xref: /titanic_41/usr/src/uts/i86pc/os/mp_startup.c (revision 5fbb41393be5d63f75952b1d72d4df2642d22557)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #include <sys/types.h>
28 #include <sys/thread.h>
29 #include <sys/cpuvar.h>
30 #include <sys/t_lock.h>
31 #include <sys/param.h>
32 #include <sys/proc.h>
33 #include <sys/disp.h>
34 #include <sys/class.h>
35 #include <sys/cmn_err.h>
36 #include <sys/debug.h>
37 #include <sys/asm_linkage.h>
38 #include <sys/x_call.h>
39 #include <sys/systm.h>
40 #include <sys/var.h>
41 #include <sys/vtrace.h>
42 #include <vm/hat.h>
43 #include <vm/as.h>
44 #include <vm/seg_kmem.h>
45 #include <vm/seg_kp.h>
46 #include <sys/segments.h>
47 #include <sys/kmem.h>
48 #include <sys/stack.h>
49 #include <sys/smp_impldefs.h>
50 #include <sys/x86_archext.h>
51 #include <sys/machsystm.h>
52 #include <sys/traptrace.h>
53 #include <sys/clock.h>
54 #include <sys/cpc_impl.h>
55 #include <sys/pg.h>
56 #include <sys/cmt.h>
57 #include <sys/dtrace.h>
58 #include <sys/archsystm.h>
59 #include <sys/fp.h>
60 #include <sys/reboot.h>
61 #include <sys/kdi_machimpl.h>
62 #include <vm/hat_i86.h>
63 #include <sys/memnode.h>
64 #include <sys/pci_cfgspace.h>
65 #include <sys/mach_mmu.h>
66 #include <sys/sysmacros.h>
67 #if defined(__xpv)
68 #include <sys/hypervisor.h>
69 #endif
70 #include <sys/cpu_module.h>
71 
72 struct cpu	cpus[1];			/* CPU data */
73 struct cpu	*cpu[NCPU] = {&cpus[0]};	/* pointers to all CPUs */
74 cpu_core_t	cpu_core[NCPU];			/* cpu_core structures */
75 
76 /*
77  * Useful for disabling MP bring-up on a MP capable system.
78  */
79 int use_mp = 1;
80 
81 /*
82  * to be set by a PSM to indicate what cpus
83  * are sitting around on the system.
84  */
85 cpuset_t mp_cpus;
86 
87 /*
88  * This variable is used by the hat layer to decide whether or not
89  * critical sections are needed to prevent race conditions.  For sun4m,
90  * this variable is set once enough MP initialization has been done in
91  * order to allow cross calls.
92  */
93 int flushes_require_xcalls;
94 
95 cpuset_t cpu_ready_set;		/* initialized in startup() */
96 
97 static 	void	mp_startup(void);
98 
99 static void cpu_sep_enable(void);
100 static void cpu_sep_disable(void);
101 static void cpu_asysc_enable(void);
102 static void cpu_asysc_disable(void);
103 
104 /*
105  * Init CPU info - get CPU type info for processor_info system call.
106  */
107 void
108 init_cpu_info(struct cpu *cp)
109 {
110 	processor_info_t *pi = &cp->cpu_type_info;
111 	char buf[CPU_IDSTRLEN];
112 
113 	/*
114 	 * Get clock-frequency property for the CPU.
115 	 */
116 	pi->pi_clock = cpu_freq;
117 
118 	/*
119 	 * Current frequency in Hz.
120 	 */
121 	cp->cpu_curr_clock = cpu_freq_hz;
122 
123 	/*
124 	 * Supported frequencies.
125 	 */
126 	if (cp->cpu_supp_freqs == NULL) {
127 		cpu_set_supp_freqs(cp, NULL);
128 	}
129 
130 	(void) strcpy(pi->pi_processor_type, "i386");
131 	if (fpu_exists)
132 		(void) strcpy(pi->pi_fputypes, "i387 compatible");
133 
134 	(void) cpuid_getidstr(cp, buf, sizeof (buf));
135 
136 	cp->cpu_idstr = kmem_alloc(strlen(buf) + 1, KM_SLEEP);
137 	(void) strcpy(cp->cpu_idstr, buf);
138 
139 	(void) cpuid_getbrandstr(cp, buf, sizeof (buf));
140 	cp->cpu_brandstr = kmem_alloc(strlen(buf) + 1, KM_SLEEP);
141 	(void) strcpy(cp->cpu_brandstr, buf);
142 }
143 
144 /*
145  * Configure syscall support on this CPU.
146  */
147 /*ARGSUSED*/
148 void
149 init_cpu_syscall(struct cpu *cp)
150 {
151 	kpreempt_disable();
152 
153 #if defined(__amd64)
154 	if ((x86_feature & (X86_MSR | X86_ASYSC)) == (X86_MSR | X86_ASYSC)) {
155 
156 #if !defined(__lint)
157 		/*
158 		 * The syscall instruction imposes a certain ordering on
159 		 * segment selectors, so we double-check that ordering
160 		 * here.
161 		 */
162 		ASSERT(KDS_SEL == KCS_SEL + 8);
163 		ASSERT(UDS_SEL == U32CS_SEL + 8);
164 		ASSERT(UCS_SEL == U32CS_SEL + 16);
165 #endif
166 		/*
167 		 * Turn syscall/sysret extensions on.
168 		 */
169 		cpu_asysc_enable();
170 
171 		/*
172 		 * Program the magic registers ..
173 		 */
174 		wrmsr(MSR_AMD_STAR,
175 		    ((uint64_t)(U32CS_SEL << 16 | KCS_SEL)) << 32);
176 		wrmsr(MSR_AMD_LSTAR, (uint64_t)(uintptr_t)sys_syscall);
177 		wrmsr(MSR_AMD_CSTAR, (uint64_t)(uintptr_t)sys_syscall32);
178 
179 		/*
180 		 * This list of flags is masked off the incoming
181 		 * %rfl when we enter the kernel.
182 		 */
183 		wrmsr(MSR_AMD_SFMASK, (uint64_t)(uintptr_t)(PS_IE | PS_T));
184 	}
185 #endif
186 
187 	/*
188 	 * On 32-bit kernels, we use sysenter/sysexit because it's too
189 	 * hard to use syscall/sysret, and it is more portable anyway.
190 	 *
191 	 * On 64-bit kernels on Nocona machines, the 32-bit syscall
192 	 * variant isn't available to 32-bit applications, but sysenter is.
193 	 */
194 	if ((x86_feature & (X86_MSR | X86_SEP)) == (X86_MSR | X86_SEP)) {
195 
196 #if !defined(__lint)
197 		/*
198 		 * The sysenter instruction imposes a certain ordering on
199 		 * segment selectors, so we double-check that ordering
200 		 * here. See "sysenter" in Intel document 245471-012, "IA-32
201 		 * Intel Architecture Software Developer's Manual Volume 2:
202 		 * Instruction Set Reference"
203 		 */
204 		ASSERT(KDS_SEL == KCS_SEL + 8);
205 
206 		ASSERT32(UCS_SEL == ((KCS_SEL + 16) | 3));
207 		ASSERT32(UDS_SEL == UCS_SEL + 8);
208 
209 		ASSERT64(U32CS_SEL == ((KCS_SEL + 16) | 3));
210 		ASSERT64(UDS_SEL == U32CS_SEL + 8);
211 #endif
212 
213 		cpu_sep_enable();
214 
215 		/*
216 		 * resume() sets this value to the base of the threads stack
217 		 * via a context handler.
218 		 */
219 		wrmsr(MSR_INTC_SEP_ESP, 0);
220 		wrmsr(MSR_INTC_SEP_EIP, (uint64_t)(uintptr_t)sys_sysenter);
221 	}
222 
223 	kpreempt_enable();
224 }
225 
226 /*
227  * Multiprocessor initialization.
228  *
229  * Allocate and initialize the cpu structure, TRAPTRACE buffer, and the
230  * startup and idle threads for the specified CPU.
231  */
232 struct cpu *
233 mp_startup_init(int cpun)
234 {
235 	struct cpu *cp;
236 	kthread_id_t tp;
237 	caddr_t	sp;
238 	proc_t *procp;
239 #if !defined(__xpv)
240 	extern int idle_cpu_prefer_mwait;
241 	extern void cpu_idle_mwait();
242 #endif
243 	extern void idle();
244 	extern void cpu_idle();
245 
246 #ifdef TRAPTRACE
247 	trap_trace_ctl_t *ttc = &trap_trace_ctl[cpun];
248 #endif
249 
250 	ASSERT(cpun < NCPU && cpu[cpun] == NULL);
251 
252 	cp = kmem_zalloc(sizeof (*cp), KM_SLEEP);
253 #if !defined(__xpv)
254 	if ((x86_feature & X86_MWAIT) && idle_cpu_prefer_mwait) {
255 		cp->cpu_m.mcpu_mwait = cpuid_mwait_alloc(CPU);
256 		cp->cpu_m.mcpu_idle_cpu = cpu_idle_mwait;
257 	} else
258 #endif
259 		cp->cpu_m.mcpu_idle_cpu = cpu_idle;
260 
261 	procp = curthread->t_procp;
262 
263 	mutex_enter(&cpu_lock);
264 	/*
265 	 * Initialize the dispatcher first.
266 	 */
267 	disp_cpu_init(cp);
268 	mutex_exit(&cpu_lock);
269 
270 	cpu_vm_data_init(cp);
271 
272 	/*
273 	 * Allocate and initialize the startup thread for this CPU.
274 	 * Interrupt and process switch stacks get allocated later
275 	 * when the CPU starts running.
276 	 */
277 	tp = thread_create(NULL, 0, NULL, NULL, 0, procp,
278 	    TS_STOPPED, maxclsyspri);
279 
280 	/*
281 	 * Set state to TS_ONPROC since this thread will start running
282 	 * as soon as the CPU comes online.
283 	 *
284 	 * All the other fields of the thread structure are setup by
285 	 * thread_create().
286 	 */
287 	THREAD_ONPROC(tp, cp);
288 	tp->t_preempt = 1;
289 	tp->t_bound_cpu = cp;
290 	tp->t_affinitycnt = 1;
291 	tp->t_cpu = cp;
292 	tp->t_disp_queue = cp->cpu_disp;
293 
294 	/*
295 	 * Setup thread to start in mp_startup.
296 	 */
297 	sp = tp->t_stk;
298 	tp->t_pc = (uintptr_t)mp_startup;
299 	tp->t_sp = (uintptr_t)(sp - MINFRAME);
300 #if defined(__amd64)
301 	tp->t_sp -= STACK_ENTRY_ALIGN;		/* fake a call */
302 #endif
303 
304 	cp->cpu_id = cpun;
305 	cp->cpu_self = cp;
306 	cp->cpu_thread = tp;
307 	cp->cpu_lwp = NULL;
308 	cp->cpu_dispthread = tp;
309 	cp->cpu_dispatch_pri = DISP_PRIO(tp);
310 
311 	/*
312 	 * cpu_base_spl must be set explicitly here to prevent any blocking
313 	 * operations in mp_startup from causing the spl of the cpu to drop
314 	 * to 0 (allowing device interrupts before we're ready) in resume().
315 	 * cpu_base_spl MUST remain at LOCK_LEVEL until the cpu is CPU_READY.
316 	 * As an extra bit of security on DEBUG kernels, this is enforced with
317 	 * an assertion in mp_startup() -- before cpu_base_spl is set to its
318 	 * proper value.
319 	 */
320 	cp->cpu_base_spl = ipltospl(LOCK_LEVEL);
321 
322 	/*
323 	 * Now, initialize per-CPU idle thread for this CPU.
324 	 */
325 	tp = thread_create(NULL, PAGESIZE, idle, NULL, 0, procp, TS_ONPROC, -1);
326 
327 	cp->cpu_idle_thread = tp;
328 
329 	tp->t_preempt = 1;
330 	tp->t_bound_cpu = cp;
331 	tp->t_affinitycnt = 1;
332 	tp->t_cpu = cp;
333 	tp->t_disp_queue = cp->cpu_disp;
334 
335 	/*
336 	 * Bootstrap the CPU's PG data
337 	 */
338 	pg_cpu_bootstrap(cp);
339 
340 	/*
341 	 * Perform CPC initialization on the new CPU.
342 	 */
343 	kcpc_hw_init(cp);
344 
345 	/*
346 	 * Allocate virtual addresses for cpu_caddr1 and cpu_caddr2
347 	 * for each CPU.
348 	 */
349 	setup_vaddr_for_ppcopy(cp);
350 
351 	/*
352 	 * Allocate page for new GDT and initialize from current GDT.
353 	 */
354 #if !defined(__lint)
355 	ASSERT((sizeof (*cp->cpu_gdt) * NGDT) <= PAGESIZE);
356 #endif
357 	cp->cpu_gdt = kmem_zalloc(PAGESIZE, KM_SLEEP);
358 	bcopy(CPU->cpu_gdt, cp->cpu_gdt, (sizeof (*cp->cpu_gdt) * NGDT));
359 
360 #if defined(__i386)
361 	/*
362 	 * setup kernel %gs.
363 	 */
364 	set_usegd(&cp->cpu_gdt[GDT_GS], cp, sizeof (struct cpu) -1, SDT_MEMRWA,
365 	    SEL_KPL, 0, 1);
366 #endif
367 
368 	/*
369 	 * If we have more than one node, each cpu gets a copy of IDT
370 	 * local to its node. If this is a Pentium box, we use cpu 0's
371 	 * IDT. cpu 0's IDT has been made read-only to workaround the
372 	 * cmpxchgl register bug
373 	 */
374 	if (system_hardware.hd_nodes && x86_type != X86_TYPE_P5) {
375 #if !defined(__lint)
376 		ASSERT((sizeof (*CPU->cpu_idt) * NIDT) <= PAGESIZE);
377 #endif
378 		cp->cpu_idt = kmem_zalloc(PAGESIZE, KM_SLEEP);
379 		bcopy(CPU->cpu_idt, cp->cpu_idt, PAGESIZE);
380 	} else {
381 		cp->cpu_idt = CPU->cpu_idt;
382 	}
383 
384 	/*
385 	 * Get interrupt priority data from cpu 0.
386 	 */
387 	cp->cpu_pri_data = CPU->cpu_pri_data;
388 
389 	/*
390 	 * alloc space for cpuid info
391 	 */
392 	cpuid_alloc_space(cp);
393 
394 	/*
395 	 * alloc space for ucode_info
396 	 */
397 	ucode_alloc_space(cp);
398 	xc_init_cpu(cp);
399 	hat_cpu_online(cp);
400 
401 #ifdef TRAPTRACE
402 	/*
403 	 * If this is a TRAPTRACE kernel, allocate TRAPTRACE buffers
404 	 */
405 	ttc->ttc_first = (uintptr_t)kmem_zalloc(trap_trace_bufsize, KM_SLEEP);
406 	ttc->ttc_next = ttc->ttc_first;
407 	ttc->ttc_limit = ttc->ttc_first + trap_trace_bufsize;
408 #endif
409 	/*
410 	 * Record that we have another CPU.
411 	 */
412 	mutex_enter(&cpu_lock);
413 	/*
414 	 * Initialize the interrupt threads for this CPU
415 	 */
416 	cpu_intr_alloc(cp, NINTR_THREADS);
417 	/*
418 	 * Add CPU to list of available CPUs.  It'll be on the active list
419 	 * after mp_startup().
420 	 */
421 	cpu_add_unit(cp);
422 	mutex_exit(&cpu_lock);
423 
424 	return (cp);
425 }
426 
427 /*
428  * Undo what was done in mp_startup_init
429  */
430 static void
431 mp_startup_fini(struct cpu *cp, int error)
432 {
433 	mutex_enter(&cpu_lock);
434 
435 	/*
436 	 * Remove the CPU from the list of available CPUs.
437 	 */
438 	cpu_del_unit(cp->cpu_id);
439 
440 	if (error == ETIMEDOUT) {
441 		/*
442 		 * The cpu was started, but never *seemed* to run any
443 		 * code in the kernel; it's probably off spinning in its
444 		 * own private world, though with potential references to
445 		 * our kmem-allocated IDTs and GDTs (for example).
446 		 *
447 		 * Worse still, it may actually wake up some time later,
448 		 * so rather than guess what it might or might not do, we
449 		 * leave the fundamental data structures intact.
450 		 */
451 		cp->cpu_flags = 0;
452 		mutex_exit(&cpu_lock);
453 		return;
454 	}
455 
456 	/*
457 	 * At this point, the only threads bound to this CPU should
458 	 * special per-cpu threads: it's idle thread, it's pause threads,
459 	 * and it's interrupt threads.  Clean these up.
460 	 */
461 	cpu_destroy_bound_threads(cp);
462 	cp->cpu_idle_thread = NULL;
463 
464 	/*
465 	 * Free the interrupt stack.
466 	 */
467 	segkp_release(segkp,
468 	    cp->cpu_intr_stack - (INTR_STACK_SIZE - SA(MINFRAME)));
469 
470 	mutex_exit(&cpu_lock);
471 
472 #ifdef TRAPTRACE
473 	/*
474 	 * Discard the trap trace buffer
475 	 */
476 	{
477 		trap_trace_ctl_t *ttc = &trap_trace_ctl[cp->cpu_id];
478 
479 		kmem_free((void *)ttc->ttc_first, trap_trace_bufsize);
480 		ttc->ttc_first = NULL;
481 	}
482 #endif
483 
484 	hat_cpu_offline(cp);
485 
486 	cpuid_free_space(cp);
487 
488 	ucode_free_space(cp);
489 
490 	if (cp->cpu_idt != CPU->cpu_idt)
491 		kmem_free(cp->cpu_idt, PAGESIZE);
492 	cp->cpu_idt = NULL;
493 
494 	kmem_free(cp->cpu_gdt, PAGESIZE);
495 	cp->cpu_gdt = NULL;
496 
497 	teardown_vaddr_for_ppcopy(cp);
498 
499 	kcpc_hw_fini(cp);
500 
501 	cp->cpu_dispthread = NULL;
502 	cp->cpu_thread = NULL;	/* discarded by cpu_destroy_bound_threads() */
503 
504 	cpu_vm_data_destroy(cp);
505 
506 	mutex_enter(&cpu_lock);
507 	disp_cpu_fini(cp);
508 	mutex_exit(&cpu_lock);
509 
510 #if !defined(__xpv)
511 	if (cp->cpu_m.mcpu_mwait != NULL)
512 		cpuid_mwait_free(cp);
513 #endif
514 	kmem_free(cp, sizeof (*cp));
515 }
516 
517 /*
518  * Apply workarounds for known errata, and warn about those that are absent.
519  *
520  * System vendors occasionally create configurations which contain different
521  * revisions of the CPUs that are almost but not exactly the same.  At the
522  * time of writing, this meant that their clock rates were the same, their
523  * feature sets were the same, but the required workaround were -not-
524  * necessarily the same.  So, this routine is invoked on -every- CPU soon
525  * after starting to make sure that the resulting system contains the most
526  * pessimal set of workarounds needed to cope with *any* of the CPUs in the
527  * system.
528  *
529  * workaround_errata is invoked early in mlsetup() for CPU 0, and in
530  * mp_startup() for all slave CPUs. Slaves process workaround_errata prior
531  * to acknowledging their readiness to the master, so this routine will
532  * never be executed by multiple CPUs in parallel, thus making updates to
533  * global data safe.
534  *
535  * These workarounds are based on Rev 3.57 of the Revision Guide for
536  * AMD Athlon(tm) 64 and AMD Opteron(tm) Processors, August 2005.
537  */
538 
539 #if defined(OPTERON_ERRATUM_88)
540 int opteron_erratum_88;		/* if non-zero -> at least one cpu has it */
541 #endif
542 
543 #if defined(OPTERON_ERRATUM_91)
544 int opteron_erratum_91;		/* if non-zero -> at least one cpu has it */
545 #endif
546 
547 #if defined(OPTERON_ERRATUM_93)
548 int opteron_erratum_93;		/* if non-zero -> at least one cpu has it */
549 #endif
550 
551 #if defined(OPTERON_ERRATUM_95)
552 int opteron_erratum_95;		/* if non-zero -> at least one cpu has it */
553 #endif
554 
555 #if defined(OPTERON_ERRATUM_100)
556 int opteron_erratum_100;	/* if non-zero -> at least one cpu has it */
557 #endif
558 
559 #if defined(OPTERON_ERRATUM_108)
560 int opteron_erratum_108;	/* if non-zero -> at least one cpu has it */
561 #endif
562 
563 #if defined(OPTERON_ERRATUM_109)
564 int opteron_erratum_109;	/* if non-zero -> at least one cpu has it */
565 #endif
566 
567 #if defined(OPTERON_ERRATUM_121)
568 int opteron_erratum_121;	/* if non-zero -> at least one cpu has it */
569 #endif
570 
571 #if defined(OPTERON_ERRATUM_122)
572 int opteron_erratum_122;	/* if non-zero -> at least one cpu has it */
573 #endif
574 
575 #if defined(OPTERON_ERRATUM_123)
576 int opteron_erratum_123;	/* if non-zero -> at least one cpu has it */
577 #endif
578 
579 #if defined(OPTERON_ERRATUM_131)
580 int opteron_erratum_131;	/* if non-zero -> at least one cpu has it */
581 #endif
582 
583 #if defined(OPTERON_WORKAROUND_6336786)
584 int opteron_workaround_6336786;	/* non-zero -> WA relevant and applied */
585 int opteron_workaround_6336786_UP = 0;	/* Not needed for UP */
586 #endif
587 
588 #if defined(OPTERON_WORKAROUND_6323525)
589 int opteron_workaround_6323525;	/* if non-zero -> at least one cpu has it */
590 #endif
591 
592 #if defined(OPTERON_ERRATUM_298)
593 int opteron_erratum_298;
594 #endif
595 
596 static void
597 workaround_warning(cpu_t *cp, uint_t erratum)
598 {
599 	cmn_err(CE_WARN, "cpu%d: no workaround for erratum %u",
600 	    cp->cpu_id, erratum);
601 }
602 
603 static void
604 workaround_applied(uint_t erratum)
605 {
606 	if (erratum > 1000000)
607 		cmn_err(CE_CONT, "?workaround applied for cpu issue #%d\n",
608 		    erratum);
609 	else
610 		cmn_err(CE_CONT, "?workaround applied for cpu erratum #%d\n",
611 		    erratum);
612 }
613 
614 static void
615 msr_warning(cpu_t *cp, const char *rw, uint_t msr, int error)
616 {
617 	cmn_err(CE_WARN, "cpu%d: couldn't %smsr 0x%x, error %d",
618 	    cp->cpu_id, rw, msr, error);
619 }
620 
621 /*
622  * Determine the number of nodes in a Hammer / Greyhound / Griffin family
623  * system.
624  */
625 static uint_t
626 opteron_get_nnodes(void)
627 {
628 	static uint_t nnodes = 0;
629 
630 	if (nnodes == 0) {
631 #ifdef	DEBUG
632 		uint_t family;
633 
634 		/*
635 		 * This routine uses a PCI config space based mechanism
636 		 * for retrieving the number of nodes in the system.
637 		 * Device 24, function 0, offset 0x60 as used here is not
638 		 * AMD processor architectural, and may not work on processor
639 		 * families other than those listed below.
640 		 *
641 		 * Callers of this routine must ensure that we're running on
642 		 * a processor which supports this mechanism.
643 		 * The assertion below is meant to catch calls on unsupported
644 		 * processors.
645 		 */
646 		family = cpuid_getfamily(CPU);
647 		ASSERT(family == 0xf || family == 0x10 || family == 0x11);
648 #endif	/* DEBUG */
649 
650 		/*
651 		 * Obtain the number of nodes in the system from
652 		 * bits [6:4] of the Node ID register on node 0.
653 		 *
654 		 * The actual node count is NodeID[6:4] + 1
655 		 *
656 		 * The Node ID register is accessed via function 0,
657 		 * offset 0x60. Node 0 is device 24.
658 		 */
659 		nnodes = ((pci_getl_func(0, 24, 0, 0x60) & 0x70) >> 4) + 1;
660 	}
661 	return (nnodes);
662 }
663 
664 #if defined(__xpv)
665 
666 /*
667  * On dom0, we can determine the number of physical cpus on the machine.
668  * This number is important when figuring out what workarounds are
669  * appropriate, so compute it now.
670  */
671 uint_t
672 xen_get_nphyscpus(void)
673 {
674 	static uint_t nphyscpus = 0;
675 
676 	ASSERT(DOMAIN_IS_INITDOMAIN(xen_info));
677 
678 	if (nphyscpus == 0) {
679 		xen_sysctl_t op;
680 		xen_sysctl_physinfo_t *pi = &op.u.physinfo;
681 
682 		op.cmd = XEN_SYSCTL_physinfo;
683 		op.interface_version = XEN_SYSCTL_INTERFACE_VERSION;
684 		if (HYPERVISOR_sysctl(&op) == 0)
685 			nphyscpus = pi->threads_per_core *
686 			    pi->cores_per_socket * pi->sockets_per_node *
687 			    pi->nr_nodes;
688 	}
689 	return (nphyscpus);
690 }
691 #endif
692 
693 uint_t
694 do_erratum_298(struct cpu *cpu)
695 {
696 	static int	osvwrc = -3;
697 	extern int	osvw_opteron_erratum(cpu_t *, uint_t);
698 
699 	/*
700 	 * L2 Eviction May Occur During Processor Operation To Set
701 	 * Accessed or Dirty Bit.
702 	 */
703 	if (osvwrc == -3) {
704 		osvwrc = osvw_opteron_erratum(cpu, 298);
705 	} else {
706 		/* osvw return codes should be consistent for all cpus */
707 		ASSERT(osvwrc == osvw_opteron_erratum(cpu, 298));
708 	}
709 
710 	switch (osvwrc) {
711 	case 0:		/* erratum is not present: do nothing */
712 		break;
713 	case 1:		/* erratum is present: BIOS workaround applied */
714 		/*
715 		 * check if workaround is actually in place and issue warning
716 		 * if not.
717 		 */
718 		if (((rdmsr(MSR_AMD_HWCR) & AMD_HWCR_TLBCACHEDIS) == 0) ||
719 		    ((rdmsr(MSR_AMD_BU_CFG) & AMD_BU_CFG_E298) == 0)) {
720 #if defined(OPTERON_ERRATUM_298)
721 			opteron_erratum_298++;
722 #else
723 			workaround_warning(cpu, 298);
724 			return (1);
725 #endif
726 		}
727 		break;
728 	case -1:	/* cannot determine via osvw: check cpuid */
729 		if ((cpuid_opteron_erratum(cpu, 298) > 0) &&
730 		    (((rdmsr(MSR_AMD_HWCR) & AMD_HWCR_TLBCACHEDIS) == 0) ||
731 		    ((rdmsr(MSR_AMD_BU_CFG) & AMD_BU_CFG_E298) == 0))) {
732 #if defined(OPTERON_ERRATUM_298)
733 			opteron_erratum_298++;
734 #else
735 			workaround_warning(cpu, 298);
736 			return (1);
737 #endif
738 		}
739 		break;
740 	}
741 	return (0);
742 }
743 
744 uint_t
745 workaround_errata(struct cpu *cpu)
746 {
747 	uint_t missing = 0;
748 
749 	ASSERT(cpu == CPU);
750 
751 	/*LINTED*/
752 	if (cpuid_opteron_erratum(cpu, 88) > 0) {
753 		/*
754 		 * SWAPGS May Fail To Read Correct GS Base
755 		 */
756 #if defined(OPTERON_ERRATUM_88)
757 		/*
758 		 * The workaround is an mfence in the relevant assembler code
759 		 */
760 		opteron_erratum_88++;
761 #else
762 		workaround_warning(cpu, 88);
763 		missing++;
764 #endif
765 	}
766 
767 	if (cpuid_opteron_erratum(cpu, 91) > 0) {
768 		/*
769 		 * Software Prefetches May Report A Page Fault
770 		 */
771 #if defined(OPTERON_ERRATUM_91)
772 		/*
773 		 * fix is in trap.c
774 		 */
775 		opteron_erratum_91++;
776 #else
777 		workaround_warning(cpu, 91);
778 		missing++;
779 #endif
780 	}
781 
782 	if (cpuid_opteron_erratum(cpu, 93) > 0) {
783 		/*
784 		 * RSM Auto-Halt Restart Returns to Incorrect RIP
785 		 */
786 #if defined(OPTERON_ERRATUM_93)
787 		/*
788 		 * fix is in trap.c
789 		 */
790 		opteron_erratum_93++;
791 #else
792 		workaround_warning(cpu, 93);
793 		missing++;
794 #endif
795 	}
796 
797 	/*LINTED*/
798 	if (cpuid_opteron_erratum(cpu, 95) > 0) {
799 		/*
800 		 * RET Instruction May Return to Incorrect EIP
801 		 */
802 #if defined(OPTERON_ERRATUM_95)
803 #if defined(_LP64)
804 		/*
805 		 * Workaround this by ensuring that 32-bit user code and
806 		 * 64-bit kernel code never occupy the same address
807 		 * range mod 4G.
808 		 */
809 		if (_userlimit32 > 0xc0000000ul)
810 			*(uintptr_t *)&_userlimit32 = 0xc0000000ul;
811 
812 		/*LINTED*/
813 		ASSERT((uint32_t)COREHEAP_BASE == 0xc0000000u);
814 		opteron_erratum_95++;
815 #endif	/* _LP64 */
816 #else
817 		workaround_warning(cpu, 95);
818 		missing++;
819 #endif
820 	}
821 
822 	if (cpuid_opteron_erratum(cpu, 100) > 0) {
823 		/*
824 		 * Compatibility Mode Branches Transfer to Illegal Address
825 		 */
826 #if defined(OPTERON_ERRATUM_100)
827 		/*
828 		 * fix is in trap.c
829 		 */
830 		opteron_erratum_100++;
831 #else
832 		workaround_warning(cpu, 100);
833 		missing++;
834 #endif
835 	}
836 
837 	/*LINTED*/
838 	if (cpuid_opteron_erratum(cpu, 108) > 0) {
839 		/*
840 		 * CPUID Instruction May Return Incorrect Model Number In
841 		 * Some Processors
842 		 */
843 #if defined(OPTERON_ERRATUM_108)
844 		/*
845 		 * (Our cpuid-handling code corrects the model number on
846 		 * those processors)
847 		 */
848 #else
849 		workaround_warning(cpu, 108);
850 		missing++;
851 #endif
852 	}
853 
854 	/*LINTED*/
855 	if (cpuid_opteron_erratum(cpu, 109) > 0) do {
856 		/*
857 		 * Certain Reverse REP MOVS May Produce Unpredictable Behavior
858 		 */
859 #if defined(OPTERON_ERRATUM_109)
860 		/*
861 		 * The "workaround" is to print a warning to upgrade the BIOS
862 		 */
863 		uint64_t value;
864 		const uint_t msr = MSR_AMD_PATCHLEVEL;
865 		int err;
866 
867 		if ((err = checked_rdmsr(msr, &value)) != 0) {
868 			msr_warning(cpu, "rd", msr, err);
869 			workaround_warning(cpu, 109);
870 			missing++;
871 		}
872 		if (value == 0)
873 			opteron_erratum_109++;
874 #else
875 		workaround_warning(cpu, 109);
876 		missing++;
877 #endif
878 	/*CONSTANTCONDITION*/
879 	} while (0);
880 
881 	/*LINTED*/
882 	if (cpuid_opteron_erratum(cpu, 121) > 0) {
883 		/*
884 		 * Sequential Execution Across Non_Canonical Boundary Caused
885 		 * Processor Hang
886 		 */
887 #if defined(OPTERON_ERRATUM_121)
888 #if defined(_LP64)
889 		/*
890 		 * Erratum 121 is only present in long (64 bit) mode.
891 		 * Workaround is to include the page immediately before the
892 		 * va hole to eliminate the possibility of system hangs due to
893 		 * sequential execution across the va hole boundary.
894 		 */
895 		if (opteron_erratum_121)
896 			opteron_erratum_121++;
897 		else {
898 			if (hole_start) {
899 				hole_start -= PAGESIZE;
900 			} else {
901 				/*
902 				 * hole_start not yet initialized by
903 				 * mmu_init. Initialize hole_start
904 				 * with value to be subtracted.
905 				 */
906 				hole_start = PAGESIZE;
907 			}
908 			opteron_erratum_121++;
909 		}
910 #endif	/* _LP64 */
911 #else
912 		workaround_warning(cpu, 121);
913 		missing++;
914 #endif
915 	}
916 
917 	/*LINTED*/
918 	if (cpuid_opteron_erratum(cpu, 122) > 0) do {
919 		/*
920 		 * TLB Flush Filter May Cause Coherency Problem in
921 		 * Multiprocessor Systems
922 		 */
923 #if defined(OPTERON_ERRATUM_122)
924 		uint64_t value;
925 		const uint_t msr = MSR_AMD_HWCR;
926 		int error;
927 
928 		/*
929 		 * Erratum 122 is only present in MP configurations (multi-core
930 		 * or multi-processor).
931 		 */
932 #if defined(__xpv)
933 		if (!DOMAIN_IS_INITDOMAIN(xen_info))
934 			break;
935 		if (!opteron_erratum_122 && xen_get_nphyscpus() == 1)
936 			break;
937 #else
938 		if (!opteron_erratum_122 && opteron_get_nnodes() == 1 &&
939 		    cpuid_get_ncpu_per_chip(cpu) == 1)
940 			break;
941 #endif
942 		/* disable TLB Flush Filter */
943 
944 		if ((error = checked_rdmsr(msr, &value)) != 0) {
945 			msr_warning(cpu, "rd", msr, error);
946 			workaround_warning(cpu, 122);
947 			missing++;
948 		} else {
949 			value |= (uint64_t)AMD_HWCR_FFDIS;
950 			if ((error = checked_wrmsr(msr, value)) != 0) {
951 				msr_warning(cpu, "wr", msr, error);
952 				workaround_warning(cpu, 122);
953 				missing++;
954 			}
955 		}
956 		opteron_erratum_122++;
957 #else
958 		workaround_warning(cpu, 122);
959 		missing++;
960 #endif
961 	/*CONSTANTCONDITION*/
962 	} while (0);
963 
964 	/*LINTED*/
965 	if (cpuid_opteron_erratum(cpu, 123) > 0) do {
966 		/*
967 		 * Bypassed Reads May Cause Data Corruption of System Hang in
968 		 * Dual Core Processors
969 		 */
970 #if defined(OPTERON_ERRATUM_123)
971 		uint64_t value;
972 		const uint_t msr = MSR_AMD_PATCHLEVEL;
973 		int err;
974 
975 		/*
976 		 * Erratum 123 applies only to multi-core cpus.
977 		 */
978 		if (cpuid_get_ncpu_per_chip(cpu) < 2)
979 			break;
980 #if defined(__xpv)
981 		if (!DOMAIN_IS_INITDOMAIN(xen_info))
982 			break;
983 #endif
984 		/*
985 		 * The "workaround" is to print a warning to upgrade the BIOS
986 		 */
987 		if ((err = checked_rdmsr(msr, &value)) != 0) {
988 			msr_warning(cpu, "rd", msr, err);
989 			workaround_warning(cpu, 123);
990 			missing++;
991 		}
992 		if (value == 0)
993 			opteron_erratum_123++;
994 #else
995 		workaround_warning(cpu, 123);
996 		missing++;
997 
998 #endif
999 	/*CONSTANTCONDITION*/
1000 	} while (0);
1001 
1002 	/*LINTED*/
1003 	if (cpuid_opteron_erratum(cpu, 131) > 0) do {
1004 		/*
1005 		 * Multiprocessor Systems with Four or More Cores May Deadlock
1006 		 * Waiting for a Probe Response
1007 		 */
1008 #if defined(OPTERON_ERRATUM_131)
1009 		uint64_t nbcfg;
1010 		const uint_t msr = MSR_AMD_NB_CFG;
1011 		const uint64_t wabits =
1012 		    AMD_NB_CFG_SRQ_HEARTBEAT | AMD_NB_CFG_SRQ_SPR;
1013 		int error;
1014 
1015 		/*
1016 		 * Erratum 131 applies to any system with four or more cores.
1017 		 */
1018 		if (opteron_erratum_131)
1019 			break;
1020 #if defined(__xpv)
1021 		if (!DOMAIN_IS_INITDOMAIN(xen_info))
1022 			break;
1023 		if (xen_get_nphyscpus() < 4)
1024 			break;
1025 #else
1026 		if (opteron_get_nnodes() * cpuid_get_ncpu_per_chip(cpu) < 4)
1027 			break;
1028 #endif
1029 		/*
1030 		 * Print a warning if neither of the workarounds for
1031 		 * erratum 131 is present.
1032 		 */
1033 		if ((error = checked_rdmsr(msr, &nbcfg)) != 0) {
1034 			msr_warning(cpu, "rd", msr, error);
1035 			workaround_warning(cpu, 131);
1036 			missing++;
1037 		} else if ((nbcfg & wabits) == 0) {
1038 			opteron_erratum_131++;
1039 		} else {
1040 			/* cannot have both workarounds set */
1041 			ASSERT((nbcfg & wabits) != wabits);
1042 		}
1043 #else
1044 		workaround_warning(cpu, 131);
1045 		missing++;
1046 #endif
1047 	/*CONSTANTCONDITION*/
1048 	} while (0);
1049 
1050 	/*
1051 	 * This isn't really an erratum, but for convenience the
1052 	 * detection/workaround code lives here and in cpuid_opteron_erratum.
1053 	 */
1054 	if (cpuid_opteron_erratum(cpu, 6336786) > 0) {
1055 #if defined(OPTERON_WORKAROUND_6336786)
1056 		/*
1057 		 * Disable C1-Clock ramping on multi-core/multi-processor
1058 		 * K8 platforms to guard against TSC drift.
1059 		 */
1060 		if (opteron_workaround_6336786) {
1061 			opteron_workaround_6336786++;
1062 #if defined(__xpv)
1063 		} else if ((DOMAIN_IS_INITDOMAIN(xen_info) &&
1064 		    xen_get_nphyscpus() > 1) ||
1065 		    opteron_workaround_6336786_UP) {
1066 			/*
1067 			 * XXPV	Hmm.  We can't walk the Northbridges on
1068 			 *	the hypervisor; so just complain and drive
1069 			 *	on.  This probably needs to be fixed in
1070 			 *	the hypervisor itself.
1071 			 */
1072 			opteron_workaround_6336786++;
1073 			workaround_warning(cpu, 6336786);
1074 #else	/* __xpv */
1075 		} else if ((opteron_get_nnodes() *
1076 		    cpuid_get_ncpu_per_chip(cpu) > 1) ||
1077 		    opteron_workaround_6336786_UP) {
1078 
1079 			uint_t	node, nnodes;
1080 			uint8_t data;
1081 
1082 			nnodes = opteron_get_nnodes();
1083 			for (node = 0; node < nnodes; node++) {
1084 				/*
1085 				 * Clear PMM7[1:0] (function 3, offset 0x87)
1086 				 * Northbridge device is the node id + 24.
1087 				 */
1088 				data = pci_getb_func(0, node + 24, 3, 0x87);
1089 				data &= 0xFC;
1090 				pci_putb_func(0, node + 24, 3, 0x87, data);
1091 			}
1092 			opteron_workaround_6336786++;
1093 #endif	/* __xpv */
1094 		}
1095 #else
1096 		workaround_warning(cpu, 6336786);
1097 		missing++;
1098 #endif
1099 	}
1100 
1101 	/*LINTED*/
1102 	/*
1103 	 * Mutex primitives don't work as expected.
1104 	 */
1105 	if (cpuid_opteron_erratum(cpu, 6323525) > 0) {
1106 #if defined(OPTERON_WORKAROUND_6323525)
1107 		/*
1108 		 * This problem only occurs with 2 or more cores. If bit in
1109 		 * MSR_AMD_BU_CFG set, then not applicable. The workaround
1110 		 * is to patch the semaphone routines with the lfence
1111 		 * instruction to provide necessary load memory barrier with
1112 		 * possible subsequent read-modify-write ops.
1113 		 *
1114 		 * It is too early in boot to call the patch routine so
1115 		 * set erratum variable to be done in startup_end().
1116 		 */
1117 		if (opteron_workaround_6323525) {
1118 			opteron_workaround_6323525++;
1119 #if defined(__xpv)
1120 		} else if (x86_feature & X86_SSE2) {
1121 			if (DOMAIN_IS_INITDOMAIN(xen_info)) {
1122 				/*
1123 				 * XXPV	Use dom0_msr here when extended
1124 				 *	operations are supported?
1125 				 */
1126 				if (xen_get_nphyscpus() > 1)
1127 					opteron_workaround_6323525++;
1128 			} else {
1129 				/*
1130 				 * We have no way to tell how many physical
1131 				 * cpus there are, or even if this processor
1132 				 * has the problem, so enable the workaround
1133 				 * unconditionally (at some performance cost).
1134 				 */
1135 				opteron_workaround_6323525++;
1136 			}
1137 #else	/* __xpv */
1138 		} else if ((x86_feature & X86_SSE2) && ((opteron_get_nnodes() *
1139 		    cpuid_get_ncpu_per_chip(cpu)) > 1)) {
1140 			if ((xrdmsr(MSR_AMD_BU_CFG) & (UINT64_C(1) << 33)) == 0)
1141 				opteron_workaround_6323525++;
1142 #endif	/* __xpv */
1143 		}
1144 #else
1145 		workaround_warning(cpu, 6323525);
1146 		missing++;
1147 #endif
1148 	}
1149 
1150 	missing += do_erratum_298(cpu);
1151 
1152 #ifdef __xpv
1153 	return (0);
1154 #else
1155 	return (missing);
1156 #endif
1157 }
1158 
1159 void
1160 workaround_errata_end()
1161 {
1162 #if defined(OPTERON_ERRATUM_88)
1163 	if (opteron_erratum_88)
1164 		workaround_applied(88);
1165 #endif
1166 #if defined(OPTERON_ERRATUM_91)
1167 	if (opteron_erratum_91)
1168 		workaround_applied(91);
1169 #endif
1170 #if defined(OPTERON_ERRATUM_93)
1171 	if (opteron_erratum_93)
1172 		workaround_applied(93);
1173 #endif
1174 #if defined(OPTERON_ERRATUM_95)
1175 	if (opteron_erratum_95)
1176 		workaround_applied(95);
1177 #endif
1178 #if defined(OPTERON_ERRATUM_100)
1179 	if (opteron_erratum_100)
1180 		workaround_applied(100);
1181 #endif
1182 #if defined(OPTERON_ERRATUM_108)
1183 	if (opteron_erratum_108)
1184 		workaround_applied(108);
1185 #endif
1186 #if defined(OPTERON_ERRATUM_109)
1187 	if (opteron_erratum_109) {
1188 		cmn_err(CE_WARN,
1189 		    "BIOS microcode patch for AMD Athlon(tm) 64/Opteron(tm)"
1190 		    " processor\nerratum 109 was not detected; updating your"
1191 		    " system's BIOS to a version\ncontaining this"
1192 		    " microcode patch is HIGHLY recommended or erroneous"
1193 		    " system\noperation may occur.\n");
1194 	}
1195 #endif
1196 #if defined(OPTERON_ERRATUM_121)
1197 	if (opteron_erratum_121)
1198 		workaround_applied(121);
1199 #endif
1200 #if defined(OPTERON_ERRATUM_122)
1201 	if (opteron_erratum_122)
1202 		workaround_applied(122);
1203 #endif
1204 #if defined(OPTERON_ERRATUM_123)
1205 	if (opteron_erratum_123) {
1206 		cmn_err(CE_WARN,
1207 		    "BIOS microcode patch for AMD Athlon(tm) 64/Opteron(tm)"
1208 		    " processor\nerratum 123 was not detected; updating your"
1209 		    " system's BIOS to a version\ncontaining this"
1210 		    " microcode patch is HIGHLY recommended or erroneous"
1211 		    " system\noperation may occur.\n");
1212 	}
1213 #endif
1214 #if defined(OPTERON_ERRATUM_131)
1215 	if (opteron_erratum_131) {
1216 		cmn_err(CE_WARN,
1217 		    "BIOS microcode patch for AMD Athlon(tm) 64/Opteron(tm)"
1218 		    " processor\nerratum 131 was not detected; updating your"
1219 		    " system's BIOS to a version\ncontaining this"
1220 		    " microcode patch is HIGHLY recommended or erroneous"
1221 		    " system\noperation may occur.\n");
1222 	}
1223 #endif
1224 #if defined(OPTERON_WORKAROUND_6336786)
1225 	if (opteron_workaround_6336786)
1226 		workaround_applied(6336786);
1227 #endif
1228 #if defined(OPTERON_WORKAROUND_6323525)
1229 	if (opteron_workaround_6323525)
1230 		workaround_applied(6323525);
1231 #endif
1232 #if defined(OPTERON_ERRATUM_298)
1233 	if (opteron_erratum_298) {
1234 		cmn_err(CE_WARN,
1235 		    "BIOS microcode patch for AMD 64/Opteron(tm)"
1236 		    " processor\nerratum 298 was not detected; updating your"
1237 		    " system's BIOS to a version\ncontaining this"
1238 		    " microcode patch is HIGHLY recommended or erroneous"
1239 		    " system\noperation may occur.\n");
1240 	}
1241 #endif
1242 }
1243 
1244 static cpuset_t procset;
1245 
1246 /*
1247  * Start a single cpu, assuming that the kernel context is available
1248  * to successfully start another cpu.
1249  *
1250  * (For example, real mode code is mapped into the right place
1251  * in memory and is ready to be run.)
1252  */
1253 int
1254 start_cpu(processorid_t who)
1255 {
1256 	void *ctx;
1257 	cpu_t *cp;
1258 	int delays;
1259 	int error = 0;
1260 
1261 	ASSERT(who != 0);
1262 
1263 	/*
1264 	 * Check if there's at least a Mbyte of kmem available
1265 	 * before attempting to start the cpu.
1266 	 */
1267 	if (kmem_avail() < 1024 * 1024) {
1268 		/*
1269 		 * Kick off a reap in case that helps us with
1270 		 * later attempts ..
1271 		 */
1272 		kmem_reap();
1273 		return (ENOMEM);
1274 	}
1275 
1276 	cp = mp_startup_init(who);
1277 	if ((ctx = mach_cpucontext_alloc(cp)) == NULL ||
1278 	    (error = mach_cpu_start(cp, ctx)) != 0) {
1279 
1280 		/*
1281 		 * Something went wrong before we even started it
1282 		 */
1283 		if (ctx)
1284 			cmn_err(CE_WARN,
1285 			    "cpu%d: failed to start error %d",
1286 			    cp->cpu_id, error);
1287 		else
1288 			cmn_err(CE_WARN,
1289 			    "cpu%d: failed to allocate context", cp->cpu_id);
1290 
1291 		if (ctx)
1292 			mach_cpucontext_free(cp, ctx, error);
1293 		else
1294 			error = EAGAIN;		/* hmm. */
1295 		mp_startup_fini(cp, error);
1296 		return (error);
1297 	}
1298 
1299 	for (delays = 0; !CPU_IN_SET(procset, who); delays++) {
1300 		if (delays == 500) {
1301 			/*
1302 			 * After five seconds, things are probably looking
1303 			 * a bit bleak - explain the hang.
1304 			 */
1305 			cmn_err(CE_NOTE, "cpu%d: started, "
1306 			    "but not running in the kernel yet", who);
1307 		} else if (delays > 2000) {
1308 			/*
1309 			 * We waited at least 20 seconds, bail ..
1310 			 */
1311 			error = ETIMEDOUT;
1312 			cmn_err(CE_WARN, "cpu%d: timed out", who);
1313 			mach_cpucontext_free(cp, ctx, error);
1314 			mp_startup_fini(cp, error);
1315 			return (error);
1316 		}
1317 
1318 		/*
1319 		 * wait at least 10ms, then check again..
1320 		 */
1321 		delay(USEC_TO_TICK_ROUNDUP(10000));
1322 	}
1323 
1324 	mach_cpucontext_free(cp, ctx, 0);
1325 
1326 #ifndef __xpv
1327 	if (tsc_gethrtime_enable)
1328 		tsc_sync_master(who);
1329 #endif
1330 
1331 	if (dtrace_cpu_init != NULL) {
1332 		/*
1333 		 * DTrace CPU initialization expects cpu_lock to be held.
1334 		 */
1335 		mutex_enter(&cpu_lock);
1336 		(*dtrace_cpu_init)(who);
1337 		mutex_exit(&cpu_lock);
1338 	}
1339 
1340 	while (!CPU_IN_SET(cpu_ready_set, who))
1341 		delay(1);
1342 
1343 	return (0);
1344 }
1345 
1346 
1347 /*ARGSUSED*/
1348 void
1349 start_other_cpus(int cprboot)
1350 {
1351 	uint_t who;
1352 	uint_t skipped = 0;
1353 	uint_t bootcpuid = 0;
1354 
1355 	/*
1356 	 * Initialize our own cpu_info.
1357 	 */
1358 	init_cpu_info(CPU);
1359 
1360 	cmn_err(CE_CONT, "?cpu%d: %s\n", CPU->cpu_id, CPU->cpu_idstr);
1361 	cmn_err(CE_CONT, "?cpu%d: %s\n", CPU->cpu_id, CPU->cpu_brandstr);
1362 
1363 	/*
1364 	 * Initialize our syscall handlers
1365 	 */
1366 	init_cpu_syscall(CPU);
1367 
1368 	/*
1369 	 * Take the boot cpu out of the mp_cpus set because we know
1370 	 * it's already running.  Add it to the cpu_ready_set for
1371 	 * precisely the same reason.
1372 	 */
1373 	CPUSET_DEL(mp_cpus, bootcpuid);
1374 	CPUSET_ADD(cpu_ready_set, bootcpuid);
1375 
1376 	/*
1377 	 * if only 1 cpu or not using MP, skip the rest of this
1378 	 */
1379 	if (CPUSET_ISNULL(mp_cpus) || use_mp == 0) {
1380 		if (use_mp == 0)
1381 			cmn_err(CE_CONT, "?***** Not in MP mode\n");
1382 		goto done;
1383 	}
1384 
1385 	/*
1386 	 * perform such initialization as is needed
1387 	 * to be able to take CPUs on- and off-line.
1388 	 */
1389 	cpu_pause_init();
1390 
1391 	xc_init_cpu(CPU);		/* initialize processor crosscalls */
1392 
1393 	if (mach_cpucontext_init() != 0)
1394 		goto done;
1395 
1396 	flushes_require_xcalls = 1;
1397 
1398 	/*
1399 	 * We lock our affinity to the master CPU to ensure that all slave CPUs
1400 	 * do their TSC syncs with the same CPU.
1401 	 */
1402 	affinity_set(CPU_CURRENT);
1403 
1404 	for (who = 0; who < NCPU; who++) {
1405 
1406 		if (!CPU_IN_SET(mp_cpus, who))
1407 			continue;
1408 		ASSERT(who != bootcpuid);
1409 		if (ncpus >= max_ncpus) {
1410 			skipped = who;
1411 			continue;
1412 		}
1413 		if (start_cpu(who) != 0)
1414 			CPUSET_DEL(mp_cpus, who);
1415 
1416 		mutex_enter(&cpu_lock);
1417 		cpu_state_change_notify(who, CPU_SETUP);
1418 		mutex_exit(&cpu_lock);
1419 	}
1420 
1421 	/* Free the space allocated to hold the microcode file */
1422 	ucode_cleanup();
1423 
1424 	affinity_clear();
1425 
1426 	if (skipped) {
1427 		cmn_err(CE_NOTE,
1428 		    "System detected %d cpus, but "
1429 		    "only %d cpu(s) were enabled during boot.",
1430 		    skipped + 1, ncpus);
1431 		cmn_err(CE_NOTE,
1432 		    "Use \"boot-ncpus\" parameter to enable more CPU(s). "
1433 		    "See eeprom(1M).");
1434 	}
1435 
1436 done:
1437 	workaround_errata_end();
1438 	mach_cpucontext_fini();
1439 
1440 	cmi_post_mpstartup();
1441 }
1442 
1443 /*
1444  * Dummy functions - no i86pc platforms support dynamic cpu allocation.
1445  */
1446 /*ARGSUSED*/
1447 int
1448 mp_cpu_configure(int cpuid)
1449 {
1450 	return (ENOTSUP);		/* not supported */
1451 }
1452 
1453 /*ARGSUSED*/
1454 int
1455 mp_cpu_unconfigure(int cpuid)
1456 {
1457 	return (ENOTSUP);		/* not supported */
1458 }
1459 
1460 /*
1461  * Startup function for 'other' CPUs (besides boot cpu).
1462  * Called from real_mode_start.
1463  *
1464  * WARNING: until CPU_READY is set, mp_startup and routines called by
1465  * mp_startup should not call routines (e.g. kmem_free) that could call
1466  * hat_unload which requires CPU_READY to be set.
1467  */
1468 void
1469 mp_startup(void)
1470 {
1471 	struct cpu *cp = CPU;
1472 	uint_t new_x86_feature;
1473 	extern void cpu_event_init_cpu(cpu_t *);
1474 #ifndef __xpv
1475 	extern void cpupm_init(cpu_t *);
1476 #endif
1477 	const char *fmt = "?cpu%d: %b\n";
1478 
1479 	/*
1480 	 * We need to get TSC on this proc synced (i.e., any delta
1481 	 * from cpu0 accounted for) as soon as we can, because many
1482 	 * many things use gethrtime/pc_gethrestime, including
1483 	 * interrupts, cmn_err, etc.
1484 	 */
1485 
1486 	/* Let cpu0 continue into tsc_sync_master() */
1487 	CPUSET_ATOMIC_ADD(procset, cp->cpu_id);
1488 
1489 #ifndef __xpv
1490 	if (tsc_gethrtime_enable)
1491 		tsc_sync_slave();
1492 #endif
1493 
1494 	/*
1495 	 * Once this was done from assembly, but it's safer here; if
1496 	 * it blocks, we need to be able to swtch() to and from, and
1497 	 * since we get here by calling t_pc, we need to do that call
1498 	 * before swtch() overwrites it.
1499 	 */
1500 	(void) (*ap_mlsetup)();
1501 
1502 	new_x86_feature = cpuid_pass1(cp);
1503 
1504 #ifndef __xpv
1505 	/*
1506 	 * Program this cpu's PAT
1507 	 */
1508 	if (x86_feature & X86_PAT)
1509 		pat_sync();
1510 #endif
1511 
1512 	/*
1513 	 * Set up TSC_AUX to contain the cpuid for this processor
1514 	 * for the rdtscp instruction.
1515 	 */
1516 	if (x86_feature & X86_TSCP)
1517 		(void) wrmsr(MSR_AMD_TSCAUX, cp->cpu_id);
1518 
1519 	/*
1520 	 * Initialize this CPU's syscall handlers
1521 	 */
1522 	init_cpu_syscall(cp);
1523 
1524 	/*
1525 	 * Enable interrupts with spl set to LOCK_LEVEL. LOCK_LEVEL is the
1526 	 * highest level at which a routine is permitted to block on
1527 	 * an adaptive mutex (allows for cpu poke interrupt in case
1528 	 * the cpu is blocked on a mutex and halts). Setting LOCK_LEVEL blocks
1529 	 * device interrupts that may end up in the hat layer issuing cross
1530 	 * calls before CPU_READY is set.
1531 	 */
1532 	splx(ipltospl(LOCK_LEVEL));
1533 	sti();
1534 
1535 	/*
1536 	 * Do a sanity check to make sure this new CPU is a sane thing
1537 	 * to add to the collection of processors running this system.
1538 	 *
1539 	 * XXX	Clearly this needs to get more sophisticated, if x86
1540 	 * systems start to get built out of heterogenous CPUs; as is
1541 	 * likely to happen once the number of processors in a configuration
1542 	 * gets large enough.
1543 	 */
1544 	if ((x86_feature & new_x86_feature) != x86_feature) {
1545 		cmn_err(CE_CONT, fmt, cp->cpu_id, new_x86_feature,
1546 		    FMT_X86_FEATURE);
1547 		cmn_err(CE_WARN, "cpu%d feature mismatch", cp->cpu_id);
1548 	}
1549 
1550 	/*
1551 	 * We do not support cpus with mixed monitor/mwait support if the
1552 	 * boot cpu supports monitor/mwait.
1553 	 */
1554 	if ((x86_feature & ~new_x86_feature) & X86_MWAIT)
1555 		panic("unsupported mixed cpu monitor/mwait support detected");
1556 
1557 	/*
1558 	 * We could be more sophisticated here, and just mark the CPU
1559 	 * as "faulted" but at this point we'll opt for the easier
1560 	 * answer of dying horribly.  Provided the boot cpu is ok,
1561 	 * the system can be recovered by booting with use_mp set to zero.
1562 	 */
1563 	if (workaround_errata(cp) != 0)
1564 		panic("critical workaround(s) missing for cpu%d", cp->cpu_id);
1565 
1566 	cpuid_pass2(cp);
1567 	cpuid_pass3(cp);
1568 	(void) cpuid_pass4(cp);
1569 
1570 	init_cpu_info(cp);
1571 
1572 	mutex_enter(&cpu_lock);
1573 
1574 	cp->cpu_flags |= CPU_RUNNING | CPU_READY | CPU_EXISTS;
1575 
1576 	cmn_err(CE_CONT, "?cpu%d: %s\n", cp->cpu_id, cp->cpu_idstr);
1577 	cmn_err(CE_CONT, "?cpu%d: %s\n", cp->cpu_id, cp->cpu_brandstr);
1578 
1579 	if (dtrace_cpu_init != NULL) {
1580 		(*dtrace_cpu_init)(cp->cpu_id);
1581 	}
1582 
1583 	/*
1584 	 * Fill out cpu_ucode_info.  Update microcode if necessary.
1585 	 */
1586 	ucode_check(cp);
1587 
1588 	mutex_exit(&cpu_lock);
1589 
1590 	post_startup_cpu_fixups();
1591 
1592 	/*
1593 	 * Enable preemption here so that contention for any locks acquired
1594 	 * later in mp_startup may be preempted if the thread owning those
1595 	 * locks is continuously executing on other CPUs (for example, this
1596 	 * CPU must be preemptible to allow other CPUs to pause it during their
1597 	 * startup phases).  It's safe to enable preemption here because the
1598 	 * CPU state is pretty-much fully constructed.
1599 	 */
1600 	curthread->t_preempt = 0;
1601 
1602 	/* The base spl should still be at LOCK LEVEL here */
1603 	ASSERT(cp->cpu_base_spl == ipltospl(LOCK_LEVEL));
1604 	set_base_spl();		/* Restore the spl to its proper value */
1605 
1606 	cpu_event_init_cpu(cp);
1607 #ifndef __xpv
1608 	cpupm_init(cp);
1609 #endif
1610 
1611 	/*
1612 	 * Processor group initialization for this CPU is dependent on the
1613 	 * cpuid probing, which must be done in the context of the current
1614 	 * CPU, as well as the CPU's device node initialization (for ACPI).
1615 	 */
1616 	mutex_enter(&cpu_lock);
1617 	pghw_physid_create(cp);
1618 	pg_cpu_init(cp);
1619 	pg_cmt_cpu_startup(cp);
1620 	mutex_exit(&cpu_lock);
1621 
1622 	/* Enable interrupts */
1623 	(void) spl0();
1624 
1625 	mutex_enter(&cpu_lock);
1626 	cpu_enable_intr(cp);
1627 	cpu_add_active(cp);
1628 	mutex_exit(&cpu_lock);
1629 
1630 #ifndef __xpv
1631 	{
1632 		/*
1633 		 * Set up the CPU module for this CPU.  This can't be done
1634 		 * before this CPU is made CPU_READY, because we may (in
1635 		 * heterogeneous systems) need to go load another CPU module.
1636 		 * The act of attempting to load a module may trigger a
1637 		 * cross-call, which will ASSERT unless this cpu is CPU_READY.
1638 		 */
1639 		cmi_hdl_t hdl;
1640 
1641 		if ((hdl = cmi_init(CMI_HDL_NATIVE, cmi_ntv_hwchipid(CPU),
1642 		    cmi_ntv_hwcoreid(CPU), cmi_ntv_hwstrandid(CPU))) != NULL) {
1643 			if (x86_feature & X86_MCA)
1644 				cmi_mca_init(hdl);
1645 		}
1646 	}
1647 #endif /* __xpv */
1648 
1649 	if (boothowto & RB_DEBUG)
1650 		kdi_cpu_init();
1651 
1652 	/*
1653 	 * Setting the bit in cpu_ready_set must be the last operation in
1654 	 * processor initialization; the boot CPU will continue to boot once
1655 	 * it sees this bit set for all active CPUs.
1656 	 */
1657 	CPUSET_ATOMIC_ADD(cpu_ready_set, cp->cpu_id);
1658 
1659 	/*
1660 	 * Because mp_startup() gets fired off after init() starts, we
1661 	 * can't use the '?' trick to do 'boot -v' printing - so we
1662 	 * always direct the 'cpu .. online' messages to the log.
1663 	 */
1664 	cmn_err(CE_CONT, "!cpu%d initialization complete - online\n",
1665 	    cp->cpu_id);
1666 
1667 	(void) mach_cpu_create_device_node(cp, NULL);
1668 
1669 	/*
1670 	 * Now we are done with the startup thread, so free it up.
1671 	 */
1672 	thread_exit();
1673 	panic("mp_startup: cannot return");
1674 	/*NOTREACHED*/
1675 }
1676 
1677 
1678 /*
1679  * Start CPU on user request.
1680  */
1681 /* ARGSUSED */
1682 int
1683 mp_cpu_start(struct cpu *cp)
1684 {
1685 	ASSERT(MUTEX_HELD(&cpu_lock));
1686 	return (0);
1687 }
1688 
1689 /*
1690  * Stop CPU on user request.
1691  */
1692 /* ARGSUSED */
1693 int
1694 mp_cpu_stop(struct cpu *cp)
1695 {
1696 	extern int cbe_psm_timer_mode;
1697 	ASSERT(MUTEX_HELD(&cpu_lock));
1698 
1699 #ifdef __xpv
1700 	/*
1701 	 * We can't offline vcpu0.
1702 	 */
1703 	if (cp->cpu_id == 0)
1704 		return (EBUSY);
1705 #endif
1706 
1707 	/*
1708 	 * If TIMER_PERIODIC mode is used, CPU0 is the one running it;
1709 	 * can't stop it.  (This is true only for machines with no TSC.)
1710 	 */
1711 
1712 	if ((cbe_psm_timer_mode == TIMER_PERIODIC) && (cp->cpu_id == 0))
1713 		return (EBUSY);
1714 
1715 	return (0);
1716 }
1717 
1718 /*
1719  * Take the specified CPU out of participation in interrupts.
1720  */
1721 int
1722 cpu_disable_intr(struct cpu *cp)
1723 {
1724 	if (psm_disable_intr(cp->cpu_id) != DDI_SUCCESS)
1725 		return (EBUSY);
1726 
1727 	cp->cpu_flags &= ~CPU_ENABLE;
1728 	return (0);
1729 }
1730 
1731 /*
1732  * Allow the specified CPU to participate in interrupts.
1733  */
1734 void
1735 cpu_enable_intr(struct cpu *cp)
1736 {
1737 	ASSERT(MUTEX_HELD(&cpu_lock));
1738 	cp->cpu_flags |= CPU_ENABLE;
1739 	psm_enable_intr(cp->cpu_id);
1740 }
1741 
1742 
1743 /*ARGSUSED*/
1744 void
1745 mp_cpu_faulted_enter(struct cpu *cp)
1746 {
1747 #ifndef __xpv
1748 	cmi_hdl_t hdl = cmi_hdl_lookup(CMI_HDL_NATIVE, cmi_ntv_hwchipid(cp),
1749 	    cmi_ntv_hwcoreid(cp), cmi_ntv_hwstrandid(cp));
1750 
1751 	if (hdl != NULL) {
1752 		cmi_faulted_enter(hdl);
1753 		cmi_hdl_rele(hdl);
1754 	}
1755 #endif
1756 }
1757 
1758 /*ARGSUSED*/
1759 void
1760 mp_cpu_faulted_exit(struct cpu *cp)
1761 {
1762 #ifndef __xpv
1763 	cmi_hdl_t hdl = cmi_hdl_lookup(CMI_HDL_NATIVE, cmi_ntv_hwchipid(cp),
1764 	    cmi_ntv_hwcoreid(cp), cmi_ntv_hwstrandid(cp));
1765 
1766 	if (hdl != NULL) {
1767 		cmi_faulted_exit(hdl);
1768 		cmi_hdl_rele(hdl);
1769 	}
1770 #endif
1771 }
1772 
1773 /*
1774  * The following two routines are used as context operators on threads belonging
1775  * to processes with a private LDT (see sysi86).  Due to the rarity of such
1776  * processes, these routines are currently written for best code readability and
1777  * organization rather than speed.  We could avoid checking x86_feature at every
1778  * context switch by installing different context ops, depending on the
1779  * x86_feature flags, at LDT creation time -- one for each combination of fast
1780  * syscall feature flags.
1781  */
1782 
1783 /*ARGSUSED*/
1784 void
1785 cpu_fast_syscall_disable(void *arg)
1786 {
1787 	if ((x86_feature & (X86_MSR | X86_SEP)) == (X86_MSR | X86_SEP))
1788 		cpu_sep_disable();
1789 	if ((x86_feature & (X86_MSR | X86_ASYSC)) == (X86_MSR | X86_ASYSC))
1790 		cpu_asysc_disable();
1791 }
1792 
1793 /*ARGSUSED*/
1794 void
1795 cpu_fast_syscall_enable(void *arg)
1796 {
1797 	if ((x86_feature & (X86_MSR | X86_SEP)) == (X86_MSR | X86_SEP))
1798 		cpu_sep_enable();
1799 	if ((x86_feature & (X86_MSR | X86_ASYSC)) == (X86_MSR | X86_ASYSC))
1800 		cpu_asysc_enable();
1801 }
1802 
1803 static void
1804 cpu_sep_enable(void)
1805 {
1806 	ASSERT(x86_feature & X86_SEP);
1807 	ASSERT(curthread->t_preempt || getpil() >= LOCK_LEVEL);
1808 
1809 	wrmsr(MSR_INTC_SEP_CS, (uint64_t)(uintptr_t)KCS_SEL);
1810 }
1811 
1812 static void
1813 cpu_sep_disable(void)
1814 {
1815 	ASSERT(x86_feature & X86_SEP);
1816 	ASSERT(curthread->t_preempt || getpil() >= LOCK_LEVEL);
1817 
1818 	/*
1819 	 * Setting the SYSENTER_CS_MSR register to 0 causes software executing
1820 	 * the sysenter or sysexit instruction to trigger a #gp fault.
1821 	 */
1822 	wrmsr(MSR_INTC_SEP_CS, 0);
1823 }
1824 
1825 static void
1826 cpu_asysc_enable(void)
1827 {
1828 	ASSERT(x86_feature & X86_ASYSC);
1829 	ASSERT(curthread->t_preempt || getpil() >= LOCK_LEVEL);
1830 
1831 	wrmsr(MSR_AMD_EFER, rdmsr(MSR_AMD_EFER) |
1832 	    (uint64_t)(uintptr_t)AMD_EFER_SCE);
1833 }
1834 
1835 static void
1836 cpu_asysc_disable(void)
1837 {
1838 	ASSERT(x86_feature & X86_ASYSC);
1839 	ASSERT(curthread->t_preempt || getpil() >= LOCK_LEVEL);
1840 
1841 	/*
1842 	 * Turn off the SCE (syscall enable) bit in the EFER register. Software
1843 	 * executing syscall or sysret with this bit off will incur a #ud trap.
1844 	 */
1845 	wrmsr(MSR_AMD_EFER, rdmsr(MSR_AMD_EFER) &
1846 	    ~((uint64_t)(uintptr_t)AMD_EFER_SCE));
1847 }
1848