xref: /titanic_50/usr/src/uts/i86pc/os/mp_startup.c (revision d29f5a711240f866521445b1656d114da090335e)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #include <sys/types.h>
28 #include <sys/thread.h>
29 #include <sys/cpuvar.h>
30 #include <sys/t_lock.h>
31 #include <sys/param.h>
32 #include <sys/proc.h>
33 #include <sys/disp.h>
34 #include <sys/class.h>
35 #include <sys/cmn_err.h>
36 #include <sys/debug.h>
37 #include <sys/asm_linkage.h>
38 #include <sys/x_call.h>
39 #include <sys/systm.h>
40 #include <sys/var.h>
41 #include <sys/vtrace.h>
42 #include <vm/hat.h>
43 #include <vm/as.h>
44 #include <vm/seg_kmem.h>
45 #include <vm/seg_kp.h>
46 #include <sys/segments.h>
47 #include <sys/kmem.h>
48 #include <sys/stack.h>
49 #include <sys/smp_impldefs.h>
50 #include <sys/x86_archext.h>
51 #include <sys/machsystm.h>
52 #include <sys/traptrace.h>
53 #include <sys/clock.h>
54 #include <sys/cpc_impl.h>
55 #include <sys/pg.h>
56 #include <sys/cmt.h>
57 #include <sys/dtrace.h>
58 #include <sys/archsystm.h>
59 #include <sys/fp.h>
60 #include <sys/reboot.h>
61 #include <sys/kdi_machimpl.h>
62 #include <vm/hat_i86.h>
63 #include <sys/memnode.h>
64 #include <sys/pci_cfgspace.h>
65 #include <sys/mach_mmu.h>
66 #include <sys/sysmacros.h>
67 #if defined(__xpv)
68 #include <sys/hypervisor.h>
69 #endif
70 #include <sys/cpu_module.h>
71 
72 struct cpu	cpus[1];			/* CPU data */
73 struct cpu	*cpu[NCPU] = {&cpus[0]};	/* pointers to all CPUs */
74 cpu_core_t	cpu_core[NCPU];			/* cpu_core structures */
75 
76 /*
77  * Useful for disabling MP bring-up on a MP capable system.
78  */
79 int use_mp = 1;
80 
81 /*
82  * to be set by a PSM to indicate what cpus
83  * are sitting around on the system.
84  */
85 cpuset_t mp_cpus;
86 
87 /*
88  * This variable is used by the hat layer to decide whether or not
89  * critical sections are needed to prevent race conditions.  For sun4m,
90  * this variable is set once enough MP initialization has been done in
91  * order to allow cross calls.
92  */
93 int flushes_require_xcalls;
94 
95 cpuset_t cpu_ready_set;		/* initialized in startup() */
96 
97 static 	void	mp_startup(void);
98 
99 static void cpu_sep_enable(void);
100 static void cpu_sep_disable(void);
101 static void cpu_asysc_enable(void);
102 static void cpu_asysc_disable(void);
103 
104 /*
105  * Init CPU info - get CPU type info for processor_info system call.
106  */
107 void
108 init_cpu_info(struct cpu *cp)
109 {
110 	processor_info_t *pi = &cp->cpu_type_info;
111 	char buf[CPU_IDSTRLEN];
112 
113 	/*
114 	 * Get clock-frequency property for the CPU.
115 	 */
116 	pi->pi_clock = cpu_freq;
117 
118 	/*
119 	 * Current frequency in Hz.
120 	 */
121 	cp->cpu_curr_clock = cpu_freq_hz;
122 
123 	/*
124 	 * Supported frequencies.
125 	 */
126 	cpu_set_supp_freqs(cp, NULL);
127 
128 	(void) strcpy(pi->pi_processor_type, "i386");
129 	if (fpu_exists)
130 		(void) strcpy(pi->pi_fputypes, "i387 compatible");
131 
132 	(void) cpuid_getidstr(cp, buf, sizeof (buf));
133 
134 	cp->cpu_idstr = kmem_alloc(strlen(buf) + 1, KM_SLEEP);
135 	(void) strcpy(cp->cpu_idstr, buf);
136 
137 	cmn_err(CE_CONT, "?cpu%d: %s\n", cp->cpu_id, cp->cpu_idstr);
138 
139 	(void) cpuid_getbrandstr(cp, buf, sizeof (buf));
140 	cp->cpu_brandstr = kmem_alloc(strlen(buf) + 1, KM_SLEEP);
141 	(void) strcpy(cp->cpu_brandstr, buf);
142 
143 	cmn_err(CE_CONT, "?cpu%d: %s\n", cp->cpu_id, cp->cpu_brandstr);
144 }
145 
146 /*
147  * Configure syscall support on this CPU.
148  */
149 /*ARGSUSED*/
150 void
151 init_cpu_syscall(struct cpu *cp)
152 {
153 	kpreempt_disable();
154 
155 #if defined(__amd64)
156 	if ((x86_feature & (X86_MSR | X86_ASYSC)) == (X86_MSR | X86_ASYSC)) {
157 
158 #if !defined(__lint)
159 		/*
160 		 * The syscall instruction imposes a certain ordering on
161 		 * segment selectors, so we double-check that ordering
162 		 * here.
163 		 */
164 		ASSERT(KDS_SEL == KCS_SEL + 8);
165 		ASSERT(UDS_SEL == U32CS_SEL + 8);
166 		ASSERT(UCS_SEL == U32CS_SEL + 16);
167 #endif
168 		/*
169 		 * Turn syscall/sysret extensions on.
170 		 */
171 		cpu_asysc_enable();
172 
173 		/*
174 		 * Program the magic registers ..
175 		 */
176 		wrmsr(MSR_AMD_STAR,
177 		    ((uint64_t)(U32CS_SEL << 16 | KCS_SEL)) << 32);
178 		wrmsr(MSR_AMD_LSTAR, (uint64_t)(uintptr_t)sys_syscall);
179 		wrmsr(MSR_AMD_CSTAR, (uint64_t)(uintptr_t)sys_syscall32);
180 
181 		/*
182 		 * This list of flags is masked off the incoming
183 		 * %rfl when we enter the kernel.
184 		 */
185 		wrmsr(MSR_AMD_SFMASK, (uint64_t)(uintptr_t)(PS_IE | PS_T));
186 	}
187 #endif
188 
189 	/*
190 	 * On 32-bit kernels, we use sysenter/sysexit because it's too
191 	 * hard to use syscall/sysret, and it is more portable anyway.
192 	 *
193 	 * On 64-bit kernels on Nocona machines, the 32-bit syscall
194 	 * variant isn't available to 32-bit applications, but sysenter is.
195 	 */
196 	if ((x86_feature & (X86_MSR | X86_SEP)) == (X86_MSR | X86_SEP)) {
197 
198 #if !defined(__lint)
199 		/*
200 		 * The sysenter instruction imposes a certain ordering on
201 		 * segment selectors, so we double-check that ordering
202 		 * here. See "sysenter" in Intel document 245471-012, "IA-32
203 		 * Intel Architecture Software Developer's Manual Volume 2:
204 		 * Instruction Set Reference"
205 		 */
206 		ASSERT(KDS_SEL == KCS_SEL + 8);
207 
208 		ASSERT32(UCS_SEL == ((KCS_SEL + 16) | 3));
209 		ASSERT32(UDS_SEL == UCS_SEL + 8);
210 
211 		ASSERT64(U32CS_SEL == ((KCS_SEL + 16) | 3));
212 		ASSERT64(UDS_SEL == U32CS_SEL + 8);
213 #endif
214 
215 		cpu_sep_enable();
216 
217 		/*
218 		 * resume() sets this value to the base of the threads stack
219 		 * via a context handler.
220 		 */
221 		wrmsr(MSR_INTC_SEP_ESP, 0);
222 		wrmsr(MSR_INTC_SEP_EIP, (uint64_t)(uintptr_t)sys_sysenter);
223 	}
224 
225 	kpreempt_enable();
226 }
227 
228 /*
229  * Multiprocessor initialization.
230  *
231  * Allocate and initialize the cpu structure, TRAPTRACE buffer, and the
232  * startup and idle threads for the specified CPU.
233  */
234 struct cpu *
235 mp_startup_init(int cpun)
236 {
237 	struct cpu *cp;
238 	kthread_id_t tp;
239 	caddr_t	sp;
240 	proc_t *procp;
241 #if !defined(__xpv)
242 	extern int idle_cpu_prefer_mwait;
243 #endif
244 	extern void idle();
245 
246 #ifdef TRAPTRACE
247 	trap_trace_ctl_t *ttc = &trap_trace_ctl[cpun];
248 #endif
249 
250 	ASSERT(cpun < NCPU && cpu[cpun] == NULL);
251 
252 	cp = kmem_zalloc(sizeof (*cp), KM_SLEEP);
253 #if !defined(__xpv)
254 	if ((x86_feature & X86_MWAIT) && idle_cpu_prefer_mwait)
255 		cp->cpu_m.mcpu_mwait = cpuid_mwait_alloc(CPU);
256 #endif
257 
258 	procp = curthread->t_procp;
259 
260 	mutex_enter(&cpu_lock);
261 	/*
262 	 * Initialize the dispatcher first.
263 	 */
264 	disp_cpu_init(cp);
265 	mutex_exit(&cpu_lock);
266 
267 	cpu_vm_data_init(cp);
268 
269 	/*
270 	 * Allocate and initialize the startup thread for this CPU.
271 	 * Interrupt and process switch stacks get allocated later
272 	 * when the CPU starts running.
273 	 */
274 	tp = thread_create(NULL, 0, NULL, NULL, 0, procp,
275 	    TS_STOPPED, maxclsyspri);
276 
277 	/*
278 	 * Set state to TS_ONPROC since this thread will start running
279 	 * as soon as the CPU comes online.
280 	 *
281 	 * All the other fields of the thread structure are setup by
282 	 * thread_create().
283 	 */
284 	THREAD_ONPROC(tp, cp);
285 	tp->t_preempt = 1;
286 	tp->t_bound_cpu = cp;
287 	tp->t_affinitycnt = 1;
288 	tp->t_cpu = cp;
289 	tp->t_disp_queue = cp->cpu_disp;
290 
291 	/*
292 	 * Setup thread to start in mp_startup.
293 	 */
294 	sp = tp->t_stk;
295 	tp->t_pc = (uintptr_t)mp_startup;
296 	tp->t_sp = (uintptr_t)(sp - MINFRAME);
297 #if defined(__amd64)
298 	tp->t_sp -= STACK_ENTRY_ALIGN;		/* fake a call */
299 #endif
300 
301 	cp->cpu_id = cpun;
302 	cp->cpu_self = cp;
303 	cp->cpu_thread = tp;
304 	cp->cpu_lwp = NULL;
305 	cp->cpu_dispthread = tp;
306 	cp->cpu_dispatch_pri = DISP_PRIO(tp);
307 
308 	/*
309 	 * cpu_base_spl must be set explicitly here to prevent any blocking
310 	 * operations in mp_startup from causing the spl of the cpu to drop
311 	 * to 0 (allowing device interrupts before we're ready) in resume().
312 	 * cpu_base_spl MUST remain at LOCK_LEVEL until the cpu is CPU_READY.
313 	 * As an extra bit of security on DEBUG kernels, this is enforced with
314 	 * an assertion in mp_startup() -- before cpu_base_spl is set to its
315 	 * proper value.
316 	 */
317 	cp->cpu_base_spl = ipltospl(LOCK_LEVEL);
318 
319 	/*
320 	 * Now, initialize per-CPU idle thread for this CPU.
321 	 */
322 	tp = thread_create(NULL, PAGESIZE, idle, NULL, 0, procp, TS_ONPROC, -1);
323 
324 	cp->cpu_idle_thread = tp;
325 
326 	tp->t_preempt = 1;
327 	tp->t_bound_cpu = cp;
328 	tp->t_affinitycnt = 1;
329 	tp->t_cpu = cp;
330 	tp->t_disp_queue = cp->cpu_disp;
331 
332 	/*
333 	 * Bootstrap the CPU's PG data
334 	 */
335 	pg_cpu_bootstrap(cp);
336 
337 	/*
338 	 * Perform CPC initialization on the new CPU.
339 	 */
340 	kcpc_hw_init(cp);
341 
342 	/*
343 	 * Allocate virtual addresses for cpu_caddr1 and cpu_caddr2
344 	 * for each CPU.
345 	 */
346 	setup_vaddr_for_ppcopy(cp);
347 
348 	/*
349 	 * Allocate page for new GDT and initialize from current GDT.
350 	 */
351 #if !defined(__lint)
352 	ASSERT((sizeof (*cp->cpu_gdt) * NGDT) <= PAGESIZE);
353 #endif
354 	cp->cpu_gdt = kmem_zalloc(PAGESIZE, KM_SLEEP);
355 	bcopy(CPU->cpu_gdt, cp->cpu_gdt, (sizeof (*cp->cpu_gdt) * NGDT));
356 
357 #if defined(__i386)
358 	/*
359 	 * setup kernel %gs.
360 	 */
361 	set_usegd(&cp->cpu_gdt[GDT_GS], cp, sizeof (struct cpu) -1, SDT_MEMRWA,
362 	    SEL_KPL, 0, 1);
363 #endif
364 
365 	/*
366 	 * If we have more than one node, each cpu gets a copy of IDT
367 	 * local to its node. If this is a Pentium box, we use cpu 0's
368 	 * IDT. cpu 0's IDT has been made read-only to workaround the
369 	 * cmpxchgl register bug
370 	 */
371 	if (system_hardware.hd_nodes && x86_type != X86_TYPE_P5) {
372 #if !defined(__lint)
373 		ASSERT((sizeof (*CPU->cpu_idt) * NIDT) <= PAGESIZE);
374 #endif
375 		cp->cpu_idt = kmem_zalloc(PAGESIZE, KM_SLEEP);
376 		bcopy(CPU->cpu_idt, cp->cpu_idt, PAGESIZE);
377 	} else {
378 		cp->cpu_idt = CPU->cpu_idt;
379 	}
380 
381 	/*
382 	 * Get interrupt priority data from cpu 0.
383 	 */
384 	cp->cpu_pri_data = CPU->cpu_pri_data;
385 
386 	/*
387 	 * alloc space for cpuid info
388 	 */
389 	cpuid_alloc_space(cp);
390 
391 	/*
392 	 * alloc space for ucode_info
393 	 */
394 	ucode_alloc_space(cp);
395 
396 	hat_cpu_online(cp);
397 
398 #ifdef TRAPTRACE
399 	/*
400 	 * If this is a TRAPTRACE kernel, allocate TRAPTRACE buffers
401 	 */
402 	ttc->ttc_first = (uintptr_t)kmem_zalloc(trap_trace_bufsize, KM_SLEEP);
403 	ttc->ttc_next = ttc->ttc_first;
404 	ttc->ttc_limit = ttc->ttc_first + trap_trace_bufsize;
405 #endif
406 	/*
407 	 * Record that we have another CPU.
408 	 */
409 	mutex_enter(&cpu_lock);
410 	/*
411 	 * Initialize the interrupt threads for this CPU
412 	 */
413 	cpu_intr_alloc(cp, NINTR_THREADS);
414 	/*
415 	 * Add CPU to list of available CPUs.  It'll be on the active list
416 	 * after mp_startup().
417 	 */
418 	cpu_add_unit(cp);
419 	mutex_exit(&cpu_lock);
420 
421 	return (cp);
422 }
423 
424 /*
425  * Undo what was done in mp_startup_init
426  */
427 static void
428 mp_startup_fini(struct cpu *cp, int error)
429 {
430 	mutex_enter(&cpu_lock);
431 
432 	/*
433 	 * Remove the CPU from the list of available CPUs.
434 	 */
435 	cpu_del_unit(cp->cpu_id);
436 
437 	if (error == ETIMEDOUT) {
438 		/*
439 		 * The cpu was started, but never *seemed* to run any
440 		 * code in the kernel; it's probably off spinning in its
441 		 * own private world, though with potential references to
442 		 * our kmem-allocated IDTs and GDTs (for example).
443 		 *
444 		 * Worse still, it may actually wake up some time later,
445 		 * so rather than guess what it might or might not do, we
446 		 * leave the fundamental data structures intact.
447 		 */
448 		cp->cpu_flags = 0;
449 		mutex_exit(&cpu_lock);
450 		return;
451 	}
452 
453 	/*
454 	 * At this point, the only threads bound to this CPU should
455 	 * special per-cpu threads: it's idle thread, it's pause threads,
456 	 * and it's interrupt threads.  Clean these up.
457 	 */
458 	cpu_destroy_bound_threads(cp);
459 	cp->cpu_idle_thread = NULL;
460 
461 	/*
462 	 * Free the interrupt stack.
463 	 */
464 	segkp_release(segkp,
465 	    cp->cpu_intr_stack - (INTR_STACK_SIZE - SA(MINFRAME)));
466 
467 	mutex_exit(&cpu_lock);
468 
469 #ifdef TRAPTRACE
470 	/*
471 	 * Discard the trap trace buffer
472 	 */
473 	{
474 		trap_trace_ctl_t *ttc = &trap_trace_ctl[cp->cpu_id];
475 
476 		kmem_free((void *)ttc->ttc_first, trap_trace_bufsize);
477 		ttc->ttc_first = NULL;
478 	}
479 #endif
480 
481 	hat_cpu_offline(cp);
482 
483 	cpuid_free_space(cp);
484 
485 	ucode_free_space(cp);
486 
487 	if (cp->cpu_idt != CPU->cpu_idt)
488 		kmem_free(cp->cpu_idt, PAGESIZE);
489 	cp->cpu_idt = NULL;
490 
491 	kmem_free(cp->cpu_gdt, PAGESIZE);
492 	cp->cpu_gdt = NULL;
493 
494 	teardown_vaddr_for_ppcopy(cp);
495 
496 	kcpc_hw_fini(cp);
497 
498 	cp->cpu_dispthread = NULL;
499 	cp->cpu_thread = NULL;	/* discarded by cpu_destroy_bound_threads() */
500 
501 	cpu_vm_data_destroy(cp);
502 
503 	mutex_enter(&cpu_lock);
504 	disp_cpu_fini(cp);
505 	mutex_exit(&cpu_lock);
506 
507 #if !defined(__xpv)
508 	if (cp->cpu_m.mcpu_mwait != NULL)
509 		cpuid_mwait_free(cp);
510 #endif
511 	kmem_free(cp, sizeof (*cp));
512 }
513 
514 /*
515  * Apply workarounds for known errata, and warn about those that are absent.
516  *
517  * System vendors occasionally create configurations which contain different
518  * revisions of the CPUs that are almost but not exactly the same.  At the
519  * time of writing, this meant that their clock rates were the same, their
520  * feature sets were the same, but the required workaround were -not-
521  * necessarily the same.  So, this routine is invoked on -every- CPU soon
522  * after starting to make sure that the resulting system contains the most
523  * pessimal set of workarounds needed to cope with *any* of the CPUs in the
524  * system.
525  *
526  * workaround_errata is invoked early in mlsetup() for CPU 0, and in
527  * mp_startup() for all slave CPUs. Slaves process workaround_errata prior
528  * to acknowledging their readiness to the master, so this routine will
529  * never be executed by multiple CPUs in parallel, thus making updates to
530  * global data safe.
531  *
532  * These workarounds are based on Rev 3.57 of the Revision Guide for
533  * AMD Athlon(tm) 64 and AMD Opteron(tm) Processors, August 2005.
534  */
535 
536 #if defined(OPTERON_ERRATUM_88)
537 int opteron_erratum_88;		/* if non-zero -> at least one cpu has it */
538 #endif
539 
540 #if defined(OPTERON_ERRATUM_91)
541 int opteron_erratum_91;		/* if non-zero -> at least one cpu has it */
542 #endif
543 
544 #if defined(OPTERON_ERRATUM_93)
545 int opteron_erratum_93;		/* if non-zero -> at least one cpu has it */
546 #endif
547 
548 #if defined(OPTERON_ERRATUM_95)
549 int opteron_erratum_95;		/* if non-zero -> at least one cpu has it */
550 #endif
551 
552 #if defined(OPTERON_ERRATUM_100)
553 int opteron_erratum_100;	/* if non-zero -> at least one cpu has it */
554 #endif
555 
556 #if defined(OPTERON_ERRATUM_108)
557 int opteron_erratum_108;	/* if non-zero -> at least one cpu has it */
558 #endif
559 
560 #if defined(OPTERON_ERRATUM_109)
561 int opteron_erratum_109;	/* if non-zero -> at least one cpu has it */
562 #endif
563 
564 #if defined(OPTERON_ERRATUM_121)
565 int opteron_erratum_121;	/* if non-zero -> at least one cpu has it */
566 #endif
567 
568 #if defined(OPTERON_ERRATUM_122)
569 int opteron_erratum_122;	/* if non-zero -> at least one cpu has it */
570 #endif
571 
572 #if defined(OPTERON_ERRATUM_123)
573 int opteron_erratum_123;	/* if non-zero -> at least one cpu has it */
574 #endif
575 
576 #if defined(OPTERON_ERRATUM_131)
577 int opteron_erratum_131;	/* if non-zero -> at least one cpu has it */
578 #endif
579 
580 #if defined(OPTERON_WORKAROUND_6336786)
581 int opteron_workaround_6336786;	/* non-zero -> WA relevant and applied */
582 int opteron_workaround_6336786_UP = 0;	/* Not needed for UP */
583 #endif
584 
585 #if defined(OPTERON_WORKAROUND_6323525)
586 int opteron_workaround_6323525;	/* if non-zero -> at least one cpu has it */
587 #endif
588 
589 #if defined(OPTERON_ERRATUM_298)
590 int opteron_erratum_298;
591 #endif
592 
593 static void
594 workaround_warning(cpu_t *cp, uint_t erratum)
595 {
596 	cmn_err(CE_WARN, "cpu%d: no workaround for erratum %u",
597 	    cp->cpu_id, erratum);
598 }
599 
600 static void
601 workaround_applied(uint_t erratum)
602 {
603 	if (erratum > 1000000)
604 		cmn_err(CE_CONT, "?workaround applied for cpu issue #%d\n",
605 		    erratum);
606 	else
607 		cmn_err(CE_CONT, "?workaround applied for cpu erratum #%d\n",
608 		    erratum);
609 }
610 
611 static void
612 msr_warning(cpu_t *cp, const char *rw, uint_t msr, int error)
613 {
614 	cmn_err(CE_WARN, "cpu%d: couldn't %smsr 0x%x, error %d",
615 	    cp->cpu_id, rw, msr, error);
616 }
617 
618 /*
619  * Determine the number of nodes in an Opteron / Greyhound family system.
620  */
621 static uint_t
622 opteron_get_nnodes(void)
623 {
624 	static uint_t nnodes = 0;
625 
626 #ifdef	DEBUG
627 	uint_t family;
628 
629 	family = cpuid_getfamily(CPU);
630 	ASSERT(family == 0xf || family == 0x10);
631 #endif	/* DEBUG */
632 
633 	if (nnodes == 0) {
634 		/*
635 		 * Obtain the number of nodes in the system from
636 		 * bits [6:4] of the Node ID register on node 0.
637 		 *
638 		 * The actual node count is NodeID[6:4] + 1
639 		 *
640 		 * The Node ID register is accessed via function 0,
641 		 * offset 0x60. Node 0 is device 24.
642 		 */
643 		nnodes = ((pci_getl_func(0, 24, 0, 0x60) & 0x70) >> 4) + 1;
644 	}
645 	return (nnodes);
646 }
647 
648 #if defined(__xpv)
649 
650 /*
651  * On dom0, we can determine the number of physical cpus on the machine.
652  * This number is important when figuring out what workarounds are
653  * appropriate, so compute it now.
654  */
655 uint_t
656 xen_get_nphyscpus(void)
657 {
658 	static uint_t nphyscpus = 0;
659 
660 	ASSERT(DOMAIN_IS_INITDOMAIN(xen_info));
661 
662 	if (nphyscpus == 0) {
663 		xen_sysctl_t op;
664 		xen_sysctl_physinfo_t *pi = &op.u.physinfo;
665 
666 		op.cmd = XEN_SYSCTL_physinfo;
667 		op.interface_version = XEN_SYSCTL_INTERFACE_VERSION;
668 		if (HYPERVISOR_sysctl(&op) == 0)
669 			nphyscpus = pi->threads_per_core *
670 			    pi->cores_per_socket * pi->sockets_per_node *
671 			    pi->nr_nodes;
672 	}
673 	return (nphyscpus);
674 }
675 #endif
676 
677 uint_t
678 do_erratum_298(struct cpu *cpu)
679 {
680 	static int	osvwrc = -3;
681 	extern int	osvw_opteron_erratum(cpu_t *, uint_t);
682 
683 	/*
684 	 * L2 Eviction May Occur During Processor Operation To Set
685 	 * Accessed or Dirty Bit.
686 	 */
687 	if (osvwrc == -3) {
688 		osvwrc = osvw_opteron_erratum(cpu, 298);
689 	} else {
690 		/* osvw return codes should be consistent for all cpus */
691 		ASSERT(osvwrc == osvw_opteron_erratum(cpu, 298));
692 	}
693 
694 	switch (osvwrc) {
695 	case 0:		/* erratum is not present: do nothing */
696 		break;
697 	case 1:		/* erratum is present: BIOS workaround applied */
698 		/*
699 		 * check if workaround is actually in place and issue warning
700 		 * if not.
701 		 */
702 		if (((rdmsr(MSR_AMD_HWCR) & AMD_HWCR_TLBCACHEDIS) == 0) ||
703 		    ((rdmsr(MSR_AMD_BU_CFG) & AMD_BU_CFG_E298) == 0)) {
704 #if defined(OPTERON_ERRATUM_298)
705 			opteron_erratum_298++;
706 #else
707 			workaround_warning(cpu, 298);
708 			return (1);
709 #endif
710 		}
711 		break;
712 	case -1:	/* cannot determine via osvw: check cpuid */
713 		if ((cpuid_opteron_erratum(cpu, 298) > 0) &&
714 		    (((rdmsr(MSR_AMD_HWCR) & AMD_HWCR_TLBCACHEDIS) == 0) ||
715 		    ((rdmsr(MSR_AMD_BU_CFG) & AMD_BU_CFG_E298) == 0))) {
716 #if defined(OPTERON_ERRATUM_298)
717 			opteron_erratum_298++;
718 #else
719 			workaround_warning(cpu, 298);
720 			return (1);
721 #endif
722 		}
723 		break;
724 	}
725 	return (0);
726 }
727 
728 uint_t
729 workaround_errata(struct cpu *cpu)
730 {
731 	uint_t missing = 0;
732 
733 	ASSERT(cpu == CPU);
734 
735 	/*LINTED*/
736 	if (cpuid_opteron_erratum(cpu, 88) > 0) {
737 		/*
738 		 * SWAPGS May Fail To Read Correct GS Base
739 		 */
740 #if defined(OPTERON_ERRATUM_88)
741 		/*
742 		 * The workaround is an mfence in the relevant assembler code
743 		 */
744 		opteron_erratum_88++;
745 #else
746 		workaround_warning(cpu, 88);
747 		missing++;
748 #endif
749 	}
750 
751 	if (cpuid_opteron_erratum(cpu, 91) > 0) {
752 		/*
753 		 * Software Prefetches May Report A Page Fault
754 		 */
755 #if defined(OPTERON_ERRATUM_91)
756 		/*
757 		 * fix is in trap.c
758 		 */
759 		opteron_erratum_91++;
760 #else
761 		workaround_warning(cpu, 91);
762 		missing++;
763 #endif
764 	}
765 
766 	if (cpuid_opteron_erratum(cpu, 93) > 0) {
767 		/*
768 		 * RSM Auto-Halt Restart Returns to Incorrect RIP
769 		 */
770 #if defined(OPTERON_ERRATUM_93)
771 		/*
772 		 * fix is in trap.c
773 		 */
774 		opteron_erratum_93++;
775 #else
776 		workaround_warning(cpu, 93);
777 		missing++;
778 #endif
779 	}
780 
781 	/*LINTED*/
782 	if (cpuid_opteron_erratum(cpu, 95) > 0) {
783 		/*
784 		 * RET Instruction May Return to Incorrect EIP
785 		 */
786 #if defined(OPTERON_ERRATUM_95)
787 #if defined(_LP64)
788 		/*
789 		 * Workaround this by ensuring that 32-bit user code and
790 		 * 64-bit kernel code never occupy the same address
791 		 * range mod 4G.
792 		 */
793 		if (_userlimit32 > 0xc0000000ul)
794 			*(uintptr_t *)&_userlimit32 = 0xc0000000ul;
795 
796 		/*LINTED*/
797 		ASSERT((uint32_t)COREHEAP_BASE == 0xc0000000u);
798 		opteron_erratum_95++;
799 #endif	/* _LP64 */
800 #else
801 		workaround_warning(cpu, 95);
802 		missing++;
803 #endif
804 	}
805 
806 	if (cpuid_opteron_erratum(cpu, 100) > 0) {
807 		/*
808 		 * Compatibility Mode Branches Transfer to Illegal Address
809 		 */
810 #if defined(OPTERON_ERRATUM_100)
811 		/*
812 		 * fix is in trap.c
813 		 */
814 		opteron_erratum_100++;
815 #else
816 		workaround_warning(cpu, 100);
817 		missing++;
818 #endif
819 	}
820 
821 	/*LINTED*/
822 	if (cpuid_opteron_erratum(cpu, 108) > 0) {
823 		/*
824 		 * CPUID Instruction May Return Incorrect Model Number In
825 		 * Some Processors
826 		 */
827 #if defined(OPTERON_ERRATUM_108)
828 		/*
829 		 * (Our cpuid-handling code corrects the model number on
830 		 * those processors)
831 		 */
832 #else
833 		workaround_warning(cpu, 108);
834 		missing++;
835 #endif
836 	}
837 
838 	/*LINTED*/
839 	if (cpuid_opteron_erratum(cpu, 109) > 0) do {
840 		/*
841 		 * Certain Reverse REP MOVS May Produce Unpredictable Behaviour
842 		 */
843 #if defined(OPTERON_ERRATUM_109)
844 		/*
845 		 * The "workaround" is to print a warning to upgrade the BIOS
846 		 */
847 		uint64_t value;
848 		const uint_t msr = MSR_AMD_PATCHLEVEL;
849 		int err;
850 
851 		if ((err = checked_rdmsr(msr, &value)) != 0) {
852 			msr_warning(cpu, "rd", msr, err);
853 			workaround_warning(cpu, 109);
854 			missing++;
855 		}
856 		if (value == 0)
857 			opteron_erratum_109++;
858 #else
859 		workaround_warning(cpu, 109);
860 		missing++;
861 #endif
862 	/*CONSTANTCONDITION*/
863 	} while (0);
864 
865 	/*LINTED*/
866 	if (cpuid_opteron_erratum(cpu, 121) > 0) {
867 		/*
868 		 * Sequential Execution Across Non_Canonical Boundary Caused
869 		 * Processor Hang
870 		 */
871 #if defined(OPTERON_ERRATUM_121)
872 #if defined(_LP64)
873 		/*
874 		 * Erratum 121 is only present in long (64 bit) mode.
875 		 * Workaround is to include the page immediately before the
876 		 * va hole to eliminate the possibility of system hangs due to
877 		 * sequential execution across the va hole boundary.
878 		 */
879 		if (opteron_erratum_121)
880 			opteron_erratum_121++;
881 		else {
882 			if (hole_start) {
883 				hole_start -= PAGESIZE;
884 			} else {
885 				/*
886 				 * hole_start not yet initialized by
887 				 * mmu_init. Initialize hole_start
888 				 * with value to be subtracted.
889 				 */
890 				hole_start = PAGESIZE;
891 			}
892 			opteron_erratum_121++;
893 		}
894 #endif	/* _LP64 */
895 #else
896 		workaround_warning(cpu, 121);
897 		missing++;
898 #endif
899 	}
900 
901 	/*LINTED*/
902 	if (cpuid_opteron_erratum(cpu, 122) > 0) do {
903 		/*
904 		 * TLB Flush Filter May Cause Coherency Problem in
905 		 * Multiprocessor Systems
906 		 */
907 #if defined(OPTERON_ERRATUM_122)
908 		uint64_t value;
909 		const uint_t msr = MSR_AMD_HWCR;
910 		int error;
911 
912 		/*
913 		 * Erratum 122 is only present in MP configurations (multi-core
914 		 * or multi-processor).
915 		 */
916 #if defined(__xpv)
917 		if (!DOMAIN_IS_INITDOMAIN(xen_info))
918 			break;
919 		if (!opteron_erratum_122 && xen_get_nphyscpus() == 1)
920 			break;
921 #else
922 		if (!opteron_erratum_122 && opteron_get_nnodes() == 1 &&
923 		    cpuid_get_ncpu_per_chip(cpu) == 1)
924 			break;
925 #endif
926 		/* disable TLB Flush Filter */
927 
928 		if ((error = checked_rdmsr(msr, &value)) != 0) {
929 			msr_warning(cpu, "rd", msr, error);
930 			workaround_warning(cpu, 122);
931 			missing++;
932 		} else {
933 			value |= (uint64_t)AMD_HWCR_FFDIS;
934 			if ((error = checked_wrmsr(msr, value)) != 0) {
935 				msr_warning(cpu, "wr", msr, error);
936 				workaround_warning(cpu, 122);
937 				missing++;
938 			}
939 		}
940 		opteron_erratum_122++;
941 #else
942 		workaround_warning(cpu, 122);
943 		missing++;
944 #endif
945 	/*CONSTANTCONDITION*/
946 	} while (0);
947 
948 	/*LINTED*/
949 	if (cpuid_opteron_erratum(cpu, 123) > 0) do {
950 		/*
951 		 * Bypassed Reads May Cause Data Corruption of System Hang in
952 		 * Dual Core Processors
953 		 */
954 #if defined(OPTERON_ERRATUM_123)
955 		uint64_t value;
956 		const uint_t msr = MSR_AMD_PATCHLEVEL;
957 		int err;
958 
959 		/*
960 		 * Erratum 123 applies only to multi-core cpus.
961 		 */
962 		if (cpuid_get_ncpu_per_chip(cpu) < 2)
963 			break;
964 #if defined(__xpv)
965 		if (!DOMAIN_IS_INITDOMAIN(xen_info))
966 			break;
967 #endif
968 		/*
969 		 * The "workaround" is to print a warning to upgrade the BIOS
970 		 */
971 		if ((err = checked_rdmsr(msr, &value)) != 0) {
972 			msr_warning(cpu, "rd", msr, err);
973 			workaround_warning(cpu, 123);
974 			missing++;
975 		}
976 		if (value == 0)
977 			opteron_erratum_123++;
978 #else
979 		workaround_warning(cpu, 123);
980 		missing++;
981 
982 #endif
983 	/*CONSTANTCONDITION*/
984 	} while (0);
985 
986 	/*LINTED*/
987 	if (cpuid_opteron_erratum(cpu, 131) > 0) do {
988 		/*
989 		 * Multiprocessor Systems with Four or More Cores May Deadlock
990 		 * Waiting for a Probe Response
991 		 */
992 #if defined(OPTERON_ERRATUM_131)
993 		uint64_t nbcfg;
994 		const uint_t msr = MSR_AMD_NB_CFG;
995 		const uint64_t wabits =
996 		    AMD_NB_CFG_SRQ_HEARTBEAT | AMD_NB_CFG_SRQ_SPR;
997 		int error;
998 
999 		/*
1000 		 * Erratum 131 applies to any system with four or more cores.
1001 		 */
1002 		if (opteron_erratum_131)
1003 			break;
1004 #if defined(__xpv)
1005 		if (!DOMAIN_IS_INITDOMAIN(xen_info))
1006 			break;
1007 		if (xen_get_nphyscpus() < 4)
1008 			break;
1009 #else
1010 		if (opteron_get_nnodes() * cpuid_get_ncpu_per_chip(cpu) < 4)
1011 			break;
1012 #endif
1013 		/*
1014 		 * Print a warning if neither of the workarounds for
1015 		 * erratum 131 is present.
1016 		 */
1017 		if ((error = checked_rdmsr(msr, &nbcfg)) != 0) {
1018 			msr_warning(cpu, "rd", msr, error);
1019 			workaround_warning(cpu, 131);
1020 			missing++;
1021 		} else if ((nbcfg & wabits) == 0) {
1022 			opteron_erratum_131++;
1023 		} else {
1024 			/* cannot have both workarounds set */
1025 			ASSERT((nbcfg & wabits) != wabits);
1026 		}
1027 #else
1028 		workaround_warning(cpu, 131);
1029 		missing++;
1030 #endif
1031 	/*CONSTANTCONDITION*/
1032 	} while (0);
1033 
1034 	/*
1035 	 * This isn't really an erratum, but for convenience the
1036 	 * detection/workaround code lives here and in cpuid_opteron_erratum.
1037 	 */
1038 	if (cpuid_opteron_erratum(cpu, 6336786) > 0) {
1039 #if defined(OPTERON_WORKAROUND_6336786)
1040 		/*
1041 		 * Disable C1-Clock ramping on multi-core/multi-processor
1042 		 * K8 platforms to guard against TSC drift.
1043 		 */
1044 		if (opteron_workaround_6336786) {
1045 			opteron_workaround_6336786++;
1046 #if defined(__xpv)
1047 		} else if ((DOMAIN_IS_INITDOMAIN(xen_info) &&
1048 		    xen_get_nphyscpus() > 1) ||
1049 		    opteron_workaround_6336786_UP) {
1050 			/*
1051 			 * XXPV	Hmm.  We can't walk the Northbridges on
1052 			 *	the hypervisor; so just complain and drive
1053 			 *	on.  This probably needs to be fixed in
1054 			 *	the hypervisor itself.
1055 			 */
1056 			opteron_workaround_6336786++;
1057 			workaround_warning(cpu, 6336786);
1058 #else	/* __xpv */
1059 		} else if ((opteron_get_nnodes() *
1060 		    cpuid_get_ncpu_per_chip(cpu) > 1) ||
1061 		    opteron_workaround_6336786_UP) {
1062 
1063 			uint_t	node, nnodes;
1064 			uint8_t data;
1065 
1066 			nnodes = opteron_get_nnodes();
1067 			for (node = 0; node < nnodes; node++) {
1068 				/*
1069 				 * Clear PMM7[1:0] (function 3, offset 0x87)
1070 				 * Northbridge device is the node id + 24.
1071 				 */
1072 				data = pci_getb_func(0, node + 24, 3, 0x87);
1073 				data &= 0xFC;
1074 				pci_putb_func(0, node + 24, 3, 0x87, data);
1075 			}
1076 			opteron_workaround_6336786++;
1077 #endif	/* __xpv */
1078 		}
1079 #else
1080 		workaround_warning(cpu, 6336786);
1081 		missing++;
1082 #endif
1083 	}
1084 
1085 	/*LINTED*/
1086 	/*
1087 	 * Mutex primitives don't work as expected.
1088 	 */
1089 	if (cpuid_opteron_erratum(cpu, 6323525) > 0) {
1090 #if defined(OPTERON_WORKAROUND_6323525)
1091 		/*
1092 		 * This problem only occurs with 2 or more cores. If bit in
1093 		 * MSR_AMD_BU_CFG set, then not applicable. The workaround
1094 		 * is to patch the semaphone routines with the lfence
1095 		 * instruction to provide necessary load memory barrier with
1096 		 * possible subsequent read-modify-write ops.
1097 		 *
1098 		 * It is too early in boot to call the patch routine so
1099 		 * set erratum variable to be done in startup_end().
1100 		 */
1101 		if (opteron_workaround_6323525) {
1102 			opteron_workaround_6323525++;
1103 #if defined(__xpv)
1104 		} else if (x86_feature & X86_SSE2) {
1105 			if (DOMAIN_IS_INITDOMAIN(xen_info)) {
1106 				/*
1107 				 * XXPV	Use dom0_msr here when extended
1108 				 *	operations are supported?
1109 				 */
1110 				if (xen_get_nphyscpus() > 1)
1111 					opteron_workaround_6323525++;
1112 			} else {
1113 				/*
1114 				 * We have no way to tell how many physical
1115 				 * cpus there are, or even if this processor
1116 				 * has the problem, so enable the workaround
1117 				 * unconditionally (at some performance cost).
1118 				 */
1119 				opteron_workaround_6323525++;
1120 			}
1121 #else	/* __xpv */
1122 		} else if ((x86_feature & X86_SSE2) && ((opteron_get_nnodes() *
1123 		    cpuid_get_ncpu_per_chip(cpu)) > 1)) {
1124 			if ((xrdmsr(MSR_AMD_BU_CFG) & 0x02) == 0)
1125 				opteron_workaround_6323525++;
1126 #endif	/* __xpv */
1127 		}
1128 #else
1129 		workaround_warning(cpu, 6323525);
1130 		missing++;
1131 #endif
1132 	}
1133 
1134 	missing += do_erratum_298(cpu);
1135 
1136 #ifdef __xpv
1137 	return (0);
1138 #else
1139 	return (missing);
1140 #endif
1141 }
1142 
1143 void
1144 workaround_errata_end()
1145 {
1146 #if defined(OPTERON_ERRATUM_88)
1147 	if (opteron_erratum_88)
1148 		workaround_applied(88);
1149 #endif
1150 #if defined(OPTERON_ERRATUM_91)
1151 	if (opteron_erratum_91)
1152 		workaround_applied(91);
1153 #endif
1154 #if defined(OPTERON_ERRATUM_93)
1155 	if (opteron_erratum_93)
1156 		workaround_applied(93);
1157 #endif
1158 #if defined(OPTERON_ERRATUM_95)
1159 	if (opteron_erratum_95)
1160 		workaround_applied(95);
1161 #endif
1162 #if defined(OPTERON_ERRATUM_100)
1163 	if (opteron_erratum_100)
1164 		workaround_applied(100);
1165 #endif
1166 #if defined(OPTERON_ERRATUM_108)
1167 	if (opteron_erratum_108)
1168 		workaround_applied(108);
1169 #endif
1170 #if defined(OPTERON_ERRATUM_109)
1171 	if (opteron_erratum_109) {
1172 		cmn_err(CE_WARN,
1173 		    "BIOS microcode patch for AMD Athlon(tm) 64/Opteron(tm)"
1174 		    " processor\nerratum 109 was not detected; updating your"
1175 		    " system's BIOS to a version\ncontaining this"
1176 		    " microcode patch is HIGHLY recommended or erroneous"
1177 		    " system\noperation may occur.\n");
1178 	}
1179 #endif
1180 #if defined(OPTERON_ERRATUM_121)
1181 	if (opteron_erratum_121)
1182 		workaround_applied(121);
1183 #endif
1184 #if defined(OPTERON_ERRATUM_122)
1185 	if (opteron_erratum_122)
1186 		workaround_applied(122);
1187 #endif
1188 #if defined(OPTERON_ERRATUM_123)
1189 	if (opteron_erratum_123) {
1190 		cmn_err(CE_WARN,
1191 		    "BIOS microcode patch for AMD Athlon(tm) 64/Opteron(tm)"
1192 		    " processor\nerratum 123 was not detected; updating your"
1193 		    " system's BIOS to a version\ncontaining this"
1194 		    " microcode patch is HIGHLY recommended or erroneous"
1195 		    " system\noperation may occur.\n");
1196 	}
1197 #endif
1198 #if defined(OPTERON_ERRATUM_131)
1199 	if (opteron_erratum_131) {
1200 		cmn_err(CE_WARN,
1201 		    "BIOS microcode patch for AMD Athlon(tm) 64/Opteron(tm)"
1202 		    " processor\nerratum 131 was not detected; updating your"
1203 		    " system's BIOS to a version\ncontaining this"
1204 		    " microcode patch is HIGHLY recommended or erroneous"
1205 		    " system\noperation may occur.\n");
1206 	}
1207 #endif
1208 #if defined(OPTERON_WORKAROUND_6336786)
1209 	if (opteron_workaround_6336786)
1210 		workaround_applied(6336786);
1211 #endif
1212 #if defined(OPTERON_WORKAROUND_6323525)
1213 	if (opteron_workaround_6323525)
1214 		workaround_applied(6323525);
1215 #endif
1216 #if defined(OPTERON_ERRATUM_298)
1217 	if (opteron_erratum_298) {
1218 		cmn_err(CE_WARN,
1219 		    "BIOS microcode patch for AMD 64/Opteron(tm)"
1220 		    " processor\nerratum 298 was not detected; updating your"
1221 		    " system's BIOS to a version\ncontaining this"
1222 		    " microcode patch is HIGHLY recommended or erroneous"
1223 		    " system\noperation may occur.\n");
1224 	}
1225 #endif
1226 }
1227 
1228 static cpuset_t procset;
1229 
1230 /*
1231  * Start a single cpu, assuming that the kernel context is available
1232  * to successfully start another cpu.
1233  *
1234  * (For example, real mode code is mapped into the right place
1235  * in memory and is ready to be run.)
1236  */
1237 int
1238 start_cpu(processorid_t who)
1239 {
1240 	void *ctx;
1241 	cpu_t *cp;
1242 	int delays;
1243 	int error = 0;
1244 
1245 	ASSERT(who != 0);
1246 
1247 	/*
1248 	 * Check if there's at least a Mbyte of kmem available
1249 	 * before attempting to start the cpu.
1250 	 */
1251 	if (kmem_avail() < 1024 * 1024) {
1252 		/*
1253 		 * Kick off a reap in case that helps us with
1254 		 * later attempts ..
1255 		 */
1256 		kmem_reap();
1257 		return (ENOMEM);
1258 	}
1259 
1260 	cp = mp_startup_init(who);
1261 	if ((ctx = mach_cpucontext_alloc(cp)) == NULL ||
1262 	    (error = mach_cpu_start(cp, ctx)) != 0) {
1263 
1264 		/*
1265 		 * Something went wrong before we even started it
1266 		 */
1267 		if (ctx)
1268 			cmn_err(CE_WARN,
1269 			    "cpu%d: failed to start error %d",
1270 			    cp->cpu_id, error);
1271 		else
1272 			cmn_err(CE_WARN,
1273 			    "cpu%d: failed to allocate context", cp->cpu_id);
1274 
1275 		if (ctx)
1276 			mach_cpucontext_free(cp, ctx, error);
1277 		else
1278 			error = EAGAIN;		/* hmm. */
1279 		mp_startup_fini(cp, error);
1280 		return (error);
1281 	}
1282 
1283 	for (delays = 0; !CPU_IN_SET(procset, who); delays++) {
1284 		if (delays == 500) {
1285 			/*
1286 			 * After five seconds, things are probably looking
1287 			 * a bit bleak - explain the hang.
1288 			 */
1289 			cmn_err(CE_NOTE, "cpu%d: started, "
1290 			    "but not running in the kernel yet", who);
1291 		} else if (delays > 2000) {
1292 			/*
1293 			 * We waited at least 20 seconds, bail ..
1294 			 */
1295 			error = ETIMEDOUT;
1296 			cmn_err(CE_WARN, "cpu%d: timed out", who);
1297 			mach_cpucontext_free(cp, ctx, error);
1298 			mp_startup_fini(cp, error);
1299 			return (error);
1300 		}
1301 
1302 		/*
1303 		 * wait at least 10ms, then check again..
1304 		 */
1305 		delay(USEC_TO_TICK_ROUNDUP(10000));
1306 	}
1307 
1308 	mach_cpucontext_free(cp, ctx, 0);
1309 
1310 #ifndef __xpv
1311 	if (tsc_gethrtime_enable)
1312 		tsc_sync_master(who);
1313 #endif
1314 
1315 	if (dtrace_cpu_init != NULL) {
1316 		/*
1317 		 * DTrace CPU initialization expects cpu_lock to be held.
1318 		 */
1319 		mutex_enter(&cpu_lock);
1320 		(*dtrace_cpu_init)(who);
1321 		mutex_exit(&cpu_lock);
1322 	}
1323 
1324 	while (!CPU_IN_SET(cpu_ready_set, who))
1325 		delay(1);
1326 
1327 	return (0);
1328 }
1329 
1330 
1331 /*ARGSUSED*/
1332 void
1333 start_other_cpus(int cprboot)
1334 {
1335 	uint_t who;
1336 	uint_t skipped = 0;
1337 	uint_t bootcpuid = 0;
1338 
1339 	/*
1340 	 * Initialize our own cpu_info.
1341 	 */
1342 	init_cpu_info(CPU);
1343 
1344 	/*
1345 	 * Initialize our syscall handlers
1346 	 */
1347 	init_cpu_syscall(CPU);
1348 
1349 	/*
1350 	 * Take the boot cpu out of the mp_cpus set because we know
1351 	 * it's already running.  Add it to the cpu_ready_set for
1352 	 * precisely the same reason.
1353 	 */
1354 	CPUSET_DEL(mp_cpus, bootcpuid);
1355 	CPUSET_ADD(cpu_ready_set, bootcpuid);
1356 
1357 	/*
1358 	 * if only 1 cpu or not using MP, skip the rest of this
1359 	 */
1360 	if (CPUSET_ISNULL(mp_cpus) || use_mp == 0) {
1361 		if (use_mp == 0)
1362 			cmn_err(CE_CONT, "?***** Not in MP mode\n");
1363 		goto done;
1364 	}
1365 
1366 	/*
1367 	 * perform such initialization as is needed
1368 	 * to be able to take CPUs on- and off-line.
1369 	 */
1370 	cpu_pause_init();
1371 
1372 	xc_init();		/* initialize processor crosscalls */
1373 
1374 	if (mach_cpucontext_init() != 0)
1375 		goto done;
1376 
1377 	flushes_require_xcalls = 1;
1378 
1379 	/*
1380 	 * We lock our affinity to the master CPU to ensure that all slave CPUs
1381 	 * do their TSC syncs with the same CPU.
1382 	 */
1383 	affinity_set(CPU_CURRENT);
1384 
1385 	for (who = 0; who < NCPU; who++) {
1386 
1387 		if (!CPU_IN_SET(mp_cpus, who))
1388 			continue;
1389 		ASSERT(who != bootcpuid);
1390 		if (ncpus >= max_ncpus) {
1391 			skipped = who;
1392 			continue;
1393 		}
1394 		if (start_cpu(who) != 0)
1395 			CPUSET_DEL(mp_cpus, who);
1396 	}
1397 
1398 	/* Free the space allocated to hold the microcode file */
1399 	ucode_free();
1400 
1401 	affinity_clear();
1402 
1403 	if (skipped) {
1404 		cmn_err(CE_NOTE,
1405 		    "System detected %d cpus, but "
1406 		    "only %d cpu(s) were enabled during boot.",
1407 		    skipped + 1, ncpus);
1408 		cmn_err(CE_NOTE,
1409 		    "Use \"boot-ncpus\" parameter to enable more CPU(s). "
1410 		    "See eeprom(1M).");
1411 	}
1412 
1413 done:
1414 	workaround_errata_end();
1415 	mach_cpucontext_fini();
1416 
1417 	cmi_post_mpstartup();
1418 }
1419 
1420 /*
1421  * Dummy functions - no i86pc platforms support dynamic cpu allocation.
1422  */
1423 /*ARGSUSED*/
1424 int
1425 mp_cpu_configure(int cpuid)
1426 {
1427 	return (ENOTSUP);		/* not supported */
1428 }
1429 
1430 /*ARGSUSED*/
1431 int
1432 mp_cpu_unconfigure(int cpuid)
1433 {
1434 	return (ENOTSUP);		/* not supported */
1435 }
1436 
1437 /*
1438  * Startup function for 'other' CPUs (besides boot cpu).
1439  * Called from real_mode_start.
1440  *
1441  * WARNING: until CPU_READY is set, mp_startup and routines called by
1442  * mp_startup should not call routines (e.g. kmem_free) that could call
1443  * hat_unload which requires CPU_READY to be set.
1444  */
1445 void
1446 mp_startup(void)
1447 {
1448 	struct cpu *cp = CPU;
1449 	uint_t new_x86_feature;
1450 
1451 	/*
1452 	 * We need to get TSC on this proc synced (i.e., any delta
1453 	 * from cpu0 accounted for) as soon as we can, because many
1454 	 * many things use gethrtime/pc_gethrestime, including
1455 	 * interrupts, cmn_err, etc.
1456 	 */
1457 
1458 	/* Let cpu0 continue into tsc_sync_master() */
1459 	CPUSET_ATOMIC_ADD(procset, cp->cpu_id);
1460 
1461 #ifndef __xpv
1462 	if (tsc_gethrtime_enable)
1463 		tsc_sync_slave();
1464 #endif
1465 
1466 	/*
1467 	 * Once this was done from assembly, but it's safer here; if
1468 	 * it blocks, we need to be able to swtch() to and from, and
1469 	 * since we get here by calling t_pc, we need to do that call
1470 	 * before swtch() overwrites it.
1471 	 */
1472 	(void) (*ap_mlsetup)();
1473 
1474 	new_x86_feature = cpuid_pass1(cp);
1475 
1476 #ifndef __xpv
1477 	/*
1478 	 * Program this cpu's PAT
1479 	 */
1480 	if (x86_feature & X86_PAT)
1481 		pat_sync();
1482 #endif
1483 
1484 	/*
1485 	 * Set up TSC_AUX to contain the cpuid for this processor
1486 	 * for the rdtscp instruction.
1487 	 */
1488 	if (x86_feature & X86_TSCP)
1489 		(void) wrmsr(MSR_AMD_TSCAUX, cp->cpu_id);
1490 
1491 	/*
1492 	 * Initialize this CPU's syscall handlers
1493 	 */
1494 	init_cpu_syscall(cp);
1495 
1496 	/*
1497 	 * Enable interrupts with spl set to LOCK_LEVEL. LOCK_LEVEL is the
1498 	 * highest level at which a routine is permitted to block on
1499 	 * an adaptive mutex (allows for cpu poke interrupt in case
1500 	 * the cpu is blocked on a mutex and halts). Setting LOCK_LEVEL blocks
1501 	 * device interrupts that may end up in the hat layer issuing cross
1502 	 * calls before CPU_READY is set.
1503 	 */
1504 	splx(ipltospl(LOCK_LEVEL));
1505 	sti();
1506 
1507 	/*
1508 	 * Do a sanity check to make sure this new CPU is a sane thing
1509 	 * to add to the collection of processors running this system.
1510 	 *
1511 	 * XXX	Clearly this needs to get more sophisticated, if x86
1512 	 * systems start to get built out of heterogenous CPUs; as is
1513 	 * likely to happen once the number of processors in a configuration
1514 	 * gets large enough.
1515 	 */
1516 	if ((x86_feature & new_x86_feature) != x86_feature) {
1517 		cmn_err(CE_CONT, "?cpu%d: %b\n",
1518 		    cp->cpu_id, new_x86_feature, FMT_X86_FEATURE);
1519 		cmn_err(CE_WARN, "cpu%d feature mismatch", cp->cpu_id);
1520 	}
1521 
1522 	/*
1523 	 * We do not support cpus with mixed monitor/mwait support if the
1524 	 * boot cpu supports monitor/mwait.
1525 	 */
1526 	if ((x86_feature & ~new_x86_feature) & X86_MWAIT)
1527 		panic("unsupported mixed cpu monitor/mwait support detected");
1528 
1529 	/*
1530 	 * We could be more sophisticated here, and just mark the CPU
1531 	 * as "faulted" but at this point we'll opt for the easier
1532 	 * answer of dieing horribly.  Provided the boot cpu is ok,
1533 	 * the system can be recovered by booting with use_mp set to zero.
1534 	 */
1535 	if (workaround_errata(cp) != 0)
1536 		panic("critical workaround(s) missing for cpu%d", cp->cpu_id);
1537 
1538 	cpuid_pass2(cp);
1539 	cpuid_pass3(cp);
1540 	(void) cpuid_pass4(cp);
1541 
1542 	init_cpu_info(cp);
1543 
1544 	mutex_enter(&cpu_lock);
1545 	/*
1546 	 * Processor group initialization for this CPU is dependent on the
1547 	 * cpuid probing, which must be done in the context of the current
1548 	 * CPU.
1549 	 */
1550 	pghw_physid_create(cp);
1551 	pg_cpu_init(cp);
1552 	pg_cmt_cpu_startup(cp);
1553 
1554 	cp->cpu_flags |= CPU_RUNNING | CPU_READY | CPU_EXISTS;
1555 
1556 	if (dtrace_cpu_init != NULL) {
1557 		(*dtrace_cpu_init)(cp->cpu_id);
1558 	}
1559 
1560 	/*
1561 	 * Fill out cpu_ucode_info.  Update microcode if necessary.
1562 	 */
1563 	ucode_check(cp);
1564 
1565 	mutex_exit(&cpu_lock);
1566 
1567 	/*
1568 	 * Enable preemption here so that contention for any locks acquired
1569 	 * later in mp_startup may be preempted if the thread owning those
1570 	 * locks is continously executing on other CPUs (for example, this
1571 	 * CPU must be preemptible to allow other CPUs to pause it during their
1572 	 * startup phases).  It's safe to enable preemption here because the
1573 	 * CPU state is pretty-much fully constructed.
1574 	 */
1575 	curthread->t_preempt = 0;
1576 
1577 	/* The base spl should still be at LOCK LEVEL here */
1578 	ASSERT(cp->cpu_base_spl == ipltospl(LOCK_LEVEL));
1579 	set_base_spl();		/* Restore the spl to its proper value */
1580 
1581 	/* Enable interrupts */
1582 	(void) spl0();
1583 	mutex_enter(&cpu_lock);
1584 	cpu_enable_intr(cp);
1585 	cpu_add_active(cp);
1586 	mutex_exit(&cpu_lock);
1587 
1588 	add_cpunode2devtree(cp->cpu_id, cp->cpu_m.mcpu_cpi);
1589 
1590 #ifndef __xpv
1591 	{
1592 		/*
1593 		 * Set up the CPU module for this CPU.  This can't be done
1594 		 * before this CPU is made CPU_READY, because we may (in
1595 		 * heterogeneous systems) need to go load another CPU module.
1596 		 * The act of attempting to load a module may trigger a
1597 		 * cross-call, which will ASSERT unless this cpu is CPU_READY.
1598 		 */
1599 		cmi_hdl_t hdl;
1600 
1601 		if ((hdl = cmi_init(CMI_HDL_NATIVE, cmi_ntv_hwchipid(CPU),
1602 		    cmi_ntv_hwcoreid(CPU), cmi_ntv_hwstrandid(CPU),
1603 		    cmi_ntv_hwmstrand(CPU))) != NULL) {
1604 			if (x86_feature & X86_MCA)
1605 				cmi_mca_init(hdl);
1606 		}
1607 	}
1608 #endif /* __xpv */
1609 
1610 	if (boothowto & RB_DEBUG)
1611 		kdi_cpu_init();
1612 
1613 	/*
1614 	 * Setting the bit in cpu_ready_set must be the last operation in
1615 	 * processor initialization; the boot CPU will continue to boot once
1616 	 * it sees this bit set for all active CPUs.
1617 	 */
1618 	CPUSET_ATOMIC_ADD(cpu_ready_set, cp->cpu_id);
1619 
1620 	/*
1621 	 * Because mp_startup() gets fired off after init() starts, we
1622 	 * can't use the '?' trick to do 'boot -v' printing - so we
1623 	 * always direct the 'cpu .. online' messages to the log.
1624 	 */
1625 	cmn_err(CE_CONT, "!cpu%d initialization complete - online\n",
1626 	    cp->cpu_id);
1627 
1628 	/*
1629 	 * Now we are done with the startup thread, so free it up.
1630 	 */
1631 	thread_exit();
1632 	panic("mp_startup: cannot return");
1633 	/*NOTREACHED*/
1634 }
1635 
1636 
1637 /*
1638  * Start CPU on user request.
1639  */
1640 /* ARGSUSED */
1641 int
1642 mp_cpu_start(struct cpu *cp)
1643 {
1644 	ASSERT(MUTEX_HELD(&cpu_lock));
1645 	return (0);
1646 }
1647 
1648 /*
1649  * Stop CPU on user request.
1650  */
1651 /* ARGSUSED */
1652 int
1653 mp_cpu_stop(struct cpu *cp)
1654 {
1655 	extern int cbe_psm_timer_mode;
1656 	ASSERT(MUTEX_HELD(&cpu_lock));
1657 
1658 #ifdef __xpv
1659 	/*
1660 	 * We can't offline vcpu0.
1661 	 */
1662 	if (cp->cpu_id == 0)
1663 		return (EBUSY);
1664 #endif
1665 
1666 	/*
1667 	 * If TIMER_PERIODIC mode is used, CPU0 is the one running it;
1668 	 * can't stop it.  (This is true only for machines with no TSC.)
1669 	 */
1670 
1671 	if ((cbe_psm_timer_mode == TIMER_PERIODIC) && (cp->cpu_id == 0))
1672 		return (EBUSY);
1673 
1674 	return (0);
1675 }
1676 
1677 /*
1678  * Take the specified CPU out of participation in interrupts.
1679  */
1680 int
1681 cpu_disable_intr(struct cpu *cp)
1682 {
1683 	if (psm_disable_intr(cp->cpu_id) != DDI_SUCCESS)
1684 		return (EBUSY);
1685 
1686 	cp->cpu_flags &= ~CPU_ENABLE;
1687 	return (0);
1688 }
1689 
1690 /*
1691  * Allow the specified CPU to participate in interrupts.
1692  */
1693 void
1694 cpu_enable_intr(struct cpu *cp)
1695 {
1696 	ASSERT(MUTEX_HELD(&cpu_lock));
1697 	cp->cpu_flags |= CPU_ENABLE;
1698 	psm_enable_intr(cp->cpu_id);
1699 }
1700 
1701 
1702 /*ARGSUSED*/
1703 void
1704 mp_cpu_faulted_enter(struct cpu *cp)
1705 {
1706 #ifndef __xpv
1707 	cmi_hdl_t hdl = cmi_hdl_lookup(CMI_HDL_NATIVE, cmi_ntv_hwchipid(cp),
1708 	    cmi_ntv_hwcoreid(cp), cmi_ntv_hwstrandid(cp));
1709 
1710 	if (hdl != NULL) {
1711 		cmi_faulted_enter(hdl);
1712 		cmi_hdl_rele(hdl);
1713 	}
1714 #endif
1715 }
1716 
1717 /*ARGSUSED*/
1718 void
1719 mp_cpu_faulted_exit(struct cpu *cp)
1720 {
1721 #ifndef __xpv
1722 	cmi_hdl_t hdl = cmi_hdl_lookup(CMI_HDL_NATIVE, cmi_ntv_hwchipid(cp),
1723 	    cmi_ntv_hwcoreid(cp), cmi_ntv_hwstrandid(cp));
1724 
1725 	if (hdl != NULL) {
1726 		cmi_faulted_exit(hdl);
1727 		cmi_hdl_rele(hdl);
1728 	}
1729 #endif
1730 }
1731 
1732 /*
1733  * The following two routines are used as context operators on threads belonging
1734  * to processes with a private LDT (see sysi86).  Due to the rarity of such
1735  * processes, these routines are currently written for best code readability and
1736  * organization rather than speed.  We could avoid checking x86_feature at every
1737  * context switch by installing different context ops, depending on the
1738  * x86_feature flags, at LDT creation time -- one for each combination of fast
1739  * syscall feature flags.
1740  */
1741 
1742 /*ARGSUSED*/
1743 void
1744 cpu_fast_syscall_disable(void *arg)
1745 {
1746 	if ((x86_feature & (X86_MSR | X86_SEP)) == (X86_MSR | X86_SEP))
1747 		cpu_sep_disable();
1748 	if ((x86_feature & (X86_MSR | X86_ASYSC)) == (X86_MSR | X86_ASYSC))
1749 		cpu_asysc_disable();
1750 }
1751 
1752 /*ARGSUSED*/
1753 void
1754 cpu_fast_syscall_enable(void *arg)
1755 {
1756 	if ((x86_feature & (X86_MSR | X86_SEP)) == (X86_MSR | X86_SEP))
1757 		cpu_sep_enable();
1758 	if ((x86_feature & (X86_MSR | X86_ASYSC)) == (X86_MSR | X86_ASYSC))
1759 		cpu_asysc_enable();
1760 }
1761 
1762 static void
1763 cpu_sep_enable(void)
1764 {
1765 	ASSERT(x86_feature & X86_SEP);
1766 	ASSERT(curthread->t_preempt || getpil() >= LOCK_LEVEL);
1767 
1768 	wrmsr(MSR_INTC_SEP_CS, (uint64_t)(uintptr_t)KCS_SEL);
1769 }
1770 
1771 static void
1772 cpu_sep_disable(void)
1773 {
1774 	ASSERT(x86_feature & X86_SEP);
1775 	ASSERT(curthread->t_preempt || getpil() >= LOCK_LEVEL);
1776 
1777 	/*
1778 	 * Setting the SYSENTER_CS_MSR register to 0 causes software executing
1779 	 * the sysenter or sysexit instruction to trigger a #gp fault.
1780 	 */
1781 	wrmsr(MSR_INTC_SEP_CS, 0);
1782 }
1783 
1784 static void
1785 cpu_asysc_enable(void)
1786 {
1787 	ASSERT(x86_feature & X86_ASYSC);
1788 	ASSERT(curthread->t_preempt || getpil() >= LOCK_LEVEL);
1789 
1790 	wrmsr(MSR_AMD_EFER, rdmsr(MSR_AMD_EFER) |
1791 	    (uint64_t)(uintptr_t)AMD_EFER_SCE);
1792 }
1793 
1794 static void
1795 cpu_asysc_disable(void)
1796 {
1797 	ASSERT(x86_feature & X86_ASYSC);
1798 	ASSERT(curthread->t_preempt || getpil() >= LOCK_LEVEL);
1799 
1800 	/*
1801 	 * Turn off the SCE (syscall enable) bit in the EFER register. Software
1802 	 * executing syscall or sysret with this bit off will incur a #ud trap.
1803 	 */
1804 	wrmsr(MSR_AMD_EFER, rdmsr(MSR_AMD_EFER) &
1805 	    ~((uint64_t)(uintptr_t)AMD_EFER_SCE));
1806 }
1807