1/*
2 * Architecture specific (PPC64) functions for kexec based crash dumps.
3 *
4 * Copyright (C) 2005, IBM Corp.
5 *
6 * Created by: Haren Myneni
7 *
8 * This source code is licensed under the GNU General Public License,
9 * Version 2.  See the file COPYING for more details.
10 *
11 */
12
13#include <linux/kernel.h>
14#include <linux/smp.h>
15#include <linux/reboot.h>
16#include <linux/kexec.h>
17#include <linux/export.h>
18#include <linux/crash_dump.h>
19#include <linux/delay.h>
20#include <linux/irq.h>
21#include <linux/types.h>
22
23#include <asm/processor.h>
24#include <asm/machdep.h>
25#include <asm/kexec.h>
26#include <asm/kdump.h>
27#include <asm/prom.h>
28#include <asm/smp.h>
29#include <asm/setjmp.h>
30#include <asm/debug.h>
31
32/*
33 * The primary CPU waits a while for all secondary CPUs to enter. This is to
34 * avoid sending an IPI if the secondary CPUs are entering
35 * crash_kexec_secondary on their own (eg via a system reset).
36 *
37 * The secondary timeout has to be longer than the primary. Both timeouts are
38 * in milliseconds.
39 */
40#define PRIMARY_TIMEOUT		500
41#define SECONDARY_TIMEOUT	1000
42
43#define IPI_TIMEOUT		10000
44#define REAL_MODE_TIMEOUT	10000
45
46/* This keeps a track of which one is the crashing cpu. */
47int crashing_cpu = -1;
48static int time_to_dump;
49
50#define CRASH_HANDLER_MAX 3
51/* NULL terminated list of shutdown handles */
52static crash_shutdown_t crash_shutdown_handles[CRASH_HANDLER_MAX+1];
53static DEFINE_SPINLOCK(crash_handlers_lock);
54
55static unsigned long crash_shutdown_buf[JMP_BUF_LEN];
56static int crash_shutdown_cpu = -1;
57
58static int handle_fault(struct pt_regs *regs)
59{
60	if (crash_shutdown_cpu == smp_processor_id())
61		longjmp(crash_shutdown_buf, 1);
62	return 0;
63}
64
65#ifdef CONFIG_SMP
66
67static atomic_t cpus_in_crash;
68void crash_ipi_callback(struct pt_regs *regs)
69{
70	static cpumask_t cpus_state_saved = CPU_MASK_NONE;
71
72	int cpu = smp_processor_id();
73
74	if (!cpu_online(cpu))
75		return;
76
77	hard_irq_disable();
78	if (!cpumask_test_cpu(cpu, &cpus_state_saved)) {
79		crash_save_cpu(regs, cpu);
80		cpumask_set_cpu(cpu, &cpus_state_saved);
81	}
82
83	atomic_inc(&cpus_in_crash);
84	smp_mb__after_atomic();
85
86	/*
87	 * Starting the kdump boot.
88	 * This barrier is needed to make sure that all CPUs are stopped.
89	 */
90	while (!time_to_dump)
91		cpu_relax();
92
93	if (ppc_md.kexec_cpu_down)
94		ppc_md.kexec_cpu_down(1, 1);
95
96#ifdef CONFIG_PPC64
97	kexec_smp_wait();
98#else
99	for (;;);	/* FIXME */
100#endif
101
102	/* NOTREACHED */
103}
104
105static void crash_kexec_prepare_cpus(int cpu)
106{
107	unsigned int msecs;
108	unsigned int ncpus = num_online_cpus() - 1;/* Excluding the panic cpu */
109	int tries = 0;
110	int (*old_handler)(struct pt_regs *regs);
111
112	printk(KERN_EMERG "Sending IPI to other CPUs\n");
113
114	crash_send_ipi(crash_ipi_callback);
115	smp_wmb();
116
117again:
118	/*
119	 * FIXME: Until we will have the way to stop other CPUs reliably,
120	 * the crash CPU will send an IPI and wait for other CPUs to
121	 * respond.
122	 */
123	msecs = IPI_TIMEOUT;
124	while ((atomic_read(&cpus_in_crash) < ncpus) && (--msecs > 0))
125		mdelay(1);
126
127	/* Would it be better to replace the trap vector here? */
128
129	if (atomic_read(&cpus_in_crash) >= ncpus) {
130		printk(KERN_EMERG "IPI complete\n");
131		return;
132	}
133
134	printk(KERN_EMERG "ERROR: %d cpu(s) not responding\n",
135		ncpus - atomic_read(&cpus_in_crash));
136
137	/*
138	 * If we have a panic timeout set then we can't wait indefinitely
139	 * for someone to activate system reset. We also give up on the
140	 * second time through if system reset fail to work.
141	 */
142	if ((panic_timeout > 0) || (tries > 0))
143		return;
144
145	/*
146	 * A system reset will cause all CPUs to take an 0x100 exception.
147	 * The primary CPU returns here via setjmp, and the secondary
148	 * CPUs reexecute the crash_kexec_secondary path.
149	 */
150	old_handler = __debugger;
151	__debugger = handle_fault;
152	crash_shutdown_cpu = smp_processor_id();
153
154	if (setjmp(crash_shutdown_buf) == 0) {
155		printk(KERN_EMERG "Activate system reset (dumprestart) "
156				  "to stop other cpu(s)\n");
157
158		/*
159		 * A system reset will force all CPUs to execute the
160		 * crash code again. We need to reset cpus_in_crash so we
161		 * wait for everyone to do this.
162		 */
163		atomic_set(&cpus_in_crash, 0);
164		smp_mb();
165
166		while (atomic_read(&cpus_in_crash) < ncpus)
167			cpu_relax();
168	}
169
170	crash_shutdown_cpu = -1;
171	__debugger = old_handler;
172
173	tries++;
174	goto again;
175}
176
177/*
178 * This function will be called by secondary cpus.
179 */
180void crash_kexec_secondary(struct pt_regs *regs)
181{
182	unsigned long flags;
183	int msecs = SECONDARY_TIMEOUT;
184
185	local_irq_save(flags);
186
187	/* Wait for the primary crash CPU to signal its progress */
188	while (crashing_cpu < 0) {
189		if (--msecs < 0) {
190			/* No response, kdump image may not have been loaded */
191			local_irq_restore(flags);
192			return;
193		}
194
195		mdelay(1);
196	}
197
198	crash_ipi_callback(regs);
199}
200
201#else	/* ! CONFIG_SMP */
202
203static void crash_kexec_prepare_cpus(int cpu)
204{
205	/*
206	 * move the secondaries to us so that we can copy
207	 * the new kernel 0-0x100 safely
208	 *
209	 * do this if kexec in setup.c ?
210	 */
211#ifdef CONFIG_PPC64
212	smp_release_cpus();
213#else
214	/* FIXME */
215#endif
216}
217
218void crash_kexec_secondary(struct pt_regs *regs)
219{
220}
221#endif	/* CONFIG_SMP */
222
223/* wait for all the CPUs to hit real mode but timeout if they don't come in */
224#if defined(CONFIG_SMP) && defined(CONFIG_PPC_STD_MMU_64)
225static void crash_kexec_wait_realmode(int cpu)
226{
227	unsigned int msecs;
228	int i;
229
230	msecs = REAL_MODE_TIMEOUT;
231	for (i=0; i < nr_cpu_ids && msecs > 0; i++) {
232		if (i == cpu)
233			continue;
234
235		while (paca[i].kexec_state < KEXEC_STATE_REAL_MODE) {
236			barrier();
237			if (!cpu_possible(i) || !cpu_online(i) || (msecs <= 0))
238				break;
239			msecs--;
240			mdelay(1);
241		}
242	}
243	mb();
244}
245#else
246static inline void crash_kexec_wait_realmode(int cpu) {}
247#endif	/* CONFIG_SMP && CONFIG_PPC_STD_MMU_64 */
248
249/*
250 * Register a function to be called on shutdown.  Only use this if you
251 * can't reset your device in the second kernel.
252 */
253int crash_shutdown_register(crash_shutdown_t handler)
254{
255	unsigned int i, rc;
256
257	spin_lock(&crash_handlers_lock);
258	for (i = 0 ; i < CRASH_HANDLER_MAX; i++)
259		if (!crash_shutdown_handles[i]) {
260			/* Insert handle at first empty entry */
261			crash_shutdown_handles[i] = handler;
262			rc = 0;
263			break;
264		}
265
266	if (i == CRASH_HANDLER_MAX) {
267		printk(KERN_ERR "Crash shutdown handles full, "
268		       "not registered.\n");
269		rc = 1;
270	}
271
272	spin_unlock(&crash_handlers_lock);
273	return rc;
274}
275EXPORT_SYMBOL(crash_shutdown_register);
276
277int crash_shutdown_unregister(crash_shutdown_t handler)
278{
279	unsigned int i, rc;
280
281	spin_lock(&crash_handlers_lock);
282	for (i = 0 ; i < CRASH_HANDLER_MAX; i++)
283		if (crash_shutdown_handles[i] == handler)
284			break;
285
286	if (i == CRASH_HANDLER_MAX) {
287		printk(KERN_ERR "Crash shutdown handle not found\n");
288		rc = 1;
289	} else {
290		/* Shift handles down */
291		for (; crash_shutdown_handles[i]; i++)
292			crash_shutdown_handles[i] =
293				crash_shutdown_handles[i+1];
294		rc = 0;
295	}
296
297	spin_unlock(&crash_handlers_lock);
298	return rc;
299}
300EXPORT_SYMBOL(crash_shutdown_unregister);
301
302void default_machine_crash_shutdown(struct pt_regs *regs)
303{
304	unsigned int i;
305	int (*old_handler)(struct pt_regs *regs);
306
307	/*
308	 * This function is only called after the system
309	 * has panicked or is otherwise in a critical state.
310	 * The minimum amount of code to allow a kexec'd kernel
311	 * to run successfully needs to happen here.
312	 *
313	 * In practice this means stopping other cpus in
314	 * an SMP system.
315	 * The kernel is broken so disable interrupts.
316	 */
317	hard_irq_disable();
318
319	/*
320	 * Make a note of crashing cpu. Will be used in machine_kexec
321	 * such that another IPI will not be sent.
322	 */
323	crashing_cpu = smp_processor_id();
324
325	/*
326	 * If we came in via system reset, wait a while for the secondary
327	 * CPUs to enter.
328	 */
329	if (TRAP(regs) == 0x100)
330		mdelay(PRIMARY_TIMEOUT);
331
332	crash_kexec_prepare_cpus(crashing_cpu);
333
334	crash_save_cpu(regs, crashing_cpu);
335
336	time_to_dump = 1;
337
338	crash_kexec_wait_realmode(crashing_cpu);
339
340	machine_kexec_mask_interrupts();
341
342	/*
343	 * Call registered shutdown routines safely.  Swap out
344	 * __debugger_fault_handler, and replace on exit.
345	 */
346	old_handler = __debugger_fault_handler;
347	__debugger_fault_handler = handle_fault;
348	crash_shutdown_cpu = smp_processor_id();
349	for (i = 0; crash_shutdown_handles[i]; i++) {
350		if (setjmp(crash_shutdown_buf) == 0) {
351			/*
352			 * Insert syncs and delay to ensure
353			 * instructions in the dangerous region don't
354			 * leak away from this protected region.
355			 */
356			asm volatile("sync; isync");
357			/* dangerous region */
358			crash_shutdown_handles[i]();
359			asm volatile("sync; isync");
360		}
361	}
362	crash_shutdown_cpu = -1;
363	__debugger_fault_handler = old_handler;
364
365	if (ppc_md.kexec_cpu_down)
366		ppc_md.kexec_cpu_down(1, 0);
367}
368