xref: /openbmc/linux/arch/x86/events/intel/ds.c (revision 93707cbabcc8baf2b2b5f4a99c1f08ee83eb7abd)
1 // SPDX-License-Identifier: GPL-2.0
2 #include <linux/bitops.h>
3 #include <linux/types.h>
4 #include <linux/slab.h>
5 
6 #include <asm/cpu_entry_area.h>
7 #include <asm/perf_event.h>
8 #include <asm/tlbflush.h>
9 #include <asm/insn.h>
10 
11 #include "../perf_event.h"
12 
13 /* Waste a full page so it can be mapped into the cpu_entry_area */
14 DEFINE_PER_CPU_PAGE_ALIGNED(struct debug_store, cpu_debug_store);
15 
16 /* The size of a BTS record in bytes: */
17 #define BTS_RECORD_SIZE		24
18 
19 #define PEBS_FIXUP_SIZE		PAGE_SIZE
20 
21 /*
22  * pebs_record_32 for p4 and core not supported
23 
24 struct pebs_record_32 {
25 	u32 flags, ip;
26 	u32 ax, bc, cx, dx;
27 	u32 si, di, bp, sp;
28 };
29 
30  */
31 
32 union intel_x86_pebs_dse {
33 	u64 val;
34 	struct {
35 		unsigned int ld_dse:4;
36 		unsigned int ld_stlb_miss:1;
37 		unsigned int ld_locked:1;
38 		unsigned int ld_reserved:26;
39 	};
40 	struct {
41 		unsigned int st_l1d_hit:1;
42 		unsigned int st_reserved1:3;
43 		unsigned int st_stlb_miss:1;
44 		unsigned int st_locked:1;
45 		unsigned int st_reserved2:26;
46 	};
47 };
48 
49 
50 /*
51  * Map PEBS Load Latency Data Source encodings to generic
52  * memory data source information
53  */
54 #define P(a, b) PERF_MEM_S(a, b)
55 #define OP_LH (P(OP, LOAD) | P(LVL, HIT))
56 #define LEVEL(x) P(LVLNUM, x)
57 #define REM P(REMOTE, REMOTE)
58 #define SNOOP_NONE_MISS (P(SNOOP, NONE) | P(SNOOP, MISS))
59 
60 /* Version for Sandy Bridge and later */
61 static u64 pebs_data_source[] = {
62 	P(OP, LOAD) | P(LVL, MISS) | LEVEL(L3) | P(SNOOP, NA),/* 0x00:ukn L3 */
63 	OP_LH | P(LVL, L1)  | LEVEL(L1) | P(SNOOP, NONE),  /* 0x01: L1 local */
64 	OP_LH | P(LVL, LFB) | LEVEL(LFB) | P(SNOOP, NONE), /* 0x02: LFB hit */
65 	OP_LH | P(LVL, L2)  | LEVEL(L2) | P(SNOOP, NONE),  /* 0x03: L2 hit */
66 	OP_LH | P(LVL, L3)  | LEVEL(L3) | P(SNOOP, NONE),  /* 0x04: L3 hit */
67 	OP_LH | P(LVL, L3)  | LEVEL(L3) | P(SNOOP, MISS),  /* 0x05: L3 hit, snoop miss */
68 	OP_LH | P(LVL, L3)  | LEVEL(L3) | P(SNOOP, HIT),   /* 0x06: L3 hit, snoop hit */
69 	OP_LH | P(LVL, L3)  | LEVEL(L3) | P(SNOOP, HITM),  /* 0x07: L3 hit, snoop hitm */
70 	OP_LH | P(LVL, REM_CCE1) | REM | LEVEL(L3) | P(SNOOP, HIT),  /* 0x08: L3 miss snoop hit */
71 	OP_LH | P(LVL, REM_CCE1) | REM | LEVEL(L3) | P(SNOOP, HITM), /* 0x09: L3 miss snoop hitm*/
72 	OP_LH | P(LVL, LOC_RAM)  | LEVEL(RAM) | P(SNOOP, HIT),       /* 0x0a: L3 miss, shared */
73 	OP_LH | P(LVL, REM_RAM1) | REM | LEVEL(L3) | P(SNOOP, HIT),  /* 0x0b: L3 miss, shared */
74 	OP_LH | P(LVL, LOC_RAM)  | LEVEL(RAM) | SNOOP_NONE_MISS,     /* 0x0c: L3 miss, excl */
75 	OP_LH | P(LVL, REM_RAM1) | LEVEL(RAM) | REM | SNOOP_NONE_MISS, /* 0x0d: L3 miss, excl */
76 	OP_LH | P(LVL, IO)  | LEVEL(NA) | P(SNOOP, NONE), /* 0x0e: I/O */
77 	OP_LH | P(LVL, UNC) | LEVEL(NA) | P(SNOOP, NONE), /* 0x0f: uncached */
78 };
79 
80 /* Patch up minor differences in the bits */
81 void __init intel_pmu_pebs_data_source_nhm(void)
82 {
83 	pebs_data_source[0x05] = OP_LH | P(LVL, L3) | LEVEL(L3) | P(SNOOP, HIT);
84 	pebs_data_source[0x06] = OP_LH | P(LVL, L3) | LEVEL(L3) | P(SNOOP, HITM);
85 	pebs_data_source[0x07] = OP_LH | P(LVL, L3) | LEVEL(L3) | P(SNOOP, HITM);
86 }
87 
88 void __init intel_pmu_pebs_data_source_skl(bool pmem)
89 {
90 	u64 pmem_or_l4 = pmem ? LEVEL(PMEM) : LEVEL(L4);
91 
92 	pebs_data_source[0x08] = OP_LH | pmem_or_l4 | P(SNOOP, HIT);
93 	pebs_data_source[0x09] = OP_LH | pmem_or_l4 | REM | P(SNOOP, HIT);
94 	pebs_data_source[0x0b] = OP_LH | LEVEL(RAM) | REM | P(SNOOP, NONE);
95 	pebs_data_source[0x0c] = OP_LH | LEVEL(ANY_CACHE) | REM | P(SNOOPX, FWD);
96 	pebs_data_source[0x0d] = OP_LH | LEVEL(ANY_CACHE) | REM | P(SNOOP, HITM);
97 }
98 
99 static u64 precise_store_data(u64 status)
100 {
101 	union intel_x86_pebs_dse dse;
102 	u64 val = P(OP, STORE) | P(SNOOP, NA) | P(LVL, L1) | P(TLB, L2);
103 
104 	dse.val = status;
105 
106 	/*
107 	 * bit 4: TLB access
108 	 * 1 = stored missed 2nd level TLB
109 	 *
110 	 * so it either hit the walker or the OS
111 	 * otherwise hit 2nd level TLB
112 	 */
113 	if (dse.st_stlb_miss)
114 		val |= P(TLB, MISS);
115 	else
116 		val |= P(TLB, HIT);
117 
118 	/*
119 	 * bit 0: hit L1 data cache
120 	 * if not set, then all we know is that
121 	 * it missed L1D
122 	 */
123 	if (dse.st_l1d_hit)
124 		val |= P(LVL, HIT);
125 	else
126 		val |= P(LVL, MISS);
127 
128 	/*
129 	 * bit 5: Locked prefix
130 	 */
131 	if (dse.st_locked)
132 		val |= P(LOCK, LOCKED);
133 
134 	return val;
135 }
136 
137 static u64 precise_datala_hsw(struct perf_event *event, u64 status)
138 {
139 	union perf_mem_data_src dse;
140 
141 	dse.val = PERF_MEM_NA;
142 
143 	if (event->hw.flags & PERF_X86_EVENT_PEBS_ST_HSW)
144 		dse.mem_op = PERF_MEM_OP_STORE;
145 	else if (event->hw.flags & PERF_X86_EVENT_PEBS_LD_HSW)
146 		dse.mem_op = PERF_MEM_OP_LOAD;
147 
148 	/*
149 	 * L1 info only valid for following events:
150 	 *
151 	 * MEM_UOPS_RETIRED.STLB_MISS_STORES
152 	 * MEM_UOPS_RETIRED.LOCK_STORES
153 	 * MEM_UOPS_RETIRED.SPLIT_STORES
154 	 * MEM_UOPS_RETIRED.ALL_STORES
155 	 */
156 	if (event->hw.flags & PERF_X86_EVENT_PEBS_ST_HSW) {
157 		if (status & 1)
158 			dse.mem_lvl = PERF_MEM_LVL_L1 | PERF_MEM_LVL_HIT;
159 		else
160 			dse.mem_lvl = PERF_MEM_LVL_L1 | PERF_MEM_LVL_MISS;
161 	}
162 	return dse.val;
163 }
164 
165 static u64 load_latency_data(u64 status)
166 {
167 	union intel_x86_pebs_dse dse;
168 	u64 val;
169 
170 	dse.val = status;
171 
172 	/*
173 	 * use the mapping table for bit 0-3
174 	 */
175 	val = pebs_data_source[dse.ld_dse];
176 
177 	/*
178 	 * Nehalem models do not support TLB, Lock infos
179 	 */
180 	if (x86_pmu.pebs_no_tlb) {
181 		val |= P(TLB, NA) | P(LOCK, NA);
182 		return val;
183 	}
184 	/*
185 	 * bit 4: TLB access
186 	 * 0 = did not miss 2nd level TLB
187 	 * 1 = missed 2nd level TLB
188 	 */
189 	if (dse.ld_stlb_miss)
190 		val |= P(TLB, MISS) | P(TLB, L2);
191 	else
192 		val |= P(TLB, HIT) | P(TLB, L1) | P(TLB, L2);
193 
194 	/*
195 	 * bit 5: locked prefix
196 	 */
197 	if (dse.ld_locked)
198 		val |= P(LOCK, LOCKED);
199 
200 	return val;
201 }
202 
203 struct pebs_record_core {
204 	u64 flags, ip;
205 	u64 ax, bx, cx, dx;
206 	u64 si, di, bp, sp;
207 	u64 r8,  r9,  r10, r11;
208 	u64 r12, r13, r14, r15;
209 };
210 
211 struct pebs_record_nhm {
212 	u64 flags, ip;
213 	u64 ax, bx, cx, dx;
214 	u64 si, di, bp, sp;
215 	u64 r8,  r9,  r10, r11;
216 	u64 r12, r13, r14, r15;
217 	u64 status, dla, dse, lat;
218 };
219 
220 /*
221  * Same as pebs_record_nhm, with two additional fields.
222  */
223 struct pebs_record_hsw {
224 	u64 flags, ip;
225 	u64 ax, bx, cx, dx;
226 	u64 si, di, bp, sp;
227 	u64 r8,  r9,  r10, r11;
228 	u64 r12, r13, r14, r15;
229 	u64 status, dla, dse, lat;
230 	u64 real_ip, tsx_tuning;
231 };
232 
233 union hsw_tsx_tuning {
234 	struct {
235 		u32 cycles_last_block     : 32,
236 		    hle_abort		  : 1,
237 		    rtm_abort		  : 1,
238 		    instruction_abort     : 1,
239 		    non_instruction_abort : 1,
240 		    retry		  : 1,
241 		    data_conflict	  : 1,
242 		    capacity_writes	  : 1,
243 		    capacity_reads	  : 1;
244 	};
245 	u64	    value;
246 };
247 
248 #define PEBS_HSW_TSX_FLAGS	0xff00000000ULL
249 
250 /* Same as HSW, plus TSC */
251 
252 struct pebs_record_skl {
253 	u64 flags, ip;
254 	u64 ax, bx, cx, dx;
255 	u64 si, di, bp, sp;
256 	u64 r8,  r9,  r10, r11;
257 	u64 r12, r13, r14, r15;
258 	u64 status, dla, dse, lat;
259 	u64 real_ip, tsx_tuning;
260 	u64 tsc;
261 };
262 
263 void init_debug_store_on_cpu(int cpu)
264 {
265 	struct debug_store *ds = per_cpu(cpu_hw_events, cpu).ds;
266 
267 	if (!ds)
268 		return;
269 
270 	wrmsr_on_cpu(cpu, MSR_IA32_DS_AREA,
271 		     (u32)((u64)(unsigned long)ds),
272 		     (u32)((u64)(unsigned long)ds >> 32));
273 }
274 
275 void fini_debug_store_on_cpu(int cpu)
276 {
277 	if (!per_cpu(cpu_hw_events, cpu).ds)
278 		return;
279 
280 	wrmsr_on_cpu(cpu, MSR_IA32_DS_AREA, 0, 0);
281 }
282 
283 static DEFINE_PER_CPU(void *, insn_buffer);
284 
285 static void ds_update_cea(void *cea, void *addr, size_t size, pgprot_t prot)
286 {
287 	unsigned long start = (unsigned long)cea;
288 	phys_addr_t pa;
289 	size_t msz = 0;
290 
291 	pa = virt_to_phys(addr);
292 
293 	preempt_disable();
294 	for (; msz < size; msz += PAGE_SIZE, pa += PAGE_SIZE, cea += PAGE_SIZE)
295 		cea_set_pte(cea, pa, prot);
296 
297 	/*
298 	 * This is a cross-CPU update of the cpu_entry_area, we must shoot down
299 	 * all TLB entries for it.
300 	 */
301 	flush_tlb_kernel_range(start, start + size);
302 	preempt_enable();
303 }
304 
305 static void ds_clear_cea(void *cea, size_t size)
306 {
307 	unsigned long start = (unsigned long)cea;
308 	size_t msz = 0;
309 
310 	preempt_disable();
311 	for (; msz < size; msz += PAGE_SIZE, cea += PAGE_SIZE)
312 		cea_set_pte(cea, 0, PAGE_NONE);
313 
314 	flush_tlb_kernel_range(start, start + size);
315 	preempt_enable();
316 }
317 
318 static void *dsalloc_pages(size_t size, gfp_t flags, int cpu)
319 {
320 	unsigned int order = get_order(size);
321 	int node = cpu_to_node(cpu);
322 	struct page *page;
323 
324 	page = __alloc_pages_node(node, flags | __GFP_ZERO, order);
325 	return page ? page_address(page) : NULL;
326 }
327 
328 static void dsfree_pages(const void *buffer, size_t size)
329 {
330 	if (buffer)
331 		free_pages((unsigned long)buffer, get_order(size));
332 }
333 
334 static int alloc_pebs_buffer(int cpu)
335 {
336 	struct cpu_hw_events *hwev = per_cpu_ptr(&cpu_hw_events, cpu);
337 	struct debug_store *ds = hwev->ds;
338 	size_t bsiz = x86_pmu.pebs_buffer_size;
339 	int max, node = cpu_to_node(cpu);
340 	void *buffer, *ibuffer, *cea;
341 
342 	if (!x86_pmu.pebs)
343 		return 0;
344 
345 	buffer = dsalloc_pages(bsiz, GFP_KERNEL, cpu);
346 	if (unlikely(!buffer))
347 		return -ENOMEM;
348 
349 	/*
350 	 * HSW+ already provides us the eventing ip; no need to allocate this
351 	 * buffer then.
352 	 */
353 	if (x86_pmu.intel_cap.pebs_format < 2) {
354 		ibuffer = kzalloc_node(PEBS_FIXUP_SIZE, GFP_KERNEL, node);
355 		if (!ibuffer) {
356 			dsfree_pages(buffer, bsiz);
357 			return -ENOMEM;
358 		}
359 		per_cpu(insn_buffer, cpu) = ibuffer;
360 	}
361 	hwev->ds_pebs_vaddr = buffer;
362 	/* Update the cpu entry area mapping */
363 	cea = &get_cpu_entry_area(cpu)->cpu_debug_buffers.pebs_buffer;
364 	ds->pebs_buffer_base = (unsigned long) cea;
365 	ds_update_cea(cea, buffer, bsiz, PAGE_KERNEL);
366 	ds->pebs_index = ds->pebs_buffer_base;
367 	max = x86_pmu.pebs_record_size * (bsiz / x86_pmu.pebs_record_size);
368 	ds->pebs_absolute_maximum = ds->pebs_buffer_base + max;
369 	return 0;
370 }
371 
372 static void release_pebs_buffer(int cpu)
373 {
374 	struct cpu_hw_events *hwev = per_cpu_ptr(&cpu_hw_events, cpu);
375 	void *cea;
376 
377 	if (!x86_pmu.pebs)
378 		return;
379 
380 	kfree(per_cpu(insn_buffer, cpu));
381 	per_cpu(insn_buffer, cpu) = NULL;
382 
383 	/* Clear the fixmap */
384 	cea = &get_cpu_entry_area(cpu)->cpu_debug_buffers.pebs_buffer;
385 	ds_clear_cea(cea, x86_pmu.pebs_buffer_size);
386 	dsfree_pages(hwev->ds_pebs_vaddr, x86_pmu.pebs_buffer_size);
387 	hwev->ds_pebs_vaddr = NULL;
388 }
389 
390 static int alloc_bts_buffer(int cpu)
391 {
392 	struct cpu_hw_events *hwev = per_cpu_ptr(&cpu_hw_events, cpu);
393 	struct debug_store *ds = hwev->ds;
394 	void *buffer, *cea;
395 	int max;
396 
397 	if (!x86_pmu.bts)
398 		return 0;
399 
400 	buffer = dsalloc_pages(BTS_BUFFER_SIZE, GFP_KERNEL | __GFP_NOWARN, cpu);
401 	if (unlikely(!buffer)) {
402 		WARN_ONCE(1, "%s: BTS buffer allocation failure\n", __func__);
403 		return -ENOMEM;
404 	}
405 	hwev->ds_bts_vaddr = buffer;
406 	/* Update the fixmap */
407 	cea = &get_cpu_entry_area(cpu)->cpu_debug_buffers.bts_buffer;
408 	ds->bts_buffer_base = (unsigned long) cea;
409 	ds_update_cea(cea, buffer, BTS_BUFFER_SIZE, PAGE_KERNEL);
410 	ds->bts_index = ds->bts_buffer_base;
411 	max = BTS_RECORD_SIZE * (BTS_BUFFER_SIZE / BTS_RECORD_SIZE);
412 	ds->bts_absolute_maximum = ds->bts_buffer_base + max;
413 	ds->bts_interrupt_threshold = ds->bts_absolute_maximum - (max / 16);
414 	return 0;
415 }
416 
417 static void release_bts_buffer(int cpu)
418 {
419 	struct cpu_hw_events *hwev = per_cpu_ptr(&cpu_hw_events, cpu);
420 	void *cea;
421 
422 	if (!x86_pmu.bts)
423 		return;
424 
425 	/* Clear the fixmap */
426 	cea = &get_cpu_entry_area(cpu)->cpu_debug_buffers.bts_buffer;
427 	ds_clear_cea(cea, BTS_BUFFER_SIZE);
428 	dsfree_pages(hwev->ds_bts_vaddr, BTS_BUFFER_SIZE);
429 	hwev->ds_bts_vaddr = NULL;
430 }
431 
432 static int alloc_ds_buffer(int cpu)
433 {
434 	struct debug_store *ds = &get_cpu_entry_area(cpu)->cpu_debug_store;
435 
436 	memset(ds, 0, sizeof(*ds));
437 	per_cpu(cpu_hw_events, cpu).ds = ds;
438 	return 0;
439 }
440 
441 static void release_ds_buffer(int cpu)
442 {
443 	per_cpu(cpu_hw_events, cpu).ds = NULL;
444 }
445 
446 void release_ds_buffers(void)
447 {
448 	int cpu;
449 
450 	if (!x86_pmu.bts && !x86_pmu.pebs)
451 		return;
452 
453 	for_each_possible_cpu(cpu)
454 		release_ds_buffer(cpu);
455 
456 	for_each_possible_cpu(cpu) {
457 		/*
458 		 * Again, ignore errors from offline CPUs, they will no longer
459 		 * observe cpu_hw_events.ds and not program the DS_AREA when
460 		 * they come up.
461 		 */
462 		fini_debug_store_on_cpu(cpu);
463 	}
464 
465 	for_each_possible_cpu(cpu) {
466 		release_pebs_buffer(cpu);
467 		release_bts_buffer(cpu);
468 	}
469 }
470 
471 void reserve_ds_buffers(void)
472 {
473 	int bts_err = 0, pebs_err = 0;
474 	int cpu;
475 
476 	x86_pmu.bts_active = 0;
477 	x86_pmu.pebs_active = 0;
478 
479 	if (!x86_pmu.bts && !x86_pmu.pebs)
480 		return;
481 
482 	if (!x86_pmu.bts)
483 		bts_err = 1;
484 
485 	if (!x86_pmu.pebs)
486 		pebs_err = 1;
487 
488 	for_each_possible_cpu(cpu) {
489 		if (alloc_ds_buffer(cpu)) {
490 			bts_err = 1;
491 			pebs_err = 1;
492 		}
493 
494 		if (!bts_err && alloc_bts_buffer(cpu))
495 			bts_err = 1;
496 
497 		if (!pebs_err && alloc_pebs_buffer(cpu))
498 			pebs_err = 1;
499 
500 		if (bts_err && pebs_err)
501 			break;
502 	}
503 
504 	if (bts_err) {
505 		for_each_possible_cpu(cpu)
506 			release_bts_buffer(cpu);
507 	}
508 
509 	if (pebs_err) {
510 		for_each_possible_cpu(cpu)
511 			release_pebs_buffer(cpu);
512 	}
513 
514 	if (bts_err && pebs_err) {
515 		for_each_possible_cpu(cpu)
516 			release_ds_buffer(cpu);
517 	} else {
518 		if (x86_pmu.bts && !bts_err)
519 			x86_pmu.bts_active = 1;
520 
521 		if (x86_pmu.pebs && !pebs_err)
522 			x86_pmu.pebs_active = 1;
523 
524 		for_each_possible_cpu(cpu) {
525 			/*
526 			 * Ignores wrmsr_on_cpu() errors for offline CPUs they
527 			 * will get this call through intel_pmu_cpu_starting().
528 			 */
529 			init_debug_store_on_cpu(cpu);
530 		}
531 	}
532 }
533 
534 /*
535  * BTS
536  */
537 
538 struct event_constraint bts_constraint =
539 	EVENT_CONSTRAINT(0, 1ULL << INTEL_PMC_IDX_FIXED_BTS, 0);
540 
541 void intel_pmu_enable_bts(u64 config)
542 {
543 	unsigned long debugctlmsr;
544 
545 	debugctlmsr = get_debugctlmsr();
546 
547 	debugctlmsr |= DEBUGCTLMSR_TR;
548 	debugctlmsr |= DEBUGCTLMSR_BTS;
549 	if (config & ARCH_PERFMON_EVENTSEL_INT)
550 		debugctlmsr |= DEBUGCTLMSR_BTINT;
551 
552 	if (!(config & ARCH_PERFMON_EVENTSEL_OS))
553 		debugctlmsr |= DEBUGCTLMSR_BTS_OFF_OS;
554 
555 	if (!(config & ARCH_PERFMON_EVENTSEL_USR))
556 		debugctlmsr |= DEBUGCTLMSR_BTS_OFF_USR;
557 
558 	update_debugctlmsr(debugctlmsr);
559 }
560 
561 void intel_pmu_disable_bts(void)
562 {
563 	struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
564 	unsigned long debugctlmsr;
565 
566 	if (!cpuc->ds)
567 		return;
568 
569 	debugctlmsr = get_debugctlmsr();
570 
571 	debugctlmsr &=
572 		~(DEBUGCTLMSR_TR | DEBUGCTLMSR_BTS | DEBUGCTLMSR_BTINT |
573 		  DEBUGCTLMSR_BTS_OFF_OS | DEBUGCTLMSR_BTS_OFF_USR);
574 
575 	update_debugctlmsr(debugctlmsr);
576 }
577 
578 int intel_pmu_drain_bts_buffer(void)
579 {
580 	struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
581 	struct debug_store *ds = cpuc->ds;
582 	struct bts_record {
583 		u64	from;
584 		u64	to;
585 		u64	flags;
586 	};
587 	struct perf_event *event = cpuc->events[INTEL_PMC_IDX_FIXED_BTS];
588 	struct bts_record *at, *base, *top;
589 	struct perf_output_handle handle;
590 	struct perf_event_header header;
591 	struct perf_sample_data data;
592 	unsigned long skip = 0;
593 	struct pt_regs regs;
594 
595 	if (!event)
596 		return 0;
597 
598 	if (!x86_pmu.bts_active)
599 		return 0;
600 
601 	base = (struct bts_record *)(unsigned long)ds->bts_buffer_base;
602 	top  = (struct bts_record *)(unsigned long)ds->bts_index;
603 
604 	if (top <= base)
605 		return 0;
606 
607 	memset(&regs, 0, sizeof(regs));
608 
609 	ds->bts_index = ds->bts_buffer_base;
610 
611 	perf_sample_data_init(&data, 0, event->hw.last_period);
612 
613 	/*
614 	 * BTS leaks kernel addresses in branches across the cpl boundary,
615 	 * such as traps or system calls, so unless the user is asking for
616 	 * kernel tracing (and right now it's not possible), we'd need to
617 	 * filter them out. But first we need to count how many of those we
618 	 * have in the current batch. This is an extra O(n) pass, however,
619 	 * it's much faster than the other one especially considering that
620 	 * n <= 2560 (BTS_BUFFER_SIZE / BTS_RECORD_SIZE * 15/16; see the
621 	 * alloc_bts_buffer()).
622 	 */
623 	for (at = base; at < top; at++) {
624 		/*
625 		 * Note that right now *this* BTS code only works if
626 		 * attr::exclude_kernel is set, but let's keep this extra
627 		 * check here in case that changes.
628 		 */
629 		if (event->attr.exclude_kernel &&
630 		    (kernel_ip(at->from) || kernel_ip(at->to)))
631 			skip++;
632 	}
633 
634 	/*
635 	 * Prepare a generic sample, i.e. fill in the invariant fields.
636 	 * We will overwrite the from and to address before we output
637 	 * the sample.
638 	 */
639 	rcu_read_lock();
640 	perf_prepare_sample(&header, &data, event, &regs);
641 
642 	if (perf_output_begin(&handle, event, header.size *
643 			      (top - base - skip)))
644 		goto unlock;
645 
646 	for (at = base; at < top; at++) {
647 		/* Filter out any records that contain kernel addresses. */
648 		if (event->attr.exclude_kernel &&
649 		    (kernel_ip(at->from) || kernel_ip(at->to)))
650 			continue;
651 
652 		data.ip		= at->from;
653 		data.addr	= at->to;
654 
655 		perf_output_sample(&handle, &header, &data, event);
656 	}
657 
658 	perf_output_end(&handle);
659 
660 	/* There's new data available. */
661 	event->hw.interrupts++;
662 	event->pending_kill = POLL_IN;
663 unlock:
664 	rcu_read_unlock();
665 	return 1;
666 }
667 
668 static inline void intel_pmu_drain_pebs_buffer(void)
669 {
670 	struct pt_regs regs;
671 
672 	x86_pmu.drain_pebs(&regs);
673 }
674 
675 /*
676  * PEBS
677  */
678 struct event_constraint intel_core2_pebs_event_constraints[] = {
679 	INTEL_FLAGS_UEVENT_CONSTRAINT(0x00c0, 0x1), /* INST_RETIRED.ANY */
680 	INTEL_FLAGS_UEVENT_CONSTRAINT(0xfec1, 0x1), /* X87_OPS_RETIRED.ANY */
681 	INTEL_FLAGS_UEVENT_CONSTRAINT(0x00c5, 0x1), /* BR_INST_RETIRED.MISPRED */
682 	INTEL_FLAGS_UEVENT_CONSTRAINT(0x1fc7, 0x1), /* SIMD_INST_RETURED.ANY */
683 	INTEL_FLAGS_EVENT_CONSTRAINT(0xcb, 0x1),    /* MEM_LOAD_RETIRED.* */
684 	/* INST_RETIRED.ANY_P, inv=1, cmask=16 (cycles:p). */
685 	INTEL_FLAGS_EVENT_CONSTRAINT(0x108000c0, 0x01),
686 	EVENT_CONSTRAINT_END
687 };
688 
689 struct event_constraint intel_atom_pebs_event_constraints[] = {
690 	INTEL_FLAGS_UEVENT_CONSTRAINT(0x00c0, 0x1), /* INST_RETIRED.ANY */
691 	INTEL_FLAGS_UEVENT_CONSTRAINT(0x00c5, 0x1), /* MISPREDICTED_BRANCH_RETIRED */
692 	INTEL_FLAGS_EVENT_CONSTRAINT(0xcb, 0x1),    /* MEM_LOAD_RETIRED.* */
693 	/* INST_RETIRED.ANY_P, inv=1, cmask=16 (cycles:p). */
694 	INTEL_FLAGS_EVENT_CONSTRAINT(0x108000c0, 0x01),
695 	/* Allow all events as PEBS with no flags */
696 	INTEL_ALL_EVENT_CONSTRAINT(0, 0x1),
697 	EVENT_CONSTRAINT_END
698 };
699 
700 struct event_constraint intel_slm_pebs_event_constraints[] = {
701 	/* INST_RETIRED.ANY_P, inv=1, cmask=16 (cycles:p). */
702 	INTEL_FLAGS_EVENT_CONSTRAINT(0x108000c0, 0x1),
703 	/* Allow all events as PEBS with no flags */
704 	INTEL_ALL_EVENT_CONSTRAINT(0, 0x1),
705 	EVENT_CONSTRAINT_END
706 };
707 
708 struct event_constraint intel_glm_pebs_event_constraints[] = {
709 	/* Allow all events as PEBS with no flags */
710 	INTEL_ALL_EVENT_CONSTRAINT(0, 0x1),
711 	EVENT_CONSTRAINT_END
712 };
713 
714 struct event_constraint intel_glp_pebs_event_constraints[] = {
715 	/* Allow all events as PEBS with no flags */
716 	INTEL_ALL_EVENT_CONSTRAINT(0, 0xf),
717 	EVENT_CONSTRAINT_END
718 };
719 
720 struct event_constraint intel_nehalem_pebs_event_constraints[] = {
721 	INTEL_PLD_CONSTRAINT(0x100b, 0xf),      /* MEM_INST_RETIRED.* */
722 	INTEL_FLAGS_EVENT_CONSTRAINT(0x0f, 0xf),    /* MEM_UNCORE_RETIRED.* */
723 	INTEL_FLAGS_UEVENT_CONSTRAINT(0x010c, 0xf), /* MEM_STORE_RETIRED.DTLB_MISS */
724 	INTEL_FLAGS_EVENT_CONSTRAINT(0xc0, 0xf),    /* INST_RETIRED.ANY */
725 	INTEL_EVENT_CONSTRAINT(0xc2, 0xf),    /* UOPS_RETIRED.* */
726 	INTEL_FLAGS_EVENT_CONSTRAINT(0xc4, 0xf),    /* BR_INST_RETIRED.* */
727 	INTEL_FLAGS_UEVENT_CONSTRAINT(0x02c5, 0xf), /* BR_MISP_RETIRED.NEAR_CALL */
728 	INTEL_FLAGS_EVENT_CONSTRAINT(0xc7, 0xf),    /* SSEX_UOPS_RETIRED.* */
729 	INTEL_FLAGS_UEVENT_CONSTRAINT(0x20c8, 0xf), /* ITLB_MISS_RETIRED */
730 	INTEL_FLAGS_EVENT_CONSTRAINT(0xcb, 0xf),    /* MEM_LOAD_RETIRED.* */
731 	INTEL_FLAGS_EVENT_CONSTRAINT(0xf7, 0xf),    /* FP_ASSIST.* */
732 	/* INST_RETIRED.ANY_P, inv=1, cmask=16 (cycles:p). */
733 	INTEL_FLAGS_EVENT_CONSTRAINT(0x108000c0, 0x0f),
734 	EVENT_CONSTRAINT_END
735 };
736 
737 struct event_constraint intel_westmere_pebs_event_constraints[] = {
738 	INTEL_PLD_CONSTRAINT(0x100b, 0xf),      /* MEM_INST_RETIRED.* */
739 	INTEL_FLAGS_EVENT_CONSTRAINT(0x0f, 0xf),    /* MEM_UNCORE_RETIRED.* */
740 	INTEL_FLAGS_UEVENT_CONSTRAINT(0x010c, 0xf), /* MEM_STORE_RETIRED.DTLB_MISS */
741 	INTEL_FLAGS_EVENT_CONSTRAINT(0xc0, 0xf),    /* INSTR_RETIRED.* */
742 	INTEL_EVENT_CONSTRAINT(0xc2, 0xf),    /* UOPS_RETIRED.* */
743 	INTEL_FLAGS_EVENT_CONSTRAINT(0xc4, 0xf),    /* BR_INST_RETIRED.* */
744 	INTEL_FLAGS_EVENT_CONSTRAINT(0xc5, 0xf),    /* BR_MISP_RETIRED.* */
745 	INTEL_FLAGS_EVENT_CONSTRAINT(0xc7, 0xf),    /* SSEX_UOPS_RETIRED.* */
746 	INTEL_FLAGS_UEVENT_CONSTRAINT(0x20c8, 0xf), /* ITLB_MISS_RETIRED */
747 	INTEL_FLAGS_EVENT_CONSTRAINT(0xcb, 0xf),    /* MEM_LOAD_RETIRED.* */
748 	INTEL_FLAGS_EVENT_CONSTRAINT(0xf7, 0xf),    /* FP_ASSIST.* */
749 	/* INST_RETIRED.ANY_P, inv=1, cmask=16 (cycles:p). */
750 	INTEL_FLAGS_EVENT_CONSTRAINT(0x108000c0, 0x0f),
751 	EVENT_CONSTRAINT_END
752 };
753 
754 struct event_constraint intel_snb_pebs_event_constraints[] = {
755 	INTEL_FLAGS_UEVENT_CONSTRAINT(0x01c0, 0x2), /* INST_RETIRED.PRECDIST */
756 	INTEL_PLD_CONSTRAINT(0x01cd, 0x8),    /* MEM_TRANS_RETIRED.LAT_ABOVE_THR */
757 	INTEL_PST_CONSTRAINT(0x02cd, 0x8),    /* MEM_TRANS_RETIRED.PRECISE_STORES */
758 	/* UOPS_RETIRED.ALL, inv=1, cmask=16 (cycles:p). */
759 	INTEL_FLAGS_EVENT_CONSTRAINT(0x108001c2, 0xf),
760         INTEL_EXCLEVT_CONSTRAINT(0xd0, 0xf),    /* MEM_UOP_RETIRED.* */
761         INTEL_EXCLEVT_CONSTRAINT(0xd1, 0xf),    /* MEM_LOAD_UOPS_RETIRED.* */
762         INTEL_EXCLEVT_CONSTRAINT(0xd2, 0xf),    /* MEM_LOAD_UOPS_LLC_HIT_RETIRED.* */
763         INTEL_EXCLEVT_CONSTRAINT(0xd3, 0xf),    /* MEM_LOAD_UOPS_LLC_MISS_RETIRED.* */
764 	/* Allow all events as PEBS with no flags */
765 	INTEL_ALL_EVENT_CONSTRAINT(0, 0xf),
766 	EVENT_CONSTRAINT_END
767 };
768 
769 struct event_constraint intel_ivb_pebs_event_constraints[] = {
770         INTEL_FLAGS_UEVENT_CONSTRAINT(0x01c0, 0x2), /* INST_RETIRED.PRECDIST */
771         INTEL_PLD_CONSTRAINT(0x01cd, 0x8),    /* MEM_TRANS_RETIRED.LAT_ABOVE_THR */
772 	INTEL_PST_CONSTRAINT(0x02cd, 0x8),    /* MEM_TRANS_RETIRED.PRECISE_STORES */
773 	/* UOPS_RETIRED.ALL, inv=1, cmask=16 (cycles:p). */
774 	INTEL_FLAGS_EVENT_CONSTRAINT(0x108001c2, 0xf),
775 	/* INST_RETIRED.PREC_DIST, inv=1, cmask=16 (cycles:ppp). */
776 	INTEL_FLAGS_EVENT_CONSTRAINT(0x108001c0, 0x2),
777 	INTEL_EXCLEVT_CONSTRAINT(0xd0, 0xf),    /* MEM_UOP_RETIRED.* */
778 	INTEL_EXCLEVT_CONSTRAINT(0xd1, 0xf),    /* MEM_LOAD_UOPS_RETIRED.* */
779 	INTEL_EXCLEVT_CONSTRAINT(0xd2, 0xf),    /* MEM_LOAD_UOPS_LLC_HIT_RETIRED.* */
780 	INTEL_EXCLEVT_CONSTRAINT(0xd3, 0xf),    /* MEM_LOAD_UOPS_LLC_MISS_RETIRED.* */
781 	/* Allow all events as PEBS with no flags */
782 	INTEL_ALL_EVENT_CONSTRAINT(0, 0xf),
783         EVENT_CONSTRAINT_END
784 };
785 
786 struct event_constraint intel_hsw_pebs_event_constraints[] = {
787 	INTEL_FLAGS_UEVENT_CONSTRAINT(0x01c0, 0x2), /* INST_RETIRED.PRECDIST */
788 	INTEL_PLD_CONSTRAINT(0x01cd, 0xf),    /* MEM_TRANS_RETIRED.* */
789 	/* UOPS_RETIRED.ALL, inv=1, cmask=16 (cycles:p). */
790 	INTEL_FLAGS_EVENT_CONSTRAINT(0x108001c2, 0xf),
791 	/* INST_RETIRED.PREC_DIST, inv=1, cmask=16 (cycles:ppp). */
792 	INTEL_FLAGS_EVENT_CONSTRAINT(0x108001c0, 0x2),
793 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_NA(0x01c2, 0xf), /* UOPS_RETIRED.ALL */
794 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_XLD(0x11d0, 0xf), /* MEM_UOPS_RETIRED.STLB_MISS_LOADS */
795 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_XLD(0x21d0, 0xf), /* MEM_UOPS_RETIRED.LOCK_LOADS */
796 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_XLD(0x41d0, 0xf), /* MEM_UOPS_RETIRED.SPLIT_LOADS */
797 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_XLD(0x81d0, 0xf), /* MEM_UOPS_RETIRED.ALL_LOADS */
798 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_XST(0x12d0, 0xf), /* MEM_UOPS_RETIRED.STLB_MISS_STORES */
799 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_XST(0x42d0, 0xf), /* MEM_UOPS_RETIRED.SPLIT_STORES */
800 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_XST(0x82d0, 0xf), /* MEM_UOPS_RETIRED.ALL_STORES */
801 	INTEL_FLAGS_EVENT_CONSTRAINT_DATALA_XLD(0xd1, 0xf),    /* MEM_LOAD_UOPS_RETIRED.* */
802 	INTEL_FLAGS_EVENT_CONSTRAINT_DATALA_XLD(0xd2, 0xf),    /* MEM_LOAD_UOPS_L3_HIT_RETIRED.* */
803 	INTEL_FLAGS_EVENT_CONSTRAINT_DATALA_XLD(0xd3, 0xf),    /* MEM_LOAD_UOPS_L3_MISS_RETIRED.* */
804 	/* Allow all events as PEBS with no flags */
805 	INTEL_ALL_EVENT_CONSTRAINT(0, 0xf),
806 	EVENT_CONSTRAINT_END
807 };
808 
809 struct event_constraint intel_bdw_pebs_event_constraints[] = {
810 	INTEL_FLAGS_UEVENT_CONSTRAINT(0x01c0, 0x2), /* INST_RETIRED.PRECDIST */
811 	INTEL_PLD_CONSTRAINT(0x01cd, 0xf),    /* MEM_TRANS_RETIRED.* */
812 	/* UOPS_RETIRED.ALL, inv=1, cmask=16 (cycles:p). */
813 	INTEL_FLAGS_EVENT_CONSTRAINT(0x108001c2, 0xf),
814 	/* INST_RETIRED.PREC_DIST, inv=1, cmask=16 (cycles:ppp). */
815 	INTEL_FLAGS_EVENT_CONSTRAINT(0x108001c0, 0x2),
816 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_NA(0x01c2, 0xf), /* UOPS_RETIRED.ALL */
817 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_LD(0x11d0, 0xf), /* MEM_UOPS_RETIRED.STLB_MISS_LOADS */
818 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_LD(0x21d0, 0xf), /* MEM_UOPS_RETIRED.LOCK_LOADS */
819 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_LD(0x41d0, 0xf), /* MEM_UOPS_RETIRED.SPLIT_LOADS */
820 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_LD(0x81d0, 0xf), /* MEM_UOPS_RETIRED.ALL_LOADS */
821 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_ST(0x12d0, 0xf), /* MEM_UOPS_RETIRED.STLB_MISS_STORES */
822 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_ST(0x42d0, 0xf), /* MEM_UOPS_RETIRED.SPLIT_STORES */
823 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_ST(0x82d0, 0xf), /* MEM_UOPS_RETIRED.ALL_STORES */
824 	INTEL_FLAGS_EVENT_CONSTRAINT_DATALA_LD(0xd1, 0xf),    /* MEM_LOAD_UOPS_RETIRED.* */
825 	INTEL_FLAGS_EVENT_CONSTRAINT_DATALA_LD(0xd2, 0xf),    /* MEM_LOAD_UOPS_L3_HIT_RETIRED.* */
826 	INTEL_FLAGS_EVENT_CONSTRAINT_DATALA_LD(0xd3, 0xf),    /* MEM_LOAD_UOPS_L3_MISS_RETIRED.* */
827 	/* Allow all events as PEBS with no flags */
828 	INTEL_ALL_EVENT_CONSTRAINT(0, 0xf),
829 	EVENT_CONSTRAINT_END
830 };
831 
832 
833 struct event_constraint intel_skl_pebs_event_constraints[] = {
834 	INTEL_FLAGS_UEVENT_CONSTRAINT(0x1c0, 0x2),	/* INST_RETIRED.PREC_DIST */
835 	/* INST_RETIRED.PREC_DIST, inv=1, cmask=16 (cycles:ppp). */
836 	INTEL_FLAGS_EVENT_CONSTRAINT(0x108001c0, 0x2),
837 	/* INST_RETIRED.TOTAL_CYCLES_PS (inv=1, cmask=16) (cycles:p). */
838 	INTEL_FLAGS_EVENT_CONSTRAINT(0x108000c0, 0x0f),
839 	INTEL_PLD_CONSTRAINT(0x1cd, 0xf),		      /* MEM_TRANS_RETIRED.* */
840 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_LD(0x11d0, 0xf), /* MEM_INST_RETIRED.STLB_MISS_LOADS */
841 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_ST(0x12d0, 0xf), /* MEM_INST_RETIRED.STLB_MISS_STORES */
842 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_LD(0x21d0, 0xf), /* MEM_INST_RETIRED.LOCK_LOADS */
843 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_ST(0x22d0, 0xf), /* MEM_INST_RETIRED.LOCK_STORES */
844 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_LD(0x41d0, 0xf), /* MEM_INST_RETIRED.SPLIT_LOADS */
845 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_ST(0x42d0, 0xf), /* MEM_INST_RETIRED.SPLIT_STORES */
846 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_LD(0x81d0, 0xf), /* MEM_INST_RETIRED.ALL_LOADS */
847 	INTEL_FLAGS_UEVENT_CONSTRAINT_DATALA_ST(0x82d0, 0xf), /* MEM_INST_RETIRED.ALL_STORES */
848 	INTEL_FLAGS_EVENT_CONSTRAINT_DATALA_LD(0xd1, 0xf),    /* MEM_LOAD_RETIRED.* */
849 	INTEL_FLAGS_EVENT_CONSTRAINT_DATALA_LD(0xd2, 0xf),    /* MEM_LOAD_L3_HIT_RETIRED.* */
850 	INTEL_FLAGS_EVENT_CONSTRAINT_DATALA_LD(0xd3, 0xf),    /* MEM_LOAD_L3_MISS_RETIRED.* */
851 	/* Allow all events as PEBS with no flags */
852 	INTEL_ALL_EVENT_CONSTRAINT(0, 0xf),
853 	EVENT_CONSTRAINT_END
854 };
855 
856 struct event_constraint *intel_pebs_constraints(struct perf_event *event)
857 {
858 	struct event_constraint *c;
859 
860 	if (!event->attr.precise_ip)
861 		return NULL;
862 
863 	if (x86_pmu.pebs_constraints) {
864 		for_each_event_constraint(c, x86_pmu.pebs_constraints) {
865 			if ((event->hw.config & c->cmask) == c->code) {
866 				event->hw.flags |= c->flags;
867 				return c;
868 			}
869 		}
870 	}
871 
872 	return &emptyconstraint;
873 }
874 
875 /*
876  * We need the sched_task callback even for per-cpu events when we use
877  * the large interrupt threshold, such that we can provide PID and TID
878  * to PEBS samples.
879  */
880 static inline bool pebs_needs_sched_cb(struct cpu_hw_events *cpuc)
881 {
882 	return cpuc->n_pebs && (cpuc->n_pebs == cpuc->n_large_pebs);
883 }
884 
885 void intel_pmu_pebs_sched_task(struct perf_event_context *ctx, bool sched_in)
886 {
887 	struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
888 
889 	if (!sched_in && pebs_needs_sched_cb(cpuc))
890 		intel_pmu_drain_pebs_buffer();
891 }
892 
893 static inline void pebs_update_threshold(struct cpu_hw_events *cpuc)
894 {
895 	struct debug_store *ds = cpuc->ds;
896 	u64 threshold;
897 
898 	if (cpuc->n_pebs == cpuc->n_large_pebs) {
899 		threshold = ds->pebs_absolute_maximum -
900 			x86_pmu.max_pebs_events * x86_pmu.pebs_record_size;
901 	} else {
902 		threshold = ds->pebs_buffer_base + x86_pmu.pebs_record_size;
903 	}
904 
905 	ds->pebs_interrupt_threshold = threshold;
906 }
907 
908 static void
909 pebs_update_state(bool needed_cb, struct cpu_hw_events *cpuc, struct pmu *pmu)
910 {
911 	/*
912 	 * Make sure we get updated with the first PEBS
913 	 * event. It will trigger also during removal, but
914 	 * that does not hurt:
915 	 */
916 	bool update = cpuc->n_pebs == 1;
917 
918 	if (needed_cb != pebs_needs_sched_cb(cpuc)) {
919 		if (!needed_cb)
920 			perf_sched_cb_inc(pmu);
921 		else
922 			perf_sched_cb_dec(pmu);
923 
924 		update = true;
925 	}
926 
927 	if (update)
928 		pebs_update_threshold(cpuc);
929 }
930 
931 void intel_pmu_pebs_add(struct perf_event *event)
932 {
933 	struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
934 	struct hw_perf_event *hwc = &event->hw;
935 	bool needed_cb = pebs_needs_sched_cb(cpuc);
936 
937 	cpuc->n_pebs++;
938 	if (hwc->flags & PERF_X86_EVENT_FREERUNNING)
939 		cpuc->n_large_pebs++;
940 
941 	pebs_update_state(needed_cb, cpuc, event->ctx->pmu);
942 }
943 
944 void intel_pmu_pebs_enable(struct perf_event *event)
945 {
946 	struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
947 	struct hw_perf_event *hwc = &event->hw;
948 	struct debug_store *ds = cpuc->ds;
949 
950 	hwc->config &= ~ARCH_PERFMON_EVENTSEL_INT;
951 
952 	cpuc->pebs_enabled |= 1ULL << hwc->idx;
953 
954 	if (event->hw.flags & PERF_X86_EVENT_PEBS_LDLAT)
955 		cpuc->pebs_enabled |= 1ULL << (hwc->idx + 32);
956 	else if (event->hw.flags & PERF_X86_EVENT_PEBS_ST)
957 		cpuc->pebs_enabled |= 1ULL << 63;
958 
959 	/*
960 	 * Use auto-reload if possible to save a MSR write in the PMI.
961 	 * This must be done in pmu::start(), because PERF_EVENT_IOC_PERIOD.
962 	 */
963 	if (hwc->flags & PERF_X86_EVENT_AUTO_RELOAD) {
964 		ds->pebs_event_reset[hwc->idx] =
965 			(u64)(-hwc->sample_period) & x86_pmu.cntval_mask;
966 	} else {
967 		ds->pebs_event_reset[hwc->idx] = 0;
968 	}
969 }
970 
971 void intel_pmu_pebs_del(struct perf_event *event)
972 {
973 	struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
974 	struct hw_perf_event *hwc = &event->hw;
975 	bool needed_cb = pebs_needs_sched_cb(cpuc);
976 
977 	cpuc->n_pebs--;
978 	if (hwc->flags & PERF_X86_EVENT_FREERUNNING)
979 		cpuc->n_large_pebs--;
980 
981 	pebs_update_state(needed_cb, cpuc, event->ctx->pmu);
982 }
983 
984 void intel_pmu_pebs_disable(struct perf_event *event)
985 {
986 	struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
987 	struct hw_perf_event *hwc = &event->hw;
988 
989 	if (cpuc->n_pebs == cpuc->n_large_pebs)
990 		intel_pmu_drain_pebs_buffer();
991 
992 	cpuc->pebs_enabled &= ~(1ULL << hwc->idx);
993 
994 	if (event->hw.flags & PERF_X86_EVENT_PEBS_LDLAT)
995 		cpuc->pebs_enabled &= ~(1ULL << (hwc->idx + 32));
996 	else if (event->hw.flags & PERF_X86_EVENT_PEBS_ST)
997 		cpuc->pebs_enabled &= ~(1ULL << 63);
998 
999 	if (cpuc->enabled)
1000 		wrmsrl(MSR_IA32_PEBS_ENABLE, cpuc->pebs_enabled);
1001 
1002 	hwc->config |= ARCH_PERFMON_EVENTSEL_INT;
1003 }
1004 
1005 void intel_pmu_pebs_enable_all(void)
1006 {
1007 	struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
1008 
1009 	if (cpuc->pebs_enabled)
1010 		wrmsrl(MSR_IA32_PEBS_ENABLE, cpuc->pebs_enabled);
1011 }
1012 
1013 void intel_pmu_pebs_disable_all(void)
1014 {
1015 	struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
1016 
1017 	if (cpuc->pebs_enabled)
1018 		wrmsrl(MSR_IA32_PEBS_ENABLE, 0);
1019 }
1020 
1021 static int intel_pmu_pebs_fixup_ip(struct pt_regs *regs)
1022 {
1023 	struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
1024 	unsigned long from = cpuc->lbr_entries[0].from;
1025 	unsigned long old_to, to = cpuc->lbr_entries[0].to;
1026 	unsigned long ip = regs->ip;
1027 	int is_64bit = 0;
1028 	void *kaddr;
1029 	int size;
1030 
1031 	/*
1032 	 * We don't need to fixup if the PEBS assist is fault like
1033 	 */
1034 	if (!x86_pmu.intel_cap.pebs_trap)
1035 		return 1;
1036 
1037 	/*
1038 	 * No LBR entry, no basic block, no rewinding
1039 	 */
1040 	if (!cpuc->lbr_stack.nr || !from || !to)
1041 		return 0;
1042 
1043 	/*
1044 	 * Basic blocks should never cross user/kernel boundaries
1045 	 */
1046 	if (kernel_ip(ip) != kernel_ip(to))
1047 		return 0;
1048 
1049 	/*
1050 	 * unsigned math, either ip is before the start (impossible) or
1051 	 * the basic block is larger than 1 page (sanity)
1052 	 */
1053 	if ((ip - to) > PEBS_FIXUP_SIZE)
1054 		return 0;
1055 
1056 	/*
1057 	 * We sampled a branch insn, rewind using the LBR stack
1058 	 */
1059 	if (ip == to) {
1060 		set_linear_ip(regs, from);
1061 		return 1;
1062 	}
1063 
1064 	size = ip - to;
1065 	if (!kernel_ip(ip)) {
1066 		int bytes;
1067 		u8 *buf = this_cpu_read(insn_buffer);
1068 
1069 		/* 'size' must fit our buffer, see above */
1070 		bytes = copy_from_user_nmi(buf, (void __user *)to, size);
1071 		if (bytes != 0)
1072 			return 0;
1073 
1074 		kaddr = buf;
1075 	} else {
1076 		kaddr = (void *)to;
1077 	}
1078 
1079 	do {
1080 		struct insn insn;
1081 
1082 		old_to = to;
1083 
1084 #ifdef CONFIG_X86_64
1085 		is_64bit = kernel_ip(to) || !test_thread_flag(TIF_IA32);
1086 #endif
1087 		insn_init(&insn, kaddr, size, is_64bit);
1088 		insn_get_length(&insn);
1089 		/*
1090 		 * Make sure there was not a problem decoding the
1091 		 * instruction and getting the length.  This is
1092 		 * doubly important because we have an infinite
1093 		 * loop if insn.length=0.
1094 		 */
1095 		if (!insn.length)
1096 			break;
1097 
1098 		to += insn.length;
1099 		kaddr += insn.length;
1100 		size -= insn.length;
1101 	} while (to < ip);
1102 
1103 	if (to == ip) {
1104 		set_linear_ip(regs, old_to);
1105 		return 1;
1106 	}
1107 
1108 	/*
1109 	 * Even though we decoded the basic block, the instruction stream
1110 	 * never matched the given IP, either the TO or the IP got corrupted.
1111 	 */
1112 	return 0;
1113 }
1114 
1115 static inline u64 intel_hsw_weight(struct pebs_record_skl *pebs)
1116 {
1117 	if (pebs->tsx_tuning) {
1118 		union hsw_tsx_tuning tsx = { .value = pebs->tsx_tuning };
1119 		return tsx.cycles_last_block;
1120 	}
1121 	return 0;
1122 }
1123 
1124 static inline u64 intel_hsw_transaction(struct pebs_record_skl *pebs)
1125 {
1126 	u64 txn = (pebs->tsx_tuning & PEBS_HSW_TSX_FLAGS) >> 32;
1127 
1128 	/* For RTM XABORTs also log the abort code from AX */
1129 	if ((txn & PERF_TXN_TRANSACTION) && (pebs->ax & 1))
1130 		txn |= ((pebs->ax >> 24) & 0xff) << PERF_TXN_ABORT_SHIFT;
1131 	return txn;
1132 }
1133 
1134 static void setup_pebs_sample_data(struct perf_event *event,
1135 				   struct pt_regs *iregs, void *__pebs,
1136 				   struct perf_sample_data *data,
1137 				   struct pt_regs *regs)
1138 {
1139 #define PERF_X86_EVENT_PEBS_HSW_PREC \
1140 		(PERF_X86_EVENT_PEBS_ST_HSW | \
1141 		 PERF_X86_EVENT_PEBS_LD_HSW | \
1142 		 PERF_X86_EVENT_PEBS_NA_HSW)
1143 	/*
1144 	 * We cast to the biggest pebs_record but are careful not to
1145 	 * unconditionally access the 'extra' entries.
1146 	 */
1147 	struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
1148 	struct pebs_record_skl *pebs = __pebs;
1149 	u64 sample_type;
1150 	int fll, fst, dsrc;
1151 	int fl = event->hw.flags;
1152 
1153 	if (pebs == NULL)
1154 		return;
1155 
1156 	sample_type = event->attr.sample_type;
1157 	dsrc = sample_type & PERF_SAMPLE_DATA_SRC;
1158 
1159 	fll = fl & PERF_X86_EVENT_PEBS_LDLAT;
1160 	fst = fl & (PERF_X86_EVENT_PEBS_ST | PERF_X86_EVENT_PEBS_HSW_PREC);
1161 
1162 	perf_sample_data_init(data, 0, event->hw.last_period);
1163 
1164 	data->period = event->hw.last_period;
1165 
1166 	/*
1167 	 * Use latency for weight (only avail with PEBS-LL)
1168 	 */
1169 	if (fll && (sample_type & PERF_SAMPLE_WEIGHT))
1170 		data->weight = pebs->lat;
1171 
1172 	/*
1173 	 * data.data_src encodes the data source
1174 	 */
1175 	if (dsrc) {
1176 		u64 val = PERF_MEM_NA;
1177 		if (fll)
1178 			val = load_latency_data(pebs->dse);
1179 		else if (fst && (fl & PERF_X86_EVENT_PEBS_HSW_PREC))
1180 			val = precise_datala_hsw(event, pebs->dse);
1181 		else if (fst)
1182 			val = precise_store_data(pebs->dse);
1183 		data->data_src.val = val;
1184 	}
1185 
1186 	/*
1187 	 * We use the interrupt regs as a base because the PEBS record does not
1188 	 * contain a full regs set, specifically it seems to lack segment
1189 	 * descriptors, which get used by things like user_mode().
1190 	 *
1191 	 * In the simple case fix up only the IP for PERF_SAMPLE_IP.
1192 	 *
1193 	 * We must however always use BP,SP from iregs for the unwinder to stay
1194 	 * sane; the record BP,SP can point into thin air when the record is
1195 	 * from a previous PMI context or an (I)RET happend between the record
1196 	 * and PMI.
1197 	 */
1198 	*regs = *iregs;
1199 	regs->flags = pebs->flags;
1200 	set_linear_ip(regs, pebs->ip);
1201 
1202 	if (sample_type & PERF_SAMPLE_REGS_INTR) {
1203 		regs->ax = pebs->ax;
1204 		regs->bx = pebs->bx;
1205 		regs->cx = pebs->cx;
1206 		regs->dx = pebs->dx;
1207 		regs->si = pebs->si;
1208 		regs->di = pebs->di;
1209 
1210 		/*
1211 		 * Per the above; only set BP,SP if we don't need callchains.
1212 		 *
1213 		 * XXX: does this make sense?
1214 		 */
1215 		if (!(sample_type & PERF_SAMPLE_CALLCHAIN)) {
1216 			regs->bp = pebs->bp;
1217 			regs->sp = pebs->sp;
1218 		}
1219 
1220 		/*
1221 		 * Preserve PERF_EFLAGS_VM from set_linear_ip().
1222 		 */
1223 		regs->flags = pebs->flags | (regs->flags & PERF_EFLAGS_VM);
1224 #ifndef CONFIG_X86_32
1225 		regs->r8 = pebs->r8;
1226 		regs->r9 = pebs->r9;
1227 		regs->r10 = pebs->r10;
1228 		regs->r11 = pebs->r11;
1229 		regs->r12 = pebs->r12;
1230 		regs->r13 = pebs->r13;
1231 		regs->r14 = pebs->r14;
1232 		regs->r15 = pebs->r15;
1233 #endif
1234 	}
1235 
1236 	if (event->attr.precise_ip > 1 && x86_pmu.intel_cap.pebs_format >= 2) {
1237 		regs->ip = pebs->real_ip;
1238 		regs->flags |= PERF_EFLAGS_EXACT;
1239 	} else if (event->attr.precise_ip > 1 && intel_pmu_pebs_fixup_ip(regs))
1240 		regs->flags |= PERF_EFLAGS_EXACT;
1241 	else
1242 		regs->flags &= ~PERF_EFLAGS_EXACT;
1243 
1244 	if ((sample_type & (PERF_SAMPLE_ADDR | PERF_SAMPLE_PHYS_ADDR)) &&
1245 	    x86_pmu.intel_cap.pebs_format >= 1)
1246 		data->addr = pebs->dla;
1247 
1248 	if (x86_pmu.intel_cap.pebs_format >= 2) {
1249 		/* Only set the TSX weight when no memory weight. */
1250 		if ((sample_type & PERF_SAMPLE_WEIGHT) && !fll)
1251 			data->weight = intel_hsw_weight(pebs);
1252 
1253 		if (sample_type & PERF_SAMPLE_TRANSACTION)
1254 			data->txn = intel_hsw_transaction(pebs);
1255 	}
1256 
1257 	/*
1258 	 * v3 supplies an accurate time stamp, so we use that
1259 	 * for the time stamp.
1260 	 *
1261 	 * We can only do this for the default trace clock.
1262 	 */
1263 	if (x86_pmu.intel_cap.pebs_format >= 3 &&
1264 		event->attr.use_clockid == 0)
1265 		data->time = native_sched_clock_from_tsc(pebs->tsc);
1266 
1267 	if (has_branch_stack(event))
1268 		data->br_stack = &cpuc->lbr_stack;
1269 }
1270 
1271 static inline void *
1272 get_next_pebs_record_by_bit(void *base, void *top, int bit)
1273 {
1274 	struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
1275 	void *at;
1276 	u64 pebs_status;
1277 
1278 	/*
1279 	 * fmt0 does not have a status bitfield (does not use
1280 	 * perf_record_nhm format)
1281 	 */
1282 	if (x86_pmu.intel_cap.pebs_format < 1)
1283 		return base;
1284 
1285 	if (base == NULL)
1286 		return NULL;
1287 
1288 	for (at = base; at < top; at += x86_pmu.pebs_record_size) {
1289 		struct pebs_record_nhm *p = at;
1290 
1291 		if (test_bit(bit, (unsigned long *)&p->status)) {
1292 			/* PEBS v3 has accurate status bits */
1293 			if (x86_pmu.intel_cap.pebs_format >= 3)
1294 				return at;
1295 
1296 			if (p->status == (1 << bit))
1297 				return at;
1298 
1299 			/* clear non-PEBS bit and re-check */
1300 			pebs_status = p->status & cpuc->pebs_enabled;
1301 			pebs_status &= PEBS_COUNTER_MASK;
1302 			if (pebs_status == (1 << bit))
1303 				return at;
1304 		}
1305 	}
1306 	return NULL;
1307 }
1308 
1309 static void __intel_pmu_pebs_event(struct perf_event *event,
1310 				   struct pt_regs *iregs,
1311 				   void *base, void *top,
1312 				   int bit, int count)
1313 {
1314 	struct perf_sample_data data;
1315 	struct pt_regs regs;
1316 	void *at = get_next_pebs_record_by_bit(base, top, bit);
1317 
1318 	if (!intel_pmu_save_and_restart(event) &&
1319 	    !(event->hw.flags & PERF_X86_EVENT_AUTO_RELOAD))
1320 		return;
1321 
1322 	while (count > 1) {
1323 		setup_pebs_sample_data(event, iregs, at, &data, &regs);
1324 		perf_event_output(event, &data, &regs);
1325 		at += x86_pmu.pebs_record_size;
1326 		at = get_next_pebs_record_by_bit(at, top, bit);
1327 		count--;
1328 	}
1329 
1330 	setup_pebs_sample_data(event, iregs, at, &data, &regs);
1331 
1332 	/*
1333 	 * All but the last records are processed.
1334 	 * The last one is left to be able to call the overflow handler.
1335 	 */
1336 	if (perf_event_overflow(event, &data, &regs)) {
1337 		x86_pmu_stop(event, 0);
1338 		return;
1339 	}
1340 
1341 }
1342 
1343 static void intel_pmu_drain_pebs_core(struct pt_regs *iregs)
1344 {
1345 	struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
1346 	struct debug_store *ds = cpuc->ds;
1347 	struct perf_event *event = cpuc->events[0]; /* PMC0 only */
1348 	struct pebs_record_core *at, *top;
1349 	int n;
1350 
1351 	if (!x86_pmu.pebs_active)
1352 		return;
1353 
1354 	at  = (struct pebs_record_core *)(unsigned long)ds->pebs_buffer_base;
1355 	top = (struct pebs_record_core *)(unsigned long)ds->pebs_index;
1356 
1357 	/*
1358 	 * Whatever else happens, drain the thing
1359 	 */
1360 	ds->pebs_index = ds->pebs_buffer_base;
1361 
1362 	if (!test_bit(0, cpuc->active_mask))
1363 		return;
1364 
1365 	WARN_ON_ONCE(!event);
1366 
1367 	if (!event->attr.precise_ip)
1368 		return;
1369 
1370 	n = top - at;
1371 	if (n <= 0)
1372 		return;
1373 
1374 	__intel_pmu_pebs_event(event, iregs, at, top, 0, n);
1375 }
1376 
1377 static void intel_pmu_drain_pebs_nhm(struct pt_regs *iregs)
1378 {
1379 	struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
1380 	struct debug_store *ds = cpuc->ds;
1381 	struct perf_event *event;
1382 	void *base, *at, *top;
1383 	short counts[MAX_PEBS_EVENTS] = {};
1384 	short error[MAX_PEBS_EVENTS] = {};
1385 	int bit, i;
1386 
1387 	if (!x86_pmu.pebs_active)
1388 		return;
1389 
1390 	base = (struct pebs_record_nhm *)(unsigned long)ds->pebs_buffer_base;
1391 	top = (struct pebs_record_nhm *)(unsigned long)ds->pebs_index;
1392 
1393 	ds->pebs_index = ds->pebs_buffer_base;
1394 
1395 	if (unlikely(base >= top))
1396 		return;
1397 
1398 	for (at = base; at < top; at += x86_pmu.pebs_record_size) {
1399 		struct pebs_record_nhm *p = at;
1400 		u64 pebs_status;
1401 
1402 		pebs_status = p->status & cpuc->pebs_enabled;
1403 		pebs_status &= (1ULL << x86_pmu.max_pebs_events) - 1;
1404 
1405 		/* PEBS v3 has more accurate status bits */
1406 		if (x86_pmu.intel_cap.pebs_format >= 3) {
1407 			for_each_set_bit(bit, (unsigned long *)&pebs_status,
1408 					 x86_pmu.max_pebs_events)
1409 				counts[bit]++;
1410 
1411 			continue;
1412 		}
1413 
1414 		/*
1415 		 * On some CPUs the PEBS status can be zero when PEBS is
1416 		 * racing with clearing of GLOBAL_STATUS.
1417 		 *
1418 		 * Normally we would drop that record, but in the
1419 		 * case when there is only a single active PEBS event
1420 		 * we can assume it's for that event.
1421 		 */
1422 		if (!pebs_status && cpuc->pebs_enabled &&
1423 			!(cpuc->pebs_enabled & (cpuc->pebs_enabled-1)))
1424 			pebs_status = cpuc->pebs_enabled;
1425 
1426 		bit = find_first_bit((unsigned long *)&pebs_status,
1427 					x86_pmu.max_pebs_events);
1428 		if (bit >= x86_pmu.max_pebs_events)
1429 			continue;
1430 
1431 		/*
1432 		 * The PEBS hardware does not deal well with the situation
1433 		 * when events happen near to each other and multiple bits
1434 		 * are set. But it should happen rarely.
1435 		 *
1436 		 * If these events include one PEBS and multiple non-PEBS
1437 		 * events, it doesn't impact PEBS record. The record will
1438 		 * be handled normally. (slow path)
1439 		 *
1440 		 * If these events include two or more PEBS events, the
1441 		 * records for the events can be collapsed into a single
1442 		 * one, and it's not possible to reconstruct all events
1443 		 * that caused the PEBS record. It's called collision.
1444 		 * If collision happened, the record will be dropped.
1445 		 */
1446 		if (p->status != (1ULL << bit)) {
1447 			for_each_set_bit(i, (unsigned long *)&pebs_status,
1448 					 x86_pmu.max_pebs_events)
1449 				error[i]++;
1450 			continue;
1451 		}
1452 
1453 		counts[bit]++;
1454 	}
1455 
1456 	for (bit = 0; bit < x86_pmu.max_pebs_events; bit++) {
1457 		if ((counts[bit] == 0) && (error[bit] == 0))
1458 			continue;
1459 
1460 		event = cpuc->events[bit];
1461 		if (WARN_ON_ONCE(!event))
1462 			continue;
1463 
1464 		if (WARN_ON_ONCE(!event->attr.precise_ip))
1465 			continue;
1466 
1467 		/* log dropped samples number */
1468 		if (error[bit]) {
1469 			perf_log_lost_samples(event, error[bit]);
1470 
1471 			if (perf_event_account_interrupt(event))
1472 				x86_pmu_stop(event, 0);
1473 		}
1474 
1475 		if (counts[bit]) {
1476 			__intel_pmu_pebs_event(event, iregs, base,
1477 					       top, bit, counts[bit]);
1478 		}
1479 	}
1480 }
1481 
1482 /*
1483  * BTS, PEBS probe and setup
1484  */
1485 
1486 void __init intel_ds_init(void)
1487 {
1488 	/*
1489 	 * No support for 32bit formats
1490 	 */
1491 	if (!boot_cpu_has(X86_FEATURE_DTES64))
1492 		return;
1493 
1494 	x86_pmu.bts  = boot_cpu_has(X86_FEATURE_BTS);
1495 	x86_pmu.pebs = boot_cpu_has(X86_FEATURE_PEBS);
1496 	x86_pmu.pebs_buffer_size = PEBS_BUFFER_SIZE;
1497 	if (x86_pmu.pebs) {
1498 		char pebs_type = x86_pmu.intel_cap.pebs_trap ?  '+' : '-';
1499 		int format = x86_pmu.intel_cap.pebs_format;
1500 
1501 		switch (format) {
1502 		case 0:
1503 			pr_cont("PEBS fmt0%c, ", pebs_type);
1504 			x86_pmu.pebs_record_size = sizeof(struct pebs_record_core);
1505 			/*
1506 			 * Using >PAGE_SIZE buffers makes the WRMSR to
1507 			 * PERF_GLOBAL_CTRL in intel_pmu_enable_all()
1508 			 * mysteriously hang on Core2.
1509 			 *
1510 			 * As a workaround, we don't do this.
1511 			 */
1512 			x86_pmu.pebs_buffer_size = PAGE_SIZE;
1513 			x86_pmu.drain_pebs = intel_pmu_drain_pebs_core;
1514 			break;
1515 
1516 		case 1:
1517 			pr_cont("PEBS fmt1%c, ", pebs_type);
1518 			x86_pmu.pebs_record_size = sizeof(struct pebs_record_nhm);
1519 			x86_pmu.drain_pebs = intel_pmu_drain_pebs_nhm;
1520 			break;
1521 
1522 		case 2:
1523 			pr_cont("PEBS fmt2%c, ", pebs_type);
1524 			x86_pmu.pebs_record_size = sizeof(struct pebs_record_hsw);
1525 			x86_pmu.drain_pebs = intel_pmu_drain_pebs_nhm;
1526 			break;
1527 
1528 		case 3:
1529 			pr_cont("PEBS fmt3%c, ", pebs_type);
1530 			x86_pmu.pebs_record_size =
1531 						sizeof(struct pebs_record_skl);
1532 			x86_pmu.drain_pebs = intel_pmu_drain_pebs_nhm;
1533 			x86_pmu.free_running_flags |= PERF_SAMPLE_TIME;
1534 			break;
1535 
1536 		default:
1537 			pr_cont("no PEBS fmt%d%c, ", format, pebs_type);
1538 			x86_pmu.pebs = 0;
1539 		}
1540 	}
1541 }
1542 
1543 void perf_restore_debug_store(void)
1544 {
1545 	struct debug_store *ds = __this_cpu_read(cpu_hw_events.ds);
1546 
1547 	if (!x86_pmu.bts && !x86_pmu.pebs)
1548 		return;
1549 
1550 	wrmsrl(MSR_IA32_DS_AREA, (unsigned long)ds);
1551 }
1552