github/acrn-hypervisor
1
0
Fork 0
mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-06-26 07:21:37 +00:00
Code Issues Projects Releases Wiki Activity

HV: remove sanitize_vm_config function

Browse Source 
Remove function of sanitize_vm_config() since the processing of sanitizing
will be moved to pre-build process.

When hypervisor has booted, we assume all VM configurations is sanitized;

Tracked-On: #5077

Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This commit is contained in:
Victor Sun 2020-08-04 09:19:37 +08:00 committed by wenlingz
parent 7d0d750e0b
commit 8245145317
3 changed files with 2 additions and 173 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

168
hypervisor/arch/x86/configs/vm_config.c
View File

@ -4,15 +4,7 @@
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
#include <bits.h>
#include <vm_config.h> #include <vm_config.h>
#include <logmsg.h>
#include <rdt.h>
#include <pgtable.h>
#include <vuart.h>
static uint8_t rtvm_uuid1[16] = POST_RTVM_UUID1;
static uint8_t safety_vm_uuid1[16] = SAFETY_VM_UUID1;
/* /*
* @pre vm_id < CONFIG_MAX_VM_NUM * @pre vm_id < CONFIG_MAX_VM_NUM
@ -52,163 +44,3 @@ bool vm_has_matched_uuid(uint16_t vmid, const uint8_t *uuid)
return (uuid_is_equal(vm_config->uuid, uuid)); return (uuid_is_equal(vm_config->uuid, uuid));
} }
/**
* return true if the input uuid is for RTVM
*
* @pre vmid < CONFIG_MAX_VM_NUM
*/
static bool is_safety_vm_uuid(const uint8_t *uuid)
{
/* TODO: Extend to check more safety VM uuid if we have more than one safety VM. */
return uuid_is_equal(uuid, safety_vm_uuid1);
}
/**
* return true if the input uuid is for RTVM
*
* @pre vmid < CONFIG_MAX_VM_NUM
*/
static bool is_rtvm_uuid(const uint8_t *uuid)
{
/* TODO: Extend to check more rtvm uuid if we have more than one RTVM. */
return uuid_is_equal(uuid, rtvm_uuid1);
}
/**
* return true if no UUID collision is found in vm configs array start from vm_configs[vm_id]
*
* @pre vm_id < CONFIG_MAX_VM_NUM
*/
static bool check_vm_uuid_collision(uint16_t vm_id)
{
uint16_t i;
bool ret = true;
struct acrn_vm_config *start_config = get_vm_config(vm_id);
struct acrn_vm_config *following_config;
for (i = vm_id + 1U; i < CONFIG_MAX_VM_NUM; i++) {
following_config = get_vm_config(i);
if (uuid_is_equal(&start_config->uuid[0], &following_config->uuid[0])) {
ret = false;
break;
}
}
return ret;
}
static bool check_vm_clos_config(uint16_t vm_id)
{
uint16_t i;
bool ret = true;
struct acrn_vm_config *vm_config = get_vm_config(vm_id);
uint16_t vcpu_num = bitmap_weight(vm_config->cpu_affinity);
for (i = 0U; i < vcpu_num; i++) {
if (vm_config->clos[i] >= valid_clos_num) {
pr_err("vm%u: vcpu%u clos(%u) exceed the max clos(%u).",
vm_id, i, vm_config->clos[i], valid_clos_num);
ret = false;
break;
}
}
return ret;
}
/**
* @pre vm_config != NULL
*/
bool sanitize_vm_config(void)
{
bool ret = true;
uint16_t vm_id, vuart_idx;
struct acrn_vm_config *vm_config;
/* We need to setup a rule, that the vm_configs[] array should follow
* the order of PRE_LAUNCHED_VM first, and then SOS_VM.
*/
for (vm_id = 0U; vm_id < CONFIG_MAX_VM_NUM; vm_id++) {
vm_config = get_vm_config(vm_id);
if ((vm_config->cpu_affinity == 0UL) || ((vm_config->cpu_affinity & ~ALL_CPUS_MASK) != 0UL)) {
pr_err("%s: vm%u assigns invalid PCPU (0x%llx)", __func__, vm_id, vm_config->cpu_affinity);
ret = false;
}
switch (vm_config->load_order) {
case PRE_LAUNCHED_VM:
/* GUEST_FLAG_RT must be set if we have GUEST_FLAG_LAPIC_PASSTHROUGH set in guest_flags */
if (((vm_config->guest_flags & GUEST_FLAG_LAPIC_PASSTHROUGH) != 0U)
&& ((vm_config->guest_flags & GUEST_FLAG_RT) == 0U)) {
ret = false;
} else if (vm_config->epc.size != 0UL) {
ret = false;
} else if (is_safety_vm_uuid(vm_config->uuid) && (vm_config->severity != (uint8_t)SEVERITY_SAFETY_VM)) {
ret = false;
} else {
/* nothing to do here */
}
break;
case SOS_VM:
if ((vm_config->severity != (uint8_t)SEVERITY_SOS) ||
((vm_config->guest_flags & GUEST_FLAG_LAPIC_PASSTHROUGH) != 0U)) {
ret = false;
}
break;
case POST_LAUNCHED_VM:
if ((vm_config->severity == (uint8_t)SEVERITY_SAFETY_VM) ||
(vm_config->severity == (uint8_t)SEVERITY_SOS)) {
ret = false;
}
/* VM with RTVM uuid must have RTVM severity */
if (is_rtvm_uuid(vm_config->uuid) && (vm_config->severity != (uint8_t)SEVERITY_RTVM)) {
ret = false;
}
/* VM WITHOUT RTVM uuid must NOT have RTVM severity */
if (!is_rtvm_uuid(vm_config->uuid) && (vm_config->severity == (uint8_t)SEVERITY_RTVM)) {
ret = false;
}
break;
default:
/* Nothing to do for a unknown VM, break directly. */
break;
}
if (ret && is_platform_rdt_capable()) {
ret = check_vm_clos_config(vm_id);
}
if (ret &&
(((vm_config->epc.size | vm_config->epc.base) & ~PAGE_MASK) != 0UL)) {
ret = false;
}
if (ret) {
/* make sure no identical UUID in following VM configurations */
ret = check_vm_uuid_collision(vm_id);
}
if (ret) {
/* vuart[1+] are used for VM communications */
for (vuart_idx = 1U; vuart_idx < MAX_VUART_NUM_PER_VM; vuart_idx++) {
const struct vuart_config *vu_config = &vm_config->vuart[vuart_idx];
if (!(vu_config->type == VUART_LEGACY_PIO) &&
(vu_config->addr.port_base == INVALID_COM_BASE)) {
if ((vu_config->t_vuart.vm_id >= CONFIG_MAX_VM_NUM) ||
(vu_config->t_vuart.vm_id == vm_id)) {
pr_err("%s invalid vuart configuration for VM %d\n", __func__, vm_id);
ret = false;
}
}
}
}
if (!ret) {
break;
}
}
return ret;
}

6
hypervisor/arch/x86/cpu.c
View File

@ -226,10 +226,6 @@ void init_pcpu_post(uint16_t pcpu_id)
pr_dbg("Core %hu is up", BSP_CPU_ID); pr_dbg("Core %hu is up", BSP_CPU_ID);
if (!sanitize_vm_config()) {
panic("VM Configuration Error!");
}
/* Warn for security feature not ready */ /* Warn for security feature not ready */
if (!check_cpu_security_cap()) { if (!check_cpu_security_cap()) {
pr_fatal("SECURITY WARNING!!!!!!"); pr_fatal("SECURITY WARNING!!!!!!");
@ -271,6 +267,8 @@ void init_pcpu_post(uint16_t pcpu_id)
} else { } else {
pr_dbg("Core %hu is up", pcpu_id); pr_dbg("Core %hu is up", pcpu_id);
pr_warn("Skipping VM configuration check which should be done before building HV binary.");
/* Initialize secondary processor interrupts. */ /* Initialize secondary processor interrupts. */
init_interrupt(pcpu_id); init_interrupt(pcpu_id);

1
hypervisor/include/arch/x86/vm_config.h
View File

@ -190,7 +190,6 @@ struct acrn_vm_config {
struct acrn_vm_config *get_vm_config(uint16_t vm_id); struct acrn_vm_config *get_vm_config(uint16_t vm_id);
uint8_t get_vm_severity(uint16_t vm_id); uint8_t get_vm_severity(uint16_t vm_id);
bool vm_has_matched_uuid(uint16_t vmid, const uint8_t *uuid); bool vm_has_matched_uuid(uint16_t vmid, const uint8_t *uuid);
bool sanitize_vm_config(void);
extern struct acrn_vm_config vm_configs[CONFIG_MAX_VM_NUM]; extern struct acrn_vm_config vm_configs[CONFIG_MAX_VM_NUM];