1 /*-
2 * Copyright (c) 2014 Tycho Nightingale <tycho.nightingale@pluribusnetworks.com>
3 * Copyright (c) 2011 NetApp, Inc.
4 * All rights reserved.
5 * Copyright (c) 2018 Joyent, Inc.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY NETAPP, INC ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL NETAPP, INC OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29 #include <sys/cdefs.h>
30 #include "opt_bhyve_snapshot.h"
31
32 #include <sys/param.h>
33 #include <sys/types.h>
34 #include <sys/queue.h>
35 #include <sys/kernel.h>
36 #include <sys/lock.h>
37 #include <sys/malloc.h>
38 #include <sys/mutex.h>
39 #include <sys/systm.h>
40
41 #include <machine/vmm.h>
42 #include <machine/vmm_snapshot.h>
43
44 #include "vmm_ktr.h"
45 #include "vatpic.h"
46 #include "vioapic.h"
47 #include "vatpit.h"
48
49 static MALLOC_DEFINE(M_VATPIT, "atpit", "bhyve virtual atpit (8254)");
50
51 #define VATPIT_LOCK(vatpit) mtx_lock_spin(&((vatpit)->mtx))
52 #define VATPIT_UNLOCK(vatpit) mtx_unlock_spin(&((vatpit)->mtx))
53 #define VATPIT_LOCKED(vatpit) mtx_owned(&((vatpit)->mtx))
54
55 #define TIMER_SEL_MASK 0xc0
56 #define TIMER_RW_MASK 0x30
57 #define TIMER_MODE_MASK 0x0f
58 #define TIMER_SEL_READBACK 0xc0
59
60 #define TIMER_STS_OUT 0x80
61 #define TIMER_STS_NULLCNT 0x40
62
63 #define TIMER_RB_LCTR 0x20
64 #define TIMER_RB_LSTATUS 0x10
65 #define TIMER_RB_CTR_2 0x08
66 #define TIMER_RB_CTR_1 0x04
67 #define TIMER_RB_CTR_0 0x02
68
69 #define TMR2_OUT_STS 0x20
70
71 #define PIT_8254_FREQ 1193182
72 #define TIMER_DIV(freq, hz) (((freq) + (hz) / 2) / (hz))
73
74 struct vatpit_callout_arg {
75 struct vatpit *vatpit;
76 int channel_num;
77 };
78
79 struct channel {
80 int mode;
81 uint16_t initial; /* initial counter value */
82 struct bintime now_bt; /* uptime when counter was loaded */
83 uint8_t cr[2];
84 uint8_t ol[2];
85 bool slatched; /* status latched */
86 uint8_t status;
87 int crbyte;
88 int olbyte;
89 int frbyte;
90 struct callout callout;
91 struct bintime callout_bt; /* target time */
92 struct vatpit_callout_arg callout_arg;
93 };
94
95 struct vatpit {
96 struct vm *vm;
97 struct mtx mtx;
98
99 struct bintime freq_bt;
100
101 struct channel channel[3];
102 };
103
104 static void pit_timer_start_cntr0(struct vatpit *vatpit);
105
106 static uint64_t
vatpit_delta_ticks(struct vatpit * vatpit,struct channel * c)107 vatpit_delta_ticks(struct vatpit *vatpit, struct channel *c)
108 {
109 struct bintime delta;
110 uint64_t result;
111
112 binuptime(&delta);
113 bintime_sub(&delta, &c->now_bt);
114
115 result = delta.sec * PIT_8254_FREQ;
116 result += delta.frac / vatpit->freq_bt.frac;
117
118 return (result);
119 }
120
121 static int
vatpit_get_out(struct vatpit * vatpit,int channel)122 vatpit_get_out(struct vatpit *vatpit, int channel)
123 {
124 struct channel *c;
125 uint64_t delta_ticks;
126 int out;
127
128 c = &vatpit->channel[channel];
129
130 switch (c->mode) {
131 case TIMER_INTTC:
132 delta_ticks = vatpit_delta_ticks(vatpit, c);
133 out = (delta_ticks >= c->initial);
134 break;
135 default:
136 out = 0;
137 break;
138 }
139
140 return (out);
141 }
142
143 static void
vatpit_callout_handler(void * a)144 vatpit_callout_handler(void *a)
145 {
146 struct vatpit_callout_arg *arg = a;
147 struct vatpit *vatpit;
148 struct callout *callout;
149 struct channel *c;
150
151 vatpit = arg->vatpit;
152 c = &vatpit->channel[arg->channel_num];
153 callout = &c->callout;
154
155 VM_CTR1(vatpit->vm, "atpit t%d fired", arg->channel_num);
156
157 VATPIT_LOCK(vatpit);
158
159 if (callout_pending(callout)) /* callout was reset */
160 goto done;
161
162 if (!callout_active(callout)) /* callout was stopped */
163 goto done;
164
165 callout_deactivate(callout);
166
167 if (c->mode == TIMER_RATEGEN) {
168 pit_timer_start_cntr0(vatpit);
169 }
170
171 vatpic_pulse_irq(vatpit->vm, 0);
172 vioapic_pulse_irq(vatpit->vm, 2);
173
174 done:
175 VATPIT_UNLOCK(vatpit);
176 return;
177 }
178
179 static void
pit_timer_start_cntr0(struct vatpit * vatpit)180 pit_timer_start_cntr0(struct vatpit *vatpit)
181 {
182 struct channel *c;
183 struct bintime now, delta;
184 sbintime_t precision;
185
186 c = &vatpit->channel[0];
187 if (c->initial != 0) {
188 delta.sec = 0;
189 delta.frac = vatpit->freq_bt.frac * c->initial;
190 bintime_add(&c->callout_bt, &delta);
191 precision = bttosbt(delta) >> tc_precexp;
192
193 /*
194 * Reset 'callout_bt' if the time that the callout
195 * was supposed to fire is more than 'c->initial'
196 * ticks in the past.
197 */
198 binuptime(&now);
199 if (bintime_cmp(&c->callout_bt, &now, <)) {
200 c->callout_bt = now;
201 bintime_add(&c->callout_bt, &delta);
202 }
203
204 callout_reset_sbt(&c->callout, bttosbt(c->callout_bt),
205 precision, vatpit_callout_handler, &c->callout_arg,
206 C_ABSOLUTE);
207 }
208 }
209
210 static uint16_t
pit_update_counter(struct vatpit * vatpit,struct channel * c,bool latch)211 pit_update_counter(struct vatpit *vatpit, struct channel *c, bool latch)
212 {
213 uint16_t lval;
214 uint64_t delta_ticks;
215
216 /* cannot latch a new value until the old one has been consumed */
217 if (latch && c->olbyte != 0)
218 return (0);
219
220 if (c->initial == 0) {
221 /*
222 * This is possibly an o/s bug - reading the value of
223 * the timer without having set up the initial value.
224 *
225 * The original user-space version of this code set
226 * the timer to 100hz in this condition; do the same
227 * here.
228 */
229 c->initial = TIMER_DIV(PIT_8254_FREQ, 100);
230 binuptime(&c->now_bt);
231 c->status &= ~TIMER_STS_NULLCNT;
232 }
233
234 delta_ticks = vatpit_delta_ticks(vatpit, c);
235 lval = c->initial - delta_ticks % c->initial;
236
237 if (latch) {
238 c->olbyte = 2;
239 c->ol[1] = lval; /* LSB */
240 c->ol[0] = lval >> 8; /* MSB */
241 }
242
243 return (lval);
244 }
245
246 static int
pit_readback1(struct vatpit * vatpit,int channel,uint8_t cmd)247 pit_readback1(struct vatpit *vatpit, int channel, uint8_t cmd)
248 {
249 struct channel *c;
250
251 c = &vatpit->channel[channel];
252
253 /*
254 * Latch the count/status of the timer if not already latched.
255 * N.B. that the count/status latch-select bits are active-low.
256 */
257 if (!(cmd & TIMER_RB_LCTR) && !c->olbyte) {
258 (void) pit_update_counter(vatpit, c, true);
259 }
260
261 if (!(cmd & TIMER_RB_LSTATUS) && !c->slatched) {
262 c->slatched = true;
263 /*
264 * For mode 0, see if the elapsed time is greater
265 * than the initial value - this results in the
266 * output pin being set to 1 in the status byte.
267 */
268 if (c->mode == TIMER_INTTC && vatpit_get_out(vatpit, channel))
269 c->status |= TIMER_STS_OUT;
270 else
271 c->status &= ~TIMER_STS_OUT;
272 }
273
274 return (0);
275 }
276
277 static int
pit_readback(struct vatpit * vatpit,uint8_t cmd)278 pit_readback(struct vatpit *vatpit, uint8_t cmd)
279 {
280 int error;
281
282 /*
283 * The readback command can apply to all timers.
284 */
285 error = 0;
286 if (cmd & TIMER_RB_CTR_0)
287 error = pit_readback1(vatpit, 0, cmd);
288 if (!error && cmd & TIMER_RB_CTR_1)
289 error = pit_readback1(vatpit, 1, cmd);
290 if (!error && cmd & TIMER_RB_CTR_2)
291 error = pit_readback1(vatpit, 2, cmd);
292
293 return (error);
294 }
295
296 static int
vatpit_update_mode(struct vatpit * vatpit,uint8_t val)297 vatpit_update_mode(struct vatpit *vatpit, uint8_t val)
298 {
299 struct channel *c;
300 int sel, rw, mode;
301
302 sel = val & TIMER_SEL_MASK;
303 rw = val & TIMER_RW_MASK;
304 mode = val & TIMER_MODE_MASK;
305
306 if (sel == TIMER_SEL_READBACK)
307 return (pit_readback(vatpit, val));
308
309 if (rw != TIMER_LATCH && rw != TIMER_16BIT)
310 return (-1);
311
312 if (rw != TIMER_LATCH) {
313 /*
314 * Counter mode is not affected when issuing a
315 * latch command.
316 */
317 if (mode != TIMER_INTTC &&
318 mode != TIMER_RATEGEN &&
319 mode != TIMER_SQWAVE &&
320 mode != TIMER_SWSTROBE)
321 return (-1);
322 }
323
324 c = &vatpit->channel[sel >> 6];
325 if (rw == TIMER_LATCH)
326 pit_update_counter(vatpit, c, true);
327 else {
328 c->mode = mode;
329 c->olbyte = 0; /* reset latch after reprogramming */
330 c->status |= TIMER_STS_NULLCNT;
331 }
332
333 return (0);
334 }
335
336 int
vatpit_handler(struct vm * vm,bool in,int port,int bytes,uint32_t * eax)337 vatpit_handler(struct vm *vm, bool in, int port, int bytes, uint32_t *eax)
338 {
339 struct vatpit *vatpit;
340 struct channel *c;
341 uint8_t val;
342 int error;
343
344 vatpit = vm_atpit(vm);
345
346 if (bytes != 1)
347 return (-1);
348
349 val = *eax;
350
351 if (port == TIMER_MODE) {
352 if (in) {
353 VM_CTR0(vatpit->vm, "vatpit attempt to read mode");
354 return (-1);
355 }
356
357 VATPIT_LOCK(vatpit);
358 error = vatpit_update_mode(vatpit, val);
359 VATPIT_UNLOCK(vatpit);
360
361 return (error);
362 }
363
364 /* counter ports */
365 KASSERT(port >= TIMER_CNTR0 && port <= TIMER_CNTR2,
366 ("invalid port 0x%x", port));
367 c = &vatpit->channel[port - TIMER_CNTR0];
368
369 VATPIT_LOCK(vatpit);
370 if (in && c->slatched) {
371 /*
372 * Return the status byte if latched
373 */
374 *eax = c->status;
375 c->slatched = false;
376 c->status = 0;
377 } else if (in) {
378 /*
379 * The spec says that once the output latch is completely
380 * read it should revert to "following" the counter. Use
381 * the free running counter for this case (i.e. Linux
382 * TSC calibration). Assuming the access mode is 16-bit,
383 * toggle the MSB/LSB bit on each read.
384 */
385 if (c->olbyte == 0) {
386 uint16_t tmp;
387
388 tmp = pit_update_counter(vatpit, c, false);
389 if (c->frbyte)
390 tmp >>= 8;
391 tmp &= 0xff;
392 *eax = tmp;
393 c->frbyte ^= 1;
394 } else
395 *eax = c->ol[--c->olbyte];
396 } else {
397 c->cr[c->crbyte++] = *eax;
398 if (c->crbyte == 2) {
399 c->status &= ~TIMER_STS_NULLCNT;
400 c->frbyte = 0;
401 c->crbyte = 0;
402 c->initial = c->cr[0] | (uint16_t)c->cr[1] << 8;
403 binuptime(&c->now_bt);
404 /* Start an interval timer for channel 0 */
405 if (port == TIMER_CNTR0) {
406 c->callout_bt = c->now_bt;
407 pit_timer_start_cntr0(vatpit);
408 }
409 if (c->initial == 0)
410 c->initial = 0xffff;
411 }
412 }
413 VATPIT_UNLOCK(vatpit);
414
415 return (0);
416 }
417
418 int
vatpit_nmisc_handler(struct vm * vm,bool in,int port,int bytes,uint32_t * eax)419 vatpit_nmisc_handler(struct vm *vm, bool in, int port, int bytes,
420 uint32_t *eax)
421 {
422 struct vatpit *vatpit;
423
424 vatpit = vm_atpit(vm);
425
426 if (in) {
427 VATPIT_LOCK(vatpit);
428 if (vatpit_get_out(vatpit, 2))
429 *eax = TMR2_OUT_STS;
430 else
431 *eax = 0;
432
433 VATPIT_UNLOCK(vatpit);
434 }
435
436 return (0);
437 }
438
439 struct vatpit *
vatpit_init(struct vm * vm)440 vatpit_init(struct vm *vm)
441 {
442 struct vatpit *vatpit;
443 struct vatpit_callout_arg *arg;
444 int i;
445
446 vatpit = malloc(sizeof(struct vatpit), M_VATPIT, M_WAITOK | M_ZERO);
447 vatpit->vm = vm;
448
449 mtx_init(&vatpit->mtx, "vatpit lock", NULL, MTX_SPIN);
450
451 FREQ2BT(PIT_8254_FREQ, &vatpit->freq_bt);
452
453 for (i = 0; i < 3; i++) {
454 callout_init(&vatpit->channel[i].callout, 1);
455 arg = &vatpit->channel[i].callout_arg;
456 arg->vatpit = vatpit;
457 arg->channel_num = i;
458 }
459
460 return (vatpit);
461 }
462
463 void
vatpit_cleanup(struct vatpit * vatpit)464 vatpit_cleanup(struct vatpit *vatpit)
465 {
466 int i;
467
468 for (i = 0; i < 3; i++)
469 callout_drain(&vatpit->channel[i].callout);
470
471 mtx_destroy(&vatpit->mtx);
472 free(vatpit, M_VATPIT);
473 }
474
475 #ifdef BHYVE_SNAPSHOT
476 int
vatpit_snapshot(struct vatpit * vatpit,struct vm_snapshot_meta * meta)477 vatpit_snapshot(struct vatpit *vatpit, struct vm_snapshot_meta *meta)
478 {
479 int ret;
480 int i;
481 struct channel *channel;
482
483 SNAPSHOT_VAR_OR_LEAVE(vatpit->freq_bt.sec, meta, ret, done);
484 SNAPSHOT_VAR_OR_LEAVE(vatpit->freq_bt.frac, meta, ret, done);
485
486 /* properly restore timers; they will NOT work currently */
487 printf("%s: snapshot restore does not reset timers!\r\n", __func__);
488
489 for (i = 0; i < nitems(vatpit->channel); i++) {
490 channel = &vatpit->channel[i];
491
492 SNAPSHOT_VAR_OR_LEAVE(channel->mode, meta, ret, done);
493 SNAPSHOT_VAR_OR_LEAVE(channel->initial, meta, ret, done);
494 SNAPSHOT_VAR_OR_LEAVE(channel->now_bt.sec, meta, ret, done);
495 SNAPSHOT_VAR_OR_LEAVE(channel->now_bt.frac, meta, ret, done);
496 SNAPSHOT_BUF_OR_LEAVE(channel->cr, sizeof(channel->cr),
497 meta, ret, done);
498 SNAPSHOT_BUF_OR_LEAVE(channel->ol, sizeof(channel->ol),
499 meta, ret, done);
500 SNAPSHOT_VAR_OR_LEAVE(channel->slatched, meta, ret, done);
501 SNAPSHOT_VAR_OR_LEAVE(channel->status, meta, ret, done);
502 SNAPSHOT_VAR_OR_LEAVE(channel->crbyte, meta, ret, done);
503 SNAPSHOT_VAR_OR_LEAVE(channel->frbyte, meta, ret, done);
504 SNAPSHOT_VAR_OR_LEAVE(channel->callout_bt.sec, meta, ret, done);
505 SNAPSHOT_VAR_OR_LEAVE(channel->callout_bt.frac, meta, ret,
506 done);
507 }
508
509 done:
510 return (ret);
511 }
512 #endif
513