According to SDM:
writing a nonzero value to 63:32 bits of CR0 and CR4 results #GP(0).
writing a nonzero value to reserved bit of CR4 results #GP(0).
We merge the check with always off mask of CR0 and CR4.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
For data structure types "enum vpic_wire_mode, struct stack_canary",
its name is identical with variable name in the same scope.
This MISRA C violation is detected by static analysis tool.
For variables "segment_override, pde_index", its name is identical
with function name. This MISRA C violation is detected.
Naming convention rule:Variable name can be shortened from
its data structure type name.
The following udpates are made:
enum vpic_wire_mode vpic_wire_mode-->enum vpic_wire_mode wire_mode
struct stack_canary stack_canary-->struct stack_canary stk_canary
uint8_t segment_override:1 --> uint8_t seg_override:1
uint32_t pde_index--> uint32_t pde_idx
V1-->V2:
Remove update "enum cpu_state cpu_state-->enum cpu_state state"
and "enum irqstate irqstate-->enum irq_ops_mode ops_mode", other
patch will cover it.
V2-->V3:
Update "uint32_t pde_index--> uint32_t pde_idx".
Signed-off-by: Xiangyang Wu <xiangyang.wu@linux.intel.com>
For data structure types "struct pic and struct iommu_domain",
its name is identical with variable name in the same scope.
This MISRA C violation is detected.
Naming convention rule:If the data structure type is used by only one
module and its name meaning is simplistic, its name needs prefix
shorten module name.
Naming convention rule:Variable name can be shortened from its
data structure type name.
The following udpates are made:
struct pic pic-->struct i8259_reg_state i8259
struct iommu_domain iommu_domain-->struct iommu_domain iommu
V1-->V2:
Update "struct iommu_domain iommu_domain-->struct iommu_domain iommu"
Signed-off-by: Xiangyang Wu <xiangyang.wu@linux.intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Instead of using two members for maintaining the state of a VHM request, this
patch replaces the transitions with a single state. Basically the lifecycle of a
VHM request shall be:
FREE -> PENDING -> PROCESSING -> COMPLETE -> FREE -> ...
The structure header of vhm_request has more details of the transitions access
limitations under different states.
Also drop the set but unused member vcpu.ioreq_pending.
For backward-compatibility, the obsolete 'valid' member is still kept and
maintained before SOS and DM adapts to the new state transitions.
v2 -> v3:
* Use complete_ioreq to mark an I/O request finished in
dm_emulate_(pio|mmio)_post.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There are some functions for the post work of I/O emulation. This patch moves
these functions to io.c for clarity. No functional change introduced.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Currently no post-work is done for I/O requests of type PCICFG or WP. The
impacts include:
1. ''valid'' in VHM request buffers are left as 1 even after the I/O request
completes. This violates the pre-condition of acrn_insert_request_wait()
but does not cause failures since a new I/O request can never happen
before the previous one completes.
2. Values read from PCI configuration spaces are never passed to UOS.
This patch adds the post-work for these two kinds of I/O requests. The post-work
for port I/O is invoked for PCICFG since it is essentially a port I/O and the
request structure is compatible. No post-work is needed for WP as it is only
triggered for EPT violations on writes, while post-work is mainly for reads.
v2 -> v3:
* Consistently use 0/1 (not false/true) for the ''valid'' member.
* Add comments to suggest when the hypervisor can see REQ_PCICFG and why
dm_emulate_pio_post also works in such cases.
* Rename: mark_ioreq_done -> complete_ioreq
* Rename: complete_request -> emulate_io_post
* Rename: hcall_notify_req_finish -> hcall_notify_ioreq_finish
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
This is the counterpart to the PIO emulation side.
1. ept_violation_vmexit_handler (entry point for handling vmexit on EPT instruction):
Extract mmio address, size, direction and value (for write only), fill in an
I/O request, invoke do_io to handle that and emulate_pio_post for
post-processing.
2. emulate_io
Handle the given I/O request, either completed by registered MMIO handlers
or sent to VHM.
3. emulate_mmio_post:
Update guest registers after the emulation is done.
v2 -> v3:
* Rename: emulate_mmio_by_handler -> hv_emulate_mmio.
* Inline the original hv_emulate_mmio.
* No longer check alignment. The handlers are responsible for handling
unaligned accesses.
v1 -> v2:
* Rename: do_io -> emulate_io.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch refactors how I/O instructions are emulated, in order for a unify the
I/O emulation path. The major control flow includes:
1. pio_instr_vmexit_handler (entry point for handling vmexit on I/O instruction):
Extract port address, register size, direction and value (for write only),
fill in an I/O request (of type io_request), invokes do_io to handle that
and update the guest registers if the request has been successfully handled
when do_io returns.
2. emulate_io:
Handle the given I/O request. The request is handled or sent to VHM if it
returns 0 (the actual status can be found in io_req->processed). On errors a
negative error code is returned.
3. emulate_pio_by_handler:
Look for the PIO handler for the given request and invoke that
handler. Return 0 if a proper handler is found and invoked (the status of
the emulation can be found in io_req->processed), -EIO when the request
spans across devices, and -ENODEV when no handler is found.
4. emulate_pio_post:
Update guest registers after the emulation is done. Currently this can
happen either right after do_io() or after the vcpu is resumed. Status check
on the I/O request and follow-up actions on failure will also go here.
Note:
Currently do_io can return 0 with io_req->processed being REQ_STATE_PENDING if
the request is sent to VHM for further processing. In this case the current vcpu
will be paused after handling this vm_exit, and dm_emulate_pio_post will be
invoked to do the rest after this vcpu is resumed. When vcpus are scheduled back
to exactly where they are scheduled out later, do_io should be responsible for
the post_work and the processing of do_io results shall be mostly the same.
v2 -> v3:
* Rename: emulate_pio_by_handler -> hv_emulate_pio.
* Properly mask the value passed to port I/O handler.
v1 -> v2:
* Rename: do_io -> emulate_io.
* Rename io_instr_vmexit_handler -> pio_instr_vmexit_handler to reflect the
fact that it handles port I/O only.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The current hierarchy :
CONSOLE --> SERIAL -->UART DRIVER
This patch remove SERIAL layer, that is console will
call UART driver directly, change it to:
CONSOLE --> UART DRIVER
Remove some related data structures and registration and callback.
Cleanup vuart.c
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
For data structure types "union lapic_id and struct segment",
its name is identical with variable name in the same scope. This MISRA C
violation is detected by static analysis tool.
Naming convention rule:If the data structure is corresponding
to hardware resource (such as register, segment selector),
its name need resource shorten name suffix (such as _reg, _sel).
The following udpates are made:
union lapic_id-->union lapic_id_reg
struct segment-->struct segment_sel
Signed-off-by: Xiangyang Wu <xiangyang.wu@linux.intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
For data structure types "struct key_info, struct pir_desc,
struct map_params", its name is identical with variable name
in the same scope. This MISRA C violation is detected by
static analysis tool.
Naming convention rule:If the data structure type is used by only one
module and its name meaning is simplistic, its name needs prefix
shorten module name.
The following udpates are made:
struct key_info-->struct trusty_key_info
struct pir_desc-->struct vlapic_pir_desc
struct map_params-->struct mem_map_params
Signed-off-by: Xiangyang Wu <xiangyang.wu@linux.intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
For data struct type struct vie, emul_ctxt, its name
is identical with variable name in the same scope.
This MISRA C violation is detected by static analysis
tool.
According to naming convention rule: If the data structure
type is used by only one module and its name meaning is
simplistic, its name needs prefix shorten module name.
Follow the same rule, data structure name "vie_op" needs
to be renamed;
The following updates are made in this patch:
struct vie-->struct instr_emul_vie
struct vie_op-->struct instr_emul_vie_op
struct emul_ctxt-->struct instr_emul_ctxt
Signed-off-by: Xiangyang Wu <xiangyang.wu@linux.intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The variable timer's name is identical with struct
timer s name. This MISRA C violation is detected
by static analysis tool.
According to naming convention rule: If the data
structure type is used by multi modules, its
corresponding logic resource is only used by
hypervisor/host and isn't exposed to external
components (such as SOS, UOS), its name meaning
is simplistic (such as timer), its name needs prefix
"hv_".
Rename struct timer as struct hv_timer.
Replace regular expression:s/struct timer\([ ),;\t\*]\+\)
/struct hv_timer\1
Signed-off-by: Xiangyang Wu <xiangyang.wu@linux.intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
V1:
In order to remove MISRA C violations for rule
219S, rename functions, macros whose name
starts with "_".
Also removed some __mmio functions because they are
duplicates and are not used anywhere.
Renamed functions like __assert, to asm_assert,
because they were only wrappers around asm calls.
V2:
Over and above the changes on V1, modified bitmap
functions names to lock (corresponding to unlock)
introduced in V1
Signed-off-by: Arindam Roy <arindam.roy@intel.com>
Misra c required parameter should not changed in the scope
of function,use local variable to replace it.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Parameter's type which is pointer should not be changed in the
scope of function,assign it's value to local variable to fixed
it out.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
1. Add strstr_s in lib to support locate substring in a string
2. Parse "ImageBootParamsAddr=" from cmdline and retrieve seed
3. Convert the addresses to SOS GPA since they will be used in
SOS.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Reviewed-by: Wang Kai <kai.z.wang@intel.com>
Acked-by: Zhu Bing <bing.zhu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There are many naming violations detected by static analysis
tool. Data structure type name is the same as variable name.
According to naming convention rules, If the data structure
type is used by multi modules and its name meaning is
simplistic (such as vcpu, vm), its name needs prefix "acrn_".
Rename struct vpic as struct acrn_vpic.
Replace regular expression:s/struct vpic\([ ),;\t\*]\+\)/struct acrn_vpic\1
Signed-off-by: Xiangyang Wu <xiangyang.wu@linux.intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There are many naming violations detected by static analysis
tool. Data structure type name is the same as variable name.
According to naming convention rules, If the data structure
type is used by multi modules and its name meaning is
simplistic (such as vcpu, vm), its name needs prefix "acrn_".
Rename struct vlapic as struct acrn_vlapic
Replace regular expression:s/struct vlapic\([ ),;\t\*]\+\)/struct acrn_vlapic\1
Signed-off-by: Xiangyang Wu <xiangyang.wu@linux.intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
main focus on integral issues, and change some functions
interface to unify the params data type; also modify to
simplify the code logic.
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The current struct vcpu has two members, namely 'struct vhm_request req' and
'struct mem_io mmio', that hold similar info, including the address, direction, size,
value and status of mmio reqeusts.
As a step towards a unified framework for both MMIO/PIO, this patch unifies
these two members by a tailored version of vhm_reqeust, mostly with the reserved
fields dropped. The definitions to request types, directions and process status
are reused.
Handling errors during emulations will be revisited after the I/O emulation
paths are unified. Thus for this patch the mmio.mmio_status in inherited by
io_req.processed which is not yet properly processed.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Currently the I/O emulation structures and interfaces are scattered among mmu.h,
io.h and guest.h, and tangled with other interfaces there. This patch moves the
former to a separate header ioreq.h.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add lookup_address to lokup the page table for a virtual address
of primary page table or a physical address of extended page table.
The remaining obtain_last_page_table_entry could be removed with their
called function later.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
The ept_mr_add still use the old map_mem. The old API will
keep for a peroid until the SOS the same refine be merged.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Merge mmu_modify with mmu_del to mmu_modify_or_del(..., type).
While type is MR_MODIFY, the actual action is doing mmu_modify; while
type is MR_DEL, the actual action is doing mmu_del.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add hcall_change_vm_page_wp_perm to change guest one page write permission.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In the function scope,the parameter should not be
changed as Misra required.
V1->V2 recover some violations because of ldra's false positive.
V2->V3 sync local variable' type to parameter's type with the prefix of const.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
SOS boot with all physicall cpus, before running UOS, it should free
CPU resource by offline not used cpus
- first do standard cpu offline flow
- then call hcall_sos_offline_cpu hypercall to release cpu resource really
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
if defined CONFIG_VM0_DESC, HV will use predefined vm0_desc to config
VM0, otherwise, HV will run VM0 with all physical cpus.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
foreach_vcpu will go through all vcpu_array and only call the following
code when vcpu != NULL
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Remove shell_construct
Change shell_init to void type
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Fix x86 directory violations which related to integer problems,
some of problems are skipped because of ldra's false positive.
V1->V2 1.modified the code style
2.fix all macro VM_EXIT_IO_INSTRUCTION related
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The purpos is to unify the layout of general-purpose regs in interrupt/excpetion context.
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In current code, general-purpose register layout in run_context is not align with the
general-purpose register index when vmexit. So hv needs to map the index used during
vmexit to the index of the general-purpose register in run_context.
This patch align the layout, so that no mapping needed.
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
1. fix some description for hv mmu_modify
2. add pml4_page input parameter for ept_mr_modify to keep align with
ept_mr_add and ept_mr_del which will support add or delete MR for trusty.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
1. rename set_vm_memmap to set_vm_memory_region
2. split ept_mmap into ept_mr_add and ept_mr_del
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The plus and minor have the same level of precedence. The Misra-C
considers it as a violation. Added brackets in between addition and
substraction oprators.
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Added brackets for expression to make it easy to understand and
reduce the mistake of precedence. The rule is applied to the
mixed same level of prevedence opeartors, high level presedence
operators and logical expression.
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
- explicitly declare the array size to fix the violation 'Array has no
bounds specified'
- minor changes for comments style
v1 -> v2:
* add the definition for exit reasons from 0x39 to 0x40 based on "SDM
APPENDIX C VMX BASIC EXIT REASONS"
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
fix all assign.c integer violations except related
"Implicit conversion: actual to formal param".
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This is the final cleanup of the integral type related issues, reported by the
static checker, under common/, mostly including
* make explicit the narrowings of vm_ids passed by register.
* work around the confusion of the static checker by abstracting
sub-expressions to local variables.
The remaining reports that are not trivial to suppress will be in the scope of a
separate document.
v1 -> v2:
* Instead of converting vm_ids inside hcall_xxx, update the prototypes of
these functions and do the conversion in vmcall_vmexit_handler.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Clean up most reported integral-type-related violations still existing under
arch/x86/guest/. The remaining reports that are not trivial to suppress will be
explained in separate documents.
Also move acpi_info outside acrn_common.h as the structure is no longer shared
with DM.
v1 -> v2:
* Move struct acpi_info to bsp_extern.h
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The error code in the hypervisor is 32-bit signed integers. To reduce implicit
conversions, this patch make hcall_xxx returns int32_t, and finally converts it
to uint64_t when assigned to rax whose semantics is properly defined in C99.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Qualified or unqualified int or bool are the only types allowed for bit-field
members in C99, and MISRA C further forbids using plain int.
Use uint32_t (which is equivalent to unsigned int) for all bit-field members.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Inline function have some violations with parentheses
and return type casting.Fixed it.
V1->V2:modified the parameter to ther letter case
V2->V3:move the delcaration to the inner and reduce suffix UL to U
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now the Intel RDT emulation is working in progress. So disable it
for temporary solution to avoid guest OS running with incorrect RDT
configuration.
Signed-off-by: Shuo Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Most of the time, we use the virtual address of EPT PMl4 table,
not physical address.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
mainly focus on: like U/UL as unsigned suffix;
char and int mix usage; also change some function's params
for data type consistent.
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- Remove those APIs without definition
- Minor changes to make sure the line length is less than 80
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There are many type conversions in the atomic
operations invoking reported by static analysis tool. These
type conversions voilate MISRA C.
To keep uniform naming convention, rename atomic operation
function names:
atomic_set_int/long --> atomic_set32/64;
atomic_clear_int/long --> atomic_clear32/64;
atomic_load --> atomic_load32;
atomic_store --> atomic_store32;
atomic_swap --> atomic_swap32;
atomic_readandclear --> atomic_readandclear32;
atomic_inc --> atomic_inc32;
atomic_dec --> atomic_dec32;
atomic_cmpxchg --> atomic_cmpxchg32;
atomic_xadd --> atomic_xadd32.
Update the type of atomic_load32/64, atomic_store32/64,
atomic_swap32/64, atomic_cmpxchg32/6.
Update related variables and callers.
Note: the type of return value and parameters of atomic_xadd32/64
still keep signed int/long since caller pass
negative variable to atomic_xadd32/64;
V1-->V2:
Add comments for atomic_set/clear to differ from
bitmap_set/clear.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Reviewed-by: Junjie.Mao <junjie.mao@intel.com>
While fixing the MISRA C violations related to integral types, we have unified
the type of the following data:
uint8_t:
phys_pin, virt_pin, vpic_pin, ioapic_pin, vioapic_pin
uint16_t:
vm_id, pcpu_id, vcpu_id, vpid
uint32_t:
vector, irq
This patch revisits the types of the fields in vhm_request as well as the
structures used as parameters in the hypercalls, and make them aligned with the
types the hypervisor uses for such data. Reserved fields are added to keep the
size and layout of the structures. Implicit paddings are also made explicit as
reserved fields.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There are some integer type conversions in the VMX, timer
and MTTR module detected by static analysis tool.
Update related integer type in VMX, timer and MTTR
module.
Add related constant value with 'U/UL' suffix.
V1-->V2:
Resolve few rebase conflicts.
V2-->V3:
Add 'h' for uint16_t argument in log function;
Update the type of temp variable 'type' as uint8_t
in MTTR module to reduce type conversion.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Current code has a mistake associating destination with
redirectionhint. So just use the destination mode to work out
destination mode.
When injecting the msi interrupt to vcpu in hypervisor layer,
current code ingnores the redirection hint(RH) bit of msi address
message from guest, and just use the destination mode and
destination ID. So correctly before injecting, check the RH bit,
if set, choose the vcpu that has lowest priority to inject msi.
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Reviewed-by: Zhao, Yakui <yakui.zhao@intel.com>
Reviewed-by: Yin, Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
NR_MAX_IRQS is defined as 272 and IRQ_INVALID as 273 which implies
that 272 is a valid irq number. In this case, an illegal access can
occur at run time when irq_desc_array[] or irq_count[] is accessed
with index 272. This fix stops the illegal access by renaming
NR_MAX_IRQS to NR_IRQS and then places proper conditions for range
checks. If the index is >= NR_IRQS, then index is invalid otherwise
its considered valid for accessing irq arrays. IRQ_INVALID definition
is also changed to 0xffffffffU to indicate maximum unsigned value.
Signed-off-by: Madeeha Javed <madeeha_javed@mentor.com>
In the hypervisor, VMCS fields include 16-bit fields,
32-bit fields, 64-bit fields and natural-width fields.
In the current implement, there are exec_vmread/exec_vmwrite
used for accessing 32-bit fields, 64-bit field and
natural-width fields. This usage will confue developer.
So there are many type casting for the return value and
parameters vmread/vmwrite operations.
Since exec_vmread/exec_vmwrite and exec_vmread64/exec_vmwrite64
are the same, update current exec_vmread/exec_vmwrite
implement into exec_vmread64/exec_vmwrite64 implement
and add MACRO define for exec_vmread/exec_vmwrite in
head file;
To access 64-bit fields in VMCS, callers use
exec_vmread64/exec_vmwrite64;
Update related variables type for vmread/vmwrite operations;
Update related caller according to VMCS fields size.
Note:Natural-width fields have 64 bits on processors
that support Intel 64 architecture.To access natural-width
fields in VMCS, callers still use exec_vmread/exec_vmwrite,
keep the current implementation.
V1--V2:
This is new part of this patch serial to only
update 64-bit vmread/vmread opertions and related
caller, for netural width fields, still use exec_vmread
or exec_vmwrite.
V2-->V3:
Fix few mistake updations for netural fields in VMCS,
just keep exec_vmread/exec_vmwrite to access them;
Fix few mistake updations for 64-bit fields in VMCS.
V3--V4:
Add "016ll" for 64-bit variable in log function;
Few updates for coding style;
Rename lssd32_idx as tr_sel in VMX module.
V4-->V5:
Use CPU_NATURAL_LAST in the vm_get_register and
vm_set_register to make condition statement more
understandable.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
In the hypervisor, VMCS fields include 16-bit fields,
32-bit fields, 64-bit fields and natural-width fields.
In the current implement, no exec_vmread32/exec_vmwrite32
is for accessing 32-bit fields. So there are many type
casting for the return value and parameters vmread/vmwrite
operations.
Create exec_vmread32 and exec_vmwrite32 functions to
access 32-bit fields in VMCS;
Update related variables type for vmread/vmwrite operations;
Update related caller according to VMCS fields size.
V1--V2:
This is new part of this patch serial to only
update 32 bit vmread/vmread opertions and related
caller.
V2-->V3:
Update related variables type in data structure
for exec_vmread32/exec_vmwrite32.
Rename temp variable 'low' into 'value' for
exec_vmread32;
V3-->V4:
Remove useless type conversion.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
In the hypervisor, VMCS fields include 16-bit fields,
32-bit fields, 64-bit fields and natural-width fields.
In the current implement, no exec_vmread16/exec_vmwrite16
is for accessing 16-bit fields. So there are many type
casting for the return value and parameters vmread/vmwrite
operations.
Create exec_vmread16 and exec_vmwrite16 functions to
access 16-bit fields in VMCS;
Update related variables type for vmread/vmwrite operations;
Update related caller according to VMCS fields size.
V1--V2:
This is new part of this patch serial to only
update 16-bit vmread/vmread opertions and related
caller.
V2--V3:
Add "hu" for uint16_t argument in log function;
Add comments for function get_vmcs_field;
Update related variables type for exec_vmread16;
Rename temp variable 'low' into 'value'.
V3-->V4:
Few updates for exec_vmread16.
V4-->V5:
Few updates for coding style;
Replace "hux" with "hu" in log function for 16-bit
variable.
V5-->V6:
CPU_REG_64BIT_LAST is used in the vm_get_register and
vm_set_register to make condition statement more
understandable.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
fix integer type violations,keep some violations which
related to hypcall and msix_entry_index.
V1->V2:1.modified API_MAJOR_VERSION from Makefile
2.sync acrn_common.h changed to device model
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Change these 6 APIs to void type:
init_default_irqs
interrupt_init
early_init_lapic
init_lapic
init_iommu
destroy_iommu_domain
It has checked the argument of destroy_iommu_domain in shutdown_vm,
then no need to check it again inside destroy_iommu_domain.
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Function like macro changed to be inline function to limit
the return type and parameter type.
V1->V2:change the apis to letter case.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Function like macro changed to be inline function to limit
the return type and parameter type.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch cleans up the integral-type-related violations after the access
pattern to RTEs is unified. Major changes include:
1. vioapic_mmio_read(), vioapic_mmio_write() and vioapic_mmio_rw() assumes
the size of the register to be accessed is always 4, which is checked in
vioapic_mmio_access_handler(). Thus they no longer takes the unused
''size'' parameter.
2. Typical integral-type-related violation fixes including 'U' suffixes,
type of local variables, conversion specification in format strings, etc.
v1 -> v2:
* Drop duplicated definitions to IOAPIC register offsets.
* Drop the ''size'' parameter of vioapic_mmio_[read|write] and
vioapic_mmio_rw since vioapic_mmio_access_handler() ensures that size is
always 4.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There are two different ways the current implementation adopts to access ioapic
RTEs:
1. As two 32-bit registers (typically named ''low'' and ''high''), or
2. As one 64-bit register (typically named ''rte'').
Two issues arise due to the mixed use of these two patterns.
1. Additional conversions are introduced. As an example, ioapic_get_rte()
merges two RTE fragments into a uint64_t, while some callers break it
back to ''low'' and ''high'' again.
2. It is tricky to choose the proper width of IOAPIC_RTE_xxx constants. SOS
boot failure is seen when they are 32-bit due to the following code:
/* reg is uint64_t */
vioapic->rtbl[pin].reg &= ~IOAPIC_RTE_REM_IRR;
while making them 64-bit leads to implicit narrowing when the RTEs are accessed
in the low & high pattern.
This patch defines a union ''ioapic_rte'' and unifies the access pattern
to IOAPIC and vIOAPIC RTEs.
v1 -> v2:
* Instead of two 32-bit ''low'' and ''high'', define a union that allows
either 32-bit or 64-bit accesses to RTEs.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
GUEST_CFG_OFFSET is used to pass the memory top info from DM
to HV. The address should be in E820 reserved range to prevent
guest use it for other purpose.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
version.h is included but not used by per_cpu.h. This results in a forceful
rebuild of almost all files because per_cpu.h (and thus version.h) is depended
on by many files, and version.h is created every time a build is triggered.
This patch breaks this dependency. No further changes needed as sources using
version.h all include that file explicitly.
Also add the missing license header BTW.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
The main focus on: constant suffix U/UL; parameters cast like
uint32 to a uint16 variable; unify some APIs interface,
consist with the callers.
also modify some places to unify code style
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Signed/unsigned conversion should add cast explicitily
or change the type of them to the same.
V1->V2:Fixed the 0U to 0UL because of the mistakes.
V2->V3:remove unsed macro
Signed-off-by: HuiHuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Includes header file of non-static function, and declare the
in-file use function static.
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
vmid's type prefered to be uint16_t.
V1->V2:vmid from uint32_t transfer to uint16_t
V2->V3:add range check to hcall's vmid parameter
V3->V4:seperate the declaration and actual code.
V4->V5:remove range check from hcall's vmid parameter
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Use the array for lapic_id directly to avoid the unnecessary pointer
arithmetic.
With current implementation,
lapic_id_base is always a byte array with CPU_PAGE_SIZE elements
What this patch does:
- replace 'uint8_t *lapic_id_base' with 'uint8_t
lapic_id_array[CPU_PAGE_SIZE]' to make the boundary explicit
- add a range check to ensure that there is no overflow
v2 -> v3:
* update the array size of lapic_id_array per discussion with Fengwei
v1 -> v2:
* remove the unnecessary range check in parse_madt in cpu.c
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
rename vm_hw_logical_core_ids to vm_pcpu_ids
and changed the type to uint16_t.
V1->V2:rename the vm_hw_logical_core_ids
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
1) Change these 5 APIs to void type:
vcpu_inject_pf
uart16550_calc_baud_div
uart16550_set_baud_rate
console_init
ptdev_activate_entry
No need to return 'entry' for ptdev_activate_entry
since the input parameter is 'entry'.
2) no need to check return value for the caller
such as sbuf_put/console_putc/serial_puts/serial_get_rx_data
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
To minimize explicit casts, this patch adjusts the types of function parameters
and structure fields related to vlapic and update the types in the internal
implementation accordingly.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Dong Eddie <eddie.dong@intel.com>
Use local variables to hold struct members before using them, which helps us
avoid confusions from static checkers.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Dong Eddie <eddie.dong@intel.com>
For constants used in unsigned contexts, a 'U' suffix is required per MISRA C
standard.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Dong Eddie <eddie.dong@intel.com>
The patch fixes integral type related violations on HV pm part.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Per new design of trusty memory allocation: VHM will reserve contiguous
memory for trusty when DM launch guest with trusty enabled. And OSloader
will relocate trusty to 511G directly and pass trusty's base/entry to HV
by trusty_boot_param when call HC_INIITIALIZE_TRUSTY.
So in this patch:
1. Extend trusty_boot_param to support addr/entry above 4G.
2. Remove size check for old version compatibility.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Zhu Bing <bing.zhu@intel.com>
like: constant of unsigned int need add U/UL as surfix.
enum value can't use to give or compare with int directlly.
unsigned and signed mis-matched
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
MISRA-C requires the use of brackets, even when there is only one
statement in the loop body.
Signed-off-by: Ying Liu <ying2.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There are some integer type conversions reported by static
analysis tool for vcpu id, number of created vcpus, and
vpid, to reduce these type conversions, redesign vcpu id,
number of created vcpus, and vpid type as uint16_t as per
their usage, related 16-bit atomic operations shall be
added in HV.
MISRA C requires that all unsigned constants should have the suffix 'U'
(e.g. 0xffU), but the assembler may not accept such C-style constants.
Add 16-bit atomic add/dec/store operations;
Update temporary variables type and parameters type of
related caller;
Update vpid type as uint16_t;
Replace Macro with constant value for CPU_PAGE_SIZE.
Note: According to SDM A.10, there are some bits defined
in the IA32_VMX_EPT_VPID_CAP MSR to support the INVVPID
instruction, these bits don't mean actual VPID, so
the vpid field in the data struct vmx_capability doesn't
be updated.
V1--V2:
update comments for assembly code as per coding style;
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
- move all relocatoin code from cpu.c and cpu.h to reloc.c and reloc.h
- no any logic changes
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Yin fengwei <fengwei.yin@intel.com>
In the current memory module, there are many constatn value
without U/UL suffix, it is reported as MISRA C violations by
static analysis tool.
Add 'U/UL' suffix for unsigned contant value in memory module
as needed.
Note:In the most case, CPU_PAGE_SIZE(0x1000) is used as
unsigned integer contant value, so CPU_PAGE_SIZE is defined
as unsigned integer contant value, and it is safety converted
into unsigned long type according to MISRA C standard.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
there is a bug for system hang on SBL bootloader after we enabled turbo mode.
so add tmp patch to disable turbo mode as the work-around.
after SBL fixed it, we revert this patch.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In the data struct cpuinfo_x86, some field names have
prefix x86, others don't have prefix.
In order to unify names, update field names of struct
cpuinfo_x86 as per its usage purpose, remove prefix x86.
V1-->V2:
Resolve conflict in cpu.c by rebase command
V2-->V3:
Remove track-on id as per jack's comments
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch cleans up the integral type violations to MISRA C rules, mostly
related to signed constants that should be unsigned but also spelling out two
integer narrowing and dropping some macros negating unsigned integers.
v1 -> v2:
* Drop INT_ROUNDUPx macros since they are never used.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The MMIO/PIO write APIs in io.h always take a uint32_t value but may uses it as
8, 16 or 32-bit integers. This patch converts the prototypes to align with their
functionality.
The pointer conversion and assignment are splitted to separate statements to
prevent static checkers from being confused about the underlying types.
v1 -> v2:
* Change the prototype of mmio-related functions, instead of keeping the
explicit conversions internal. The addresses are kept void* since in most
cases hva (in void*) is passed.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
GCC preprocessor expands __LINE__ to signed decimal integers. Keep the prototype
of __assert aligned with this.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In the current trace.h, the entries use proper unsigned types while some
function prototypes and local variables still use plain 'int', resulting in
implicit signedness conversions.
This patch makes the following conversions:
* evid: int -> uint32_t,
* n_data & cpu: 8-bit bit-field -> uint8_t,
* local variable holding the value from strnlen_s(): int -> size_t.
Note: In the following definition:
struct trace_entry {
uint64_t tsc; /* TSC */
uint64_t id:48;
....
The type of bit-field ''id'' cannot be uint32_t since gcc complains about
bit-fields larger than the type. Thus this patch keeps it as is.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
transfer num_vcpus,exp_num_vcpus to uint16_t.
transfer vm_hw_num_cores to uint16_t.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
To be consistant with inline function mem_write, modifying the
mem_read* and using inline function instead.
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
To follow the Misra-c standard, the assignment operation inside
function-like macro should be avoided. Replaced the violations
macro using inline function instead.
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
There are unsinged constant values don't have 'U/UL' suffix
in the HV reported by static analysis tool.
Add 'U/UL' suffix for unsigned constant values as needed.
Tracked-on: ccm0001001-247033
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
There are some narrow integer conversion violations
in the HV reported by static analysis tools.
The narrow integer conversions are resolved by
following methods:
* Explicit type conversion as needed;
* Update suffix of constant value as 'U'
as needed.
cked-on: ccm0001001-247033
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Currently IOAPIC pins are represented using various types, including uint16_t,
int, uint8_t and uint32_t. This patch converts all pins to uint8_t since the
maximum number of interrupt input pins per IOAPIC is limited to 240. The special
value IOAPIC_INVALID_PIN is defined to indicate that a valid pin cannot be
found.
This type clean up also has the following impacts.
* The values in the ''legacy_irq_to_pin'' table are piggybacked with their
trigger mode. This patch splits them as the piggyback prevents us from
using a uint8_t[] for this table, and these two information are never used
at the same time.
* The ''offset'' parameter in ioapic_read_reg32 & ioapic_write_reg32 are
promoted to uint32_t to minimize explicit type conversions and keep
aligned with the type of formal parameters of mmio_(read|write)_long.
Tracked-on: ccm0001001-247033
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
According to C99 standard, -1 integer constant with 'U/UL'
suffix has no type.
To explicit the integer constant:
Update -1U or -1UL as ~0U or ~0UL, or invalid number according
to usage case.
V1-->V2:
Update parameter name and type of send_startup_ipi since
the second parameter is used as pcpu_id;
Update related comments for code clearity.
V2-->V3:
Update comments of struct acrn_irqline;
rename cpu_startup_dest as dest_pcpu_id in the second
parameter of send_startup_ipi.
Tracked-on: ccm0001001-247033
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Extend struct trusty_boot_param to hold rpmb_key.
Copy rpmb_key from trusty_boot_param when initialize
trusty.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Reviewed-by: Zhu Bing <bing.zhu@intel.com>
Reviewed-by: Wang Kai <kai.z.wang@intel.com>
According to MISRA C:2012, suffix 'U/UL' shall be for
unsigned const value, the member of enum variable should
not be used to compare with integer variable.
Add 'U/UL' for unsigned const value in the CPU module;
Use Macro insteading of enum feature_word since the member
of feature_word is used to compare with integer variable;
Use hex number insteading of Macro in the assembly code.
V1-->V2:
Update the suffix of some constant value as 'UL'
according to its'storage variable;
Split MACRO updates used in the assembly code
in other patch.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA C requires that all unsigned constants should have
the suffix 'U/UL'(e.g. 0xffU), but the assembler may not
accept such C-style constants.
To work this around, all unsigned constants must be
explicitly spells out in assembly with a comment tracking
the original expression from which the magic number is
calculated.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Here is how the recursion might happen:
when there is something wrong
|
sbuf_put -> memcpy_s -> pr_err -> do_logmsg
| |
-----------------------------------
Replace 'pr_err' with 'ASSERT' in 'memcpy_s' to break this kind of
recursion.
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
IOAPIC pins always fit in 8-bit and we already use uint8_t for virt_pins. This
patch converts pins in vioapic to uint8_t.
This is based on Arindam's previous patch ("was: hv: Cleanup and optimise
vioapic.c"), with SOS boot failure resolved, format string updated, complex
arithmetic expression with implicit type conversion decoupled. Also make some
local variables representing interrupt vectors uint32_t.
Signed-off-by: Arindam Roy <arindam.roy@intel.com>
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
A couple of diagram were written using text characters. This
commit changes that to use pictures instead.
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Move the existing Trusty document to the doc/ folder (where
it belongs) and convert the text to ReST.
The Documentation/ folder under hypervisor/ is removed as all
documents should be put under doc/.
All technical information has been preserved or was already
available in other documents.
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
This patch makes necessary integer narrowing and/or signedness conversion
explicit.
While some narrowing are expected behavior, the correctness of the others relies
on the specifications of some interfaces (e.g. the higher 32-bit of what
exec_vmread() returns is all 0s if the given field is 32-bit). Add a stub
for now to avoid missing them.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
- rename 'cpu_set_logical_id()' to 'set_current_cpu_id()'
- rename 'cpu_find_logical_id()' to 'get_cpu_id_from_lapic_id()'
- some clean up in cpu.c & trampolines.s
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
In the hypervisor, some strings are assigned to non const
object, this violates MISRA C:2012.
Update the type of the object as const type since it always
points to string.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
We need bitmap bit ops API for 32bit operators like vlapic irr
registers.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There are extra type conversion in the HV since logical_id
type is uint32_t and the input argument of bitmap operations
is uint16_t. BTW, the name of logical_id is not clear enough
to express its usage.
So the following updates are made in this patch:
Update logical_id type as unit_16 to reduce type casting;
Update related print argument;
Rename related logical_id as pcpu_id as needed.
Note: logical_id in the interrupt_init definition have been
updated in cpu_id cleanup patch.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
There are extra type conversion in the HV since cpu_id
type is uint32_t and the return value type of get_cpu_id
is uint16_t. BTW, the name of cpu_id is not clear enough
to express its usage.
So the following updates are made in this patch:
Update cpu_id type as unit_16 to reduce type casting;
Update related temporary variables type;
Update related print argument;
Change the input parameter name of interrupt_init as
cpu_id to keep align with function implement;
Rename cpu_id as pcpu_id as needed.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In the hypervisor, virtual cpu id is defined as "int" or "uint32_t"
type in the hypervisor. So there are some sign conversion issues
about virtual cpu id (vcpu_id) reported by static analysis tool.
Sign conversion violates the rules of MISRA C:2012.
BTW, virtual cpu id has different names (vcpu_id, cpu_id, logical_id)
for different modules of HV, its type is defined as "int" or "uint32_t"
in the HV. cpu_id type and logical_id type clean up will be done in
other patchs.
V1-->V2:
More clean up the type of vcpu id;
"%hu" is for vcpu id in the print function.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Misra C required signed/unsigned conversion with cast.
V1->V2:
a.split patch to patch series
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Misra C required signed/unsigned conversion with cast.
V1->V2:
a.split patch to patch series
V2->V3:
a.change the uint64_t type numeric constant's suffix from U to UL
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Misra C required signed/unsigned conversion with cast.
V1->V2:
a.split patch to patch series
V2->V3:
a.change the uint64_t type numeric constant's suffix from U to UL
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Misra C required signed/unsigned conversion with cast.
V1->V2:
a.split patch to patch series
V2->V3:
a.change the uint64_t type numeric constant's suffix from U to UL
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Misra C required signed/unsigned conversion with cast.
V1->V2:
a.split patch to patch series
V2->V3:
a.Change the API tgt_uart/ static int uart16550_get_rx_err(uint32_t rx_data) to return uint32_t
b.modified the format of if from "if (length > 32*(length/32))" to
"if (length % 32U > 0)"
V3->V4:
a.change the uint64_t type numeric constant's suffix from U to UL
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Misra C required signed/unsigned conversion with cast.
V1->V2:
a.split patch to patch series
V2->V3:
a.change the uint64_t type numeric constant's suffix from U to UL
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
logmsg() expects the severity given to be uint32_t. This patch adds the 'U'
suffix to the severity constants.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Rename bit operation function fls as fls32, keep name
style with other bit operation function.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch represents TSC freqeuency in KHz using a 32-bit unsigned integer.
The conversion macros between ticks and us/ms are changed to inline functions to
enforce the types of the input parameters. Note that us_to_ticks accepts only
uint32_t (~4K us at most) and never overflows.
Results of some unit tests on the conversion functions:
calibrate_tsc, tsc_khz=1881600
64us -> ticks: 120422
64us -> ticks -> us: 63
511us -> ticks: 961497
511us -> ticks -> us: 510
1280000 ticks -> us: 680
1280000 ticks -> us -> ticks: 1279488
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The parameter to udelay is the microseconds to wait for, which should be an
unsigned integer.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ioapic reset function will be called when doing guest reset.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
To reduce type conversion in HV:
Update return type of function ffs64 and ffz64 as uint16;
For ffs64, when the input is zero, INVALID_BIT_INDEX is returned;
Update temporary variable type and return value check of caller
when it call ffs64 or ffz64;
Note: In the allocate_mem, there is no return value checking for
calling ffz64, this will be updated latter.
V1-->V2:
INVALID_BIT_INDEX instead of INVALID_NUMBER
Coding style fixing;
INVALID_CPU_ID instead of INVALID_PCPU_ID or INVALID_VCPU_ID;
"%hu" is used to print vcpu id (uint16_t);
Add "U/UL" for constant value as needed.
V2-->V3:
ffs64 return INVALID_BIT_INDEX directly when
the input value is zero;
Remove excess "%hu" updates.
V3-->V4:
Clean up the comments of ffs64;
Add "U" for constant value as needed.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Change the return type of function fls64 and clz64 as uint16_t;
When the input is zero, INVALID_ID_INDEX is returned;
Update temporary variable type and return value check of caller
when it call fls64 or clz64;
When input value is zero, clz64 returns 64 directly.
V1-->V2:
INVALID_BIT_INDEX instead of INVALID_NUMBER;
Partly revert apicv_pending_intr udpates;
Add type conversion as needed;
Coding style fixing.
V2-->V3:
Correct type conversion;
fls64 return INVALID_BIT_INDEX directly when
the input value is zero.
V3-->V4:
No updates for this part in PATCH V4.
Note: For instruction "bsrq", destination register value
is undefined when source register value is zero.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Change the return type of function fls and clz as uint16_t;
When the input is zero, INVALID_BIT_INDEX is returned;
Update temporary variable type and return value check of caller
when it call fls or clz;
When input value is zero, clz returns 32 directly.
V1-->V2:
INVALID_BIT_INDEX instead of INVALID_NUMBER;
Add type conversion as needed;
Add "U/UL" for constant value as needed;
Codeing style fixing.
V2-->V3:
Use type conversion to remove side effect of
the variable which stores fls/clz return value;
fls return INVALID_BIT_INDEX directly when the
input value is zero.
V3-->v4:
Clean up comments for fls.
Note: For instruction "bsrl", destination register value
is undefined when source register value is zero.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There are multiple helpers for collecting info to be printed on the ACRN uart
console. They are unreachable code in release builds in which the uart console
is removed.
To define a precise boundary for safety-related activities, this patch wraps the
declarations and definitions to these helpers with "#ifdef HV_DEBUG" so that
these unreachable APIs will be dropped in release builds.
v1 -> v2:
* Fix coding style: no empty lines between #ifdef and the wrapped code.
* Also drop get_rte_info() in ioapic.c, which is solely used by
get_ioapic_info().
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Similar to cr0/4:
- use context->vmx_ia32_pat to save/restore VMX_GUEST_IA32_PAT field
- use context->ia32_pat to keep track the guest' view of IA32_PAT MSR
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch makes use of IA32_PAT MSR to emulate cache disabled behaviour
When the guest is requesting to set CR0.CD:
- Keep guest's CR0.CD and CR0.NW bits unchanged
- Write IA32_PAT MSR with all-UC entries to change the effective memory
type for all GPA to UC for the guest VCPU
- It depends on trapping wrmsr to IA32_PAT to prevent any entry in
IA32_PAT being changed to non UC type by the guest
When the guest is requesting to clear CR0.CD:
- restore the content of guest's IA32_PAT MSR
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Preparing for emulating guest's CR0.CD and CR0.NW bits:
- Intercept both rdmsr and wrmsr for IA32_PAT
- Track guest's IA32_PAT MSR with vcpu.arch_vcpu.contexts.ia32_pat
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
enum cpu state is better than cpu state macro.
V1->V2:
move enum cpu_state under #ifndef ASSEMBLER MACRO to avoid
assembler compiler scan.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
We define attr.name in struct vm and named as ("vm_%d", attr.id). attr.name only
be used in debug tool vm_list. It does't deserve to do so in OS created flow
(aka function create_vm). It's better to handle this in vm_list tool.
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@inte.com>
struct map_params's member page_table_type is enum _page_table_type,
transferred it.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There are two prefix (aka TRC and TRACE) for trace event. This patch make all
the trace event prefix consist with TRACE.
No functional change.
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
operations
For reducing sign conversion in hypervisor:
Update parameters of bitmap operations as unsigned type;
Update the input of related caller as unsigned type when the
caller's input parameter is const variable or the variable is
only used by bitmap operations.
V1-->V2:
(1) Explicit casting for the first parameter
of all bitmap operations;
(2) Remove mask operation for explicit casting
of all bitmap operations, since masking is
useless. Otherwise, this trucation is dangerous.
V2-->V3:
(1) Explicit casting for all bitmap operations parameter;
(2) Masking bit offset with 6-bit;
(3) Add few comments about bit offset.
V3-->V4:
add '\' for some statement of bitmap macro
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The struct member types should be transfer to non-basic types,
chaned it to length-prefix(uint32_t,int32_t ...) type.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- replace 'strtol()' with 'strtol_deci()'
-- supports string with decimal format
- replace 'strtoul()' with 'strtoul_hex()'
-- support string with hex format
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
According intel mannual and ACPI mannual,lapic_id length is 1 byte.
V1->V2:
Add U suffix to the numeric when do arithmetic operation on lapic.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Later patch will refactor acrntrace to make trace data output as raw data(binary)
and introduce a new tool(acrntrace_format) to parse raw data to human-readable
file.
Adding nr of data and cpuid to trace_entry will make it easy for acrntrace_format
to parse data file and inditify which cpu this trace entry belong to.
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Reviewed-by: Yan, Like <like.yan@intel.com>
Reviewed-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
The local variable type should be transfer to non-basic type,
chaned it to length-prefix(uint32_t,int32_t ...) type.
Char *type or char array type which used to pointer a string
will be keeped.
V1->V2 add extra comments.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ACRN needs to trap the pm1a/pm1b written/read from VM0. So we
could know when should we put the system to S3.
We will have two path back to VM0:
- S3 enter/exit sucess. Will reset VM0 and jump to VM0 wakeup vec
with real mode
- S3 enter/exit failed. Will return to the next instruction of
pm1a/pm1b register writing. VM0 will read the pm1a/pm1b evt
register to check whether it's waked up or not.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Emulate VM0 resume from S3 state:
- reset BSP of VM0
- set the BSP entry to saved VM0 wakeup vec and set BSP to real mode
- start BSP
To match trampoline_spinlock release on ACRN Sx resume path, acquire
trampoline_spinlock if ACRN Sx enter fails.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
enter_s3 is main function for ACRN to enter S3 state with following
process:
- pause vm0
- save the wakeup vec of vm0 and set wakeup vec of ACRN. So
resume from S3 will jump to ACRN wakeup
- offline APs
- update the main entry of trampoline to resume entry. After BSP
is resume from S3, it will jump to resume entry instead of AP
startup routine
- turn off vmx
- suspend devices
- enter S3.
exit S3 with following process:
- release trampoline_spinlock which is hold in trampoline code
- resume devices
- enable vmx
- update the main entry of trampoline to AP startup routine.
- online APs.
The following operations will be resume vm0 which will be added
in next patch.
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Couple of small changes merged in this change:
- export main_entry, trampoline_spinlock and stop_cpus.
- change vm_resume() name to resume_vm()
- change resume_console_enable() name to resume_console()
- extend reset_vcpu to reset more fields of vcpu
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The S3 enter lowlevel routine saves the cpu context to memory
and enter S3 state
The S3 wakeup lowlevel routine restore cpu context and return.
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
We will add host_pm.h for ACRN power manager header file.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- add a commont head file include/common/irq.h, to include the common data
structure and APIs;
- move the common data struct and APIs from arch/x86/irq.h to the common header.
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA C required function return type should be consistented.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
It is already assumed that ''long'' has 8-bytes, and thus there is no need to
use ULL to indicate a 8-byte unsigned constant.
This patch changes all ULL suffixes found in the hypervisor to UL.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Snoop control is not supported in the graphics VT-d engine and so should
be disabled in the PTEs. Also enabled iommu for graphics in the
dmar_drhd array.
v2: removed disable iommu in handle_one_drhd and combined if cond.
v3: minor code review changes
v4: moved the snoop control change to ept.c to accomodate upstream changes
Signed-off-by: Anitha Chrisanthus <anitha.chrisanthus@intel.com>
Reviewed-by: Gong Zhipeng <zhipeng.gong@intel.com>
The for loop statement should work in both & and &&, but it seems
make more sense to have && when executing a condtion.
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
It could be also used by host as well. So we remove GUEST from
MACRO name
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
phys_cpu_num is more popular than phy_cpu_num, update them
through command.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Update the structure definition to define the address type
(HVA vs HPA vs GPA) explicitly.
Convert address to HVA before access the GPA/HPA type of address.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Before we set the page table, we should know the attribute. So
move configure the page table attribute outside of modify_paging.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA C doesn't allowed negative shift, changed any potential signed value
to unsigned value.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Vectors are unsigned integers now. This patch converts the vectors in struct
ptdev_msi_info to uint32_t so that all variables representing interrupt vectors
are aligned.
No other changes needed except the type declarators since the other functions
manipulating vectors already takes/returns uint32_t.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In the hypervisor, physical cpu id is defined as "int" or "uint32_t"
type in the hypervisor. So there are some sign conversion issues
about physical cpu id (pcpu_id) reported by static analysis tool.
Sign conversion violates the rules of MISRA C:2012.
In this patch, define physical cpu id as "uint16_t" type for all
modules in the hypervisor and change related codes. The valid
range of pcpu_id is 0~65534, INVALID_PCPU_ID is defined to the
invalid pcpu_id for error detection, BROADCAST_PCPU_ID is
broadcast pcpu_id used to notify all valid pcpu.
The type of pcpu_id in the struct vcpu and vcpu_id is "int" type,
this will be fixed in another patch.
V1-->V2:
* Change the type of pcpu_id from uint32_t to uint16_t;
* Define INVALID_PCPU_ID for error detection;
* Define BROADCAST_PCPU_ID to notify all valid pcpu.
V2-->V3:
* Update comments for INVALID_PCPU_ID and BROADCAST_PCPU_ID;
* Update addtional pcpu_id;
* Convert hexadecimals to unsigned to meet the type of pcpu_id;
* Clean up for MIN_PCPU_ID and MAX_PCPU_ID, they will be
defined by configuration.
Note: fix bug in the init_lapic(), the pcpu_id shall be less than 8,
this is constraint by implement in the init_lapic().
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
function definition in header file must be signed as static inline type
Signed-off-by: Cai Yulong <yulongc@hwtc.com.cn>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Per MISRA C, operands to bit-wise operations should have unsigned
types. However, C99 prioritizes to use signed integers for hexadecimal constants
without the 'U' suffixes, leading to tons of bit operations on signed integers.
This patch series add the 'U' suffixes to the constants which are used in bit
operations, and add the intended width of these integers when applicable
(i.e. the target value is at least 32-bit wide) to avoid functional differences
due to signed vs. unsigned extensions. The rule of thumb is:
'0' for signed char/short/int
'0U' for unsigned char/short/int
'0L' for signed long (should be 64-bit)
'0UL' for unsigned long (should be 64-bit)
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
MISRA C explicit required expression should be boolean when
in branch statements (if,while...).
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- when init, cr0 & cr4 should read from VMCS
- when world switch, cr0/cr4 read shadow should also be save/restore
v2:
- use context->vmx_cr0/cr4 to save/restore VMX_GUEST_CR0/CR4
- use context->cr0/cr4 to save/restore VMX_CR0/CR4_READ_SHADOW
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA C required that return value should be used, missing for it should
add "(void)" prefix before the function call.
Some function can be declared without return value to avoid this problem.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- this patch is to enable SMEP in hypervisor, SMEP protects
guests' memory from supervisor-mode instruction fetches,
in other words, hypervisor which operating in supervisor
mode can't fetch instructions from (guests' memory)
linear addresses that are accessible in user mode.
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Move common stuff, like ptdev entry and softirq, to new ptdev.c
Signed-off-by: Edwin Zhai <edwin.zhai@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This change is to fix a guest vm hang issue at vm reset, especially easy to
be seen when it's a watchdog timeout reset.
vlapic_init create and init vlapic.vlapic_timer without deleting the
timer from cpu_times list, which breaks the list, results in a timer remains
with callback points to an invalid location.
Acked-by: Eddie Dong <eddie.dong@intel.com>
Signed-off-by: Yan, Like <like.yan@intel.com>
These two functions will be called when ACRN enter/exit S3.
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Signed-off-by: Yan Like <like.yan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
They will be called when acrn enter S3.
NOTE: it's only needed for native BSP because all APs are offline.
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add a volatile declaration to pointer parameter to avoid compiler
to optimize it by using old value saved in register instead of
accessing system memory.
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The hardcoded CPU Px Cx table should be read only, so set them to static
and const for safety.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The pm S state data is from host ACPI info and needed for S3/S5
implementation.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
On some occations HV operates relying on host acpi info, we can use a
c file to store this data. The data could be hardcoded or use offline
tool that run on target first and then generate the file automatically.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Currently irq and vector numbers are used inconsistently.
* Sometimes vector or irq ids is used in bit operations, indicating
that they should be unsigned (which is required by MISRA C).
* At the same time we use -1 to indicate an unknown irq (in
common_register_handler()) or unavailable irq (in
alloc_irq()). Also (irq < 0) or (vector < 0) are used for error
checking. These indicate that irq or vector ids should be signed.
This patch converts irq and vector numbers to unsigned 32-bit integers, and
replace the previous -1 with IRQ_INVALID or VECTOR_INVALID. The branch
conditions are updated accordingly.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- Also update all the references that need the absolute HPA with the
actual load addresses
- Save the trampoline code address to trampline_start16_paddr
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
- For UEFI boot, allocate memory for trampoline code in ACRN EFI,
and pass the pointer to HV through efi_ctx
- Correct LOW_RAM_SIZE and LOW_RAM_START in Kconfig and bsp_cfg.h
- use trampline_start16_paddr instead of the hardcoded
CONFIG_LOW_RAM_START for initial guest GDT and page tables
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
in real mode part, add extra pointers for page tables and long jump buffer
so it's possible for HV code to patch the relocation offset
in long mode part, use absolute addressing when referring HV symbols,
and use relative addressing for symbols within trampoline code
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
emalloc_for_low_mem() is used if CONFIG_EFI_STUB is defined.
e820_alloc_low_memory() is used for other cases
In either case, the allocated memory will be marked with E820_TYPE_RESERVED
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
- vm_gva2gpa is same as gva2gpa, so replace it with gva2gpa directly.
- remove dead usage of vm_gva2gpa in emulate_movs.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
there are data transfer between guest virtual space(GVA) & hv(HVA), for
example, guest rip fetching during instruction decoding.
GVA is address continuous, but its GPA could be only 4K page address
continuous, this patch adds copy_from_gva & copy_to_gva functions by
doing page walking of GVA to avoid address breaking during accessing GVA.
v2:
- modify API interface based on new gva2gpa function, err_code added
- combine similar code with inline function _copy_gpa
- change API name from vcopy_from/to_vm to copy_from/to_gva
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
This patch drops "#include <bsp_cfg.h>" and include the generated config.h in
CFLAGS for the configuration data.
Also make sure that all configuration data have the 'CONFIG_' prefix.
v4 -> v5:
* No changes.
v3 -> v4:
* Add '-include config.h' to hypervisor/bsp/uefi/efi/Makefile.
* Update comments mentioning bsp_cfg.h.
v2 -> v3:
* Include config.h on the command line instead of in any header or source to
avoid including config.h multiple times.
* Add config.h as an additional dependency for source compilation.
v1 -> v2:
* No changes.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Cleanup "cpu_secondary_xx" in the symbols/section/functions/variables
name in trampline code.
There is item left: the default C entry is Ap start c entry. Before
ACRN enter S3, the c entry will be updated to high level S3 C entry.
So s3 resume will go s3 resume path instead of AP startup path.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
Linux commit edfe63ec97ed ("x86/mtrr: Fix Xorg crashes in Qemu sessions")
disables PAT feature if MTRR is not enabled. This patch does partial
emulation of MTRR to prevent this from happening: enable fixed-range
MTRRs and disable virable range MTRRs
By default IA32_PAT MSR (SDM Vol3 11.12.4, Table 11-12) doesn't include
'WC' type. If MTRR is disabled from the guests, Linux doesn't allow
writing IA32_PAT MSR so WC type can't be enabled. This creates some
performance issues for certian applications that rely on WC memory type.
Implementation summary:
- Enable MTRR feature: MTRRdefType.E=1
- Enable fixed range MTRRs: MTRRCAP.fix=1, MTRRdefType.FE=1
- For simplicity, disable variable range MTRRs: MTRRCAP.vcnt=0.
It's expected that this bit is honored by the guests and they won't
change the guest memory type through variable MTRRs.
Signed-off-by: bliu11 <baohong.liu@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- Add PAGING_REQUEST_TYPE_MODIFY_MT memory map request type
- Update map_mem_region() to allow modifying the memory type related
fields in a page table entry
- Add ept_update_mt()
- add modify_mem_mt() for both EPT and MMU
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- export start_cpus to start/online APs.
- Add stop_cpus to offline APs.
- Update cpu_dead to decrement running cpus number and do cleanup
for AP down
Signed-off-by: Yin Fegnwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
Change need_scheduled fileds of schedule context to flags because
it's not only used for need_schedule check.
Add two functions to request/handle cpu offline.
The reason we only handle cpu offline request in idle thread is
that we should pause the vcpu running on target pcpu. Then it's
only possible that target pcpu get cpu offline request in idle
thread.
Signed-off-by: Yin Fegnwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
To handle cpu down/up dynamically, arcn needs to support vmx off/on
dynamically. Following changes is introduced:
vmx_off will be used when down AP. It does:
- vmclear the mapped vcpu
- off vmx.
exec_vmxon_instr is updated to handle start and up AP both. It does
- if vmx was on on AP, load the vmxon_region saved. Otherwise,
allocate vmxon_region.
- if there is mapped vcpu, vmptrld mapped vcpu.
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Signed-off-by: Yin Fegnwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
Per performance consideration, we don't flush vcpu context when doing
vcpu swithing (because it's only swithing between vcpu and idle).
But when enter S3, we need to call vmclear against all vcpus attached
to APs. We need to know which vcpu is attached with which pcpu.
This patch introduced API to get vcpu mapped to specific pcpu.
Signed-off-by: Yin Fegnwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
current_vcpu is not correct when there are multi vcpus in one VM,
using it is in-correct, so remove it.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Retrieve dseed from SeedList HOB(Hand-Off-Block).
SBL passes SeedList HOB to ACRN by MBI modules.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Reviewed-by: Zhu Bing <bing.zhu@intel.com>
Reviewed-by: Wang Kai <kai.z.wang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The current implementation of per_cpu relies on several non-c99 features,
and in additional involves arbitrary pointer arithmetic which is not MIS-
RA C friendly.
This patch introduces struct per_cpu_region which holds all the per_cpu
variables. Allocation of per_cpu data regions and access to per_cpu vari-
ables are greatly simplified, at the cost of making all per_cpu varaibl-
es accessible in files.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Enable VMX vpid ctrl and assign an unique vpid to each vcpu
so that VMX transitions are not required to invalidate any
linear mappings or combined mappings.
SDM Vol 3 - 28.3.3.3
If EPT is in use, the logical processor associates all mappings
it creates with the value of bits 51:12 of current EPTP.
If a VMM uses different EPTP values for different guests, it may
use the same VPID for those guests. Doing so cannot result in one
guest using translations that pertain to the other.
In our UOS, the trusty world and normal world are using different
EPTP. So we can use the same VPID for it.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
We need know which tlb to flush: ept or vpid.
1. error handle for invept.
it's the same with invvpid error handle.
change its name to compatible with vpid.
2. the macro name for flush ept tlb request.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In current implementation, on sbl platform, vm0 bsp
starts from 64bit mode. And hv need to prepare init
page table for it.
In this patch series, on sbl platform, vm0 bsp starts
from non-paging protected mode.
This patch prepares an init gdt for vm0 bsp on sbl
platform.
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
Translate gva2gpa in different paging modes.
Change the definition of gva2gpa.
- return value for error status
- Add a parameter for error code when paging fault.
Change the definition of vm_gva2gpa.
- return value for error status
- Add a parameter for error code when paing fault.
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
Use # of paging level to identify paging mode
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
In current implemenation, cr0/cr4 host mask value are set
according to the value from fixed0/fixed1 values of cr0/cr4.
In fact, host mask can be set to the bits, which need to be trapped.
This patch, add code to support exiting long mode in CR0 write handling.
Add some check when modify CR0/CR4.
- CR0_PG, CR0_PE, CR0_WP, CR0_NE are trapped for CR0.
PG, PE are trapped to track vcpu mode switch.
WP is trapped for info of protection when paing walk.
NE is always on bit.
- CR4_PSE, CR4_PAE, CR4_VMXE are trapped for CR4.
PSE, PAE are trapped to track paging mode.
VMXE is always on bit.
- Reserved bits and always off bits are not allow to be set by guest.
If guest try to set these bits when vmexit, a #GP will be injected.
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
_Static_assert is supported in C11 standard.
Please see N1570(C11 mannual) 6.4.1.
replace _Static_assert with ASSERT.
Signed-off-by: huihuang shi <huihuang.shi@intel.com>
Hypercall will return errno to SOS (Now is linux kernel).
Let's define this more general.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
vm_attr_name, vm_state_info_privilege & vm_created are not used
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
vm_state_info in struct vm_arch is not used, remove it
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Guest CR3 read/write operations are not trapped.
Remove CR3 handling in cr_access_vmexit_handler.
Also remove unused API vmx_read_cr3.
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Move from vmexit.c to vmx.c
Declare the functions in vmx.h
Rename the functions' name with prefix vmx_.
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
There are some massages which is not fatal error but should to print
to serial and sbuf(hvlog) at the same time. pr_fatal is for fatal error
massages and it is not good choice for the situation above.
Introduce a new API pr_acrnlog to deal with the situation. And replace the
following printf with pr_acrnlog for massages should be print to sbuf and
serial. Then developers can get those massages on serial and BTM(Boot Time
Measurement) can use acrnlog to get those massages from sbuf.
BTM refers to Boot Time Measurement which will read acrnlog file to get
timestamps of steps we want.
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
When we create an UOS, we didn't indicate the vmid.
Thus we can't get the vm description for the vm
description array.
Instead we use a temporary vm description to save data to
fill the vm structure when crate an UOS. It's uselesss once
UOS has created. So we don't need to maintain vm description
array here for UOS.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Pointer arithmetic is currently used to calculate the address of a specific
Local Vector Table (LVT) register (except LVT_CMCI) in lapic, since the
registers are continuously placed with fixed padding in between. However each of
these registers are declared as a single uint32_t in struct lapic, resulting
pointer arithmetic on a non-array pointer which violates MISRA C requirements.
This patch refactors struct lapic by converting the LVT registers fields (again
except LVT_CMCI) to an array named lvt. The LVT indices are reordered to reflect
the order of the LVT registers on hardware, and reused to index this lvt array.
The code before and after the changes is semantically equivalent.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
use func vcpu_queue_exception for vcpu_inject_gp and exception_vmexit_handler.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Tian, Kevin <kevin.tian@intel.com>
add func vcpu_queue_exception to queue exception based on SDM Vol3 Table 6-5,
which may cause #DF or triple fault
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Tian, Kevin <kevin.tian@intel.com>
the pending_intr is not only serving for interrupt but also for different
request including TLB & TMR updating, so change the function & variants
name accordingly.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
It is an extension of GCC CPP to:
* allow omitting a variable macro argument entirely, and
* use ## __VA_ARGS__ to remove the the comma before ## __VA_ARGS__ when
__VA_ARGS__ is empty.
The only use of ## _VA_ARGS__ is to define the pr_xxx() macros, with the first
argument being the format string and the rest the to-be-formatted arguments. The
format string is explicitly spelled out because another macro pr_fmt() is used
to add to the format string a prefix which is customizable by defining what
pr_fmt() expands to.
For C99 compliance, this patch changes the pr_xxx() macros in the following
pattern.
- #define pr_fatal(fmt, ...) \
- do_logmsg(LOG_FATAL, pr_fmt(fmt), ## __VA_ARGS__); \
+ #define pr_fatal(...) \
+ do_logmsg(LOG_FATAL, pr_prefix __VA_ARGS__); \
Reference:
* https://gcc.gnu.org/onlinedocs/gcc/Variadic-Macros.html#Variadic-Macros
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
According to the syntax defined in C99, each struct/union field must have an
identifier. This patch adds names to the previously unnamed fields for C99
compatibility.
Here is a summary of the names (marked with a pair of *stars*) added.
struct trusty_mem:
union {
struct {
struct key_info key_info;
struct trusty_startup_param startup_param;
} *data*;
uint8_t page[CPU_PAGE_SIZE];
} first_page;
struct ptdev_remapping_info:
union {
struct ptdev_msi_info msi;
struct ptdev_intx_info intx;
} *ptdev_intr_info*;
union code_segment_descriptor:
uint64_t value;
struct {
union {
...
} low32;
union {
...
} high32;
} *fields*;
similar changes are made to the following structures.
* union data_segment_descriptor,
* union system_segment_descriptor,
* union tss_64_descriptor, and
* union idt_64_descriptor
struct trace_entry:
union {
struct {
uint32_t a, b, c, d;
} *fields_32*;
struct {
uint8_t a1, a2, a3, a4;
uint8_t b1, b2, b3, b4;
uint8_t c1, c2, c3, c4;
uint8_t d1, d2, d3, d4;
} *fields_8*;
struct {
uint64_t e;
uint64_t f;
} *fields_64*;
char str[16];
} *payload*;
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
According to the syntax defined in C99, each struct/union field must have an
identifier. This patch removes unnamed struct/union fields that can be easily
expressed in a C99-compatible way.
Here is a summary of structs/unions removed.
struct vhm_request:
union {
uint32_t type; uint32_t type;
int32_t reserved0[16]; => int32_t reserved0[15];
};
struct vhm_request_buffer:
struct vhm_request_buffer {
union { union vhm_request_buffer {
struct vhm_request ...; => struct vhm_request ...;
int8_t reserved[4096]; int8_t reserved[4096];
} }
}
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
According to the comments in hypervisor:
" This file includes config header file "bsp_cfg.h" and other
hypervisor used header files.
It should be included in all the source files."
this patch includes all common header files in hypervisor.h
then removes other redundant inclusions
Signed-off-by: Zide Chen <zide.chen@intel.com>
- move vmexit handling into vmexit_handler
- add error handling, failure will inject #GP
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
there are data transfer between guest(GPA) & hv(HPA), especially for
hypercall from guest.
guest should make sure these GPAs are address continous, but hv cannot
assure HPAs which mapped to these GPAs are address continous, for example,
after enable hugetlb, a contious GPA range could come from two different
2M pages.
this patch is handling such case by doing gpa page walking during
copy_from_vm & copy_to_vm.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
merge these two APIs to 'dump_intr_excp_frame'
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
rename intr_ctx to intr_excp_ctx
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
move intr_ctx to irq.h, delete intr_ctx.h
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Macro GEN_CASE in hypervisor is not used. It's just for userspcace tool
acrntrace and we get one copy of it in ./tools/acrntrace/trace_event.h.
So, remove it.
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Yan, Like <like.yan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Changes:
1. Move io request related functions from hypercall.c to io_request.c
since they are not hypercalls;
2. Remove acrn_insert_request_nowait() as it is never used;
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
rename atomic_cmpxchg_int to atomic_cmpxchg
replace atomic_cmpset_long with atomic_cmpxchg64
rename atomic_readandclear_long to atomic_readandclear64
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@Intel.com>
From now on, only plan to support atomic operation for int/long.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add set_memmaps hypercall to support multi regions memmap.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
allocated all pcpus to vm0 to handle possible AP wakeup flow for all cpus,
as we pass org ACPI table to VM0 - that means VM0 can see all CPUs.
SOS(VM0) start expected CPUs through "maxcpus=" kernel cmdline option.
During first hypercall from SOS, calling vm_fixup to free un-expect-enabled
vcpus from VM0.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
remove sipi_from_efi_boot_service_exit & efi_deferred_wakeup_pcpu workaround
for uefi boot flow
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
If the target is an array, then only the first element
will be copied.
So replace structure assignment with memcpy_s().
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Move all string operations functions into a single
source code file, instead of the various source
code files that just implement a single or few
function.
No functional change.
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now one uint64_t type is used to obtain the corresponding descriptor_table
for GDT/IDT. This will cause the stack protect corruption under -O2.
So the descriptor_table struct is added to configure the GDT/IDT of VMCS.
V1->V2: Move the descriptor_table into vmx.h header file
And its type is renamed from dt_addr_t to descriptor_table.
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The RFLAGS will be touched in some inline assembly.(exec_vmxon/
RFLAGS_RESTORE). The "cc" constraint should be added. Otherwise
it won't be handled under -O2 option.
And "%%XXX" register should also be added into constraints.
Otherwise it will be optimized incorrectly.
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add vlapic_create_timer/vlapic_reset_timer to setup/reset a timer.
Add vlapic_update_lvtt to disarm timer when mode changes.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
make the timer list be ordered to speed up expried timer
process and next timer event finding.
Add timer would not schedule timer unless it's the next
timer event.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The name of acrn_register is too generic, rename to acpi_generic_address
which is more common.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
V3->V4: Updated function/variable names for accurancy
V2->V3: Changed a few function/variable names to make it less confusing
V1->V2: removed the unneccesary cache flushing
- For UEFI boot, allocate memory for trampoline code in ACRN EFI,
and pass the pointer to HV through efi_ctx
- For other boot, scan E820 to allocate memory in HV run time
- update_trampoline_code_refs() updates all the references that need the
absolute PA with the actual load address
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
V2->V3: Fixed the booting issue on MRB board and removed the restriction
of allocate memory from address 0
1) Fix the booting from MRB issue
-#define CONFIG_LOW_RAM_SIZE 0x000CF000
+#define CONFIG_LOW_RAM_SIZE 0x00010000
2) changed e820_alloc_low_memory() to handle corner case of unaligned e820 entries
and enable it to allocate memory at address 0
+ a length = end > start ? (end - start) : 0;
- /* We don't want the first page */
- if ((length == size) && (start == 0))
- continue;
3) changed emalloc_for_low_mem() to enable to allocate memory at address 0
- /* We don't want the first page */
- if (start == 0)
- start = EFI_PAGE_SIZE;
V1->V2: moved e820_alloc_low_memory() to guest.c and added the logic to
handle unaligned E820 entries
emalloc_for_low_mem() is used if CONFIG_EFI_STUB is defined.
e820_alloc_low_memory() is used for other cases
In either case, the allocated memory will be marked with E820_TYPE_RESERVED
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
- rename it to 'io_shared_page' to keep consistent
with ACRN HDL foils.
- update related code that reference this data structure.
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
with this patch guest could access idle io port and enter idle normally.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
The patch add function in vhm hypercall to retrieve physical cx data
to VHM/DM.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
Each VM would have its own Cx data, for now we copy it from boot_cpu_info.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
The cx data is hardcoded within HV, load it to boot_cpu_data when HV boot.
The patch provide a3960 soc cx data for example.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
currently, pass-thru devices are managed by per-vm's remapping entries
which is virtual based:
- MSI entry is identified by virt_bdf+msix_index
- INTx entry is identified by virt_pin+vpin_src
it works but it's not a good design for physical resource management, for
example a physical IOAPIC pin could belong to different vm's INTx entries,
the Device Model then must make sure there is no resource conflict from
application's level.
This patch change the design from virtual to physical based:
- MSI entry is identified by phys_bdf+msix_index
- INTx entry is identified by phys_pin
The physical resource is directly managed in hypervisor, a miss adding
entry will be found by hypervisor and return error message with failure.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
add initialize_timer to initialize or reset a timer;
add_timer add timer to corresponding physical cpu timer list.
del_timer delete timer from corresponding physical cpu timer list.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Get tsc hz by cpuid 0x15 if we supported, otherwise
calibrate tsc by pit timer.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The input operand for inline assembly is passed from the caller. And they
are not the immediate type. Instead the register should be used.
This also helps to reduce the compile error if the optimizatin is enabled.
Signed-off-by: Zhao Yakui<yakui.zhao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now just add some basic feature/capability detect (not all). Vapic
didn't add here for if we must support vapic then the code which
for vapic not supported must remove, like mmio apic r/w.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Split pm.c from cpu_state_tbl.c to put guest power management related
functions, keep cpu_state_tbl.c to store host cpu state table and
related functions.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
adding "hugepagesz=1G" and "hugepages=X" into SOS cmdline, for X, current
strategy is making it equal
e820_mem.total_mem_size -CONFIG_REMAIN_1G_PAGES
if CONFIG_REMAIN_1G_PAGES is not set, it will use 3 by default.
CONFIG_CMA is added to indicate using cma cmdline option for SOS kernel,
by default system will use hugetlb cmdline option if no CONFIG_CMA defined.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
change its input from map_params to page_table_type, and make it as a
public API.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
1. exception vector and other information
can be extracted from 'VM-Exit Interrupt-Information'
field of VMCS only if bit31 (Valid) is set.
-Intel SDM 24.9.2, Vol3
2. Rename 'exit-interrupt_info' to 'idt_vectoring_info'
in 'struct vcpu_arch', which is consistent with
SDM 24.9.3, Vol3
3. 'IDT-vectoring information' in VMCS is 32bit
-Intel SDM 24.9.3, Vol3
Update the type of 'idt_vectoring_info' in
'struct vcpu_arch'from 'uint32_t' to 'uint64_t'.
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
If subsequent write is on the same address, maybe the compiler will optimize
the access of MMIO memory and only the last write takes effect.In such case
it is wrong. For example:
mmio_write_long(0x25, addr);
mmio_write_long(0x26, addr);
mmio_write_long(0x27, addr);
After volatile is added, it can avoid the above possible optimization and
assure that each write takes effect.
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The mmio_or_long/mmio_and_long/mmio_rmw_long is defined to perform
the read & write operation. But they are not used. So they are removed.
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
These APIs are not used, and not as safe as spinlock_irqsave_obtain/
spinlock_irqrestore_release.
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Before referencing to physical address of devs such as lapic, ioapic,
vtd, and uart, switch to virtual address.
Use a phisical address of pml4 to write CR3.
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
SDM 24.9.1 Volume3:
- 'Exit reason' field in VMCS is 32 bits.
SDM 24.9.4 in Volume3
- 'VM-exit instruction length' field
in VMCS is 32 bits.
This patch is to redefine the data types of above fields
in 'struct vcpu_arch' and udpate the code using these
two fields.
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Update X86_FEATURE_OSXSAVE when enabled and replace is_xsave_supported
with cpu_has_cap(X86_FEATURE_OSXSAVE).
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add cpu_has_cap API for cpu feature/capability detect instead of
add get_xxx_cap for each feature/capability detect.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
remove data defination of mmio_addr_t, vaddr_t, paddr_t,
and ioport_t.
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Using ebx will truncate the high 32bit part of 64bit virtual address.
So using rbx instead of ebx.
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Reviewed-by: Yakui, Zhao <yakui.zhao@intel.com>
This address maybe invalid if a hostile address was set
in hypercall 'HC_SET_IOREQ_BUFFER'.it should be validated
before using.
Update:
-- save HVA to guest OS's request buffer in hyperviosr
-- change type of 'req_buf' from 'uint64_t' to 'void *'
-- remove HPA to HVA translation code when using this addr.
-- use error number instead of -1 when return error cases.
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Before copy data between guest and host, should convert the GPA
to HVA and do the copy.
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Reviewed-by: Chen, Jason Cl <jason.cj.chen@intel.com>
Reviewed-by: Yakui, Zhao <yakui.zhao@intel.com>
- change the input param of check_page_table_present from struct map_params
to page_table_type
- check EPT present bits misconfiguration in check_page_table_present
- change var "table_present" to more suitable name "entry_present"
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Tian, Kevin <kevin.tian@intel.com>
check IA32_VMX_EPT_VPID_CAP MSR to see if ept execution only capability
is supported or not
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Tian, Kevin <kevin.tian@intel.com>
cpu_halt actually mean cpu dead in current code, so change it with
more clear name.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Tian, Kevin <kevin.tian@intel.com>
use pcpu_active_bitmap presents which cpu is active
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Tian, Kevin <kevin.tian@intel.com>
Now the MACRO SECURE_WORLD_ENABLED (1<<0)
Change it to 64 bit data
SECURE_WORLD_ENABLED (1UL<<0)
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Before this patch, guest temporary page tables were generated by hardcode
at compile time, HV will copy this page tables to guest before guest
launch.
This patch creates temporary page tables at runtime for the range of 0~4G,
and create page tables to cover new range(511G~511G+16M) with trusty
requirement.
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
eptp should be record as PA.
this patch changed nworld_eptp, sworld_eptp and m2p eptp to PA type,
necessary HPA2HVA/HVA2HPA transition is used for them after the change.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- read/write page table entries should use VA which defined as "void *"
- the address data in page table entries should us PA which defined as
"uint64_t"
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Currently acrn partitions cpus between SOS and UOS, so the default
policy is to allow guest managing CPU px state. However we would
not blindly passthrough perf_ctrl MSR to guest. Instead guest access
is always trapped and validated by acrn hypervisor before forwarding
to pcpu. Doing so leaves room for future power budget control in
hypervisor, e.g. limiting turbo percentage that a cpu can enter.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
We can use this interface for VHM to pass per-cpu power state data
to guest per its request.
For now the vcpu power state is per-vm, this could be changed if
per-cpu power state support is required in the future.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
The vm px info would be used for guest Pstate control.
Currently it is copied from host boot cpu.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
The patch takes Intel ATOM A3960 as example that hard code all Px info
which is needed for Px control into Acrn HV and load it in boot process.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
The cpu model name would be used to distinguish which hard coded data
need to be loaded to boot_cpu_data;
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
- remove unused map_params in get_table_entry
- add error return for both, which is valid under release version,
as at that time, ASSERT in get_table_entry is empty.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
add error return for all, which is valid under release version,
as at that time, ASSERT in modify_paging is empty.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Documentation for parameters must match exactly in spelling and case.
Parameter named "vcpu" was incorrectly documented as "VCPU", and
parameter named "param" was documented as "param's".
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Add check_continuous_hpa API:
when create secure world,if the physical
address is not continuous, will assert.
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch added API destroy_secure_world, which will do:
-- clear trusty memory space
-- restore memory to SOS ept mapping
It will be called when VM is destroyed, furthermore, ept of
Secure world will be destroyed as well.
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
--add free_paging_struct api, used for free page tables
it will clear memory before free.
--add HPA2HVA translation when free ept memory
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Per SDM Vol. 2:
If CPUID.80000008H:EAX[7:0] is supported, the maximum physical address
number supported should come from this field.
This patch gets the maximum physical address number from CPUID leaf
0x80000008 and calculates the physical address mask when the leaf is
available.
Currently ACRN does not support platforms w/o this leaf and will panic
on such platforms.
Also call get_cpu_capabilities() earlier since the physical address mask
is required for initializing paging.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Per SDM:
When CPUID executes with EAX set to 80000000H, the processor returns
the highest value the processor recognizes for returning extended
processor information. The value is returned in the EAX register and is
processor specific.
This patch caches this value in the global cpuinfo_x86.cpuid_leaves. This
value will be used to check the availability of any CPUID extended
function.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
enable Xsave feature and pass-through it to guests
update based on v2:
- enable host xsave before expose it to guests.
- add validation for the value to be set to 'xcr0' before call xsetbv
when handling xsetbv vmexit.
- tested in SOS guest, created two threads to do different
FP calculations,test code runs in user land of sos.
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
According to C99:
The empty list in a function declarator that is not part of a definition of
that function specifies that no information about the number or types of the
parameters is supplied.
This means gcc is happy with the following code, which is undesirable.
void foo(); /* declaration with an empty parameter list */
void bar() {
foo(); /* OK */
foo(1); /* OK */
foo(1, 2); /* OK */
}
This patch fixes declarations of functions with empty parameter lists by adding
an unnamed parameter of type void, which is the standard way to specify that a
function has no parameters. The following coccinelle script is used.
@@
type T;
identifier f;
@@
-T f();
+T f(void);
New compilation errors are fixed accordingly.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Save the pointer of efi_ctx in mi_drivers_addr field of
multiboot structure and pass to hypervisor, not by
saving in register RDX(the third default parameter in
64bit call function).
With this method, we can be compatible with the original
32bit boot parameters passing method and no need to
large the array size of boot_regs in hypervisor.
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
With current code, the acrn.efi is inserted between
cl bootloader.efi and bzImage.efi that destroyed the chain
relationship of cl bootloader and cl bzImage.efi.
And the following is current boot flow:
UEFI -> cl bootloader.efi -> acrn.efi -> bzImage.efi
The purpose of this patch is resume above chain relationship,
and make uefi vm return to efi stub context once launched,
then continue to call the UEFI API(LoadImage/StartImage) to launch
cl bootloader or other bootloaders. So the boot flow will
change to be as below:
UEFI -> acrn.efi -> cl bootloader.efi -> bzImage.efi
After applying this patch, the code related to loading
bzImage.efi and getting pe_entry is unnecessary due to
the bzImage.efi will not be launched by acrn.efi directly,
so it is removed.
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
With current code, memcpy rsdp to 0x500 maybe overwrite uefi
code/data region.
So remove the legacy BIOS deliver method of RSDP, which need copy
the RSDP to EBDA space which is addressed by the 16bit pointer
at 0x40E or upper memory BIOS space 0xe0000-0xfffff. And just
deliver the pointer of RSDP, which is already saved in UEFI system
table, to hypervisor.
Create a function named efi_init() to separate efi initialize code.
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
For trusty bring-up, key_info is needed.
Currently, bootloader did not transfer key_info to hypervisor.
So in this patch, use dummy key_info temporarily.
Derive vSeed from dSeed before trusty startup, the vSeed will
bind with UUID of each VM.
Remove key_info from sworld_control structure.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
UOS_Loader will trigger boot of Trusty-OS by HC_INITIALIZE_TRUSTY.
UOS_Loader will load trusty image and alloc runtime memory for
trusty. UOS_Loader will transfer these information include
trusty runtime memory base address, entry address and memory
size to hypervisor by trusty_boot_param structure.
In hypervisor, once HC_INITIALIZE_TRUSTY received, it will create
EPT for Secure World, save Normal World vCPU context, init
Secure World vCPU context and switch World state to Secure World.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
For ARM, The SMC instruction is used to generate a synchronous
exception that is handled by Secure Monitor code running in EL3.
In the ARM architecture, synchronous control is transferred between
the normal Non-secure state and the Secure state through Secure
Monitor Call exceptions. SMC exceptions are generated by the SMC
instruction, and handled by the Secure Monitor.The operation of
the Secure Monitor is determined by the parameters that are passed
in through registers.
For ACRN, Hypervisor will simulate SMC by hypercall to switch vCPU
State between Normal World and Secure World.
There are 4 registers(RDI, RSI, RDX, RBX) reserved for paramters
passing between Normal World and Secure World.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
this patch is a preparation for changing ptdev remapping entry from
virtual to physical based, it changes the ptdev_lock from per-vm to
global, as entries based on physical mode are global resource.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
this patch is a preparation for changing ptdev remapping entry from
virtual to physical based, it changes the ptdev_list from per-vm to
global, as entries based on physical mode are global resource.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
ASSERT is only for debug purpose, for release version, it should try
error handling instead of deadloop there.
v1:
- change the ASSERT under release version to empty code
TODO: revise all ASSERT usage
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong (Eddie.dong@intel.com)
Generate all common virtual cpuid entries for flexible support of
guest VCPUID emulation, by decoupling from PCPUID.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Chen, Jason CJ <jason.cj.chen@intel.com>
microcode update from UOS is disabled.
microcode version checking is available for both SOS and UOS.
There are two TODOs of this patch:
1. This patch only update the uCode on pCPUs SOS owned. For the
pCPUs not owned by SOS, the uCode is not updated. To handle
this gap, we will have SOS own all pCPUs at boot time. So
all pCPUs could have uCode updated. This will be handled
in the patch to enable SOS own all pCPUs at boot time.
2. gva2gpa now doesn't check possible page table walk failure.
Will add the failure check in gva2gpa in different patch.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Reviewed-by: Anthony Xu (anthony.xu@intel.com)
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Tian, Kevin <kevin.tian@intel.com>
Add a global boot_cpu_data to cache common cpu capbility/feature
for detect cpu capbility/feature.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
this patch is to detect and enable only APICv features which
are actually supported by the processor, instead fo tuning on
all features by default.
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
this patch save native lapic configuration and restore it to vm0's vlapic
before its running, then doing hpet timer interrupt injection through vlapic
interface -- this will not mess up vlapic and we can see hpet
timer interrupt coming continuously.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
we added uefi stub for hv, and want vm0 continue running under uefi env to
boot other uefi payload (osloader or bzImage).
during this, the uefi timer irq need be handled elegantly.
there are 3 types for uefi timer:
1. 8254 based on IRQ0 of PIC
2. HPET based on IOAPIC
3. HPET based on MSI
currently, we only support type 3 (HPET+MSI). But we are following a
in-correct flow to handle this timer interrupt:
- we set VMX_ENTRY_INT_INFO_FIELD directly if a timer interrupt happened
before vcpu launching, this will make its vlapic mess up, which finally
cause hpet timer stop.
this patch remove this in-correct approach, the new approach patch will
be followed by next patch.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
According to the explaination for pref_address
in Documentation/x86/boot.txt, a relocating bootloader
should attempt to load kernel at pref_address if possible.
But due to a non-relocatable kernel will unconditionally
move itself and to run at perf address, no need to copy
kernel to perf_address by bootloader.
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
1. refine multiboot related code, move to /boot.
2. firmware files and ramdisk can be stitched in iasImage;
and they will be loaded as multiboot modules.
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Add 'CPU_PAGE_MASK' used for calculate address,
Change IA32E_REF_MASK from 0x7ffffffffffff000 to 0x000ffffffffff000
for MMU/EPT entry, bit62:52(ignore) bit63(VE/XD)
if we want to obtain the address from the MMU/EPT entry,need to clear
bit63:52 by IA32E_REF_MASK
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
add key info structure
add sworld_eptp in vm structure, and rename ept->nworld_eptp
add secure world control structure
Change-Id:
Tracked-On:220921
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
