Bug ID: 6545740 sparc brandz syscall wrappers only exist on DEBUG kernels

Bug ID	6545740
Synopsis	sparc brandz syscall wrappers only exist on DEBUG kernels
State	10-Fix Delivered (Fix available in build)
Category:Subcategory	kernel:brandz
Keywords
Responsible Engineer	Edward Pilatowicz
Reported Against
Duplicate Of
Introduced In	solaris_nevada
Commit to Fix	snv_64
Fixed In	snv_64
Release Fixed	solaris_nevada(snv_64) , solaris_10u5(s10u5_01) (Bug ID:2151493)
Related Bugs	6409863 , 6539890 , 6557021
Submit Date	13-April-2007
Last Update Date	13-August-2007
Description	Currently the sparc brandz syscall wrappers are only compiled and active on DEBUG kernels. this was done so that there would be no performance impact on native processes on production systems, but we could still test the brandz framework on sparc systems by using DEBUG kernels. unfortunatly the lack of support for brandz callback interposition on non-DEBUG kernels prevents the introduction of real sparc brands. there for the current syscall interposition wrappers should be compiled for both DEBUG and non-DEBUG kernels, and the performance impact of enabling this should be quantified and minimized. some ideas for improving the performance of the current syscall interposition mechanism (which involves checking if a processes is branded in the syscall trap handler) would be to introduce a branded bit into either the cpu structure or the thread structure. (currently we need to access the proc structure to determine if a proceses is branded.) this would reduce the number of memory accesses required in the trap code to determine if a process is branded. another idea would be to have the interposition code compiled in but disabled by default on systems that don't have any branded zones running, and then if the administrator attempts to enable a branded zone we could hot patch the trap table to enable the syscall interposition mechanism. this approach would insure a zero performance impact on systems that don't have branded zones enabled. the fix that was chosen for this bug was to implement hot patching of the trap table to enable brandz syscall interposition. basically, now the brandz syscall wrappers will always be compiled on both DEBUG and non-DEBUG kernels, but by default they will never be executed. then when the first branded zone is booted on the system, the zones/brandz framework will hot patch the first instruction of both the 32 and 64 bit syscall trap entry points. that first instruction will be replaced with a "ba,a" instruction which will redirect the all the syscall traps to the brandz syscall wrapper entry points. when the last branded zone on a system is halted, the original instructions that were overwritten in the trap table will be restored, there by disabling the brandz syscall interposition. this approach should result in a zero performance impact on systems that don't use branded zones. this approach was taken after studying how trapstat and the dtrace lockstat providers work. the technique was carefully chosen to not cause any problems with trapstat. the new syscall instruction patch points use a similar naming structure to those found in the lockstat provider. and the patch points themselves were chosed to not interfere with trapstat or it's any of it's alternate trap tables. lastly the hot patching doesn't actually involve introducing any new trap tables or changing %TBA, it only involves hot patching two instructions in the existing default system trap table. the changes in this bug are dependant upon the following changes: 6539890 sparc brandz syscall wrappers don't support sun4v
Work Around	N/A
Comments	N/A

OpenSolaris