int snprintf(char *str, size_t size, const char *format, ...)
The functions snprintf() write at most size bytes (including the
terminating null byte('\0')) to str.
only when returned value of snprintf is non-negative and less than size,
the string has been completely written.
Tracked-On: #4087
Signed-off-by: Gao Junhao <junhao.gao@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
In function crb_reg_write() in tpm_rbc.c
'tpm_vdev->request_mutex' will potentially kept
in locked state after crb_reg_write() returns.
Tracked-On: #4086
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Yadong Qi <yadong.qi@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
In acrn_load_elf(), file pointer 'fp' is kept in
open state before exiting if 'load_elf32()' is executed,
this patch is to fix this bug.
Tracked-On: #4085
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
In release environment, binary files must be stripped in
order to remove debugging code sections and symbol information
that aid attackers in the process of disassembly and reverse
engineering.
Use '-s' linking option to remove symbol table and relocation
information from release binaries.
Tracked-On: #3427
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
va_end() was not getting called under certain condition
after the va_start() function call taking the va_list.
Tracked-On: #3396
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
This patch is to fix some potential memory leak issues
1, free mrp if the mmio_rb_lookup() function return 0;
2, free memory allocated by strdup in some error case handling.
Tracked-On: #3277
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Use strncpy instead of strcpy to avoid buf overflow.
Fix strncpy null-terminated issues.
Tracked-On: #3245
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
With latest gcc, there are build error with current ACRN code.
Fixing could involve many code changes. We use gcc option to
remove build error as temperary workaround. And will fix the
build error one by one.
Tracked-On: #3010
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
When acrn-dm is started by acrnd as a background process, STDIN is
redirected to journal. In this case mevent_add cannot be called on
the fd of STDIN.
Tracked-On: #2998
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Per debugging requirement, map the watchdog reset to warm reset.
So the ramconsole could be used to capture the kernel log of UOS
before watchdog is hit.
Tracked-On: #2471
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Update PCIR_SUBDEV_0 and PCIR_REVID in PCI configuration space to adapt
windows virtio-input driver. Otherwise virtio-input driver on Windows
will not be loaded correctly.
Tracked-On: #2962
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
Guest OS for example Windows will disable bars before shutdown. Bars
are unregistered when they are disabled. Trying to unregister a bar
which has been unregistered causes a assertion. In pci_emul_free_bars
only those enabled bars should be unregistered.
Tracked-On: #2962
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
ACPI PM timer is disabled in FADT since there is no pm timer emulation
in device model now.
Tracked-On: #2962
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
It is found that windows will issue blkio operation with amount of
sectors in one request. This patch extends the max iov number of
virtio block to 256.
Tracked-On: #2962
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
There is a deadlock when emulate_mem is called on the memory region
of PCI extended configuration space. The call trace is something like:
emulate_mem
-> pci_emul_ecfg_handler
-> pci_cfgrw
-> pci_emul_cmdsts_write
-> unregister_bar/register_bar
-> modify_bar_registration
-> unregister_mem/register_mem
mmio_rwlock is hold in emulate_mem when calling unregister_mem/
register_mem which is trying to acquire mmio_rwlock again, and deadlock
happened.
It is possible that bar address is changed just between a on-going
MMIO access which can bring a race condition in theroy. Guest needs to
take care of the serial operation between bar addess update and MMIO
access of that bar.
Tracked-On: #2962
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Signed-off-by: Liu Shuo A <shuo.a.liu@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
Sometimes guest OS writes PCIR_COMMAND register to disable the device,
then update the bar address followed by a write to PCIR_COMMAND register
to enable the device again. In this case unregister_bar/register_bar
should be called otherwise the IO/MMIO regions monitored by device model
will not be updated accordingly.
Tracked-On: #2962
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Signed-off-by: Liu Shuo A <shuo.a.liu@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
Windows will set 0x262a0 for smi cmd pio, need to mask the higher bits
due to smi command is 8 bits register. Otherwise, it cause the
ACPI_ENABLE case can't be matched, and windows expecting the SCI_EN of
PM1_CONTROL be set after switch to ACPI mode. Finally, cause windows
trigger panic.
Tracked-On: #2962
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
This patch adds the support of inet socket as the backend of uart
emulation. Data written by guest uart is transferred to a socket and
data from socket is forwarded to guest uart. This enables something
called "Uart Over TCP" which is useful in some case such as WinDbg
connection over uart. The command line syntax is as follows:
-l comX,tcp:port_number
Tracked-On: #2962
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
There are several duplicate definitions for check_dir, it can check or create directory at will. However, only acrnd and dm monitor can create the directory. This commit fixs the possibility of creating directory at will by no permission process, which adds a param flags to conctrl if it should create the directory. By the way, this commit collates related MACRO into the same file , deletes the duplicate definitions in another files and fixs some format issues.
Tracked-On: #2886
Signed-off-by: Mao Jiang <maox.jiang@intel.com>
Acked-by: Yan, Like <like.yan@intel.com>
The code mixed the usage on term of UUID and GUID, now use UUID to make
code more consistent, also will use lowercase (i.e. uuid) in variable name
definition.
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The old logic to process control transfer failure only include two cases:
1 Short packet
2 Stall.
This patch includes all possible failures reported by Libusb and does
related emulation for UOS
Tracked-On: #2918
Signed-off-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Add SDC ACPI device in dsdt, and assign GPIO 0 to SDC for SD card
detection.
Currently, the SD card hotplug function needs to insert SD card when
system boot, otherwise, it does not work. Since it needs P2SB virtualization
to set SD card presence state, and P2SB does not support user space interfaces
so this is an known issue.
Tracked-On: #2512
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
When LINK type TRB are received among multiple BULK TRBs, the copying
logic in DM will miss one or more TRBs. This patch is used to fix it.
Tracked-On: #2926
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Signed-off-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
The current xHCI mediator doesn't well support disable endpoint command.
This patch is one workaround for disable endpoint command to avoid
xHCI mediator to continue handle already dropped data.
Tracked-On: #2927
Signed-off-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Some projects based on ACRN don't want tap name to contain "acrn_"
prefix. This patch removes that prefix.
Tracked-On: #2509
Signed-off-by: Jie Deng <jie.deng@intel.com>
Reviewed-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
GPIO set/get value can be operated by accessing PIO space and the PIO
register definition for GPIO is in gpio_dm.h, frontend driver or ACPI
control methods can operate GPIO based on it.
GPIO mediator also defines ACPI control methods to support GPIO
operations, GPIO consumers can invoke PIO_GPIO_SET_VALUE/PIO_GPIO_GET_VALUE
in their own DSDT to set/get one GPIO value via ACPI control method.
v2: 1) Fix code style.
2) Use virtio configuration space callbacks to implement GPIO PIO operations
that replace pci_gpio_read/pci_gpio_write with virtio_cfgread/virtio_cfgwrite.
3) Return 0xFFFFFFFF as invalid result of PIO reading instead 0.
Tracked-On: #2512
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
1. free memory during pci_xhci_dev_destroy.
2. add libusb_free_device_list to free the list of devices previously
discovered using libusb_get_device_list().
3. fix possible memory corruption.
Tracked-On: #2892
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Reviewed-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
To keep consistency between HV and DM about PM1A_CNT_ADDR,
it is better to replace the PM1A_CNT related MACROs used in DM
with VIRTUAL_PM1A_CNT related MACROs in acrn_common.h.
Tracked-On: #2865
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
This patch add one new parameter --rtvm to indicate if the guest is a RTVM or not.
For RTVM, it may be not interference by SOS.
Tracked-On: #2865
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Users of pthread_cond_wait() should take care of spurious wakeups and it
is usually used in conjunction with a predicate. Not doing so can result
in unintended behavior. For example:
virtio_net_tx_thread():
entry -> pthread_cond_wait() -> spurious wakeup ->
vq_clear_used_ring_flags() -> segfault (vq->used uninitialized)
tpm_crb_request_deliver():
entry -> pthread_cond_wait() -> spurious wakeup ->
swtpm_handle_request() called needlessly
virtio_rnd_get_entropy():
entry -> pthread_cond_wait() -> spurious wakeup ->
no avail ring processing ->
virtio_rnd_notify() skips pthread_cond_signal() due to
rnd->in_progress ->
vq_endchains() called needlessly ->
wait in pthread_cond_wait() indefinitely
Fix these uses of pthread_cond_wait() by using predicates.
The only use case without a clear predicate is the tx thread in
virtio-mei, because it works with two-dimensional linked lists.
v1 -> v2:
- fix bugs and comments
- reduce code redundancy
Tracked-On: #2763
Signed-off-by: Peter Fang <peter.fang@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
- explicitly initialize the connections list
- use a do-while loop for vmei_proc_tx() since the first call must
always succeed
- make sure active_clients is initialized before creating the tx thread
v1 -> v2:
- split the cleanup commit into two parts
Tracked-On: #2763
Signed-off-by: Peter Fang <peter.fang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Remove the uses of LIST_FIRST() and LIST_NEXT() plus an extra pointer.
Also, call LIST_INIT() in vmei_me_client_destroy_host_clients() before
releasing the mutex.
v1 -> v2:
- split the cleanup commit into two parts
Tracked-On: #2763
Signed-off-by: Peter Fang <peter.fang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Use pthread_cond_broadcast() while holding the mutex to guarantee the
signaling of its condition variable.
Tracked-On: #2763
Signed-off-by: Peter Fang <peter.fang@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
virtio-blk never sets used_all_avail when calling vq_endchains(), which
may become problematic if VIRTIO_F_NOTIFY_ON_EMPTY is enabled.
Provide vq_endchains() with that info to ensure the delivery of an
interrupt when the avail ring is drained in the case of
VIRTIO_F_NOTIFY_ON_EMPTY.
Tracked-On: #2763
Signed-off-by: Peter Fang <peter.fang@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Make sure VQ_ALLOC is visible only after vq is completely initialized.
This ensures vq_ring_ready() is reliable when it returns true.
Tracked-On: #2763
Signed-off-by: Peter Fang <peter.fang@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
- Remove QemuFwCfg/QemuFwCfgS3Lib
- Use ACRN E820 map to query system memory size
- Support 64-bit PCI host aperture via ACRN E820
- Remove debug code in release build
- Take out unnecessary OVMF drivers
- Revert "Enable MP support"
- Use CPUID 0x40000010 to determine tsc frequency
Tracked-On: #2868
Signed-off-by: Peter Fang <peter.fang@intel.com>
