enhance Makefile to compile debug/release into 2 libraries
v1 -> v2:
* auto make all the libraries
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
remove the usage of HV_DEBUG in hypercall.c and vmcall.c
TO-DO:
Enhance Makefile to compile debug/release into 2 libraries
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
CSE FW uses an AEK (Attestation keybox Encryption Key) to encrypt the keybox
with AES-256-GCM algorithm before sending it to Android/Trusty. This key is
derived from the latest platform Seed by CSE FW with KDF (key derivation function)
HMAC-SHA256. After Trusty retrieves this encrypted keybox over HECI/MEI driver,
Trusty needs the same AEKkey to decrypt it. Hence, before Trusty launches,
Hypervisor derives the same AEK key from Platform Seed with the same algorithm
and the same derivation parameters, then sends this AEK along with Trusty vSeed
to Trusty world memory.
Since Platform Seed is only visible to Hypervisor and it must not be
sent to any guest VM, only Hypervisor can derive this AEK from this
Platform Seed, just like previous per-Trusty virtual Seed derivation.
Please note that Android Attestation Keybox is shared in a single hardware
platform, so all the Trusty instance/world can get the same AEK for
decryption even if there are multiple Android User OS/VMs running
on top of Hypervisor.
v1 --> v2:
Add detailed description why we need the patch to derive an extra key
v2 --> v3:
Convert API descriptions to Doxygen
Tracked-On: #1812
Reviewed-by: Bing Zhu <bing.zhu@intel.com>
Reviewed-by: Kai Wang <kai.z.wang@intel.com>
Signed-off-by: Chen Gang G <gang.g.chen@intel.com>
Acked-by: Bing Zhu <bing.zhu@intel.com>
Add static paging table allocation API for hypervisor.
Note: must configure PLATFORM_RAM_SIZE and PLATFORM_MMIO_SIZE exactly as the platform.
Rename RAM_START/RAM_SIZE to HV_RAM_START/HV_RAM_SIZE for HV.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Instead of using the ACPI info template in the source tree, this patch requires
a board-specific ACPI info header to be created by the user and placed under
bsp/include. Currently we'll fall back to the current platform-specific template
if such board-specific info is not available.
A configuration symbol ACPI_ENFORCE_VALIDATED_ACPI_INFO is also added to enforce
the existance of board-specific ACPI info header. Default configurations can set
this symbol if the template does not work on a board.
Updates to the getting started guide will be updated accordingly after the
offline tools to generate such header is available.
v2 -> v3:
* Rephrase the ACPI-info-related messages.
v1 -> v2:
* The generated header should depend on .config so that whenever any
configuration changes, this header will be remade.
Tracked-On: #1520
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Reviewed-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Emulate MSI Capability structure for vm0 in sharing mode:
- it intercepts the IO requests for MSI Capability structure, emulates
the Message Control word, and bypasses all other I/O requests to the
physical device.
- criteria to trigger MSI remapping: MSI Enable bit is being changed,
Message Data/Addr is being changed when MSI Enable is set.
Tracked-On: #1568
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Don't have any logical changes.
- add more common PCI macros
- remove redundant definitions in dmar_parse.c
- move all the common mascos from vpci.h to pci.h
Tracked-On: #1568
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This patch adds support to sep/socwatch profiling
Adds 2 new files include/arch/x86/profiling.h and arch/x86/profiling.c
which contains most of the implementation for profiling,most of the functions
in profiling.c have dummy implementation and will be implemented in next patches
a. cpu.c, Initial profiling setup is done as part of bsp_boot_post
and cpu_secondary_post flow
b. vmcall.c, New ioctl is added for performing profiling related
operations in vmcall_vmexit_handler
ioctl - HC_PROFILING_OPS
function - hcall_profiling_ops()
c. common/hypercall.c, hcall_profiling_ops() implementation.
d. hv_main.c, In vcpu_thread calling profiling related functions
to save vm context
e. acrn_hv_defs.h, list all the profiling command types
Tracked-On: projectacrn#1409
Acked-by: Eddie Dong <eddie.dong@intel.com>
Signed-off-by: Chinthapally, Manisha <manisha.chinthapally@intel.com>
- move the functions to access physical PCI configuration space from
pci_pt.c to the new file dm/hw/pci.c, so they can be accessed in
sharing mode as well. The new folder dm/hw is created in order to
move APIs talking to physical PCI devices out of dm/vpci.
- move the common vpci code from header file pci_priv.h to core.c.
- move file include/dm/vpci/vpci.h one level up. It seems the folder
include/dm/vpci is not necessary.
- This patch only moves code around, and doesn't make any logical
changes. Besides removes the static keyword from pci_pdev_read_cfg()
and pci_pdev_write_cfg()
Tracked-On: #1568
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- move most of the content of pci_priv.h to include/dm/pci.h.
This allows other code outside dm/vpci to be able to share these macros.
- code cleanup: fix alignments etc.
Tracked-On: #1568
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Replace platform_acpi_info.c with platform_acpi_info.h and define needed
host ACPI info in MACROs. Then the struct host_acpi_info is not needed
any more.
This header file should be generated by offline tool automatically;
Tracked-On: #1500
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ABL pass seed_lists to HV through different interface/structures.
So, in this patch, add interface to retrieve seed from ABL and refactor
the seed parsing logic.
Tracked-On: #1488
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Zhu Bing <bing.zhu@intel.com>
Let OBJS target depend on VERSION file instead of other targets like
install/all depending on it, since the version.h is being included in
.c files.
This fixes a following compilation issue:
| In file included from include/hv_debug.h:10,
| from include/hypervisor.h:37,
| from arch/x86/cpu.c:7:
| arch/x86/cpu.c: In function 'bsp_boot_post':
| arch/x86/cpu.c:453:4: error: 'HV_FULL_VERSION' undeclared...
Tracked-On: #1441
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Use genld.sh instead of config.h to generate link_ram.ld.
It can avoid the conflicts of the syntax between ld script and
C.
V1->V2:
change the deps name to config,
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
reviewed-by: Junjie Mao <junjie.mao@intel.com>
If defined CONFIG_VM0_DESC, HV will use predefined vm0_desc
to config VM0,now it is unneccessary, then remove these code.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Fix the compiler warning and turn on the flag to make
compiler warning as compiler error.
Tracked-On: #1343
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
- replace the usage of mdelay with udelay
- remove lib/mdelay.c
- rename udelay.c to misc.c
future other small APIs could put in misc.c
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- Fix the data type violations based on MISRA-C requirements
- Add '-fsigned-char' in Makefile to let the compiler treats 'char' be
signed, like 'signed char'.
Otherwise, the static checker treats 'char', 'signed char' and 'unsigned
char' as three different types.
- Fix some minor coding style issues, such as TAB issues, line over 80
characters issues and comments style
v1 -> v2:
* fix the violation regarding to 'fifo_getchar'
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
This patch adds code to support read-only RTC support for guests
run by partition mode ACRN. It supports RW for CMOS address port 0x70
and RO for CMOS data port 0x71. Reads to CMOS RAM offsets are fetched
by reading CMOS h/w directly and writes to CMOS offsets are discarded.
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Add two files to do compile time assert.
One is arch specific, and put in hypervisor/arch/x86/.
The other one is common, and put in hypervisor/common/.
If the statement is not true, there will be error during compile time.
The file will not increase the size of HV binary.
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- 'reboot.c' defines 'warm_reboot()' only, and this
function is deprecated.
- remove the eXecution attribute of 'mttr.h'
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
V3:
- Compiling in VCPI code for partition hypervisor
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Add code to save boot context, which is prepare by the bootloader or
BIOS, the context can be used to init sos vmcs, such as GDT, IDT,
segment selectors, control registers, ia32_efer. In this way, HV can
leverage the data structures built by bootloader or BIOS, without
creating them in HV.
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Originally, there is cross-references between instr_emul.h and instr_emul_wrapper.h.
User must include both of them when calling instruction emulation functions. This
will raise up some confusion and inconvenience.
So we rearrange the logic of instruction emulation code as following:
- External API -- defined in instr_emul.h
* decode_instruction(struct vcpu *vcpu)
* emulate_instruction(struct vcpu *vcpu)
- Make all other functions as static in instr_emul.c
- Remove instr_emul_wrapper.c/h
No functional change.
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
The formal solution has merged,revert this patch.
This reverts commit a9d04cc5ce.
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Softirq is not x86 architectural related.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Currently we reply on CONFIG_RELEASE=n to determine if a debug version should be
built. Though this holds due to the configuration overriding in kconfig.mk, this
only applies to make >= 3.82. For make 3.81, $(eval $(call xxx)) does not work
as expected, and thus CONFIG_RELEASE is undefined for debug builds.
Instead of checking CONFIG_RELEASE=n, this patch checks CONFIG_RELEASE=y
instead, which is guaranteed without relying on the behavior of $(eval $(call
xxx)).
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
fix integer type violations,keep some violations which
related to hypcall and msix_entry_index.
V1->V2:1.modified API_MAJOR_VERSION from Makefile
2.sync acrn_common.h changed to device model
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
With Kconfig, it would be common to rebuild the hypervisor with a few
configuration symbols changed. But for a proper rebuild, users are required to
execute ''make clean'' first, which deletes the configuration file at all.
This patch leverages the compiler to generate a target that add involved headers
as dependencies to a specific file. Any change to a header will now trigger the
rebuilding of related sources properly.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
commit ia23549aa915e7dc2c ("build: make relocation-related code
configurable") adds CONFIG_RELOC to make relocation configurable
This patch corrects the behavior when CONFIG_RELOC is disabled
- Don't use "CFLAGS += -fpie" and put back "LDFLAGS += -static"
- __emalloc(): forced to allocate exactly the asked address, which is
CONFIG_RAM_START
This patch drops the following useless files in the hypervisor:
* bsp/*/include/: After commit c849bff850 ("HV: config: adapt to the generated
config.h") these headers are obsolete for configuration. Drop the directories
and move the generated version.h under $(HV_OBJDIR)/include.
* all_header.c: This is a temporary file for checking violations in headers,
which is accidentally checked in by commit 3956ce1596 ("HV: io: spell out
explicit narrowing of integers").
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The relocation feature relies on the ld option "-z noreloc-overflow" which is
only available for binutils >= 2.27, while on Ubuntu 16.04 or older the default
version of binutils is 2.26.
This patch wraps the relocation code with a configurable macro and make it
undefined by default to avoid default build failures.
NOTE: This is just a hotfix. The code dropped with undefined CONFIG_RELOC needs
to be reviewed by the original author of this feature. Checks to the binutils
version will also follow up.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Build and link hypervisor with "-pie" and remove static linking so that
it generates .rela sections for relocation
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Yin fengwei <fengwei.yin@intel.com>
For UEFI boot, currently EFI application loads hypervisor to the
hard coded COMNFIG_RAM_START, which may cause it fail to boot if
this address is not available in the target.
This patch series resolve this issue by allocating memory for hypervisor
at run time, and do relocation fixup if the allocated address is
different from the base address that the hypervisor is built.
The summary of the first patch [1/6] in this series:
In x86_64 ELF, .rela sections hold information of symbols which must be
relocated before being referenced.
This patch adds code to fixup .rela sections with the relocated offset,
also, it provides utilities to assist address fixup
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
* introduce EXTRA_VERSION to replace RC_VERSION
* add daily tag into the version information
* unify the hypervisor and device model version
Signed-off-by: Jack Ren <jack.ren@intel.com>
Some build environment might has no USER pre-defined. So use id tool to
get builder username instead of USER environemnt.
Also add a version cleanup for tools to keep them updated.
Signed-off-by: Shuo Liu <shuo.a.liu@intel.com>
Acked-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
The S3 enter lowlevel routine saves the cpu context to memory
and enter S3 state
The S3 wakeup lowlevel routine restore cpu context and return.
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
To make the file structure clearer, change the file names:
- rename arch/x86/interrupt.c to virq.c, for the virtual irq relavant code,
such as irq injection etc;
- merge arch/x86/intr_main.c into arch/x86/irq.c;
- rename arch/x86/intr_lapic.c to lapic.c
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
For hypervisor, we initliaze the flags used in build command
to empty to avoid flags set in default env impact to hypervisor
build.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: VanCutsem Geoffroy <geoffroy.vancutsem@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Move common stuff, like ptdev entry and softirq, to new ptdev.c
Signed-off-by: Edwin Zhai <edwin.zhai@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch introduces a configuration symbol RELEASE for managing debug/release
build in a similar way to how we manage PLATFORM.
Note:
1. 'make defconfig RELEASE=1' will still use the CONFIG_RELEASE defined in the
default configuration. The 'RELEASE=1' option has no effect in this case.
2. 'make RELEASE=1' is backward-compatible and enforces a release version to be
built.
v1 -> v2:
* Pass RELEASE instead of CONFIG_RELEASE to silentoldconfig.py to avoid
unintended overriding of the value.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Geoffroy VanCutsem <geoffroy.vancutsem@intel.com>
Since .config has PLATFORM now, it is expected that the PLATFORM= command line
option is no longer necessary as long as a proper .config exists.
This patch implements this expectation. Now the platform to be selected is
determined by the following steps.
1. If PLATFORM= is provided on the command line, the specified value is
used.
2. If there is no PLATFORM= on the command line and PLATFORM is defined in
config.mk, its value is used.
3. If neither PLATFORM= on the command line nor config.mk is available, a
predefined default value is used.
v1 -> v2:
* 'make oldconfig' should not pass CONFIG_xxx to the script since config.mk
can be out-dated.
* Change the default value of PLATFORM to SBL for backward compatibility of
'make all'.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Geoffroy VanCutsem <geoffroy.vancutsem@intel.com>
The current implementation of the check_dep_* macros always append the
prerequisite checking target to BUILD_DEPS, but there are some cases when some
prerequisites are only necessary for some specific targets instead of general
builds.
This patch adds a second parameter to the check_dep_* macros specifying which
variable the generated target should be appended to.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Geoffroy VanCutsem <geoffroy.vancutsem@intel.com>
Before checking any given target, make has an additional phase to check if any
included makefile should be updated. This patch enforces running oldconfig in
this phase to update .config and config.mk (if necessary). This ensures that
make gets the correct configurations when executing the given target.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Geoffroy VanCutsem <geoffroy.vancutsem@intel.com>
Now, we only add native msr save/restore functions. The native power
related functions will be put to this file.
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
On some occations HV operates relying on host acpi info, we can use a
c file to store this data. The data could be hardcoded or use offline
tool that run on target first and then generate the file automatically.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch drops "#include <bsp_cfg.h>" and include the generated config.h in
CFLAGS for the configuration data.
Also make sure that all configuration data have the 'CONFIG_' prefix.
v4 -> v5:
* No changes.
v3 -> v4:
* Add '-include config.h' to hypervisor/bsp/uefi/efi/Makefile.
* Update comments mentioning bsp_cfg.h.
v2 -> v3:
* Include config.h on the command line instead of in any header or source to
avoid including config.h multiple times.
* Add config.h as an additional dependency for source compilation.
v1 -> v2:
* No changes.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
This patch implements the following targets as an includable .mk to the make
system of the hypervisor.
make defconfig PLATFORM=xx:
force (re)generating the default configuration for xx
make oldconfig PLATFORM=xx:
generate a configuration for platform xx based on .config if available
make minimalconfig
save a minimized .config to defconfig
The default target (make all) will generate a default configuration if no
.config is available.
The values defined in .config are available in the toplevel Makefile after
kconfig/kconfig.mk is included.
v4 -> v5:
* Add minimalconfig for generating default configs.
v3 -> v4:
* No changes.
v2 -> v3:
* "make defconfig" now correctly overwrite an existing .config.
* Add short descriptions on where each target is supposed to be used.
v1 -> v2:
* Add proper dependency checks in the Makefile of hypervisor.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
We will reuse this part of code for:
- AP bootup
- BSP wakeup from S3
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
Linux commit edfe63ec97ed ("x86/mtrr: Fix Xorg crashes in Qemu sessions")
disables PAT feature if MTRR is not enabled. This patch does partial
emulation of MTRR to prevent this from happening: enable fixed-range
MTRRs and disable virable range MTRRs
By default IA32_PAT MSR (SDM Vol3 11.12.4, Table 11-12) doesn't include
'WC' type. If MTRR is disabled from the guests, Linux doesn't allow
writing IA32_PAT MSR so WC type can't be enabled. This creates some
performance issues for certian applications that rely on WC memory type.
Implementation summary:
- Enable MTRR feature: MTRRdefType.E=1
- Enable fixed range MTRRs: MTRRCAP.fix=1, MTRRdefType.FE=1
- For simplicity, disable variable range MTRRs: MTRRCAP.vcnt=0.
It's expected that this bit is honored by the guests and they won't
change the guest memory type through variable MTRRs.
Signed-off-by: bliu11 <baohong.liu@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Retrieve dseed from SeedList HOB(Hand-Off-Block).
SBL passes SeedList HOB to ACRN by MBI modules.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Reviewed-by: Zhu Bing <bing.zhu@intel.com>
Reviewed-by: Wang Kai <kai.z.wang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add a target in the make file to install the 32bit ELF acrn binary
and rename to acrn.sbl
Suggested-by: Arzhan Kinzhalin <arzhan.i.kinzhalin@intel.com>
Signed-off-by: Miguel Bernal Marin <miguel.bernal.marin@linux.intel.com>
boot/multiboot.c is only used by SBL. So move it to boot/sbl.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
Changes:
1. Move io request related functions from hypercall.c to io_request.c
since they are not hypercalls;
2. Remove acrn_insert_request_nowait() as it is never used;
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Remove tinycrypt files:
Currently, hkdf_sha256 (based on Tinycrypt) is used by Trusty seed
derivation. And we plan to remove Tinycrypt from ACRN hypervisor
now, and replace it with another crypto lib in the future.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Reviewed-by: Zhu Bing <bing.zhu@intel.com>
Reviewed-by: Wang Kai <kai.z.wang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Remove 'license_header' files that were located in hypervisor/ and
devicemodel/ and used by the respective Makefiles to build the
'include/version.h' header file.
Both Makefiles were adjusted to use the top-level LICENSE file
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Move all mem operations functions into a single
source code file, instead of the various source
code files that just implement a single or few
funtion.
No functional change.
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Move all string operations functions into a single
source code file, instead of the various source
code files that just implement a single or few
function.
No functional change.
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now the -O0 option is used. In such case the code is not optimized.
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
FPU/SSE is not supported in HV. Otherwise it is possible that the
SSE/FPU register is used under -O2 option.
So the gcc option is added to disable them.
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now two flags can be used to control the optimizatin option. So unify them
and only one flag can be used to config the optimization
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- Add "DBG" or "REL" to indicate the DBG build or REL build explicityly;
- Change the build time format to "%F %T".
Example:
HV version 0.1-rc4-2018-04-28 14:20:32-b2d7282-dirty DBG build by like
Change-Id: Ib410064b0a6603e3c90f30dffa722237c07fc069
Signed-off-by: Yan, Like <like.yan@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Split pm.c from cpu_state_tbl.c to put guest power management related
functions, keep cpu_state_tbl.c to store host cpu state table and
related functions.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
The patch takes Intel ATOM A3960 as example that hard code all Px info
which is needed for Px control into Acrn HV and load it in boot process.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
For trusty bring-up, key_info is needed.
Currently, bootloader did not transfer key_info to hypervisor.
So in this patch, use dummy key_info temporarily.
Derive vSeed from dSeed before trusty startup, the vSeed will
bind with UUID of each VM.
Remove key_info from sworld_control structure.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
For ARM, The SMC instruction is used to generate a synchronous
exception that is handled by Secure Monitor code running in EL3.
In the ARM architecture, synchronous control is transferred between
the normal Non-secure state and the Secure state through Secure
Monitor Call exceptions. SMC exceptions are generated by the SMC
instruction, and handled by the Secure Monitor.The operation of
the Secure Monitor is determined by the parameters that are passed
in through registers.
For ACRN, Hypervisor will simulate SMC by hypercall to switch vCPU
State between Normal World and Secure World.
There are 4 registers(RDI, RSI, RDX, RBX) reserved for paramters
passing between Normal World and Secure World.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
replace "=" with "?=", if variable is defined, don't redefine.
replace POSTLD with OBJCOPY
fix the variable LD assignment
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
microcode update from UOS is disabled.
microcode version checking is available for both SOS and UOS.
There are two TODOs of this patch:
1. This patch only update the uCode on pCPUs SOS owned. For the
pCPUs not owned by SOS, the uCode is not updated. To handle
this gap, we will have SOS own all pCPUs at boot time. So
all pCPUs could have uCode updated. This will be handled
in the patch to enable SOS own all pCPUs at boot time.
2. gva2gpa now doesn't check possible page table walk failure.
Will add the failure check in gva2gpa in different patch.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Reviewed-by: Anthony Xu (anthony.xu@intel.com)
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Tian, Kevin <kevin.tian@intel.com>
1. refine multiboot related code, move to /boot.
2. firmware files and ramdisk can be stitched in iasImage;
and they will be loaded as multiboot modules.
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
This patch is prepared for enabling secure world feature.
this api will create new eptp for secure world, whose PDPT
entries are copied form normal world,the PML4/PDPT for secure
world are separated from Normal World, PD/PT are shared in the
Secure World's EPT and Normal World's EPT.Secure world can
access Normal World's memory, but Normal World can not access
Secure World's memory
This function implemented:
-- Unmap specific memory from guest ept mapping
-- Copy PDPT from Normal world to Secure world
-- Map specific memory for Secure world
-- Unmap specific memory from SOS ept mapping
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
"-O2 -D_FORTIFY_SOURCE=2":
GCC C-Compiler can analyze the source code to be compiled and detect
certain insecure sections, that might create a security problem. The
compiler will replace the insecure function calls with special hardened
code that will perform extra runtime checks while the process is
executed.
"-Wformat -Wformat-security":
It warns about calls to "printf" and "scanf" functions where the format
string is not a string literal and there are no format arguments, as in
"printf (foo);". This may be a security hole if the format string came
from untrusted input and contains %n.
Tracked-On: 224003
Signed-off-by: wenshelx <wenshengx.wang@intel.com>