CVE# CVE-2021-23905
Add Null pointer check in init vq ring and add vq ring descriptor
check in case cause Nullpointer exception.
Tracked-On: #5355
Signed-off-by: Liu Long <long.liu@intel.com>
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
CVE# CVE-2021-23904
We can only call these callbacks when they are not NULL.
Tracked-On: #5342
Signed-off-by: Jie Deng <jie.deng@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
The trb pointer may be NULL when get the address from user space, add
the pointer check before use the trb.
Tracked-On: #6172
Signed-off-by: Liu Long <long.liu@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
With virtio polling mode enabled, a timer is running in the virtio
backend service. And the timer will also be triggered if its frondend
driver didn't do the device reset in shutdown. A freed virtio device
will be accessed in the polling timer handler.
Do the virtio reset() callback specifically to clear the polling timer
before the free.
Tracked-On: #6147
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Only free rb_entry when we remove this entry from the rb tree, otherwise, a
page fault would trigger when next rb itreation would access the freed rb_entry.
Tracked-On: #6056
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Refine the DPRINTF/WPRINTF to pr_* based log interface for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Refine the DPRINTF/WPRINTF to pr_* based log interface for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Refine the UPRINTF to pr_* based log interface for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Refine the DPRINTF/WPRINTF to pr_* based log interface instead of printf directly.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Unifies the logs to pr_* interfaces instead of printf for better log management.
Tracked-On: #5267
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Reviewed-by: Chi Mingqiang <mingqiang.chi@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Some passthrough devices have no reset mechanisms which cause the device stay
in unknown status during boot/reboot flow. And such unknown status cause
unexpected behaviors in the guest. Except the ordinary reset mechanisms
like FLR, we can utilize enter/exit D3cold as the reset that D3cold will
power gate the entire hardware. But the D3cold is implemented as ACPI
method which has no user interface in the SOS side. But the D3cold is
implemented as ACPI method which has no user interface in the SOS side.
But base on our experience, some devices can utilize D3hot instead of
D3cold. But it is not useful for all PCI devices as the power status
of D3hot is implementation defined.
Provide one new API to program PowerState(D0/D1/D2/D3hot) in PMCSR
register.
Add "d3hot_reset" sub-parameter for passthrough device to enable utilize
enter/exit D3hot flow to implement reset mechanisms.
Tracked-On: #5067
Signed-off-by: Long Liu <long.liu@intel.com>
Reviewed-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Fix XHCI_GET_SLOT macro check slot valid function, when the
slot value is bigger than XHCI_MAX_SLOT set the slot value
to zero.
Tracked-On: #4711
Signed-off-by: Long Liu <long.liu@intel.com>
Reviewed-by: Yuan Liu <yuan1.liu@intel.com>
There is fd leakage during guest OS rebooting process, and this is
a WA patch to fix it. Formal patch will be made later.
Tracked-On: #4897
Signed-off-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
From xHCI spec 4.5.3.2, the only command that software is
allowed to issue for the slot in disabled state is the Enable
Slot Command. Drop other commands in command handle function.
Tracked-On: #4711
Signed-off-by: Long Liu <long.liu@intel.com>
Reviewed-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Don't hardcode install paths. Instead of hardcoding where binaries are
installed, add variables that installer can override.
Tracked-On: #4864
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Naveen Saini <naveen.kumar.saini@intel.com>
- Add Platform GOP Policy
- Add MemoryFence to AcrnEmuVariableFvbRuntimeDxe
- UefiCpuPkg/CpuExceptionHandlerLib: Fix split lock
- OvmfPkg/SataControllerDxe: Calculate ChannelCount based on PI value
Tracked-On: #4866
Signed-off-by: Peter Fang <peter.fang@intel.com>
- re-arange the code to make static code analysis tool happy.
- If no valid conversion could be performed, a zero value is returned
(0L) from strtol(), so add a sanity check "isdigit(cp[0])" to ensure
that it won't unexpectedly parse CPU 0 if the string starts or ends
with the valid delimiters ',' or '-', for example:
-- cpu_affinity 1,
-- cpu_affinity ,1
Tracked-On: #4616
Signed-off-by: Zide Chen <zide.chen@intel.com>
The shared memory will be created when a post-launched VM which
specified ivshmem v1 device starts, the same shared memory name
will only create a shared memory region.
The shared memory will be removed when all post-launched VMs
that opened it close the shared memory object.
v2: Support one post-launched VM can configure multiple ivshmem
devices
Tracked-On: #4853
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Support shared memory based inter-vm communication for ACRN
post-launched VMs. The ivshmem mediator emulates one standard
PCI device which expose the shared memory region through its BAR2.
The shared memory region is allocated through Linux shm mechanism and
post-launched VM needs to specify the shm name and size as the acrn-dm
parameter, the VMs have same shm name parameter can communicate over
the shared memory.
For first stage, only support shared memory. Consider to support
notification(interrupt) in future.
To add a ivshmem device in device model, the usage as below
-s N,ivshmem,shm_name,shm_size
v2: Implement the ivshmem MMIO registers emulation
v3: Refine code style
Add ivshmem device usage
Refine MMIO register return value
v4: Refine comments
Use logger interfaces to print logs
Tracked-On: #4853
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
This reverts commit 59e2de4805.
Since PSDS table format does not meet the expectations on all boards
providing a PSDS, such as e.g. Kontron COMe-mAL10 based boards, remove
exposure of PSDS table for now.
Tracked-On: #4846
Signed-off-by: Helmut Buchsbaum <helmut.buchsbaum@opensource.tttech-industrial.com>
To remove the limit of 4MB ramdisk size simply adjust layout
dynamically according to ramdisk size rounded up to a 4K boundary.
This enables ramdisk based virtual machines which tend to have
large ramdisk memory requirements (128MB and above).
Tracked-On: #4840
Signed-off-by: Helmut Buchsbaum <helmut.buchsbaum@opensource.tttech-industrial.com>
Since zlib is not used, remove linking to it. This reduces build
dependencies.
Tracked-On: #4838
Signed-off-by: Helmut Buchsbaum <helmut.buchsbaum@opensource.tttech-industrial.com>
Currently the class type of igd_lpc bridge PCI device is not initialized.
In such case the guest driver doesn't detect the platform correctly when it
is in GVT-d mode. Then the linux i915 driver can't work.
Tracked-On: #4745
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
Currently the DM will return the passthrough device to SOS when the DM
needs to be terminated. But the device is not reset. In such case it
will cause the garbage display issue when the GPU passthrough device
is returned.
Tracked-On: #4719
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
1. not need 'clean' when building ACRN-HV/DM each time
2. correct efi-stub wrong dependency
Tracked-On: #2412
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
add logs for vm state transition to help
analyze some problems.
Tracked-On: #4098
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
The 'pause/continue' acrnctl cmd is never used and their action are not
defined for ACRN VMs. Devicemodel minitor doesn't need to handle these 2
msg, should be removed.
Tracked-On: #4790
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Yan, Like <like.yan@intel.com>
Remove the 'p' argument from the list as it is now obsolete and there is no
implementation for it in the code.
Tracked-On: #4732
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Passthroughed devices won't be restored back to SOS once launch
script exits by default. However you could revert this behavior
by specifying '-r' parameter if you want.
Tracked-On: #4514
Signed-off-by: Tw <wei.tan@intel.com>
EHL graphics data stolen memory(DSM) info has diff with KBL/WHL,
which includes two parts:
(1) DSM register location in pci config: on KBL/WHL, the register
locates on 0X5C, while on EHL, the register locates on 0xC0.
(2) DSM address length: On KBL/WHL,
DSM addr has 32 bits, while on EHL,DSM addr has 64 bits.
Here, refine graphics data stolen memory passthru to enable GVT-d on EHL platforms.
v3 -> v4:
* add MICRO INTEL_ELKHARTLAKE
v2 -> v3:
* refine discription,MICRO name
* refine code style
v1 -> v2:
* add callback functions for scalability
Tracked-On: projectacrn#4700
Signed-off-by: Junming Liu <junming.liu@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Liu XinYun <xinyun.liu@intel.com>
Reviewed-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Pack GPU DSM(Data Stolen Memory) and Opregion related operations
into function passthru_gpu_dsm_opregion to avoid passthru_init too mess.
Tracked-On: #4700
Signed-off-by: Junming Liu <junming.liu@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Liu XinYun <xinyun.liu@intel.com>
Reviewed-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
