1028 Commits

Author SHA1 Message Date
Pawel Biernacki
7029da5c36 Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many)
r357614 added CTLFLAG_NEEDGIANT to make it easier to find nodes that are
still not MPSAFE (or already are but aren’t properly marked).
Use it in preparation for a general review of all nodes.

This is non-functional change that adds annotations to SYSCTL_NODE and
SYSCTL_PROC nodes using one of the soon-to-be-required flags.

Mark all obvious cases as MPSAFE.  All entries that haven't been marked
as MPSAFE before are by default marked as NEEDGIANT

Approved by:	kib (mentor, blanket)
Commented by:	kib, gallatin, melifaro
Differential Revision:	https://reviews.freebsd.org/D23718
2020-02-26 14:26:36 +00:00
Konstantin Belousov
a324b7f71d Fix IBRS for machines with IBRS_ALL capability.
When turning IBRS mitigation using sysctl, as opposed to loader tunable,
send IPI to tweak MSR on all cores.  Right now code only performed MSR write
onr the CPU where sysctl was run.

Properly report hw.ibrs_active for IBRS_ALL.  Split hw_ibrs_ibpb_active out
from ibrs_active, to keep the current semantic of guiding kernel entry and
exit handlers.

Reported and tested by:	mav
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2020-02-25 17:26:10 +00:00
Konstantin Belousov
43cd55db57 x86/identcpu.c whitespace cleanup.
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2020-02-21 16:55:28 +00:00
Konstantin Belousov
3f490f6e57 print_svm_info: decode a CPUID 0x8000000a.edx bit 20.
This is SVM features word, the bit is defined in "PPR for AMD Family
17h Model 31h B0", document 55803 Rev 0.54.

N.B. GuesSpecCtl (no 't') is the spelling from the document.

Submitted by:	Dmitry Luhtionov <dmitryluhtionov@gmail.com>
MFC after:	3 days
2020-02-21 16:41:17 +00:00
Mateusz Guzik
082a6b2a92 Make atomic_load_ptr type-aware
Returned value has type based on the argument, meaning consumers no longer
have to cast in the commmon case.

This commit keeps the kernel compilable without patching the rest.
2020-02-14 23:15:41 +00:00
Doug Moore
5a9447a324 In dmar_gas_lowermatch, skip searching a subtree if all its addresses are greater than lowaddr.
In dmar_gas_uppermatch, skip searching a subtree if all its gaps-between-alloctions are too small.

Reviewed by:	kib
Tested by:	pho
Differential Revision:	https://reviews.freebsd.org/D23391
2020-02-01 21:47:34 +00:00
Conrad Meyer
e656fa70dc hwpstate_intel(4): Save admin-set EPP/EPB and restore after suspend 2020-02-01 20:12:02 +00:00
Conrad Meyer
c93eb470b4 hwpstate_intel(4): Print failure message only on failure
X-MFC-With: r357379
2020-02-01 20:11:25 +00:00
Conrad Meyer
cd4e43b27d hwpstate_intel(4): Detect and support PKG variant
If package-level control is present, we default to using it.  Per-core
software control may be enabled by setting the machdep.hwpstate_pkg_ctrl
tunable to "0" in loader.conf(5).
2020-02-01 19:50:10 +00:00
Conrad Meyer
556a1a0bc6 hwpstate_intel(4): Add fallback EPP using PERF_BIAS MSR
Per Intel SDM (Vol 3b Part 2), if HWP indicates EPP (energy-performance
preference) is not supported, the hardware instead uses the ENERGY_PERF_BIAS
MSR.  In the epp sysctl handler, fall back to that MSR if HWP does not
support EPP and CPUID indicates the ENERGY_PERF_BIAS MSR is supported.
2020-02-01 19:49:13 +00:00
Conrad Meyer
5e3574c8cd x86: Add/amend some power-management comments/macros
No functional change.
2020-02-01 19:46:02 +00:00
Conrad Meyer
b80d476c3c hwpstate_intel(4): Error check epp sysctl & bail if HW does not support feature 2020-02-01 19:45:27 +00:00
Conrad Meyer
f591c3c847 intel_hwpstate(4): Use identcpu-cached cpuid 6 leaf
No functional change.
2020-02-01 17:54:46 +00:00
Conrad Meyer
351896d372 intel_hwpstate(4): Don't leak bound thread in error conditions
I don't know why a Skylake CPU with the HWP feature bit present would trap
on MSR reads of the HWP registers, but if this occurs, do not leave the
attach thread bound.  This could conceivably cause reported hangs, although
I have no evidence that this is the cause.

Reported by:	ae@, Andreas Nilsson <andrnils AT gmail.com>
X-MFC-With:	r357002
2020-02-01 17:30:45 +00:00
Conrad Meyer
43524989c5 hwpstate(4): Ignore CurPstateLimit by default
Add a sysctl knob to allow users to re-enable it, and document the knob and
default in cpufreq.4.  (While here, add a few unrelated updates to
cpufreq.4.)

It seems that the register value in some hardware simply reflects the
configured P-state.  This results in an inadvertent and unintended outcome
where the P-state can only walk down, and then the driver becomes "stuck" in
the slowest possible P-state.

The Linux driver never consults this register, so that's some evidence that
ignoring the contents are relatively harmless.

PR:		234733
Reported by:	sigsys AT gmail.com, Erich Dollanksy <freebsd.ed.lists AT
		sumeritec.com>
2020-01-31 17:40:41 +00:00
Mark Johnston
1c29da0279 Reimplement stack capture of running threads on i386 and amd64.
After r355784 the td_oncpu field is no longer synchronized by the thread
lock, so the stack capture interrupt cannot be delievered precisely.
Fix this using a loop which drops the thread lock and restarts if the
wrong thread was sampled from the stack capture interrupt handler.

Change the implementation to use a regular interrupt instead of an NMI.
Now that we drop the thread lock, there is no advantage to the latter.

Simplify the KPIs.  Remove stack_save_td_running() and add a return
value to stack_save_td().  On platforms that do not support stack
capture of running threads, stack_save_td() returns EOPNOTSUPP.  If the
target thread is running in user mode, stack_save_td() returns EBUSY.

Reviewed by:	kib
Reported by:	mjg, pho
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D23355
2020-01-31 15:43:33 +00:00
Conrad Meyer
07a65f9d38 hwpstate_intel(4): Silence/fix Coverity reports
These were all introduced in the initial import of hwpstate_intel(4).

Reported by:	Coverity
CIDs:		1413161, 1413164, 1413165, 1413167
X-MFC-With:	r357002
2020-01-29 03:15:34 +00:00
Conrad Meyer
d9591f0c2a x86: identcpu: Decode new Intel Structured Extended feature bits 2020-01-28 01:37:20 +00:00
Conrad Meyer
4799e1997a x86: identcpu: Decode new Zen2 AMD Feature2 bit 2020-01-28 01:36:45 +00:00
Doug Moore
f886c4ba71 Correct the use of RB_AUGMENT in the RB_TREE macros so that is invoked
at the root of every subtree that changes in an insert or delete, and
only once, and ordered from the bottom of the tree to the top.  For
intel_gas.c, the only user of RB_AUGMENT I can find, change the
augmenting routine so that it does not climb from entry to tree root
on every call, and remove a 'tree correcting' function that can be
supplanted by proper tree augmentation.

Reviewed by:	kib
Tested by:	pho
Differential Revision:	https://reviews.freebsd.org/D23189
2020-01-27 15:09:13 +00:00
Conrad Meyer
9ea85092d9 hwpstate(4): Log a debug line when throttled
If we're going to throttle user requested P-states, we should at least produce
a debug log line indicating the surprising behavior.

PR:		inspired by 234733
2020-01-27 06:04:32 +00:00
Conrad Meyer
08a220dd79 cpufreq(4): Fix missing MODULE_DEPEND on hwpstate_intel
DRIVER_MODULE does not actually define a MODULE_VERSION, which is required
to satisfy a MODULE_DEPENDency.  Declare one explicitly in
hwpstate_intel(4).

Reported by:	flo
X-MFC-With:	r357002
2020-01-23 23:52:57 +00:00
Konstantin Belousov
b94c55a9cb Fix r356919.
Instead of waiting for pc_curthread which is overwritten by
init_secondary_tail(), wait for non-NULL pc_curpcb, to be set by the
first context switch.
Assert that pc_curpcb is not set too early.

Reported and tested by:	rlibby
Reviewed by:	markj, rlibby
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D23330
2020-01-23 17:08:33 +00:00
Cy Schubert
ca9fb12a0b Fix 32-bit build post r357002. 2020-01-23 03:38:41 +00:00
Conrad Meyer
4577cf3744 cpufreq(4): Add support for Intel Speed Shift
Intel Speed Shift is Intel's technology to control frequency in hardware,
with hints from software.

Let's get a working version of this in the tree and we can refine it from
here.

Submitted by:	bwidawsk, scottph
Reviewed by:	bcr (manpages), myself
Discussed with:	jhb, kib (earlier versions)
With feedback from:	Greg V, gallatin, freebsdnewbie AT freenet.de
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D18028
2020-01-22 23:28:42 +00:00
Konstantin Belousov
2ee49fac82 Add support for Hygon Dhyana Family 18h processor.
As a new x86 CPU vendor, Chengdu Haiguang IC Design Co., Ltd (Hygon)
is a joint venture between AMD and Haiguang Information Technology Co.,
Ltd., aims at providing x86 processors for China server market.

The first generation Hygon processor(Dhyana) shares most architecture
with AMD's family 17h, but with different CPU vendor ID("HygonGenuine")
and PCI vendor ID(0x1d94) and family series number 18h(Hygon negotiated
with AMD to confirm that only Hygon use family 18h).

To enable Hygon Dhyana support in FreeBSD, add new definitions
HYGON_VENDOR_ID("HygonGenuine") and X86_VENDOR_HYGON(0x1d94) to identify
Hygon Dhyana CPU.

Initialize the CPU features(topology, local APIC ext, MSI, TSC, hwpstate,
MCA, DEBUG_CTL, etc) for amd64 and i386 mode by sharing the code path of
AMD family 17h.

The changes have been applied on FreeBSD 13.0-CURRENT and tested
successfully on Hygon Dhyana processor.

References:
[1] Linux kernel patches for Hygon Dhyana, merged in 4.20:

https://git.kernel.org/tip/c9661c1e80b609cd038db7c908e061f0535804ef

[2] MSR and CPUID definition:

https://www.amd.com/system/files/TechDocs/54945_PPR_Family_17h_Models_00h-0Fh.pdf

Submitted by:	Pu Wen <puwen@hygon.cn>
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D23163
2020-01-21 13:22:35 +00:00
Konstantin Belousov
65e5f2cdd4 x86: Wait for curthread to be set up as an indicator that the boot stack
is no longer used.

pc_curthread is set by cpu_switch after it stopped using the old
thread (or boot) stack.  This makes the smp_after_idle_runnable()
function not dependent on the internals of the scheduler operations.

Reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D23276
2020-01-20 17:23:03 +00:00
Mateusz Guzik
44c78346f6 x86: fix assertion in ipi_send_cpu to range check the passed id
Prior to the change for sufficiently bad id (and in particular NOCPU which is -1)
it would access memory outside of the cpu_apic_ids array.
2020-01-19 21:35:51 +00:00
Mateusz Guzik
879e0604ee Add KERNEL_PANICKED macro for use in place of direct panicstr tests 2020-01-12 06:07:54 +00:00
Scott Long
757d4fbaa7 Introduce the concept of busdma tag templates. A template can be allocated
off the stack, initialized to default values, and then filled in with
driver-specific values, all without having to worry about the numerous
other fields in the tag. The resulting template is then passed into
busdma and the normal opaque tag object created.  See the man page for
details on how to initialize a template.

Templates do not support tag filters.  Filters have been broken for many
years, and only existed for an ancient make/model of hardware that had a
quirky DMA engine.  Instead of breaking the ABI/API and changing the
arugment signature of bus_dma_tag_create() to remove the filter arguments,
templates allow us to ignore them, and also significantly reduce the
complexity of creating and managing tags.

Reviewed by:	imp, kib
Differential Revision:	https://reviews.freebsd.org/D22906
2019-12-24 14:48:46 +00:00
Ryan Libby
9825eadf2c bitset: rename confusing macro NAND to ANDNOT
s/BIT_NAND/BIT_ANDNOT/, and for CPU and DOMAINSET too.  The actual
implementation is "and not" (or "but not"), i.e. A but not B.
Fortunately this does appear to be what all existing callers want.

Don't supply a NAND (not (A and B)) operation at this time.

Discussed with:	jeff
Reviewed by:	cem
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D22791
2019-12-13 09:32:16 +00:00
Scott Long
0d42317659 Fix the TAA state machine to do the right thing when the TAA
migitation is available in microcode and the operator has set
the sysctl to automatic mode.

Reported by:	Coverity
CID: 1408334

MFC after:	3 days
Sponsored by:	Intel
2019-12-10 18:57:39 +00:00
Konstantin Belousov
ff326a1879 x86: Restore the critical section around whole ipi_bitmap_handler() if
hardclock IPI is delivered.

In the current code after r355311, critical section is taken only
around hardclockintr() call, and sched_preempt() is called after the
section is exited. If we reschedule after exit, as we typically would
due to conditions that caused IPI, in ULE the runq tdq_ipipending is
not cleared, which blocks generation of further preempt IPIs.

Since all relatively modern (10 years) hardware has per-cpu event
timers, restoring the critical section conditionally does not affect
it.

Reported and tested by: cy
Diagnosed and reviewed by: jeff (previous version)
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D22716
2019-12-07 00:28:08 +00:00
Scott Long
961aacb107 Move the mds, irbs, and ssb mitigation knobs into machdep.mitigations.
They're in both the old and new places in HEAD for the moment for
discussion and transition.  The old locations will be garbage collected
in 4 weeks.  MFCs to 12 an 11 will keep the old and new for transition
purposes.

Reviewed by:	kib
MFC after:	4 weeks
Sponsored by:	Intel
Differential Revision:	https://reviews.freebsd.org/D22590
2019-12-06 02:43:05 +00:00
Conrad Meyer
ee02bd9c9c x86: Add missed break to TAA status sysctl
Just a typo that Coverity identified.

Coverity also identified an unused store in the same functional area (x86 TAA
stuff), but this commit does not address that issue (CID 1408334).

Reported by:	Coverity
CID:		1408328, 1408332
2019-12-04 02:42:22 +00:00
Jeff Roberson
0f9e06e18b Fix a few places that free a page from an object without busy held. This is
tightening constraints on busy as a precursor to lockless page lookup and
should largely be a NOP for these cases.

Reviewed by:	alc, kib, markj
Differential Revision:	https://reviews.freebsd.org/D22611
2019-12-02 22:42:05 +00:00
Jeff Roberson
fb6a57ef89 Don't run sched_preempt() inside of an extra critical section. This disables
the sched_preempt() switch optimization and causes the sched lock to be dropped
and immediately reacquired.

Reviewed by:	jhb, kib, mav, markj (with changes)
Differential Revision:	https://reviews.freebsd.org/D22623
2019-12-02 22:34:19 +00:00
Konstantin Belousov
5c3771d272 bus_dma_dmar_load_ident(9): load identity mapping into the map.
Requested, reviewed and tested by:	mav
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D22559
2019-11-27 19:57:17 +00:00
Scott Long
184b15ff07 Clean up and clarify meta commentary on TAA. Add a state to denote
that TSX doesn't exist on the CPU.

MFC after:	3 days
Sponsored by:	Intel
2019-11-27 19:12:32 +00:00
Konstantin Belousov
4f4f3c8fdc Limit bus_dma_dmar_set_buswide() definition to kernel only.
The header is abused for inclusion into userspace, and on stable
branches neither device_t nor bool types are not defined when used
from userspace.

Sponsored by:	The FreeBSD Foundation
X-MFC after:	now
2019-11-25 14:16:41 +00:00
Andrew Turner
849aef496d Port the NetBSD KCSAN runtime to FreeBSD.
Update the NetBSD Kernel Concurrency Sanitizer (KCSAN) runtime to work in
the FreeBSD kernel. It is a useful tool for finding data races between
threads executing on different CPUs.

This can be enabled by enabling KCSAN in the kernel config, or by using the
GENERIC-KCSAN amd64 kernel. It works on amd64 and arm64, however the later
needs a compiler change to allow -fsanitize=thread that KCSAN uses.

Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D22315
2019-11-21 11:22:08 +00:00
Konstantin Belousov
685666aaf7 bus_dma_dmar_set_buswide(9): KPI to indicate that the whole dmar
context should share page tables.

Practically it means that dma requests from any device on the bus are
translated according to the entries loaded for the bus:0:0 device.
KPI requires that the slot and function of the device be 0:0, and that
no tags for other devices on the bus were used.

The intended use are NTBs which pass TLPs from the downstream to the
host with slot:func of the downstream originator.

Reviewed and tested by:	mav
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D22434
2019-11-18 20:56:59 +00:00
Konstantin Belousov
fa83f68917 Add x86 msr tweak KPI.
Use the KPI to tweak MSRs in mitigation code.

Reviewed by:	markj, scottl
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D22431
2019-11-18 20:53:57 +00:00
Scott Long
e372160177 TSX Asynchronous Abort mitigation for Intel CVE-2019-11135.
This CVE has already been announced in FreeBSD SA-19:26.mcu.

Mitigation for TAA involves either turning off TSX or turning on the
VERW mitigation used for MDS. Some CPUs will also be self-mitigating
for TAA and require no software workaround.

Control knobs are:
machdep.mitigations.taa.enable:
        0 - no software mitigation is enabled
        1 - attempt to disable TSX
        2 - use the VERW mitigation
        3 - automatically select the mitigation based on processor
	    features.

machdep.mitigations.taa.state:
        inactive        - no mitigation is active/enabled
        TSX disable     - TSX is disabled in the bare metal CPU as well as
                        - any virtualized CPUs
        VERW            - VERW instruction clears CPU buffers
	not vulnerable	- The CPU has identified itself as not being
			  vulnerable

Nothing in the base FreeBSD system uses TSX.  However, the instructions
are straight-forward to add to custom applications and require no kernel
support, so the mitigation is provided for users with untrusted
applications and tenants.

Reviewed by:	emaste, imp, kib, scottph
Sponsored by:	Intel
Differential Revision:	22374
2019-11-16 00:26:42 +00:00
Scott Long
22d13bfd34 Revert a patch that accidentally was committed with r354729 2019-11-15 11:54:51 +00:00
Scott Long
99a6085fde Fix a typo in how the AVX512DQ feature bit is checked.
Reviewed by:	kib
Sponsored by:	Intel
2019-11-15 11:53:06 +00:00
Scott Long
837d733265 Add new bit definitions for TSX, related to the TAA issue. The actual
mitigation will follow in a future commit.

Sponsored by:	Intel
2019-11-12 19:15:16 +00:00
Konstantin Belousov
c08973d09c Workaround for Intel SKL002/SKL012S errata.
Disable the use of executable 2M page mappings in EPT-format page
tables on affected CPUs.  For bhyve virtual machines, this effectively
disables all use of superpage mappings on affected CPUs.  The
vm.pmap.allow_2m_x_ept sysctl can be set to override the default and
enable mappings on affected CPUs.

Alternate approaches have been suggested, but at present we do not
believe the complexity is warranted for typical bhyve's use cases.

Reviewed by:	alc, emaste, markj, scottl
Security:	CVE-2018-12207
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D21884
2019-11-12 18:01:33 +00:00
Roger Pau Monné
b2802351c1 xen: fix dispatching of NMIs
Currently NMIs are sent over event channels, but that defeats the
purpose of NMIs since event channels can be masked. Fix this by
issuing NMIs using a hypercall, which injects a NMI (vector #2) to the
desired vCPU.

Note that NMIs could also be triggered using the emulated local APIC,
but using a hypercall is better from a performance point of view
since it doesn't involve instruction decoding when not using x2APIC
mode.

Reported and Tested by:	avg
Sponsored by:		Citrix Systems R&D
2019-11-12 10:31:28 +00:00
Scott Long
c47c10a1f3 Add the text attribute for MDS_NO in the IA32_ARCH_CAP MSR. 2019-11-11 22:18:05 +00:00