err(CE_WARN, "Fastboot: Couldn't open %s",
953 			    fastboot_filename[i]);
954 			goto err_out;
955 		}
956 
957 		if (kobj_get_filesize(file, &fsize) != 0) {
958 			cmn_err(CE_WARN,
959 			    "Fastboot: Couldn't get filesize for %s",
960 			    fastboot_filename[i]);
961 			goto err_out;
962 		}
963 
964 		fsize_roundup = P2ROUNDUP_TYPED(fsize, PAGESIZE, size_t);
965 
966 		/*
967 		 * Where the files end in physical memory after being
968 		 * relocated by the fast boot switcher.
969 		 */
970 		end_addr += fsize_roundup;
971 		if (end_addr > fastboot_below_1G_dma_attr.dma_attr_addr_hi) {
972 			cmn_err(CE_WARN, "Fastboot: boot archive is too big");
973 			goto err_out;
974 		}
975 
976 		/*
977 		 * Adjust dma_attr_addr_lo so that the new kernel and boot
978 		 * archive will not be overridden during relocation.
979 		 */
980 		if (end_addr > fastboot_dma_attr.dma_attr_addr_lo ||
981 		    end_addr > fastboot_below_1G_dma_attr.dma_attr_addr_lo) {
982 
983 			if (is_retry) {
984 				/*
985 				 * If we have already tried and didn't succeed,
986 				 * just give up.
987 				 */
988 				cmn_err(CE_WARN,
989 				    "Fastboot: boot archive is too big");
990 				goto err_out;
991 			} else {
992 				/* Set the flag so we don't keep retrying */
993 				is_retry++;
994 
995 				/* Adjust dma_attr_addr_lo */
996 				fastboot_dma_attr.dma_attr_addr_lo = end_addr;
997 				fastboot_below_1G_dma_attr.dma_attr_addr_lo =
998 				    end_addr;
999 
1000 				/*
1001 				 * Free the memory we have already allocated
1002 				 * whose physical addresses might not fit
1003 				 * the new lo and hi constraints.
1004 				 */
1005 				fastboot_free_mem(&newkernel, end_addr);
1006 				goto load_kernel_retry;
1007 			}
1008 		}
1009 
1010 
1011 		if (!fastboot_contig)
1012 			dma_attr.dma_attr_sgllen = (fsize / PAGESIZE) +
1013 			    (((fsize % PAGESIZE) == 0) ? 0 : 1);
1014 
1015 		if ((buf = contig_alloc(fsize, &dma_attr, PAGESIZE, 0))
1016 		    == NULL) {
1017 			cmn_err(CE_WARN, fastboot_enomem_msg, fsize, "64G");
1018 			goto err_out;
1019 		}
1020 
1021 		va = P2ROUNDUP_TYPED((uintptr_t)buf, PAGESIZE, uintptr_t);
1022 
1023 		if (kobj_read_file(file, (char *)va, fsize, 0) < 0) {
1024 			cmn_err(CE_WARN, "Fastboot: Couldn't read %s",
1025 			    fastboot_filename[i]);
1026 			goto err_out;
1027 		}
1028 
1029 		fb = &newkernel.fi_files[i];
1030 		fb->fb_va = va;
1031 		fb->fb_size = fsize;
1032 		fb->fb_sectcnt = 0;
1033 
1034 		pt_size = FASTBOOT_PTE_LIST_SIZE(fsize_roundup);
1035 
1036 		/*
1037 		 * If we have reserved memory but it not enough, free it.
1038 		 */
1039 		if (fb->fb_pte_list_size && fb->fb_pte_list_size < pt_size) {
1040 			contig_free((void *)fb->fb_pte_list_va,
1041 			    fb->fb_pte_list_size);
1042 			fb->fb_pte_list_size = 0;
1043 		}
1044 
1045 		if (fb->fb_pte_list_size == 0) {
1046 			if ((fb->fb_pte_list_va =
1047 			    (x86pte_t *)contig_alloc(pt_size,
1048 			    &fastboot_below_1G_dma_attr, PAGESIZE, 0))
1049 			    == NULL) {
1050 				cmn_err(CE_WARN, fastboot_enomem_msg,
1051 				    (uint64_t)pt_size, "1G");
1052 				goto err_out;
1053 			}
1054 			/*
1055 			 * fb_pte_list_size must be set after the allocation
1056 			 * succeeds as it's used to determine how much memory to
1057 			 * free.
1058 			 */
1059 			fb->fb_pte_list_size = pt_size;
1060 		}
1061 
1062 		bzero((void *)(fb->fb_pte_list_va), fb->fb_pte_list_size);
1063 
1064 		fb->fb_pte_list_pa = mmu_ptob((uint64_t)hat_getpfnum(kas.a_hat,
1065 		    (caddr_t)fb->fb_pte_list_va));
1066 
1067 		for (page_index = 0, offset = 0; offset < fb->fb_size;
1068 		    offset += PAGESIZE) {
1069 			uint64_t paddr;
1070 
1071 			paddr = mmu_ptob((uint64_t)hat_getpfnum(kas.a_hat,
1072 			    (caddr_t)fb->fb_va + offset));
1073 
1074 			ASSERT(paddr >= fastboot_dma_attr.dma_attr_addr_lo);
1075 
1076 			/*
1077 			 * Include the pte_bits so we don't have to make
1078 			 * it in assembly.
1079 			 */
1080 			fb->fb_pte_list_va[page_index++] = (x86pte_t)
1081 			    (paddr | pte_bits);
1082 		}
1083 
1084 		fb->fb_pte_list_va[page_index] = FASTBOOT_TERMINATE;
1085 
1086 		if (i == FASTBOOT_UNIX) {
1087 			Ehdr	*ehdr = (Ehdr *)va;
1088 			int	j;
1089 
1090 			/*
1091 			 * Sanity checks:
1092 			 */
1093 			for (j = 0; j < SELFMAG; j++) {
1094 				if (ehdr->e_ident[j] != ELFMAG[j]) {
1095 					cmn_err(CE_WARN, "Fastboot: Bad ELF "
1096 					    "signature");
1097 					goto err_out;
1098 				}
1099 			}
1100 
1101 			if (ehdr->e_ident[EI_CLASS] == ELFCLASS32 &&
1102 			    ehdr->e_ident[EI_DATA] == ELFDATA2LSB &&
1103 			    ehdr->e_machine == EM_386) {
1104 
1105 				fb->fb_sectcnt = sizeof (fb->fb_sections) /
1106 				    sizeof (fb->fb_sections[0]);
1107 
1108 				if (fastboot_elf32_find_loadables((void *)va,
1109 				    fsize, &fb->fb_sections[0],
1110 				    &fb->fb_sectcnt, &dboot_start_offset) < 0) {
1111 					cmn_err(CE_WARN, "Fastboot: ELF32 "
1112 					    "program section failure");
1113 					goto err_out;
1114 				}
1115 
1116 				if (fb->fb_sectcnt == 0) {
1117 					cmn_err(CE_WARN, "Fastboot: No ELF32 "
1118 					    "program sections found");
1119 					goto err_out;
1120 				}
1121 
1122 				if (is_failsafe) {
1123 					/* Failsafe boot_archive */
1124 					bcopy(BOOTARCHIVE32_FAILSAFE,
1125 					    &fastboot_filename
1126 					    [FASTBOOT_NAME_BOOTARCHIVE]
1127 					    [bootpath_len],
1128 					    sizeof (BOOTARCHIVE32_FAILSAFE));
1129 				} else {
1130 					bcopy(BOOTARCHIVE32,
1131 					    &fastboot_filename
1132 					    [FASTBOOT_NAME_BOOTARCHIVE]
1133 					    [bootpath_len],
1134 					    sizeof (BOOTARCHIVE32));
1135 				}
1136 
1137 			} else if (ehdr->e_ident[EI_CLASS] == ELFCLASS64 &&
1138 			    ehdr->e_ident[EI_DATA] == ELFDATA2LSB &&
1139 			    ehdr->e_machine == EM_AMD64) {
1140 
1141 				if (fastboot_elf64_find_dboot_load_offset(
1142 				    (void *)va, fsize, &dboot_start_offset)
1143 				    != 0) {
1144 					cmn_err(CE_WARN, "Fastboot: Couldn't "
1145 					    "find ELF64 dboot entry offset");
1146 					goto err_out;
1147 				}
1148 
1149 				if ((x86_feature & X86_64) == 0 ||
1150 				    (x86_feature & X86_PAE) == 0) {
1151 					cmn_err(CE_WARN, "Fastboot: Cannot "
1152 					    "reboot to %s: "
1153 					    "not a 64-bit capable system",
1154 					    kern_bootfile);
1155 					goto err_out;
1156 				}
1157 
1158 				if (is_failsafe) {
1159 					/* Failsafe boot_archive */
1160 					bcopy(BOOTARCHIVE64_FAILSAFE,
1161 					    &fastboot_filename
1162 					    [FASTBOOT_NAME_BOOTARCHIVE]
1163 					    [bootpath_len],
1164 					    sizeof (BOOTARCHIVE64_FAILSAFE));
1165 				} else {
1166 					bcopy(BOOTARCHIVE64,
1167 					    &fastboot_filename
1168 					    [FASTBOOT_NAME_BOOTARCHIVE]
1169 					    [bootpath_len],
1170 					    sizeof (BOOTARCHIVE64));
1171 				}
1172 			} else {
1173 				cmn_err(CE_WARN, "Fastboot: Unknown ELF type");
1174 				goto err_out;
1175 			}
1176 
1177 			fb->fb_dest_pa = DBOOT_ENTRY_ADDRESS -
1178 			    dboot_start_offset;
1179 
1180 			fb->fb_next_pa = DBOOT_ENTRY_ADDRESS + fsize_roundup;
1181 		} else {
1182 			fb->fb_dest_pa = newkernel.fi_files[i - 1].fb_next_pa;
1183 			fb->fb_next_pa = fb->fb_dest_pa + fsize_roundup;
1184 		}
1185 
1186 		kobj_close_file(file);
1187 
1188 	}
1189 
1190 	/*
1191 	 * Add the function that will switch us to 32-bit protected mode
1192 	 */
1193 	fb = &newkernel.fi_files[FASTBOOT_SWTCH];
1194 	fb->fb_va = fb->fb_dest_pa = FASTBOOT_SWTCH_PA;
1195 	fb->fb_size = MMU_PAGESIZE;
1196 
1197 	hat_devload(kas.a_hat, (caddr_t)fb->fb_va,
1198 	    MMU_PAGESIZE, mmu_btop(fb->fb_dest_pa),
1199 	    PROT_READ | PROT_WRITE | PROT_EXEC,
1200 	    HAT_LOAD_NOCONSIST | HAT_LOAD_LOCK);
1201 
1202 	/*
1203 	 * Build the new multiboot_info structure
1204 	 */
1205 	if (fastboot_build_mbi(fastboot_args, &newkernel) != 0) {
1206 		goto err_out;
1207 	}
1208 
1209 	/*
1210 	 * Build page table for low 1G physical memory. Use big pages.
1211 	 * Allocate 4 (5 for amd64) pages for the page tables.
1212 	 *    1 page for PML4 (amd64)
1213 	 *    1 page for Page-Directory-Pointer Table
1214 	 *    2 pages for Page Directory
1215 	 *    1 page for Page Table.
1216 	 * The page table entry will be rewritten to map the physical
1217 	 * address as we do the copying.
1218 	 */
1219 	if (newkernel.fi_has_pae) {
1220 #ifdef	__amd64
1221 		size_t size = MMU_PAGESIZE * 5;
1222 #else
1223 		size_t size = MMU_PAGESIZE * 4;
1224 #endif	/* __amd64 */
1225 
1226 		if (newkernel.fi_pagetable_size && newkernel.fi_pagetable_size
1227 		    < size) {
1228 			contig_free((void *)newkernel.fi_pagetable_va,
1229 			    newkernel.fi_pagetable_size);
1230 			newkernel.fi_pagetable_size = 0;
1231 		}
1232 
1233 		if (newkernel.fi_pagetable_size == 0) {
1234 			if ((newkernel.fi_pagetable_va = (uintptr_t)
1235 			    contig_alloc(size, &fastboot_below_1G_dma_attr,
1236 			    MMU_PAGESIZE, 0)) == NULL) {
1237 				cmn_err(CE_WARN, fastboot_enomem_msg,
1238 				    (uint64_t)size, "1G");
1239 				goto err_out;
1240 			}
1241 			/*
1242 			 * fi_pagetable_size must be set after the allocation
1243 			 * succeeds as it's used to determine how much memory to
1244 			 * free.
1245 			 */
1246 			newkernel.fi_pagetable_size = size;
1247 		}
1248 
1249 		bzero((void *)(newkernel.fi_pagetable_va), size);
1250 
1251 		newkernel.fi_pagetable_pa =
1252 		    mmu_ptob((uint64_t)hat_getpfnum(kas.a_hat,
1253 		    (caddr_t)newkernel.fi_pagetable_va));
1254 
1255 		newkernel.fi_last_table_pa = newkernel.fi_pagetable_pa +
1256 		    size - MMU_PAGESIZE;
1257 
1258 		newkernel.fi_next_table_va = newkernel.fi_pagetable_va +
1259 		    MMU_PAGESIZE;
1260 		newkernel.fi_next_table_pa = newkernel.fi_pagetable_pa +
1261 		    MMU_PAGESIZE;
1262 
1263 		fastboot_build_pagetables(&newkernel);
1264 	}
1265 
1266 
1267 	/* Generate MD5 checksums */
1268 	fastboot_cksum_generate(&newkernel);
1269 
1270 	/* Mark it as valid */
1271 	newkernel.fi_valid = 1;
1272 	newkernel.fi_magic = FASTBOOT_MAGIC;
1273 
1274 	postbootkernelbase = saved_kernelbase;
1275 	return;
1276 
1277 err_out:
1278 	postbootkernelbase = saved_kernelbase;
1279 	newkernel.fi_valid = 0;
1280 	fastboot_free_newkernel(&newkernel);
1281 }
1282 
1283 
1284 /* ARGSUSED */
1285 static int
1286 fastboot_xc_func(fastboot_info_t *nk, xc_arg_t unused2, xc_arg_t unused3)
1287 {
1288 	void (*fastboot_func)(fastboot_info_t *);
1289 	fastboot_file_t	*fb = &nk->fi_files[FASTBOOT_SWTCH];
1290 	fastboot_func = (void (*)())(fb->fb_va);
1291 	kthread_t *t_intr = curthread->t_intr;
1292 
1293 	if (&kas != curproc->p_as) {
1294 		hat_devload(curproc->p_as->a_hat, (caddr_t)fb->fb_va,
1295 		    MMU_PAGESIZE, mmu_btop(fb->fb_dest_pa),
1296 		    PROT_READ | PROT_WRITE | PROT_EXEC,
1297 		    HAT_LOAD_NOCONSIST | HAT_LOAD_LOCK);
1298 	}
1299 
1300 	/*
1301 	 * If we have pinned a thread, make sure the address is mapped
1302 	 * in the address space of the pinned thread.
1303 	 */
1304 	if (t_intr && t_intr->t_procp->p_as->a_hat != curproc->p_as->a_hat &&
1305 	    t_intr->t_procp->p_as != &kas)
1306 		hat_devload(t_intr->t_procp->p_as->a_hat, (caddr_t)fb->fb_va,
1307 		    MMU_PAGESIZE, mmu_btop(fb->fb_dest_pa),
1308 		    PROT_READ | PROT_WRITE | PROT_EXEC,
1309 		    HAT_LOAD_NOCONSIST | HAT_LOAD_LOCK);
1310 
1311 	(*psm_shutdownf)(A_SHUTDOWN, AD_FASTREBOOT);
1312 	(*fastboot_func)(nk);
1313 
1314 	/*NOTREACHED*/
1315 	return (0);
1316 }
1317 
1318 /*
1319  * Jump to the fast reboot switcher.  This function never returns.
1320  */
1321 void
1322 fast_reboot()
1323 {
1324 	processorid_t bootcpuid = 0;
1325 	extern uintptr_t postbootkernelbase;
1326 	extern char	fb_swtch_image[];
1327 	fastboot_file_t	*fb;
1328 	int i;
1329 
1330 	postbootkernelbase = 0;
1331 
1332 	fb = &newkernel.fi_files[FASTBOOT_SWTCH];
1333 
1334 	/*
1335 	 * Map the address into both the current proc's address
1336 	 * space and the kernel's address space in case the panic
1337 	 * is forced by kmdb.
1338 	 */
1339 	if (&kas != curproc->p_as) {
1340 		hat_devload(curproc->p_as->a_hat, (caddr_t)fb->fb_va,
1341 		    MMU_PAGESIZE, mmu_btop(fb->fb_dest_pa),
1342 		    PROT_READ | PROT_WRITE | PROT_EXEC,
1343 		    HAT_LOAD_NOCONSIST | HAT_LOAD_LOCK);
1344 	}
1345 
1346 	bcopy((void *)fb_swtch_image, (void *)fb->fb_va, fb->fb_size);
1347 
1348 
1349 	/*
1350 	 * Set fb_va to fake_va
1351 	 */
1352 	for (i = 0; i < FASTBOOT_MAX_FILES_MAP; i++) {
1353 		newkernel.fi_files[i].fb_va = fake_va;
1354 
1355 	}
1356 
1357 	if (panicstr && CPU->cpu_id != bootcpuid &&
1358 	    CPU_ACTIVE(cpu_get(bootcpuid))) {
1359 		extern void panic_idle(void);
1360 		cpuset_t cpuset;
1361 
1362 		CPUSET_ZERO(cpuset);
1363 		CPUSET_ADD(cpuset, bootcpuid);
1364 		xc_priority((xc_arg_t)&newkernel, 0, 0, CPUSET2BV(cpuset),
1365 		    (xc_func_t)fastboot_xc_func);
1366 
1367 		panic_idle();
1368 	} else
1369 		(void) fastboot_xc_func(&newkernel, 0, 0);
1370 }
1371 
1372 
1373 /*
1374  * Get boot property value for fastreboot_onpanic.
1375  *
1376  * NOTE: If fastreboot_onpanic is set to non-zero in /etc/system,
1377  * new setting passed in via "-B fastreboot_onpanic" is ignored.
1378  * This order of precedence is to enable developers debugging panics
1379  * that occur early in boot to utilize Fast Reboot on panic.
1380  */
1381 static void
1382 fastboot_get_bootprop(void)
1383 {
1384 	int		val = 0xaa, len, ret;
1385 	dev_info_t	*devi;
1386 	char		*propstr = NULL;
1387 
1388 	devi = ddi_root_node();
1389 
1390 	ret = ddi_prop_lookup_string(DDI_DEV_T_ANY, devi, DDI_PROP_DONTPASS,
1391 	    FASTREBOOT_ONPANIC, &propstr);
1392 
1393 	if (ret == DDI_PROP_SUCCESS) {
1394 		if (FASTREBOOT_ONPANIC_NOTSET(propstr))
1395 			val = 0;
1396 		else if (FASTREBOOT_ONPANIC_ISSET(propstr))
1397 			val = UA_FASTREBOOT_ONPANIC;
1398 
1399 		/*
1400 		 * Only set fastreboot_onpanic to the value passed in
1401 		 * if it's not already set to non-zero, and the value
1402 		 * has indeed been passed in via command line.
1403 		 */
1404 		if (!fastreboot_onpanic && val != 0xaa)
1405 			fastreboot_onpanic = val;
1406 		ddi_prop_free(propstr);
1407 	} else if (ret != DDI_PROP_NOT_FOUND && ret != DDI_PROP_UNDEFINED) {
1408 		cmn_err(CE_WARN, "%s value is invalid, will be ignored",
1409 		    FASTREBOOT_ONPANIC);
1410 	}
1411 
1412 	len = sizeof (fastreboot_onpanic_cmdline);
1413 	ret = ddi_getlongprop_buf(DDI_DEV_T_ANY, devi, DDI_PROP_DONTPASS,
1414 	    FASTREBOOT_ONPANIC_CMDLINE, fastreboot_onpanic_cmdline, &len);
1415 
1416 	if (ret == DDI_PROP_BUF_TOO_SMALL)
1417 		cmn_err(CE_WARN, "%s value is too long, will be ignored",
1418 		    FASTREBOOT_ONPANIC_CMDLINE);
1419 }
1420 
1421 /*
1422  * This function is called by main() to either load the backup kernel for panic
1423  * fast reboot, or to reserve low physical memory for fast reboot.
1424  */
1425 void
1426 fastboot_post_startup()
1427 {
1428 	lbolt_at_boot = ddi_get_lbolt();
1429 
1430 	/* Default to 10 minutes */
1431 	if (fastreboot_onpanic_uptime == LONG_MAX)
1432 		fastreboot_onpanic_uptime = SEC_TO_TICK(10 * 60);
1433 
1434 	if (!fastreboot_capable)
1435 		return;
1436 
1437 	mutex_enter(&fastreboot_config_mutex);
1438 
1439 	fastboot_get_bootprop();
1440 
1441 	if (fastreboot_onpanic)
1442 		fastboot_load_kernel(fastreboot_onpanic_cmdline);
1443 	else if (reserve_mem_enabled)
1444 		fastboot_reserve_mem(&newkernel);
1445 
1446 	mutex_exit(&fastreboot_config_mutex);
1447 }
1448 
1449 /*
1450  * Update boot configuration settings.
1451  * If the new fastreboot_onpanic setting is false, and a kernel has
1452  * been preloaded, free the memory;
1453  * if the new fastreboot_onpanic setting is true and newkernel is
1454  * not valid, load the new kernel.
1455  */
1456 void
1457 fastboot_update_config(const char *mdep)
1458 {
1459 	uint8_t boot_config = (uint8_t)*mdep;
1460 	int cur_fastreboot_onpanic;
1461 
1462 	if (!fastreboot_capable)
1463 		return;
1464 
1465 	mutex_enter(&fastreboot_config_mutex);
1466 
1467 	cur_fastreboot_onpanic = fastreboot_onpanic;
1468 	fastreboot_onpanic = boot_config & UA_FASTREBOOT_ONPANIC;
1469 
1470 	if (fastreboot_onpanic && (!cur_fastreboot_onpanic ||
1471 	    !newkernel.fi_valid))
1472 		fastboot_load_kernel(fastreboot_onpanic_cmdline);
1473 	if (cur_fastreboot_onpanic && !fastreboot_onpanic)
1474 		fastboot_free_newkernel(&newkernel);
1475 
1476 	mutex_exit(&fastreboot_config_mutex);
1477 }
1478 
1479 /*
1480  * This is the interface to be called by other kernel components to
1481  * disable fastreboot_onpanic.
1482  */
1483 void
1484 fastreboot_disable()
1485 {
1486 	uint8_t boot_config = (uint8_t)(~UA_FASTREBOOT_ONPANIC);
1487 	fastboot_update_config((const char *)&boot_config);
1488 }
1489 
1490 /*
1491  * This is the interface to be called by fm_panic() in case FMA has diagnosed
1492  * a terminal machine check exception.  It does not free up memory allocated
1493  * for the backup kernel.  General disabling fastreboot_onpanic in a
1494  * non-panicking situation must go through fastboot_update_config().
1495  */
1496 void
1497 fastreboot_disable_highpil()
1498 {
1499 	fastreboot_onpanic = 0;
1500 }
1501 
1502 
1503 /*
1504  * A simplified interface for uadmin to call to update the configuration
1505  * setting and load a new kernel if necessary.
1506  */
1507 void
1508 fastboot_update_and_load(int fcn, char *mdep)
1509 {
1510 	if (fcn != AD_FASTREBOOT) {
1511 		/*
1512 		 * If user has explicitly requested reboot to prom,
1513 		 * or uadmin(1M) was invoked with other functions,
1514 		 * don't try to fast reboot after dumping.
1515 		 */
1516 		fastreboot_disable();
1517 	}
1518 
1519 	mutex_enter(&fastreboot_config_mutex);
1520 
1521 	if (fastreboot_onpanic)
1522 		fastboot_load_kernel(mdep);
1523 
1524 	mutex_exit(&fastreboot_config_mutex);
1525 }
1526