paddr_guest2host may return NULL, this patch checks the return value
to avoid null pointer dereference.
Tracked-On: #5514
Signed-off-by: Liu Long <long.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Prevent memory and information leaks by checking boundaries of
the incoming buffers from the hypervisor.
1. We check that the buffer is sufficent to hold a valid header.
2. We that each hbm message has valid size
vmei_hbm_handler() now returns -EINVAL if the size too small.
3. hdr->length < data_length.
Tracked-On: #5451
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
paddr_guest2host can return NULL, but code paths in virtio
are not checking the return value.
_vq_record() initializes iov_base pointer using paddr_guest2host()
but there is nothing in the flow that checks for NULL.
Chane _vq_record to return -1 in case the address translation
has failed.
Tracked-On: #5452
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Windows graphic driver obtains DSM address from in-BAR mmio register
which has passthroughed. Not like the other platforms obtained from
pci configure space register which has virtualized. So TGL has to
keep identical mapping to avoid trap mmio BAR to do the emulation.
To keep simple, this patch hardcode the TGL DSM region in vE820
table, this will cause memory waste here. In the near future, we
need refine the entire vE820 logic as it is hard to maintained
due to many reserved regions have introduced in recently.
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Tracked-On: #5461
If acrn-dm create pci vuart with
'-s,<slot>,uart,vuart_idx:<value>', then acrn-dm will not
create pci uart at DM land, but create an vuart-pci virtual device
at HV land.
When create a HV land vuart-pci vdev, user must specify its vuart id.
Which is defined in vm_config, is the acrn_vm_pci_dev_config.vuart_idx
Tracked-On: #5394
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
We don't reserve PCI MMIO in e820 Table, it's included in DSDT ACPI Table.
About 0xA0000 - 0x100000 entry, we don't have any ACPI Table touch this region.
So we could remove it too.
After this change, we could only pass the reserved e820 table which we must
reserve to OVMF. In this case, the OVMF could trust ACRN-DM and pass the
reserved e820 table to guest instead of dropping it.
This patch needs the corresponding modify in OVMF. Otherwise, the guest could
not boot.
Tracked-On: #4550
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Add Null pointer check in init vq ring and add vq ring descriptor
check in case cause Nullpointer exception.
Tracked-On: #5355
Signed-off-by: Liu Long <long.liu@intel.com>
Add Null pointer check in init vq ring and add vq ring descriptor
check in case cause Nullpointer exception.
Tracked-On: #5355
Signed-off-by: Liu Long <long.liu@intel.com>
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
We can only call these callbacks when they are not NULL.
Tracked-On: #5342
Signed-off-by: Jie Deng <jie.deng@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Change shared memory name prefix from sos to dm
Change shared memory size unit from byte to megabyte
Tracked-On: #4853
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Refine the DPRINTF/WPRINTF to pr_* based log interface instead of printf directly.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Add Null pointer check in Set TR Dequeue command handle function
to avoid Null pointer exception. Fllow xHCI spec 4.6.10, for Set
TR Dequeue pointer command, when the slot is not enabled the
completion code should be Slot Not Enabled Error.
Tracked-On: #5263
Signed-off-by: Long Liu <long.liu@intel.com>
Acked-by: Yu Wang yu1.wang@intel.com
According to xHCI Spec 4.10.1 Transfer TRBS chapter, there have three
scenarios shall generate a Transfer Event TRB when transfer TRBS:
1. If upon transfer completion of a TRB the Interrupt On Completion(IOC)
flag is set, the xHC shall generate a Transfer Event TRB.
2. A Short Packet will trigger the generation of a Transfer Event TRB on
the Event Ring if the Interrupt-on-Short (ISP) or Interrupt On Completion
(IOC) flags are set in the TRB that the Short Packet was detected on.
3. The detection of an error during a transfer shall always generate a Transfer
Event, irrespective of whether the Interrupt-on-Short or Interrupt On Completion
(IOC) flags are set in the Transfer TRB.
When an error condition is encountered which requires an endpoint to halt; the xHC
shall stop on the TRB in error, the endpoint shall be halted, and
software shall use a Set TR Dequeue Pointer Command to advance
the Transfer Ring to the next TD.
Tracked-On: #5263
Signed-off-by: Long Liu <long.liu@intel.com>
Acked-by: Yu Wang yu1.wang@intel.com
This patch is used to create and destroy an ivshmem device which
is emulated in hypervisor.
Tracked-On: #4853
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
add create_ivshmem_from_dm and destroy_ivshmem_from_dm for
ivshmem device creation and destruction in dm-land
Tracked-On: #4853
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Add Null pointer check in reset and stop endpoint command handle
function to avoid Null pointer exception. Fllow xHCI spec 4.6.8 and
4.6.9, for stop and reset endpoint command, when the slot state is
Disabled the error code should be Slot Not Enabled Error, when the
slot have been enabled by an Enable Slot Command the error code should
be Context State Error.
Tracked-On: #5066
Signed-off-by: Long Liu <long.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Long Liu <long.liu@intel.com>
Some passthrough devices have no reset mechanisms which cause the device stay
in unknown status during boot/reboot flow. And such unknown status cause
unexpected behaviors in the guest. Except the ordinary reset mechanisms
like FLR, we can utilize enter/exit D3cold as the reset that D3cold will
power gate the entire hardware. But the D3cold is implemented as ACPI
method which has no user interface in the SOS side. But the D3cold is
implemented as ACPI method which has no user interface in the SOS side.
But base on our experience, some devices can utilize D3hot instead of
D3cold. But it is not useful for all PCI devices as the power status
of D3hot is implementation defined.
Provide one new API to program PowerState(D0/D1/D2/D3hot) in PMCSR
register.
Add "d3hot_reset" sub-parameter for passthrough device to enable utilize
enter/exit D3hot flow to implement reset mechanisms.
Tracked-On: #5067
Signed-off-by: Long Liu <long.liu@intel.com>
Reviewed-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
There has one bug that the pci_xhci_dev_emu objects recorded in
xdev->devices haven't destroy when OVMF transfer to guest OS.
This will cause the the fds of usbfs can't be freed in libusb.
The OVMF xHCI driver needs to disable all enabled slots during
graceful existing flow, but it doesn't.
The USBCMD.HCRST bit is used for xHC reset that will be triggered
in xHCI driver initialization. We can use this chance to clear
all pci_xhci_dev_emu objects
Tracked-On: #4897
Signed-off-by: Long Liu <long.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
OpRegion: 8KB(0x2000)
[ OpRegion Header ] Offset: 0x0
[ Mailbox #1: ACPI ] Offset: 0x100
[ Mailbox #2: SWSCI ] Offset: 0x200
[ Mailbox #3: ASLE ] Offset: 0x300
[ Mailbox #4: VBT ] Offset: 0x400
[ Mailbox #5: ASLE EXT ] Offset: 0x1C00
Extended OpRegion: 8KB(0x2000)
[ Raw VBT ] Offset: 0x0
Generally VBT stores in MailBox4 in OpRegion which max size is 6KB.
If VBT larger than 6KB, it will be stored in extended OpRegion which
is neighborhood with legacy OpRegion. In this case, we need to
passthrough extended OpRegion also to support GVT-d feature. The
OpRegion size that we passthrough should be (OpRegion+Extended)=16KB
ASLE.rvda stores the location of VBT.
For OpRegion 2.1+: ASLE.rvda = offset to OpRegion base address
For OpRegion 2.0: ASLE.rvda = physical address
To-do: Add support for OpRegion on some platforms(eg. APL)
Tracked-On: #5029
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Fix XHCI_GET_SLOT macro check slot valid function, when the
slot value is bigger than XHCI_MAX_SLOT set the slot value
to zero.
Tracked-On: #4711
Signed-off-by: Long Liu <long.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
This patch does the following,
1. Fix an explicit interface name check for tapX preventing
any other interface name like kata_tap to be setup.
2. Add support for macvtap interface.
3. Identify macvtap vs tap interface and
if it is macvtap, identify character device (/dev/tapXX)
to be used.
Tracked-On: #4945
Signed-off-by: Vijay Dhanraj <vijay.dhanraj@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
The way of passing DSM address on TGL is the same with on EHL.
Adding these code to support GVT-d on TGL.
Tracked-On: #5020
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Acked-by: Yu Wang yu1.wang@intel.com
Due to there is no inter-vm communication shared memory management
module, so each acrn-dm will call shm_unlink when VM rebooting/shutdown.
It causes one issue that if one of the two VMs is rebooting/shutdown,
the VM can't communicate with the peer again.
Currently, we don't release the shared memory to fix this issue.
Tracked-On: #4853
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
New option "vmsix_on_msi,<bar_id>" is added to specify the passthrough
device needs vMSI-X emulation based on MSI capability.
If vMSI-X on MSI emulation is needed, a virtual BAR will be allocated.
Also, fix a logic error on when to setup INTx.
Tracked-On: #4831
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
From xHCI spec 4.5.3.2, the only command that software is
allowed to issue for the slot in disabled state is the Enable
Slot Command. Drop other commands in command handle function.
Tracked-On: #4711
Signed-off-by: Long Liu <long.liu@intel.com>
Reviewed-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
The shared memory will be created when a post-launched VM which
specified ivshmem v1 device starts, the same shared memory name
will only create a shared memory region.
The shared memory will be removed when all post-launched VMs
that opened it close the shared memory object.
v2: Support one post-launched VM can configure multiple ivshmem
devices
Tracked-On: #4853
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Support shared memory based inter-vm communication for ACRN
post-launched VMs. The ivshmem mediator emulates one standard
PCI device which expose the shared memory region through its BAR2.
The shared memory region is allocated through Linux shm mechanism and
post-launched VM needs to specify the shm name and size as the acrn-dm
parameter, the VMs have same shm name parameter can communicate over
the shared memory.
For first stage, only support shared memory. Consider to support
notification(interrupt) in future.
To add a ivshmem device in device model, the usage as below
-s N,ivshmem,shm_name,shm_size
v2: Implement the ivshmem MMIO registers emulation
v3: Refine code style
Add ivshmem device usage
Refine MMIO register return value
v4: Refine comments
Use logger interfaces to print logs
Tracked-On: #4853
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Currently the class type of igd_lpc bridge PCI device is not initialized.
In such case the guest driver doesn't detect the platform correctly when it
is in GVT-d mode. Then the linux i915 driver can't work.
Tracked-On: #4745
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
Currently the DM will return the passthrough device to SOS when the DM
needs to be terminated. But the device is not reset. In such case it
will cause the garbage display issue when the GPU passthrough device
is returned.
Tracked-On: #4719
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
add logs for vm state transition to help
analyze some problems.
Tracked-On: #4098
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
EHL graphics data stolen memory(DSM) info has diff with KBL/WHL,
which includes two parts:
(1) DSM register location in pci config: on KBL/WHL, the register
locates on 0X5C, while on EHL, the register locates on 0xC0.
(2) DSM address length: On KBL/WHL,
DSM addr has 32 bits, while on EHL,DSM addr has 64 bits.
Here, refine graphics data stolen memory passthru to enable GVT-d on EHL platforms.
v3 -> v4:
* add MICRO INTEL_ELKHARTLAKE
v2 -> v3:
* refine discription,MICRO name
* refine code style
v1 -> v2:
* add callback functions for scalability
Tracked-On: projectacrn#4700
Signed-off-by: Junming Liu <junming.liu@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Liu XinYun <xinyun.liu@intel.com>
Reviewed-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Pack GPU DSM(Data Stolen Memory) and Opregion related operations
into function passthru_gpu_dsm_opregion to avoid passthru_init too mess.
Tracked-On: #4700
Signed-off-by: Junming Liu <junming.liu@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Liu XinYun <xinyun.liu@intel.com>
Reviewed-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
"gsm" term is not precise to describe GPU stolen memory,
It should be "dsm", which acronyms for data stolen memory.
Tracked-On: #4700
Signed-off-by: Junming Liu <junming.liu@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Liu XinYun <xinyun.liu@intel.com>
Reviewed-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
previous patch fails to align SUBVID, SUBDID of igd-lpc with physical one.
this patch corrects the errors and refine the code.
Tracked-On: #4405
Signed-off-by: Junming Liu <junming.liu@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
There're some PCI devices need special handler for vendor-specical feature or
capability CFG access. The Intel GPU is one of them. In order to keep the ACRN-HV
clean, we want to throw the qurik part of PCI CFG asccess to DM to handle.
To achieve this, we implement per-device policy base on whether it needs quirk handler
for a VM: each device could configure as "quirk pass through device" or not. For a
"quirk pass through device", we will handle the general part in HV and the quirk part
in DM. For a non "quirk pass through device", we will handle all the part in HV.
Tracked-On: #4371
Signed-off-by: Li Fei1 <fei1.li@intel.com>
In order to add GVT-D support, we need pass through stolen memory and opregion memroy
to the post-launched VM. To implement this, we first reserve the GPA for stolen memory
and opregion memory through post-launched VM e820 table. Then we would build EPT mapping
between the GPA and the stolen memory and opregion memory real HPA. The last, we need to
return the GPA to post-launched VM if it wants to read the stolen memory and opregion
memory address and prevent post-launched VM to write the stolen memory and opregion memory
address register for now.
We do the GPA reserve and GPA to HPA EPT mapping in ACRN-DM and the stolen memory and
opregion memory CFG space register access emulation in ACRN-HV.
Tracked-On: #4371
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Let the ACRN HV to do this in shutdown sequence. In this case, the RTVM could be
still alive if something wrong happened to cause the DM died.
Tracked-On: #4428
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Since this callback is only useful for pass through PCIe device and now pass through
PCIe device emulation has splited from DM to HV. we could remove this callback now.
Tracked-On: #4371
Signed-off-by: Li Fei1 <fei1.li@intel.com>
SOS should not access the physical PCI device which is assigned to other guest.
Tracked-On: #4371
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now we split passthrough PCI device from DM to HV, we could remove all the passthrough
PCI device unused code.
Tracked-On: #4371
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In this case, we could handle all the passthrough PCI devices in ACRN hypervisor.
But we still need DM to initialize BAR resources and Intx for passthrough PCI
device for post-launched VM since these informations should been filled into
ACPI tables. So
1. we add a HC vm_assign_pcidev to pass the extra informations to replace the old
vm_assign_ptdev.
2. we saso remove HC vm_set_ptdev_msix_info since it could been setted by the post-launched
VM now same as SOS.
3. remove vm_map_ptdev_mmio call for PTDev in DM since ACRN hypervisor will handle these
BAR access.
4. the most important thing is to trap PCI configure space access for PTDev in HV for
post-launched VM and bypass the virtual PCI device configure space access to DM.
This patch doesn't do the clean work. Will do it in the next patch.
Tracked-On: #4371
Signed-off-by: Li Fei1 <fei1.li@intel.com>
