paddr_guest2host may return NULL, this patch checks the return value
to avoid null pointer dereference.
Tracked-On: #5514
Signed-off-by: Liu Long <long.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Update and light clean-up of the buit-in list of arguments from 'acrn-dm'
* Added options in the top part (list with no explanation)
* Remove a couple of arguments that are no longer valid ('vmcfg' and 'dump')
Tracked-On: #5445
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
In addition to a single OVMF image (OVMF.fd), split images
(OVMF_CODE.fd, OVMF_VARS.fd) can be used to facilitate VM management.
From the OVMF Whitepaper:
The variable store and the firmware executable are also available in
the build output as separate files entitled: "OVMF_VARS.fd" and
"OVMF_CODE.fd". This enables central management and updates of the
firmware executable, while each virtual machine can retain its own
variable store.
An example to launch acrn-dm with the split images:
--ovmf code=/usr/share/acrn/bios/OVMF_CODE.fd, \
vars=/usr/share/acrn/bios/OVMF_VARS.fd
v1 -> v2:
- use memory-mapped file I/O for writeback
- use fcntl to lock OVMF image files
Tracked-On: #5487
Signed-off-by: Peter Fang <peter.fang@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Windows graphic driver obtains DSM address from in-BAR mmio register
which has passthroughed. Not like the other platforms obtained from
pci configure space register which has virtualized. So TGL has to
keep identical mapping to avoid trap mmio BAR to do the emulation.
To keep simple, this patch hardcode the TGL DSM region in vE820
table, this will cause memory waste here. In the near future, we
need refine the entire vE820 logic as it is hard to maintained
due to many reserved regions have introduced in recently.
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Tracked-On: #5461
dm: pSRAM: added a command line parameter "--psram" to enable pSRAM
support for post-launched RTVM
Added "--psram" in DM command line to enable pSRAM support for
post-launched RTVM
Tracked-On: #5330
Signed-off-by: Qian Wang <qian1.wang@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
dm: modify vE820 to adapt to pSRAM for post-launched RTVM
When pSRAM is enabled for post-launched RTVM, we add a segment in vE820 for
pSRAM, and therefore the lowmem RAM will be split into part1 and part2.
Also, code of post vE820 initialization is refined
Tracked-On: #5330
Signed-off-by: Qian Wang <qian1.wang@intel.com>
dm: vptct: add vPTCT for post-launched RTVM
We added vPTCT support for post-launched RTVM:
1. Added a function create_and_inject_vptct. Currently, we
pass-through the whole pSRAM to one RTVM, so we will also pass-
through the PTCT to the very same RTVM. This function will
read the native PTCT from SOS and inject it into post-
launched VM's vACPI.
2. Added some definitions for vPTCT.
Tracked-On: #5330
Signed-off-by: Qian Wang <qian1.wang@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
We don't reserve PCI MMIO in e820 Table, it's included in DSDT ACPI Table.
About 0xA0000 - 0x100000 entry, we don't have any ACPI Table touch this region.
So we could remove it too.
After this change, we could only pass the reserved e820 table which we must
reserve to OVMF. In this case, the OVMF could trust ACRN-DM and pass the
reserved e820 table to guest instead of dropping it.
This patch needs the corresponding modify in OVMF. Otherwise, the guest could
not boot.
Tracked-On: #4550
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
pm_vuart stops listening and relays the message right away if it
encounters EAGAIN during read(). This causes the messages relayed to be
fragmented.
Only relay the message when it encounters a null character or a newline
character, or when the buffer is full.
Tracked-On: #5429
Signed-off-by: Peter Fang <peter.fang@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Fix typo error "--apicdev_pt HID" to pass through a TPM device. Fix it to
"--acpidev_pt HID"
Tracked-On: #5401
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Add Null pointer check in init vq ring and add vq ring descriptor
check in case cause Nullpointer exception.
Tracked-On: #5355
Signed-off-by: Liu Long <long.liu@intel.com>
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Add IC_CREATE_DEVICE and IC_DESTROY_DEVICE ioctls to create and
destroy an emulated device in hypervisor
v3: change IC_CREATE_DEVICE and IC_DESTROY_DEVICE to IC_CREATE_HV_VDEV
and IC_DESTROY_HV_VDEV
Tracked-On: #4853
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
We could add MMIO device pass through by two ways:
a) If the MMIO device only has MMIO regions and no ACPI Table touched, using
"--mmiodev_pt MMIO_regions",
b) If the MMIO device touches ACPI Table, using "--acpidev_pt HID"
Now only support TPM2 MSFT0101 MMIO device pass through through launch script
using "--acpidev_pt MSFT0101". When we want to pass through the TPM2 deivce,
we would not allow to emulate the vTPM2 at the same time. This is becuase
the ACRN-DM emulate the TPM2 as MSFT0101 too. Otherwise, the VM can't boot.
Besides, we could only support one TPM2 device PT and one MMIO device PT.
For TPM2 device PT, the MMIO resources are hard-coded. For the MMIO device PT,
we could pass through the MMIO resources on the cmdline.
ToDo:
1. We may use HID to discover the MMIO regions and ACPI Table instaed of
hard-coded.
2. To identify a MMIO device only by MMIO regions.
3. To allocate virtual MMIO regions in a reserved guest MMIO regions.
Tracked-On: #5053
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Add two hypercalls to support MMIO device pass through.
Tracked-On: #5053
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
hugetlb_lv_max will get wrong value if the HUGETLB_LV2 mount failed.
Once hugetlb_lv_max is wrong, the following code logic messes up.
Tracked-On: #4937
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
- re-arange the code to make static code analysis tool happy.
- If no valid conversion could be performed, a zero value is returned
(0L) from strtol(), so add a sanity check "isdigit(cp[0])" to ensure
that it won't unexpectedly parse CPU 0 if the string starts or ends
with the valid delimiters ',' or '-', for example:
-- cpu_affinity 1,
-- cpu_affinity ,1
Tracked-On: #4616
Signed-off-by: Zide Chen <zide.chen@intel.com>
To remove the limit of 4MB ramdisk size simply adjust layout
dynamically according to ramdisk size rounded up to a 4K boundary.
This enables ramdisk based virtual machines which tend to have
large ramdisk memory requirements (128MB and above).
Tracked-On: #4840
Signed-off-by: Helmut Buchsbaum <helmut.buchsbaum@opensource.tttech-industrial.com>
add logs for vm state transition to help
analyze some problems.
Tracked-On: #4098
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
The 'pause/continue' acrnctl cmd is never used and their action are not
defined for ACRN VMs. Devicemodel minitor doesn't need to handle these 2
msg, should be removed.
Tracked-On: #4790
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Yan, Like <like.yan@intel.com>
Remove the 'p' argument from the list as it is now obsolete and there is no
implementation for it in the code.
Tracked-On: #4732
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
User has a chance to specify VCPU affinity through acrn-dm command line
argument. Examples of the command line:
3 PCPUs: 1/2/3
--cpu_affinity 1-3
5 PCPUs: 2/3/6/7/8
--cpu_affinity 2,3,6-8
8 PCPUs: 2/3/6/7/9/10/11/12
--cpu_affinity 2,3,6-7,9,10-12
The specified pCPUs must be included in the guest VM's statically
defined vm_config[].cpu_affinity_bitmap.
Tracked-On: #4616
Signed-off-by: Zide Chen <zide.chen@intel.com>
now VM state transition only allows VM_PAUSED to
VM_POWERED_OFF, this patch call vm_pause before vm_destroy
in some vm failure cases.
Tracked-On: #4320
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
1) remove state machine
2) remove retry mechanism
3) pm thread only use to transmit data,not parse detailed message.
v1-->v2:
remove delay in pm_monitor_loop
Tracked-On: #4446
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Reviewed-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Yuhong Tao <yuhong.tao@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
it will send shutdown command to life_mngr on SOS
after the UOS has poweroff itself
Tracked-On: #4446
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
when acrn-dm received shutdown command, it will call this api
to send shutdown command to life_mngr running on SOS via socket.
Tracked-On: #4446
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
it will send "acked" message to UOS if it receives
"shutdown" command from UOS, then wait UOS poweroff itself,
it will send shutdown to life_mngr running on SOS to
shutdown system.
Tracked-On: #4446
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Reviewed-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Change shutdown_uos_thread to pm_monitor thread,
the shutdown_uos_thread can do:
--send shutdown request to UOS
--receive acked message from UOS
the pm_monitor can do:
--send shutdown request to UOS
--receive acked message from UOS
--receive shutdown request from UOS
Tracked-On: #4446
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
set the attributes during pm-vuart initialization
to avoid the pm-vuart in an indefinite state.
Currently we have implemented S5 triggered by SOS,
these patch series both support S5 triggered by SOS and RTVM.
the fully steps for S5 triggered by SOS:
1) S5-Trigger: it initiates the platform shutdown actions;
it calls “acrnctl stop vmX” to do that,
and check the VM's status, power-off SOS itself.
2) acrnctl will send “stop” to “acrn-dm”
3) acrn-dm will send “shutdown” command to VMx by v-UART.
4) when life-cycle manager in VMx receives the “shutdown” command,
it will give an “acked” to acrn-dm, and then poweroff itself.
the fully steps for S5 triggered by RTVM:
1) S5-Trigger in RTVM: it initiates the platform shutdown actions;
it’ll send shutdown command for platform shutdown to
life-cycle manager
2) when life-cycle manager in RTVM receive the message,
it will send “shutdown” command to acrn-dm in SOS by v-UART.
3) when acrn-dm receives the “shutdown” command from RTVM,
it will give an “acked” to RTVM, RTVM’s life-cycle manager can
power off itself
4) acrn-dm will send “shutdown” command to its own life-cycle manager
by socket.
5) when life-cycle manager in SOS receives the “shutdown” command,
it can call “s5_trigger” script to shutdown platform.
Tracked-On: #4446
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Reviewed-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Let the ACRN HV to do this in shutdown sequence. In this case, the RTVM could be
still alive if something wrong happened to cause the DM died.
Tracked-On: #4428
Signed-off-by: Li Fei1 <fei1.li@intel.com>
If the guest is RTVM, dm process exit doesn't mean RTVM is
shutdown. Only shutdown_vm in hypervisor guarantee RTVM is
shutodwn. So we should avoid touch guest memory content
from DM if the guest is RTVM.
Tracked-On: #4428
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Now we split passthrough PCI device from DM to HV, we could remove all the passthrough
PCI device unused code.
Tracked-On: #4371
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add assign/deassign PCI device ioctl APIs assign a PCI device from SOS to
post-launched VM or deassign a PCI device from post-launched VM to SOS. This patch
is prepared for spliting passthrough PCI device from DM to HV.
The old assign/deassign ptdev APIs will be discarded.
Tracked-On: #4371
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
gop driver and uos IGD driver will use
graphics stolen memory(gsm) when enable GVT-d.
This patch pass-thru gsm to uos gpu.
After set physical GPU gsm size 64MB in host BIOS:
Here is the steps:
(1) set gsm gpa(guest physical addrress) 0xDB000000;
(2) get gsm hpa(host physical addrress);
(3) build EPT mapping for gsm.
v1 -> v2:
* initialize the EPT mapping for passthrough GPU gsm region
in passthru_init instead of reading the BDSM config space
v2 -> v3:
* add EPT unmap when deinit
* change some micro name
Tracked-On: #4360
Signed-off-by: Junming Liu <junming.liu@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Liu XinYun <xinyun.liu@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Reviewed-by: Wu Binbin <binbin.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
use acrn-dm logger function instread of perror,
this helps the stability testing log capture.
Tracked-On: #4098
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Do reset for passthrough PCI device by default when assigning it to post-launched
VM:
1. modify opt "reset" to "no_reset" -- could enable no_reset for debug only
2. remove "ptdev_no_reset" opt. It could be replaced by setting "no_reset" for
each passthrough device.
Tracked-On: #3465
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
This patch refactors the CMD_OPT_LAPIC_PT case branch
to explicity add the dependency of option RTVM at the
same branch, it is decoupled from the next case branch
to comply with strict code standard and improve the
code readability.
Tracked-On: #4283
Signed-off-by: Gary <gordon.king@intel.com>
The current design has the following problem:
gvt uses some pci bar regions,
but ACRN-DM isn't aware of these regions.
So ACRN-DM may allocate these regions for other pci devices,
which will result in other pci devices bar regions
overlap with gvt bar regions.
The new design is the following:
(1) ACRN-DM reads gvt bar regions
which are provided by physical gpu;
(2) ACRN-DM reserves gvt bar regions
v6 -> v7:
* use array to store reserved bar regions
* rename some struct and func
v5 -> v6:
* rename enable_gvt to gvt_enabled
* add a interface to reserve bar regions
* reserve gvt bar regions
Tracked-On: projectacrn#4005
Signed-off-by: Junming Liu <junming.liu@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Liu XinYun <xinyun.liu@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
use acrn-dm logger function instread of fprintf,
this helps the stability testing log capture.
Tracked-On: #4098
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Cao Minggui <minggui.cao@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Use acrn-dm logger function instread of printf,
this helps the stability testing log capture.
Tracked-On: #4098
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Cao Minggui <minggui.cao@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Lock should be held till all the mmap operations are done. This is to
avoid the mmap failure when multiple guests are created concurrently.
For example consider the following case in which vm1 and vm2 are
created by acrnd concurrently:
- vm1 is created with 4G+2M memory.
- 4G+2M memory is reserved in hugetlb now and vm1 continues to
allocate memory for the lowmem without lock held.
- 2G memory is allocated by vm1 for its lowmem, and 2G+2M memory
is available in hugetlb.
- At this time vm2 is created with 1G+2M memory. It finds that enough
memory is reserved (2G+2M), so it does not try to reserve more
memory.
- vm2 allocates some memory for its lowmem/highmem/ovmf.
- vm1 tries to allocate memory for its highmem/ovmf, the allocation
will fail. vm1 creation failed in this case.
Tracked-On: #3947
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
In acrn_load_elf(), file pointer 'fp' is kept in
open state before exiting if 'load_elf32()' is executed,
this patch is to fix this bug.
Tracked-On: #3817
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
After Windows 10, version 1607, the cross-signed drivers are forbiden
to load when secure boot is enabled.
Details please refer to
https://docs.microsoft.com/en-us/windows-hardware/drivers/install/kernel-mode-code-signing-policy--windows-vista-and-later-
That means the kvm-guest-drivers-windows can't work when secure boot enabled.
So we found another windows virtio FE drivers from Oracle to resolve this issue
but have to change another subsystem vendor ID for the virtio BE services.
This patch introduces a new DM CMD line "--windows" to launch WaaG with Oracle virtio devices including
virtio-blk, virtio-net, virtio-input instead Redhat. It can make virtio-blk, virtio-net and virtio-input
devices work when WaaG enabling secure boot.
Tracked-On: #3583
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
Currently, DM only access /sys/kernel/mm/hugepages/hugepages-2048kB/
entries according to its own huge page requirement. So it could have
following race issue:
DM1 DM2
read nr pages
read nr pages
write DM2 nr pages
write DM1 nr pages
Suppose we should write DM1 + DM2 nr page to kernel sysfs interface
to reserve enough huge page (DM1 + DM2). But actually only reserve
huge page requested by DM1. Which could trigger one VM can't boot.
We can easily hit this issue if we enable multiple UOS auto boot
because more than one VM are started at almost same time.
We add file lock to make sure huge page reserving in DM atomic.
Tracked-On: #3729
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Wang Yu <yu1.wang@intel.com>
Remove the guest cpu number option '-c', as the guest cpu number is
defined in hypervisor vm configuration file, and the number can be
return by vm_create().
Tracked-On: #3663
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now, we pre-define VM configuration statically in HV. So HV can create
vcpus instead of DM when VM create.
This patch get the created vcpu_num from HV. vm_create_vcpu can be
removed later if kernel can get vcpu_num correctly without
IC_CREATE_VCPU ioctl.
v4: Keep vm_create_vcpu in DM for compatbility. We might remove it when
kernel is ready.
Tracked-On: #3663
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
if RTVM, now we assume it can't be shutdown forcely by SOS, so
add check condition to avoid that.
Tracked-On: #3564
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
vuart can be used as communication channel between VMs;
here vuart used to control vm's power off flow; control command
is from SOS to UOS
Tracked-On: #3564
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
