Current code enables IOMMU from init_iommu_vm0_domain which is called
from vm0/sos boot sequence. For partition mode VMs, this is not called as
VMs are numbered from 1.
This patch adds support to initialize root table pointer for each IOMMU
and enable all IOMMUs from init_iommu. Hence IOMMUs are enabled even
though ACRN does not boot vm0.
This patch also has changes to fix#1270.
Tracked-On: #1246#1270
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Some code has switch fallthrough cases, it causes some warning during
compiling. Adding a comment can quiet it.
Tracked-On:#1260
Signed-off-by: Chaohong Guo <chaohong.guo@intel.com>
Acked-by: Gen Zheng <gen.zheng@intel.com>
Due to the last patches, some funcs in malloc.c and stdlib.h files for
EFI stub module are no longer used. This commit just removes them, no
other changes is being introduced. The funcs are:
emalloc/efree, calloc/malloc/free, strstr/strdup
Tracked-On:#1260
Signed-off-by: Chaohong Guo <chaohong.guo@intel.com>
Ackedr-by: Gen Zheng <gen.zheng@intel.com>
emalloc() is called only by construct_mbi() during creating e820 mmap
layout. The switching has two benefits: first, UEFI FW might keep some
memory in pool, unlike call to emalloc(), call to allocate_pool() might
have no impact on e820 mmap; on the other hand, we can remove emalloc()
routine after this switching.
Tracked-On:#1260
Signed-off-by: Chaohong Guo <chaohong.guo@intel.com>
Reviewed-by: Anthony Xu <Anthony.Xu@intel.com>
Acked-by: Gen Zheng <gen.zheng@intel.com>
To reduce the call to dynamic memory allocation, the patch tries to
alloate memroy together with hypervisor when hypervisor is being
relocated by efi stub code. The memory allocated will be right at the
end of HV memory. Three structs will be done in this way: 1) boot_ctx,
which saves EFI boot state and is passed to SOS; 2) multiboot_info,
faked multi-boot header for passing boot info to hypervisor; and 3)
multiboot_mmap, e820 mmap structure.
after this, the EFI stub code (which boot hypervisor) will only have 3
to dynamic memory:
1. the call for hv binary and the 3 struct;
2. the call to CPU boot trampoline code;
3. the call to alloc mmap buf when inquery memory layout from UEFI FW;
Tracked-On:#1260
Signed-off-by: Chaohong Guo <chaohong.guo@intel.com>
Reviewed-by: Jason Chen <jason.cj.chen@intel.com>
Reviewed-by: Anthony Xu <Anthony.Xu@intel.com>
Reviewed-by: Eddie Dong <Eddid.Dong@intel.com>
Acked-by: Gen Zheng <gen.zheng@intel.com>
UEFI provides the func allocate_pages() with the option of AllocateAddress
and AllocateMaxAddress to allocate memory at fixed address or below the
specified address respectively. Make use of the interface, simplify the
memory allocation for hyperivosr when CONFIG_RELOC is enabled.
Tracked-On:#1260
Signed-off-by: Chaohong Guo <chaohong.guo@intel.com>
Reviewedd-by: Anthony Xu <Anthony.Xu@intel.com>
Acked-by: Gen Zheng <gen.zheng@intel.com>
CPU boot binary need to reside in the memory below 1MB. UEFI firmware
does provide that functionality to limit the highest physical addr of
allocated memory. we just call the right UEFI API and no longer do it
in EFI stub code.
Tracked-On:#1260
Signed-off-by: Chaohong Guo <chaohong.guo@intel.com>
Reviewed-by: Jason Chen <jason.cj.chen@intel.com>
Acked-by: Gen Zheng <gen.zheng@intel.com>
Reviewed-by: Anthony Xu <Anthony.Xu@intel.com>
Logically, out-of-range access won't happen at these places. However, it
depends on the behaviour of other codes.
This commit makes changes to explicitly eliminate the possibility in these
functions.
Tracked-On: #1235
Signed-off-by: Yan, Like <like.yan@intel.com>
- use sizeof(struct lapic_regs),instead of arbitrary size
to lear 'apic_page' memory region in vlapic.c
- fix potential buffer overflow issues in vpic.c & ioapic.c
Tracked-On: #1252
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
These MACROs are never used by current code so remove it. The needed APIC
info is defined in other files with other MACROs.
We will unify kinds of APIC info definition in one place soon.
Tracked-On: #1274
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add acpi_fixup() api in bsp that can override platform ACPI info when
do init_bsp(), this is useful when platform bootloader is not lock
down before production.
In current code only the wake vector addresses would be parsed after
boot and then override to host_acpi_info, we can add more in furture
based on our needs.
Tracked-On: #1264
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Per ACPI spec, there are two fundamental types of ACPI tables:
Tables that contain AML code produced from the ACPI Source Language (ASL).
These include the DSDT, any SSDTs, and sometimes OEM-specific tables (OEMx).
Tables that contain simple data and no AML byte code. These types of tables
are known as ACPI Data Tables. They include tables such as the FADT, MADT,
ECDT, SRAT, etc. -essentially any table other than a DSDT or SSDT.
The second type of table, the ACPI Data Table, could be parsed here.
If Kconfig of CONSTANT_ACPI is set to yes, this parser is not needed.
Tracked-On: #1264
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
If CONFIG_CONSTANT_ACPI is true, then the value in host_acpi_info structure
is constant. Otherwise the host_acpi_info value could be overrided.
This is useful when platform ACPI table value is not fixed in Bootloader
before production.
In production release, this config should be set to yes.
Tracked-On: #1264
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRAC has requirement about implict conversion: actual to formal
param. This patch is used to fix part of these violations.
1.Add a new structure seg_desc_vmcs to hold the VMCS field address of
segment selector to clean up seg_desc structure.
2.Add the definition of maximum MSI entry and the relevant judgement.
3.The violations in shell.c, logmsg.c will be fixed in other series of
patches with modification of function snprintf(), vsnprintf() and other
related usages.
v1->v2:
*Move the definition of struct seg_desc_vmcs from instr_emul.h to
instr_emul.c.
*Modify the formal parameter type in function definition from uint8_t
to char instead of using cast.
*Drop the const declaration for char data in formal parameter.
v2->v3:
*update the data missing conversion.
*change type of internal parameter len to avoid casting in npklog.c.
*change the conversion from signed char to unsigned int in
uart16550_getc() to solve sign-extension.
Tracked-On: #861
Signed-off-by: Junjun Shan <junjun.shan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA-C states that redundant macros reduce the maintainability of code.
In some cases, we would like to keep the current unused macros for code
completeness, such as cpu registers. These macros might be used later.
This patch removes some unused macros that is not critical for code
completeness.
v1 -> v2:
* Keep TRUSTY_VERSION in trusty.c.
Yadong will cook another patch which will utilize TRUSTY_VERSION.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In the current hypervisor hypercall, first all vcpu is
allocated to SOS, vcpu's vm field is initialized to vm0.
When the vcpu is offlined, vcpu will be paused and vcpu's
vm field is set as NULL by DM. When UOS is created, vcpu's
vm field is set as UOS's vm. So when vmcall_vmexit_handler
is invoked, vcpu's vm filed is always non-NULL.
error checking for vm pointer is done in the function
"vmcall_vmexit_handler", vmcall_vmexit_handler will
guarantee that vm is vm0.
So all hypercall functions (these functions is just for handler
hypercall, except vmcall_vmexit_handler) don't need to check
whether invoking vm is NULL and don't need to check whether
invoking vm is vm0 or not.
Remove related invoking vm error checking for hypercall handling.
V1 --> V2:
Add pre-condition for hypercall in the head file.
V2 --> V3:
Add pre-condition for copy_from_gpa and copy_to_gpa.
V3 --> V4:
Add pre-condition both in the head file and source file.
Tracked-On:#1258
Signed-off-by: Xiangyang Wu <xiangyang.wu@linux.intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Current code enables IOMMU from init_iommu_vm0_domain which is called
from vm0/sos boot sequence. For partition mode VMs, this is not called as
VMs are numbered from 1.
This patch adds support to initialize root table pointer for each IOMMU
and enable all IOMMUs from init_iommu. Hence IOMMUs are enabled even
though ACRN does not boot vm0.
Tracked-On: #1246
Signed-off-by: Sainath Grandhi sainath.grandhi@intel.com
In current code of suspend_iommu/resume_iommu, there is potential buffer overflow
according to the code.
This patch put the buffer to struct dmar_drhd_rt, so that no need to access the buffer
via index.
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Tracked-On: #1252
Acked-by: Eddie Dong <eddie.dong@intel.com>
Delete the dead code get_irq_info(), local_get_irq_info() in io_request.c
and definition in guest.h.
v1->v2
*the dead code used pointers which not checked before use, therefore it
causes "pointer not checked for null before use". To make it clearly,
modify the subject to "delete the dead code" directly.
*remove dead code local_get_irq_info() in io_request.c and definition
in guest.h together.
Tracked-On: #861
Signed-off-by: Junjun Shan <junjun.shan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In ACRN hypervisor, u/int64_t is defined as unsigned/ long.
It's nature to use %l to print it. But current printf use
%l to print int and only use %ll for long.
This patch fix it by treat long and long long same for printf.
Tracked-On: #1230
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The vie->opcode should be updated when decode_two_byte_opcode(),
otherwise for two bytes opcode emulate(movzx/movsx) will fail.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
- move the contents in macros.h and stdarg.h to util.h
- remove macros.h and stdarg.h
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRAC has requirements about literal value requires a U suffix and
signed/unsigned conversion with cast. This patch is used to solve
these violations.
v1->v2
*Drop the cast of sz from uint32_t to int32_t, the signed/unsigned
violation of nchars will be solved by other patch together with
printf/sprintf/console/vuart/uart code.
*Delete the unnecessary L suffix of shifting operand.
Tracked-On: #861
Signed-off-by: Junjun Shan <junjun.shan@intel.com>
Reviewed by: Junjie Mao <junjie.mao@intel.com>
in local_set_vm_memory_region, hpa is not used for MR_DEL, and it does
not need check HV memory overlap for a MR_DEL operation.
this is a bug exposed by remapping SOS first page, as the remap page whose
gpa = 0 actually fall into HV memory area; while during MR_DEL, the input
param vm0_gpa is set to 0 by default.
Tracked-On: #1124
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
According to SDM 4.6 Access Rights definition, if SMAP/SMEP
is enabled, more conditions are used to decide the access rights
like SMAP/SMEP, EFLAGS.AC, R/W bit in every paging-structure entry
for page walking.
This patch add the check to guest page walking function and inject
page fault accordingly.
Tracked-On: #1207
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The current movs emulation has issues:
1. it use gva to get/put data.
2. it only support src and dst operand are memory which does not
apply to our case (one of them should be mmio and triggers
EPT voilation).
This patch fix the issue by:
1. convert the address from gva to hva before access it.
2. handle mmio emulation.
Also fix the issue introduced by previous instruction reshuffle
patchset:
1. the desc validation should be only applied to none-64bit mode.
2. gva2gpa should be given correct guest virtual address.
Specailly for movs, we cache the dst gpa if the check during
movs decoding success. And use it directly during movs
emulation.
Tracked-On: #1207
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Tested-by: Qi Yadong <yadog.qi@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
- replace the usage of mdelay with udelay
- remove lib/mdelay.c
- rename udelay.c to misc.c
future other small APIs could put in misc.c
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
-- update 'vlapic' in 'struct vcpu_arch' from pointer
to instance
-- add inline function(vcpu_vlapic) in vcpu.h
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
It has been defined in 'struct vcpu_arch'
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
move structure vlapic_pir_desc/vlapic_timer/
acrn_vlapic from vlapic_priv.h to vlapic.h
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Replace pointer with static memory for apicv_apic_access_addr
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Replace pointer with static memory for msr_bitmap
inside structure vm_arch.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Replace vmcs pointer with static memory for vmcs region
inside structure vcpu_arch.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MRB bootloader is switched to ABL ver 1820HF1_release, so change platform
acpi info accordingly to support system S3.
Tracked-On: #1196
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In function start_cpus, we allocated memory under 1M when
preparing AP trampoline code.
With S3 feature enabled, start_cpus is called every time after
ACRN resume from S3 which leaks the allocated memory for AP
trampoline code.
To avoid memory leak, move the AP trampoline preparing function
out of start_cpus to make sure the memory for AP trampoline is
only allocated one time when system boot.
Tracked-On: #1156
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Zide Chen <zide.chen@intel.com>
- convert function like macros to inline functions based on MISRA-C
requirement
- remove some unused and duplicated macros
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
as SOS mapped all memory at the beginning, so trap vlapic need unmap its
memory; for UOS, there is no need as UOS never mapped it.
Tracked-On: #1124
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
error message for "read" or "write" was incorrect.
for developers, we just need print out direction & type value.
Tracked-On: #875
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
