]> git.saurik.com Git - apple/xnu.git/blame_incremental - osfmk/i386/ucode.c
xnu-4570.41.2.tar.gz
[apple/xnu.git] / osfmk / i386 / ucode.c
... / ...
CommitLineData
1/*
2 * Copyright (c) 2017 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28/*
29 * ucode.c
30 *
31 * Microcode updater interface sysctl
32 */
33
34#include <kern/locks.h>
35#include <i386/ucode.h>
36#include <sys/errno.h>
37#include <i386/proc_reg.h>
38#include <i386/cpuid.h>
39#include <vm/vm_kern.h>
40#include <i386/mp.h> // mp_broadcast
41#include <machine/cpu_number.h> // cpu_number
42#include <pexpert/pexpert.h> // boot-args
43
44#define IA32_BIOS_UPDT_TRIG (0x79) /* microcode update trigger MSR */
45
46struct intel_ucupdate *global_update = NULL;
47
48/* Exceute the actual update! */
49static void
50update_microcode(void)
51{
52 /* SDM Example 9-8 code shows that we load the
53 * address of the UpdateData within the microcode blob,
54 * not the address of the header.
55 */
56 wrmsr64(IA32_BIOS_UPDT_TRIG, (uint64_t)(uintptr_t)&global_update->data);
57}
58
59/* locks */
60static lck_grp_attr_t *ucode_slock_grp_attr = NULL;
61static lck_grp_t *ucode_slock_grp = NULL;
62static lck_attr_t *ucode_slock_attr = NULL;
63static lck_spin_t *ucode_slock = NULL;
64
65static kern_return_t
66register_locks(void)
67{
68 /* already allocated? */
69 if (ucode_slock_grp_attr && ucode_slock_grp && ucode_slock_attr && ucode_slock)
70 return KERN_SUCCESS;
71
72 /* allocate lock group attribute and group */
73 if (!(ucode_slock_grp_attr = lck_grp_attr_alloc_init()))
74 goto nomem_out;
75
76 lck_grp_attr_setstat(ucode_slock_grp_attr);
77
78 if (!(ucode_slock_grp = lck_grp_alloc_init("uccode_lock", ucode_slock_grp_attr)))
79 goto nomem_out;
80
81 /* Allocate lock attribute */
82 if (!(ucode_slock_attr = lck_attr_alloc_init()))
83 goto nomem_out;
84
85 /* Allocate the spin lock */
86 /* We keep one global spin-lock. We could have one per update
87 * request... but srsly, why would you update microcode like that?
88 */
89 if (!(ucode_slock = lck_spin_alloc_init(ucode_slock_grp, ucode_slock_attr)))
90 goto nomem_out;
91
92 return KERN_SUCCESS;
93
94nomem_out:
95 /* clean up */
96 if (ucode_slock)
97 lck_spin_free(ucode_slock, ucode_slock_grp);
98 if (ucode_slock_attr)
99 lck_attr_free(ucode_slock_attr);
100 if (ucode_slock_grp)
101 lck_grp_free(ucode_slock_grp);
102 if (ucode_slock_grp_attr)
103 lck_grp_attr_free(ucode_slock_grp_attr);
104
105 return KERN_NO_SPACE;
106}
107
108/* Copy in an update */
109static int
110copyin_update(uint64_t inaddr)
111{
112 struct intel_ucupdate update_header;
113 struct intel_ucupdate *update;
114 vm_size_t size;
115 kern_return_t ret;
116 int error;
117
118 /* Copy in enough header to peek at the size */
119 error = copyin((user_addr_t)inaddr, (void *)&update_header, sizeof(update_header));
120 if (error)
121 return error;
122
123 /* Get the actual, alleged size */
124 size = update_header.total_size;
125
126 /* huge bogus piece of data that somehow made it through? */
127 if (size >= 1024 * 1024)
128 return ENOMEM;
129
130 /* Old microcodes? */
131 if (size == 0)
132 size = 2048; /* default update size; see SDM */
133
134 /*
135 * create the buffer for the update
136 * It need only be aligned to 16-bytes, according to the SDM.
137 * This also wires it down
138 */
139 ret = kmem_alloc_kobject(kernel_map, (vm_offset_t *)&update, size, VM_KERN_MEMORY_OSFMK);
140 if (ret != KERN_SUCCESS)
141 return ENOMEM;
142
143 /* Copy it in */
144 error = copyin((user_addr_t)inaddr, (void*)update, size);
145 if (error) {
146 kmem_free(kernel_map, (vm_offset_t)update, size);
147 return error;
148 }
149
150 global_update = update;
151 return 0;
152}
153
154/*
155 * This is called once by every CPU on a wake from sleep/hibernate
156 * and is meant to re-apply a microcode update that got lost
157 * by sleeping.
158 */
159void
160ucode_update_wake()
161{
162 if (global_update) {
163 kprintf("ucode: Re-applying update after wake (CPU #%d)\n", cpu_number());
164 update_microcode();
165#if DEBUG
166 } else {
167 kprintf("ucode: No update to apply (CPU #%d)\n", cpu_number());
168#endif
169 }
170}
171
172static void
173cpu_update(__unused void *arg)
174{
175 /* grab the lock */
176 lck_spin_lock(ucode_slock);
177
178 /* execute the update */
179 update_microcode();
180
181 /* release the lock */
182 lck_spin_unlock(ucode_slock);
183}
184
185/* Farm an update out to all CPUs */
186static void
187xcpu_update(void)
188{
189 if (register_locks() != KERN_SUCCESS)
190 return;
191
192 /* Get all CPUs to perform the update */
193 mp_broadcast(cpu_update, NULL);
194
195 /* Update the cpuid info */
196 cpuid_set_info();
197
198}
199
200/*
201 * sysctl function
202 *
203 */
204int
205ucode_interface(uint64_t addr)
206{
207 int error;
208 char arg[16];
209
210 if (PE_parse_boot_argn("-x", arg, sizeof (arg))) {
211 printf("ucode: no updates in safe mode\n");
212 return EPERM;
213 }
214
215#if !DEBUG
216 /*
217 * Userland may only call this once per boot. Anything else
218 * would not make sense (all updates are cumulative), and also
219 * leak memory, because we don't free previous updates.
220 */
221 if (global_update)
222 return EPERM;
223#endif
224
225 /* Get the whole microcode */
226 error = copyin_update(addr);
227
228 if (error)
229 return error;
230
231 /* Farm out the updates */
232 xcpu_update();
233
234 return 0;
235}