]> git.saurik.com Git - apple/xnu.git/blob - osfmk/kern/sfi.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-6153.61.1.tar.gz
[apple/xnu.git] / osfmk / kern / sfi.c
1 /*
2 * Copyright (c) 2013 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 #include <mach/mach_types.h>
29 #include <kern/assert.h>
30 #include <kern/clock.h>
31 #include <kern/coalition.h>
32 #include <kern/debug.h>
33 #include <kern/host.h>
34 #include <kern/kalloc.h>
35 #include <kern/kern_types.h>
36 #include <kern/machine.h>
37 #include <kern/simple_lock.h>
38 #include <kern/misc_protos.h>
39 #include <kern/sched.h>
40 #include <kern/sched_prim.h>
41 #include <kern/sfi.h>
42 #include <kern/timer_call.h>
43 #include <kern/waitq.h>
44 #include <kern/ledger.h>
45 #include <kern/policy_internal.h>
46
47 #include <machine/atomic.h>
48
49 #include <pexpert/pexpert.h>
50
51 #include <libkern/kernel_mach_header.h>
52
53 #include <sys/kdebug.h>
54
55 #if CONFIG_SCHED_SFI
56
57 #define SFI_DEBUG 0
58
59 #if SFI_DEBUG
60 #define dprintf(...) kprintf(__VA_ARGS__)
61 #else
62 #define dprintf(...) do { } while(0)
63 #endif
64
65 /*
66 * SFI (Selective Forced Idle) operates by enabling a global
67 * timer on the SFI window interval. When it fires, all processors
68 * running a thread that should be SFI-ed are sent an AST.
69 * As threads become runnable while in their "off phase", they
70 * are placed on a deferred ready queue. When a per-class
71 * "on timer" fires, the ready threads for that class are
72 * re-enqueued for running. As an optimization to avoid spurious
73 * wakeups, the timer may be lazily programmed.
74 */
75
76 /*
77 * The "sfi_lock" simple lock guards access to static configuration
78 * parameters (as specified by userspace), dynamic state changes
79 * (as updated by the timer event routine), and timer data structures.
80 * Since it can be taken with interrupts disabled in some cases, all
81 * uses should be taken with interrupts disabled at splsched(). The
82 * "sfi_lock" also guards the "sfi_wait_class" field of thread_t, and
83 * must only be accessed with it held.
84 *
85 * When an "on timer" fires, we must deterministically be able to drain
86 * the wait queue, since if any threads are added to the queue afterwards,
87 * they may never get woken out of SFI wait. So sfi_lock must be
88 * taken before the wait queue's own spinlock.
89 *
90 * The wait queue will take the thread's scheduling lock. We may also take
91 * the thread_lock directly to update the "sfi_class" field and determine
92 * if the thread should block in the wait queue, but the lock will be
93 * released before doing so.
94 *
95 * The pset lock may also be taken, but not while any other locks are held.
96 *
97 * The task and thread mutex may also be held while reevaluating sfi state.
98 *
99 * splsched ---> sfi_lock ---> waitq ---> thread_lock
100 * \ \ \__ thread_lock (*)
101 * \ \__ pset_lock
102 * \
103 * \__ thread_lock
104 */
105
106 decl_simple_lock_data(static, sfi_lock);
107 static timer_call_data_t sfi_timer_call_entry;
108 volatile boolean_t sfi_is_enabled;
109
110 boolean_t sfi_window_is_set;
111 uint64_t sfi_window_usecs;
112 uint64_t sfi_window_interval;
113 uint64_t sfi_next_off_deadline;
114
115 typedef struct {
116 sfi_class_id_t class_id;
117 thread_continue_t class_continuation;
118 const char * class_name;
119 const char * class_ledger_name;
120 } sfi_class_registration_t;
121
122 /*
123 * To add a new SFI class:
124 *
125 * 1) Raise MAX_SFI_CLASS_ID in mach/sfi_class.h
126 * 2) Add a #define for it to mach/sfi_class.h. It need not be inserted in order of restrictiveness.
127 * 3) Add a call to SFI_CLASS_REGISTER below
128 * 4) Augment sfi_thread_classify to categorize threads as early as possible for as restrictive as possible.
129 * 5) Modify thermald to use the SFI class
130 */
131
132 static inline void _sfi_wait_cleanup(void);
133
134 #define SFI_CLASS_REGISTER(clsid, ledger_name) \
135 static void __attribute__((noinline, noreturn)) \
136 SFI_ ## clsid ## _THREAD_IS_WAITING(void *arg __unused, wait_result_t wret __unused) \
137 { \
138 _sfi_wait_cleanup(); \
139 thread_exception_return(); \
140 } \
141 \
142 _Static_assert(SFI_CLASS_ ## clsid < MAX_SFI_CLASS_ID, "Invalid ID"); \
143 \
144 __attribute__((section("__DATA,__sfi_class_reg"), used)) \
145 static sfi_class_registration_t SFI_ ## clsid ## _registration = { \
146 .class_id = SFI_CLASS_ ## clsid, \
147 .class_continuation = SFI_ ## clsid ## _THREAD_IS_WAITING, \
148 .class_name = "SFI_CLASS_" # clsid, \
149 .class_ledger_name = "SFI_CLASS_" # ledger_name, \
150 }
151
152 /* SFI_CLASS_UNSPECIFIED not included here */
153 SFI_CLASS_REGISTER(MAINTENANCE, MAINTENANCE);
154 SFI_CLASS_REGISTER(DARWIN_BG, DARWIN_BG);
155 SFI_CLASS_REGISTER(APP_NAP, APP_NAP);
156 SFI_CLASS_REGISTER(MANAGED_FOCAL, MANAGED);
157 SFI_CLASS_REGISTER(MANAGED_NONFOCAL, MANAGED);
158 SFI_CLASS_REGISTER(UTILITY, UTILITY);
159 SFI_CLASS_REGISTER(DEFAULT_FOCAL, DEFAULT);
160 SFI_CLASS_REGISTER(DEFAULT_NONFOCAL, DEFAULT);
161 SFI_CLASS_REGISTER(LEGACY_FOCAL, LEGACY);
162 SFI_CLASS_REGISTER(LEGACY_NONFOCAL, LEGACY);
163 SFI_CLASS_REGISTER(USER_INITIATED_FOCAL, USER_INITIATED);
164 SFI_CLASS_REGISTER(USER_INITIATED_NONFOCAL, USER_INITIATED);
165 SFI_CLASS_REGISTER(USER_INTERACTIVE_FOCAL, USER_INTERACTIVE);
166 SFI_CLASS_REGISTER(USER_INTERACTIVE_NONFOCAL, USER_INTERACTIVE);
167 SFI_CLASS_REGISTER(KERNEL, OPTED_OUT);
168 SFI_CLASS_REGISTER(OPTED_OUT, OPTED_OUT);
169
170 struct sfi_class_state {
171 uint64_t off_time_usecs;
172 uint64_t off_time_interval;
173
174 timer_call_data_t on_timer;
175 uint64_t on_timer_deadline;
176 boolean_t on_timer_programmed;
177
178 boolean_t class_sfi_is_enabled;
179 volatile boolean_t class_in_on_phase;
180
181 struct waitq waitq; /* threads in ready state */
182 thread_continue_t continuation;
183
184 const char * class_name;
185 const char * class_ledger_name;
186 };
187
188 /* Static configuration performed in sfi_early_init() */
189 struct sfi_class_state sfi_classes[MAX_SFI_CLASS_ID];
190
191 int sfi_enabled_class_count;
192
193 static void sfi_timer_global_off(
194 timer_call_param_t param0,
195 timer_call_param_t param1);
196
197 static void sfi_timer_per_class_on(
198 timer_call_param_t param0,
199 timer_call_param_t param1);
200
201 static sfi_class_registration_t *
202 sfi_get_registration_data(unsigned long *count)
203 {
204 unsigned long sectlen = 0;
205 void *sectdata;
206
207 sectdata = getsectdatafromheader(&_mh_execute_header, "__DATA", "__sfi_class_reg", &sectlen);
208 if (sectdata) {
209 if (sectlen % sizeof(sfi_class_registration_t) != 0) {
210 /* corrupt data? */
211 panic("__sfi_class_reg section has invalid size %lu", sectlen);
212 __builtin_unreachable();
213 }
214
215 *count = sectlen / sizeof(sfi_class_registration_t);
216 return (sfi_class_registration_t *)sectdata;
217 } else {
218 panic("__sfi_class_reg section not found");
219 __builtin_unreachable();
220 }
221 }
222
223 /* Called early in boot, when kernel is single-threaded */
224 void
225 sfi_early_init(void)
226 {
227 unsigned long i, count;
228 sfi_class_registration_t *registrations;
229
230 registrations = sfi_get_registration_data(&count);
231 for (i = 0; i < count; i++) {
232 sfi_class_id_t class_id = registrations[i].class_id;
233
234 assert(class_id < MAX_SFI_CLASS_ID); /* should be caught at compile-time */
235 if (class_id < MAX_SFI_CLASS_ID) {
236 if (sfi_classes[class_id].continuation != NULL) {
237 panic("Duplicate SFI registration for class 0x%x", class_id);
238 }
239 sfi_classes[class_id].class_sfi_is_enabled = FALSE;
240 sfi_classes[class_id].class_in_on_phase = TRUE;
241 sfi_classes[class_id].continuation = registrations[i].class_continuation;
242 sfi_classes[class_id].class_name = registrations[i].class_name;
243 sfi_classes[class_id].class_ledger_name = registrations[i].class_ledger_name;
244 }
245 }
246 }
247
248 void
249 sfi_init(void)
250 {
251 sfi_class_id_t i;
252 kern_return_t kret;
253
254 simple_lock_init(&sfi_lock, 0);
255 timer_call_setup(&sfi_timer_call_entry, sfi_timer_global_off, NULL);
256 sfi_window_is_set = FALSE;
257 sfi_enabled_class_count = 0;
258 sfi_is_enabled = FALSE;
259
260 for (i = 0; i < MAX_SFI_CLASS_ID; i++) {
261 /* If the class was set up in sfi_early_init(), initialize remaining fields */
262 if (sfi_classes[i].continuation) {
263 timer_call_setup(&sfi_classes[i].on_timer, sfi_timer_per_class_on, (void *)(uintptr_t)i);
264 sfi_classes[i].on_timer_programmed = FALSE;
265
266 kret = waitq_init(&sfi_classes[i].waitq, SYNC_POLICY_FIFO | SYNC_POLICY_DISABLE_IRQ);
267 assert(kret == KERN_SUCCESS);
268 } else {
269 /* The only allowed gap is for SFI_CLASS_UNSPECIFIED */
270 if (i != SFI_CLASS_UNSPECIFIED) {
271 panic("Gap in registered SFI classes");
272 }
273 }
274 }
275 }
276
277 /* Can be called before sfi_init() by task initialization, but after sfi_early_init() */
278 sfi_class_id_t
279 sfi_get_ledger_alias_for_class(sfi_class_id_t class_id)
280 {
281 sfi_class_id_t i;
282 const char *ledger_name = NULL;
283
284 ledger_name = sfi_classes[class_id].class_ledger_name;
285
286 /* Find the first class in the registration table with this ledger name */
287 if (ledger_name) {
288 for (i = SFI_CLASS_UNSPECIFIED + 1; i < class_id; i++) {
289 if (0 == strcmp(sfi_classes[i].class_ledger_name, ledger_name)) {
290 dprintf("sfi_get_ledger_alias_for_class(0x%x) -> 0x%x\n", class_id, i);
291 return i;
292 }
293 }
294
295 /* This class is the primary one for the ledger, so there is no alias */
296 dprintf("sfi_get_ledger_alias_for_class(0x%x) -> 0x%x\n", class_id, SFI_CLASS_UNSPECIFIED);
297 return SFI_CLASS_UNSPECIFIED;
298 }
299
300 /* We are permissive on SFI class lookup failures. In sfi_init(), we assert more */
301 return SFI_CLASS_UNSPECIFIED;
302 }
303
304 int
305 sfi_ledger_entry_add(ledger_template_t template, sfi_class_id_t class_id)
306 {
307 const char *ledger_name = NULL;
308
309 ledger_name = sfi_classes[class_id].class_ledger_name;
310
311 dprintf("sfi_ledger_entry_add(%p, 0x%x) -> %s\n", template, class_id, ledger_name);
312 return ledger_entry_add(template, ledger_name, "sfi", "MATUs");
313 }
314
315 static void
316 sfi_timer_global_off(
317 timer_call_param_t param0 __unused,
318 timer_call_param_t param1 __unused)
319 {
320 uint64_t now = mach_absolute_time();
321 sfi_class_id_t i;
322 processor_set_t pset, nset;
323 processor_t processor;
324 uint32_t needs_cause_ast_mask = 0x0;
325 spl_t s;
326
327 s = splsched();
328
329 simple_lock(&sfi_lock, LCK_GRP_NULL);
330 if (!sfi_is_enabled) {
331 /* If SFI has been disabled, let all "on" timers drain naturally */
332 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_OFF_TIMER) | DBG_FUNC_NONE, 1, 0, 0, 0, 0);
333
334 simple_unlock(&sfi_lock);
335 splx(s);
336 return;
337 }
338
339 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_OFF_TIMER) | DBG_FUNC_START, 0, 0, 0, 0, 0);
340
341 /* First set all configured classes into the off state, and program their "on" timer */
342 for (i = 0; i < MAX_SFI_CLASS_ID; i++) {
343 if (sfi_classes[i].class_sfi_is_enabled) {
344 uint64_t on_timer_deadline;
345
346 sfi_classes[i].class_in_on_phase = FALSE;
347 sfi_classes[i].on_timer_programmed = TRUE;
348
349 /* Push out on-timer */
350 on_timer_deadline = now + sfi_classes[i].off_time_interval;
351 sfi_classes[i].on_timer_deadline = on_timer_deadline;
352
353 timer_call_enter1(&sfi_classes[i].on_timer, NULL, on_timer_deadline, TIMER_CALL_SYS_CRITICAL);
354 } else {
355 /* If this class no longer needs SFI, make sure the timer is cancelled */
356 sfi_classes[i].class_in_on_phase = TRUE;
357 if (sfi_classes[i].on_timer_programmed) {
358 sfi_classes[i].on_timer_programmed = FALSE;
359 sfi_classes[i].on_timer_deadline = ~0ULL;
360 timer_call_cancel(&sfi_classes[i].on_timer);
361 }
362 }
363 }
364 simple_unlock(&sfi_lock);
365
366 /* Iterate over processors, call cause_ast_check() on ones running a thread that should be in an off phase */
367 processor = processor_list;
368 pset = processor->processor_set;
369
370 pset_lock(pset);
371
372 do {
373 nset = processor->processor_set;
374 if (nset != pset) {
375 pset_unlock(pset);
376 pset = nset;
377 pset_lock(pset);
378 }
379
380 /* "processor" and its pset are locked */
381 if (processor->state == PROCESSOR_RUNNING) {
382 if (AST_NONE != sfi_processor_needs_ast(processor)) {
383 needs_cause_ast_mask |= (1U << processor->cpu_id);
384 }
385 }
386 } while ((processor = processor->processor_list) != NULL);
387
388 pset_unlock(pset);
389
390 for (int cpuid = lsb_first(needs_cause_ast_mask); cpuid >= 0; cpuid = lsb_next(needs_cause_ast_mask, cpuid)) {
391 processor = processor_array[cpuid];
392 if (processor == current_processor()) {
393 ast_on(AST_SFI);
394 } else {
395 cause_ast_check(processor);
396 }
397 }
398
399 /* Re-arm timer if still enabled */
400 simple_lock(&sfi_lock, LCK_GRP_NULL);
401 if (sfi_is_enabled) {
402 clock_deadline_for_periodic_event(sfi_window_interval,
403 now,
404 &sfi_next_off_deadline);
405 timer_call_enter1(&sfi_timer_call_entry,
406 NULL,
407 sfi_next_off_deadline,
408 TIMER_CALL_SYS_CRITICAL);
409 }
410
411 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_OFF_TIMER) | DBG_FUNC_END, 0, 0, 0, 0, 0);
412
413 simple_unlock(&sfi_lock);
414
415 splx(s);
416 }
417
418 static void
419 sfi_timer_per_class_on(
420 timer_call_param_t param0,
421 timer_call_param_t param1 __unused)
422 {
423 sfi_class_id_t sfi_class_id = (sfi_class_id_t)(uintptr_t)param0;
424 struct sfi_class_state *sfi_class = &sfi_classes[sfi_class_id];
425 kern_return_t kret;
426 spl_t s;
427
428 s = splsched();
429
430 simple_lock(&sfi_lock, LCK_GRP_NULL);
431
432 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_ON_TIMER) | DBG_FUNC_START, sfi_class_id, 0, 0, 0, 0);
433
434 /*
435 * Any threads that may have accumulated in the ready queue for this class should get re-enqueued.
436 * Since we have the sfi_lock held and have changed "class_in_on_phase", we expect
437 * no new threads to be put on this wait queue until the global "off timer" has fired.
438 */
439
440 sfi_class->class_in_on_phase = TRUE;
441 sfi_class->on_timer_programmed = FALSE;
442
443 kret = waitq_wakeup64_all(&sfi_class->waitq,
444 CAST_EVENT64_T(sfi_class_id),
445 THREAD_AWAKENED, WAITQ_ALL_PRIORITIES);
446 assert(kret == KERN_SUCCESS || kret == KERN_NOT_WAITING);
447
448 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_ON_TIMER) | DBG_FUNC_END, 0, 0, 0, 0, 0);
449
450 simple_unlock(&sfi_lock);
451
452 splx(s);
453 }
454
455
456 kern_return_t
457 sfi_set_window(uint64_t window_usecs)
458 {
459 uint64_t interval, deadline;
460 uint64_t now = mach_absolute_time();
461 sfi_class_id_t i;
462 spl_t s;
463 uint64_t largest_class_off_interval = 0;
464
465 if (window_usecs < MIN_SFI_WINDOW_USEC) {
466 window_usecs = MIN_SFI_WINDOW_USEC;
467 }
468
469 if (window_usecs > UINT32_MAX) {
470 return KERN_INVALID_ARGUMENT;
471 }
472
473 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_SET_WINDOW), window_usecs, 0, 0, 0, 0);
474
475 clock_interval_to_absolutetime_interval((uint32_t)window_usecs, NSEC_PER_USEC, &interval);
476 deadline = now + interval;
477
478 s = splsched();
479
480 simple_lock(&sfi_lock, LCK_GRP_NULL);
481
482 /* Check that we are not bringing in the SFI window smaller than any class */
483 for (i = 0; i < MAX_SFI_CLASS_ID; i++) {
484 if (sfi_classes[i].class_sfi_is_enabled) {
485 largest_class_off_interval = MAX(largest_class_off_interval, sfi_classes[i].off_time_interval);
486 }
487 }
488
489 /*
490 * Off window must be strictly greater than all enabled classes,
491 * otherwise threads would build up on ready queue and never be able to run.
492 */
493 if (interval <= largest_class_off_interval) {
494 simple_unlock(&sfi_lock);
495 splx(s);
496 return KERN_INVALID_ARGUMENT;
497 }
498
499 /*
500 * If the new "off" deadline is further out than the current programmed timer,
501 * just let the current one expire (and the new cadence will be established thereafter).
502 * If the new "off" deadline is nearer than the current one, bring it in, so we
503 * can start the new behavior sooner. Note that this may cause the "off" timer to
504 * fire before some of the class "on" timers have fired.
505 */
506 sfi_window_usecs = window_usecs;
507 sfi_window_interval = interval;
508 sfi_window_is_set = TRUE;
509
510 if (sfi_enabled_class_count == 0) {
511 /* Can't program timer yet */
512 } else if (!sfi_is_enabled) {
513 sfi_is_enabled = TRUE;
514 sfi_next_off_deadline = deadline;
515 timer_call_enter1(&sfi_timer_call_entry,
516 NULL,
517 sfi_next_off_deadline,
518 TIMER_CALL_SYS_CRITICAL);
519 } else if (deadline >= sfi_next_off_deadline) {
520 sfi_next_off_deadline = deadline;
521 } else {
522 sfi_next_off_deadline = deadline;
523 timer_call_enter1(&sfi_timer_call_entry,
524 NULL,
525 sfi_next_off_deadline,
526 TIMER_CALL_SYS_CRITICAL);
527 }
528
529 simple_unlock(&sfi_lock);
530 splx(s);
531
532 return KERN_SUCCESS;
533 }
534
535 kern_return_t
536 sfi_window_cancel(void)
537 {
538 spl_t s;
539
540 s = splsched();
541
542 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_CANCEL_WINDOW), 0, 0, 0, 0, 0);
543
544 /* Disable globals so that global "off-timer" is not re-armed */
545 simple_lock(&sfi_lock, LCK_GRP_NULL);
546 sfi_window_is_set = FALSE;
547 sfi_window_usecs = 0;
548 sfi_window_interval = 0;
549 sfi_next_off_deadline = 0;
550 sfi_is_enabled = FALSE;
551 simple_unlock(&sfi_lock);
552
553 splx(s);
554
555 return KERN_SUCCESS;
556 }
557
558 /* Defers SFI off and per-class on timers (if live) by the specified interval
559 * in Mach Absolute Time Units. Currently invoked to align with the global
560 * forced idle mechanism. Making some simplifying assumptions, the iterative GFI
561 * induced SFI on+off deferrals form a geometric series that converges to yield
562 * an effective SFI duty cycle that is scaled by the GFI duty cycle. Initial phase
563 * alignment and congruency of the SFI/GFI periods can distort this to some extent.
564 */
565
566 kern_return_t
567 sfi_defer(uint64_t sfi_defer_matus)
568 {
569 spl_t s;
570 kern_return_t kr = KERN_FAILURE;
571 s = splsched();
572
573 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_GLOBAL_DEFER), sfi_defer_matus, 0, 0, 0, 0);
574
575 simple_lock(&sfi_lock, LCK_GRP_NULL);
576 if (!sfi_is_enabled) {
577 goto sfi_defer_done;
578 }
579
580 assert(sfi_next_off_deadline != 0);
581
582 sfi_next_off_deadline += sfi_defer_matus;
583 timer_call_enter1(&sfi_timer_call_entry, NULL, sfi_next_off_deadline, TIMER_CALL_SYS_CRITICAL);
584
585 int i;
586 for (i = 0; i < MAX_SFI_CLASS_ID; i++) {
587 if (sfi_classes[i].class_sfi_is_enabled) {
588 if (sfi_classes[i].on_timer_programmed) {
589 uint64_t new_on_deadline = sfi_classes[i].on_timer_deadline + sfi_defer_matus;
590 sfi_classes[i].on_timer_deadline = new_on_deadline;
591 timer_call_enter1(&sfi_classes[i].on_timer, NULL, new_on_deadline, TIMER_CALL_SYS_CRITICAL);
592 }
593 }
594 }
595
596 kr = KERN_SUCCESS;
597 sfi_defer_done:
598 simple_unlock(&sfi_lock);
599
600 splx(s);
601
602 return kr;
603 }
604
605
606 kern_return_t
607 sfi_get_window(uint64_t *window_usecs)
608 {
609 spl_t s;
610 uint64_t off_window_us;
611
612 s = splsched();
613 simple_lock(&sfi_lock, LCK_GRP_NULL);
614
615 off_window_us = sfi_window_usecs;
616
617 simple_unlock(&sfi_lock);
618 splx(s);
619
620 *window_usecs = off_window_us;
621
622 return KERN_SUCCESS;
623 }
624
625
626 kern_return_t
627 sfi_set_class_offtime(sfi_class_id_t class_id, uint64_t offtime_usecs)
628 {
629 uint64_t interval;
630 spl_t s;
631 uint64_t off_window_interval;
632
633 if (offtime_usecs < MIN_SFI_WINDOW_USEC) {
634 offtime_usecs = MIN_SFI_WINDOW_USEC;
635 }
636
637 if (class_id == SFI_CLASS_UNSPECIFIED || class_id >= MAX_SFI_CLASS_ID) {
638 return KERN_INVALID_ARGUMENT;
639 }
640
641 if (offtime_usecs > UINT32_MAX) {
642 return KERN_INVALID_ARGUMENT;
643 }
644
645 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_SET_CLASS_OFFTIME), offtime_usecs, class_id, 0, 0, 0);
646
647 clock_interval_to_absolutetime_interval((uint32_t)offtime_usecs, NSEC_PER_USEC, &interval);
648
649 s = splsched();
650
651 simple_lock(&sfi_lock, LCK_GRP_NULL);
652 off_window_interval = sfi_window_interval;
653
654 /* Check that we are not bringing in class off-time larger than the SFI window */
655 if (off_window_interval && (interval >= off_window_interval)) {
656 simple_unlock(&sfi_lock);
657 splx(s);
658 return KERN_INVALID_ARGUMENT;
659 }
660
661 /* We never re-program the per-class on-timer, but rather just let it expire naturally */
662 if (!sfi_classes[class_id].class_sfi_is_enabled) {
663 sfi_enabled_class_count++;
664 }
665 sfi_classes[class_id].off_time_usecs = offtime_usecs;
666 sfi_classes[class_id].off_time_interval = interval;
667 sfi_classes[class_id].class_sfi_is_enabled = TRUE;
668
669 if (sfi_window_is_set && !sfi_is_enabled) {
670 /* start global off timer */
671 sfi_is_enabled = TRUE;
672 sfi_next_off_deadline = mach_absolute_time() + sfi_window_interval;
673 timer_call_enter1(&sfi_timer_call_entry,
674 NULL,
675 sfi_next_off_deadline,
676 TIMER_CALL_SYS_CRITICAL);
677 }
678
679 simple_unlock(&sfi_lock);
680
681 splx(s);
682
683 return KERN_SUCCESS;
684 }
685
686 kern_return_t
687 sfi_class_offtime_cancel(sfi_class_id_t class_id)
688 {
689 spl_t s;
690
691 if (class_id == SFI_CLASS_UNSPECIFIED || class_id >= MAX_SFI_CLASS_ID) {
692 return KERN_INVALID_ARGUMENT;
693 }
694
695 s = splsched();
696
697 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_CANCEL_CLASS_OFFTIME), class_id, 0, 0, 0, 0);
698
699 simple_lock(&sfi_lock, LCK_GRP_NULL);
700
701 /* We never re-program the per-class on-timer, but rather just let it expire naturally */
702 if (sfi_classes[class_id].class_sfi_is_enabled) {
703 sfi_enabled_class_count--;
704 }
705 sfi_classes[class_id].off_time_usecs = 0;
706 sfi_classes[class_id].off_time_interval = 0;
707 sfi_classes[class_id].class_sfi_is_enabled = FALSE;
708
709 if (sfi_enabled_class_count == 0) {
710 sfi_is_enabled = FALSE;
711 }
712
713 simple_unlock(&sfi_lock);
714
715 splx(s);
716
717 return KERN_SUCCESS;
718 }
719
720 kern_return_t
721 sfi_get_class_offtime(sfi_class_id_t class_id, uint64_t *offtime_usecs)
722 {
723 uint64_t off_time_us;
724 spl_t s;
725
726 if (class_id == SFI_CLASS_UNSPECIFIED || class_id >= MAX_SFI_CLASS_ID) {
727 return 0;
728 }
729
730 s = splsched();
731
732 simple_lock(&sfi_lock, LCK_GRP_NULL);
733 off_time_us = sfi_classes[class_id].off_time_usecs;
734 simple_unlock(&sfi_lock);
735
736 splx(s);
737
738 *offtime_usecs = off_time_us;
739
740 return KERN_SUCCESS;
741 }
742
743 /*
744 * sfi_thread_classify and sfi_processor_active_thread_classify perform the critical
745 * role of quickly categorizing a thread into its SFI class so that an AST_SFI can be
746 * set. As the thread is unwinding to userspace, sfi_ast() performs full locking
747 * and determines whether the thread should enter an SFI wait state. Because of
748 * the inherent races between the time the AST is set and when it is evaluated,
749 * thread classification can be inaccurate (but should always be safe). This is
750 * especially the case for sfi_processor_active_thread_classify, which must
751 * classify the active thread on a remote processor without taking the thread lock.
752 * When in doubt, classification should err on the side of *not* classifying a
753 * thread at all, and wait for the thread itself to either hit a quantum expiration
754 * or block inside the kernel.
755 */
756
757 /*
758 * Thread must be locked. Ultimately, the real decision to enter
759 * SFI wait happens at the AST boundary.
760 */
761 sfi_class_id_t
762 sfi_thread_classify(thread_t thread)
763 {
764 task_t task = thread->task;
765 boolean_t is_kernel_thread = (task == kernel_task);
766 sched_mode_t thmode = thread->sched_mode;
767 boolean_t focal = FALSE;
768
769 int task_role = proc_get_effective_task_policy(task, TASK_POLICY_ROLE);
770 int latency_qos = proc_get_effective_task_policy(task, TASK_POLICY_LATENCY_QOS);
771 int managed_task = proc_get_effective_task_policy(task, TASK_POLICY_SFI_MANAGED);
772
773 int thread_qos = proc_get_effective_thread_policy(thread, TASK_POLICY_QOS);
774 int thread_bg = proc_get_effective_thread_policy(thread, TASK_POLICY_DARWIN_BG);
775
776 /* kernel threads never reach the user AST boundary, and are in a separate world for SFI */
777 if (is_kernel_thread) {
778 return SFI_CLASS_KERNEL;
779 }
780
781 if (thread_qos == THREAD_QOS_MAINTENANCE) {
782 return SFI_CLASS_MAINTENANCE;
783 }
784
785 if (thread_bg || thread_qos == THREAD_QOS_BACKGROUND) {
786 return SFI_CLASS_DARWIN_BG;
787 }
788
789 if (latency_qos != 0) {
790 int latency_qos_wtf = latency_qos - 1;
791
792 if ((latency_qos_wtf >= 4) && (latency_qos_wtf <= 5)) {
793 return SFI_CLASS_APP_NAP;
794 }
795 }
796
797 /*
798 * Realtime and fixed priority threads express their duty cycle constraints
799 * via other mechanisms, and are opted out of (most) forms of SFI
800 */
801 if (thmode == TH_MODE_REALTIME || thmode == TH_MODE_FIXED || task_role == TASK_GRAPHICS_SERVER) {
802 return SFI_CLASS_OPTED_OUT;
803 }
804
805 /*
806 * Threads with unspecified, legacy, or user-initiated QOS class can be individually managed.
807 */
808 switch (task_role) {
809 case TASK_CONTROL_APPLICATION:
810 case TASK_FOREGROUND_APPLICATION:
811 focal = TRUE;
812 break;
813 case TASK_BACKGROUND_APPLICATION:
814 case TASK_DEFAULT_APPLICATION:
815 case TASK_UNSPECIFIED:
816 /* Focal if the task is in a coalition with a FG/focal app */
817 if (task_coalition_focal_count(thread->task) > 0) {
818 focal = TRUE;
819 }
820 break;
821 case TASK_THROTTLE_APPLICATION:
822 case TASK_DARWINBG_APPLICATION:
823 case TASK_NONUI_APPLICATION:
824 /* Definitely not focal */
825 default:
826 break;
827 }
828
829 if (managed_task) {
830 switch (thread_qos) {
831 case THREAD_QOS_UNSPECIFIED:
832 case THREAD_QOS_LEGACY:
833 case THREAD_QOS_USER_INITIATED:
834 if (focal) {
835 return SFI_CLASS_MANAGED_FOCAL;
836 } else {
837 return SFI_CLASS_MANAGED_NONFOCAL;
838 }
839 default:
840 break;
841 }
842 }
843
844 if (thread_qos == THREAD_QOS_UTILITY) {
845 return SFI_CLASS_UTILITY;
846 }
847
848 /*
849 * Classify threads in non-managed tasks
850 */
851 if (focal) {
852 switch (thread_qos) {
853 case THREAD_QOS_USER_INTERACTIVE:
854 return SFI_CLASS_USER_INTERACTIVE_FOCAL;
855 case THREAD_QOS_USER_INITIATED:
856 return SFI_CLASS_USER_INITIATED_FOCAL;
857 case THREAD_QOS_LEGACY:
858 return SFI_CLASS_LEGACY_FOCAL;
859 default:
860 return SFI_CLASS_DEFAULT_FOCAL;
861 }
862 } else {
863 switch (thread_qos) {
864 case THREAD_QOS_USER_INTERACTIVE:
865 return SFI_CLASS_USER_INTERACTIVE_NONFOCAL;
866 case THREAD_QOS_USER_INITIATED:
867 return SFI_CLASS_USER_INITIATED_NONFOCAL;
868 case THREAD_QOS_LEGACY:
869 return SFI_CLASS_LEGACY_NONFOCAL;
870 default:
871 return SFI_CLASS_DEFAULT_NONFOCAL;
872 }
873 }
874 }
875
876 /*
877 * pset must be locked.
878 */
879 sfi_class_id_t
880 sfi_processor_active_thread_classify(processor_t processor)
881 {
882 return processor->current_sfi_class;
883 }
884
885 /*
886 * thread must be locked. This is inherently racy, with the intent that
887 * at the AST boundary, it will be fully evaluated whether we need to
888 * perform an AST wait
889 */
890 ast_t
891 sfi_thread_needs_ast(thread_t thread, sfi_class_id_t *out_class)
892 {
893 sfi_class_id_t class_id;
894
895 class_id = sfi_thread_classify(thread);
896
897 if (out_class) {
898 *out_class = class_id;
899 }
900
901 /* No lock taken, so a stale value may be used. */
902 if (!sfi_classes[class_id].class_in_on_phase) {
903 return AST_SFI;
904 } else {
905 return AST_NONE;
906 }
907 }
908
909 /*
910 * pset must be locked. We take the SFI class for
911 * the currently running thread which is cached on
912 * the processor_t, and assume it is accurate. In the
913 * worst case, the processor will get an IPI and be asked
914 * to evaluate if the current running thread at that
915 * later point in time should be in an SFI wait.
916 */
917 ast_t
918 sfi_processor_needs_ast(processor_t processor)
919 {
920 sfi_class_id_t class_id;
921
922 class_id = sfi_processor_active_thread_classify(processor);
923
924 /* No lock taken, so a stale value may be used. */
925 if (!sfi_classes[class_id].class_in_on_phase) {
926 return AST_SFI;
927 } else {
928 return AST_NONE;
929 }
930 }
931
932 static inline void
933 _sfi_wait_cleanup(void)
934 {
935 thread_t self = current_thread();
936
937 spl_t s = splsched();
938 simple_lock(&sfi_lock, LCK_GRP_NULL);
939
940 sfi_class_id_t current_sfi_wait_class = self->sfi_wait_class;
941
942 assert((SFI_CLASS_UNSPECIFIED < current_sfi_wait_class) &&
943 (current_sfi_wait_class < MAX_SFI_CLASS_ID));
944
945 self->sfi_wait_class = SFI_CLASS_UNSPECIFIED;
946
947 simple_unlock(&sfi_lock);
948 splx(s);
949
950 /*
951 * It's possible for the thread to be woken up due to the SFI period
952 * ending *before* it finishes blocking. In that case,
953 * wait_sfi_begin_time won't be set.
954 *
955 * Derive the time sacrificed to SFI by looking at when this thread was
956 * awoken by the on-timer, to avoid counting the time this thread spent
957 * waiting to get scheduled.
958 *
959 * Note that last_made_runnable_time could be reset if this thread
960 * gets preempted before we read the value. To fix that, we'd need to
961 * track wait time in a thread timer, sample the timer before blocking,
962 * pass the value through thread->parameter, and subtract that.
963 */
964
965 if (self->wait_sfi_begin_time != 0) {
966 #if !CONFIG_EMBEDDED
967 uint64_t made_runnable = os_atomic_load(&self->last_made_runnable_time, relaxed);
968 int64_t sfi_wait_time = made_runnable - self->wait_sfi_begin_time;
969 assert(sfi_wait_time >= 0);
970
971 ledger_credit(self->task->ledger, task_ledgers.sfi_wait_times[current_sfi_wait_class],
972 sfi_wait_time);
973 #endif /* !CONFIG_EMBEDDED */
974
975 self->wait_sfi_begin_time = 0;
976 }
977 }
978
979 /*
980 * Called at AST context to fully evaluate if the current thread
981 * (which is obviously running) should instead block in an SFI wait.
982 * We must take the sfi_lock to check whether we are in the "off" period
983 * for the class, and if so, block.
984 */
985 void
986 sfi_ast(thread_t thread)
987 {
988 sfi_class_id_t class_id;
989 spl_t s;
990 struct sfi_class_state *sfi_class;
991 wait_result_t waitret;
992 boolean_t did_wait = FALSE;
993 thread_continue_t continuation;
994
995 s = splsched();
996
997 simple_lock(&sfi_lock, LCK_GRP_NULL);
998
999 if (!sfi_is_enabled) {
1000 /*
1001 * SFI is not enabled, or has recently been disabled.
1002 * There is no point putting this thread on a deferred ready
1003 * queue, even if it were classified as needing it, since
1004 * SFI will truly be off at the next global off timer
1005 */
1006 simple_unlock(&sfi_lock);
1007 splx(s);
1008
1009 return;
1010 }
1011
1012 thread_lock(thread);
1013 thread->sfi_class = class_id = sfi_thread_classify(thread);
1014 thread_unlock(thread);
1015
1016 /*
1017 * Once the sfi_lock is taken and the thread's ->sfi_class field is updated, we
1018 * are committed to transitioning to whatever state is indicated by "->class_in_on_phase".
1019 * If another thread tries to call sfi_reevaluate() after this point, it will take the
1020 * sfi_lock and see the thread in this wait state. If another thread calls
1021 * sfi_reevaluate() before this point, it would see a runnable thread and at most
1022 * attempt to send an AST to this processor, but we would have the most accurate
1023 * classification.
1024 */
1025
1026 sfi_class = &sfi_classes[class_id];
1027 if (!sfi_class->class_in_on_phase) {
1028 /* Need to block thread in wait queue */
1029 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_THREAD_DEFER),
1030 thread_tid(thread), class_id, 0, 0, 0);
1031
1032 waitret = waitq_assert_wait64(&sfi_class->waitq,
1033 CAST_EVENT64_T(class_id),
1034 THREAD_INTERRUPTIBLE | THREAD_WAIT_NOREPORT, 0);
1035 if (waitret == THREAD_WAITING) {
1036 thread->sfi_wait_class = class_id;
1037 did_wait = TRUE;
1038 continuation = sfi_class->continuation;
1039 } else {
1040 /* thread may be exiting already, all other errors are unexpected */
1041 assert(waitret == THREAD_INTERRUPTED);
1042 }
1043 }
1044 simple_unlock(&sfi_lock);
1045
1046 splx(s);
1047
1048 if (did_wait) {
1049 assert(thread->wait_sfi_begin_time == 0);
1050
1051 thread_block_reason(continuation, NULL, AST_SFI);
1052 }
1053 }
1054
1055 /* Thread must be unlocked */
1056 void
1057 sfi_reevaluate(thread_t thread)
1058 {
1059 kern_return_t kret;
1060 spl_t s;
1061 sfi_class_id_t class_id, current_class_id;
1062 ast_t sfi_ast;
1063
1064 s = splsched();
1065
1066 simple_lock(&sfi_lock, LCK_GRP_NULL);
1067
1068 thread_lock(thread);
1069 sfi_ast = sfi_thread_needs_ast(thread, &class_id);
1070 thread->sfi_class = class_id;
1071
1072 /*
1073 * This routine chiefly exists to boost threads out of an SFI wait
1074 * if their classification changes before the "on" timer fires.
1075 *
1076 * If we calculate that a thread is in a different ->sfi_wait_class
1077 * than we think it should be (including no-SFI-wait), we need to
1078 * correct that:
1079 *
1080 * If the thread is in SFI wait and should not be (or should be waiting
1081 * on a different class' "on" timer), we wake it up. If needed, the
1082 * thread may immediately block again in the different SFI wait state.
1083 *
1084 * If the thread is not in an SFI wait state and it should be, we need
1085 * to get that thread's attention, possibly by sending an AST to another
1086 * processor.
1087 */
1088
1089 if ((current_class_id = thread->sfi_wait_class) != SFI_CLASS_UNSPECIFIED) {
1090 thread_unlock(thread); /* not needed anymore */
1091
1092 assert(current_class_id < MAX_SFI_CLASS_ID);
1093
1094 if ((sfi_ast == AST_NONE) || (class_id != current_class_id)) {
1095 struct sfi_class_state *sfi_class = &sfi_classes[current_class_id];
1096
1097 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_WAIT_CANCELED), thread_tid(thread), current_class_id, class_id, 0, 0);
1098
1099 kret = waitq_wakeup64_thread(&sfi_class->waitq,
1100 CAST_EVENT64_T(current_class_id),
1101 thread,
1102 THREAD_AWAKENED);
1103 assert(kret == KERN_SUCCESS || kret == KERN_NOT_WAITING);
1104 }
1105 } else {
1106 /*
1107 * Thread's current SFI wait class is not set, and because we
1108 * have the sfi_lock, it won't get set.
1109 */
1110
1111 if ((thread->state & (TH_RUN | TH_IDLE)) == TH_RUN) {
1112 if (sfi_ast != AST_NONE) {
1113 if (thread == current_thread()) {
1114 ast_on(sfi_ast);
1115 } else {
1116 processor_t processor = thread->last_processor;
1117
1118 if (processor != PROCESSOR_NULL &&
1119 processor->state == PROCESSOR_RUNNING &&
1120 processor->active_thread == thread) {
1121 cause_ast_check(processor);
1122 } else {
1123 /*
1124 * Runnable thread that's not on a CPU currently. When a processor
1125 * does context switch to it, the AST will get set based on whether
1126 * the thread is in its "off time".
1127 */
1128 }
1129 }
1130 }
1131 }
1132
1133 thread_unlock(thread);
1134 }
1135
1136 simple_unlock(&sfi_lock);
1137 splx(s);
1138 }
1139
1140 #else /* !CONFIG_SCHED_SFI */
1141
1142 kern_return_t
1143 sfi_set_window(uint64_t window_usecs __unused)
1144 {
1145 return KERN_NOT_SUPPORTED;
1146 }
1147
1148 kern_return_t
1149 sfi_window_cancel(void)
1150 {
1151 return KERN_NOT_SUPPORTED;
1152 }
1153
1154
1155 kern_return_t
1156 sfi_get_window(uint64_t *window_usecs __unused)
1157 {
1158 return KERN_NOT_SUPPORTED;
1159 }
1160
1161
1162 kern_return_t
1163 sfi_set_class_offtime(sfi_class_id_t class_id __unused, uint64_t offtime_usecs __unused)
1164 {
1165 return KERN_NOT_SUPPORTED;
1166 }
1167
1168 kern_return_t
1169 sfi_class_offtime_cancel(sfi_class_id_t class_id __unused)
1170 {
1171 return KERN_NOT_SUPPORTED;
1172 }
1173
1174 kern_return_t
1175 sfi_get_class_offtime(sfi_class_id_t class_id __unused, uint64_t *offtime_usecs __unused)
1176 {
1177 return KERN_NOT_SUPPORTED;
1178 }
1179
1180 void
1181 sfi_reevaluate(thread_t thread __unused)
1182 {
1183 return;
1184 }
1185
1186 sfi_class_id_t
1187 sfi_thread_classify(thread_t thread)
1188 {
1189 task_t task = thread->task;
1190 boolean_t is_kernel_thread = (task == kernel_task);
1191
1192 if (is_kernel_thread) {
1193 return SFI_CLASS_KERNEL;
1194 }
1195
1196 return SFI_CLASS_OPTED_OUT;
1197 }
1198
1199 #endif /* !CONFIG_SCHED_SFI */
mirror of XNU