]> git.saurik.com Git - apple/xnu.git/blob - osfmk/i386/ucode.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-4903.231.4.tar.gz
[apple/xnu.git] / osfmk / i386 / ucode.c
1 /*
2 * Copyright (c) 2017 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * ucode.c
30 *
31 * Microcode updater interface sysctl
32 */
33
34 #include <kern/locks.h>
35 #include <i386/ucode.h>
36 #include <sys/errno.h>
37 #include <i386/proc_reg.h>
38 #include <i386/cpuid.h>
39 #include <vm/vm_kern.h>
40 #include <i386/mp.h> // mp_broadcast
41 #include <i386/fpu.h>
42 #include <machine/cpu_number.h> // cpu_number
43 #include <pexpert/pexpert.h> // boot-args
44
45 #define IA32_BIOS_UPDT_TRIG (0x79) /* microcode update trigger MSR */
46
47 struct intel_ucupdate *global_update = NULL;
48
49 /* Exceute the actual update! */
50 static void
51 update_microcode(void)
52 {
53 /* SDM Example 9-8 code shows that we load the
54 * address of the UpdateData within the microcode blob,
55 * not the address of the header.
56 */
57 wrmsr64(IA32_BIOS_UPDT_TRIG, (uint64_t)(uintptr_t)&global_update->data);
58 }
59
60 /* locks */
61 static lck_grp_attr_t *ucode_slock_grp_attr = NULL;
62 static lck_grp_t *ucode_slock_grp = NULL;
63 static lck_attr_t *ucode_slock_attr = NULL;
64 static lck_spin_t *ucode_slock = NULL;
65
66 static kern_return_t
67 register_locks(void)
68 {
69 /* already allocated? */
70 if (ucode_slock_grp_attr && ucode_slock_grp && ucode_slock_attr && ucode_slock)
71 return KERN_SUCCESS;
72
73 /* allocate lock group attribute and group */
74 if (!(ucode_slock_grp_attr = lck_grp_attr_alloc_init()))
75 goto nomem_out;
76
77 lck_grp_attr_setstat(ucode_slock_grp_attr);
78
79 if (!(ucode_slock_grp = lck_grp_alloc_init("uccode_lock", ucode_slock_grp_attr)))
80 goto nomem_out;
81
82 /* Allocate lock attribute */
83 if (!(ucode_slock_attr = lck_attr_alloc_init()))
84 goto nomem_out;
85
86 /* Allocate the spin lock */
87 /* We keep one global spin-lock. We could have one per update
88 * request... but srsly, why would you update microcode like that?
89 */
90 if (!(ucode_slock = lck_spin_alloc_init(ucode_slock_grp, ucode_slock_attr)))
91 goto nomem_out;
92
93 return KERN_SUCCESS;
94
95 nomem_out:
96 /* clean up */
97 if (ucode_slock)
98 lck_spin_free(ucode_slock, ucode_slock_grp);
99 if (ucode_slock_attr)
100 lck_attr_free(ucode_slock_attr);
101 if (ucode_slock_grp)
102 lck_grp_free(ucode_slock_grp);
103 if (ucode_slock_grp_attr)
104 lck_grp_attr_free(ucode_slock_grp_attr);
105
106 return KERN_NO_SPACE;
107 }
108
109 /* Copy in an update */
110 static int
111 copyin_update(uint64_t inaddr)
112 {
113 struct intel_ucupdate update_header;
114 struct intel_ucupdate *update;
115 vm_size_t size;
116 kern_return_t ret;
117 int error;
118
119 /* Copy in enough header to peek at the size */
120 error = copyin((user_addr_t)inaddr, (void *)&update_header, sizeof(update_header));
121 if (error)
122 return error;
123
124 /* Get the actual, alleged size */
125 size = update_header.total_size;
126
127 /* huge bogus piece of data that somehow made it through? */
128 if (size >= 1024 * 1024)
129 return ENOMEM;
130
131 /* Old microcodes? */
132 if (size == 0)
133 size = 2048; /* default update size; see SDM */
134
135 /*
136 * create the buffer for the update
137 * It need only be aligned to 16-bytes, according to the SDM.
138 * This also wires it down
139 */
140 ret = kmem_alloc_kobject(kernel_map, (vm_offset_t *)&update, size, VM_KERN_MEMORY_OSFMK);
141 if (ret != KERN_SUCCESS)
142 return ENOMEM;
143
144 /* Copy it in */
145 error = copyin((user_addr_t)inaddr, (void*)update, size);
146 if (error) {
147 kmem_free(kernel_map, (vm_offset_t)update, size);
148 return error;
149 }
150
151 global_update = update;
152 return 0;
153 }
154
155 /*
156 * This is called once by every CPU on a wake from sleep/hibernate
157 * and is meant to re-apply a microcode update that got lost
158 * by sleeping.
159 */
160 void
161 ucode_update_wake()
162 {
163 if (global_update) {
164 kprintf("ucode: Re-applying update after wake (CPU #%d)\n", cpu_number());
165 update_microcode();
166 #if DEBUG
167 } else {
168 kprintf("ucode: No update to apply (CPU #%d)\n", cpu_number());
169 #endif
170 }
171 }
172
173 static void
174 cpu_update(__unused void *arg)
175 {
176 /* grab the lock */
177 lck_spin_lock(ucode_slock);
178
179 /* execute the update */
180 update_microcode();
181
182 /* release the lock */
183 lck_spin_unlock(ucode_slock);
184 }
185
186 static void
187 ucode_cpuid_set_info(void)
188 {
189 uint64_t saved_xcr0, dest_xcr0;
190 int need_xcr0_restore = 0;
191 boolean_t intrs_enabled = ml_set_interrupts_enabled(FALSE);
192
193 /*
194 * Before we cache the CPUID information, we must configure XCR0 with the maximal set of
195 * features to ensure the save area returned in the xsave leaf is correctly-sized.
196 *
197 * Since we are guaranteed that init_fpu() has already happened, we can use state
198 * variables set there that were already predicated on the presence of explicit
199 * boot-args enables/disables.
200 */
201
202 if (fpu_capability == AVX512 || fpu_capability == AVX) {
203 saved_xcr0 = xgetbv(XCR0);
204 dest_xcr0 = (fpu_capability == AVX512) ? AVX512_XMASK : AVX_XMASK;
205 assert((get_cr4() & CR4_OSXSAVE) != 0);
206 if (saved_xcr0 != dest_xcr0) {
207 need_xcr0_restore = 1;
208 xsetbv(dest_xcr0 >> 32, dest_xcr0 & 0xFFFFFFFFUL);
209 }
210 }
211
212 cpuid_set_info();
213
214 if (need_xcr0_restore) {
215 xsetbv(saved_xcr0 >> 32, saved_xcr0 & 0xFFFFFFFFUL);
216 }
217
218 ml_set_interrupts_enabled(intrs_enabled);
219 }
220
221 /* Farm an update out to all CPUs */
222 static void
223 xcpu_update(void)
224 {
225 if (register_locks() != KERN_SUCCESS)
226 return;
227
228 /* Get all CPUs to perform the update */
229 mp_broadcast(cpu_update, NULL);
230
231 /* Update the cpuid info */
232 ucode_cpuid_set_info();
233 }
234
235 /*
236 * sysctl function
237 *
238 */
239 int
240 ucode_interface(uint64_t addr)
241 {
242 int error;
243 char arg[16];
244
245 if (PE_parse_boot_argn("-x", arg, sizeof (arg))) {
246 printf("ucode: no updates in safe mode\n");
247 return EPERM;
248 }
249
250 #if !DEBUG
251 /*
252 * Userland may only call this once per boot. Anything else
253 * would not make sense (all updates are cumulative), and also
254 * leak memory, because we don't free previous updates.
255 */
256 if (global_update)
257 return EPERM;
258 #endif
259
260 /* Get the whole microcode */
261 error = copyin_update(addr);
262
263 if (error)
264 return error;
265
266 /* Farm out the updates */
267 xcpu_update();
268
269 return 0;
270 }
mirror of XNU