cpr_main.c revision 2df1fe9ca32bb227b9158c67f5c00b54c20b10fd
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
/*
* This module contains the guts of checkpoint-resume mechanism.
* All code in this module is platform independent.
*/
#include <sys/processor.h>
#include <sys/machsystm.h>
#include <sys/bootconf.h>
#include <sys/cpr_impl.h>
extern struct cpr_terminator cpr_term;
extern int cpr_alloc_statefile(int);
extern void cpr_start_kernel_threads(void);
extern void cpr_abbreviate_devpath(char *, char *);
extern void cpr_convert_promtime(cpr_time_t *);
extern void cpr_send_notice(void);
extern void cpr_set_bitmap_size(void);
extern void cpr_stat_init();
extern void cpr_statef_close(void);
extern void flush_windows(void);
extern void (*srn_signal)(int, int);
extern void init_cpu_syscall(struct cpu *);
extern void i_cpr_pre_resume_cpus();
extern void i_cpr_post_resume_cpus();
extern int pm_powering_down;
extern kmutex_t srn_clone_lock;
extern int srn_inuse;
static int cpr_suspend(int);
static int cpr_resume(int);
static void cpr_suspend_init(int);
#if defined(__x86)
static int cpr_suspend_cpus(void);
static void cpr_resume_cpus(void);
#endif
static int cpr_all_online(void);
static void cpr_restore_offline(void);
int curthreadremapped;
extern cpuset_t cpu_ready_set;
extern void *(*cpu_pause_func)(void *);
extern processorid_t i_cpr_bootcpuid(void);
extern cpu_t *i_cpr_bootcpu(void);
extern void tsc_resume(void);
extern int tsc_resume_in_cyclic;
/*
* Set this variable to 1, to have device drivers resume in an
* uniprocessor environment. This is to allow drivers that assume
* that they resume on a UP machine to continue to work. Should be
* deprecated once the broken drivers are fixed
*/
int cpr_resume_uniproc = 0;
/*
* save or restore abort_enable; this prevents a drop
* to kadb or prom during cpr_resume_devices() when
* there is no kbd present; see abort_sequence_enter()
*/
static void
{
static int saved_ae = -1;
if (stash) {
abort_enable = 0;
} else if (saved_ae != -1) {
saved_ae = -1;
}
}
/*
* The main switching point for cpr, this routine starts the ckpt
* and state file saving routines; on resume the control is
* returned back to here and it then calls the resume routine.
*/
int
{
if (sleeptype == CPR_TODISK) {
return (rc);
}
if (rc == 0) {
int i_cpr_power_down(int sleeptype);
/*
* From this point on, we should be at a high
* spl, interrupts disabled, and all but one
* So this is were we want to put ASSERTS()
* to let us know otherwise.
*/
ASSERT(cpus_paused());
/*
* Now do the work of actually putting this
* machine to sleep!
*/
if (rc == 0) {
}
/*
* We do care about the return value from cpr_resume
* at this point, as it will tell us if one of the
* resume functions failed (cpr_resume_devices())
* However, for this to return and _not_ panic, means
* that we must be in one of the test functions. So
* check for that and return an appropriate message.
*/
if (rc2 != 0) {
ASSERT(cpr_test_point > 0);
"cpr_resume returned non-zero: %d\n", rc2);
}
ASSERT(!cpus_paused());
} else {
}
return (rc);
}
/*
* Remember where we are for resume after reboot
*/
/*
* try to checkpoint the system, if failed return back
* to userland, otherwise power off.
*/
if (rc || cpr_reusable_mode) {
/*
* We don't really want to go down, or
* something went wrong in suspend, do what we can
* to put the system back to an operable state then
* return back to userland.
*/
(void) cpr_resume(sleeptype);
}
} else {
/*
* This is the resumed side of longjmp, restore the previous
* longjmp pointer if there is one so this will be transparent
* to the world.
* This path is only for CPR_TODISK, where we reboot
*/
/*
* resume the system back to the original state
*/
rc))
}
(void) cpr_default_setup(0);
return (rc);
}
#if defined(__sparc)
/*
*/
static void
{
str = "cpr_log_status";
/*
* when disabling, first get and save logging status (0 or 1)
*/
if (enable == 0) {
prom_printf("%s: \"%s\", cant get logging "
error);
return;
}
if (cpr_debug & CPR_DEBUG5) {
errp("%s: \"%s\", logging status = %d\n",
};
able = "disable";
} else {
able = "enable";
cmd = _FIOLOGENABLE;
}
/*
* disable or re-enable logging when the saved status is 1
*/
if (*svstat == 1) {
if (error) {
prom_printf("%s: \"%s\", cant %s logging, error %d\n",
} else {
if (cpr_debug & CPR_DEBUG5) {
errp("%s: \"%s\", logging is now %sd\n",
};
}
}
/*
* when enabling logging, reset the saved status
* to unknown for next time
*/
if (enable)
*svstat = -1;
}
/*
* and cpr statefile. since the statefile can be on any fs, that fs
* needs to be handled separately. this routine and cprboot expect that
* CPR_CONFIG and CPR_DEFAULT both reside on the same fs, rootfs. cprboot
* is loaded from the device with rootfs and uses the same device to open
* file outside of rootfs would cause errors during cprboot, plus cpr and
* fsck problems with the new fs if logging were enabled.
*/
static int
cpr_ufs_logging(int enable)
{
char *fname;
int error;
if (cpr_reusable_mode)
return (0);
return (error);
return (ENOENT);
prom_printf("cpr_ufs_logging: cant open/create \"%s\", "
return (error);
}
/*
* check logging status for the statefile if it resides
* on a different fs and the type is a regular file
*/
return (0);
}
#endif
/*
* Check if klmmod is loaded and call a lock manager service; if klmmod
* is not loaded, the services aren't needed and a call would trigger a
* modload, which would block since another thread would never run.
*/
static void
cpr_lock_mgr(void (*service)(void))
{
(*service)();
}
int
cpr_suspend_cpus(void)
{
int ret = 0;
extern void *i_cpr_save_context(void *arg);
/*
* if bootcpu is offline bring it back online
*/
bootcpu = i_cpr_bootcpu();
/*
* the machine could not have booted without a bootcpu
*/
/*
* bring all the offline cpus online
*/
if ((ret = cpr_all_online())) {
return (ret);
}
/*
* Set the affinity to be the boot processor
* This is cleared in either cpr_resume_cpus() or cpr_unpause_cpus()
*/
/*
* pause all other running CPUs and save the CPU state at the sametime
*/
return (0);
}
/*
* Take the system down to a checkpointable state and write
* the state file, the following are sequentially executed:
*
* - Request all user threads to stop themselves
* - push out and invalidate user pages
* - bring statefile inode incore to prevent a miss later
* - request all daemons to stop
* - check and make sure all threads are stopped
* - sync the file system
* - suspend all devices
* - block intrpts
* - dump system state and memory to state file
* - SPARC code will not be called with CPR_TORAM, caller filters
*/
static int
cpr_suspend(int sleeptype)
{
#if defined(__sparc)
int sf_realloc, nverr;
#endif
int rc = 0;
int skt_rc = 0;
CPR_STAT_EVENT_START("Suspend Total");
#if defined(__sparc)
if (!cpr_reusable_mode) {
/*
* We need to validate default file before fs
* functionality is disabled.
*/
if (rc = cpr_validate_definfo(0))
return (rc);
}
#endif
/* Stop PM scans ASAP */
#if defined(__sparc)
if (rc = cpr_mp_offline())
return (rc);
#endif
/*
* Ask Xorg to suspend the frame buffer, and wait for it to happen
*/
if (srn_signal) {
"SRN_SUSPEND_REQ)\n"))
srn_inuse = 0;
} else {
}
/*
* Ask the user threads to stop by themselves, but
* if they don't or can't after 3 retries, we give up on CPR.
* The 3 retry is not a random number because 2 is possible if
* a thread has been forked before the parent thread is stopped.
*/
CPR_STAT_EVENT_START(" stop users");
if (rc = cpr_stop_user_threads())
return (rc);
CPR_STAT_EVENT_END(" stop users");
/*
* User threads are stopped. We will start communicating with the
* user via prom_printf (some debug output may have already happened)
* so let anybody who cares know about this (bug 4096122)
*/
#ifndef DEBUG
if (cpr_debug)
prom_printf("\n");
#endif
/*
* Reattach any drivers which originally exported the
* no-involuntary-power-cycles property. We need to do this before
* stopping kernel threads because modload is implemented using
* a kernel thread.
*/
if (!pm_reattach_noinvol())
return (ENXIO);
#if defined(__sparc)
/*
* if ufs logging is enabled, we need to disable before
* stopping kernel threads so that ufs delete and roll
* threads can do the work.
*/
if (rc = cpr_ufs_logging(0))
return (rc);
/*
* Use sync_all to swap out all user pages and find out how much
* extra space needed for user pages that don't have back store
* space left.
*/
CPR_STAT_EVENT_START(" swapout upages");
CPR_STAT_EVENT_END(" swapout upages");
/*
* If our last state was C_ST_DUMP_NOSPC, we're trying to
* realloc the statefile, otherwise this is the first attempt.
*/
CPR_STAT_EVENT_START(" alloc statefile");
if (sf_realloc)
errp("realloc failed\n");
return (rc);
}
CPR_STAT_EVENT_END(" alloc statefile");
/*
* Sync the filesystem to preserve its integrity.
*
* This sync is also used to flush out all B_DELWRI buffers
* (fs cache) which are mapped and neither dirty nor referenced
* before cpr_invalidate_pages destroys them.
* fsflush does similar thing.
*/
sync();
/*
* destroy all clean file mapped kernel pages
*/
CPR_STAT_EVENT_START(" clean pages");
CPR_STAT_EVENT_END(" clean pages");
#endif
/*
* Hooks needed by lock manager prior to suspending.
* Refer to code for more comments.
*/
/*
* Now suspend all the devices
*/
CPR_STAT_EVENT_START(" stop drivers");
pm_powering_down = 1;
pm_powering_down = 0;
if (rc)
return (rc);
CPR_STAT_EVENT_END(" stop drivers");
/*
* Stop all daemon activities
*/
if (skt_rc = cpr_stop_kernel_threads())
return (skt_rc);
cpr_sae(1);
if (sleeptype == CPR_TODISK) {
/*
* It's safer to do tod_get before we disable all intr.
*/
CPR_STAT_EVENT_START(" write statefile");
}
/*
* it's time to ignore the outside world, stop the real time
* clock and disable any further intrpt activity.
*/
/*
* Due to the different methods of resuming the system between
* CPR_TODISK (boot cprboot on SPARC, which reloads kernel image)
* and CPR_TORAM (restart via reset into existing kernel image)
* cpus are not suspended and restored in the SPARC case, since it
* is necessary to restart the cpus and pause them before restoring
* the OBP image
*/
#if defined(__x86)
/* pause aux cpus */
if ((rc = cpr_suspend_cpus()) != 0)
return (rc);
#endif
/*
* Since we will now disable the mechanism that causes prom_printfs
* it must be up now.
*/
ASSERT(pm_cfb_is_up());
#if defined(__sparc)
/*
* getting ready to write ourself out, flush the register
* windows to make sure that our stack is good when we
* come back on the resume side.
*/
#endif
/*
* For S3, we're done
*/
return (rc);
}
#if defined(__sparc)
/*
* FATAL: NO MORE MEMORY ALLOCATION ALLOWED AFTER THIS POINT!!!
*
* The system is quiesced at this point, we are ready to either dump
* to the state file for a extended sleep or a simple shutdown for
* systems with non-volatile memory.
*/
/*
* special handling for reusable:
*/
if (cpr_reusable_mode) {
return (nverr);
}
/*
* if any error occured during dump, more
* special handling for reusable:
*/
if (rc && cpr_reusable_mode) {
if (nverr = cpr_set_properties(0))
return (nverr);
}
(void) cpr_resume(sleeptype);
goto alloc_statefile;
} else if (rc == 0) {
if (cpr_reusable_mode) {
} else
}
#endif
return (rc);
}
void
cpr_resume_cpus(void)
{
/*
* this is a cut down version of start_other_cpus()
* just do the initialization to wake the other cpus
*/
#if defined(__x86)
/*
* Initialize our syscall handlers
*/
#endif
/*
* Restart the paused cpus
*/
start_cpus();
/*
* clear the affinity set in cpr_suspend_cpus()
*/
/*
* Restore this cpu to use the regular cpu_pause(), so that
* online and offline will work correctly
*/
/*
* offline all the cpus that were brought online during suspend
*/
/*
* clear the affinity set in cpr_suspend_cpus()
*/
}
void
cpr_unpause_cpus(void)
{
/*
* Now restore the system back to what it was before we suspended
*/
/*
* Restore this cpu to use the regular cpu_pause(), so that
* online and offline will work correctly
*/
/*
* Restart the paused cpus
*/
start_cpus();
/*
* offline all the cpus that were brought online during suspend
*/
/*
* clear the affinity set in cpr_suspend_cpus()
*/
}
/*
* Bring the system back up from a checkpoint, at this point
* the VM has been minimally restored by boot, the following
* are executed sequentially:
*
* - machdep setup and enable interrupts (mp startup if it's mp)
* - resume all devices
* - restart daemons
* - put all threads back on run queue
*/
static int
cpr_resume(int sleeptype)
{
char *str;
int rc = 0;
/*
* The following switch is used to resume the system
* that was suspended to a different level.
*/
/*
* Note:
*
* The rollback labels rb_xyz do not represent the cpr resume
* state when event 'xyz' has happened. Instead they represent
* the state during cpr suspend when event 'xyz' was being
* entered (and where cpr suspend failed). The actual call that
* failed may also need to be partially rolled back, since they
* aren't atomic in most cases. In other words, rb_xyz means
* "roll back all cpr suspend events that happened before 'xyz',
* and the one that caused the failure, if necessary."
*/
switch (CPR->c_substate) {
#if defined(__sparc)
case C_ST_DUMP:
/*
* This is most likely a full-fledged cpr_resume after
* a complete and successful cpr suspend. Just roll back
* everything.
*/
break;
case C_ST_REUSABLE:
case C_ST_DUMP_NOSPC:
case C_ST_SETPROPS_0:
case C_ST_SETPROPS_1:
/*
* C_ST_REUSABLE and C_ST_DUMP_NOSPC are the only two
* special switch cases here. The other two do not have
* any state change during cpr_suspend() that needs to
* be rolled back. But these are exit points from
* cpr_suspend, so theoretically (or in the future), it
* is possible that a need for roll back of a state
* change arises between these exit points.
*/
goto rb_dump;
#endif
case C_ST_NODUMP:
goto rb_nodump;
case C_ST_STOP_KERNEL_THREADS:
goto rb_stop_kernel_threads;
case C_ST_SUSPEND_DEVICES:
goto rb_suspend_devices;
#if defined(__sparc)
case C_ST_STATEF_ALLOC:
goto rb_statef_alloc;
case C_ST_DISABLE_UFS_LOGGING:
goto rb_disable_ufs_logging;
#endif
case C_ST_PM_REATTACH_NOINVOL:
goto rb_pm_reattach_noinvol;
case C_ST_STOP_USER_THREADS:
goto rb_stop_user_threads;
#if defined(__sparc)
case C_ST_MP_OFFLINE:
goto rb_mp_offline;
#endif
#if defined(__x86)
case C_ST_MP_PAUSED:
goto rb_mp_paused;
#endif
default:
goto rb_others;
}
/*
* perform platform-dependent initialization
*/
/*
* system did not really go down if we jump here
*/
/*
* IMPORTANT: SENSITIVE RESUME SEQUENCE
*
* DO NOT ADD ANY INITIALIZATION STEP BEFORE THIS POINT!!
*/
/*
* If we did suspend to RAM, we didn't generate a dump
*/
if (cpr_suspend_succeeded) {
}
#if !defined(__sparc)
/*
* Need to sync the software clock with the hardware clock.
* On Sparc, this occurs in the sparc-specific cbe. However
* on x86 this needs to be handled _before_ we bring other cpu's
* back online. So we call a resume function in timestamp.c
*/
if (tsc_resume_in_cyclic == 0)
tsc_resume();
#endif
#if defined(__sparc)
#endif
#if defined(__x86)
if (cpr_suspend_succeeded) {
} else {
}
#endif
/*
* let the tmp callout catch up.
*/
i_cpr_handle_xc(0); /* turn it off to allow xc assertion */
/*
* statistics gathering
*/
if (cpr_suspend_succeeded) {
/*
* Prevent false alarm in tod_validate() due to tod
* value change between suspend and resume
*/
if (sleeptype == CPR_TODISK)
str = " prom time";
str = " read statefile";
}
/*
* Put all threads back to where they belong; get the kernel
* daemons straightened up too. Note that the callback table
* locked during cpr_stop_kernel_threads() is released only
* in cpr_start_kernel_threads(). Ensure modunloading is
* disabled before starting kernel threads, we don't want
* modunload thread to start changing device tree underneath.
*/
CPR_STAT_EVENT_START(" start drivers");
("cpr_resume: rb_suspend_devices: cpr_resume_uniproc = %d\n",
#if defined(__x86)
/*
* If cpr_resume_uniproc is set, then pause all the other cpus
* apart from the current cpu, so that broken drivers that think
* that they are on a uniprocessor machine will resume
*/
if (cpr_resume_uniproc) {
}
#endif
/*
* The policy here is to continue resume everything we can if we did
* not successfully finish suspend; and panic if we are coming back
* from a fully suspended system.
*/
cpr_sae(0);
str = "Failed to resume one or more devices.";
if (rc) {
if (cpr_test_point == FORCE_SUSPEND_TO_RAM) {
"warn\n"))
} else {
"panic\n"))
}
} else {
}
}
CPR_STAT_EVENT_END(" start drivers");
#if defined(__x86)
/*
* If cpr_resume_uniproc is set, then unpause all the processors
* that were paused before resuming the drivers
*/
if (cpr_resume_uniproc) {
start_cpus();
}
#endif
/*
* If we had disabled modunloading in this cpr resume cycle (i.e. we
* resumed from a state earlier than C_ST_SUSPEND_DEVICES), re-enable
* modunloading now.
*/
}
/*
* Hooks needed by lock manager prior to resuming.
* Refer to code for more comments.
*/
#if defined(__sparc)
/*
* This is a partial (half) resume during cpr suspend, we
* haven't yet given up on the suspend. On return from here,
* cpr_suspend() will try to reallocate and retry the suspend.
*/
return (0);
}
if (sleeptype == CPR_TODISK) {
/*
* if ufs logging was disabled, re-enable
*/
(void) cpr_ufs_logging(1);
}
#endif
/*
* When pm_reattach_noinvol() succeeds, modunload_thread will
* remain disabled until after cpr suspend passes the
* C_ST_STOP_KERNEL_THREADS state. If any failure happens before
* cpr suspend reaches this state, we'll need to enable modunload
* thread during rollback.
*/
}
/*
* Ask Xorg to resume the frame buffer, and wait for it to happen
*/
if (srn_signal) {
"SRN_NORMAL_RESUME)\n"))
srn_inuse = 0;
} else {
}
#if defined(__sparc)
if (cpr_mp_online())
#endif
PM_DEP_WAIT, NULL, 0);
if (cpr_suspend_succeeded) {
}
#if defined(__sparc)
#endif
CPR_STAT_EVENT_END("Resume Total");
CPR_STAT_EVENT_END("WHOLE CYCLE");
if (cpr_debug & CPR_DEBUG1)
CPR_STAT_EVENT_START("POST CPR DELAY");
#ifdef CPR_STAT
#endif /* CPR_STAT */
return (rc);
}
static void
{
/*
* If cpr_suspend() failed before cpr_dump() gets a chance
* to reinitialize the terminator of the statefile,
* the values of the old terminator will still linger around.
* Since the terminator contains information that we need to
* decide whether suspend succeeded or not, we need to
* reinitialize it as early as possible.
*/
cpr_term.real_statef_size = 0;
if (sleeptype == CPR_TODISK) {
/*
* Lookup the physical address of our thread structure.
* This should never be invalid and the entire thread structure
* is expected to reside within the same pfn.
*/
}
}
/*
* bring all the offline cpus online
*/
static int
cpr_all_online(void)
{
int rc = 0;
#ifdef __sparc
/*
* do nothing
*/
#else
do {
if (!CPU_ACTIVE(cp)) {
break;
}
if (rc) {
/*
* an online operation failed so offline the cpus
* that were onlined above to restore the system
* to its original state
*/
}
#endif
return (rc);
}
/*
* offline all the cpus that were brought online by cpr_all_online()
*/
static void
cpr_restore_offline(void)
{
#ifdef __sparc
/*
* do nothing
*/
#else
int rc = 0;
do {
if (CPU_CPR_IS_ONLINE(cp)) {
/*
* this offline should work, since the cpu was
* offline originally and was successfully onlined
* by cpr_all_online()
*/
}
#endif
}