1
/*
2
 * CDDL HEADER START
3
 *
4
 * The contents of this file are subject to the terms of the
5
 * Common Development and Distribution License, Version 1.0 only
6
 * (the "License").  You may not use this file except in compliance
7
 * with the License.
8
 *
9
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10
 * or http://www.opensolaris.org/os/licensing.
11
 * See the License for the specific language governing permissions
12
 * and limitations under the License.
13
 *
14
 * When distributing Covered Code, include this CDDL HEADER in each
15
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16
 * If applicable, add the following below this CDDL HEADER, with the
17
 * fields enclosed by brackets "[]" replaced with your own identifying
18
 * information: Portions Copyright [yyyy] [name of copyright owner]
19
 *
20
 * CDDL HEADER END
21
 *
22
 */
23
/*
24
 * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
25
 * Use is subject to license terms.
26
 */
27

28
/*
29
 * Copyright (c) 2011, Joyent, Inc. All rights reserved.
30
 */
31

32
#include <sys/param.h>
33
#include <sys/systm.h>
34
#include <sys/kernel.h>
35
#include <sys/malloc.h>
36
#include <sys/msan.h>
37
#include <sys/proc.h>
38
#include <sys/smp.h>
39
#include <sys/dtrace_impl.h>
40
#include <sys/dtrace_bsd.h>
41
#include <cddl/dev/dtrace/dtrace_cddl.h>
42
#include <machine/clock.h>
43
#include <machine/cpufunc.h>
44
#include <machine/frame.h>
45
#include <machine/md_var.h>
46
#include <machine/psl.h>
47
#include <machine/trap.h>
48
#include <vm/pmap.h>
49

50
extern void dtrace_getnanotime(struct timespec *tsp);
51
extern int (*dtrace_invop_jump_addr)(struct trapframe *);
52

53
int	dtrace_invop(uintptr_t, struct trapframe *, void **);
54
int	dtrace_invop_start(struct trapframe *frame);
55
void	dtrace_invop_init(void);
56
void	dtrace_invop_uninit(void);
57

58
typedef struct dtrace_invop_hdlr {
59
	int (*dtih_func)(uintptr_t, struct trapframe *, uintptr_t);
60
	struct dtrace_invop_hdlr *dtih_next;
61
} dtrace_invop_hdlr_t;
62

63
dtrace_invop_hdlr_t *dtrace_invop_hdlr;
64

65
int
66
dtrace_invop(uintptr_t addr, struct trapframe *frame, void **scratch)
67
{
68
	struct thread *td;
69
	dtrace_invop_hdlr_t *hdlr;
70
	int rval;
71

72
	kmsan_mark(frame, sizeof(*frame), KMSAN_STATE_INITED);
73

74
	td = curthread;
75
	td->t_dtrace_trapframe = frame;
76
	rval = 0;
77
	for (hdlr = dtrace_invop_hdlr; hdlr != NULL; hdlr = hdlr->dtih_next) {
78
		rval = hdlr->dtih_func(addr, frame, (uintptr_t)scratch);
79
		if (rval != 0)
80
			break;
81
	}
82
	td->t_dtrace_trapframe = NULL;
83
	return (rval);
84
}
85

86
void
87
dtrace_invop_add(int (*func)(uintptr_t, struct trapframe *, uintptr_t))
88
{
89
	dtrace_invop_hdlr_t *hdlr;
90

91
	hdlr = kmem_alloc(sizeof (dtrace_invop_hdlr_t), KM_SLEEP);
92
	hdlr->dtih_func = func;
93
	hdlr->dtih_next = dtrace_invop_hdlr;
94
	dtrace_invop_hdlr = hdlr;
95
}
96

97
void
98
dtrace_invop_remove(int (*func)(uintptr_t, struct trapframe *, uintptr_t))
99
{
100
	dtrace_invop_hdlr_t *hdlr = dtrace_invop_hdlr, *prev = NULL;
101

102
	for (;;) {
103
		if (hdlr == NULL)
104
			panic("attempt to remove non-existent invop handler");
105

106
		if (hdlr->dtih_func == func)
107
			break;
108

109
		prev = hdlr;
110
		hdlr = hdlr->dtih_next;
111
	}
112

113
	if (prev == NULL) {
114
		ASSERT(dtrace_invop_hdlr == hdlr);
115
		dtrace_invop_hdlr = hdlr->dtih_next;
116
	} else {
117
		ASSERT(dtrace_invop_hdlr != hdlr);
118
		prev->dtih_next = hdlr->dtih_next;
119
	}
120

121
	kmem_free(hdlr, 0);
122
}
123

124
void
125
dtrace_invop_init(void)
126
{
127

128
	dtrace_invop_jump_addr = dtrace_invop_start;
129
}
130

131
void
132
dtrace_invop_uninit(void)
133
{
134

135
	dtrace_invop_jump_addr = NULL;
136
}
137

138
/*ARGSUSED*/
139
void
140
dtrace_toxic_ranges(void (*func)(uintptr_t base, uintptr_t limit))
141
{
142
	(*func)(0, la57 ? (uintptr_t)addr_P5Tmap : (uintptr_t)addr_P4Tmap);
143
}
144

145
#ifdef notyet
146
void
147
dtrace_safe_synchronous_signal(void)
148
{
149
	kthread_t *t = curthread;
150
	struct regs *rp = lwptoregs(ttolwp(t));
151
	size_t isz = t->t_dtrace_npc - t->t_dtrace_pc;
152

153
	ASSERT(t->t_dtrace_on);
154

155
	/*
156
	 * If we're not in the range of scratch addresses, we're not actually
157
	 * tracing user instructions so turn off the flags. If the instruction
158
	 * we copied out caused a synchonous trap, reset the pc back to its
159
	 * original value and turn off the flags.
160
	 */
161
	if (rp->r_pc < t->t_dtrace_scrpc ||
162
	    rp->r_pc > t->t_dtrace_astpc + isz) {
163
		t->t_dtrace_ft = 0;
164
	} else if (rp->r_pc == t->t_dtrace_scrpc ||
165
	    rp->r_pc == t->t_dtrace_astpc) {
166
		rp->r_pc = t->t_dtrace_pc;
167
		t->t_dtrace_ft = 0;
168
	}
169
}
170

171
int
172
dtrace_safe_defer_signal(void)
173
{
174
	kthread_t *t = curthread;
175
	struct regs *rp = lwptoregs(ttolwp(t));
176
	size_t isz = t->t_dtrace_npc - t->t_dtrace_pc;
177

178
	ASSERT(t->t_dtrace_on);
179

180
	/*
181
	 * If we're not in the range of scratch addresses, we're not actually
182
	 * tracing user instructions so turn off the flags.
183
	 */
184
	if (rp->r_pc < t->t_dtrace_scrpc ||
185
	    rp->r_pc > t->t_dtrace_astpc + isz) {
186
		t->t_dtrace_ft = 0;
187
		return (0);
188
	}
189

190
	/*
191
	 * If we have executed the original instruction, but we have performed
192
	 * neither the jmp back to t->t_dtrace_npc nor the clean up of any
193
	 * registers used to emulate %rip-relative instructions in 64-bit mode,
194
	 * we'll save ourselves some effort by doing that here and taking the
195
	 * signal right away.  We detect this condition by seeing if the program
196
	 * counter is the range [scrpc + isz, astpc).
197
	 */
198
	if (rp->r_pc >= t->t_dtrace_scrpc + isz &&
199
	    rp->r_pc < t->t_dtrace_astpc) {
200
#ifdef __amd64
201
		/*
202
		 * If there is a scratch register and we're on the
203
		 * instruction immediately after the modified instruction,
204
		 * restore the value of that scratch register.
205
		 */
206
		if (t->t_dtrace_reg != 0 &&
207
		    rp->r_pc == t->t_dtrace_scrpc + isz) {
208
			switch (t->t_dtrace_reg) {
209
			case REG_RAX:
210
				rp->r_rax = t->t_dtrace_regv;
211
				break;
212
			case REG_RCX:
213
				rp->r_rcx = t->t_dtrace_regv;
214
				break;
215
			case REG_R8:
216
				rp->r_r8 = t->t_dtrace_regv;
217
				break;
218
			case REG_R9:
219
				rp->r_r9 = t->t_dtrace_regv;
220
				break;
221
			}
222
		}
223
#endif
224
		rp->r_pc = t->t_dtrace_npc;
225
		t->t_dtrace_ft = 0;
226
		return (0);
227
	}
228

229
	/*
230
	 * Otherwise, make sure we'll return to the kernel after executing
231
	 * the copied out instruction and defer the signal.
232
	 */
233
	if (!t->t_dtrace_step) {
234
		ASSERT(rp->r_pc < t->t_dtrace_astpc);
235
		rp->r_pc += t->t_dtrace_astpc - t->t_dtrace_scrpc;
236
		t->t_dtrace_step = 1;
237
	}
238

239
	t->t_dtrace_ast = 1;
240

241
	return (1);
242
}
243
#endif
244

245
static int64_t	tgt_cpu_tsc;
246
static int64_t	hst_cpu_tsc;
247
static int64_t	tsc_skew[MAXCPU];
248
static uint64_t	nsec_scale;
249

250
/* See below for the explanation of this macro. */
251
#define SCALE_SHIFT	28
252

253
static void
254
dtrace_gethrtime_init_cpu(void *arg)
255
{
256
	uintptr_t cpu = (uintptr_t) arg;
257

258
	if (cpu == curcpu)
259
		tgt_cpu_tsc = rdtsc();
260
	else
261
		hst_cpu_tsc = rdtsc();
262
}
263

264
static void
265
dtrace_gethrtime_init(void *arg)
266
{
267
	struct pcpu *pc;
268
	uint64_t tsc_f;
269
	cpuset_t map;
270
	int i;
271

272
	/*
273
	 * Get TSC frequency known at this moment.
274
	 * This should be constant if TSC is invariant.
275
	 * Otherwise tick->time conversion will be inaccurate, but
276
	 * will preserve monotonic property of TSC.
277
	 */
278
	tsc_f = atomic_load_acq_64(&tsc_freq);
279

280
	/*
281
	 * The following line checks that nsec_scale calculated below
282
	 * doesn't overflow 32-bit unsigned integer, so that it can multiply
283
	 * another 32-bit integer without overflowing 64-bit.
284
	 * Thus minimum supported TSC frequency is 62.5MHz.
285
	 */
286
	KASSERT(tsc_f > (NANOSEC >> (32 - SCALE_SHIFT)),
287
	    ("TSC frequency is too low"));
288

289
	/*
290
	 * We scale up NANOSEC/tsc_f ratio to preserve as much precision
291
	 * as possible.
292
	 * 2^28 factor was chosen quite arbitrarily from practical
293
	 * considerations:
294
	 * - it supports TSC frequencies as low as 62.5MHz (see above);
295
	 * - it provides quite good precision (e < 0.01%) up to THz
296
	 *   (terahertz) values;
297
	 */
298
	nsec_scale = ((uint64_t)NANOSEC << SCALE_SHIFT) / tsc_f;
299

300
	if (vm_guest != VM_GUEST_NO)
301
		return;
302

303
	/* The current CPU is the reference one. */
304
	sched_pin();
305
	tsc_skew[curcpu] = 0;
306
	CPU_FOREACH(i) {
307
		if (i == curcpu)
308
			continue;
309

310
		pc = pcpu_find(i);
311
		CPU_SETOF(PCPU_GET(cpuid), &map);
312
		CPU_SET(pc->pc_cpuid, &map);
313

314
		smp_rendezvous_cpus(map, NULL,
315
		    dtrace_gethrtime_init_cpu,
316
		    smp_no_rendezvous_barrier, (void *)(uintptr_t) i);
317

318
		tsc_skew[i] = tgt_cpu_tsc - hst_cpu_tsc;
319
	}
320
	sched_unpin();
321
}
322
SYSINIT(dtrace_gethrtime_init, SI_SUB_DTRACE, SI_ORDER_ANY,
323
    dtrace_gethrtime_init, NULL);
324

325
/*
326
 * DTrace needs a high resolution time function which can
327
 * be called from a probe context and guaranteed not to have
328
 * instrumented with probes itself.
329
 *
330
 * Returns nanoseconds since boot.
331
 */
332
uint64_t
333
dtrace_gethrtime(void)
334
{
335
	uint64_t tsc;
336
	uint32_t lo, hi;
337
	register_t rflags;
338

339
	/*
340
	 * We split TSC value into lower and higher 32-bit halves and separately
341
	 * scale them with nsec_scale, then we scale them down by 2^28
342
	 * (see nsec_scale calculations) taking into account 32-bit shift of
343
	 * the higher half and finally add.
344
	 */
345
	rflags = intr_disable();
346
	tsc = rdtsc() - tsc_skew[curcpu];
347
	intr_restore(rflags);
348

349
	lo = tsc;
350
	hi = tsc >> 32;
351
	return (((lo * nsec_scale) >> SCALE_SHIFT) +
352
	    ((hi * nsec_scale) << (32 - SCALE_SHIFT)));
353
}
354

355
uint64_t
356
dtrace_gethrestime(void)
357
{
358
	struct timespec current_time;
359

360
	dtrace_getnanotime(&current_time);
361

362
	return (current_time.tv_sec * 1000000000ULL + current_time.tv_nsec);
363
}
364

365
/* Function to handle DTrace traps during probes. See amd64/amd64/trap.c. */
366
int
367
dtrace_trap(struct trapframe *frame, u_int type)
368
{
369
	uint16_t nofault;
370

371
	/*
372
	 * A trap can occur while DTrace executes a probe. Before
373
	 * executing the probe, DTrace blocks re-scheduling and sets
374
	 * a flag in its per-cpu flags to indicate that it doesn't
375
	 * want to fault. On returning from the probe, the no-fault
376
	 * flag is cleared and finally re-scheduling is enabled.
377
	 *
378
	 * Check if DTrace has enabled 'no-fault' mode:
379
	 */
380
	sched_pin();
381
	nofault = cpu_core[curcpu].cpuc_dtrace_flags & CPU_DTRACE_NOFAULT;
382
	sched_unpin();
383
	if (nofault) {
384
		KASSERT((read_rflags() & PSL_I) == 0, ("interrupts enabled"));
385

386
		/*
387
		 * There are only a couple of trap types that are expected.
388
		 * All the rest will be handled in the usual way.
389
		 */
390
		switch (type) {
391
		/* General protection fault. */
392
		case T_PROTFLT:
393
			/* Flag an illegal operation. */
394
			cpu_core[curcpu].cpuc_dtrace_flags |= CPU_DTRACE_ILLOP;
395

396
			/*
397
			 * Offset the instruction pointer to the instruction
398
			 * following the one causing the fault.
399
			 */
400
			frame->tf_rip += dtrace_instr_size((uint8_t *) frame->tf_rip);
401
			return (1);
402
		/* Page fault. */
403
		case T_PAGEFLT:
404
			/* Flag a bad address. */
405
			cpu_core[curcpu].cpuc_dtrace_flags |= CPU_DTRACE_BADADDR;
406
			cpu_core[curcpu].cpuc_dtrace_illval = frame->tf_addr;
407

408
			/*
409
			 * Offset the instruction pointer to the instruction
410
			 * following the one causing the fault.
411
			 */
412
			frame->tf_rip += dtrace_instr_size((uint8_t *) frame->tf_rip);
413
			return (1);
414
		default:
415
			/* Handle all other traps in the usual way. */
416
			break;
417
		}
418
	}
419

420
	/* Handle the trap in the usual way. */
421
	return (0);
422
}
423

424